last executing test programs:

1m16.219923493s ago: executing program 1 (id=558):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(0x0)
r0 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000080)=0x1c)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000100)={"d6480104df2c17002100", 0x0, <r1=>0x0, {0x2, 0x10}, {0xfffffffffffffffe, 0x7}, 0xf, [0x3ff, 0x5, 0x0, 0x7, 0xc15, 0x7, 0xdca, 0x7470, 0xc8df, 0x7, 0x2, 0x4000000000040, 0x8000000000000001, 0xff, 0x5, 0x4]})
ioctl$BTRFS_IOC_WAIT_SYNC(r0, 0x40089416, &(0x7f0000000200)=r1)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0xfffffffffffffffe}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$bt_hci(r3, 0x0, 0x1, 0x0, &(0x7f0000000080)=0x2)
read$msr(r2, &(0x7f0000032680)=""/102376, 0x18fe8)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000380)={0x0, 0x6, &(0x7f0000001200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="000000000900020053797a310000000808004100736977001400330e73797a6b616c6c65723037828cc196741d6cabda7a061e94b7e850ca151a75fc23d990477c6b7e28ee9d368157782190ba637d2a7a4e72f2abbd84b789cedb4caa96f768fb0fc4686394a59c43c9426b7182a8956bb0e47c9a2ca559d9815d5897fcf868830b69c60e665f5613a2112b4ada1916f147a73625"], 0x38}}, 0x0)
poll(0x0, 0x0, 0x6)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r7, r6, &(0x7f0000002080)=0x64, 0x23b)
open(&(0x7f0000000080)='./bus\x00', 0x143c62, 0x0)
mount(&(0x7f00000001c0)=@sg0, &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
write$sysctl(r7, 0x0, 0x0)
open(&(0x7f00000002c0)='./bus\x00', 0xec902, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'})
openat(0xffffffffffffff9c, 0x0, 0x20842, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))

1m14.892594755s ago: executing program 1 (id=563):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ab9fd540501d6f60d414000000010902120001000040000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000780)={0x2c, &(0x7f00000006c0)={0x0, 0x9, 0xc, "cd8fc54213ffd30fac5ad3d0"}, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdir(&(0x7f0000000540)='./file0\x00', 0xd0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xf, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd, @generic={0x2c}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9}, @exit, @tail_call]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000000)={{0x3}})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001740)={&(0x7f0000001600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x4, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x43000000}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x2, 0x1}]}]}, {0x0, [0x0, 0x2e]}}, 0x0, 0x40, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(0xffffffffffffffff, 0x80e85411, &(0x7f00000022c0))
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018000280140003"], 0x50}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x6, 0x2d, 0x0, 0x0)

1m11.027325694s ago: executing program 1 (id=574):
socket$nl_route(0x10, 0x3, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000001880), 0x0, 0x0)
r0 = syz_io_uring_setup(0x16e, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000001240)=<r1=>0x0, &(0x7f0000001340)=<r2=>0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, 0xffffffffffffffff, 0x0)
add_key(&(0x7f0000000000)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$MPTCP_PM_CMD_REMOVE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, 0x0, 0x1, 0x0, 0x0, {0x4}}, 0x14}, 0x1, 0xfcffffff00000000}, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)

1m10.396569724s ago: executing program 1 (id=578):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000600)=[{&(0x7f0000000200)="f6", 0x1}], 0x1, 0x4)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
splice(r0, 0x0, r3, 0x0, 0x80000002, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x73)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000001140)={0x8000, "f9c3e1ef4512020b99e31d4ad74a158373ed76c643b41343ef9caa4755b39d8a"})
r5 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(r5, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x1000)
write(0xffffffffffffffff, &(0x7f0000000000)="1c0000001a005f0414f9f40700090400810080", 0x13)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r7, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r10=>0x0})
sendto$packet(r9, &(0x7f0000000100)="bb", 0x1, 0x0, &(0x7f0000000200)={0x11, 0x8100, r10, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendmsg$inet(r4, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @multicast2}, 0x10, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c068c0a7d2eaebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838029f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_tos_u8={{0x11, 0x29, 0x43}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}], 0x50}, 0x0)
syz_emit_ethernet(0x11f, &(0x7f0000000c40)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd6000000000e93afffe880000000000000000000000000001fe"], 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8924, &(0x7f00000011c0)={'pimreg1\x00', @random="df04aaff1ebf"})

1m10.103753156s ago: executing program 1 (id=579):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000001000), 0x2, 0x0)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000040)={0x2, 0x100, 0x7, {0x3, 0xda2, 0x4}})
sched_rr_get_interval(0x0, &(0x7f0000000180))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x410000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x0)
r3 = io_uring_setup(0x4b2f, &(0x7f0000000200)={0x0, 0xa5e, 0x1000, 0x3, 0xc2})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000000)=[{&(0x7f0000001700)=""/4095, 0xfff}], 0x1)

1m8.865683413s ago: executing program 1 (id=585):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xd}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x40400)

1m8.379089589s ago: executing program 32 (id=585):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xd}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x40400)

17.104450782s ago: executing program 5 (id=765):
fanotify_init(0x9ced63ab84936787, 0x101000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000c401"])
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
write$binfmt_script(r4, &(0x7f00000001c0)={'#! ', './file0', [{0x20, '(@@'}, {}], 0xa, "c02c3f6c51dd089d5be88afcea7ed770986454f2ffdec5671f26e9aa1c6ef6061170c346fc050717ded87ee03be9d2e658794ba649ced842ab17c6d00ad0a6e05346fef1e22ace22362a63f564fdaaa878a29dc35aaeac544d9c9367bbe5ffaaa3ac92e8c28380d3fd32daba74654abcc4310d712e879d36e2dfa9a37cd959c8c9a87b7b989d25f8cfc74a35ef6791b0e5daafeb93465c491fcae4f3b46a5564dae5e28e00487869233e78c3ff0031194486b4d4da5f6e72db95349a15da579af39dc4b08b44b58b1b4981b6bc5c6e92cd5cdee839a4b33df4637eecb1a0e99c5c66666bc7bb3b0c19527f5b6235beba12cdf6ca8bf49ff1949687ce4ca14147e87b7ab685f97e1bd5c51636cb58c415b3b27fb7195c63d7b021549a9f13440cec7ba69bc090509f5fd32900bdb7323284405d64082718a00b3aee5aff05ba9a5a6ca6584154ed99adb8ef45066be605bc60e76bb151a5c881c6fdc5e852aadf2c307c5d74f5782697389bd2a16baa8c453189d3d2399aa53a6bd01e7d45a40e5689db133659dea82c58cd049d435270a618864dfc66b2b2c2366951ffe13d92ff4fdc05f453d420747c0630b404e6b9767535ea1f89e3eaeb790f39829f1a679ee419da4809e7870b9f2b2d14b16dea9a8aa529909ac2738790da4b87ce5adf824feda947ca1ee407490db84de774d6f06ddecbe17aa1d4bd0614a42dbb674bd9be70f49a25a6b8ff74dcbb53af7ca35cce7f5550ef45cbe2e85ab3f07e7a0b53f9a00b181c39dc13fbc621ad9ed8e8e39a711d450fffbecc3f743a01baf924c1ae3ea2943af5beac2a79e066e639c054fc4922f46ae9187dfc15a7254413a731fccc3949b9ee00b00cc3e744bfc3424481227c3b3a5c984c80e2b7409871bcfd097785d8da51787eb94b0b08502bfd87a13024e10e9b8ac0f229d8d44324a5b6a4096978ca88e9dc252bce4fa989b5349c1237b4a0a822bd07e4c216b4af8a65095df76ea05de01dc633849ecc5cdf99ab564861e640c967b542a7066d79369215053dc6b692923ad2c5cab3187f40b9323b80efa3143eaeeb3dc122a24b4fbcd2fbdf1459e4c51336ca13a55fd5acd18d934a540998814d340ef295aa4a6f41207f0a99067a6114639f160f5e11486732e2daafcc592d4091e877c2973b354e4a0639d8801c18114b9bd66fbf750bf1b879ca97342c895434f9c682a72e213cceb2cf1b7286bedd9332e000ea5ac75ab0b3e695ad919f2205a762fb88ccafbeea1ce30c8cdabc6b7681a06f73cbf6fc5a6e7facf17b5cb36c134b11c2ea866a2efa7179cea84842af383043bb48e1069e0fbaba1d930ab0d9eb1321f989b6e6b0f9872c2cc63f5a58da862dc041f5bbeedc30310845974bede4b1ca42dab26875be8ca1408f6c2234b9e0eb59dd1f4e196301a3796855c8a424c5abf0ab7e8f95382fd4c3c489bbb51bf2c6095bc2c4f2bd1b68f744d03e236f4cb3bfc77390ea68db543b91a320796222a30294e4fae64a10a45c7902f1efaf27e4693d939755db29a5ceb061774d4a355f366e2ca32c15e7b47a54d91f26f0c892d60b4ec961ad13ef3eec2cfd31ef4d76ff4b8bf0bb2403be613d68a73747235f7bf5aec0fabccc02ce89a49ae9265401d471af4a2f0861f20b4ba6fcdfb0825a68978ca43bfd03baa1b027872d4d79324a833f83b351efdb62e7264557575d7556637addd2d75874a91e431773c12fd3e43ccd37092c35c189c413c03d101a1e9e7c3efe3374b50b8281c35097f8ec01f63f62549999a09b3dca4f5f4b0c8e230ffe93c35882dbcc2c62457bf472736f35a6df1aa1cdeccf7de581909f7732a67593c1cb22ea2cbbc6d7619672a70d180f9e601fe632cac29505f8586321688f1d3827faff2310c637eeb4d5b6b9623f63a9f6c6d2d5cacdba0c5f4cb40f6cd7ab852afe9f0b2a41993f6810e93995286782dcdc5dac011d87bf3a600b2385f8c06e8cac6fc5bd0a39c252cb464e568170c35de0a3d56c985cfcc9368261e8ec3d09bff95068e0e20f245cf297b61f42cf7488451d059437e62b045c80f4cf21616bbf0e36826d616120c4ba78375748cf1dbd2b90b86c0506484149bed6bcb89f93fab854ed39c19c45308a41dd7f8ee99478996db221a786df353064e20aafec7da9904f0a136f43850cff987c504a6cf00431d3123df95f37131e6607936df8eb8c901329f91996bd40da6b25a5f2e86a4eb0a8531b35005e224e7b237250f3c207d5de73d40b5102272d12430cc26d3c87415d01c78a2f8db758f97c6552ebe2398cfe02aa8e9143c71468a7d676336d491cbcba742185697d8b7f36ed55efdb13c74438013dae2be0b3c22ec7888ca46872f6806a1a833bb3417a6d33c0be045ab2bbcc7a3a48bd741780b8c01e5a69adec0f371d5a37e84482e26048f64d1d3ee9f231f5d2231328364bce6acf6cec5b7a323940ce9fcac8fc019b97d23e7ddeb7e75dba3b8fabe32a6f13d790294ede29c0b5e0450c4242103bc338e8257639b496706dc357ae66627ede1454322b005de13ee6755669cb6456f6f1a7ade6cdd7092c87e718a24e87e096da77a9c62296bd49eb83ddaa7d7eea8644436f266981245e5f9eb6c4aeba47672468905616a06f7e0e11d5a0617339a0661bc00100dfc439cdf3ed7408abca6ceb9af9cafcda59ebd1277413d4678c9a4d4b09f5396c06e8753af8e6ffef338d4efcf34ffbfaf90ffb9642a78443d52bbee4c1b49e68960647a20838106afaddad976ab5ca2d88869a3547a80a2927ed8f6ba485684cf83978b69a9ff92ebc7888b07829f99b96f44e7d925e73345ad1c62a3df898cb40f0447991f1950f4a581c07969b5e828d53f5163759e1668b58ff159ae9482e92a198ef6a6935d9c65a06085dadbb57b92aa754ee5c0ae7564eff76c0f23936e04fa048961b23439cae3ec0c56a125e8f75318d2f59eb0c5d9c4e790ba37e7783f60a87c90e35be5c69142ed8e8bfd6344605e57decf5139c511711e53ae766ab82ee5297e29ff9ef8aead30bc533d3f202332c2a00936fb25ed9e485855b0f04530468e5b5ed3f8d318d36b658a5e2c0221e76981b347b13a5dd42befb24d96ece1a4c986ad49786e1ed2b2148f6fc695d91762fc09009e6602f9879a341c92f33152b780fbd72d0fd63c3d8eea225066c5afe1f182a7864aacd778c8cf03ed49731fda972123663215953cfa66b8e4caa0ac7b54432107c7e18db0bf14e194e088e3ed4ac71621e4b775a7e47d55866affccfd7aeec18390f5053269b97ae88affdcb67169256b5c01d6c621b6d6b70211d3f125e1824de33807c3ea321f9bb4ab0c13913845b20352d78c8e9cc3f2d633c17ca0b1e7082945239a4129c5546a1095c94e44e73f1b1a54a3ce697c9a492f744bb6246f6f0e13197bad99c3cff7ae94bcf798773068dd582aba81c1859efd6e2136233d7c5d175fd5c20daca401fc1d53b47d57be2380e6d98d59b94587cdfefecfadd0e37edfdae2c2127ba3536517eea386b5b76d2fb2963757e9bb4015b893e4c774a0d1e486db9125aa90e7ca753e41f085e06b3a6c1c68787ea4ecf2d73a42db6e76121061a076d0f0195934c1300c6af2ded2a158390d61ed7a0e83dd5e6ded69850aeb71bdfe793ce92df65966ed1dca990c1c0c97d1f372da2d72c8f2ada4aec277bea5b65fae7ad5cb49aae31a86d637cfb3a17189c26af4cb161e81b1a790fb41f4ac86111175fe0c552a681ffe4e5cb889dafe660695680eef6f7b99fcba5c1f127653c761c771844da8e60dfa5e2a42ea2f601cc372cb1310819a5bb86e5105407e1252a1f9f0e63769ff048218f41d9004ee51bf60f1145053ec1305b71ccfa49f4a77f3b471746cf76d28cf4cd9822c108745ff51abc68637c7f7ea81eba50b781aebf8582efb96a403e2c8b047b9b54ffc65ff41bcc2cf2406e199a1b04e4f565bceb60f5b8681cc6dd79c43dc84f4d2762fe6a785f26097cd391d0968d1dc38e26d19f4e0bb514b5e5a451a795b4718f09820c9a3becdd85ae994941535e394c566d5e0cc5d3d5d5023c11ad0e81ceba01d0893358667c50f363b8eae195d6460867b674b7daef36948c7d975b2b7ac81037697e0fdc942a546e181ef41bdcc34b7e0ef1057eba5d0e4cf58065df5d8a81a9e28d983584edec7804841625abe09a23c5f37761f3412c2917a61a3ecdcfcaf2694c024a7b41aa0eb8a4249312a46082713db11aa299220fa44d23724486da3f48e0d90e8b8bd91882e4afcaba7be2119cf594a5b432f506f2aeab8fd36229cbd7de72c59b7da3720350d6f198b11fa029343a8d012d8843957d5312518e3a5880b872985808c0bb87fc2bc5fd79498ab8a0afb0a5f4b43fec466889462703a56d5350663f53025cee5ec6de212ba2642b1a16e33fc1a5b6f750f4fa1fffd3de58acdcf2467903b92373cf149bd62811d21ec6a57a7c16a291a515f619661c273f575df5b0d6146b24cd45124759afa405fb5d757202fb3117a9dfb5e559e382abb0c9320ee43859391dfc503ac28569573e4133e4b59559db817f503cc37dc0d312a4d9490e5ca539cbc664062ee0e252491255f1fd408ff4842dc143f904cad8f22ba7125c39edb5663e4bd881fcf7b76025b39deb6a7ffb261251c1bc471a3e4d279cbf59ed7beb0203b271f98c496ae642e9658cc6c4014429d63f7ecd16af3a7a3fcbc25ee4b461789d07f90e769f97ff420f2a95b4891f1fecce72d93fa57509122c24725d5da696200af5e689285c0dbaa77e7f8d6169fa1adde78a967ff7460923aedb40d2fb34ea5fdceb34d31115f8b824f3c8f6ecc21c3cfed4928a3245d0214d0de6381fc2d8844038bb754a0c72aa957a6512ba81b7a250dcbc3e41e83afa219c45726b0719013cc7418f70849e0810204907479fca0a3c930e9cafa5bd84d7194d44bc165596442b33358bed940fde9bd93d95f6402d17664a606126a67f466b58ade9a009848e7713bcde70e50420a82f6e1b459cd5592adf845096a9a189636e03114cbd315ce00c0db5af1bdeeb8204210641d0823cebf5966d31be2a109a7f6926d83c7ba0003e5360551dd9eed20231d8d4bc23e139575778a68acde843179938ead967b1837534391bbd45222a640b0936698233c0be679a22a8374af083de375b92ccfd88b4cbba844737acf170be250e86789a346bec46a96d0179df7ac421b1c09685898d3239e3eac4d68cfa2da1a8090088e5a50fc5b14cc5acf268c4d898a3e245b507d6552428fca0d8949566652618d51a1fee6b63ca180bca43bcd65c3aa0334d662d6354203a9a79aaf359b32fbbb26c6a8a93809e6a234abfa783a73e9addbb6c45bed699a97a7783028d9e8563671123c485107eca3d79e14c6a6b7f5f5ac3821dc6847a5f36e33eef82618881af1cb31fb28ff9293a91bbd0e76a48ff631e3e3fa8c222bb6b9f8f0396e81b35806ad9317f07677912dc87687023ac3d20d9f0b87c2c437537673e3eac89ab96aecbc1c35cd6da16339d16670ebca7620e7d2aa4aa848734fe0ff2c8070e9b10991437ef46fa500a9590a6d236c215808711d402ec88b998962e699ae30d803270c52e023b4c0f0e3633eaa1c3c1b2fee7110d021c8059ca453a53d2bef3768b6ddc34ff1c5e48d6d7e1aa90c951c5020409ee3103631cef0bd3c02f7ff2983975c5d7987333766d4781b2c9b632376ff36ee2b597052b33e5895c7a283a4a8f7699faad2ef8d1ba45bfeaef09a6a0c22aa9a093"}, 0x1010)
iopl(0x3)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
syz_usb_connect(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="120100006325a64040200049014d00000001090224", @ANYRES64=0x0, @ANYRESHEX=r5], 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x20, 0x56a, 0xd0, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x4, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xfffc, 0x80, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x3}}}}}]}}]}}, 0x0)
syz_usb_control_io(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f0000001500)={0x2c, &(0x7f00000012c0)={0x0, 0x3aaeed48e614af2d, 0x3, {0xfffffffffffffd99, 0x0, '\x00'}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r6, &(0x7f00000013c0)={0x24, &(0x7f0000001200)={0x0, 0x21, 0xca, {0xca, 0xc, "fc18a1d23a1220e844f28a9d2e88733be4644a2be3073d071bd1241af8b1f4a85e09072fb79a6ffba4fff02c496a461077e671ac9c207d117fbd3bd380cedff5505d9f4a2358a14bb1b498276a18f9716c65f077681164e03c64666959daadd8d527fd96278426b7f07e5092333b99603c281408ce903a63b59126af3aae59ac6211cf14950966a5965f0d0a2f8a2457bee5bb084eb1feb02bb4a204b90dd0e8dc99de03faa54ece8f1155fc80f3baba540b51781e93e110501b2894952b5c78c6a9fce65e334655"}}, &(0x7f0000001300)={0x0, 0x3, 0x7b, @string={0x7b, 0x3, "bed10a99ba692ddbce1319a0dba9febbf140d14551a25fd6c938cc2a70b446a70c416eeda49d0e1e490d750c03c1411b702e4a55f5df33267aaa95da0c0c2ac2ae3636f226e561ee0762dd715b2ae46c37867f59caeaf18cc0675582c6ea374a1a51dc9df8b54fda739814355a12b380801159f5897154ce72"}}, &(0x7f00000000c0)={0x0, 0x22, 0xd, {[@local=@item_012={0x2, 0x2, 0x3, '-3'}, @main=@item_4={0x3, 0x0, 0x8, "0f698475"}, @global=@item_4={0x3, 0x1, 0x5, "3efa7b03"}]}}, &(0x7f0000000140)={0x0, 0x21, 0x9, {0x9, 0x21, 0x1000, 0x5, 0x1, {0x22, 0x48e}}}}, &(0x7f0000001580)={0x2c, &(0x7f0000001400)={0x40, 0xd, 0x3a, "ba73319167d1eef6b630a88be39909df2189e2e6d6e8a5d17a779677b2ca6d0a783e5abc6fb0243e96b9b4548ca7ab6f755373a164fbb08986ce"}, &(0x7f0000001440)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000001480)={0x0, 0x8, 0x1, 0x1}, &(0x7f00000014c0)={0x20, 0x1, 0x46, "aa0bcaba053aff410dbb5b6d2b654bf993ef4716d6edfd850d2e574792000a637e86be96fd57c748f0f25c717bcaebee5d207999aade020a6654e5aa741e0b12ff2d5bf5006f"}, &(0x7f0000001540)={0x20, 0x3, 0x1, 0x7}})
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
fchdir(r7)
sendmmsg(r3, &(0x7f0000000000), 0x4000000000001f2, 0x0)

