last executing test programs:

49.951412015s ago: executing program 0 (id=940):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
syz_open_dev$video4linux(&(0x7f0000000000), 0x1ff, 0x1000)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0) (async)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) (async)
clock_adjtime(0xffffffd3, &(0x7f0000000340)={0x8, 0x1, 0xfffffffffffffffd})
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) (async)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f00000005c0)={0x18}, 0x18) (async)
write$FUSE_INIT(r2, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21}}, 0x50) (async, rerun: 64)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0) (rerun: 64)
syz_usb_control_io(r3, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r3, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x40, 0x19, 0x2, "0200"}, 0x0, 0x0, 0x0, 0x0})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid}], [], 0x6b}}) (async, rerun: 64)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000210000fb000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async, rerun: 64)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1, <r5=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xe, 0x3, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x0, 0x8, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r5, r4, 0x0, 0x0, 0x0, 0x10, 0x624, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@bloom_filter={0x1e, 0x8, 0xff, 0x9, 0x52100, r2, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x2, 0x2, @void, @value, @value=r2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xf, 0xd, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0xc40}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7}, @func, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @exit, @alu={0x4, 0x1, 0x4, 0x7, 0xa, 0x36, 0x4}]}, &(0x7f0000000080)='syzkaller\x00', 0x2, 0x5b, &(0x7f0000000280)=""/91, 0x40f00, 0x10, '\x00', 0x0, @cgroup_device=0x6, r2, 0x8, &(0x7f0000000140)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000380)={0x1, 0xd, 0x8, 0x9}, 0x10, r5, r2, 0x7, &(0x7f0000000440)=[r2, r2, r2, r2, r2, r2, r2, r6, r2], &(0x7f0000000480)=[{0x2, 0x2, 0x8, 0x8}, {0x5, 0x4, 0x2, 0x8}, {0x1, 0x2, 0xb, 0x1}, {0x4, 0x1, 0x1, 0x6}, {0x4, 0x4, 0x9, 0x4}, {0x5, 0x3, 0xb, 0x7}, {0x1, 0x2, 0xf, 0x5}], 0x10, 0x8, @void, @value}, 0x94)
mq_open(&(0x7f0000000100)='-&,#&\'\x00', 0x800, 0x1, &(0x7f0000000600)={0x9, 0x0, 0xffffffffffff0061, 0x9}) (async)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r2, 0xc08c5334, &(0x7f0000000700)={0x400000, 0x0, 0x0, 'queue1\x00', 0x10001})
chmod(&(0x7f00000000c0)='./file0\x00', 0x10d)

46.163100321s ago: executing program 0 (id=947):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x3, @empty, 0x1}, 0x1c)
listen(r0, 0x3)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = dup(r3)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x10, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000430000000100002020702500000000002020207b1af8d34272ffe7855e889ef8043ac449ff00000000bfa100000060f78442010000f8ffffffb702000002000000b703004d7b1cfed4a628814941470502aa82748d0ebf7a9ee6c249cdc9f6b97f6e91c9b72999de982dd8eacdf0379c480a64902a55dea28c3cc278e375cdb7fb259c7058fc4044264c312daf7fd1a27170f5ad3970647218acdeb8b27967a220c658be84edc9bc66cd2ce2a41e7def0aba381e1faf834947d240b20e5e8892b8dc36feed0cdd04fde08a59d60fc54503ac1752a5dfe87dd4e7b3dbda2e0b1f01361b02b157248b7e79cd00", @ANYRES16=0x0], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000040)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r9 = syz_open_procfs(r6, &(0x7f0000000540)='net/ip_vs\x00')
r10 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mmap(&(0x7f000001a000/0x3000)=nil, 0x3000, 0xf, 0x11012, r10, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000004c0)={0xc})
pread64(r9, &(0x7f000001a240)=""/102400, 0x19000, 0x0)
syz_clone(0x903a5b80, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r4, 0xc0e05403, &(0x7f0000000000)={{0xffffffffffffffff, 0x2, 0xffffffff, 0x3, 0x6}, 0xf3d, 0x3, 'id1\x00', 'timer1\x00', 0x0, 0x10000, 0x1, 0x400, 0x77c1907b})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)

45.170983926s ago: executing program 0 (id=950):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f00000002c0)=@x86={0x46, 0x8, 0x9, 0x0, 0xfd9, 0x8, 0x4, 0xd, 0xf, 0x80, 0x7f, 0x6, 0x0, 0x4, 0x7, 0x7, 0x8, 0x0, 0x3, '\x00', 0x39, 0x9})
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f0000000140)={0xd0000, 0x0, [0xffffffffffffff80, 0x4, 0x8, 0x9, 0xfa3, 0x80000000000000, 0x1, 0x8000000000000000]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, 0xffffffffffffffff, 0x0)
r2 = dup(0xffffffffffffffff)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sendmsg$NFT_MSG_GETOBJ(r2, 0x0, 0x854)
r4 = syz_io_uring_setup(0x2e9d, &(0x7f0000000000)={0x0, 0x84c5, 0x40, 0x3, 0x6f}, &(0x7f0000000080), &(0x7f00000000c0))
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r4, 0x12, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0xffffffffffffffff, 0x32388177f2b2e9f4, &(0x7f0000000300)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x6, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
getsockopt$inet_mreqn(r2, 0x0, 0x0, &(0x7f0000000380)={@multicast2, @empty}, &(0x7f0000000400)=0xc)
r6 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000120a0500000000000000000003000006040000000900000000000097b1e201001100ffff00000000000000000000000acb76ee6551700100000000000000aeef42a669baefa72c3241046ae32b057f84e55d19c866a6faea01e6ce01649e4ef2aa56b2cec9f855"], 0x48}}, 0x80)
sendmsg$NFT_MSG_GETOBJ(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000150a0102000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x24040808)
sendmmsg$inet6(r6, &(0x7f0000000140), 0x0, 0x0)

44.882351867s ago: executing program 0 (id=953):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000))
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x0, 0x18c, 0x203, 0x0, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0xffffffff}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r5, &(0x7f0000000100)={{0x3, @default, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null]}, 0x48)
ioctl$SIOCAX25DELFWD(r5, 0x89eb, &(0x7f0000000040)={@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}})
close(r5)
openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
r6 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
read$FUSE(r6, &(0x7f0000001d40)={0x2020}, 0x2020)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r8}, 0x8)
ioctl$SIOCSIFHWADDR(r7, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})
socket$xdp(0x2c, 0x3, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8001, &(0x7f0000000000)=0x6, 0x8, 0x0)

43.927074844s ago: executing program 0 (id=955):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x75, 0x1c, 0x1, 0x10, 0xfe6, 0x9800, 0xd19a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x29, 0x2, 0x2, 0xb4, 0x8c, 0xbb, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000001b80)={{0x12, 0x1, 0x0, 0xd5, 0x7, 0xdf, 0x8, 0x10c4, 0x8244, 0xdc00, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3}}]}}]}}, 0x0)
munmap(&(0x7f0000799000/0x3000)=nil, 0x3000)
mmap(&(0x7f000079b000/0x1000)=nil, 0x1000, 0x0, 0x4100032, 0xffffffffffffffff, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, &(0x7f00000044c0)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="080180f6e0d1d1ab8c416fe58f0ba04c6184bfee30c02eee531aaf6863c3d26acfa4bd9642dd253611ac70abc646701468ffd246856be5d489c3fc4c13f57efe754874247e7ef2dd452318d21394a73d357cb39e2e0bf86cbda979626fa6250d2970b45634c6934caddfef8c44a91c103294948c43795240adb04587010448183e8c348da07ecdcbceca37d34a732cc59ec11c411b592c195e3aec9d9d639a8cb5ed9cb37fdb34662c1e3c3ffbc9877ccad30fc0", @ANYRESOCT=r0], 0x0})
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x40, 0x13, 0x6, @multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="60000000020601036c0000000e77000000000000050005000a000000050001000600000205000400000000000900020073797a320000000013000300686173683a6e65742c6966616365000014000780080006400000000008000840"], 0x60}}, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sysvipc/sem\x00', 0x0, 0x0)
pread64(r4, &(0x7f0000000080)=""/79, 0x4f, 0x7f)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0xf84}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00ed6a", 0xb, 0x2c, 0x0, @remote, @local, {[], {{0x2c00, 0x3, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
poll(&(0x7f0000000080)=[{r3, 0xa020}], 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r6 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
read$proc_mixer(r6, &(0x7f0000000200)=""/182, 0xb6)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48})

39.986470539s ago: executing program 0 (id=969):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, 0x0, 0x4040)
socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[], 0x26}}, 0x0)
ftruncate(0xffffffffffffffff, 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000004c0)={{0x7f, 0x45, 0x4c, 0x46, 0xc, 0x4, 0x1, 0x4, 0xe, 0x3, 0x3, 0xff, 0x5e, 0x40, 0x1dd, 0x9, 0xfb67, 0x38, 0x1, 0x0, 0xfc00, 0x81}, [{0x6, 0x81e4, 0x5, 0x3, 0x6, 0x400, 0x9, 0xfffffffffffff9e0}]}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
open(0x0, 0x8e8c0, 0x54)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000080))
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
mount_setattr(0xffffffffffffff9c, 0x0, 0x8000, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000140)='15', 0x2}], 0x8)

24.818564583s ago: executing program 32 (id=969):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, 0x0, 0x4040)
socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[], 0x26}}, 0x0)
ftruncate(0xffffffffffffffff, 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000004c0)={{0x7f, 0x45, 0x4c, 0x46, 0xc, 0x4, 0x1, 0x4, 0xe, 0x3, 0x3, 0xff, 0x5e, 0x40, 0x1dd, 0x9, 0xfb67, 0x38, 0x1, 0x0, 0xfc00, 0x81}, [{0x6, 0x81e4, 0x5, 0x3, 0x6, 0x400, 0x9, 0xfffffffffffff9e0}]}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
open(0x0, 0x8e8c0, 0x54)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000080))
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
mount_setattr(0xffffffffffffff9c, 0x0, 0x8000, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000140)='15', 0x2}], 0x8)

12.705055364s ago: executing program 2 (id=1056):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
r0 = syz_io_uring_setup(0x204, &(0x7f0000000480)={0x0, 0xf67c, 0x8}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0xa})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

6.727717943s ago: executing program 2 (id=1069):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IMADDTIMER(r3, 0x80044940, 0x0)
read(r3, &(0x7f00000019c0)=""/4107, 0x100b)

5.851222041s ago: executing program 1 (id=1073):
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x4533, 0x10900, 0x0, 0x3c8, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$sock_int(r5, 0x1, 0x2e, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r5, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @dev, 0x8}], 0x1c)
recvmsg(r5, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)

5.570830004s ago: executing program 2 (id=1074):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
quotactl$Q_QUOTAON(0xffffffff80000201, 0x0, 0x0, 0x0)
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000300)=ANY=[@ANYBLOB="010000000000000000002200000018000180140002007866"], 0x2c}}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r4)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x1})
syz_open_dev$sndctrl(0x0, 0x1, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSLCKTRMIOS(r6, 0x542f, 0x0)
r7 = socket(0x11, 0x800000003, 0x0)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x3}, 0x4)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_io_uring_submit(r5, 0x0, 0x0)

4.563193247s ago: executing program 2 (id=1077):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
syz_open_dev$video4linux(0x0, 0x0, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$binfmt_misc(r5, &(0x7f0000000080), 0xd)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
sendmsg$NFT_MSG_GETTABLE(r1, 0x0, 0x4044010)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000)=0xff, 0x4)
connect$inet6(r1, 0x0, 0xd7cc5d556c3ede87)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r7 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r7, &(0x7f0000002200), 0x10)

4.432018058s ago: executing program 1 (id=1078):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d530494e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8983, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000300)={0x200b, 0x1, {0x1, 0x2, 0x480000, 0x0, 0x5}, 0xe})
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff}, 0x111, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r6, 0xe737}}, 0x10)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="16000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f59190200867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r7, 0x560a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2, 0x83, 0x7})
execve(0x0, 0x0, 0x0)

3.423752964s ago: executing program 2 (id=1079):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2500000000000000000001000000000000000141000000"], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0)

3.320640855s ago: executing program 4 (id=1080):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0xffff, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x3f00, 0x4e23, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x4, 0x0, 0x1c, {[@window={0xa, 0x3}, @timestamp={0x5, 0xa, 0x0, 0x9}, @generic={0x2, 0x8, "d5883806416b"}]}}}}}}, 0x4e)

3.250266601s ago: executing program 1 (id=1081):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f00000000c0)={0x18, 0x0, {0x4, @broadcast, 'veth1_to_bridge\x00'}}, 0x1e)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0xfce1)

3.018018517s ago: executing program 1 (id=1083):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x2, 0x3, 0x1, 0x0, 0x43}]}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

2.982934524s ago: executing program 4 (id=1084):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x8, 0x0, 0xfffffffd}]}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
close_range(r2, 0xffffffffffffffff, 0x0)

2.952468579s ago: executing program 2 (id=1085):
creat(&(0x7f0000000180)='./file0\x00', 0x44)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

2.879319248s ago: executing program 3 (id=1086):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0xfffffffffffffffa, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

2.737994516s ago: executing program 3 (id=1087):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8401)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f00000008c0)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522)
ioctl$USBDEVFS_BULK(r0, 0x5523, 0x0)

2.195640285s ago: executing program 4 (id=1088):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x121000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000280))

2.111253597s ago: executing program 4 (id=1089):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000004000)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x4}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x24}, {0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8512}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x3bb, 0x0, 0x0, 0x0, 0x200}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x0, 0x0, 0x80000001}, {0x0, 0x0, 0x0, 0x2a}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2000}, {0x0, 0x200}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6c}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {0x58}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@gettaction={0x28, 0x32, 0x6dd711a25f4cb68b, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}]}, 0x28}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1)

2.060308219s ago: executing program 3 (id=1090):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000003d)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x3fffffffd, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r5, &(0x7f0000000440), 0x10)
listen(r5, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
futex(&(0x7f00000000c0)=0x1, 0x7, 0x2, &(0x7f0000000140)={0x77359400}, &(0x7f0000000180), 0x1)
writev(r6, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc02864ca, &(0x7f0000000340)={&(0x7f00000009c0), 0x0, 0x0, 0x0, 0x6})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r1, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000180)=[0x0, 0x0, <r7=>0x0], &(0x7f0000000040), 0x3})
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000440)=[0x0], &(0x7f0000000200), &(0x7f00000000c0)=[r7], &(0x7f0000000340)})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)

1.961198275s ago: executing program 1 (id=1091):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001a40))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000006b113e000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000380)=""/76}, 0x20)

1.187953898s ago: executing program 4 (id=1092):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
close_range(r0, 0xffffffffffffffff, 0x0)

975.067654ms ago: executing program 3 (id=1093):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x12, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x66, '\x00', 0x0, @cgroup_sock_addr=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc85, @void, @value}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$inet6(0xa, 0x200000000003, 0x87)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)

968.90049ms ago: executing program 1 (id=1094):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x63, 0x11, 0x3c}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100))
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000200)=[@acquire, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
lseek(0xffffffffffffffff, 0x851, 0x0)

840.551435ms ago: executing program 4 (id=1095):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3583], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000005c0)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61965b7e, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7f, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x199, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000], [0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x8000]}, 0x45c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000580)=0xc)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in=@loopback, 0x4e22, 0x0, 0x1, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x0, 0x6}, 0x2253, 0x6e6bb0}, {{@in6=@local, 0x4d2, 0x6c}, 0x0, @in6=@private2, 0x0, 0x0, 0x2}}, 0xe8)
openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSBRKP(r4, 0x5425, 0x2)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r5, 0x5408, &(0x7f0000000040)={0x1000, 0x10, 0x76, 0x9, 0x0, "23f555d9ad9506000000000000beaa82dc1ecf", 0xa4, 0xfffffffe})
ioctl$TIOCGPGRP(r4, 0x5437, 0x0)

659.284333ms ago: executing program 3 (id=1096):
syz_emit_ethernet(0x4e, &(0x7f0000000640)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, {[@timestamp_addr={0x44, 0x14, 0x5, 0x3, 0x0, [{@empty}, {@rand_addr=0x64010101}]}, @generic={0x83, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

658.758636ms ago: executing program 5 (id=1021):
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$nfc_llcp(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="280000001e000100000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="0452eaa787e61de54500000000000000"], 0x28}}, 0x0)
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xcb, &(0x7f00000004c0)={0x1, 0x0, 0xc0, 0x0, 0x2}, 0xc)
sendmmsg$unix(r1, &(0x7f00000003c0), 0x0, 0x0)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000080), 0x8, 0x0)
readv(r2, &(0x7f0000000000)=[{&(0x7f0000000200)=""/215, 0x7ffff000}], 0x6)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
signalfd4(r2, &(0x7f0000000040), 0x8, 0x0)
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xfffffffffffffffd, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8})
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x9, 0xecbad49e89450282)
r4 = syz_open_dev$dri(&(0x7f0000000040), 0x7bc, 0x22042)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r3, 0xc01064c1, &(0x7f0000000280))
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x9)
r6 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000540)={0x2020, 0x0, 0x0, <r7=>0x0}, 0x2020)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r4, 0xc01064c2, &(0x7f0000000100)={<r8=>0x0, 0x0, r6})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000140)={<r9=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r4, 0xc01864cd, &(0x7f0000000240)={&(0x7f00000001c0)=[0x0, r8, r9], &(0x7f0000000200)=[0x5, 0xffffffffffffffff, 0xdb7f, 0x699], 0x3, 0x1})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000000380)=[<r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x0, 0x7})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000500)={0x0, 0x1, &(0x7f0000000180)=[r10], &(0x7f00000000c0)=[0x2], &(0x7f0000000580), 0x0})
ioctl$HCIINQUIRY(r6, 0x800448f0, &(0x7f0000000480)={0x4, 0x4, "10943e", 0x8, 0x5})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r6)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f00000025c0)=ANY=[@ANYBLOB="defd785c", @ANYRES16=r7, @ANYBLOB="02167400002bbd7000fedbdf25370000000c009910070b000000000000080026006c0900000800270001d2ee0013147fb3b4b892acfc0dbb163b4f218bbfb847465700cdd69f4fe503746a7e3bd086cb7ffbe082159a6cd914d2b6417c8674a8026fe716c7ec41d28b5874406722b1f191896ddd21e44620612210691e3a5c037d518949015e"], 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x20040051)