13.719564793s ago: executing program 5 (id=775):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ab9fd540501d6f60d414000000010902120001000040000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000780)={0x2c, &(0x7f00000006c0)={0x0, 0x9, 0xc, "cd8fc54213ffd30fac5ad3d0"}, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdir(&(0x7f0000000540)='./file0\x00', 0xd0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xf, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd, @generic={0x2c}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9}, @exit, @tail_call]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000000)={{0x3}})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001740)={&(0x7f0000001600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x4, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x43000000}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x2, 0x1}]}]}, {0x0, [0x0, 0x2e]}}, 0x0, 0x40, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(0xffffffffffffffff, 0x80e85411, &(0x7f00000022c0))
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018000280140003"], 0x50}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x6, 0x2d, 0x0, 0x0)

11.691482257s ago: executing program 2 (id=781):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x20040, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
dup(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000080)=0x3)
r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r8}, @generic={0x45}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000001474a100000040"])
r10 = syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)
syz_usb_control_io$uac1(r10, &(0x7f0000000280)={0x14, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0003040000002203"]}, 0x0)
syz_usb_control_io(r10, &(0x7f0000000240)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @string={0x4, 0x3, "00d6"}}, 0x0, 0x0, 0x0}, 0x0)

9.516681554s ago: executing program 4 (id=787):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14)
ppoll(&(0x7f0000000180)=[{r0}], 0x1, 0x0, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000014c0)=@newsa={0x154, 0x10, 0x633, 0x0, 0x80000000, {{@in=@multicast2, @in6=@dev={0xfe, 0x80, '\x00', 0xfd}, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in6=@loopback, 0x4d2, 0x32}, @in=@local, {0x0, 0x0, 0x0, 0x0, 0x3}, {0x5, 0x0, 0x0, 0x5}, {}, 0x2, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x0, 0x4e22, 0x4e21, @in=@private=0xa010102}}]}, 0x154}}, 0x0)
close(r0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
mprotect(&(0x7f00003fd000/0xc00000)=nil, 0xc00000, 0x5)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x40000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f0000000080)={0x10000, 0x8000})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)

8.338576238s ago: executing program 5 (id=789):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x20040, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
dup(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000080)=0x3)
r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r8}, @generic={0x45}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000001474a100000040"])
r10 = syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)
syz_usb_control_io$uac1(r10, &(0x7f0000000280)={0x14, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0003040000002203"]}, 0x0)
syz_usb_control_io(r10, &(0x7f0000000240)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @string={0x4, 0x3, "00d6"}}, 0x0, 0x0, 0x0}, 0x0)

7.154383187s ago: executing program 4 (id=794):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x20040, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
dup(r3)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000080)=0x3)
r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r8}, @generic={0x45}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r9 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000001474a100000040"])
r10 = syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)
syz_usb_control_io$uac1(r10, &(0x7f0000000280)={0x14, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0003040000002203"]}, 0x0)
syz_usb_control_io(r10, &(0x7f0000000240)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @string={0x4, 0x3, "00d6"}}, 0x0, 0x0, 0x0}, 0x0)

6.597514021s ago: executing program 3 (id=795):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@volatile}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(0x0, 0x220000, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')

6.28071525s ago: executing program 3 (id=796):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000200)=""/128, 0x80)
mmap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x8, 0x80010, r1, 0x2e925000)
close_range(r0, 0xffffffffffffffff, 0x0)

6.134032747s ago: executing program 2 (id=797):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_io_uring_setup(0x16e, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000001240)=<r1=>0x0, &(0x7f0000001340)=<r2=>0x0)
syz_io_uring_setup(0x2c0c, &(0x7f00000002c0)={0x0, 0x0, 0x4002}, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$MPTCP_PM_CMD_REMOVE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, 0x0, 0x1, 0x0, 0x0, {0x4}}, 0x14}, 0x1, 0xfcffffff00000000}, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)

5.971775182s ago: executing program 3 (id=798):
iopl(0x3)
accept(0xffffffffffffffff, &(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, &(0x7f0000000080)=0x80)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x16a042, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = io_uring_setup(0x168e, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8)

5.391568888s ago: executing program 2 (id=799):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ab9fd540501d6f60d414000000010902120001000040000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000780)={0x2c, &(0x7f00000006c0)={0x0, 0x9, 0xc, "cd8fc54213ffd30fac5ad3d0"}, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdir(&(0x7f0000000540)='./file0\x00', 0xd0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xf, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd, @generic={0x2c}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9}, @exit, @tail_call]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000000)={{0x3}})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001740)={&(0x7f0000001600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x4, [@struct={0x0, 0x0, 0x0, 0x4, 0x0, 0x43000000}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x2, 0x1}]}]}, {0x0, [0x0, 0x2e]}}, 0x0, 0x40, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(0xffffffffffffffff, 0x80e85411, &(0x7f00000022c0))
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018000280140003"], 0x50}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x6, 0x2d, 0x0, 0x0)

5.269145955s ago: executing program 0 (id=800):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
pipe2(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0xdcb9, 0x2, 0x0)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000001280), 0xaa000, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$FBIO_WAITFORVSYNC(r5, 0x40044620, 0x0)
r6 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40f02, 0x0)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000040))
ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f00000000c0)=0x40)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000003a000b00000000000000000004"], 0x24}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_DISABLE(r7, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\t\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000002000000140001800d0001007564703a73797a3000000000"], 0x28}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

5.048520066s ago: executing program 3 (id=801):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f00000000c0)=0x32)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000014c0)=@newsa={0x154, 0x10, 0x633, 0x0, 0x80000000, {{@in=@multicast2, @in6=@dev={0xfe, 0x80, '\x00', 0xfd}, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in6=@loopback, 0x4d2, 0x32}, @in=@local, {0x0, 0x0, 0x0, 0x0, 0x3}, {0x5, 0x0, 0x0, 0x5}, {}, 0x2, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x0, 0x4e22, 0x4e21, @in=@private=0xa010102}}]}, 0x154}}, 0x0)
close(r0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
mprotect(&(0x7f00003fd000/0xc00000)=nil, 0xc00000, 0x5)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x40000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r4, 0xc040aed5, &(0x7f0000000080)={0x10000, 0x8000})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)

4.357430888s ago: executing program 5 (id=802):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@volatile}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x220000, 0x0)
mknodat$loop(r0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')

4.286693315s ago: executing program 5 (id=803):
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x1}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x20040890)

4.216522352s ago: executing program 0 (id=804):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
openat$audio1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x300, 0x0, 0xdb0, 0xf5ffffff}, 0x0)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat2(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r6 = io_uring_setup(0x17ba, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0xe0})
io_uring_register$IORING_REGISTER_FILES_UPDATE(r6, 0x1b, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stat\x00')
close_range(r0, 0xffffffffffffffff, 0x0)

3.424278421s ago: executing program 0 (id=805):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000001000), 0x2, 0x0)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000040)={0x2, 0x100, 0x7, {0x3, 0xda2, 0x4}})
sched_rr_get_interval(0x0, &(0x7f0000000180))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x410000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x0)
r3 = io_uring_setup(0x4b2f, &(0x7f0000000200)={0x0, 0xa5e, 0x1000, 0x3, 0xc2})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000000)=[{&(0x7f0000001700)=""/4095, 0xfff}], 0x1)
syz_clone(0x0, 0x0, 0xfffffffffffffead, 0x0, 0x0, 0x0)

2.788692326s ago: executing program 0 (id=806):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x6a802, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
r2 = socket(0x28, 0x5, 0x0)
r3 = socket(0x28, 0x5, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)}, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r4, 0x3b88, &(0x7f00000002c0)={0xc, r5})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000280)={0x28, 0x6, r5, 0x0, &(0x7f0000c13000/0x2000)=nil, 0x2000, 0xfffffffffffffffc})
ioctl$IOMMU_VFIO_SET_IOMMU(r4, 0x3b66, 0x1)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r4, 0x3b72, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"])
bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r3, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000180)={0x1, 0x5}, 0x8)
sendmmsg(r2, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r6 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r7}, 0x10)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3})

2.785931746s ago: executing program 4 (id=807):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@volatile}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x220000, 0x0)
mknodat$loop(r0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')

2.553749532s ago: executing program 5 (id=808):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x20040, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
dup(r3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000080)=0x3)
r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r8}, @generic={0x45}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000001474a100000040"])
r10 = syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)
syz_usb_control_io$uac1(r10, &(0x7f0000000280)={0x14, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0003040000002203"]}, 0x0)
syz_usb_control_io(r10, &(0x7f0000000240)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @string={0x4, 0x3, "00d6"}}, 0x0, 0x0, 0x0}, 0x0)

2.553381208s ago: executing program 4 (id=809):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000200)=""/128, 0x80)
mmap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x8, 0x80010, r1, 0x2e925000)
close_range(r0, 0xffffffffffffffff, 0x0)

2.385344911s ago: executing program 3 (id=810):
iopl(0x3)
accept(0xffffffffffffffff, &(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, &(0x7f0000000080)=0x80)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x16a042, 0x0)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=' ', 0x1}], 0x1, 0x0, 0x0, 0xfe)
r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x600000, 0x10)
fanotify_mark(r0, 0x1, 0x10, r1, &(0x7f0000000100)='./file0\x00')
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r2 = io_uring_setup(0x168e, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8)

2.343595308s ago: executing program 0 (id=811):
iopl(0x3)
accept(0xffffffffffffffff, &(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, &(0x7f0000000080)=0x80)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x16a042, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = io_uring_setup(0x168e, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8)

1.641614538s ago: executing program 4 (id=812):
mmap(&(0x7f00009f0000/0x4000)=nil, 0x4000, 0x2000008, 0x8010, 0xffffffffffffffff, 0x0)
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000280))
read(r1, 0x0, 0x0)
r2 = socket$caif_stream(0x25, 0x1, 0x3)
r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0)
sync_file_range(r3, 0x4, 0xfffffffffffff00c, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x301)
prlimit64(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x0, 0x101301)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
setsockopt$CAIFSO_REQ_PARAM(r2, 0x116, 0x80, &(0x7f0000000400)="8a5b", 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0xc2, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010100, @remote, {[@ra={0x94, 0x4, 0x300}]}}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "37653645e82fdd5d6988142e2ccfe1912e1f2322310c24167002744c24c6d7a1", "789ea41a87a196497c03aac0751e9b7d3418c8bf26233705f85f617872bdee42ce9534c421aa5bbb97333a70e510dfb7", "0726041c0000000000004e24c493f9055a4de01e9be47500", {"a04ae4a0ee50332563026b95098ebdf6", "6089a6305e0f26abf88585dabb3f9ffe"}}}}}}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x0, &(0x7f0000000040), 0x0, 0x4)

1.544970136s ago: executing program 2 (id=813):
socket$nl_route(0x10, 0x3, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000001880), 0x0, 0x0)
r0 = syz_io_uring_setup(0x16e, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000001240)=<r1=>0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, 0xffffffffffffffff, 0x0)
add_key(&(0x7f0000000000)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_io_uring_setup(0x2c0c, &(0x7f00000002c0)={0x0, 0x0, 0x4002}, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x100008b}, 0x0)
fsopen(&(0x7f0000000080)='ramfs\x00', 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r6=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f0000000040)={r6, 0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f0000000200)={r6, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r8, r7, 0x3, 0x0, 0x0, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0x2, 0x5, 0x4cab, 0xe154, 0x1000, 0x0, 0x10, 0xf9, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}})
syz_io_uring_submit(r1, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)

467.095681ms ago: executing program 3 (id=814):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
pipe2(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0xdcb9, 0x2, 0x0)
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000001280), 0xaa000, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$FBIO_WAITFORVSYNC(r5, 0x40044620, 0x0)
r6 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40f02, 0x0)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000040))
ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f00000000c0)=0x40)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000003a000b00000000000000000004"], 0x24}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_DISABLE(r7, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\t\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000002000000140001800d0001007564703a73797a3000000000"], 0x28}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

454.563447ms ago: executing program 2 (id=815):
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
setrlimit(0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x2}]}}, &(0x7f0000000540)=""/132, 0x26, 0x84, 0x1, 0x0, 0x0, @void, @value}, 0x20)
socket$pppoe(0x18, 0x1, 0x0)
r0 = syz_open_dev$amidi(&(0x7f0000000140), 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045731, &(0x7f0000000000))

373.980927ms ago: executing program 4 (id=816):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000003000/0x3000)=nil, 0x3000)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000003700)={0x2020}, 0x2020) (fail_nth: 1)

66.264481ms ago: executing program 0 (id=817):
ioctl$SOUND_MIXER_READ_VOLUME(0xffffffffffffffff, 0x80044d0c, &(0x7f0000000080))
unshare(0x68060200)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r1, &(0x7f00000054c0)={0x2020}, 0x2020)
r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000000c0), 0x181200, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000180)=0xc)
ioctl$TCGETS2(r0, 0x802c542a, &(0x7f0000000040)) (fail_nth: 2)

0s ago: executing program 2 (id=818):
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x0, 0x40, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_create_resource$binfmt(&(0x7f0000000e40)='./file0\x00')
r1 = openat$binfmt(0xffffff9c, r0, 0x41, 0x1ff)
write$binfmt_script(r1, &(0x7f0000002380)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x100b)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
connect(r4, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
readv(r5, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/15, 0xf}], 0x1)
r6 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000200)={@remote, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000080)={@mcast1, 0x7, 0x2, 0x0, 0x0, 0x0, 0x3ff}, 0x20)
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="1201100100000040790011000000000000010902240001000020000904000022030000000921000000012205df080581030004000000"], 0x0)
syz_usb_control_io(r7, 0x0, 0x0)

kernel console output (not intermixed with test programs):

le permissive=1
[  182.811917][ T5916] usb 5-1: 0:2 : does not exist
[  183.933666][   T29] audit: type=1400 audit(1732238983.232:341): avc:  denied  { execute } for  pid=7745 comm="syz.3.353" path="/dev/bsg/cpuacct.usage_all" dev="devtmpfs" ino=2894 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=file permissive=1
[  184.125028][ T7759] FAULT_INJECTION: forcing a failure.
[  184.125028][ T7759] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.138250][ T7759] CPU: 1 UID: 0 PID: 7759 Comm: syz.3.353 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  184.148491][ T7759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  184.158531][ T7759] Call Trace:
[  184.161792][ T7759]  <TASK>
[  184.164720][ T7759]  dump_stack_lvl+0x16c/0x1f0
[  184.169410][ T7759]  should_fail_ex+0x497/0x5b0
[  184.174094][ T7759]  _copy_to_user+0x32/0xd0
[  184.178495][ T7759]  do_pipe2+0x144/0x1d0
[  184.182642][ T7759]  ? __pfx_do_pipe2+0x10/0x10
[  184.187313][ T7759]  ? __pfx_ksys_write+0x10/0x10
[  184.192160][ T7759]  __x64_sys_pipe+0x33/0x50
[  184.196660][ T7759]  do_syscall_64+0xcd/0x250
[  184.201161][ T7759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.207046][ T7759] RIP: 0033:0x7f4b5c77e819
[  184.211450][ T7759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.231039][ T7759] RSP: 002b:00007f4b5d4c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016
[  184.239438][ T7759] RAX: ffffffffffffffda RBX: 00007f4b5c936080 RCX: 00007f4b5c77e819
[  184.247401][ T7759] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200001c0
[  184.255353][ T7759] RBP: 00007f4b5d4c5090 R08: 0000000000000000 R09: 0000000000000000
[  184.263305][ T7759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  184.271259][ T7759] R13: 0000000000000001 R14: 00007f4b5c936080 R15: 00007ffd037cc7d8
[  184.279223][ T7759]  </TASK>
[  184.350166][ T5886] usb 5-1: USB disconnect, device number 9
[  184.717390][   T29] audit: type=1400 audit(1732238984.012:342): avc:  denied  { listen } for  pid=7780 comm="syz.1.361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  184.746247][ T7783] netlink: 'syz.4.357': attribute type 4 has an invalid length.
[  184.820152][ T7781] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  184.873600][   T29] audit: type=1400 audit(1732238984.172:343): avc:  denied  { write } for  pid=7780 comm="syz.1.361" path="socket:[14751]" dev="sockfs" ino=14751 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  185.609613][   T25] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  185.764299][ T7820] overlayfs: missing 'lowerdir'
[  185.864341][   T25] usb 2-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  185.937997][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.209711][   T25] usb 2-1: config 0 descriptor??
[  186.378078][ T7842] ucma_write: process 263 (syz.2.376) changed security contexts after opening file descriptor, this is not allowed.
[  186.654441][   T25] gs_usb 2-1:0.0: Configuring for 67 interfaces
[  186.661010][   T25] gs_usb 2-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  186.678478][   T25] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -22
[  187.011369][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  187.164559][ T7857] netlink: 8 bytes leftover after parsing attributes in process `syz.1.366'.
[  187.173382][ T7857] netlink: 'syz.1.366': attribute type 3 has an invalid length.
[  187.458533][ T7860] 9pnet_fd: Insufficient options for proto=fd
[  187.702569][    T9] usb 5-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  187.769790][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.795272][    T9] usb 5-1: config 0 descriptor??
[  188.459455][    T9] gs_usb 5-1:0.0: Configuring for 67 interfaces
[  188.548219][    T9] gs_usb 5-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  188.656823][ T5884] usb 2-1: USB disconnect, device number 11
[  188.680423][    T9] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -22
[  189.038552][ T7881] netlink: 8 bytes leftover after parsing attributes in process `syz.4.378'.
[  189.047394][ T7881] netlink: 'syz.4.378': attribute type 3 has an invalid length.
[  190.119547][ T7889] netlink: 64 bytes leftover after parsing attributes in process `syz.3.391'.
[  190.128575][ T7889] netlink: 64 bytes leftover after parsing attributes in process `syz.3.391'.
[  190.939633][ T5887] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  191.028821][ T7894] FAULT_INJECTION: forcing a failure.
[  191.028821][ T7894] name failslab, interval 1, probability 0, space 0, times 0
[  191.046856][ T7894] CPU: 1 UID: 0 PID: 7894 Comm: syz.3.393 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  191.057108][ T7894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  191.067161][ T7894] Call Trace:
[  191.070419][ T7894]  <TASK>
[  191.073327][ T7894]  dump_stack_lvl+0x16c/0x1f0
[  191.078002][ T7894]  should_fail_ex+0x497/0x5b0
[  191.082672][ T7894]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  191.088286][ T7894]  should_failslab+0xc2/0x120
[  191.092938][ T7894]  __kmalloc_node_track_caller_noprof+0xcf/0x430
[  191.099250][ T7894]  ? sidtab_sid2str_get+0x17a/0x680
[  191.104464][ T7894]  kmemdup_noprof+0x29/0x60
[  191.108973][ T7894]  sidtab_sid2str_get+0x17a/0x680
[  191.114002][ T7894]  sidtab_entry_to_string+0x33/0x110
[  191.119293][ T7894]  security_sid_to_context_core+0x35c/0x640
[  191.125187][ T7894]  avc_audit_post_callback+0x10b/0x8c0
[  191.130649][ T7894]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  191.136630][ T7894]  ? audit_log_format+0xe9/0x130
[  191.141574][ T7894]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  191.147552][ T7894]  ? skb_put+0x138/0x1b0
[  191.151797][ T7894]  ? audit_log_n_string+0x251/0x540
[  191.157008][ T7894]  ? audit_log_n_untrustedstring+0xf2/0x100
[  191.162905][ T7894]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  191.168860][ T7894]  common_lsm_audit+0x260/0x2210
[  191.173798][ T7894]  ? __pfx_common_lsm_audit+0x10/0x10
[  191.179147][ T7894]  ? __pfx_lock_release+0x10/0x10
[  191.184144][ T7894]  ? __pfx_avc_node_free+0x10/0x10
[  191.189231][ T7894]  ? rcu_is_watching+0x12/0xc0
[  191.193974][ T7894]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  191.199755][ T7894]  ? lockdep_hardirqs_on+0x7c/0x110
[  191.204932][ T7894]  ? slow_avc_audit+0x17d/0x210
[  191.209757][ T7894]  slow_avc_audit+0x17d/0x210
[  191.214413][ T7894]  ? __pfx_slow_avc_audit+0x10/0x10
[  191.219597][ T7894]  ? avc_denied+0x138/0x180
[  191.224082][ T7894]  ? avc_has_perm_noaudit+0x2f8/0x3a0
[  191.229436][ T7894]  avc_has_perm+0x18d/0x1c0
[  191.233921][ T7894]  ? __pfx_avc_has_perm+0x10/0x10
[  191.238928][ T7894]  ? __pfx___lock_acquire+0x10/0x10
[  191.244105][ T7894]  sock_has_perm+0x253/0x2f0
[  191.248670][ T7894]  ? __pfx_sock_has_perm+0x10/0x10
[  191.253756][ T7894]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  191.260494][ T7894]  ? import_ubuf+0x1b6/0x220
[  191.265081][ T7894]  security_socket_sendmsg+0x9b/0x240
[  191.270432][ T7894]  ____sys_sendmsg+0x7ec/0xc90
[  191.275196][ T7894]  ? copy_msghdr_from_user+0x10b/0x160
[  191.280628][ T7894]  ? __pfx_____sys_sendmsg+0x10/0x10
[  191.285893][ T7894]  ___sys_sendmsg+0x135/0x1e0
[  191.290550][ T7894]  ? __pfx____sys_sendmsg+0x10/0x10
[  191.295725][ T7894]  ? __pfx_lock_release+0x10/0x10
[  191.300722][ T7894]  ? trace_lock_acquire+0x14a/0x1d0
[  191.305906][ T7894]  ? __fget_files+0x206/0x3a0
[  191.310562][ T7894]  __sys_sendmsg+0x16e/0x220
[  191.315125][ T7894]  ? __pfx___sys_sendmsg+0x10/0x10
[  191.320218][ T7894]  do_syscall_64+0xcd/0x250
[  191.324698][ T7894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.330566][ T7894] RIP: 0033:0x7f4b5c77e819
[  191.334954][ T7894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.354534][ T7894] RSP: 002b:00007f4b5d4e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.362916][ T7894] RAX: ffffffffffffffda RBX: 00007f4b5c935fa0 RCX: 00007f4b5c77e819
[  191.370861][ T7894] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  191.378804][ T7894] RBP: 00007f4b5d4e6090 R08: 0000000000000000 R09: 0000000000000000
[  191.386746][ T7894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.394696][ T7894] R13: 0000000000000000 R14: 00007f4b5c935fa0 R15: 00007ffd037cc7d8
[  191.402645][ T7894]  </TASK>
[  191.414723][   T29] audit: type=1400 audit(1732238990.322:344): avc:  denied  { write } for  pid=7893 comm="syz.3.393" ssid=146 tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  191.433081][ T5887] usb 3-1: Using ep0 maxpacket: 32
[  191.436423][   T25] usb 5-1: USB disconnect, device number 10
[  191.460926][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.479449][ T5887] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  191.492346][ T5887] usb 3-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00
[  191.501638][ T5887] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.553265][ T5887] usb 3-1: config 0 descriptor??
[  191.848960][ T7883] netlink: 92 bytes leftover after parsing attributes in process `syz.2.389'.
[  191.875710][ T7883] netlink: 92 bytes leftover after parsing attributes in process `syz.2.389'.
[  191.891039][ T7905] netlink: 'syz.4.398': attribute type 10 has an invalid length.
[  192.010747][ T7905] netlink: 40 bytes leftover after parsing attributes in process `syz.4.398'.
[  192.382143][ T5887] wacom 0003:056A:00D0.0003: unknown main item tag 0x0
[  192.482042][ T5887] wacom 0003:056A:00D0.0003: Unknown device_type for 'HID 056a:00d0'. Assuming pen.
[  192.739909][ T5887] wacom 0003:056A:00D0.0003: hidraw0: USB HID vff.fc Device [HID 056a:00d0] on usb-dummy_hcd.2-1/input0
[  192.752202][ T5887] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:00D0.0003/input/input5
[  192.820142][   T29] audit: type=1400 audit(1732238992.122:345): avc:  denied  { read } for  pid=5194 comm="acpid" name="mouse1" dev="devtmpfs" ino=2901 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  192.863584][   T29] audit: type=1400 audit(1732238992.122:346): avc:  denied  { open } for  pid=5194 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2901 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  192.933747][   T29] audit: type=1400 audit(1732238992.212:347): avc:  denied  { ioctl } for  pid=5194 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2901 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  192.979338][ T5916] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  193.044369][ T5887] usb 3-1: USB disconnect, device number 8
[  193.053939][ T7924] vivid-002: =================  START STATUS  =================
[  193.062110][ T7924] vivid-002: Radio HW Seek Mode: Bounded
[  193.068789][ T7924] vivid-002: Radio Programmable HW Seek: false
[  193.076073][ T7924] vivid-002: RDS Rx I/O Mode: Block I/O
[  193.081878][ T7924] vivid-002: Generate RBDS Instead of RDS: false
[  193.088834][ T7924] vivid-002: RDS Reception: true
[  193.093963][ T7924] vivid-002: RDS Program Type: 0 inactive
[  193.100346][ T7924] vivid-002: RDS PS Name:  inactive
[  193.105750][ T7924] vivid-002: RDS Radio Text:  inactive
[  193.557750][ T7924] vivid-002: RDS Traffic Announcement: false inactive
[  193.802058][ T7924] vivid-002: RDS Traffic Program: false inactive
[  193.821286][ T7924] vivid-002: RDS Music: false inactive
[  193.826811][ T7924] vivid-002: ==================  END STATUS  ==================
[  193.990658][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  193.997328][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  194.270667][ T5916] usb 1-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  194.279871][ T5916] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.304094][ T5916] usb 1-1: config 0 descriptor??
[  194.329744][   T25] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  194.499524][   T25] usb 5-1: Using ep0 maxpacket: 16
[  194.530275][   T25] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  194.539373][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.554502][   T25] usb 5-1: Product: syz
[  194.558916][   T25] usb 5-1: Manufacturer: syz
[  194.563561][   T25] usb 5-1: SerialNumber: syz
[  194.577618][   T25] r8152-cfgselector 5-1: Unknown version 0x0000
[  194.584187][   T25] r8152-cfgselector 5-1: config 0 descriptor??
[  194.738429][ T5916] gs_usb 1-1:0.0: Configuring for 67 interfaces
[  194.745412][ T5916] gs_usb 1-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  194.759809][ T5916] gs_usb 1-1:0.0: probe with driver gs_usb failed with error -22
[  194.808498][ T5887] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  195.090371][   T25] r8152-cfgselector 5-1: USB disconnect, device number 11
[  195.107205][ T7954] netlink: 8 bytes leftover after parsing attributes in process `syz.0.399'.
[  195.116126][ T7954] netlink: 'syz.0.399': attribute type 3 has an invalid length.
[  195.961686][ T7962] netlink: 'syz.1.414': attribute type 10 has an invalid length.
[  195.969624][ T7962] netlink: 40 bytes leftover after parsing attributes in process `syz.1.414'.
[  196.039433][ T5887] usb 4-1: Using ep0 maxpacket: 8
[  196.052897][ T7962] team0: Port device geneve0 added
[  196.210777][ T5916] usb 1-1: USB disconnect, device number 17
[  196.239982][ T5885] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  196.382204][ T5887] usb 4-1: New USB device found, idVendor=0781, idProduct=0001, bcdDevice= 2.00
[  196.480871][ T5885] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  196.488119][ T5885] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  196.502824][ T5885] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.521417][ T5887] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.085740][ T5887] usb 4-1: Product: syz
[  197.090031][ T5887] usb 4-1: Manufacturer: syz
[  197.094636][ T5887] usb 4-1: SerialNumber: syz
[  197.104973][ T5887] usb 4-1: config 0 descriptor??
[  197.166159][ T5885] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  197.219131][ T5885] usb 3-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  197.228295][ T5885] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.361400][ T5885] usb 3-1: config 0 descriptor??
[  197.365674][ T5887] usb-storage 4-1:0.0: USB Mass Storage device detected
[  197.501569][ T5885] usbhid 3-1:0.0: can't add hid device: -22
[  197.513473][ T5885] usbhid 3-1:0.0: probe with driver usbhid failed with error -22
[  197.614874][ T7979] netlink: 'syz.0.419': attribute type 12 has an invalid length.
[  197.622736][ T7979] netlink: 244 bytes leftover after parsing attributes in process `syz.0.419'.
[  198.379429][   T29] audit: type=1400 audit(1732238997.672:348): avc:  denied  { read } for  pid=7981 comm="syz.1.420" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  198.435988][ T5887] usb-storage 4-1:0.0: Quirks match for vid 0781 pid 0001: 1
[  198.441588][   T29] audit: type=1400 audit(1732238997.672:349): avc:  denied  { open } for  pid=7981 comm="syz.1.420" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  198.444326][ T5887] usb-storage 4-1:0.0: This device (0781,0001,0200 S 06 P a4) has an unneeded SubClass entry in unusual_devs.h (kernel 6.12.0-syzkaller-05480-gfcc79e1714e8)
[  198.444326][ T5887]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  198.525430][   T29] audit: type=1400 audit(1732238997.672:350): avc:  denied  { ioctl } for  pid=7981 comm="syz.1.420" path="/dev/rtc0" dev="devtmpfs" ino=921 ioctlcmd=0x700b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  198.555546][ T5885] usb 3-1: USB disconnect, device number 9
[  198.929584][   T29] audit: type=1400 audit(1732238997.972:351): avc:  denied  { read } for  pid=7991 comm="syz.4.421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  198.948964][   T29] audit: type=1326 audit(1732238998.192:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7995 comm="syz.2.424" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff527f7e819 code=0x0
[  199.552599][   T29] audit: type=1400 audit(1732238998.842:353): avc:  denied  { create } for  pid=8002 comm="syz.3.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  199.845876][   T29] audit: type=1400 audit(1732238998.852:354): avc:  denied  { ioctl } for  pid=8002 comm="syz.3.427" path="socket:[16325]" dev="sockfs" ino=16325 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  199.965201][ T5887] usb 4-1: USB disconnect, device number 17
[  200.113153][   T29] audit: type=1400 audit(1732238998.892:355): avc:  denied  { bind } for  pid=8002 comm="syz.3.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  200.148443][   T29] audit: type=1400 audit(1732238998.892:356): avc:  denied  { read } for  pid=8002 comm="syz.3.427" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  200.291569][   T29] audit: type=1400 audit(1732238998.892:357): avc:  denied  { open } for  pid=8002 comm="syz.3.427" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  202.628152][ T8052] binder: BINDER_SET_CONTEXT_MGR already set
[  202.639552][ T8052] binder: 8051:8052 ioctl 4018620d 20004a80 returned -16
[  202.762127][ T5887] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  203.032929][ T5887] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  203.059535][ T5887] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  203.070609][ T5887] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.082613][ T5887] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  203.095893][ T5887] usb 1-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  203.105230][ T5887] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.145079][ T5887] usb 1-1: config 0 descriptor??
[  203.255461][ T5887] usbhid 1-1:0.0: can't add hid device: -22
[  203.276584][ T5887] usbhid 1-1:0.0: probe with driver usbhid failed with error -22
[  203.487256][ T8064] netlink: 'syz.4.438': attribute type 12 has an invalid length.
[  203.495108][ T8064] netlink: 244 bytes leftover after parsing attributes in process `syz.4.438'.
[  203.938652][ T8046] netlink: 'syz.2.435': attribute type 1 has an invalid length.
[  203.946648][ T8046] netlink: 32 bytes leftover after parsing attributes in process `syz.2.435'.
[  204.007474][ T8056] loop2: detected capacity change from 0 to 7
[  204.160792][ T8056] Dev loop2: unable to read RDB block 7
[  204.179212][ T8056]  loop2: unable to read partition table
[  204.198372][ T8056] loop2: partition table beyond EOD, truncated
[  204.278383][ T8056] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  205.078114][ T5886] usb 1-1: USB disconnect, device number 18
[  205.119532][   T46] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  205.215752][ T8091] netlink: 6 bytes leftover after parsing attributes in process `syz.2.442'.
[  205.285652][   T46] usb 2-1: unable to get BOS descriptor or descriptor too short
[  205.297271][   T46] usb 2-1: not running at top speed; connect to a high speed hub
[  205.316890][   T46] usb 2-1: config 219 has 1 interface, different from the descriptor's value: 2
[  205.328673][   T46] usb 2-1: config 219 interface 0 has no altsetting 0