0s ago: executing program 3 (id=1097):
socket$inet6(0xa, 0x3, 0x8000000003c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000200)="580000001500add427323b472545b4560a117fff0b0082001b59000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)

kernel console output (not intermixed with test programs):

[  208.778445][ T5920] usb 3-1: config 5 has no interface number 0
[  208.795651][ T7836] FAULT_INJECTION: forcing a failure.
[  208.795651][ T7836] name failslab, interval 1, probability 0, space 0, times 0
[  208.808883][ T5920] usb 3-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[  208.821500][ T5920] usb 3-1: config 5 interface 168 altsetting 7 bulk endpoint 0x8B has invalid maxpacket 1024
[  208.856158][ T7836] CPU: 1 UID: 0 PID: 7836 Comm: syz.4.538 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  208.866439][ T7836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  208.876504][ T7836] Call Trace:
[  208.879770][ T7836]  <TASK>
[  208.882688][ T7836]  dump_stack_lvl+0x16c/0x1f0
[  208.887370][ T7836]  should_fail_ex+0x497/0x5b0
[  208.892037][ T7836]  ? fs_reclaim_acquire+0xae/0x150
[  208.897158][ T7836]  should_failslab+0xc2/0x120
[  208.901823][ T7836]  __kmalloc_cache_noprof+0x68/0x410
[  208.907097][ T7836]  ? __genradix_ptr_alloc+0x32e/0x5d0
[  208.912457][ T7836]  sctp_auth_shkey_create+0x87/0x1f0
[  208.917729][ T7836]  sctp_auth_asoc_copy_shkeys+0x1f4/0x360
[  208.923437][ T7836]  sctp_association_new+0x1973/0x2ab0
[  208.928801][ T7836]  sctp_connect_new_asoc+0x1b7/0x790
[  208.934076][ T7836]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  208.939875][ T7836]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  208.945413][ T7836]  sctp_sendmsg+0x1610/0x1eb0
[  208.950074][ T7836]  ? avc_has_perm+0x11b/0x1c0
[  208.954747][ T7836]  ? __pfx_sctp_sendmsg+0x10/0x10
[  208.959760][ T7836]  ? __pfx_sock_has_perm+0x10/0x10
[  208.964873][ T7836]  ? __pfx_sctp_sendmsg+0x10/0x10
[  208.969884][ T7836]  inet_sendmsg+0x119/0x140
[  208.974380][ T7836]  __sys_sendto+0x42a/0x4f0
[  208.978880][ T7836]  ? __pfx___sys_sendto+0x10/0x10
[  208.983909][ T7836]  ? ksys_write+0x1ba/0x250
[  208.988394][ T7836]  ? __pfx_ksys_write+0x10/0x10
[  208.993233][ T7836]  __x64_sys_sendto+0xe0/0x1c0
[  208.997984][ T7836]  ? do_syscall_64+0x91/0x250
[  209.002675][ T7836]  ? lockdep_hardirqs_on+0x7c/0x110
[  209.007859][ T7836]  do_syscall_64+0xcd/0x250
[  209.012351][ T7836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.018230][ T7836] RIP: 0033:0x7fbbbe780809
[  209.022632][ T7836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.042397][ T7836] RSP: 002b:00007fbbbc5f6058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  209.050799][ T7836] RAX: ffffffffffffffda RBX: 00007fbbbe945fa0 RCX: 00007fbbbe780809
[  209.058772][ T7836] RDX: 0000000000034000 RSI: 0000000020000500 RDI: 0000000000000004
[  209.066741][ T7836] RBP: 00007fbbbc5f60a0 R08: 0000000020000000 R09: 0000000000000010
[  209.074706][ T7836] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  209.082675][ T7836] R13: 0000000000000000 R14: 00007fbbbe945fa0 R15: 00007ffc4ce2b008
[  209.090655][ T7836]  </TASK>
[  209.103255][ T5920] usb 3-1: config 5 interface 168 altsetting 7 endpoint 0x83 has invalid wMaxPacketSize 0
[  209.113254][ T5920] usb 3-1: config 5 interface 168 has no altsetting 0
[  209.123713][ T5920] usb 3-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[  209.173351][ T5920] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.246462][   T29] audit: type=1400 audit(1732696197.566:451): avc:  denied  { sqpoll } for  pid=7841 comm="syz.4.539" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  209.265729][ T5920] usb 3-1: Product: syz
[  209.275510][ T5920] usb 3-1: Manufacturer: syz
[  209.280301][ T5920] usb 3-1: SerialNumber: syz
[  209.285463][ T7835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.532'.
[  209.320529][ T7820] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  209.590731][ T1198] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  209.619128][ T7820] netlink: 'syz.2.534': attribute type 5 has an invalid length.
[  209.634868][ T7820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.646394][ T7820] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.375403][ T1198] usb 5-1: device descriptor read/64, error -71
[  210.456995][ T7854] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  210.474007][ T7854] qnx6: wrong signature (magic) in superblock #1.
[  210.497634][ T7854] qnx6: unable to read the first superblock
[  211.310352][ T1198] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  211.444175][ T1198] usb 5-1: device descriptor read/64, error -71
[  211.560780][ T1198] usb usb5-port1: attempt power cycle
[  211.920583][ T1198] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  213.516020][ T1198] usb 5-1: device not accepting address 19, error -71
[  213.856136][   T29] audit: type=1400 audit(1732696202.176:452): avc:  denied  { ioctl } for  pid=7867 comm="syz.4.545" path="socket:[17792]" dev="sockfs" ino=17792 ioctlcmd=0x7202 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  214.873183][ T7888] IPVS: stopping master sync thread 7889 ...
[  214.879653][ T7889] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0
[  214.988170][   T29] audit: type=1400 audit(1732696203.306:453): avc:  denied  { bind } for  pid=7893 comm="syz.0.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  215.095467][ T7898] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  215.106655][ T7898] qnx6: wrong signature (magic) in superblock #1.
[  215.115082][   T29] audit: type=1400 audit(1732696203.306:454): avc:  denied  { name_bind } for  pid=7893 comm="syz.0.552" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  215.139922][ T7898] qnx6: unable to read the first superblock
[  215.780923][ T7899] Invalid ELF header type: 10328 != 1
[  215.804645][ T5920] pn533_usb 3-1:5.168: NFC: Could not find bulk-in or bulk-out endpoint
[  215.815143][   T29] audit: type=1400 audit(1732696203.306:455): avc:  denied  { node_bind } for  pid=7893 comm="syz.0.552" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  217.104864][ T1198] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  217.136144][ T7924] syz.3.560 (7924): /proc/7921/oom_adj is deprecated, please use /proc/7921/oom_score_adj instead.
[  217.412915][   T29] audit: type=1400 audit(1732696205.736:456): avc:  denied  { watch watch_reads } for  pid=7926 comm="syz.3.561" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="tmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  217.500301][ T1198] usb 1-1: Using ep0 maxpacket: 8
[  217.748637][   T29] audit: type=1326 audit(1732696205.966:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7926 comm="syz.3.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc17b80809 code=0x7ffc0000
[  217.756899][ T1198] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  217.771900][    C1] vkms_vblank_simulate: vblank timer overrun
[  217.773397][   T29] audit: type=1326 audit(1732696205.966:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7926 comm="syz.3.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc17b80809 code=0x7ffc0000
[  217.811415][   T29] audit: type=1326 audit(1732696205.986:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7926 comm="syz.3.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdc17b7f170 code=0x7ffc0000
[  217.822414][ T1198] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  217.834688][   T29] audit: type=1326 audit(1732696205.986:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7926 comm="syz.3.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fdc17b82037 code=0x7ffc0000
[  217.834729][   T29] audit: type=1326 audit(1732696205.986:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7926 comm="syz.3.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdc17b80809 code=0x7ffc0000
[  217.834758][   T29] audit: type=1400 audit(1732696205.996:462): avc:  denied  { create } for  pid=7926 comm="syz.3.561" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  217.994835][ T1198] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  218.029507][ T1198] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  218.071668][ T1198] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  218.093600][ T1198] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.279523][ T7933] block device autoloading is deprecated and will be removed.
[  218.421932][ T1198] usb 1-1: GET_CAPABILITIES returned 0
[  218.437565][ T1198] usbtmc 1-1:16.0: can't read capabilities
[  218.781771][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  218.795531][ T5920] usb 1-1: USB disconnect, device number 19
[  218.948448][ T1198] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  219.190421][ T1198] usb 2-1: Using ep0 maxpacket: 8
[  219.201655][ T1198] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  219.209774][ T1198] usb 2-1: config 0 has no interface number 0
[  219.221566][ T1198] usb 2-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=f7.92
[  219.234592][ T1198] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.243070][ T1198] usb 2-1: Product: syz
[  219.247234][ T1198] usb 2-1: Manufacturer: syz
[  219.256324][ T1198] usb 2-1: SerialNumber: syz
[  219.262816][ T1198] usb 2-1: config 0 descriptor??
[  219.272103][ T1198] usb 2-1: selecting invalid altsetting 2
[  219.277855][ T1198] i2c-cp2615 2-1:0.1: probe with driver i2c-cp2615 failed with error -22
[  219.660400][ T5915] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  219.693880][ T5920] usb 3-1: USB disconnect, device number 20
[  219.708890][ T7958] overlay: ./file0 is not a directory
[  219.820348][ T5915] usb 4-1: Using ep0 maxpacket: 16
[  219.826904][ T5915] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  219.836392][ T5915] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  219.848570][ T5915] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  219.864984][ T5915] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  219.880316][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.891861][ T5915] usb 4-1: Product: syz
[  219.900433][ T5915] usb 4-1: Manufacturer: syz
[  219.905321][ T5915] usb 4-1: SerialNumber: syz
[  220.046717][ T7964] FAULT_INJECTION: forcing a failure.
[  220.046717][ T7964] name failslab, interval 1, probability 0, space 0, times 0
[  220.060489][ T7964] CPU: 1 UID: 0 PID: 7964 Comm: syz.2.568 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  220.070748][ T7964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  220.080808][ T7964] Call Trace:
[  220.084085][ T7964]  <TASK>
[  220.087017][ T7964]  dump_stack_lvl+0x16c/0x1f0
[  220.091710][ T7964]  should_fail_ex+0x497/0x5b0
[  220.096403][ T7964]  ? fs_reclaim_acquire+0xae/0x150
[  220.101523][ T7964]  should_failslab+0xc2/0x120
[  220.106208][ T7964]  __kmalloc_noprof+0xcb/0x510
[  220.110978][ T7964]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  220.114140][ T5915] usb 4-1: 0:2 : does not exist
[  220.116609][ T7964]  tomoyo_realpath_from_path+0xb9/0x720
[  220.127021][ T7964]  ? tomoyo_path_number_perm+0x235/0x590
[  220.132672][ T7964]  ? tomoyo_path_number_perm+0x235/0x590
[  220.138340][ T7964]  tomoyo_path_number_perm+0x248/0x590
[  220.143809][ T7964]  ? tomoyo_path_number_perm+0x235/0x590
[  220.149453][ T7964]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  220.155469][ T7964]  ? d_alloc_parallel+0x6b8/0x12b0
[  220.160602][ T7964]  tomoyo_path_mknod+0x10d/0x190
[  220.165554][ T7964]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[  220.171025][ T7964]  ? get_current_fs_domain+0x184/0x1f0
[  220.176515][ T7964]  security_path_mknod+0x161/0x310
[  220.181636][ T7964]  lookup_open.isra.0+0x54f/0x14c0
[  220.186766][ T7964]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  220.192360][ T7964]  ? damon_pa_migrate_folio_list+0x750/0xa10
[  220.198443][ T7964]  ? lock_acquire+0x2f/0xb0
[  220.202956][ T7964]  ? path_openat+0x153e/0x2d60
[  220.207735][ T7964]  ? damon_pa_migrate_folio_list+0x750/0xa10
[  220.213733][ T7964]  ? __pfx_down_write+0x10/0x10
[  220.218597][ T7964]  ? mnt_get_write_access+0x20c/0x300
[  220.223982][ T7964]  path_openat+0x904/0x2d60
[  220.228498][ T7964]  ? __pfx_path_openat+0x10/0x10
[  220.233447][ T7964]  ? __pfx___lock_acquire+0x10/0x10
[  220.238650][ T7964]  ? lock_acquire.part.0+0x11b/0x380
[  220.243945][ T7964]  ? find_held_lock+0x2d/0x110
[  220.248721][ T7964]  do_filp_open+0x20c/0x470
[  220.253237][ T7964]  ? __pfx_do_filp_open+0x10/0x10
[  220.258266][ T7964]  ? find_held_lock+0x2d/0x110
[  220.263053][ T7964]  ? _raw_spin_unlock+0x28/0x50
[  220.267910][ T7964]  ? alloc_fd+0x41f/0x760
[  220.272255][ T7964]  do_sys_openat2+0x17a/0x1e0
[  220.276945][ T7964]  ? __pfx_do_sys_openat2+0x10/0x10
[  220.282158][ T7964]  ? __fget_files+0x206/0x3a0
[  220.286850][ T7964]  __x64_sys_creat+0xcd/0x120
[  220.291541][ T7964]  ? __pfx___x64_sys_creat+0x10/0x10
[  220.296837][ T7964]  ? __pfx_ksys_write+0x10/0x10
[  220.301703][ T7964]  ? do_syscall_64+0x91/0x250
[  220.306402][ T7964]  do_syscall_64+0xcd/0x250
[  220.310922][ T7964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.316836][ T7964] RIP: 0033:0x7f1ff5b80809
[  220.321260][ T7964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.340884][ T7964] RSP: 002b:00007f1ff6a6d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  220.349322][ T7964] RAX: ffffffffffffffda RBX: 00007f1ff5d45fa0 RCX: 00007f1ff5b80809
[  220.357305][ T7964] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[  220.365287][ T7964] RBP: 00007f1ff6a6d0a0 R08: 0000000000000000 R09: 0000000000000000
[  220.373263][ T7964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.381587][ T7964] R13: 0000000000000000 R14: 00007f1ff5d45fa0 R15: 00007fffa0488178
[  220.389577][ T7964]  </TASK>
[  220.392608][    C1] vkms_vblank_simulate: vblank timer overrun
[  220.400401][ T7964] ERROR: Out of memory at tomoyo_realpath_from_path.
[  220.428994][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  220.429003][   T29] audit: type=1400 audit(1732696208.746:471): avc:  denied  { unmount } for  pid=5835 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  221.350672][   T29] audit: type=1326 audit(1732696209.666:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7970 comm="syz.4.571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbbe780809 code=0x7ffc0000
[  221.373932][    C1] vkms_vblank_simulate: vblank timer overrun
[  221.884199][   T29] audit: type=1326 audit(1732696209.666:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7970 comm="syz.4.571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbbbe780809 code=0x7ffc0000
[  221.904253][ T5915] usb 4-1: 1:0: failed to get current value for ch 0 (-22)
[  221.907493][    C1] vkms_vblank_simulate: vblank timer overrun
[  221.938488][ T5915] usb 4-1: USB disconnect, device number 21
[  222.307157][ T5920] usb 2-1: USB disconnect, device number 16
[  222.582779][ T5885] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  222.720814][ T5885] usb 3-1: device descriptor read/64, error -71
[  222.745020][ T8002] xt_cgroup: invalid path, errno=-2
[  222.758095][ T6055] udevd[6055]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  223.006704][ T5885] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  223.106211][ T8003] Invalid ELF header type: 10328 != 1
[  223.470754][ T5885] usb 3-1: device descriptor read/64, error -71
[  223.683883][ T5885] usb usb3-port1: attempt power cycle
[  223.739144][    T9] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  223.740498][ T8007] netlink: 12 bytes leftover after parsing attributes in process `syz.4.579'.
[  223.920330][    T9] usb 1-1: Using ep0 maxpacket: 16
[  223.929397][    T9] usb 1-1: config 5 has an invalid interface number: 168 but max is 0
[  223.937858][    T9] usb 1-1: config 5 has no interface number 0
[  223.961593][    T9] usb 1-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[  223.970391][ T8023] overlayfs: failed to resolve './file1': -2
[  223.973409][    T9] usb 1-1: config 5 interface 168 altsetting 7 bulk endpoint 0x8B has invalid maxpacket 1024
[  223.989702][    T9] usb 1-1: config 5 interface 168 altsetting 7 endpoint 0x83 has invalid wMaxPacketSize 0
[  223.999955][    T9] usb 1-1: config 5 interface 168 has no altsetting 0
[  224.026213][    T9] usb 1-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[  224.038882][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.047459][    T9] usb 1-1: Product: syz
[  224.053442][    T9] usb 1-1: Manufacturer: syz
[  224.058024][    T9] usb 1-1: SerialNumber: syz
[  224.075686][ T8005] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  224.083007][ T5885] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  224.114505][ T5885] usb 3-1: device descriptor read/8, error -71
[  224.195892][ T8029] netlink: 12 bytes leftover after parsing attributes in process `syz.1.586'.
[  224.298778][ T8005] netlink: 'syz.0.577': attribute type 5 has an invalid length.
[  224.316026][ T8005] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.333508][ T8005] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  224.360298][ T5885] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  224.380741][ T5885] usb 3-1: device descriptor read/8, error -71
[  224.490585][ T5885] usb usb3-port1: unable to enumerate USB device
[  225.156680][ T8046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.591'.
[  226.401641][ T8062] capability: warning: `syz.1.594' uses deprecated v2 capabilities in a way that may be insecure
[  226.670969][ T8073] netlink: 12 bytes leftover after parsing attributes in process `syz.1.597'.
[  227.036293][   T29] audit: type=1400 audit(1732696215.356:474): avc:  denied  { getopt } for  pid=8083 comm="syz.3.603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  227.217725][ T8081] netlink: 8 bytes leftover after parsing attributes in process `syz.4.601'.
[  227.440532][ T5915] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  227.603301][    T9] pn533_usb 1-1:5.168: NFC: Could not find bulk-in or bulk-out endpoint
[  227.621637][ T5915] usb 4-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  227.641991][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.650042][ T5915] usb 4-1: Product: syz
[  227.664007][    T9] usb 1-1: USB disconnect, device number 20
[  227.688833][ T5915] usb 4-1: Manufacturer: syz
[  227.696832][ T5915] usb 4-1: SerialNumber: syz
[  227.711937][ T5915] usb 4-1: config 0 descriptor??
[  227.809627][ T8111] FAULT_INJECTION: forcing a failure.
[  227.809627][ T8111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.847005][ T8111] CPU: 1 UID: 0 PID: 8111 Comm: syz.2.612 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  227.857293][ T8111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  227.867362][ T8111] Call Trace:
[  227.870660][ T8111]  <TASK>
[  227.873594][ T8111]  dump_stack_lvl+0x16c/0x1f0
[  227.878282][ T8111]  should_fail_ex+0x497/0x5b0
[  227.882978][ T8111]  _copy_from_user+0x2e/0xd0
[  227.887578][ T8111]  copy_msghdr_from_user+0x99/0x160
[  227.892783][ T8111]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  227.898607][ T8111]  ___sys_sendmsg+0xff/0x1e0
[  227.903205][ T8111]  ? __pfx____sys_sendmsg+0x10/0x10
[  227.908421][ T8111]  ? __pfx_lock_release+0x10/0x10
[  227.913461][ T8111]  ? trace_lock_acquire+0x146/0x1e0
[  227.918944][ T8111]  ? __fget_files+0x206/0x3a0
[  227.923633][ T8111]  __sys_sendmsg+0x16e/0x220
[  227.928240][ T8111]  ? __pfx___sys_sendmsg+0x10/0x10
[  227.933384][ T8111]  do_syscall_64+0xcd/0x250
[  227.937908][ T8111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.943835][ T8111] RIP: 0033:0x7f1ff5b80809
[  227.948267][ T8111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.967893][ T8111] RSP: 002b:00007f1ff6a6d058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  227.976318][ T8111] RAX: ffffffffffffffda RBX: 00007f1ff5d45fa0 RCX: 00007f1ff5b80809
[  227.984327][ T8111] RDX: 00000000000008d0 RSI: 0000000020002140 RDI: 0000000000000003
[  227.992318][ T8111] RBP: 00007f1ff6a6d0a0 R08: 0000000000000000 R09: 0000000000000000
[  228.000295][ T8111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.008271][ T8111] R13: 0000000000000000 R14: 00007f1ff5d45fa0 R15: 00007fffa0488178
[  228.016263][ T8111]  </TASK>
[  228.083643][ T8115] xt_cgroup: invalid path, errno=-2
[  228.097769][ T5885] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  228.121425][ T8119] warning: `syz.2.615' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  228.451201][   T29] audit: type=1400 audit(1732696216.766:475): avc:  denied  { mount } for  pid=8094 comm="syz.3.605" name="/" dev="configfs" ino=1129 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  228.766184][   T29] audit: type=1400 audit(1732696216.846:476): avc:  denied  { read } for  pid=8094 comm="syz.3.605" name="/" dev="configfs" ino=1129 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  228.800643][   T29] audit: type=1400 audit(1732696216.866:477): avc:  denied  { open } for  pid=8094 comm="syz.3.605" path="/92/file0" dev="configfs" ino=1129 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  228.825173][ T5885] usb 5-1: Using ep0 maxpacket: 32
[  228.841124][ T5885] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  228.855565][   T29] audit: type=1400 audit(1732696217.076:478): avc:  denied  { listen } for  pid=8121 comm="syz.2.616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  228.878272][ T5885] usb 5-1: config 0 has no interface number 0
[  228.890458][   T29] audit: type=1400 audit(1732696217.076:479): avc:  denied  { accept } for  pid=8121 comm="syz.2.616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  228.924372][ T5885] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  228.934226][   T29] audit: type=1400 audit(1732696217.086:480): avc:  denied  { mounton } for  pid=8094 comm="syz.3.605" path="/92/file0" dev="configfs" ino=1129 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  228.960341][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.971657][ T8125] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[  228.986048][ T5885] usb 5-1: Product: syz
[  228.986367][   T29] audit: type=1400 audit(1732696217.236:481): avc:  denied  { create } for  pid=8123 comm="syz.0.617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  228.998266][ T5885] usb 5-1: Manufacturer: syz
[  229.010717][   T29] audit: type=1400 audit(1732696217.306:482): avc:  denied  { relabelto } for  pid=8123 comm="syz.0.617" name="cgroup.procs" dev="cgroup" ino=178 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0"
[  229.022117][ T5885] usb 5-1: SerialNumber: syz
[  229.042222][   T29] audit: type=1400 audit(1732696217.306:483): avc:  denied  { associate } for  pid=8123 comm="syz.0.617" name="cgroup.procs" dev="cgroup" ino=178 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:semanage_exec_t:s0"
[  229.088058][ T5885] usb 5-1: config 0 descriptor??
[  229.106717][ T5885] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  229.313182][ T5885] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  229.326226][ T5885] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  229.551371][ T8139] Invalid ELF header type: 10328 != 1
[  229.775649][ T8106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.820532][ T8106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  229.867340][ T5915] usb 4-1: f81604_read: reg: 200f failed: -EPROTO
[  229.886548][ T5915] usb 4-1: USB disconnect, device number 22
[  229.919293][ T5915] usb 4-1: f81604_read: reg: 100f failed: -ENODEV
[  229.983404][ T5915] usb 4-1: f81604_read: reg: 200f failed: -ENODEV
[  230.035060][ T8149] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  230.107664][ T8109] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present
[  230.117023][ T8109] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1)
[  230.330506][ T5885] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  230.490459][ T5885] usb 3-1: Using ep0 maxpacket: 16
[  230.509227][ T5885] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  230.533307][ T5885] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  230.562644][ T5885] usb 3-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  230.640421][ T5885] usb 3-1: config 0 interface 0 has no altsetting 0
[  230.712068][ T5885] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  230.954713][ T5885] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.963851][ T5885] usb 3-1: Product: syz
[  230.968123][ T5885] usb 3-1: Manufacturer: syz
[  230.973778][ T5885] usb 3-1: SerialNumber: syz
[  230.982081][ T5885] usb 3-1: config 0 descriptor??
[  231.627166][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  231.627467][ T5920] usb 5-1: USB disconnect, device number 22
[  231.696478][ T5920] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  231.749771][   T47] usb 3-1: USB disconnect, device number 25
[  231.794990][ T5920] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  231.840892][ T5920] quatech2 5-1:0.51: device disconnected
[  232.430754][ T5883] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  232.834820][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  232.834854][   T29] audit: type=1400 audit(1732696220.566:485): avc:  denied  { bind } for  pid=8200 comm="syz.4.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  232.861489][   T29] audit: type=1400 audit(1732696221.076:486): avc:  denied  { create } for  pid=8200 comm="syz.4.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  233.177157][   T29] audit: type=1400 audit(1732696221.496:487): avc:  denied  { ioctl } for  pid=8210 comm="syz.2.634" path="socket:[18569]" dev="sockfs" ino=18569 ioctlcmd=0x894b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  233.796076][ T5883] usb 4-1: Using ep0 maxpacket: 8
[  234.000067][ T8220] xt_cgroup: invalid path, errno=-2
[  234.382258][ T5883] usb 4-1: unable to get BOS descriptor or descriptor too short
[  234.390337][ T5920] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  234.399726][ T5883] usb 4-1: config 8 has an invalid interface number: 24 but max is 0
[  234.427417][ T5883] usb 4-1: config 8 has no interface number 0
[  234.738003][ T5883] usb 4-1: config 8 interface 24 altsetting 2 endpoint 0xE has invalid maxpacket 1535, setting to 1024
[  234.749507][ T5883] usb 4-1: config 8 interface 24 altsetting 2 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  234.760977][ T5883] usb 4-1: config 8 interface 24 has no altsetting 0
[  234.770297][ T5883] usb 4-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af
[  234.779380][ T5883] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.788224][ T5883] usb 4-1: Product: syz
[  234.792467][ T5883] usb 4-1: Manufacturer: syz
[  234.797061][ T5883] usb 4-1: SerialNumber: syz
[  234.804996][ T8198] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  234.841506][ T5920] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  234.852419][ T5920] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  234.865376][ T5920] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  234.874432][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.888767][   T29] audit: type=1400 audit(1732696223.206:488): avc:  denied  { ioctl } for  pid=8221 comm="syz.2.637" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  235.041153][ T5920] usb 5-1: config 0 descriptor??
[  235.049962][ T5920] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  235.682046][ T5883] comedi comedi0: driver 'vmk80xx' has successfully auto-configured 'K8055 (VM110)'.
[  235.694548][ T5883] usb 4-1: USB disconnect, device number 23
[  235.884331][   T29] audit: type=1400 audit(1732696224.206:489): avc:  denied  { read write } for  pid=8228 comm="syz.3.639" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  236.068145][   T29] audit: type=1400 audit(1732696224.236:490): avc:  denied  { open } for  pid=8228 comm="syz.3.639" path="/96/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  237.520333][   T29] audit: type=1400 audit(1732696225.836:491): avc:  denied  { unmount } for  pid=5842 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  238.307642][ T8255] kAFS: unable to lookup cell ''
[  238.366699][   T29] audit: type=1400 audit(1732696226.686:492): avc:  denied  { read write } for  pid=8257 comm="syz.3.645" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  238.428267][    T9] usb 5-1: USB disconnect, device number 23
[  238.434430][   T29] audit: type=1400 audit(1732696226.686:493): avc:  denied  { open } for  pid=8257 comm="syz.3.645" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  238.487593][   T29] audit: type=1400 audit(1732696226.716:494): avc:  denied  { map } for  pid=8257 comm="syz.3.645" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  238.597733][ T8265] xt_cgroup: invalid path, errno=-2
[  238.693177][   T29] audit: type=1400 audit(1732696226.716:495): avc:  denied  { execute } for  pid=8257 comm="syz.3.645" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  239.114370][   T29] audit: type=1400 audit(1732696226.716:496): avc:  denied  { setopt } for  pid=8242 comm="syz.1.643" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  239.209476][ T8269] binder: 8268:8269 ioctl c0306201 20000c80 returned -14
[  239.218578][   T29] audit: type=1400 audit(1732696227.526:497): avc:  denied  { ioctl } for  pid=8268 comm="syz.0.650" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  239.418071][ T8275] FAULT_INJECTION: forcing a failure.
[  239.418071][ T8275] name failslab, interval 1, probability 0, space 0, times 0
[  239.446681][ T8267] netlink: 16 bytes leftover after parsing attributes in process `syz.4.649'.
[  239.475432][ T8275] CPU: 0 UID: 0 PID: 8275 Comm: syz.0.651 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  239.485730][ T8275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  239.495806][ T8275] Call Trace:
[  239.499092][ T8275]  <TASK>
[  239.502028][ T8275]  dump_stack_lvl+0x16c/0x1f0
[  239.506723][ T8275]  should_fail_ex+0x497/0x5b0
[  239.511427][ T8275]  ? fs_reclaim_acquire+0xae/0x150
[  239.516560][ T8275]  should_failslab+0xc2/0x120
[  239.521260][ T8275]  __kmalloc_noprof+0xcb/0x510
[  239.526039][ T8275]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  239.531690][ T8275]  tomoyo_realpath_from_path+0xb9/0x720
[  239.537261][ T8275]  ? tomoyo_path_number_perm+0x235/0x590
[  239.542911][ T8275]  ? tomoyo_path_number_perm+0x235/0x590
[  239.548563][ T8275]  tomoyo_path_number_perm+0x248/0x590
[  239.554035][ T8275]  ? tomoyo_path_number_perm+0x235/0x590
[  239.559689][ T8275]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  239.565715][ T8275]  ? __pfx_lock_release+0x10/0x10
[  239.570754][ T8275]  ? trace_lock_acquire+0x146/0x1e0
[  239.575976][ T8275]  ? lock_acquire+0x2f/0xb0
[  239.580491][ T8275]  ? __fget_files+0x40/0x3a0
[  239.585094][ T8275]  ? __fget_files+0x206/0x3a0
[  239.589791][ T8275]  security_file_ioctl+0x9b/0x240
[  239.594845][ T8275]  __x64_sys_ioctl+0xb7/0x200
[  239.599547][ T8275]  do_syscall_64+0xcd/0x250
[  239.604071][ T8275]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.609972][ T8275] RIP: 0033:0x7fe620980809
[  239.614389][ T8275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.634021][ T8275] RSP: 002b:00007fe621848058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  239.642448][ T8275] RAX: ffffffffffffffda RBX: 00007fe620b45fa0 RCX: 00007fe620980809
[  239.650425][ T8275] RDX: 0000000020000c80 RSI: 00000000c0306201 RDI: 0000000000000004
[  239.658401][ T8275] RBP: 00007fe6218480a0 R08: 0000000000000000 R09: 0000000000000000
[  239.666373][ T8275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.674350][ T8275] R13: 0000000000000000 R14: 00007fe620b45fa0 R15: 00007ffc60df41d8
[  239.682340][ T8275]  </TASK>
[  239.811736][ T8275] ERROR: Out of memory at tomoyo_realpath_from_path.
[  239.818546][ T8275] binder: 8274:8275 ioctl c0306201 20000c80 returned -14
[  240.680384][ T5883] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[  240.688803][ T5832] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  241.283547][ T5883] usb 2-1: config 4 has an invalid interface number: 231 but max is 0
[  241.310378][   T29] audit: type=1400 audit(1732696229.596:498): avc:  denied  { create } for  pid=8295 comm="syz.4.659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  241.334990][ T5883] usb 2-1: config 4 has no interface number 0
[  241.341803][   T29] audit: type=1400 audit(1732696229.596:499): avc:  denied  { connect } for  pid=8295 comm="syz.4.659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  241.363180][ T5832] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  241.372389][ T5832] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  241.384887][ T5883] usb 2-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  241.394188][ T5832] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  241.403933][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.415132][ T5883] usb 2-1: Product: syz
[  241.419368][ T5832] usb 4-1: config 1 has no interface number 1
[  241.429688][ T5883] usb 2-1: Manufacturer: syz
[  241.436512][ T5832] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  241.450666][ T5883] usb 2-1: SerialNumber: syz
[  241.459585][ T5883] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  241.469563][ T5832] usb 4-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  241.487533][ T5832] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  241.499680][ T5832] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.648252][ T5832] usb 4-1: Product: syz
[  241.652569][ T5832] usb 4-1: Manufacturer: syz
[  241.657205][ T5832] usb 4-1: SerialNumber: syz
[  241.883986][ T5883] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  241.898118][ T5883] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  241.910367][ T5832] usb 4-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  241.917950][ T5832] usb 4-1: MIDIStreaming interface descriptor not found
[  242.694009][ T5832] usb 4-1: USB disconnect, device number 24
[  242.726391][ T8311] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  242.927766][ T8317] syz.0.662: attempt to access beyond end of device
[  242.927766][ T8317] loop0: rw=0, sector=16, nr_sectors = 1 limit=0
[  242.941361][ T8317] qnx6: unable to read the first superblock
[  242.947346][ T8317] syz.0.662: attempt to access beyond end of device
[  242.947346][ T8317] loop0: rw=0, sector=0, nr_sectors = 1 limit=0
[  242.960117][ T8317] qnx6: unable to read the first superblock
[  242.966085][ T8317] qnx6: unable to read the first superblock
[  243.092701][ T6466] udevd[6466]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  243.460366][    T9] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  243.510309][ T5915] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  243.600424][    T9] usb 5-1: device descriptor read/64, error -71
[  243.660330][ T5915] usb 4-1: Using ep0 maxpacket: 16
[  243.682532][ T5915] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  243.750455][ T5915] usb 4-1: config 0 has no interface number 0
[  243.765349][ T5915] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  243.777892][    T8] usb 2-1: USB disconnect, device number 17
[  243.792627][ T5915] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  243.811083][ T5915] usb 4-1: config 0 interface 41 has no altsetting 0
[  243.822198][ T5915] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  243.831975][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.850367][ T5915] usb 4-1: Product: syz
[  243.854735][ T5915] usb 4-1: Manufacturer: syz
[  243.859725][ T5915] usb 4-1: SerialNumber: syz
[  243.878618][    T9] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  243.899181][ T5915] usb 4-1: config 0 descriptor??
[  243.919547][ T8323] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  243.937437][ T8323] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  244.251509][ T8323] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.603461][    T9] usb 5-1: device descriptor read/64, error -71
[  244.676200][ T8323] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  244.710728][    T9] usb usb5-port1: attempt power cycle
[  244.792409][ T8335] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  244.799650][ T8335] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  245.050568][    T9] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  245.077570][    T9] usb 5-1: device descriptor read/8, error -71
[  245.140725][    T8] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  245.212544][   T29] audit: type=1400 audit(1732696233.536:500): avc:  denied  { create } for  pid=8344 comm="syz.0.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  245.223384][ T5915] CoreChips 4-1:0.41: probe with driver CoreChips failed with error -32
[  245.320424][    T9] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  245.329286][    T8] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  245.342052][    T8] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  245.363757][    T8] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  245.376904][    T9] usb 5-1: device descriptor read/8, error -71
[  245.383314][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  245.391812][    T8] usb 2-1: SerialNumber: syz
[  245.534627][    T9] usb usb5-port1: unable to enumerate USB device
[  246.022793][ T8353] FAULT_INJECTION: forcing a failure.
[  246.022793][ T8353] name failslab, interval 1, probability 0, space 0, times 0