[  205.376746][ T5887] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  205.381149][   T46] usb 2-1: config 219 interface 0 has no altsetting 1
[  205.397672][   T46] usb 2-1: New USB device found, idVendor=2b73, idProduct=0017, bcdDevice=a2.0e
[  205.407087][   T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.415378][   T46] usb 2-1: Product: syz
[  205.425106][   T46] usb 2-1: Manufacturer: syz
[  205.435036][   T46] usb 2-1: SerialNumber: syz
[  205.447911][   T29] kauditd_printk_skb: 26 callbacks suppressed
[  205.447925][   T29] audit: type=1400 audit(1732239004.742:384): avc:  denied  { setrlimit } for  pid=8098 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  205.593850][ T5887] usb 4-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  205.817374][ T5887] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  205.854040][ T5887] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  205.887352][ T5887] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  205.912731][ T5887] usb 4-1: SerialNumber: syz
[  206.021631][ T8080] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.048596][ T8080] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.192307][   T46] usb 2-1: selecting invalid altsetting 0
[  206.198357][   T46] usb 2-1: selecting invalid altsetting 0
[  206.223350][ T5887] usb 4-1: 0:2 : does not exist
[  206.233830][   T46] usb 2-1: USB disconnect, device number 12
[  206.897824][ T8121] atomic_op ffff88805e5ef998 conn xmit_atomic 0000000000000000
[  207.111687][ T5837] udevd[5837]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:219.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  207.836559][   T46] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  207.996296][   T25] usb 4-1: USB disconnect, device number 18
[  208.477268][   T46] usb 1-1: New USB device found, idVendor=055d, idProduct=9002, bcdDevice=23.5e
[  208.486579][   T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.494725][   T46] usb 1-1: Product: syz
[  208.498969][   T46] usb 1-1: Manufacturer: syz
[  208.503670][   T46] usb 1-1: SerialNumber: syz
[  208.590913][   T46] usb 1-1: config 0 descriptor??
[  208.616639][   T46] pwc: Samsung SNC-35E (v3.0) USB webcam detected.
[  208.699526][ T8159] netlink: 6 bytes leftover after parsing attributes in process `syz.4.454'.
[  208.799772][   T25] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  208.854665][   T46] pwc: Failed to set LED on/off time (-71)
[  208.866395][   T46] pwc: send_video_command error -71
[  208.880416][   T46] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  208.923318][   T46] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  209.034230][   T46] usb 1-1: USB disconnect, device number 19
[  209.054331][   T25] usb 4-1: config 0 descriptor has 1 excess byte, ignoring
[  209.063268][   T25] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  209.084381][   T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.105090][   T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  209.138590][   T25] usb 4-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  209.156189][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.181015][   T25] usb 4-1: config 0 descriptor??
[  209.192177][   T25] usbhid 4-1:0.0: can't add hid device: -22
[  209.198374][   T25] usbhid 4-1:0.0: probe with driver usbhid failed with error -22
[  209.557301][ T8182] loop2: detected capacity change from 0 to 7
[  209.724549][ T8182] Dev loop2: unable to read RDB block 7
[  209.734506][ T8182]  loop2: unable to read partition table
[  209.742791][ T8182] loop2: partition table beyond EOD, truncated
[  209.748976][ T8182] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  210.069825][   T25] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  210.699679][   T25] usb 1-1: Using ep0 maxpacket: 32
[  210.708536][   T25] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  210.724035][   T25] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  210.749451][   T25] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  210.799491][   T46] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  210.827369][   T25] usb 1-1: Product: syz
[  210.939448][   T25] usb 1-1: Manufacturer: syz
[  210.960033][   T25] usb 1-1: SerialNumber: syz
[  211.121004][   T25] usb 1-1: config 0 descriptor??
[  211.126605][ T8189] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  211.156592][   T29] audit: type=1400 audit(1732239010.452:385): avc:  denied  { ioctl } for  pid=8219 comm="syz.4.463" path="socket:[17657]" dev="sockfs" ino=17657 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  211.253117][ T8221] netlink: 'syz.4.463': attribute type 8 has an invalid length.
[  211.275770][ T8221] netlink: 16 bytes leftover after parsing attributes in process `syz.4.463'.
[  211.348452][ T5887] usb 1-1: USB disconnect, device number 20
[  211.419817][ T5886] usb 4-1: USB disconnect, device number 19
[  211.430292][   T46] usb 2-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  211.440749][   T46] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  211.472223][   T46] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  211.481371][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  211.489831][   T46] usb 2-1: SerialNumber: syz
[  212.065247][ T8238] netlink: 6 bytes leftover after parsing attributes in process `syz.2.466'.
[  212.178032][   T46] usb 2-1: 0:2 : does not exist
[  212.209546][ T5886] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  212.401522][ T5886] usb 4-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  212.419463][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.439920][ T5886] usb 4-1: config 0 descriptor??
[  212.556930][ T8252] capability: warning: `syz.2.470' uses deprecated v2 capabilities in a way that may be insecure
[  212.609529][ T5915] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  212.658088][   T29] audit: type=1400 audit(1732239011.952:386): avc:  denied  { read write } for  pid=8251 comm="syz.2.470" name="file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  212.697022][ T8252] sd 0:0:1:0: PR command failed: 1026
[  212.703206][ T8252] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  212.713010][   T29] audit: type=1400 audit(1732239011.982:387): avc:  denied  { ioctl open } for  pid=8251 comm="syz.2.470" path="/96/file0/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  212.737471][ T8252] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  212.770543][ T5915] usb 1-1: Using ep0 maxpacket: 32
[  212.781689][ T5915] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  212.796239][ T5915] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  212.815165][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.851956][ T5915] usb 1-1: config 0 descriptor??
[  212.866302][ T5915] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  212.886920][ T5886] gs_usb 4-1:0.0: Configuring for 67 interfaces
[  212.893416][ T5886] gs_usb 4-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  212.909189][ T5886] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -22
[  213.366843][ T8262] netlink: 8 bytes leftover after parsing attributes in process `syz.3.464'.
[  213.375759][ T8262] netlink: 'syz.3.464': attribute type 3 has an invalid length.
[  214.050712][   T46] usb 2-1: USB disconnect, device number 13
[  214.170885][ T8266] binder: BINDER_SET_CONTEXT_MGR already set
[  214.177412][ T8266] binder: 8265:8266 ioctl 4018620d 20004a80 returned -16
[  214.251048][ T6065] udevd[6065]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  214.672887][    T9] libceph: connect (1)[c::]:6789 error -101
[  214.679081][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  214.940910][ T5887] libceph: connect (1)[c::]:6789 error -101
[  214.946954][ T5887] libceph: mon0 (1)[c::]:6789 connect error
[  214.998314][   T46] usb 4-1: USB disconnect, device number 20
[  215.068501][ T8284] FAULT_INJECTION: forcing a failure.
[  215.068501][ T8284] name failslab, interval 1, probability 0, space 0, times 0
[  215.081291][ T8284] CPU: 0 UID: 0 PID: 8284 Comm: syz.3.476 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  215.091534][ T8284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  215.101604][ T8284] Call Trace:
[  215.104861][ T8284]  <TASK>
[  215.107768][ T8284]  dump_stack_lvl+0x16c/0x1f0
[  215.112432][ T8284]  should_fail_ex+0x497/0x5b0
[  215.117093][ T8284]  should_failslab+0xc2/0x120
[  215.121747][ T8284]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  215.127098][ T8284]  ? dev_queue_xmit_nit+0x43/0xbc0
[  215.132192][ T8284]  ? skb_clone+0x190/0x3f0
[  215.136600][ T8284]  skb_clone+0x190/0x3f0
[  215.140842][ T8284]  dev_queue_xmit_nit+0x38f/0xbc0
[  215.145844][ T8284]  ? netif_skb_features+0x3b0/0xd50
[  215.151036][ T8284]  dev_hard_start_xmit+0x56/0x790
[  215.156045][ T8284]  ? __dev_queue_xmit+0x277/0x43e0
[  215.161143][ T8284]  __dev_queue_xmit+0x7ef/0x43e0
[  215.166088][ T8284]  ? __pfx___dev_queue_xmit+0x10/0x10
[  215.171450][ T8284]  ? __asan_memcpy+0x3c/0x60
[  215.176020][ T8284]  ? __asan_memcpy+0x3c/0x60
[  215.180610][ T8284]  ? __skb_clone+0x570/0x760
[  215.182052][ T8274] ceph: No mds server is up or the cluster is laggy
[  215.185199][ T8284]  netlink_deliver_tap+0xa87/0xd30
[  215.197038][ T8284]  netlink_unicast+0x5e1/0x7f0
[  215.201784][ T8284]  ? __pfx_netlink_unicast+0x10/0x10
[  215.207066][ T8284]  netlink_sendmsg+0x8b8/0xd70
[  215.211823][ T8284]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.217105][ T8284]  ____sys_sendmsg+0xaaf/0xc90
[  215.221850][ T8284]  ? copy_msghdr_from_user+0x10b/0x160
[  215.227286][ T8284]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.232557][ T8284]  ___sys_sendmsg+0x135/0x1e0
[  215.237213][ T8284]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.242405][ T8284]  ? __pfx_lock_release+0x10/0x10
[  215.247405][ T8284]  ? trace_lock_acquire+0x14a/0x1d0
[  215.252595][ T8284]  ? __fget_files+0x206/0x3a0
[  215.257283][ T8284]  __sys_sendmsg+0x16e/0x220
[  215.261850][ T8284]  ? __pfx___sys_sendmsg+0x10/0x10
[  215.266946][ T8284]  do_syscall_64+0xcd/0x250
[  215.271428][ T8284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.277303][ T8284] RIP: 0033:0x7f4b5c77e819
[  215.281691][ T8284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.301290][ T8284] RSP: 002b:00007f4b5d4e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  215.309682][ T8284] RAX: ffffffffffffffda RBX: 00007f4b5c935fa0 RCX: 00007f4b5c77e819
[  215.317639][ T8284] RDX: 0000000000000000 RSI: 0000000020001f80 RDI: 0000000000000003
[  215.325588][ T8284] RBP: 00007f4b5d4e6090 R08: 0000000000000000 R09: 0000000000000000
[  215.333533][ T8284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.341490][ T8284] R13: 0000000000000000 R14: 00007f4b5c935fa0 R15: 00007ffd037cc7d8
[  215.349454][ T8284]  </TASK>
[  215.723585][ T5887] libceph: connect (1)[c::]:6789 error -101
[  215.739899][ T5887] libceph: mon0 (1)[c::]:6789 connect error
[  215.825073][   T46] usb 1-1: USB disconnect, device number 21
[  215.978869][ T8293] netlink: 6 bytes leftover after parsing attributes in process `syz.3.479'.
[  216.639756][ T5915] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  216.846234][ T5915] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  216.889380][ T5915] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  216.956453][ T5915] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  216.987754][ T5915] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  217.016032][ T5915] usb 1-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  217.054095][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.083300][ T5915] usb 1-1: config 0 descriptor??
[  217.105910][ T5915] usbhid 1-1:0.0: can't add hid device: -22
[  217.445056][ T5915] usbhid 1-1:0.0: probe with driver usbhid failed with error -22
[  219.805136][   T29] audit: type=1400 audit(1732239018.462:388): avc:  denied  { name_bind } for  pid=8340 comm="syz.3.491" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  219.822633][ T5887] usb 1-1: USB disconnect, device number 22
[  219.919592][ T8007] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  220.294352][ T8356] netlink: 12 bytes leftover after parsing attributes in process `syz.0.495'.
[  220.872239][ T8007] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  220.879621][ T8007] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  220.890433][ T8007] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.901546][ T8007] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  220.914708][ T8007] usb 3-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  220.923839][ T8007] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.937677][   T29] audit: type=1400 audit(1732239020.232:389): avc:  denied  { write } for  pid=5191 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  220.959087][    C0] vkms_vblank_simulate: vblank timer overrun
[  220.965435][   T29] audit: type=1400 audit(1732239020.232:390): avc:  denied  { remove_name } for  pid=5191 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  220.988474][   T29] audit: type=1400 audit(1732239020.232:391): avc:  denied  { add_name } for  pid=5191 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  221.010918][    C0] vkms_vblank_simulate: vblank timer overrun
[  221.104902][ T8369] bridge1: entered allmulticast mode
[  221.229545][ T8007] usb 3-1: config 0 descriptor??
[  221.512791][ T8007] usbhid 3-1:0.0: can't add hid device: -22
[  221.518813][ T8007] usbhid 3-1:0.0: probe with driver usbhid failed with error -22
[  221.599596][   T29] audit: type=1400 audit(1732239020.592:392): avc:  denied  { listen } for  pid=8365 comm="syz.4.496" path=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  221.671193][ T5915] usb 3-1: USB disconnect, device number 10
[  222.001280][   T29] audit: type=1400 audit(1732239020.622:393): avc:  denied  { ioctl } for  pid=8365 comm="syz.4.496" path="socket:[18062]" dev="sockfs" ino=18062 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  222.098506][ T8373] mac80211_hwsim hwsim4 wlan1: entered allmulticast mode
[  223.280678][ T5887] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  223.620637][ T5887] usb 4-1: config 0 descriptor has 1 excess byte, ignoring
[  223.649138][ T5887] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  223.674907][ T5887] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.706041][ T5887] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  223.724810][ T5887] usb 4-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  223.741897][ T5887] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.759554][  T965] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  223.770329][   T46] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  223.771344][ T5887] usb 4-1: config 0 descriptor??
[  223.788300][ T5887] usbhid 4-1:0.0: can't add hid device: -22
[  223.796643][ T5887] usbhid 4-1:0.0: probe with driver usbhid failed with error -22
[  223.899610][ T5915] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  223.931112][   T46] usb 1-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  223.941673][   T46] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  223.951734][   T46] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  223.959663][  T965] usb 5-1: Using ep0 maxpacket: 32
[  223.961345][   T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  223.968536][  T965] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  223.977131][   T46] usb 1-1: SerialNumber: syz
[  223.993038][  T965] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  224.006273][  T965] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  224.014708][  T965] usb 5-1: Product: syz
[  224.018876][  T965] usb 5-1: Manufacturer: syz
[  224.026085][  T965] usb 5-1: SerialNumber: syz
[  224.035480][  T965] usb 5-1: config 0 descriptor??
[  224.044761][ T8409] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  224.061786][ T5915] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  224.082126][ T5915] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  224.113292][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  224.129688][ T5915] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  224.147239][ T5915] usb 3-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  224.158708][ T5915] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.180419][ T5915] usb 3-1: config 0 descriptor??
[  224.188477][ T5915] usbhid 3-1:0.0: can't add hid device: -22
[  224.197361][ T5915] usbhid 3-1:0.0: probe with driver usbhid failed with error -22
[  224.254143][   T46] usb 1-1: 0:2 : does not exist
[  224.303500][   T29] audit: type=1400 audit(1732239023.602:394): avc:  denied  { map } for  pid=8408 comm="syz.4.503" path="/dev/chaoskey0" dev="devtmpfs" ino=2959 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  224.320312][  T965] usb 5-1: USB disconnect, device number 12
[  224.726588][ T8422] netlink: 'syz.1.506': attribute type 10 has an invalid length.
[  224.734508][ T8422] netlink: 40 bytes leftover after parsing attributes in process `syz.1.506'.
[  225.134018][   T29] audit: type=1400 audit(1732239024.422:395): avc:  denied  { getopt } for  pid=8425 comm="syz.4.507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  225.165724][ T5915] usb 4-1: USB disconnect, device number 21
[  225.217019][   T29] audit: type=1400 audit(1732239024.432:396): avc:  denied  { create } for  pid=8425 comm="syz.4.507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  225.671854][   T29] audit: type=1400 audit(1732239024.462:397): avc:  denied  { getopt } for  pid=8425 comm="syz.4.507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  225.899339][   T46] usb 1-1: USB disconnect, device number 23
[  225.912870][ T8439] netlink: 6 bytes leftover after parsing attributes in process `syz.3.511'.
[  227.235994][ T5850] Bluetooth: hci4: command 0x0406 tx timeout
[  227.362268][ T5845] udevd[5845]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  227.390006][ T5887] usb 3-1: USB disconnect, device number 11
[  227.805365][   T29] audit: type=1400 audit(1732239026.922:398): avc:  denied  { ioctl } for  pid=8455 comm="syz.0.518" path="/dev/usbmon0" dev="devtmpfs" ino=716 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  228.974644][ T8478] netlink: 'syz.2.519': attribute type 10 has an invalid length.
[  228.983624][ T8478] netlink: 40 bytes leftover after parsing attributes in process `syz.2.519'.
[  229.230583][ T8478] team0: Port device geneve0 added
[  229.730161][   T46] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  229.986006][ T8504] 9pnet_fd: Insufficient options for proto=fd
[  231.119475][   T46] usb 4-1: Using ep0 maxpacket: 32
[  231.129768][   T46] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  231.141593][   T46] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  231.151784][   T46] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  231.161641][   T46] usb 4-1: Product: syz
[  231.170906][   T46] usb 4-1: Manufacturer: syz
[  231.185670][   T46] usb 4-1: SerialNumber: syz
[  231.198981][   T46] usb 4-1: config 0 descriptor??
[  231.205451][ T8492] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  231.289477][ T5915] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  231.313347][ T8515] netlink: 40 bytes leftover after parsing attributes in process `syz.0.529'.
[  231.369906][ T5887] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  231.440912][ T5915] usb 5-1: config 0 descriptor has 1 excess byte, ignoring
[  231.463214][ T5915] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  231.490047][ T5915] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.514960][ T5915] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  231.519546][ T5887] usb 3-1: Using ep0 maxpacket: 32
[  231.548319][ T5915] usb 5-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  231.548597][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.568145][ T5915] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.573966][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.597044][ T5915] usb 5-1: config 0 descriptor??