[  246.035805][ T8353] CPU: 1 UID: 0 PID: 8353 Comm: syz.0.674 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  246.046044][ T8353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  246.056095][ T8353] Call Trace:
[  246.059367][ T8353]  <TASK>
[  246.062304][ T8353]  dump_stack_lvl+0x16c/0x1f0
[  246.066990][ T8353]  should_fail_ex+0x497/0x5b0
[  246.071676][ T8353]  ? fs_reclaim_acquire+0xae/0x150
[  246.076785][ T8353]  should_failslab+0xc2/0x120
[  246.081465][ T8353]  __kmalloc_node_noprof+0xd1/0x510
[  246.086666][ T8353]  ? lockdep_init_map_type+0x16d/0x7d0
[  246.092123][ T8353]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  246.097584][ T8353]  __kvmalloc_node_noprof+0xad/0x1a0
[  246.102877][ T8353]  v4l2_ctrl_handler_init_class+0x1fc/0x340
[  246.108783][ T8353]  vicodec_open+0x1b3/0xf80
[  246.113305][ T8353]  v4l2_open+0x222/0x490
[  246.117547][ T8353]  ? __pfx_v4l2_open+0x10/0x10
[  246.122308][ T8353]  chrdev_open+0x237/0x6a0
[  246.126733][ T8353]  ? __pfx_chrdev_open+0x10/0x10
[  246.131682][ T8353]  do_dentry_open+0xf59/0x1ea0
[  246.136447][ T8353]  ? __pfx_chrdev_open+0x10/0x10
[  246.141471][ T8353]  ? inode_permission+0xdd/0x5f0
[  246.146410][ T8353]  vfs_open+0x82/0x3f0
[  246.150480][ T8353]  ? may_open+0x1f2/0x400
[  246.154817][ T8353]  path_openat+0x1e6a/0x2d60
[  246.159413][ T8353]  ? __pfx_path_openat+0x10/0x10
[  246.164348][ T8353]  ? __pfx___lock_acquire+0x10/0x10
[  246.169543][ T8353]  ? lock_acquire.part.0+0x11b/0x380
[  246.174828][ T8353]  ? find_held_lock+0x2d/0x110
[  246.179596][ T8353]  do_filp_open+0x20c/0x470
[  246.184101][ T8353]  ? __pfx_do_filp_open+0x10/0x10
[  246.189123][ T8353]  ? find_held_lock+0x2d/0x110
[  246.193911][ T8353]  ? alloc_fd+0x41f/0x760
[  246.198245][ T8353]  do_sys_openat2+0x17a/0x1e0
[  246.202924][ T8353]  ? __pfx_do_sys_openat2+0x10/0x10
[  246.208124][ T8353]  ? __fget_files+0x206/0x3a0
[  246.212805][ T8353]  __x64_sys_openat+0x175/0x210
[  246.217667][ T8353]  ? __pfx___x64_sys_openat+0x10/0x10
[  246.223041][ T8353]  ? ksys_write+0x1ba/0x250
[  246.227552][ T8353]  do_syscall_64+0xcd/0x250
[  246.232064][ T8353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.237958][ T8353] RIP: 0033:0x7fe620980809
[  246.242393][ T8353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.262007][ T8353] RSP: 002b:00007fe621806058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  246.270428][ T8353] RAX: ffffffffffffffda RBX: 00007fe620b46160 RCX: 00007fe620980809
[  246.278484][ T8353] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  246.286441][ T8353] RBP: 00007fe6218060a0 R08: 0000000000000000 R09: 0000000000000000
[  246.294398][ T8353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.302363][ T8353] R13: 0000000000000000 R14: 00007fe620b46160 R15: 00007ffc60df41d8
[  246.310344][ T8353]  </TASK>
[  246.317213][   T29] audit: type=1400 audit(1732696234.336:501): avc:  denied  { bind } for  pid=8350 comm="syz.0.674" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  246.375150][ T8354] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  246.438250][    T8] usb 2-1: 0:2 : does not exist
[  246.453699][    T8] usb 2-1: USB disconnect, device number 18
[  246.638613][ T6055] udevd[6055]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  246.775260][ T8363] netlink: 24 bytes leftover after parsing attributes in process `syz.4.677'.
[  247.668509][    T8] usb 4-1: USB disconnect, device number 25
[  248.030364][   T47] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  248.271632][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  248.282884][   T29] audit: type=1400 audit(1732696236.606:502): avc:  denied  { read } for  pid=8382 comm="syz.2.683" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  248.285278][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  248.405585][ T8384] netlink: 68 bytes leftover after parsing attributes in process `syz.2.683'.
[  248.550437][ T5920] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  249.063045][   T29] audit: type=1400 audit(1732696236.606:503): avc:  denied  { open } for  pid=8382 comm="syz.2.683" path="/dev/ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  249.130514][   T47] usb 5-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.00
[  249.156510][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.164803][   T29] audit: type=1400 audit(1732696236.636:504): avc:  denied  { ioctl } for  pid=8382 comm="syz.2.683" path="/dev/ptp0" dev="devtmpfs" ino=1265 ioctlcmd=0x3d04 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  249.191453][   T47] usb 5-1: config 0 descriptor??
[  249.286043][ T5920] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  249.303534][ T5920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.352320][ T5920] usb 2-1: Product: syz
[  249.379077][ T5920] usb 2-1: Manufacturer: syz
[  249.391669][ T5920] usb 2-1: SerialNumber: syz
[  249.404414][ T5920] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  249.415108][   T47] appletouch 5-1:0.0: Failed to read mode from device.
[  249.429755][ T5883] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  249.451779][   T47] appletouch 5-1:0.0: probe with driver appletouch failed with error -5
[  249.470874][   T29] audit: type=1400 audit(1732696237.736:505): avc:  denied  { read } for  pid=8375 comm="syz.4.681" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  249.490548][   T47] usb 5-1: USB disconnect, device number 28
[  249.647568][ T8380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.674725][ T8380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.716325][   T47] usb 2-1: USB disconnect, device number 19
[  250.016667][   T29] audit: type=1400 audit(1732696238.336:506): avc:  denied  { append } for  pid=8390 comm="syz.2.684" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  250.490326][ T5883] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  250.518614][ T5883] ath9k_htc: Failed to initialize the device
[  250.541753][   T47] usb 2-1: ath9k_htc: USB layer deinitialized
[  253.660723][ T8444] Invalid ELF header type: 10328 != 1
[  253.677930][   T29] audit: type=1400 audit(1732696240.676:507): avc:  denied  { setopt } for  pid=8424 comm="syz.4.694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  253.766428][   T29] audit: type=1400 audit(1732696241.526:508): avc:  denied  { create } for  pid=8434 comm="syz.1.692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  254.062966][ T8448] overlayfs: failed to resolve './file1': -2
[  255.678161][ T8464] xt_cgroup: invalid path, errno=-2
[  255.769521][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  255.817634][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  255.885504][ T5883] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  256.457480][ T5883] usb 5-1: Using ep0 maxpacket: 32
[  256.465601][ T5883] usb 5-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b
[  256.477578][ T5883] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.489465][ T5883] usb 5-1: Product: syz
[  256.489992][ T8476] FAULT_INJECTION: forcing a failure.
[  256.489992][ T8476] name failslab, interval 1, probability 0, space 0, times 0
[  256.493866][ T5883] usb 5-1: Manufacturer: syz
[  256.511445][ T5883] usb 5-1: SerialNumber: syz
[  256.520826][ T8476] CPU: 1 UID: 0 PID: 8476 Comm: syz.2.707 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  256.531111][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  256.541167][ T8476] Call Trace:
[  256.544456][ T8476]  <TASK>
[  256.547387][ T8476]  dump_stack_lvl+0x16c/0x1f0
[  256.552090][ T8476]  should_fail_ex+0x497/0x5b0
[  256.556788][ T8476]  ? fs_reclaim_acquire+0xae/0x150
[  256.561908][ T8476]  should_failslab+0xc2/0x120
[  256.566593][ T8476]  __kmalloc_noprof+0xcb/0x510
[  256.571361][ T8476]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  256.577009][ T8476]  tomoyo_realpath_from_path+0xb9/0x720
[  256.582569][ T8476]  ? tomoyo_path_number_perm+0x235/0x590
[  256.588216][ T8476]  ? tomoyo_path_number_perm+0x235/0x590
[  256.593871][ T8476]  tomoyo_path_number_perm+0x248/0x590
[  256.599331][ T8476]  ? tomoyo_path_number_perm+0x235/0x590
[  256.604965][ T8476]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  256.610969][ T8476]  ? __pfx_lock_release+0x10/0x10
[  256.615991][ T8476]  ? trace_lock_acquire+0x146/0x1e0
[  256.621201][ T8476]  ? lock_acquire+0x2f/0xb0
[  256.625715][ T8476]  ? __fget_files+0x40/0x3a0
[  256.630319][ T8476]  ? __fget_files+0x206/0x3a0
[  256.635013][ T8476]  security_file_ioctl+0x9b/0x240
[  256.640061][ T8476]  __x64_sys_ioctl+0xb7/0x200
[  256.644758][ T8476]  do_syscall_64+0xcd/0x250
[  256.649286][ T8476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.655183][ T8476] RIP: 0033:0x7f1ff5b80809
[  256.659605][ T8476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.679227][ T8476] RSP: 002b:00007f1ff6a6d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  256.687651][ T8476] RAX: ffffffffffffffda RBX: 00007f1ff5d45fa0 RCX: 00007f1ff5b80809
[  256.695622][ T8476] RDX: 0000000020000140 RSI: 000000004008af25 RDI: 0000000000000003
[  256.703590][ T8476] RBP: 00007f1ff6a6d0a0 R08: 0000000000000000 R09: 0000000000000000
[  256.711572][ T8476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.719537][ T8476] R13: 0000000000000000 R14: 00007f1ff5d45fa0 R15: 00007fffa0488178
[  256.727519][ T8476]  </TASK>
[  256.735274][ T5883] usb 5-1: config 0 descriptor??
[  256.752496][ T5883] usb 5-1: active config #0 != 1 ??
[  256.775946][ T8476] ERROR: Out of memory at tomoyo_realpath_from_path.
[  256.956598][ T8484] autofs: Unknown parameter './file1'
[  256.994012][   T29] audit: type=1400 audit(1732696245.316:509): avc:  denied  { mounton } for  pid=8482 comm="syz.3.709" path="/106/file1/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  257.050241][   T29] audit: type=1400 audit(1732696245.316:510): avc:  denied  { mounton } for  pid=8482 comm="syz.3.709" path="/106/file1/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  257.210325][   T29] audit: type=1400 audit(1732696245.416:511): avc:  denied  { unmount } for  pid=5842 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  257.263744][ T8496] overlayfs: failed to resolve './file1': -2
[  257.382013][   T29] audit: type=1400 audit(1732696245.676:512): avc:  denied  { ioctl } for  pid=8492 comm="syz.2.713" path="socket:[19132]" dev="sockfs" ino=19132 ioctlcmd=0x89eb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  258.212398][ T8507] netlink: 68 bytes leftover after parsing attributes in process `syz.3.715'.
[  259.099523][    T8] usb 5-1: USB disconnect, device number 29
[  259.512154][ T8516] xt_cgroup: invalid path, errno=-2
[  259.826683][ T8518] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  260.803973][   T29] audit: type=1400 audit(1732696249.126:513): avc:  denied  { setattr } for  pid=8523 comm="syz.4.722" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  260.890274][ T5832] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  261.070445][ T5832] usb 3-1: Using ep0 maxpacket: 16
[  261.565387][ T5832] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  261.583665][ T5832] usb 3-1: config 0 has no interfaces?
[  261.594253][ T5832] usb 3-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d
[  261.603721][ T5832] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.615997][ T5832] usb 3-1: Product: syz
[  261.620830][ T5832] usb 3-1: Manufacturer: syz
[  261.625720][ T5832] usb 3-1: SerialNumber: syz
[  261.637840][ T5832] usb 3-1: config 0 descriptor??
[  261.676842][ T8534] bridge: RTM_NEWNEIGH with invalid ether address
[  261.909653][ T8539] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  261.931669][ T8539] qnx6: wrong signature (magic) in superblock #1.
[  261.938404][ T8539] qnx6: unable to read the first superblock
[  262.404584][ T8546] overlayfs: failed to resolve './file1': -2
[  262.980316][    T8] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  263.792335][ T8553] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  263.818212][ T8553] qnx6: wrong signature (magic) in superblock #1.
[  263.830297][    T8] usb 5-1: Using ep0 maxpacket: 32
[  263.841818][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  263.861276][    T8] usb 5-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  264.827296][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.949723][    T8] usb 5-1: config 0 descriptor??
[  265.109371][ T8560] netlink: 68 bytes leftover after parsing attributes in process `syz.0.728'.
[  265.407987][ T8553] qnx6: unable to read the first superblock
[  265.435829][    T8] usb 5-1: can't set config #0, error -71
[  265.442034][ T5832] usb 3-1: USB disconnect, device number 26
[  265.749134][    T8] usb 5-1: USB disconnect, device number 30
[  267.649248][ T8580] netlink: 4 bytes leftover after parsing attributes in process `syz.3.736'.
[  267.862752][   T29] audit: type=1400 audit(1732696256.166:514): avc:  denied  { create } for  pid=8584 comm="syz.0.731" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  267.882307][   T29] audit: type=1400 audit(1732696256.176:515): avc:  denied  { bind } for  pid=8584 comm="syz.0.731" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  267.912863][ T8591] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  268.112177][ T8598] xt_cgroup: invalid path, errno=-2
[  268.632913][   T29] audit: type=1400 audit(1732696256.956:516): avc:  denied  { connect } for  pid=8567 comm="syz.1.734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  268.715632][ T8600] Invalid ELF header type: 10328 != 1
[  269.678237][   T29] audit: type=1400 audit(1732696257.996:517): avc:  denied  { create } for  pid=8607 comm="syz.4.744" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  269.744742][   T29] audit: type=1400 audit(1732696258.066:518): avc:  denied  { create } for  pid=8607 comm="syz.4.744" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  270.022622][ T8618] netlink: 80 bytes leftover after parsing attributes in process `syz.4.744'.
[  270.043918][   T29] audit: type=1400 audit(1732696258.366:519): avc:  denied  { setattr } for  pid=8616 comm="syz.3.747" name="task" dev="proc" ino=20269 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  270.570431][ T5885] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  270.871586][ T5885] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  270.884282][ T5885] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  270.896116][ T5885] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  270.905979][ T5885] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.916854][ T8617] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  270.926104][ T5885] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  271.238904][ T5885] usb 4-1: USB disconnect, device number 26
[  271.263728][ T8633] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  271.283388][ T8633] qnx6: wrong signature (magic) in superblock #1.
[  271.289857][ T8633] qnx6: unable to read the first superblock
[  272.170289][   T29] audit: type=1326 audit(1732696260.466:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8644 comm="syz.3.754" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdc17b80809 code=0x0
[  272.205855][ T8646] trusted_key: encrypted_key: hex blob is missing
[  272.905552][   T29] audit: type=1400 audit(1732696261.226:521): avc:  denied  { write } for  pid=8652 comm="syz.0.755" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  273.628283][    T8] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  273.792700][    T8] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  273.809029][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  273.854173][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  273.885540][    T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  273.918937][    T8] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  273.930263][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.981057][    T8] usb 5-1: config 0 descriptor??
[  274.207301][   T29] audit: type=1400 audit(1732696262.506:522): avc:  denied  { map } for  pid=8664 comm="syz.3.758" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  274.732359][   T29] audit: type=1400 audit(1732696262.506:523): avc:  denied  { execute } for  pid=8664 comm="syz.3.758" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  274.773655][   T29] audit: type=1400 audit(1732696263.096:524): avc:  denied  { setopt } for  pid=8669 comm="syz.2.761" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  274.860703][ T8673] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  274.892019][ T8673] qnx6: wrong signature (magic) in superblock #1.
[  274.898476][ T8673] qnx6: unable to read the first superblock
[  274.977318][   T29] audit: type=1400 audit(1732696263.296:525): avc:  denied  { append } for  pid=8674 comm="syz.2.763" name="card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  274.999777][    T8] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[  275.012473][ T8678] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  275.023210][    T8] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  275.844136][    T8] usb 5-1: USB disconnect, device number 31
[  276.131919][ T5915] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  276.300485][ T5915] usb 3-1: Using ep0 maxpacket: 8
[  276.307036][ T5915] usb 3-1: config 0 has an invalid interface number: 206 but max is 0
[  276.325614][ T5915] usb 3-1: config 0 has no interface number 0
[  276.332205][ T5915] usb 3-1: config 0 interface 206 has no altsetting 0
[  276.340443][ T5885] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  276.356299][ T5915] usb 3-1: New USB device found, idVendor=19d2, idProduct=1278, bcdDevice=8b.94
[  276.369742][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.383488][ T5915] usb 3-1: Product: syz
[  276.387755][ T5915] usb 3-1: Manufacturer: syz
[  276.394632][ T5915] usb 3-1: SerialNumber: syz
[  276.413984][ T5915] usb 3-1: config 0 descriptor??
[  276.455007][ T5915] option 3-1:0.206: GSM modem (1-port) converter detected
[  276.503740][ T5885] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  276.515394][ T5885] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  276.536118][ T5885] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  276.562002][ T8698] netlink: 4 bytes leftover after parsing attributes in process `syz.3.769'.
[  276.584696][ T5885] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  276.589111][   T29] audit: type=1400 audit(1732696264.906:526): avc:  denied  { connect } for  pid=8697 comm="syz.3.769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  276.602445][ T5885] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.637397][   T29] audit: type=1400 audit(1732696264.906:527): avc:  denied  { nlmsg_read } for  pid=8697 comm="syz.3.769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  276.658008][ T8675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  276.669561][ T5885] usb 2-1: config 0 descriptor??
[  276.690449][ T8675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.701644][ T8686] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  276.709126][ T5883] usb 3-1: USB disconnect, device number 27
[  276.717488][ T5883] option 3-1:0.206: device disconnected
[  276.725866][ T8705] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  277.582908][ T5885] plantronics 0003:047F:FFFF.0010: unknown main item tag 0xd
[  277.591870][ T5885] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving
[  277.602123][ T5885] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  277.681748][ T5883] usb 2-1: USB disconnect, device number 20
[  277.822581][   T29] audit: type=1400 audit(1732696266.136:528): avc:  denied  { append } for  pid=8713 comm="syz.3.773" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  279.401274][ T5883] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  280.201423][ T8746] xt_cgroup: invalid path, errno=-2
[  280.439718][   T29] audit: type=1400 audit(1732696268.366:529): avc:  denied  { mount } for  pid=8730 comm="syz.0.781" name="/" dev="autofs" ino=20474 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  280.490944][ T8736] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.508197][ T8749] FAULT_INJECTION: forcing a failure.
[  280.508197][ T8749] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.529909][ T8736] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.553037][ T8749] CPU: 0 UID: 0 PID: 8749 Comm: syz.1.784 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  280.563322][ T8749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  280.573379][ T8749] Call Trace:
[  280.576644][ T8749]  <TASK>
[  280.579565][ T8749]  dump_stack_lvl+0x16c/0x1f0
[  280.584227][ T8749]  should_fail_ex+0x497/0x5b0
[  280.588915][ T8749]  _copy_from_user+0x2e/0xd0
[  280.593513][ T8749]  get_timespec64+0x8c/0x240
[  280.598096][ T8749]  ? __pfx_get_timespec64+0x10/0x10
[  280.603291][ T8749]  __x64_sys_clock_nanosleep+0x1ce/0x4a0
[  280.608929][ T8749]  ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[  280.615106][ T8749]  do_syscall_64+0xcd/0x250
[  280.619626][ T8749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.625503][ T8749] RIP: 0033:0x7f0d75580809
[  280.629928][ T8749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.649700][ T8749] RSP: 002b:00007f0d76474058 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  280.658093][ T8749] RAX: ffffffffffffffda RBX: 00007f0d75745fa0 RCX: 00007f0d75580809
[  280.666062][ T8749] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 000000000000000b
[  280.674028][ T8749] RBP: 00007f0d764740a0 R08: 0000000000000000 R09: 0000000000000000
[  280.682062][ T8749] R10: 9999999999999999 R11: 0000000000000246 R12: 0000000000000001
[  280.690026][ T8749] R13: 0000000000000000 R14: 00007f0d75745fa0 R15: 00007ffd3e12b958
[  280.697995][ T8749]  </TASK>
[  280.767109][   T29] audit: type=1400 audit(1732696269.056:530): avc:  denied  { listen } for  pid=8750 comm="syz.2.785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  280.974470][   T29] audit: type=1400 audit(1732696269.296:531): avc:  denied  { unmount } for  pid=5835 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  281.702246][ T8765] FAULT_INJECTION: forcing a failure.
[  281.702246][ T8765] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  282.006989][ T8765] CPU: 0 UID: 0 PID: 8765 Comm: syz.1.788 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  282.017449][ T8765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  282.027507][ T8765] Call Trace:
[  282.030787][ T8765]  <TASK>
[  282.033716][ T8765]  dump_stack_lvl+0x16c/0x1f0
[  282.038401][ T8765]  should_fail_ex+0x497/0x5b0
[  282.043087][ T8765]  _copy_from_user+0x2e/0xd0
[  282.047675][ T8765]  copy_msghdr_from_user+0x99/0x160
[  282.052874][ T8765]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  282.058700][ T8765]  ___sys_sendmsg+0xff/0x1e0
[  282.063288][ T8765]  ? __pfx____sys_sendmsg+0x10/0x10
[  282.068496][ T8765]  ? __pfx_lock_release+0x10/0x10
[  282.073520][ T8765]  ? trace_lock_acquire+0x146/0x1e0
[  282.078728][ T8765]  ? __fget_files+0x206/0x3a0
[  282.083413][ T8765]  __sys_sendmsg+0x16e/0x220
[  282.088004][ T8765]  ? __pfx___sys_sendmsg+0x10/0x10
[  282.093127][ T8765]  do_syscall_64+0xcd/0x250
[  282.097635][ T8765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.103539][ T8765] RIP: 0033:0x7f0d75580809
[  282.107952][ T8765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.127563][ T8765] RSP: 002b:00007f0d76474058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  282.135983][ T8765] RAX: ffffffffffffffda RBX: 00007f0d75745fa0 RCX: 00007f0d75580809
[  282.143967][ T8765] RDX: 0000000000000004 RSI: 0000000020000140 RDI: 0000000000000003
[  282.151969][ T8765] RBP: 00007f0d764740a0 R08: 0000000000000000 R09: 0000000000000000
[  282.159945][ T8765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.167924][ T8765] R13: 0000000000000000 R14: 00007f0d75745fa0 R15: 00007ffd3e12b958
[  282.175909][ T8765]  </TASK>
[  282.302331][ T5883] usb 4-1: device descriptor read/all, error -71
[  282.600351][ T5885] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  282.848869][ T5885] usb 3-1: Using ep0 maxpacket: 16
[  282.857831][ T8791] xt_cgroup: invalid path, errno=-2
[  283.335527][ T5885] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  283.346522][ T5885] usb 3-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  283.359247][ T5885] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.379229][ T5885] usb 3-1: config 0 descriptor??
[  283.658991][ T8769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.739577][ T8769] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  284.222986][ T8806] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  284.441911][ T8806] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  284.831244][ T8798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  284.839873][ T8798] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  284.892007][ T8809] bridge: RTM_NEWNEIGH with invalid ether address
[  285.641719][ T5885] apple 0003:05AC:024B.0011: unknown main item tag 0x6
[  285.655571][ T5885] apple 0003:05AC:024B.0011: unknown main item tag 0xe
[  286.334805][ T5885] apple 0003:05AC:024B.0011: bogus close delimiter
[  286.341484][ T5885] apple 0003:05AC:024B.0011: item 0 0 2 10 parsing failed
[  286.349029][ T5885] apple 0003:05AC:024B.0011: parse failed
[  286.355204][ T5885] apple 0003:05AC:024B.0011: probe with driver apple failed with error -22
[  286.480339][ T5849] Bluetooth: hci3: command 0x0405 tx timeout
[  286.965839][ T5915] usb 3-1: USB disconnect, device number 28
[  287.491071][   T29] audit: type=1400 audit(1732696275.796:532): avc:  denied  { bind } for  pid=8834 comm="syz.4.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  287.515636][   T29] audit: type=1400 audit(1732696275.806:533): avc:  denied  { listen } for  pid=8835 comm="syz.3.802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  287.800362][ T5915] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  288.437751][    T8] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  288.453232][ T8852] Invalid ELF header type: 10328 != 1
[  289.087735][ T5915] usb 5-1: Using ep0 maxpacket: 8
[  289.168736][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.201179][ T5915] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  289.213927][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  289.228427][ T5915] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.236572][    T8] usb 2-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  289.245635][ T5915] usb 5-1: Product: syz
[  289.249816][ T5915] usb 5-1: Manufacturer: syz
[  289.249835][ T5915] usb 5-1: SerialNumber: syz
[  289.259341][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.269838][ T5915] usb 5-1: config 0 descriptor??
[  289.275773][    T8] usb 2-1: config 0 descriptor??
[  289.379430][ T8861] fuse: Unknown parameter '0x0000000000000004'
[  289.410387][    T9] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  289.484463][ T5915] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  289.504104][    T8] usbhid 2-1:0.0: can't add hid device: -71
[  289.510086][    T8] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  289.545183][    T8] usb 2-1: USB disconnect, device number 21
[  289.560247][    T9] usb 1-1: Using ep0 maxpacket: 32
[  289.570911][    T9] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  289.590401][ T8864] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  289.590818][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.624233][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  289.634834][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  289.648275][    T9] usb 1-1: New USB device found, idVendor=056a, idProduct=00b3, bcdDevice= 0.00
[  289.657622][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.675074][    T9] usb 1-1: config 0 descriptor??
[  289.886731][ T8859] FAULT_INJECTION: forcing a failure.
[  289.886731][ T8859] name failslab, interval 1, probability 0, space 0, times 0
[  289.904264][ T8859] CPU: 1 UID: 0 PID: 8859 Comm: syz.0.813 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  289.914549][ T8859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  289.924610][ T8859] Call Trace:
[  289.927881][ T8859]  <TASK>
[  289.930802][ T8859]  dump_stack_lvl+0x16c/0x1f0
[  289.935494][ T8859]  should_fail_ex+0x497/0x5b0
[  289.940182][ T8859]  ? fs_reclaim_acquire+0xae/0x150
[  289.945292][ T8859]  should_failslab+0xc2/0x120
[  289.949947][ T8859]  __kmalloc_noprof+0xcb/0x510
[  289.954697][ T8859]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  289.960322][ T8859]  tomoyo_realpath_from_path+0xb9/0x720
[  289.965865][ T8859]  ? tomoyo_path_number_perm+0x235/0x590
[  289.971491][ T8859]  ? tomoyo_path_number_perm+0x235/0x590
[  289.977143][ T8859]  tomoyo_path_number_perm+0x248/0x590
[  289.982600][ T8859]  ? tomoyo_path_number_perm+0x235/0x590
[  289.988233][ T8859]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  289.994259][ T8859]  ? __pfx_lock_release+0x10/0x10
[  289.999271][ T8859]  ? trace_lock_acquire+0x146/0x1e0
[  290.004468][ T8859]  ? lock_acquire+0x2f/0xb0
[  290.008952][ T8859]  ? __fget_files+0x40/0x3a0
[  290.013522][ T8859]  ? __fget_files+0x206/0x3a0
[  290.018192][ T8859]  security_file_ioctl+0x9b/0x240
[  290.023211][ T8859]  __x64_sys_ioctl+0xb7/0x200
[  290.027880][ T8859]  do_syscall_64+0xcd/0x250
[  290.032389][ T8859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.038270][ T8859] RIP: 0033:0x7fe620980809
[  290.042664][ T8859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.062266][ T8859] RSP: 002b:00007fe621848058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  290.070669][ T8859] RAX: ffffffffffffffda RBX: 00007fe620b45fa0 RCX: 00007fe620980809
[  290.078617][ T8859] RDX: 0000000020000000 RSI: 00000000802c550a RDI: 0000000000000004
[  290.086582][ T8859] RBP: 00007fe6218480a0 R08: 0000000000000000 R09: 0000000000000000
[  290.094562][ T8859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  290.102530][ T8859] R13: 0000000000000000 R14: 00007fe620b45fa0 R15: 00007ffc60df41d8
[  290.110500][ T8859]  </TASK>
[  290.121387][ T8859] ERROR: Out of memory at tomoyo_realpath_from_path.
[  290.126697][ T8866] loop0: detected capacity change from 0 to 524287999
[  290.141848][   T29] audit: type=1400 audit(1732696278.466:534): avc:  denied  { connect } for  pid=8865 comm="syz.2.816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  290.251981][ T8859] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  290.276166][    T9] usbhid 1-1:0.0: can't add hid device: -71
[  290.317152][    T9] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  290.346189][   T29] audit: type=1400 audit(1732696278.666:535): avc:  denied  { setopt } for  pid=8834 comm="syz.4.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  290.647519][ T5915] gspca_sunplus: reg_w_riv err -110
[  290.690636][ T5915] sunplus 5-1:0.0: probe with driver sunplus failed with error -110
[  290.844810][    T9] usb 1-1: USB disconnect, device number 21
[  290.887118][ T5915] usb 5-1: USB disconnect, device number 32
[  291.350952][    T9] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  291.679293][ T8893] bridge: RTM_NEWNEIGH with invalid ether address
[  292.363396][    T9] usb 1-1: Using ep0 maxpacket: 8
[  292.788260][    T9] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  292.797630][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.825785][    T9] usb 1-1: Product: syz
[  292.830092][    T9] usb 1-1: Manufacturer: syz
[  292.840352][    T9] usb 1-1: SerialNumber: syz
[  292.876254][    T9] usb 1-1: config 0 descriptor??
[  292.995033][ T8900] ieee802154 phy0 wpan0: encryption failed: -22
[  293.561616][    T9] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  294.029023][ T8907] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  294.047073][ T8907] qnx6: wrong signature (magic) in superblock #1.
[  294.053974][ T8907] qnx6: unable to read the first superblock
[  296.244099][    T9] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  296.436425][ T8930] tipc: Started in network mode
[  296.450481][ T8930] tipc: Node identity f0, cluster identity 4711
[  296.470408][ T8930] tipc: Node number set to 240
[  296.528147][ T5920] usb 1-1: USB disconnect, device number 22
[  296.945876][ T8934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.832'.
[  297.317706][ T8928] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  298.626836][ T8956] afs: Bad value for 'source'
[  298.990433][ T5920] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  299.190647][ T5920] usb 5-1: Using ep0 maxpacket: 32
[  299.248651][ T8970] netlink: 16 bytes leftover after parsing attributes in process `syz.2.845'.
[  299.288732][ T5920] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  299.427398][ T5920] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.492881][ T5915] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  299.509897][ T5920] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.579452][ T5920] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  299.648275][ T5920] usb 5-1: New USB device found, idVendor=056a, idProduct=00b3, bcdDevice= 0.00
[  299.667675][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.681900][ T5920] usb 5-1: config 0 descriptor??
[  299.692473][ T5915] usb 4-1: Using ep0 maxpacket: 32
[  299.703465][ T5915] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  299.716674][ T5915] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  299.734132][   T29] audit: type=1400 audit(1732696288.056:536): avc:  denied  { watch watch_reads } for  pid=8973 comm="syz.1.846" path="/176" dev="tmpfs" ino=971 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  299.804472][ T5915] usb 4-1: New USB device found, idVendor=056a, idProduct=00b3, bcdDevice= 0.00
[  299.815175][ T8975] Invalid ELF header type: 10328 != 1
[  299.827815][ T5915] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.979777][ T8957] FAULT_INJECTION: forcing a failure.
[  299.979777][ T8957] name failslab, interval 1, probability 0, space 0, times 0
[  300.212210][   T29] audit: type=1400 audit(1732696288.536:537): avc:  denied  { getopt } for  pid=8973 comm="syz.1.846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  300.272950][ T5915] usb 4-1: config 0 descriptor??
[  300.273364][ T8957] CPU: 1 UID: 0 PID: 8957 Comm: syz.4.839 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  300.288143][ T8957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  300.298208][ T8957] Call Trace:
[  300.301489][ T8957]  <TASK>
[  300.304422][ T8957]  dump_stack_lvl+0x16c/0x1f0
[  300.309110][ T8957]  should_fail_ex+0x497/0x5b0
[  300.313811][ T8957]  ? fs_reclaim_acquire+0xae/0x150
[  300.319368][ T8957]  should_failslab+0xc2/0x120
[  300.324066][ T8957]  __kmalloc_noprof+0xcb/0x510
[  300.328845][ T8957]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  300.334498][ T8957]  tomoyo_realpath_from_path+0xb9/0x720
[  300.340054][ T8957]  ? tomoyo_path_number_perm+0x235/0x590
[  300.345703][ T8957]  ? tomoyo_path_number_perm+0x235/0x590
[  300.351335][ T8957]  tomoyo_path_number_perm+0x248/0x590
[  300.356784][ T8957]  ? tomoyo_path_number_perm+0x235/0x590
[  300.362412][ T8957]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  300.368392][ T8957]  ? __pfx_lock_release+0x10/0x10
[  300.373403][ T8957]  ? trace_lock_acquire+0x146/0x1e0
[  300.378596][ T8957]  ? lock_acquire+0x2f/0xb0
[  300.383083][ T8957]  ? __fget_files+0x40/0x3a0
[  300.387662][ T8957]  ? __fget_files+0x206/0x3a0
[  300.392323][ T8957]  security_file_ioctl+0x9b/0x240
[  300.397332][ T8957]  __x64_sys_ioctl+0xb7/0x200
[  300.401998][ T8957]  do_syscall_64+0xcd/0x250
[  300.406487][ T8957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.412368][ T8957] RIP: 0033:0x7fbbbe780809
[  300.416765][ T8957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.436362][ T8957] RSP: 002b:00007fbbbc5f6058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  300.444809][ T8957] RAX: ffffffffffffffda RBX: 00007fbbbe945fa0 RCX: 00007fbbbe780809
[  300.452764][ T8957] RDX: 0000000020000000 RSI: 00000000802c550a RDI: 0000000000000004
[  300.460716][ T8957] RBP: 00007fbbbc5f60a0 R08: 0000000000000000 R09: 0000000000000000
[  300.468668][ T8957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.476621][ T8957] R13: 0000000000000000 R14: 00007fbbbe945fa0 R15: 00007ffc4ce2b008
[  300.484670][ T8957]  </TASK>
[  300.503009][   T29] audit: type=1400 audit(1732696288.826:538): avc:  denied  { ioctl } for  pid=8962 comm="syz.3.843" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x63a1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  300.540375][ T8957] ERROR: Out of memory at tomoyo_realpath_from_path.
[  300.684190][ T5920] usbhid 5-1:0.0: can't add hid device: -71
[  300.699975][ T5920] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  300.713938][ T8983] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  300.720782][   T29] audit: type=1400 audit(1732696289.026:539): avc:  denied  { write } for  pid=8984 comm="syz.0.849" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  300.763532][ T5920] usb 5-1: USB disconnect, device number 33
[  300.792132][ T8989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  300.861148][ T8989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  301.309678][ T8995] afs: Bad value for 'source'
[  301.614586][   T29] audit: type=1400 audit(1732696289.926:540): avc:  denied  { connect } for  pid=9002 comm="syz.0.856" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  301.860388][ T5915] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  302.010801][ T5915] usb 1-1: Using ep0 maxpacket: 32