[  231.604662][ T5887] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  231.612070][ T5915] usbhid 5-1:0.0: can't add hid device: -22
[  231.625002][ T5887] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.640911][ T5915] usbhid 5-1:0.0: probe with driver usbhid failed with error -22
[  231.643167][ T5887] usb 3-1: config 0 descriptor??
[  232.133685][    C0] raw-gadget.2 gadget.2: ignoring, device is not running
[  232.150283][ T5887] usbhid 3-1:0.0: can't add hid device: -71
[  232.158627][ T5887] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  232.172457][ T5887] usb 3-1: USB disconnect, device number 12
[  232.754496][ T8531] netlink: 12 bytes leftover after parsing attributes in process `syz.0.532'.
[  232.880654][  T965] usb 4-1: USB disconnect, device number 22
[  233.386053][ T8540] netlink: 'syz.1.535': attribute type 10 has an invalid length.
[  233.394069][ T8540] netlink: 40 bytes leftover after parsing attributes in process `syz.1.535'.
[  233.581861][   T46] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  233.823623][ T8546] FAULT_INJECTION: forcing a failure.
[  233.823623][ T8546] name failslab, interval 1, probability 0, space 0, times 0
[  233.836335][ T8546] CPU: 0 UID: 0 PID: 8546 Comm: syz.2.539 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  233.846585][ T8546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  233.856657][ T8546] Call Trace:
[  233.859956][ T8546]  <TASK>
[  233.862898][ T8546]  dump_stack_lvl+0x16c/0x1f0
[  233.867596][ T8546]  should_fail_ex+0x497/0x5b0
[  233.872279][ T8546]  should_failslab+0xc2/0x120
[  233.876945][ T8546]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  233.882309][ T8546]  ? dev_queue_xmit_nit+0x43/0xbc0
[  233.887394][ T8546]  ? skb_clone+0x190/0x3f0
[  233.891805][ T8546]  skb_clone+0x190/0x3f0
[  233.896059][ T8546]  dev_queue_xmit_nit+0x38f/0xbc0
[  233.901103][ T8546]  ? netif_skb_features+0x3b0/0xd50
[  233.906301][ T8546]  dev_hard_start_xmit+0x56/0x790
[  233.911319][ T8546]  ? __dev_queue_xmit+0x277/0x43e0
[  233.916430][ T8546]  __dev_queue_xmit+0x7ef/0x43e0
[  233.921353][ T8546]  ? __pfx___dev_queue_xmit+0x10/0x10
[  233.926711][ T8546]  ? __asan_memcpy+0x3c/0x60
[  233.931291][ T8546]  ? __asan_memcpy+0x3c/0x60
[  233.935889][ T8546]  ? __skb_clone+0x570/0x760
[  233.940489][ T8546]  netlink_deliver_tap+0xa87/0xd30
[  233.945610][ T8546]  netlink_unicast+0x5e1/0x7f0
[  233.950360][ T8546]  ? __pfx_netlink_unicast+0x10/0x10
[  233.955634][ T8546]  netlink_sendmsg+0x8b8/0xd70
[  233.960385][ T8546]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.965659][ T8546]  ____sys_sendmsg+0xaaf/0xc90
[  233.970413][ T8546]  ? copy_msghdr_from_user+0x10b/0x160
[  233.975855][ T8546]  ? __pfx_____sys_sendmsg+0x10/0x10
[  233.981136][ T8546]  ___sys_sendmsg+0x135/0x1e0
[  233.985797][ T8546]  ? __pfx____sys_sendmsg+0x10/0x10
[  233.990992][ T8546]  ? __pfx_lock_release+0x10/0x10
[  233.996001][ T8546]  ? trace_lock_acquire+0x14a/0x1d0
[  234.001194][ T8546]  ? __fget_files+0x206/0x3a0
[  234.005862][ T8546]  __sys_sendmsg+0x16e/0x220
[  234.010438][ T8546]  ? __pfx___sys_sendmsg+0x10/0x10
[  234.015548][ T8546]  do_syscall_64+0xcd/0x250
[  234.020055][ T8546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.025939][ T8546] RIP: 0033:0x7ff527f7e819
[  234.030343][ T8546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.049946][ T8546] RSP: 002b:00007ff528ca4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  234.058344][ T8546] RAX: ffffffffffffffda RBX: 00007ff528135fa0 RCX: 00007ff527f7e819
[  234.066298][ T8546] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  234.074253][ T8546] RBP: 00007ff528ca4090 R08: 0000000000000000 R09: 0000000000000000
[  234.082209][ T8546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.090180][ T8546] R13: 0000000000000000 R14: 00007ff528135fa0 R15: 00007fffe8d94318
[  234.098153][ T8546]  </TASK>
[  234.101226][    C0] vkms_vblank_simulate: vblank timer overrun
[  234.111587][ T8546] netlink: 72 bytes leftover after parsing attributes in process `syz.2.539'.
[  234.129649][ T8546] netlink: 72 bytes leftover after parsing attributes in process `syz.2.539'.
[  234.159119][ T5915] usb 5-1: USB disconnect, device number 13
[  234.166786][   T46] usb 1-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  234.178912][   T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.193948][   T46] usb 1-1: config 0 descriptor??
[  234.431681][   T29] audit: type=1400 audit(1732239033.732:399): avc:  denied  { write } for  pid=8554 comm="syz.2.543" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  234.457323][ T8555] netlink: 'syz.2.543': attribute type 4 has an invalid length.
[  234.472172][ T8555] netlink: 'syz.2.543': attribute type 17 has an invalid length.
[  234.480234][   T29] audit: type=1400 audit(1732239033.772:400): avc:  denied  { accept } for  pid=8554 comm="syz.2.543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  234.582085][ T8559] overlayfs: failed to resolve './file0': -2
[  234.641672][ T8559] rdma_op ffff88807b84d1f0 conn xmit_rdma 0000000000000000
[  234.917127][   T46] gs_usb 1-1:0.0: Configuring for 67 interfaces
[  234.923527][   T46] gs_usb 1-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  234.931512][   T46] gs_usb 1-1:0.0: probe with driver gs_usb failed with error -22
[  235.359098][ T8574] netlink: 8 bytes leftover after parsing attributes in process `syz.0.536'.
[  235.368511][ T8574] netlink: 'syz.0.536': attribute type 3 has an invalid length.
[  236.958598][  T965] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  237.116415][ T5915] usb 1-1: USB disconnect, device number 24
[  237.235797][  T965] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  237.424240][  T965] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.447864][  T965] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  237.462162][  T965] usb 4-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[  237.471666][  T965] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.534680][  T965] usb 4-1: config 0 descriptor??
[  237.552091][   T29] audit: type=1400 audit(1732239036.852:401): avc:  denied  { setopt } for  pid=8587 comm="syz.1.551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  237.679702][ T8007] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  238.440861][ T5915] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  238.453430][  T965] hid-udraw 0003:20D6:CB17.0004: item fetching failed at offset 3/7
[  238.463448][  T965] hid-udraw 0003:20D6:CB17.0004: parse failed
[  238.471035][  T965] hid-udraw 0003:20D6:CB17.0004: probe with driver hid-udraw failed with error -22
[  238.491842][  T965] usb 4-1: USB disconnect, device number 23
[  238.556749][ T8007] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  238.564191][ T8007] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  238.583985][ T8007] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  238.692104][ T8007] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  238.705753][ T8007] usb 3-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  238.719430][ T8007] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.763520][ T5915] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  238.766729][ T8007] usb 3-1: config 0 descriptor??
[  238.772807][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.272448][ T5915] usb 1-1: Product: syz
[  239.277516][ T5915] usb 1-1: Manufacturer: syz
[  239.282201][ T5915] usb 1-1: SerialNumber: syz
[  239.469557][ T5915] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  239.528452][   T46] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  239.623757][ T8007] usbhid 3-1:0.0: can't add hid device: -22
[  239.696426][ T8007] usbhid 3-1:0.0: probe with driver usbhid failed with error -22
[  240.254783][ T8596] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8596 comm=syz.0.553
[  240.319691][ T8007] usb 1-1: USB disconnect, device number 25
[  240.650649][ T8614] syz.1.558 (8614): drop_caches: 2
[  240.657471][ T8611] syz.1.558 (8611): drop_caches: 2
[  240.657841][ T8614] syz.1.558 (8614): drop_caches: 2
[  240.663230][   T46] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  240.675278][   T46] ath9k_htc: Failed to initialize the device
[  240.686537][ T8007] usb 1-1: ath9k_htc: USB layer deinitialized
[  241.034864][ T8007] usb 3-1: USB disconnect, device number 13
[  241.557225][   T46] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  242.599555][   T46] usb 2-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  242.608815][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.629771][   T46] usb 2-1: config 0 descriptor??
[  243.050085][   T46] gs_usb 2-1:0.0: Configuring for 67 interfaces
[  243.056446][   T46] gs_usb 2-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  243.087784][   T46] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -22
[  243.212656][ T8659] 9pnet_fd: Insufficient options for proto=fd
[  243.672112][ T8661] netlink: 8 bytes leftover after parsing attributes in process `syz.1.563'.
[  243.681210][ T8661] netlink: 'syz.1.563': attribute type 3 has an invalid length.
[  244.417253][ T8667] process 'syz.4.571' launched './file0' with NULL argv: empty string added
[  244.466007][   T29] audit: type=1400 audit(1732239043.722:402): avc:  denied  { execute_no_trans } for  pid=8664 comm="syz.4.571" path="/126/file0" dev="tmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  244.489237][    C1] vkms_vblank_simulate: vblank timer overrun
[  244.518943][   T29] audit: type=1400 audit(1732239043.752:403): avc:  denied  { name_bind } for  pid=8664 comm="syz.4.571" src=768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=udp_socket permissive=1
[  244.869331][    T9] usb 2-1: USB disconnect, device number 14
[  245.467165][   T29] audit: type=1400 audit(1732239044.422:404): avc:  denied  { create } for  pid=8670 comm="syz.2.573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  245.508653][   T29] audit: type=1400 audit(1732239044.422:405): avc:  denied  { connect } for  pid=8670 comm="syz.2.573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  245.558839][   T29] audit: type=1400 audit(1732239044.852:406): avc:  denied  { getopt } for  pid=8681 comm="syz.4.577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  245.665683][   T29] audit: type=1400 audit(1732239044.942:407): avc:  denied  { write } for  pid=8683 comm="syz.1.578" path="socket:[18897]" dev="sockfs" ino=18897 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  245.841052][    T9] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  246.149978][ T8682] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  246.175520][ T8690] FAULT_INJECTION: forcing a failure.
[  246.175520][ T8690] name failslab, interval 1, probability 0, space 0, times 0
[  246.191931][ T8690] CPU: 1 UID: 0 PID: 8690 Comm: syz.0.580 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  246.202192][ T8690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  246.212226][ T8690] Call Trace:
[  246.215482][ T8690]  <TASK>
[  246.218391][ T8690]  dump_stack_lvl+0x16c/0x1f0
[  246.223050][ T8690]  should_fail_ex+0x497/0x5b0
[  246.227705][ T8690]  ? fs_reclaim_acquire+0xae/0x150
[  246.232796][ T8690]  should_failslab+0xc2/0x120
[  246.237448][ T8690]  kmem_cache_alloc_node_noprof+0x71/0x310
[  246.243231][ T8690]  ? __alloc_skb+0x2b1/0x380
[  246.247796][ T8690]  __alloc_skb+0x2b1/0x380
[  246.252197][ T8690]  ? __pfx___alloc_skb+0x10/0x10
[  246.257116][ T8690]  ? selinux_socket_getpeersec_dgram+0x1a5/0x370
[  246.263425][ T8690]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  246.270091][ T8690]  netlink_alloc_large_skb+0x69/0x130
[  246.275443][ T8690]  netlink_sendmsg+0x689/0xd70
[  246.280182][ T8690]  ? __pfx_netlink_sendmsg+0x10/0x10
[  246.285447][ T8690]  ____sys_sendmsg+0xaaf/0xc90
[  246.290194][ T8690]  ? copy_msghdr_from_user+0x10b/0x160
[  246.295656][ T8690]  ? __pfx_____sys_sendmsg+0x10/0x10
[  246.300925][ T8690]  ___sys_sendmsg+0x135/0x1e0
[  246.305583][ T8690]  ? __pfx____sys_sendmsg+0x10/0x10
[  246.310774][ T8690]  ? __pfx_lock_release+0x10/0x10
[  246.315772][ T8690]  ? trace_lock_acquire+0x14a/0x1d0
[  246.320949][ T8690]  ? __fget_files+0x206/0x3a0
[  246.325607][ T8690]  __sys_sendmsg+0x16e/0x220
[  246.330176][ T8690]  ? __pfx___sys_sendmsg+0x10/0x10
[  246.335270][ T8690]  do_syscall_64+0xcd/0x250
[  246.339753][ T8690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.345621][ T8690] RIP: 0033:0x7fac7117e819
[  246.350012][ T8690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.369602][ T8690] RSP: 002b:00007fac71ffc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  246.377987][ T8690] RAX: ffffffffffffffda RBX: 00007fac71335fa0 RCX: 00007fac7117e819
[  246.385940][ T8690] RDX: 0000000000040400 RSI: 0000000020000000 RDI: 0000000000000003
[  246.393920][ T8690] RBP: 00007fac71ffc090 R08: 0000000000000000 R09: 0000000000000000
[  246.401864][ T8690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.409820][ T8690] R13: 0000000000000000 R14: 00007fac71335fa0 R15: 00007ffcd9d3de88
[  246.417771][ T8690]  </TASK>
[  246.420826][    C1] vkms_vblank_simulate: vblank timer overrun
[  246.485198][ T8682] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  246.496841][ T8682] bond0 (unregistering): Released all slaves
[  246.957741][    T9] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  246.965135][    T9] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  246.976928][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.976957][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  246.976989][    T9] usb 3-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  246.977011][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.006832][    T9] usb 3-1: config 0 descriptor??
[  247.105547][    T9] usbhid 3-1:0.0: can't add hid device: -22
[  247.105613][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -22
[  248.313211][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  248.326654][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  248.431904][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  248.665635][ T8007] usb 3-1: USB disconnect, device number 14
[  248.681595][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  248.699568][ T5850] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  248.720822][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  248.915967][ T8715] chnl_net:caif_netlink_parms(): no params data found
[  248.979860][ T8715] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.987476][ T8715] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.994788][ T8715] bridge_slave_0: entered allmulticast mode
[  249.002116][ T8715] bridge_slave_0: entered promiscuous mode
[  249.009278][ T8715] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.016842][ T8715] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.024079][ T8715] bridge_slave_1: entered allmulticast mode
[  249.030611][ T8715] bridge_slave_1: entered promiscuous mode
[  249.036788][ T8735] netlink: 8 bytes leftover after parsing attributes in process `syz.0.593'.
[  249.068061][ T8715] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  249.079454][ T8007] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  249.090151][ T5887] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  249.110719][ T8715] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  249.152437][ T8715] team0: Port device team_slave_0 added
[  249.164774][ T8715] team0: Port device team_slave_1 added
[  249.190241][ T8715] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.197218][ T8715] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.223649][    C1] vkms_vblank_simulate: vblank timer overrun
[  249.252783][ T5887] usb 5-1: Using ep0 maxpacket: 32
[  249.260765][ T8715] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.260893][ T8007] usb 3-1: Using ep0 maxpacket: 32
[  249.302567][ T5887] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.316342][ T8715] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.319570][ T5887] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.336994][ T5887] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  249.348236][ T8007] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  249.359169][ T8715] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.359272][ T5887] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.385144][    C1] vkms_vblank_simulate: vblank timer overrun
[  249.401598][ T8007] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  249.411607][ T8007] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  249.413870][ T8715] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.439472][ T8007] usb 3-1: Product: syz
[  249.445237][ T5887] usb 5-1: config 0 descriptor??
[  249.472119][ T8007] usb 3-1: Manufacturer: syz
[  249.476775][ T8007] usb 3-1: SerialNumber: syz
[  249.485494][ T8007] usb 3-1: config 0 descriptor??
[  249.500241][ T8725] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  249.544552][ T8715] hsr_slave_0: entered promiscuous mode
[  249.553162][ T8715] hsr_slave_1: entered promiscuous mode
[  249.563264][ T8715] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  249.572324][ T8715] Cannot create hsr debugfs directory
[  249.739827][ T5915] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  249.777475][ T8715] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  249.794799][ T8715] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  249.813977][ T8715] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  249.815787][ T8007] usb 3-1: USB disconnect, device number 15
[  249.833666][ T8715] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  249.869926][ T8715] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.877161][ T8715] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.885269][ T8715] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.892330][ T8715] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.920080][ T5915] usb 4-1: Using ep0 maxpacket: 32
[  249.926488][ T5915] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.927340][ T5887] usbhid 5-1:0.0: can't add hid device: -71
[  249.939121][ T5915] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.948983][ T5887] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  249.956575][ T5915] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  249.968772][ T5887] usb 5-1: USB disconnect, device number 14
[  249.977663][ T2900] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.981281][ T5915] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.997102][ T2900] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.006805][ T5915] usb 4-1: config 0 descriptor??
[  250.053752][ T8715] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.107730][ T8715] 8021q: adding VLAN 0 to HW filter on device team0
[  250.128383][ T6520] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.135506][ T6520] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.151616][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.158704][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.321666][ T8715] 8021q: adding VLAN 0 to HW filter on device batadv0
[  250.422041][ T5915] usbhid 4-1:0.0: can't add hid device: -71
[  250.430250][ T5915] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  250.476196][ T5915] usb 4-1: USB disconnect, device number 24
[  250.914581][ T5850] Bluetooth: hci4: command tx timeout
[  251.426934][ T8715] veth0_vlan: entered promiscuous mode
[  251.438507][ T8715] veth1_vlan: entered promiscuous mode
[  251.480068][    T9] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  251.637059][ T8715] veth0_macvtap: entered promiscuous mode
[  251.692511][    T9] usb 5-1: Using ep0 maxpacket: 16
[  251.710650][    T9] usb 5-1: config 0 has an invalid interface number: 16 but max is 0
[  251.725925][ T8715] veth1_macvtap: entered promiscuous mode