[  302.047841][ T5915] usb 1-1: config 0 has an invalid interface number: 188 but max is 0
[  302.070321][ T5915] usb 1-1: config 0 has no interface number 0
[  302.077895][ T5915] usb 1-1: config 0 interface 188 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  302.093722][ T5915] usb 1-1: config 0 interface 188 altsetting 0 has an endpoint descriptor with address 0xBD, changing to 0x8D
[  302.106335][ T5915] usb 1-1: config 0 interface 188 altsetting 0 endpoint 0x8D has an invalid bInterval 129, changing to 11
[  302.121739][ T5915] usb 1-1: config 0 interface 188 altsetting 0 endpoint 0x8D has invalid maxpacket 10062, setting to 1024
[  302.136716][ T5915] usb 1-1: config 0 interface 188 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  302.193182][ T9009] Invalid ELF header type: 10328 != 1
[  302.350257][ T9013] netlink: 8 bytes leftover after parsing attributes in process `syz.3.855'.
[  302.467135][    T9] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  302.506885][ T5915] usb 1-1: New USB device found, idVendor=2c7c, idProduct=6002, bcdDevice=42.9b
[  302.516157][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.544304][ T5915] usb 1-1: Product: syz
[  302.548502][ T5915] usb 1-1: Manufacturer: syz
[  302.553252][ T5915] usb 1-1: SerialNumber: syz
[  302.569605][ T9015] kAFS: unparsable volume name
[  302.581269][ T5915] usb 1-1: config 0 descriptor??
[  302.631093][ T9003] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  302.645773][ T5915] option 1-1:0.188: GSM modem (1-port) converter detected
[  302.660050][    T9] usb 5-1: Using ep0 maxpacket: 8
[  302.673217][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  302.687973][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  302.711642][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  302.730619][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  302.745034][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  302.754354][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.954505][ T5915] usb 1-1: USB disconnect, device number 23
[  302.962251][ T5915] option 1-1:0.188: device disconnected
[  302.979474][    T9] usb 5-1: GET_CAPABILITIES returned 0
[  302.985217][    T9] usbtmc 5-1:16.0: can't read capabilities
[  303.304050][    T9] usb 5-1: USB disconnect, device number 34
[  303.322139][ T9030] afs: Bad value for 'source'
[  304.230736][ T9051] FAULT_INJECTION: forcing a failure.
[  304.230736][ T9051] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  304.269358][ T9051] CPU: 0 UID: 0 PID: 9051 Comm: syz.3.873 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  304.279651][ T9051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  304.289715][ T9051] Call Trace:
[  304.293007][ T9051]  <TASK>
[  304.295941][ T9051]  dump_stack_lvl+0x16c/0x1f0
[  304.300639][ T9051]  should_fail_ex+0x497/0x5b0
[  304.305341][ T9051]  _copy_from_user+0x2e/0xd0
[  304.309969][ T9051]  l2cap_sock_setsockopt+0x18cd/0x2230
[  304.315463][ T9051]  ? __pfx_sock_has_perm+0x10/0x10
[  304.320595][ T9051]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[  304.326435][ T9051]  ? selinux_socket_setsockopt+0x6a/0x80
[  304.332077][ T9051]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[  304.337894][ T9051]  do_sock_setsockopt+0x222/0x480
[  304.342936][ T9051]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  304.348501][ T9051]  ? lock_acquire+0x2f/0xb0
[  304.353032][ T9051]  __sys_setsockopt+0x1a0/0x230
[  304.357900][ T9051]  __x64_sys_setsockopt+0xbd/0x160
[  304.363030][ T9051]  ? syscall_trace_enter+0x24c/0x2c0
[  304.368330][ T9051]  do_syscall_64+0xcd/0x250
[  304.372849][ T9051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.378767][ T9051] RIP: 0033:0x7fdc17b80809
[  304.383185][ T9051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.402805][ T9051] RSP: 002b:00007fdc18991058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  304.411245][ T9051] RAX: ffffffffffffffda RBX: 00007fdc17d45fa0 RCX: 00007fdc17b80809
[  304.419240][ T9051] RDX: 0000000000000003 RSI: 0000000000000006 RDI: 0000000000000004
[  304.427225][ T9051] RBP: 00007fdc189910a0 R08: 0000000000000004 R09: 0000000000000000
[  304.435208][ T9051] R10: 0000000020000400 R11: 0000000000000246 R12: 0000000000000001
[  304.443197][ T9051] R13: 0000000000000000 R14: 00007fdc17d45fa0 R15: 00007ffd88355f18
[  304.451200][ T9051]  </TASK>
[  305.400500][   T47] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  305.625558][   T47] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  305.640066][   T47] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  305.719712][   T47] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  305.761557][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.783730][   T47] usb 3-1: config 0 descriptor??
[  305.791561][   T47] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  306.654307][ T9075] Invalid ELF header type: 10328 != 1
[  307.356335][ T9084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  307.366324][ T9084] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  308.627888][   T29] audit: type=1400 audit(1732696296.946:541): avc:  denied  { audit_write } for  pid=9103 comm="syz.1.886" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  308.767138][   T29] audit: type=1400 audit(1732696297.066:542): avc:  denied  { getopt } for  pid=9103 comm="syz.1.886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  309.508862][ T9112] Invalid ELF header type: 10328 != 1
[  309.575071][    T8] usb 3-1: USB disconnect, device number 29
[  310.638744][ T9125] ieee802154 phy0 wpan0: encryption failed: -22
[  311.021014][ T9132] afs: Bad value for 'source'
[  311.386267][ T9137] FAULT_INJECTION: forcing a failure.
[  311.386267][ T9137] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.399572][ T9137] CPU: 0 UID: 0 PID: 9137 Comm: syz.1.895 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  311.409820][ T9137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  311.419879][ T9137] Call Trace:
[  311.423154][ T9137]  <TASK>
[  311.426257][ T9137]  dump_stack_lvl+0x16c/0x1f0
[  311.430943][ T9137]  should_fail_ex+0x497/0x5b0
[  311.435663][ T9137]  _copy_from_iter+0x2a1/0x1560
[  311.440520][ T9137]  ? trace_lock_acquire+0x146/0x1e0
[  311.445733][ T9137]  ? __pfx__copy_from_iter+0x10/0x10
[  311.451025][ T9137]  ? __virt_addr_valid+0x1a4/0x590
[  311.456248][ T9137]  ? __virt_addr_valid+0x5e/0x590
[  311.461275][ T9137]  ? __phys_addr_symbol+0x30/0x80
[  311.466303][ T9137]  ? __check_object_size+0x488/0x710
[  311.471592][ T9137]  netlink_sendmsg+0x813/0xd70
[  311.476369][ T9137]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.481669][ T9137]  ____sys_sendmsg+0xaaf/0xc90
[  311.486445][ T9137]  ? lockdep_hardirqs_on+0x7c/0x110
[  311.491650][ T9137]  ? __pfx_____sys_sendmsg+0x10/0x10
[  311.496950][ T9137]  ___sys_sendmsg+0x135/0x1e0
[  311.501625][ T9137]  ? __pfx____sys_sendmsg+0x10/0x10
[  311.506829][ T9137]  ? __pfx_lock_release+0x10/0x10
[  311.511862][ T9137]  ? trace_lock_acquire+0x146/0x1e0
[  311.517174][ T9137]  ? __fget_files+0x206/0x3a0
[  311.521856][ T9137]  __sys_sendmsg+0x16e/0x220
[  311.526430][ T9137]  ? __pfx___sys_sendmsg+0x10/0x10
[  311.531531][ T9137]  do_syscall_64+0xcd/0x250
[  311.536031][ T9137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.541904][ T9137] RIP: 0033:0x7f0d75580809
[  311.546293][ T9137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.565931][ T9137] RSP: 002b:00007f0d76474058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  311.574321][ T9137] RAX: ffffffffffffffda RBX: 00007f0d75745fa0 RCX: 00007f0d75580809
[  311.582266][ T9137] RDX: 0000000000040000 RSI: 0000000020000380 RDI: 0000000000000003
[  311.590213][ T9137] RBP: 00007f0d764740a0 R08: 0000000000000000 R09: 0000000000000000
[  311.598159][ T9137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.606116][ T9137] R13: 0000000000000000 R14: 00007f0d75745fa0 R15: 00007ffd3e12b958
[  311.614501][ T9137]  </TASK>
[  312.737685][ T9149] Invalid ELF header type: 10328 != 1
[  314.907245][ T9183] XFS (nullb0): Invalid superblock magic number
[  314.968245][   T29] audit: type=1400 audit(1732696303.286:543): avc:  denied  { connect } for  pid=9161 comm="syz.0.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  315.016918][   T29] audit: type=1400 audit(1732696303.346:544): avc:  denied  { read } for  pid=9161 comm="syz.0.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  315.070720][    T9] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  315.100909][   T29] audit: type=1400 audit(1732696303.426:545): avc:  denied  { write } for  pid=9161 comm="syz.0.903" path="socket:[22543]" dev="sockfs" ino=22543 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  315.220406][    T9] usb 3-1: Using ep0 maxpacket: 16
[  315.240812][    T9] usb 3-1: config 0 has an invalid interface number: 41 but max is 0
[  315.240830][    T9] usb 3-1: config 0 has no interface number 0
[  315.240847][    T9] usb 3-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  315.240861][    T9] usb 3-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  315.240874][    T9] usb 3-1: config 0 interface 41 has no altsetting 0
[  315.330622][    T9] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  315.330654][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.330675][    T9] usb 3-1: Product: syz
[  315.330690][    T9] usb 3-1: Manufacturer: syz
[  315.330705][    T9] usb 3-1: SerialNumber: syz
[  315.333863][    T9] usb 3-1: config 0 descriptor??
[  315.347857][ T9179] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  315.347940][ T9179] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  315.396212][   T29] audit: type=1400 audit(1732696303.716:546): avc:  denied  { create } for  pid=9197 comm="syz.1.911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  315.397776][   T29] audit: type=1400 audit(1732696303.716:547): avc:  denied  { ioctl } for  pid=9197 comm="syz.1.911" path="socket:[21305]" dev="sockfs" ino=21305 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  315.402299][   T29] audit: type=1400 audit(1732696303.726:548): avc:  denied  { write } for  pid=9197 comm="syz.1.911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  315.553493][ T9179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  315.553606][ T9179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  315.554621][ T9179] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  315.554677][ T9179] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  315.626969][    C1] vkms_vblank_simulate: vblank timer overrun
[  315.722672][ T5836] Bluetooth: hci0: Unknown advertising packet type: 0x73
[  315.722731][ T5836] Bluetooth: hci0: Malformed LE Event: 0x0d
[  315.961136][    T9] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -32
[  316.804017][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  317.670901][ T9208] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  318.017498][ T9222] ieee802154 phy0 wpan0: encryption failed: -22
[  318.749015][ T9219] Invalid ELF header type: 10328 != 1
[  318.880438][    T9] usb 3-1: USB disconnect, device number 30
[  320.297409][ T9243] bridge: RTM_NEWNEIGH with invalid ether address
[  320.382933][   T29] audit: type=1400 audit(1732696308.706:549): avc:  denied  { lock } for  pid=9244 comm="syz.1.923" path="/dev/ubi_ctrl" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  320.649194][ T9252] ieee802154 phy0 wpan0: encryption failed: -22
[  320.722180][ T9253] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  320.863488][   T29] audit: type=1400 audit(1732696309.186:550): avc:  denied  { write } for  pid=9254 comm="syz.2.927" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  320.890311][ T9253] qnx6: wrong signature (magic) in superblock #1.
[  321.553181][ T9253] qnx6: unable to read the first superblock
[  322.341380][ T9272] xt_cgroup: invalid path, errno=-2
[  322.956530][   T29] audit: type=1400 audit(1732696311.276:551): avc:  denied  { setcheckreqprot } for  pid=9273 comm="syz.3.931" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  323.245859][ T9280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  323.347282][ T9280] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.812262][ T9289] netlink: 428 bytes leftover after parsing attributes in process `syz.2.935'.
[  323.822076][ T9289] netlink: 32 bytes leftover after parsing attributes in process `syz.2.935'.
[  324.164803][ T9296] netlink: 8 bytes leftover after parsing attributes in process `syz.3.937'.
[  326.270286][    T9] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  326.346223][ T9321] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  326.389978][ T9321] qnx6: wrong signature (magic) in superblock #1.
[  326.420011][ T9321] qnx6: unable to read the first superblock
[  326.433516][    T9] usb 1-1: device descriptor read/64, error -71
[  328.080781][    T9] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  328.190688][ T9337] Invalid ELF header type: 10328 != 1
[  329.229654][ T9348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.950'.
[  329.350514][ T5915] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  329.592723][ T5915] usb 5-1: config 0 interface 0 has no altsetting 0
[  329.599369][ T5915] usb 5-1: New USB device found, idVendor=0451, idProduct=f430, bcdDevice=42.7a
[  329.616570][ T5915] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.637556][ T5915] usb 5-1: config 0 descriptor??
[  329.671593][ T5915] ti_usb_3410_5052 5-1:0.0: required endpoints missing
[  330.282301][ T5832] usb 5-1: USB disconnect, device number 35
[  330.680243][    T8] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  330.840216][    T8] usb 1-1: Using ep0 maxpacket: 16
[  330.862381][    T8] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  330.877391][    T8] usb 1-1: config 0 has no interface number 0
[  330.885413][    T8] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  330.918034][    T8] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  330.967928][    T8] usb 1-1: config 0 interface 41 has no altsetting 0
[  330.998536][    T8] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  331.022370][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.045624][    T8] usb 1-1: Product: syz
[  331.071546][    T8] usb 1-1: Manufacturer: syz
[  331.084960][    T8] usb 1-1: SerialNumber: syz
[  331.102700][    T8] usb 1-1: config 0 descriptor??
[  331.118580][ T9366] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  331.140503][ T9366] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  331.396255][ T9366] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  331.420285][    T9] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  331.441146][ T9366] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  331.519382][ T9366] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  331.529206][ T9366] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  331.650357][    T9] usb 5-1: Using ep0 maxpacket: 16
[  331.705357][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  331.717255][    T9] usb 5-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  331.733328][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  331.780473][    T9] usb 5-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  331.790636][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.820372][    T9] usb 5-1: config 0 descriptor??
[  331.894159][    T9] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  331.987752][    T8] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -32
[  332.143614][ T9374] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  333.154019][ T9391] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  334.313804][    T9] usb 1-1: USB disconnect, device number 26
[  334.450328][ T5832] usb 5-1: USB disconnect, device number 36
[  335.763173][ T9433] netlink: 28 bytes leftover after parsing attributes in process `syz.2.974'.
[  335.815369][ T9433] netlink: 'syz.2.974': attribute type 10 has an invalid length.
[  335.843769][ T9433] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.851979][ T9433] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.967574][ T9433] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.974695][ T9433] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.982049][ T9433] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.989091][ T9433] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.057560][ T9433] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  336.153801][   T29] audit: type=1400 audit(1732696836.484:552): avc:  denied  { sqpoll } for  pid=9436 comm="syz.3.976" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  336.250028][   T29] audit: type=1400 audit(1732696836.524:553): avc:  denied  { map } for  pid=9436 comm="syz.3.976" path="/proc/546/loginuid" dev="proc" ino=23207 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  336.334050][   T29] audit: type=1400 audit(1732696836.524:554): avc:  denied  { execute } for  pid=9436 comm="syz.3.976" path="/proc/546/loginuid" dev="proc" ino=23207 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  336.523852][ T9452] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.561275][ T9452] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  337.273093][ T9468] hfs: unable to load iocharset "io#harset"
[  337.520292][    T9] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  337.672877][    T9] usb 3-1: Using ep0 maxpacket: 16
[  337.705689][    T9] usb 3-1: config 0 has an invalid interface number: 41 but max is 0
[  337.721117][    T9] usb 3-1: config 0 has no interface number 0
[  337.737357][    T9] usb 3-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  337.769406][    T9] usb 3-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  337.801241][    T9] usb 3-1: config 0 interface 41 has no altsetting 0
[  337.823704][    T9] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  337.857483][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.903389][    T9] usb 3-1: Product: syz
[  337.920433][    T9] usb 3-1: Manufacturer: syz
[  337.939412][    T9] usb 3-1: SerialNumber: syz
[  338.530941][    T9] usb 3-1: config 0 descriptor??
[  338.536547][ T9471] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  338.544259][ T9471] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  338.763047][ T9471] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  338.798204][ T9471] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.832790][ T9471] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  338.861294][ T9471] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  339.335202][    T9] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -32
[  340.772100][ T9497] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  342.271373][    T8] usb 3-1: USB disconnect, device number 31
[  343.563871][ T9528] ieee802154 phy0 wpan0: encryption failed: -22
[  345.762161][ T9551] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  346.027108][ T9551] qnx6: wrong signature (magic) in superblock #1.
[  346.806676][ T9551] qnx6: unable to read the first superblock
[  348.630776][ T9586] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1018'.
[  349.605027][ T9600] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1024'.
[  349.746212][ T9607] IPVS: stopping master sync thread 9605 ...
[  349.756006][ T9605] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0
[  349.924449][ T9612] blktrace: Concurrent blktraces are not allowed on loop3
[  350.312808][   T47] usb 2-1: new low-speed USB device number 22 using dummy_hcd
[  350.804664][ T9615] FAULT_INJECTION: forcing a failure.
[  350.804664][ T9615] name failslab, interval 1, probability 0, space 0, times 0
[  350.818243][ T9615] CPU: 0 UID: 0 PID: 9615 Comm: syz.4.1026 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  350.828570][ T9615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  350.838611][ T9615] Call Trace:
[  350.841870][ T9615]  <TASK>
[  350.844779][ T9615]  dump_stack_lvl+0x16c/0x1f0
[  350.849462][ T9615]  should_fail_ex+0x497/0x5b0
[  350.854120][ T9615]  ? fs_reclaim_acquire+0xae/0x150
[  350.859207][ T9615]  should_failslab+0xc2/0x120
[  350.863874][ T9615]  __kmalloc_cache_noprof+0x68/0x410
[  350.869135][ T9615]  ? __genradix_ptr_alloc+0x32e/0x5d0
[  350.874504][ T9615]  sctp_auth_shkey_create+0x87/0x1f0
[  350.879780][ T9615]  sctp_auth_asoc_copy_shkeys+0x1f4/0x360
[  350.885494][ T9615]  sctp_association_new+0x1973/0x2ab0
[  350.890859][ T9615]  sctp_connect_new_asoc+0x1b7/0x790
[  350.896132][ T9615]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  350.901925][ T9615]  ? selinux_sctp_bind_connect+0x112/0x2c0
[  350.907721][ T9615]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  350.913265][ T9615]  sctp_sendmsg+0x1610/0x1eb0
[  350.917929][ T9615]  ? avc_has_perm+0x11b/0x1c0
[  350.922603][ T9615]  ? __pfx_sctp_sendmsg+0x10/0x10
[  350.927620][ T9615]  ? __pfx_sock_has_perm+0x10/0x10
[  350.932745][ T9615]  ? __pfx_sctp_sendmsg+0x10/0x10
[  350.937756][ T9615]  inet_sendmsg+0x119/0x140
[  350.942254][ T9615]  __sys_sendto+0x42a/0x4f0
[  350.946752][ T9615]  ? __pfx___sys_sendto+0x10/0x10
[  350.951766][ T9615]  ? bpf_trace_run2+0x266/0x590
[  350.956623][ T9615]  __x64_sys_sendto+0xe0/0x1c0
[  350.961381][ T9615]  ? syscall_trace_enter+0x24c/0x2c0
[  350.966657][ T9615]  do_syscall_64+0xcd/0x250
[  350.971151][ T9615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.977120][ T9615] RIP: 0033:0x7fbbbe780809
[  350.981520][ T9615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.001117][ T9615] RSP: 002b:00007fbbbc5d5058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  351.009512][ T9615] RAX: ffffffffffffffda RBX: 00007fbbbe946080 RCX: 00007fbbbe780809
[  351.017467][ T9615] RDX: 000000000000fee4 RSI: 0000000020847fff RDI: 0000000000000003
[  351.025434][ T9615] RBP: 00007fbbbc5d50a0 R08: 000000002005ffe4 R09: 000000000000001c
[  351.033404][ T9615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.041360][ T9615] R13: 0000000000000000 R14: 00007fbbbe946080 R15: 00007ffc4ce2b008
[  351.049338][ T9615]  </TASK>
[  351.279556][   T47] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  351.373338][   T47] usb 2-1: config 0 has no interface number 0
[  351.411588][ T5849] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  351.424070][ T5849] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  351.432088][ T5849] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  351.441920][ T5849] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  351.449533][ T5849] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  351.456866][ T5849] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  351.496195][   T29] audit: type=1400 audit(1732696851.804:555): avc:  denied  { mounton } for  pid=9616 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  351.539491][ T9616] lo speed is unknown, defaulting to 1000
[  351.578807][   T47] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  351.599206][   T47] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  351.610556][   T47] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  351.619657][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.205802][   T47] usb 2-1: config 0 descriptor??
[  352.206300][ T9612] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  352.320388][   T47] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  352.420809][ T1198] usb 2-1: USB disconnect, device number 22
[  352.432627][ T1198] iowarrior 2-1:0.1: I/O-Warror #0 now disconnected
[  352.453849][ T9616] chnl_net:caif_netlink_parms(): no params data found
[  352.594266][ T1066] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.619146][ T9616] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.628596][ T9616] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.648405][ T9616] bridge_slave_0: entered allmulticast mode
[  352.666300][ T9616] bridge_slave_0: entered promiscuous mode
[  352.698958][ T1066] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.728786][ T9616] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.740363][ T9616] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.769898][ T9616] bridge_slave_1: entered allmulticast mode
[  352.788534][ T9616] bridge_slave_1: entered promiscuous mode
[  352.825625][ T1066] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.872382][ T9616] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  352.938107][ T1066] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.033816][ T9616] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  353.135091][ T9616] team0: Port device team_slave_0 added
[  353.162078][ T9616] team0: Port device team_slave_1 added
[  353.326634][ T9616] batman_adv: batadv0: Adding interface: batadv_slave_0
[  353.350449][ T9616] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  353.477597][ T9616] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  353.621758][ T9641] ieee802154 phy0 wpan0: encryption failed: -22
[  353.754788][ T5836] Bluetooth: hci5: command tx timeout
[  353.847249][ T9616] batman_adv: batadv0: Adding interface: batadv_slave_1
[  353.933008][ T9616] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  353.985432][ T9616] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  355.227770][ T9656] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1035'.
[  355.380779][ T9616] hsr_slave_0: entered promiscuous mode
[  355.392660][ T9616] hsr_slave_1: entered promiscuous mode
[  355.422843][ T9616] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  355.434083][ T9616] Cannot create hsr debugfs directory
[  355.645278][ T9667] ieee802154 phy0 wpan0: encryption failed: -22
[  355.860551][ T5836] Bluetooth: hci5: command tx timeout
[  357.290365][   T29] audit: type=1400 audit(1732696856.924:556): avc:  denied  { create } for  pid=9671 comm="syz.3.1038" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  357.473097][ T9685] blktrace: Concurrent blktraces are not allowed on loop7
[  357.487807][ T9685] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  357.497409][ T9685] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  357.906400][ T1066] team0: Port device geneve1 removed
[  357.973371][ T5836] Bluetooth: hci5: command tx timeout
[  358.415073][ T1066] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  358.445611][ T1066] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  358.468323][ T1066] bond0 (unregistering): Released all slaves
[  358.648313][ T1066] tipc: Left network mode
[  359.083602][ T9697] ieee802154 phy0 wpan0: encryption failed: -22
[  359.925239][ T9616] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  360.010471][ T5836] Bluetooth: hci5: command tx timeout
[  360.127754][ T9616] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  360.204451][ T9616] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  360.208421][ T9713] overlayfs: missing 'lowerdir'
[  360.353776][ T9616] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  360.630696][   T29] audit: type=1326 audit(1732696860.964:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9721 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff5b80809 code=0x7ffc0000
[  360.697523][ T9722] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  360.738284][   T29] audit: type=1326 audit(1732696860.964:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9721 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff5b80809 code=0x7ffc0000
[  360.858367][ T9616] 8021q: adding VLAN 0 to HW filter on device bond0
[  360.886377][   T29] audit: type=1326 audit(1732696860.974:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9721 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f1ff5b80809 code=0x7ffc0000
[  360.958073][ T9616] 8021q: adding VLAN 0 to HW filter on device team0
[  361.098343][ T9733] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  361.170480][   T29] audit: type=1326 audit(1732696860.974:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9721 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff5b80809 code=0x7ffc0000
[  361.261958][    C1] vkms_vblank_simulate: vblank timer overrun
[  361.508820][   T29] audit: type=1326 audit(1732696860.974:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9721 comm="syz.2.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ff5b80809 code=0x7ffc0000
[  361.586257][ T6681] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.593443][ T6681] bridge0: port 1(bridge_slave_0) entered forwarding state
[  361.767360][ T6681] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.774545][ T6681] bridge0: port 2(bridge_slave_1) entered forwarding state
[  362.379624][ T9739] hsr0: entered promiscuous mode
[  362.482902][ T1066] hsr_slave_0: left promiscuous mode
[  362.488562][ T1066] hsr_slave_1: left promiscuous mode
[  362.532199][ T1066] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  362.566305][ T1066] batman_adv: batadv0: Removing interface: batadv_slave_0
[  362.597796][ T1066] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  362.613717][ T1066] batman_adv: batadv0: Removing interface: batadv_slave_1
[  362.700698][ T1066] veth1_macvtap: left promiscuous mode
[  362.706756][ T1066] veth0_macvtap: left promiscuous mode
[  362.717495][ T1066] veth1_vlan: left promiscuous mode
[  362.723156][ T1066] veth0_vlan: left promiscuous mode
[  363.748895][ T1066] infiniband syz0: set down
[  365.637572][ T1066] team0 (unregistering): Port device team_slave_1 removed
[  365.721016][ T1066] team0 (unregistering): Port device team_slave_0 removed
[  366.813352][ T5971] smc: removing ib device syz0
[  367.396716][ T5832] lo speed is unknown, defaulting to 1000
[  367.565013][ T9616] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  368.325898][ T9806] loop2: detected capacity change from 0 to 7
[  368.447113][ T9806] Dev loop2: unable to read RDB block 7
[  368.499922][ T9806]  loop2: unable to read partition table
[  368.552455][ T9806] loop2: partition table beyond EOD, truncated
[  368.623580][ T9806] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  368.751977][ T9616] 8021q: adding VLAN 0 to HW filter on device batadv0
[  369.567437][   T29] audit: type=1400 audit(1732696869.894:562): avc:  denied  { read } for  pid=9819 comm="syz.1.1073" lport=35238 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  370.472262][   T29] audit: type=1400 audit(1732696870.454:563): avc:  denied  { create } for  pid=9841 comm="syz.2.1077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  370.990393][   T29] audit: type=1400 audit(1732696870.464:564): avc:  denied  { connect } for  pid=9841 comm="syz.2.1077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  371.305368][ T9616] veth0_vlan: entered promiscuous mode
[  371.371372][ T9616] veth1_vlan: entered promiscuous mode
[  371.569387][ T9616] veth0_macvtap: entered promiscuous mode
[  371.628760][ T9616] veth1_macvtap: entered promiscuous mode
[  371.699602][ T9880] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  371.708552][ T9880] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  372.065425][ T9616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.134236][ T9616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.147521][ T9616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.180828][ T9616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.190220][    T9] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[  372.204279][ T9616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.260205][ T9616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.278965][ T9616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.324363][ T9616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.353393][ T9616] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.378546][ T9616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.399699][ T9616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.414477][    T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  372.441415][ T9616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.452359][ T9616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.462731][ T9616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.472987][    T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  372.473950][ T9616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.496346][ T9616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.516125][ T9616] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.541993][ T9616] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.634290][   T29] audit: type=1400 audit(1732696872.904:565): avc:  denied  { bind } for  pid=9888 comm="syz.3.1090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  372.983170][   T29] audit: type=1400 audit(1732696872.904:566): avc:  denied  { listen } for  pid=9888 comm="syz.3.1090" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  372.983276][   T29] audit: type=1400 audit(1732696872.904:567): avc:  denied  { write } for  pid=9888 comm="syz.3.1090" path="socket:[25713]" dev="sockfs" ino=25713 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  373.022167][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 30062, setting to 64
[  373.022213][    T9] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  373.022237][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.028275][ T9870] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  373.029227][    T9] hub 3-1:1.0: bad descriptor, ignoring hub
[  373.029253][    T9] hub 3-1:1.0: probe with driver hub failed with error -5
[  373.029568][    T9] cdc_wdm 3-1:1.0: skipping garbage
[  373.029583][    T9] cdc_wdm 3-1:1.0: skipping garbage
[  373.031354][    T9] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  373.031372][    T9] cdc_wdm 3-1:1.0: Unknown control protocol
[  373.032300][ T9616] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  373.032325][ T9616] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  373.032347][ T9616] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  373.032366][ T9616] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  373.306682][ T6406] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.322248][ T6569] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.330091][ T6569] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.337407][ T9908] netlink: 'syz.3.1093': attribute type 10 has an invalid length.
[  373.347297][ T6406] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.367685][ T9908] syz_tun: entered promiscuous mode
[  373.431435][ T9908] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  373.514954][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  373.521783][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  373.529359][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  373.535975][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  373.544821][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  373.551438][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  373.558368][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  373.565321][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  373.571706][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  373.578306][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  373.584625][    C0] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  373.591219][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  374.201536][   T29] audit: type=1400 audit(1732696874.054:568): avc:  denied  { set_context_mgr } for  pid=9910 comm="syz.1.1094" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  479.374228][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  479.374246][    C1] rcu: 	0-...!: (1 GPs behind) idle=a494/1/0x4000000000000000 softirq=38192/38193 fqs=0
[  479.374865][    C1] rcu: 	(detected by 1, t=10505 jiffies, g=28557, q=499 ncpus=2)
[  479.374884][    C1] Sending NMI from CPU 1 to CPUs 0:
[  479.374906][    C0] NMI backtrace for cpu 0
[  479.374916][    C0] CPU: 0 UID: 0 PID: 29 Comm: kauditd Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  479.374933][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  479.374940][    C0] RIP: 0010:hlock_class+0x0/0x130
[  479.374965][    C0] Code: df e8 b4 32 87 00 e9 af fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <48> b8 00 00 00 00 00 fc ff df 53 48 89 fb 48 83 c7 20 48 89 fa 48
[  479.374978][    C0] RSP: 0018:ffffc90000007278 EFLAGS: 00000006
[  479.374991][    C0] RAX: 0000000000000000 RBX: ffff88801da82fc0 RCX: 0000000000000008
[  479.375000][    C0] RDX: 0000000000000002 RSI: ffff88801da82fc0 RDI: ffff88801da82fc0
[  479.375009][    C0] RBP: ffffc900000073c0 R08: 0000000000000000 R09: fffffbfff2dd0798
[  479.375018][    C0] R10: ffffffff96e83cc7 R11: 0000000000000003 R12: ffff88801da82440
[  479.375027][    C0] R13: 0000000000000100 R14: 0000000000000008 R15: 1ffff92000000e56
[  479.375036][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  479.375051][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  479.375060][    C0] CR2: 0000001b3051fffc CR3: 000000003678c000 CR4: 00000000003526f0
[  479.375070][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  479.375078][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  479.375086][    C0] Call Trace:
[  479.375091][    C0]  <NMI>
[  479.375097][    C0]  ? nmi_cpu_backtrace+0x1d8/0x390
[  479.375113][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  479.375126][    C0]  ? nmi_handle+0x1a7/0x5c0
[  479.375141][    C0]  ? __pfx_hlock_class+0x10/0x10