[  251.790629][    T9] usb 5-1: config 0 has no interface number 0
[  251.997674][ T8715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  252.008336][    T9] usb 5-1: config 0 interface 16 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  252.040029][    T9] usb 5-1: config 0 interface 16 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  252.051496][ T8715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.062276][ T8715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  252.075798][ T8715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.086624][    T9] usb 5-1: New USB device found, idVendor=05ab, idProduct=0351, bcdDevice= 1.04
[  252.096042][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.104059][    T9] usb 5-1: Product: syz
[  252.108190][    T9] usb 5-1: Manufacturer: syz
[  252.112935][    T9] usb 5-1: SerialNumber: syz
[  252.118138][ T8715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  252.130156][    T9] usb 5-1: config 0 descriptor??
[  252.135669][ T8755] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  252.143433][ T8755] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  252.153181][ T8715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.164728][    T9] ums-isd200 5-1:0.16: USB Mass Storage device detected
[  252.260034][ T8007] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  252.569894][ T8715] batman_adv: batadv0: Interface activated: batadv_slave_0
[  252.780981][ T8715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.797468][ T8715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.837834][ T8715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.850239][ T8715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.860707][ T8715] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.871651][ T8715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.883992][ T8715] batman_adv: batadv0: Interface activated: batadv_slave_1
[  252.902143][ T8715] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.911843][ T8715] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.921889][ T8715] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.945563][ T8715] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.969927][ T5850] Bluetooth: hci4: command tx timeout
[  252.990261][ T8007] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  253.002468][ T8007] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  253.013421][ T8007] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.024556][ T8007] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  253.037946][ T8007] usb 1-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  253.039648][   T29] audit: type=1400 audit(1732239052.332:408): avc:  denied  { create } for  pid=8779 comm="syz.2.604" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  253.047328][ T8007] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.091170][ T8007] usb 1-1: config 0 descriptor??
[  253.179587][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.187872][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.204817][   T29] audit: type=1400 audit(1732239052.382:409): avc:  denied  { bind } for  pid=8779 comm="syz.2.604" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  253.253245][ T8007] usbhid 1-1:0.0: can't add hid device: -22
[  253.259228][ T8007] usbhid 1-1:0.0: probe with driver usbhid failed with error -22
[  253.286499][    T9] scsi host1: usb-storage 5-1:0.16
[  253.303286][    T9] usb 5-1: USB disconnect, device number 15
[  253.915334][ T8786] netlink: 'syz.3.603': attribute type 12 has an invalid length.
[  253.923298][ T8786] netlink: 244 bytes leftover after parsing attributes in process `syz.3.603'.
[  254.059650][   T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.094253][   T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.169588][   T29] audit: type=1400 audit(1732239053.462:410): avc:  denied  { mounton } for  pid=8715 comm="syz-executor" path="/root/syzkaller.8gux8e/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  254.304112][ T8798] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  254.324831][ T8798] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  254.349224][ T8798] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  254.628756][ T8813] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  254.847270][ T5850] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  255.121627][ T5850] Bluetooth: hci4: command tx timeout
[  255.332010][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  255.338560][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  255.411710][ T8007] usb 1-1: USB disconnect, device number 26
[  255.596112][ T8825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.611'.
[  256.221461][ T8834] overlayfs: missing 'lowerdir'
[  256.619507][   T46] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  256.652393][   T25] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  256.743432][   T29] audit: type=1400 audit(1732239056.042:411): avc:  denied  { connect } for  pid=8848 comm="syz.3.617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  256.776638][   T29] audit: type=1400 audit(1732239056.072:412): avc:  denied  { write } for  pid=8848 comm="syz.3.617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  256.883171][   T46] usb 6-1: Using ep0 maxpacket: 16
[  256.888443][   T25] usb 1-1: Using ep0 maxpacket: 32
[  256.952732][   T46] usb 6-1: config 0 has an invalid interface number: 16 but max is 0
[  256.961043][   T46] usb 6-1: config 0 has no interface number 0
[  256.967808][   T46] usb 6-1: config 0 interface 16 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  256.978351][   T46] usb 6-1: config 0 interface 16 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  257.017916][   T25] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  257.069641][   T46] usb 6-1: New USB device found, idVendor=05ab, idProduct=0351, bcdDevice= 1.04
[  257.079347][   T46] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.089924][   T46] usb 6-1: Product: syz
[  257.094098][   T46] usb 6-1: Manufacturer: syz
[  257.098700][   T46] usb 6-1: SerialNumber: syz
[  257.105290][   T46] usb 6-1: config 0 descriptor??
[  257.110776][ T8841] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  257.118128][ T8841] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  257.146816][   T25] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  257.149502][ T5850] Bluetooth: hci4: command tx timeout
[  257.155901][   T25] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  257.169482][   T25] usb 1-1: Product: syz
[  257.173645][   T25] usb 1-1: Manufacturer: syz
[  257.178917][   T25] usb 1-1: SerialNumber: syz
[  257.185023][   T46] ums-isd200 6-1:0.16: USB Mass Storage device detected
[  257.194666][   T25] usb 1-1: config 0 descriptor??
[  257.200229][ T8840] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  257.456177][   T46] scsi host1: usb-storage 6-1:0.16
[  257.494818][ T8892] netlink: 8 bytes leftover after parsing attributes in process `syz.3.618'.
[  257.507343][ T5887] usb 1-1: USB disconnect, device number 27
[  257.593443][   T46] usb 6-1: USB disconnect, device number 2
[  257.841594][ T8900] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  257.866458][ T8900] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  257.896978][ T8900] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  257.920619][   T29] audit: type=1400 audit(1732239057.222:413): avc:  denied  { bind } for  pid=8894 comm="syz.3.619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  257.969076][ T8895] tipc: Started in network mode
[  257.994900][ T8895] tipc: Node identity ffffffff, cluster identity 4711
[  258.031253][ T8895] tipc: Node number set to 4294967295
[  258.349479][ T5886] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  258.431792][ T8911] netlink: 'syz.0.623': attribute type 10 has an invalid length.
[  258.439819][ T8911] netlink: 40 bytes leftover after parsing attributes in process `syz.0.623'.
[  258.792217][ T5886] usb 6-1: config 0 descriptor has 1 excess byte, ignoring
[  258.828287][ T8911] team0: Port device geneve0 added
[  258.836080][ T5886] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  259.292576][ T5886] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.303723][ T5886] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  259.316777][ T5886] usb 6-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  259.325830][ T5886] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.381009][ T5886] usb 6-1: config 0 descriptor??
[  259.391393][ T5886] usbhid 6-1:0.0: can't add hid device: -22
[  259.412031][ T5886] usbhid 6-1:0.0: probe with driver usbhid failed with error -22
[  261.327006][ T8938] FAULT_INJECTION: forcing a failure.
[  261.327006][ T8938] name failslab, interval 1, probability 0, space 0, times 0
[  261.339793][ T8938] CPU: 0 UID: 0 PID: 8938 Comm: syz.2.630 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  261.350009][ T8938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  261.360038][ T8938] Call Trace:
[  261.363291][ T8938]  <TASK>
[  261.366196][ T8938]  dump_stack_lvl+0x16c/0x1f0
[  261.370866][ T8938]  should_fail_ex+0x497/0x5b0
[  261.375535][ T8938]  ? fs_reclaim_acquire+0xae/0x150
[  261.380650][ T8938]  should_failslab+0xc2/0x120
[  261.385307][ T8938]  __kmalloc_cache_node_noprof+0x6e/0x350
[  261.391038][ T8938]  ? __alloc_workqueue+0x694/0x1810
[  261.396216][ T8938]  __alloc_workqueue+0x694/0x1810
[  261.401223][ T8938]  alloc_workqueue+0xd3/0x200
[  261.405878][ T8938]  ? __pfx_alloc_workqueue+0x10/0x10
[  261.411146][ T8938]  hci_register_dev+0x1cf/0xc60
[  261.415990][ T8938]  hci_uart_tty_ioctl+0x7d0/0xc10
[  261.421009][ T8938]  ? __pfx_hci_uart_tty_ioctl+0x10/0x10
[  261.426534][ T8938]  tty_ioctl+0x6ee/0x15d0
[  261.430843][ T8938]  ? __pfx_tty_ioctl+0x10/0x10
[  261.435596][ T8938]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  261.442433][ T8938]  ? __pfx_lock_release+0x10/0x10
[  261.447435][ T8938]  ? trace_lock_acquire+0x14a/0x1d0
[  261.452624][ T8938]  ? selinux_file_ioctl+0x180/0x270
[  261.457814][ T8938]  ? selinux_file_ioctl+0xb4/0x270
[  261.462914][ T8938]  ? __pfx_tty_ioctl+0x10/0x10
[  261.467670][ T8938]  __x64_sys_ioctl+0x190/0x200
[  261.472475][ T8938]  do_syscall_64+0xcd/0x250
[  261.476961][ T8938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.482845][ T8938] RIP: 0033:0x7ff527f7e819
[  261.487234][ T8938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.506815][ T8938] RSP: 002b:00007ff528ca4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  261.515201][ T8938] RAX: ffffffffffffffda RBX: 00007ff528135fa0 RCX: 00007ff527f7e819
[  261.523148][ T8938] RDX: 0000000000000004 RSI: 00000000400455c8 RDI: 0000000000000003
[  261.531096][ T8938] RBP: 00007ff528ca4090 R08: 0000000000000000 R09: 0000000000000000
[  261.539051][ T8938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  261.546996][ T8938] R13: 0000000000000000 R14: 00007ff528135fa0 R15: 00007fffe8d94318
[  261.554953][ T8938]  </TASK>
[  261.558540][ T8938] Bluetooth: Can't register HCI device
[  261.630653][    T9] usb 6-1: USB disconnect, device number 3
[  262.231699][   T29] audit: type=1400 audit(1732239061.522:414): avc:  denied  { write } for  pid=8957 comm="syz.0.637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  262.251180][    C1] vkms_vblank_simulate: vblank timer overrun
[  262.257324][   T29] audit: type=1400 audit(1732239061.522:415): avc:  denied  { connect } for  pid=8957 comm="syz.0.637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  262.279825][    T9] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  262.426900][   T29] audit: type=1400 audit(1732239061.722:416): avc:  denied  { wake_alarm } for  pid=8957 comm="syz.0.637" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  262.601569][    T9] usb 6-1: Using ep0 maxpacket: 16
[  262.608678][   T29] audit: type=1326 audit(1732239061.902:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8960 comm="syz.3.638" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b5c77e819 code=0x0
[  262.638472][    T9] usb 6-1: config 0 has an invalid interface number: 16 but max is 0
[  262.662078][    T9] usb 6-1: config 0 has no interface number 0
[  262.675562][    T9] usb 6-1: config 0 interface 16 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  262.693014][    T9] usb 6-1: config 0 interface 16 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  262.721290][    T9] usb 6-1: New USB device found, idVendor=05ab, idProduct=0351, bcdDevice= 1.04
[  262.738778][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.773016][    T9] usb 6-1: Product: syz
[  262.783776][    T9] usb 6-1: Manufacturer: syz
[  262.797878][    T9] usb 6-1: SerialNumber: syz
[  262.959699][    T9] usb 6-1: config 0 descriptor??
[  262.965651][ T8945] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  262.973877][ T8945] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  262.980646][ T8970] FAULT_INJECTION: forcing a failure.
[  262.980646][ T8970] name failslab, interval 1, probability 0, space 0, times 0
[  262.990325][    T9] ums-isd200 6-1:0.16: USB Mass Storage device detected
[  263.082519][   T29] audit: type=1400 audit(1732239062.372:418): avc:  denied  { bind } for  pid=8960 comm="syz.3.638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  263.102631][    C1] vkms_vblank_simulate: vblank timer overrun
[  263.229048][ T8970] CPU: 1 UID: 0 PID: 8970 Comm: syz.2.641 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  263.239324][ T8970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  263.249383][ T8970] Call Trace:
[  263.252661][ T8970]  <TASK>
[  263.255587][ T8970]  dump_stack_lvl+0x16c/0x1f0
[  263.260272][ T8970]  should_fail_ex+0x497/0x5b0
[  263.264953][ T8970]  ? fs_reclaim_acquire+0xae/0x150
[  263.270070][ T8970]  should_failslab+0xc2/0x120
[  263.274747][ T8970]  __kmalloc_noprof+0xcb/0x400
[  263.279517][ T8970]  ? down_write_nested+0x152/0x210
[  263.284633][ T8970]  lsm_blob_alloc+0x68/0x90
[  263.289132][ T8970]  security_sb_alloc+0x28/0x230
[  263.293981][ T8970]  alloc_super+0x245/0xbd0
[  263.298395][ T8970]  ? lock_acquire+0x2f/0xb0
[  263.302899][ T8970]  ? __pfx_super_s_dev_test+0x10/0x10
[  263.308277][ T8970]  sget_fc+0x116/0xc20
[  263.312351][ T8970]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  263.318592][ T8970]  ? __pfx_super_s_dev_set+0x10/0x10
[  263.323878][ T8970]  get_tree_bdev_flags+0x1bc/0x620
[  263.328996][ T8970]  ? __pfx_qnx4_fill_super+0x10/0x10
[  263.334290][ T8970]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  263.339927][ T8970]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  263.345567][ T8970]  ? __raw_spin_lock_init+0x3a/0x110
[  263.350884][ T8970]  ? cap_capable+0x1cf/0x240
[  263.355477][ T8970]  ? bpf_lsm_capable+0x9/0x10
[  263.360161][ T8970]  vfs_get_tree+0x8f/0x380
[  263.364584][ T8970]  path_mount+0x14e6/0x1f20
[  263.369091][ T8970]  ? kmem_cache_free+0x152/0x4b0
[  263.374034][ T8970]  ? __pfx_path_mount+0x10/0x10
[  263.378892][ T8970]  ? putname+0x13c/0x180
[  263.383151][ T8970]  __x64_sys_mount+0x294/0x320
[  263.387921][ T8970]  ? __pfx___x64_sys_mount+0x10/0x10
[  263.393219][ T8970]  do_syscall_64+0xcd/0x250
[  263.397736][ T8970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.403642][ T8970] RIP: 0033:0x7ff527f7e819
[  263.408060][ T8970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.427676][ T8970] RSP: 002b:00007ff528ca4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  263.436098][ T8970] RAX: ffffffffffffffda RBX: 00007ff528135fa0 RCX: 00007ff527f7e819
[  263.444074][ T8970] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000020000080
[  263.452074][ T8970] RBP: 00007ff528ca4090 R08: 0000000000000000 R09: 0000000000000000
[  263.460044][ T8970] R10: 0000000000208000 R11: 0000000000000246 R12: 0000000000000002
[  263.468191][ T8970] R13: 0000000000000001 R14: 00007ff528135fa0 R15: 00007fffe8d94318
[  263.476181][ T8970]  </TASK>
[  263.479282][    C1] vkms_vblank_simulate: vblank timer overrun
[  263.909621][    T9] scsi host1: usb-storage 6-1:0.16
[  263.922608][    T9] usb 6-1: USB disconnect, device number 4
[  264.483898][   T29] audit: type=1400 audit(1732239063.762:419): avc:  denied  { map } for  pid=8989 comm="syz.4.645" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  264.849493][   T25] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  265.130918][   T25] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  265.138215][   T25] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  265.149020][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.174449][   T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  265.210217][   T25] usb 1-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  265.219302][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.239043][   T25] usb 1-1: config 0 descriptor??
[  265.239539][ T8007] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  265.254690][   T25] usbhid 1-1:0.0: can't add hid device: -22
[  265.262287][   T25] usbhid 1-1:0.0: probe with driver usbhid failed with error -22
[  265.409557][ T8007] usb 4-1: Using ep0 maxpacket: 32
[  265.419086][ T8007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.439597][   T46] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  265.439721][ T8007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  265.489677][ T8007] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  265.506636][ T8007] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.528098][ T8007] usb 4-1: config 0 descriptor??
[  265.553323][ T9011] netlink: 'syz.4.654': attribute type 41 has an invalid length.
[  265.564504][ T9011] netlink: 8 bytes leftover after parsing attributes in process `syz.4.654'.
[  265.615819][   T46] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  265.625083][   T46] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  265.652002][   T46] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  265.671352][   T46] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  265.699421][   T46] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  265.720858][   T46] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  265.731309][   T46] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  265.751300][   T46] usb 3-1: Product: syz
[  265.755476][   T46] usb 3-1: Manufacturer: syz
[  265.773455][   T46] cdc_wdm 3-1:1.0: skipping garbage
[  265.785729][   T46] cdc_wdm 3-1:1.0: skipping garbage
[  265.846357][   T46] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  265.878436][   T46] cdc_wdm 3-1:1.0: Unknown control protocol
[  266.122128][ T9017] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  266.324162][ T8007] usbhid 4-1:0.0: can't add hid device: -71
[  266.353620][ T8007] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  266.773890][ T8007] usb 4-1: USB disconnect, device number 25
[  266.908050][    T9] usb 1-1: USB disconnect, device number 28
[  267.885843][   T29] audit: type=1400 audit(1732239066.582:420): avc:  denied  { create } for  pid=9025 comm="syz.0.660" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  267.977425][   T29] audit: type=1400 audit(1732239066.582:421): avc:  denied  { write } for  pid=9025 comm="syz.0.660" name="file0" dev="tmpfs" ino=712 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  268.202092][   T29] audit: type=1400 audit(1732239066.582:422): avc:  denied  { open } for  pid=9025 comm="syz.0.660" path="/126/file0" dev="tmpfs" ino=712 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  268.228509][   T25] usb 3-1: USB disconnect, device number 16
[  268.247811][   T29] audit: type=1400 audit(1732239066.592:423): avc:  denied  { ioctl } for  pid=9025 comm="syz.0.660" path="/126/file0" dev="tmpfs" ino=712 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  269.017547][   T29] audit: type=1400 audit(1732239068.282:424): avc:  denied  { unlink } for  pid=5834 comm="syz-executor" name="file0" dev="tmpfs" ino=712 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  271.076265][ T9089] netlink: 4 bytes leftover after parsing attributes in process `syz.2.673'.
[  271.085285][ T9089] netlink: 24 bytes leftover after parsing attributes in process `syz.2.673'.
[  271.094303][   T29] audit: type=1400 audit(1732239070.392:425): avc:  denied  { ioctl } for  pid=9084 comm="syz.0.672" path="socket:[21007]" dev="sockfs" ino=21007 ioctlcmd=0x4947 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  271.135421][    T9] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  271.190507][   T46] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  271.382392][   T46] usb 4-1: config 0 descriptor has 1 excess byte, ignoring
[  271.393537][   T46] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  271.459738][    T9] usb 5-1: Using ep0 maxpacket: 32
[  271.474347][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.493016][    T9] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  271.524967][   T46] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  271.535637][    T9] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  271.547145][    T9] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  271.548535][   T46] usb 4-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  271.577777][    T9] usb 5-1: Product: syz
[  271.577779][   T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.594712][    T9] usb 5-1: Manufacturer: syz
[  271.595770][   T46] usb 4-1: config 0 descriptor??
[  271.601181][    T9] usb 5-1: SerialNumber: syz
[  271.612324][    T9] usb 5-1: config 0 descriptor??
[  271.618789][ T9083] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  271.621702][   T46] usbhid 4-1:0.0: can't add hid device: -22
[  271.640479][   T46] usbhid 4-1:0.0: probe with driver usbhid failed with error -22
[  271.779543][ T5885] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  272.091884][ T5885] usb 1-1: Using ep0 maxpacket: 32
[  272.098613][ T5885] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  272.111183][ T5885] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  272.120378][ T5885] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  272.139351][ T5885] usb 1-1: Product: syz
[  272.143577][ T5885] usb 1-1: Manufacturer: syz
[  272.148165][ T5885] usb 1-1: SerialNumber: syz
[  272.154943][ T5885] usb 1-1: config 0 descriptor??
[  272.166037][ T9093] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  272.248288][ T9105] netlink: 'syz.5.676': attribute type 12 has an invalid length.
[  272.256179][ T9105] netlink: 244 bytes leftover after parsing attributes in process `syz.5.676'.
[  272.666774][ T5885] chaoskey 1-1:0.0: Unable to register with hwrng
[  273.025715][ T5885] usb 1-1: USB disconnect, device number 29
[  273.757252][    T9] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  273.977539][ T5885] usb 4-1: USB disconnect, device number 26
[  274.027505][ T8007] usb 5-1: USB disconnect, device number 16
[  274.141948][    T9] usb 3-1: Using ep0 maxpacket: 16
[  274.193635][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.240072][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.442251][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  274.455586][    T9] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  274.467704][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.659069][    T9] usb 3-1: config 0 descriptor??
[  275.012521][ T9169] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.023712][    T9] microsoft 0003:045E:07DA.0005: ignoring exceeding usage max
[  275.125089][ T9173] overlay: ./bus is not a directory
[  275.132034][ T9168] Option 'Ó¾,0A–˜' to dns_resolver key: bad/missing value
[  275.229865][ T9169] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.239665][   T29] audit: type=1400 audit(1732239074.532:426): avc:  denied  { relabelfrom } for  pid=9166 comm="syz.3.686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  275.276631][    T9] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0005/input/input8
[  275.302262][   T29] audit: type=1400 audit(1732239074.562:427): avc:  denied  { relabelto } for  pid=9166 comm="syz.3.686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  275.427630][   T29] audit: type=1400 audit(1732239074.572:428): avc:  denied  { map } for  pid=9166 comm="syz.3.686" path="/dev/usbmon6" dev="devtmpfs" ino=738 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  275.488960][    T9] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  275.593733][    T9] usb 3-1: USB disconnect, device number 17
[  276.079541][ T5886] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  276.084530][    T9] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  276.289600][ T5886] usb 6-1: Using ep0 maxpacket: 32
[  276.315704][ T5886] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  276.374940][ T5886] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  276.379462][    T9] usb 3-1: Using ep0 maxpacket: 32
[  276.384377][ T5886] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  276.393471][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.415507][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.425732][    T9] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  276.438525][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.446658][ T5886] usb 6-1: Product: syz
[  276.451027][ T5886] usb 6-1: Manufacturer: syz
[  276.455628][ T5886] usb 6-1: SerialNumber: syz
[  276.466245][ T5886] usb 6-1: config 0 descriptor??
[  276.505865][ T9195] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  276.559141][ T9211] FAULT_INJECTION: forcing a failure.
[  276.559141][ T9211] name failslab, interval 1, probability 0, space 0, times 0
[  276.571835][ T9211] CPU: 1 UID: 0 PID: 9211 Comm: syz.4.694 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  276.582047][ T9211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  276.592085][ T9211] Call Trace:
[  276.595366][ T9211]  <TASK>
[  276.598281][ T9211]  dump_stack_lvl+0x16c/0x1f0
[  276.602949][ T9211]  should_fail_ex+0x497/0x5b0
[  276.607603][ T9211]  ? fs_reclaim_acquire+0xae/0x150
[  276.612694][ T9211]  should_failslab+0xc2/0x120
[  276.617366][ T9211]  __kmalloc_cache_noprof+0x6b/0x300
[  276.622647][ T9211]  ? fuse_get_tree+0x78/0x600
[  276.627304][ T9211]  ? cap_capable+0x1cf/0x240
[  276.631873][ T9211]  fuse_get_tree+0x78/0x600
[  276.636355][ T9211]  ? security_capable+0x7e/0x260
[  276.641280][ T9211]  vfs_get_tree+0x8f/0x380
[  276.645679][ T9211]  path_mount+0x14e6/0x1f20
[  276.650161][ T9211]  ? kmem_cache_free+0x152/0x4b0
[  276.655078][ T9211]  ? __pfx_path_mount+0x10/0x10
[  276.659923][ T9211]  ? putname+0x13c/0x180
[  276.664147][ T9211]  __x64_sys_mount+0x294/0x320
[  276.668891][ T9211]  ? __pfx___x64_sys_mount+0x10/0x10
[  276.674174][ T9211]  do_syscall_64+0xcd/0x250
[  276.678664][ T9211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.684550][ T9211] RIP: 0033:0x7f3f7597e819
[  276.688938][ T9211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.708550][ T9211] RSP: 002b:00007f3f76798038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  276.716940][ T9211] RAX: ffffffffffffffda RBX: 00007f3f75b36080 RCX: 00007f3f7597e819
[  276.724916][ T9211] RDX: 0000000020002100 RSI: 00000000200020c0 RDI: 0000000000000000
[  276.732871][ T9211] RBP: 00007f3f76798090 R08: 0000000020002140 R09: 0000000000000000
[  276.740841][ T9211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  276.748793][ T9211] R13: 0000000000000000 R14: 00007f3f75b36080 R15: 00007ffe23712868
[  276.756752][ T9211]  </TASK>
[  276.812363][    T9] usb 3-1: config 0 descriptor??
[  277.479964][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  277.486858][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  277.643105][ T9220] netlink: 'syz.0.696': attribute type 10 has an invalid length.
[  277.651021][ T9220] netlink: 40 bytes leftover after parsing attributes in process `syz.0.696'.
[  277.676573][    T9] usb 3-1: USB disconnect, device number 18
[  278.288632][   T29] audit: type=1400 audit(1732239077.582:429): avc:  denied  { connect } for  pid=9241 comm="syz.3.698" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  278.351735][   T29] audit: type=1400 audit(1732239077.582:430): avc:  denied  { name_connect } for  pid=9241 comm="syz.3.698" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  278.602717][ T9251] overlayfs: missing 'workdir'
[  278.639524][ T5885] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  278.814502][ T5885] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  278.829529][ T5886] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  278.873468][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  278.895015][ T9256] netlink: 20 bytes leftover after parsing attributes in process `syz.2.703'.
[  278.900500][   T46] usb 6-1: USB disconnect, device number 5
[  278.943488][   T29] audit: type=1400 audit(1732239078.242:431): avc:  denied  { mount } for  pid=9254 comm="syz.2.703" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  278.969107][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  279.014211][ T5885] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  279.037369][   T29] audit: type=1400 audit(1732239078.292:432): avc:  denied  { map } for  pid=9257 comm="syz.4.704" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  279.060549][ T5885] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  279.071900][ T5886] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  279.080255][ T5886] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 34, using maximum allowed: 30
[  279.093749][ T5885] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.114276][ T5885] usb 4-1: config 0 descriptor??
[  279.122648][   T29] audit: type=1400 audit(1732239078.292:433): avc:  denied  { execute } for  pid=9257 comm="syz.4.704" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  279.146888][ T5886] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  279.166370][ T9246] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  279.222573][ T5886] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 34
[  279.410424][ T5886] usb 1-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  279.488939][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.577247][ T5886] usb 1-1: config 0 descriptor??
[  279.626713][ T5886] usbhid 1-1:0.0: can't add hid device: -22
[  279.657966][   T29] audit: type=1400 audit(1732239078.952:434): avc:  denied  { unmount } for  pid=5832 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  279.685789][ T5886] usbhid 1-1:0.0: probe with driver usbhid failed with error -22
[  279.952380][ T5885] plantronics 0003:047F:FFFF.0006: unknown main item tag 0xd
[  279.959847][ T5885] plantronics 0003:047F:FFFF.0006: item fetching failed at offset 13/15
[  279.968525][ T5885] plantronics 0003:047F:FFFF.0006: parse failed
[  279.975314][ T5885] plantronics 0003:047F:FFFF.0006: probe with driver plantronics failed with error -22
[  280.881254][   T29] audit: type=1400 audit(1732239080.182:435): avc:  denied  { read } for  pid=9241 comm="syz.3.698" laddr=fe80::12 lport=59666 faddr=fe80::bb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  280.904035][    C1] vkms_vblank_simulate: vblank timer overrun
[  281.219545][ T5884] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  281.379068][ T5886] usb 4-1: USB disconnect, device number 27
[  281.619585][ T5885] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  281.622965][ T5884] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  281.709570][ T5884] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  281.753123][ T5884] usb 3-1: New USB device found, idVendor=09da, idProduct=022b, bcdDevice= 0.00
[  281.787130][ T5884] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.827043][ T5884] usb 3-1: config 0 descriptor??
[  281.837946][   T25] usb 1-1: USB disconnect, device number 30
[  281.869999][ T5885] usb 5-1: Using ep0 maxpacket: 32
[  281.947457][ T5885] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  281.959141][ T5885] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  281.965020][ T9288] overlayfs: missing 'workdir'
[  281.969090][ T5885] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  282.010883][ T5885] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.064365][ T5885] usb 5-1: config 0 descriptor??
[  282.746656][ T5885] usbhid 5-1:0.0: can't add hid device: -71
[  282.888158][ T5885] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  283.021277][ T5885] usb 5-1: USB disconnect, device number 17
[  284.055883][ T9310] netlink: 12 bytes leftover after parsing attributes in process `syz.0.716'.
[  284.492747][ T5884] usb 3-1: USB disconnect, device number 19
[  284.823088][ T5885] usb 4-1: new full-speed USB device number 28 using dummy_hcd
[  284.838946][ T8007] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[  286.178334][ T8007] usb 5-1: unable to get BOS descriptor or descriptor too short
[  286.187390][ T8007] usb 5-1: not running at top speed; connect to a high speed hub
[  286.197486][ T8007] usb 5-1: config 219 has 1 interface, different from the descriptor's value: 2
[  286.206642][ T8007] usb 5-1: config 219 interface 0 has no altsetting 0
[  286.213829][ T8007] usb 5-1: config 219 interface 0 has no altsetting 1
[  286.585764][ T5885] usb 4-1: unable to get BOS descriptor or descriptor too short
[  286.665602][ T5885] usb 4-1: not running at top speed; connect to a high speed hub
[  286.845421][ T5885] usb 4-1: config 219 has 1 interface, different from the descriptor's value: 2
[  286.867382][ T8007] usb 5-1: New USB device found, idVendor=2b73, idProduct=0017, bcdDevice=a2.0e
[  286.949429][ T8007] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.957692][ T8007] usb 5-1: Product: syz
[  286.989503][ T5885] usb 4-1: config 219 interface 0 has no altsetting 0
[  287.223813][ T5885] usb 4-1: config 219 interface 0 has no altsetting 1
[  287.408307][ T9336] overlayfs: missing 'workdir'
[  287.865103][ T8007] usb 5-1: Manufacturer: syz
[  287.869805][ T8007] usb 5-1: SerialNumber: syz
[  287.954569][ T8007] usb 5-1: can't set config #219, error -71
[  287.959084][ T5885] usb 4-1: string descriptor 0 read error: -71
[  287.962232][ T8007] usb 5-1: USB disconnect, device number 18
[  287.996816][ T5885] usb 4-1: New USB device found, idVendor=2b73, idProduct=0017, bcdDevice=a2.0e
[  288.182792][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.339862][   T29] audit: type=1400 audit(1732239087.352:436): avc:  denied  { watch } for  pid=9340 comm="syz.4.727" path="/160" dev="tmpfs" ino=905 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  288.372295][ T5885] usb 4-1: can't set config #219, error -71
[  288.393295][   T29] audit: type=1400 audit(1732239087.632:437): avc:  denied  { watch_reads } for  pid=9340 comm="syz.4.727" path="/160" dev="tmpfs" ino=905 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  288.754492][ T5885] usb 4-1: USB disconnect, device number 28
[  290.520678][ T9368] netlink: 12 bytes leftover after parsing attributes in process `syz.3.732'.
[  290.801481][ T5885] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  290.851288][ T9373] sch_fq: defrate 7 ignored.
[  291.056612][ T5885] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[  291.648574][ T5885] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 10
[  291.660048][ T5885] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 255, setting to 64
[  291.746015][ T5885] usb 6-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  291.755674][ T5885] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.774247][ T5885] usb 6-1: Product: syz
[  291.778437][ T5885] usb 6-1: Manufacturer: syz
[  291.783116][ T5885] usb 6-1: SerialNumber: syz
[  291.802876][ T5885] usb 6-1: config 0 descriptor??
[  291.823715][ T9357] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  292.002283][ T5884] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  292.029482][ T5885] rc_core: IR keymap rc-streamzap not found
[  292.035569][ T5885] Registered IR keymap rc-empty
[  292.153503][ T5885] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  292.267040][ T5885] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input9
[  292.402911][ T9407] netlink: 'syz.2.739': attribute type 10 has an invalid length.
[  292.410934][ T9407] netlink: 40 bytes leftover after parsing attributes in process `syz.2.739'.
[  292.783635][ T5884] usb 5-1: Using ep0 maxpacket: 32
[  292.806550][ T5884] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  292.823568][ T5885] usb 6-1: USB disconnect, device number 6
[  292.862129][ T5884] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  292.884002][ T5884] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  292.938577][ T5884] usb 5-1: Product: syz
[  292.952714][ T5884] usb 5-1: Manufacturer: syz
[  292.969616][ T5884] usb 5-1: SerialNumber: syz
[  292.984482][ T5884] usb 5-1: config 0 descriptor??
[  293.006230][ T9388] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  293.236387][ T5884] usb 5-1: USB disconnect, device number 19
[  294.676748][ T9433] netlink: 'syz.0.748': attribute type 12 has an invalid length.
[  294.684620][ T9433] netlink: 244 bytes leftover after parsing attributes in process `syz.0.748'.
[  294.909898][ T9432] netlink: 12 bytes leftover after parsing attributes in process `syz.3.749'.
[  295.055003][ T9437] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  295.089115][ T1096] Bluetooth: hci5: Frame reassembly failed (-84)
[  295.939446][ T5842] usb 4-1: new full-speed USB device number 29 using dummy_hcd
[  296.093972][ T5842] usb 4-1: config 0 has no interfaces?
[  296.112547][ T5842] usb 4-1: New USB device found, idVendor=1668, idProduct=0323, bcdDevice=5f.ca
[  296.153363][ T5842] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.264730][ T5842] usb 4-1: config 0 descriptor??
[  296.491221][ T5842] usb 4-1: USB disconnect, device number 29
[  297.098517][ T9481] sch_fq: defrate 7 ignored.
[  297.129665][ T5850] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  297.459570][   T29] audit: type=1400 audit(1732239096.702:438): avc:  denied  { unmount } for  pid=5833 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  297.594519][   T29] audit: type=1400 audit(1732239096.892:439): avc:  denied  { bind } for  pid=9488 comm="syz.3.758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  297.622079][ T9490] netlink: 'syz.3.758': attribute type 33 has an invalid length.
[  297.643627][ T9490] netlink: 152 bytes leftover after parsing attributes in process `syz.3.758'.
[  297.654474][   T29] audit: type=1400 audit(1732239096.892:440): avc:  denied  { name_bind } for  pid=9488 comm="syz.3.758" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  297.679193][   T29] audit: type=1400 audit(1732239096.892:441): avc:  denied  { node_bind } for  pid=9488 comm="syz.3.758" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  298.003742][   T29] audit: type=1400 audit(1732239097.002:442): avc:  denied  { listen } for  pid=9488 comm="syz.3.758" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  298.160814][   T29] audit: type=1326 audit(1732239097.452:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9488 comm="syz.3.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b5c77e819 code=0x7ffc0000
[  298.205212][   T29] audit: type=1326 audit(1732239097.452:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9488 comm="syz.3.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b5c77e819 code=0x7ffc0000
[  298.228948][   T29] audit: type=1326 audit(1732239097.462:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9488 comm="syz.3.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f4b5c77e819 code=0x7ffc0000
[  298.228976][   T29] audit: type=1326 audit(1732239097.462:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9488 comm="syz.3.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b5c77e819 code=0x7ffc0000
[  298.228999][   T29] audit: type=1326 audit(1732239097.462:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9488 comm="syz.3.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b5c77e819 code=0x7ffc0000
[  299.180702][  T965] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  299.249444][ T5884] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  299.835012][  T965] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.846048][  T965] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.856289][  T965] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  299.865450][ T8007] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  299.874960][  T965] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.891534][ T5884] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  299.903936][ T5884] usb 6-1: config 0 has no interfaces?
[  299.911969][ T5884] usb 6-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.01
[  299.925423][  T965] usb 4-1: config 0 descriptor??
[  299.931321][ T5884] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.042863][ T5884] usb 6-1: config 0 descriptor??
[  300.061490][ T8007] usb 3-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  300.072246][ T8007] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  300.083186][ T8007] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  300.108836][ T8007] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  300.117633][ T8007] usb 3-1: SerialNumber: syz
[  300.260329][ T9516] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.269876][ T9516] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.312592][ T5842] usb 6-1: USB disconnect, device number 7
[  300.417039][ T8007] usb 3-1: 0:2 : does not exist
[  300.442195][  T965] usbhid 4-1:0.0: can't add hid device: -71
[  300.492353][  T965] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  300.512917][  T965] usb 4-1: USB disconnect, device number 30
[  300.947720][ T9563] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  301.041042][ T9562] netlink: 20 bytes leftover after parsing attributes in process `syz.4.771'.
[  302.071213][ T9574] netlink: 4 bytes leftover after parsing attributes in process `syz.0.772'.
[  302.130131][ T5842] usb 3-1: USB disconnect, device number 20
[  302.608691][   T25] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  303.767504][ T1096] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.809401][ T1096] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.210812][   T25] usb 6-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  304.220633][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.240066][   T25] usb 6-1: config 0 descriptor??
[  304.649534][ T5885] usb 4-1: new full-speed USB device number 31 using dummy_hcd
[  305.309293][   T25] gs_usb 6-1:0.0: Configuring for 67 interfaces
[  305.315623][   T25] gs_usb 6-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  305.335641][   T25] gs_usb 6-1:0.0: probe with driver gs_usb failed with error -22
[  305.627740][ T5885] usb 4-1: unable to get BOS descriptor or descriptor too short
[  305.635966][ T5885] usb 4-1: not running at top speed; connect to a high speed hub
[  305.697608][ T9619] netlink: 8 bytes leftover after parsing attributes in process `syz.5.775'.
[  305.706490][ T9619] netlink: 'syz.5.775': attribute type 3 has an invalid length.
[  306.237966][ T5885] usb 4-1: config 219 has 1 interface, different from the descriptor's value: 2
[  306.247278][ T5885] usb 4-1: config 219 interface 0 has no altsetting 0
[  306.254377][ T5885] usb 4-1: config 219 interface 0 has no altsetting 1
[  306.273501][ T5885] usb 4-1: New USB device found, idVendor=2b73, idProduct=0017, bcdDevice=a2.0e
[  306.282590][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.292147][ T5885] usb 4-1: Product: syz
[  306.297796][ T5885] usb 4-1: Manufacturer: syz
[  306.303022][ T5885] usb 4-1: SerialNumber: syz
[  306.329665][ T8007] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  306.540847][ T8007] usb 3-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  306.557138][ T8007] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  306.586042][ T8007] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  306.601557][ T9598] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  306.610257][ T9598] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  306.651809][ T8007] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  306.665674][ T5885] usb 4-1: selecting invalid altsetting 0
[  306.671751][ T5885] usb 4-1: selecting invalid altsetting 0
[  306.687694][ T8007] usb 3-1: SerialNumber: syz
[  306.760033][ T5885] usb 4-1: USB disconnect, device number 31
[  306.977898][ T8007] usb 3-1: 0:2 : does not exist
[  307.517330][ T8007] usb 6-1: USB disconnect, device number 8
[  309.079590][ T8007] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  309.422400][ T8007] usb 6-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  309.445243][  T965] usb 3-1: USB disconnect, device number 21
[  309.476387][ T8007] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  309.500566][ T8007] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  309.527432][ T8007] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  309.555883][ T8007] usb 6-1: SerialNumber: syz
[  309.569526][ T5842] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  309.758011][ T5842] usb 5-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  309.774162][ T8007] usb 6-1: 0:2 : does not exist
[  309.812444][ T5842] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  309.870536][ T5842] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  309.902088][ T5842] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  309.949453][ T5842] usb 5-1: SerialNumber: syz
[  310.197874][ T5885] usb 6-1: USB disconnect, device number 9
[  310.399300][ T5842] usb 5-1: 0:2 : does not exist
[  310.839774][ T6065] udevd[6065]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  311.430878][ T9669] netlink: 12 bytes leftover after parsing attributes in process `syz.0.800'.
[  311.564624][ T8007] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  311.784490][ T8007] usb 3-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  311.793791][ T8007] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.892574][ T8007] usb 3-1: config 0 descriptor??
[  312.567114][ T5915] usb 5-1: USB disconnect, device number 20
[  312.933825][ T8007] gs_usb 3-1:0.0: Configuring for 67 interfaces
[  312.945227][ T8007] gs_usb 3-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  312.956271][ T8007] gs_usb 3-1:0.0: probe with driver gs_usb failed with error -22
[  313.207677][ T9703] netlink: 8 bytes leftover after parsing attributes in process `syz.2.799'.
[  313.216497][ T9703] netlink: 'syz.2.799': attribute type 3 has an invalid length.
[  313.343811][   T29] kauditd_printk_skb: 21 callbacks suppressed
[  313.343827][   T29] audit: type=1400 audit(1732239112.632:469): avc:  denied  { bind } for  pid=9704 comm="syz.0.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  313.465245][   T29] audit: type=1400 audit(1732239112.672:470): avc:  denied  { listen } for  pid=9704 comm="syz.0.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  313.540338][   T29] audit: type=1400 audit(1732239112.672:471): avc:  denied  { connect } for  pid=9704 comm="syz.0.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  314.216317][   T29] audit: type=1400 audit(1732239112.682:472): avc:  denied  { setopt } for  pid=9704 comm="syz.0.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  314.262727][   T29] audit: type=1400 audit(1732239112.682:473): avc:  denied  { write } for  pid=9704 comm="syz.0.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  314.365085][ T5915] usb 3-1: USB disconnect, device number 22
[  315.516386][ T8007] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  315.613197][ T9734] FAULT_INJECTION: forcing a failure.
[  315.613197][ T9734] name failslab, interval 1, probability 0, space 0, times 0
[  315.626233][ T9734] CPU: 1 UID: 0 PID: 9734 Comm: syz.4.816 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  315.636482][ T9734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  315.646543][ T9734] Call Trace:
[  315.649813][ T9734]  <TASK>
[  315.652723][ T9734]  dump_stack_lvl+0x16c/0x1f0
[  315.657377][ T9734]  should_fail_ex+0x497/0x5b0
[  315.662031][ T9734]  ? fs_reclaim_acquire+0xae/0x150
[  315.667119][ T9734]  should_failslab+0xc2/0x120
[  315.671768][ T9734]  __kmalloc_node_noprof+0xd1/0x430
[  315.676952][ T9734]  ? __pfx___might_resched+0x10/0x10
[  315.682226][ T9734]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  315.687695][ T9734]  __kvmalloc_node_noprof+0xad/0x1a0
[  315.692971][ T9734]  seq_read_iter+0x82a/0x12b0
[  315.697631][ T9734]  ? avc_policy_seqno+0x9/0x20
[  315.702390][ T9734]  ? rw_verify_area+0xd0/0x700
[  315.707139][ T9734]  vfs_read+0x87f/0xbe0
[  315.711281][ T9734]  ? __pfx_vfs_read+0x10/0x10
[  315.715953][ T9734]  ksys_read+0x12b/0x250
[  315.720179][ T9734]  ? __pfx_ksys_read+0x10/0x10
[  315.724936][ T9734]  do_syscall_64+0xcd/0x250
[  315.729432][ T9734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.735315][ T9734] RIP: 0033:0x7f3f7597e819
[  315.739715][ T9734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.759305][ T9734] RSP: 002b:00007f3f767b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  315.767706][ T9734] RAX: ffffffffffffffda RBX: 00007f3f75b35fa0 RCX: 00007f3f7597e819
[  315.775661][ T9734] RDX: 0000000000002020 RSI: 0000000020003700 RDI: 0000000000000005
[  315.783619][ T9734] RBP: 00007f3f767b9090 R08: 0000000000000000 R09: 0000000000000000
[  315.791572][ T9734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.799523][ T9734] R13: 0000000000000000 R14: 00007f3f75b35fa0 R15: 00007ffe23712868
[  315.807487][ T9734]  </TASK>
[  315.810689][    C1] vkms_vblank_simulate: vblank timer overrun
[  315.877639][ T8007] usb 6-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  315.908662][ T8007] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  315.956670][ T8007] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  316.236407][ T8007] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  316.253441][ T9745] FAULT_INJECTION: forcing a failure.
[  316.253441][ T9745] name failslab, interval 1, probability 0, space 0, times 0
[  316.371584][ T9745] CPU: 1 UID: 0 PID: 9745 Comm: syz.0.817 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  316.381831][ T9745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  316.391859][ T9745] Call Trace:
[  316.395112][ T9745]  <TASK>
[  316.397193][ T8007] usb 6-1: SerialNumber: syz
[  316.398015][ T9745]  dump_stack_lvl+0x16c/0x1f0
[  316.407256][ T9745]  should_fail_ex+0x497/0x5b0
[  316.411929][ T9745]  ? fs_reclaim_acquire+0xae/0x150
[  316.417016][ T9745]  should_failslab+0xc2/0x120
[  316.421701][ T9745]  __kmalloc_noprof+0xcb/0x400
[  316.426464][ T9745]  ? d_absolute_path+0x137/0x1b0
[  316.431393][ T9745]  tomoyo_encode2+0x100/0x3e0
[  316.436045][ T9745]  tomoyo_encode+0x29/0x50
[  316.440436][ T9745]  tomoyo_realpath_from_path+0x19d/0x720
[  316.446045][ T9745]  tomoyo_path_number_perm+0x248/0x590
[  316.451476][ T9745]  ? tomoyo_path_number_perm+0x235/0x590
[  316.457081][ T9745]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  316.463066][ T9745]  ? __pfx_lock_release+0x10/0x10
[  316.468069][ T9745]  ? trace_lock_acquire+0x14a/0x1d0
[  316.473246][ T9745]  ? lock_acquire+0x2f/0xb0
[  316.477720][ T9745]  ? __fget_files+0x40/0x3a0
[  316.482286][ T9745]  ? __fget_files+0x206/0x3a0
[  316.486937][ T9745]  security_file_ioctl+0x9b/0x240
[  316.491936][ T9745]  __x64_sys_ioctl+0xb7/0x200
[  316.496585][ T9745]  do_syscall_64+0xcd/0x250
[  316.501065][ T9745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.506938][ T9745] RIP: 0033:0x7fac7117e819
[  316.511336][ T9745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.530952][ T9745] RSP: 002b:00007fac71fdb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  316.539374][ T9745] RAX: ffffffffffffffda RBX: 00007fac71336080 RCX: 00007fac7117e819
[  316.547353][ T9745] RDX: 0000000020000040 RSI: 00000000802c542a RDI: 0000000000000003
[  316.550452][ T9748] netlink: 12 bytes leftover after parsing attributes in process `syz.3.814'.
[  316.555308][ T9745] RBP: 00007fac71fdb090 R08: 0000000000000000 R09: 0000000000000000
[  316.570602][ T9747] ------------[ cut here ]------------
[  316.572070][ T9745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.572087][ T9745] R13: 0000000000000000 R14: 00007fac71336080 R15: 00007ffcd9d3de88
[  316.572110][ T9745]  </TASK>
[  316.577767][ T9747] platform vkms: [drm] vblank wait timed out on crtc 0
[  316.585781][    C1] vkms_vblank_simulate: vblank timer overrun
[  316.594074][ T9747] WARNING: CPU: 0 PID: 9747 at drivers/gpu/drm/drm_vblank.c:1307 drm_wait_one_vblank+0x334/0x550
[  316.620482][ T9747] Modules linked in:
[  316.624475][ T9747] CPU: 0 UID: 0 PID: 9747 Comm: syz.3.814 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  316.635143][ T9747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  316.645362][ T9747] RIP: 0010:drm_wait_one_vblank+0x334/0x550
[  316.651553][ T9747] Code: 85 ed 0f 84 54 01 00 00 e8 f9 2c 5e fc 4c 89 e7 e8 d1 12 87 00 89 e9 4c 89 ea 48 c7 c7 e0 af e7 8b 48 89 c6 e8 ad d4 1e fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 ce 2c 5e fc 90 48 8d 7b 08 48 b8 00
[  316.672188][ T9747] RSP: 0018:ffffc9000cb47b28 EFLAGS: 00010286
[  316.678335][ T9747] RAX: 0000000000000000 RBX: ffff88802558c000 RCX: ffffc90011d3b000
[  316.686786][ T9747] RDX: 0000000000080000 RSI: ffffffff814e95c6 RDI: 0000000000000001
[  316.694891][ T9747] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  316.702922][ T9747] R10: 0000000000000000 R11: 0000000000000006 R12: ffff888141f70010
[  316.711000][ T9747] R13: ffff888141bf0280 R14: 1ffff92001968f67 R15: 0000000000004371
[  316.719037][ T9747] FS:  00007f4b5d4a46c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  316.728076][ T9747] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  316.744399][ T9747] CR2: 0000001b306fbff8 CR3: 0000000031f96000 CR4: 00000000003526f0
[  316.752538][ T9747] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  316.760640][ T9747] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  316.768680][ T9747] Call Trace:
[  316.772020][ T9747]  <TASK>
[  316.776317][ T9747]  ? __warn+0xea/0x3d0
[  316.780524][ T9747]  ? lock_acquire.part.0+0x11b/0x380
[  316.785853][ T9747]  ? drm_wait_one_vblank+0x334/0x550
[  316.791201][ T9747]  ? report_bug+0x3c0/0x580
[  316.795779][ T9747]  ? handle_bug+0x54/0xa0
[  316.800219][ T9747]  ? exc_invalid_op+0x17/0x50
[  316.804935][ T9747]  ? asm_exc_invalid_op+0x1a/0x20
[  316.810166][ T9747]  ? __warn_printk+0x1a6/0x350
[  316.814975][ T9747]  ? drm_wait_one_vblank+0x334/0x550
[  316.820378][ T9747]  ? drm_wait_one_vblank+0x333/0x550
[  316.825720][ T9747]  ? __pfx_drm_wait_one_vblank+0x10/0x10
[  316.831426][ T9747]  ? mark_held_locks+0x9f/0xe0
[  316.836251][ T9747]  ? __pfx_autoremove_wake_function+0x10/0x10
[  316.842479][ T9747]  ? lockdep_hardirqs_on+0x7c/0x110
[  316.847710][ T9747]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  316.853715][ T9747]  ? drm_vblank_get+0x150/0x280
[  316.858642][ T9747]  drm_fb_helper_ioctl+0x156/0x1a0
[  316.863891][ T9747]  ? __pfx_drm_fb_helper_ioctl+0x10/0x10
[  316.869665][ T9747]  do_fb_ioctl+0x3d4/0x7d0
[  316.874196][ T9747]  ? __pfx_do_fb_ioctl+0x10/0x10
[  316.880933][ T9747]  ? do_vfs_ioctl+0x513/0x1990
[  316.885846][ T9747]  ? selinux_file_ioctl+0x180/0x270
[  316.891235][ T9747]  fb_ioctl+0xe5/0x150
[  316.895354][ T9747]  ? __pfx_fb_ioctl+0x10/0x10
[  316.900154][ T9747]  __x64_sys_ioctl+0x190/0x200
[  316.904970][ T9747]  do_syscall_64+0xcd/0x250
[  316.909564][ T9747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.915514][ T9747] RIP: 0033:0x7f4b5c77e819
[  316.920040][ T9747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.939894][ T9747] RSP: 002b:00007f4b5d4a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  316.948368][ T9747] RAX: ffffffffffffffda RBX: 00007f4b5c936160 RCX: 00007f4b5c77e819
[  316.956414][ T9747] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000009
[  316.964503][ T9747] RBP: 00007f4b5c7f175e R08: 0000000000000000 R09: 0000000000000000
[  316.972680][ T9747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  316.982207][ T9747] R13: 0000000000000000 R14: 00007f4b5c936160 R15: 00007ffd037cc7d8
[  316.990315][ T9747]  </TASK>
[  316.993386][ T9747] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  317.000660][ T9747] CPU: 0 UID: 0 PID: 9747 Comm: syz.3.814 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0
[  317.010998][ T9747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  317.021051][ T9747] Call Trace:
[  317.024323][ T9747]  <TASK>
[  317.027249][ T9747]  dump_stack_lvl+0x3d/0x1f0
[  317.031849][ T9747]  panic+0x71d/0x800
[  317.035757][ T9747]  ? __pfx_panic+0x10/0x10
[  317.040183][ T9747]  ? show_trace_log_lvl+0x29d/0x3d0
[  317.045393][ T9747]  ? drm_wait_one_vblank+0x334/0x550
[  317.050678][ T9747]  check_panic_on_warn+0xab/0xb0
[  317.055621][ T9747]  __warn+0xf6/0x3d0
[  317.059518][ T9747]  ? lock_acquire.part.0+0x11b/0x380
[  317.064805][ T9747]  ? drm_wait_one_vblank+0x334/0x550
[  317.070094][ T9747]  report_bug+0x3c0/0x580
[  317.074431][ T9747]  handle_bug+0x54/0xa0
[  317.078593][ T9747]  exc_invalid_op+0x17/0x50
[  317.083201][ T9747]  asm_exc_invalid_op+0x1a/0x20
[  317.088059][ T9747] RIP: 0010:drm_wait_one_vblank+0x334/0x550
[  317.093953][ T9747] Code: 85 ed 0f 84 54 01 00 00 e8 f9 2c 5e fc 4c 89 e7 e8 d1 12 87 00 89 e9 4c 89 ea 48 c7 c7 e0 af e7 8b 48 89 c6 e8 ad d4 1e fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 ce 2c 5e fc 90 48 8d 7b 08 48 b8 00
[  317.113557][ T9747] RSP: 0018:ffffc9000cb47b28 EFLAGS: 00010286
[  317.119625][ T9747] RAX: 0000000000000000 RBX: ffff88802558c000 RCX: ffffc90011d3b000
[  317.127603][ T9747] RDX: 0000000000080000 RSI: ffffffff814e95c6 RDI: 0000000000000001
[  317.135585][ T9747] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  317.143566][ T9747] R10: 0000000000000000 R11: 0000000000000006 R12: ffff888141f70010
[  317.151545][ T9747] R13: ffff888141bf0280 R14: 1ffff92001968f67 R15: 0000000000004371
[  317.159530][ T9747]  ? __warn_printk+0x1a6/0x350
[  317.164313][ T9747]  ? drm_wait_one_vblank+0x333/0x550
[  317.169599][ T9747]  ? __pfx_drm_wait_one_vblank+0x10/0x10
[  317.175238][ T9747]  ? mark_held_locks+0x9f/0xe0
[  317.180004][ T9747]  ? __pfx_autoremove_wake_function+0x10/0x10
[  317.186077][ T9747]  ? lockdep_hardirqs_on+0x7c/0x110
[  317.191281][ T9747]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  317.197098][ T9747]  ? drm_vblank_get+0x150/0x280
[  317.202049][ T9747]  drm_fb_helper_ioctl+0x156/0x1a0
[  317.207169][ T9747]  ? __pfx_drm_fb_helper_ioctl+0x10/0x10
[  317.212809][ T9747]  do_fb_ioctl+0x3d4/0x7d0
[  317.217244][ T9747]  ? __pfx_do_fb_ioctl+0x10/0x10
[  317.222201][ T9747]  ? do_vfs_ioctl+0x513/0x1990
[  317.227006][ T9747]  ? selinux_file_ioctl+0x180/0x270
[  317.232220][ T9747]  fb_ioctl+0xe5/0x150
[  317.236296][ T9747]  ? __pfx_fb_ioctl+0x10/0x10
[  317.240979][ T9747]  __x64_sys_ioctl+0x190/0x200
[  317.245751][ T9747]  do_syscall_64+0xcd/0x250
[  317.250264][ T9747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.256164][ T9747] RIP: 0033:0x7f4b5c77e819
[  317.260579][ T9747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.280190][ T9747] RSP: 002b:00007f4b5d4a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  317.288610][ T9747] RAX: ffffffffffffffda RBX: 00007f4b5c936160 RCX: 00007f4b5c77e819
[  317.296577][ T9747] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000009
[  317.304545][ T9747] RBP: 00007f4b5c7f175e R08: 0000000000000000 R09: 0000000000000000
[  317.312605][ T9747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  317.320572][ T9747] R13: 0000000000000000 R14: 00007f4b5c936160 R15: 00007ffd037cc7d8
[  317.328552][ T9747]  </TASK>
[  317.331784][ T9747] Kernel Offset: disabled
[  317.336135][ T9747] Rebooting in 86400 seconds..