[  479.375159][    C0]  ? default_do_nmi+0x6a/0x160
[  479.375172][    C0]  ? exc_nmi+0x170/0x1e0
[  479.375184][    C0]  ? end_repeat_nmi+0xf/0x53
[  479.375205][    C0]  ? __pfx_hlock_class+0x10/0x10
[  479.375222][    C0]  ? __pfx_hlock_class+0x10/0x10
[  479.375240][    C0]  ? __pfx_hlock_class+0x10/0x10
[  479.375257][    C0]  </NMI>
[  479.375262][    C0]  <IRQ>
[  479.375266][    C0]  mark_lock+0xb5/0xc60
[  479.375279][    C0]  ? kasan_save_track+0x14/0x30
[  479.375294][    C0]  ? __kasan_slab_alloc+0x89/0x90
[  479.375309][    C0]  ? hlock_class+0x4e/0x130
[  479.375326][    C0]  ? __pfx_mark_lock+0x10/0x10
[  479.375339][    C0]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  479.375355][    C0]  ? hlock_class+0x4e/0x130
[  479.375372][    C0]  ? mark_lock+0xb5/0xc60
[  479.375385][    C0]  ? hlock_class+0x4e/0x130
[  479.375403][    C0]  ? __pfx_mark_lock+0x10/0x10
[  479.375419][    C0]  __lock_acquire+0x9f1/0x3c40
[  479.375435][    C0]  ? hlock_class+0x4e/0x130
[  479.375452][    C0]  ? __lock_acquire+0xcc5/0x3c40
[  479.375466][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  479.375483][    C0]  lock_acquire.part.0+0x11b/0x380
[  479.375497][    C0]  ? debug_object_activate+0x149/0x4a0
[  479.375514][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  479.375529][    C0]  ? rcu_is_watching+0x12/0xc0
[  479.375547][    C0]  ? trace_lock_acquire+0x146/0x1e0
[  479.375565][    C0]  ? debug_object_activate+0x149/0x4a0
[  479.375580][    C0]  ? lock_acquire+0x2f/0xb0
[  479.375594][    C0]  ? debug_object_activate+0x149/0x4a0
[  479.375610][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  479.375624][    C0]  ? debug_object_activate+0x149/0x4a0
[  479.375638][    C0]  debug_object_activate+0x149/0x4a0
[  479.375652][    C0]  ? lock_acquire.part.0+0x11b/0x380
[  479.375667][    C0]  ? __pfx_debug_object_activate+0x10/0x10
[  479.375682][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  479.375698][    C0]  ? do_raw_spin_lock+0x12d/0x2c0
[  479.375714][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  479.375731][    C0]  ? __pfx_advance_sched+0x10/0x10
[  479.375746][    C0]  enqueue_hrtimer+0x25/0x3c0
[  479.375763][    C0]  __hrtimer_run_queues+0x903/0xae0
[  479.375782][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  479.375800][    C0]  ? read_tsc+0x9/0x20
[  479.375819][    C0]  hrtimer_interrupt+0x392/0x8e0
[  479.375840][    C0]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  479.375856][    C0]  sysvec_apic_timer_interrupt+0x52/0xc0
[  479.375876][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  479.375894][    C0] RIP: 0010:stack_trace_consume_entry+0x10/0x170
[  479.375914][    C0] Code: ff ff ff eb c7 e8 60 cc b4 09 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 55 53 <48> 89 fb 48 83 c7 10 48 89 fa 48 83 ec 08 48 c1 ea 03 0f b6 04 02
[  479.375927][    C0] RSP: 0018:ffffc900000079d0 EFLAGS: 00000282
[  479.375938][    C0] RAX: dffffc0000000000 RBX: ffffc900000079e8 RCX: 0000000000000000
[  479.375946][    C0] RDX: 1ffff92000000f46 RSI: ffffffff8175fb0d RDI: ffffc90000007aa8
[  479.375956][    C0] RBP: ffffc90000007a78 R08: ffffc90000007a1c R09: ffffffff91830b6e
[  479.375965][    C0] R10: ffffc900000079e8 R11: 000000000008089b R12: ffffffff817a8a00
[  479.375975][    C0] R13: ffffc90000007aa8 R14: 0000000000000000 R15: ffff88801da82440
[  479.375985][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  479.376006][    C0]  ? rcu_core+0x79d/0x14d0
[  479.376024][    C0]  arch_stack_walk+0x86/0x100
[  479.376041][    C0]  ? rcu_core+0x79d/0x14d0
[  479.376058][    C0]  stack_trace_save+0x95/0xd0
[  479.376076][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  479.376094][    C0]  ? __pfx_mark_lock+0x10/0x10
[  479.376109][    C0]  ? lock_acquire.part.0+0x11b/0x380
[  479.376124][    C0]  kasan_save_stack+0x33/0x60
[  479.376137][    C0]  ? kasan_save_stack+0x33/0x60
[  479.376151][    C0]  ? kasan_save_track+0x14/0x30
[  479.376164][    C0]  ? kasan_save_free_info+0x3b/0x60
[  479.376182][    C0]  ? __kasan_slab_free+0x51/0x70
[  479.376196][    C0]  ? kmem_cache_free+0x152/0x4c0
[  479.376211][    C0]  ? dst_destroy+0x2c2/0x3f0
[  479.376238][    C0]  kasan_save_track+0x14/0x30
[  479.376252][    C0]  kasan_save_free_info+0x3b/0x60
[  479.376270][    C0]  __kasan_slab_free+0x51/0x70
[  479.376285][    C0]  kmem_cache_free+0x152/0x4c0
[  479.376298][    C0]  ? dst_destroy+0x2c2/0x3f0
[  479.376316][    C0]  dst_destroy+0x2c2/0x3f0
[  479.376332][    C0]  ? rcu_core+0x79b/0x14d0
[  479.376348][    C0]  rcu_core+0x79d/0x14d0
[  479.376366][    C0]  ? __pfx_rcu_core+0x10/0x10
[  479.376383][    C0]  ? mark_held_locks+0x9f/0xe0
[  479.376398][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  479.376414][    C0]  handle_softirqs+0x213/0x8f0
[  479.376432][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  479.376449][    C0]  __irq_exit_rcu+0x109/0x170
[  479.376465][    C0]  irq_exit_rcu+0x9/0x30
[  479.376479][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  479.376494][    C0]  </IRQ>
[  479.376498][    C0]  <TASK>
[  479.376502][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  479.376520][    C0] RIP: 0010:console_flush_all+0x9a4/0xc60
[  479.376538][    C0] Code: 00 e8 00 1d 28 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 1e 70 20 00 48 85 db 0f 85 55 01 00 00 e8 a0 6d 20 00 fb 4c 89 e0 <48> c1 e8 03 42 80 3c 38 00 0f 84 11 ff ff ff 4c 89 e7 e8 55 55 83
[  479.376550][    C0] RSP: 0018:ffffc90000a57a18 EFLAGS: 00000293
[  479.376560][    C0] RAX: ffffffff8ee934d8 RBX: 0000000000000000 RCX: ffffffff816e5ef2
[  479.376568][    C0] RDX: ffff88801da82440 RSI: ffffffff816e5f00 RDI: 0000000000000007
[  479.376577][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  479.376585][    C0] R10: 0000000000000000 R11: 0000000000000003 R12: ffffffff8ee934d8
[  479.376593][    C0] R13: ffffffff8ee93480 R14: ffffc90000a57aa8 R15: dffffc0000000000
[  479.376605][    C0]  ? console_flush_all+0x992/0xc60
[  479.376622][    C0]  ? console_flush_all+0x9a0/0xc60
[  479.376641][    C0]  ? console_flush_all+0x9a0/0xc60
[  479.376660][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  479.376679][    C0]  ? printk_percpu_data_ready+0x9/0x20
[  479.376695][    C0]  ? nbcon_get_cpu_emergency_nesting+0x3b/0x50
[  479.376709][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  479.376727][    C0]  console_unlock+0xd9/0x210
[  479.376743][    C0]  ? __pfx_console_unlock+0x10/0x10
[  479.376759][    C0]  ? lock_acquire+0x2f/0xb0
[  479.376773][    C0]  ? vprintk+0x7f/0xa0
[  479.376791][    C0]  ? __down_trylock_console_sem+0xb0/0x140
[  479.376808][    C0]  vprintk_emit+0x424/0x6f0
[  479.376825][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  479.376842][    C0]  ? __pfx_lock_release+0x10/0x10
[  479.376860][    C0]  ? trace_lock_acquire+0x146/0x1e0
[  479.376878][    C0]  ? __pfx_kauditd_send_multicast_skb+0x10/0x10
[  479.376892][    C0]  vprintk+0x7f/0xa0
[  479.376910][    C0]  _printk+0xc8/0x100
[  479.376923][    C0]  ? __pfx__printk+0x10/0x10
[  479.376937][    C0]  ? ___ratelimit+0x24c/0x570
[  479.376952][    C0]  ? __pfx____ratelimit+0x10/0x10
[  479.376967][    C0]  ? kauditd_hold_skb+0x1bc/0x250
[  479.376981][    C0]  kauditd_hold_skb+0x205/0x250
[  479.376995][    C0]  kauditd_send_queue+0x236/0x290
[  479.377007][    C0]  ? __pfx_kauditd_hold_skb+0x10/0x10
[  479.377022][    C0]  kauditd_thread+0x611/0xa60
[  479.377035][    C0]  ? __pfx_kauditd_thread+0x10/0x10
[  479.377049][    C0]  ? __pfx_autoremove_wake_function+0x10/0x10
[  479.377063][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  479.377079][    C0]  ? __kthread_parkme+0x148/0x220
[  479.377097][    C0]  ? __pfx_kauditd_thread+0x10/0x10
[  479.377111][    C0]  kthread+0x2c1/0x3a0
[  479.377127][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  479.377140][    C0]  ? __pfx_kthread+0x10/0x10
[  479.377157][    C0]  ret_from_fork+0x45/0x80
[  479.377170][    C0]  ? __pfx_kthread+0x10/0x10
[  479.377186][    C0]  ret_from_fork_asm+0x1a/0x30
[  479.377208][    C0]  </TASK>
[  479.377903][    C1] rcu: rcu_preempt kthread starved for 10505 jiffies! g28557 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  479.377924][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  479.377933][    C1] rcu: RCU grace-period kthread stack dump:
[  479.377940][    C1] task:rcu_preempt     state:R  running task     stack:27744 pid:17    tgid:17    ppid:2      flags:0x00004000
[  479.377995][    C1] Call Trace:
[  479.378001][    C1]  <TASK>
[  479.378012][    C1]  __schedule+0xe58/0x5ad0
[  479.378032][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  479.378062][    C1]  ? __pfx___schedule+0x10/0x10
[  479.378082][    C1]  ? schedule+0x298/0x350
[  479.378100][    C1]  ? __pfx_lock_release+0x10/0x10
[  479.378128][    C1]  ? lock_acquire+0x2f/0xb0
[  479.378145][    C1]  ? schedule+0x1fd/0x350
[  479.378166][    C1]  schedule+0xe7/0x350
[  479.378185][    C1]  schedule_timeout+0x124/0x280
[  479.378203][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  479.378221][    C1]  ? __pfx_process_timeout+0x10/0x10
[  479.378249][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  479.378269][    C1]  ? prepare_to_swait_event+0xf3/0x470
[  479.378292][    C1]  rcu_gp_fqs_loop+0x1eb/0xb00
[  479.378315][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  479.378334][    C1]  ? rcu_gp_init+0xc82/0x1630
[  479.378356][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  479.378381][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  479.378403][    C1]  rcu_gp_kthread+0x271/0x380
[  479.378424][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  479.378446][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  479.378468][    C1]  ? __kthread_parkme+0x148/0x220
[  479.378492][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  479.378513][    C1]  kthread+0x2c1/0x3a0
[  479.378533][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  479.378552][    C1]  ? __pfx_kthread+0x10/0x10
[  479.378575][    C1]  ret_from_fork+0x45/0x80
[  479.378591][    C1]  ? __pfx_kthread+0x10/0x10
[  479.378613][    C1]  ret_from_fork_asm+0x1a/0x30
[  479.378647][    C1]  </TASK>
[  479.378654][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  479.378660][    C1] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  479.378680][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  479.378691][    C1] Workqueue: events_unbound toggle_allocation_gate
[  479.378711][    C1] RIP: 0010:smp_call_function_many_cond+0x458/0x1300
[  479.378735][    C1] Code: 0c 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 f4 4c 89 f5 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 2a 17 0c 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 a7 0c 00 00 8b 43 08 31
[  479.378751][    C1] RSP: 0018:ffffc90000117998 EFLAGS: 00000293
[  479.378765][    C1] RAX: 0000000000000000 RBX: ffff8880b86469c0 RCX: ffffffff8182b59c
[  479.378777][    C1] RDX: ffff88801cef4880 RSI: ffffffff8182b576 RDI: 0000000000000005
[  479.378789][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  479.378800][    C1] R10: 0000000000000001 R11: 0000000000000006 R12: ffffed10170c8d39
[  479.378811][    C1] R13: 0000000000000001 R14: ffff8880b86469c8 R15: ffff8880b873fe40
[  479.378823][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  479.378841][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  479.378854][    C1] CR2: 0000001b33d0aff8 CR3: 000000000df7e000 CR4: 00000000003526f0
[  479.378865][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  479.378876][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  479.378887][    C1] Call Trace:
[  479.378893][    C1]  <IRQ>
[  479.378900][    C1]  ? rcu_check_gp_kthread_starvation+0x31b/0x450
[  479.378924][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  479.378948][    C1]  ? rcu_sched_clock_irq+0x247a/0x3310
[  479.378979][    C1]  ? timekeeping_advance+0x70a/0xa60
[  479.378996][    C1]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  479.379022][    C1]  ? __asan_memcpy+0x3c/0x60
[  479.379047][    C1]  ? rcu_is_watching+0x12/0xc0
[  479.379074][    C1]  ? update_process_times+0x178/0x2d0
[  479.379095][    C1]  ? __pfx_update_process_times+0x10/0x10
[  479.379122][    C1]  ? update_wall_time+0x1c/0x40
[  479.379142][    C1]  ? tick_nohz_handler+0x376/0x530
[  479.379168][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  479.379191][    C1]  ? __hrtimer_run_queues+0x5fb/0xae0
[  479.379220][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  479.379242][    C1]  ? read_tsc+0x9/0x20
[  479.379271][    C1]  ? hrtimer_interrupt+0x392/0x8e0
[  479.379304][    C1]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  479.379326][    C1]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[  479.379346][    C1]  </IRQ>
[  479.379352][    C1]  <TASK>
[  479.379359][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  479.379388][    C1]  ? smp_call_function_many_cond+0x47c/0x1300
[  479.379410][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  479.379433][    C1]  ? smp_call_function_many_cond+0x458/0x1300
[  479.379457][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  479.379480][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  479.379506][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  479.379528][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  479.379552][    C1]  text_poke_bp_batch+0x22b/0x760
[  479.379580][    C1]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  479.379601][    C1]  ? __jump_label_patch+0x1db/0x400
[  479.379628][    C1]  ? arch_jump_label_transform_queue+0xc0/0x120
[  479.379659][    C1]  text_poke_finish+0x30/0x40
[  479.379681][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  479.379705][    C1]  jump_label_update+0x1d7/0x400
[  479.379731][    C1]  static_key_enable_cpuslocked+0x1b7/0x270
[  479.379756][    C1]  static_key_enable+0x1a/0x20
[  479.379779][    C1]  toggle_allocation_gate+0xfc/0x260
[  479.379799][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  479.379818][    C1]  ? trace_lock_acquire+0x146/0x1e0
[  479.379842][    C1]  ? process_one_work+0x921/0x1ba0
[  479.379861][    C1]  ? lock_acquire+0x2f/0xb0
[  479.379878][    C1]  ? process_one_work+0x921/0x1ba0
[  479.379900][    C1]  process_one_work+0x9c5/0x1ba0
[  479.379926][    C1]  ? __pfx_cfg80211_wiphy_work+0x10/0x10
[  479.379945][    C1]  ? __pfx_process_one_work+0x10/0x10
[  479.379962][    C1]  ? rcu_is_watching+0x12/0xc0
[  479.379991][    C1]  ? assign_work+0x1a0/0x250
[  479.380012][    C1]  worker_thread+0x6c8/0xf00
[  479.380041][    C1]  ? __pfx_worker_thread+0x10/0x10
[  479.380060][    C1]  kthread+0x2c1/0x3a0
[  479.380080][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  479.380099][    C1]  ? __pfx_kthread+0x10/0x10
[  479.380126][    C1]  ret_from_fork+0x45/0x80
[  479.380142][    C1]  ? __pfx_kthread+0x10/0x10
[  479.380165][    C1]  ret_from_fork_asm+0x1a/0x30
[  479.380199][    C1]  </TASK>
[  617.908050][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [kworker/u8:1:12]
[  617.908073][    C1] Modules linked in:
[  617.908084][    C1] irq event stamp: 3040872
[  617.908091][    C1] hardirqs last  enabled at (3040871): [<ffffffff8b2f669b>] irqentry_exit+0x3b/0x90
[  617.908122][    C1] hardirqs last disabled at (3040872): [<ffffffff8b2f4e1e>] sysvec_apic_timer_interrupt+0xe/0xc0
[  617.908147][    C1] softirqs last  enabled at (3040862): [<ffffffff81510cbb>] handle_softirqs+0x5bb/0x8f0
[  617.908173][    C1] softirqs last disabled at (3040803): [<ffffffff81511189>] __irq_exit_rcu+0x109/0x170
[  617.908199][    C1] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  617.908221][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  617.908233][    C1] Workqueue: events_unbound toggle_allocation_gate
[  617.908256][    C1] RIP: 0010:smp_call_function_many_cond+0x458/0x1300
[  617.908281][    C1] Code: 0c 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 f4 4c 89 f5 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 2a 17 0c 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 a7 0c 00 00 8b 43 08 31
[  617.908298][    C1] RSP: 0018:ffffc90000117998 EFLAGS: 00000293
[  617.908313][    C1] RAX: 0000000000000000 RBX: ffff8880b86469c0 RCX: ffffffff8182b59c
[  617.908325][    C1] RDX: ffff88801cef4880 RSI: ffffffff8182b576 RDI: 0000000000000005
[  617.908337][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  617.908347][    C1] R10: 0000000000000001 R11: 0000000000000006 R12: ffffed10170c8d39
[  617.908363][    C1] R13: 0000000000000001 R14: ffff8880b86469c8 R15: ffff8880b873fe40
[  617.908374][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  617.908392][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  617.908404][    C1] CR2: 0000001b33d0aff8 CR3: 000000000df7e000 CR4: 00000000003526f0
[  617.908416][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  617.908426][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  617.908437][    C1] Call Trace:
[  617.908443][    C1]  <IRQ>
[  617.908452][    C1]  ? watchdog_timer_fn+0x570/0x7d0
[  617.908476][    C1]  ? __pfx_watchdog_timer_fn+0x10/0x10
[  617.908497][    C1]  ? __hrtimer_run_queues+0x5fb/0xae0
[  617.908527][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  617.908548][    C1]  ? read_tsc+0x9/0x20
[  617.908578][    C1]  ? hrtimer_interrupt+0x392/0x8e0
[  617.908610][    C1]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  617.908633][    C1]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[  617.908653][    C1]  </IRQ>
[  617.908659][    C1]  <TASK>
[  617.908666][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  617.908696][    C1]  ? smp_call_function_many_cond+0x47c/0x1300
[  617.908717][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  617.908740][    C1]  ? smp_call_function_many_cond+0x458/0x1300
[  617.908764][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  617.908788][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  617.908814][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  617.908835][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  617.908859][    C1]  text_poke_bp_batch+0x22b/0x760
[  617.908887][    C1]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  617.908908][    C1]  ? __jump_label_patch+0x1db/0x400
[  617.908937][    C1]  ? arch_jump_label_transform_queue+0xc0/0x120
[  617.908967][    C1]  text_poke_finish+0x30/0x40
[  617.908988][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  617.909012][    C1]  jump_label_update+0x1d7/0x400
[  617.909039][    C1]  static_key_enable_cpuslocked+0x1b7/0x270
[  617.909064][    C1]  static_key_enable+0x1a/0x20
[  617.909087][    C1]  toggle_allocation_gate+0xfc/0x260
[  617.909107][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  617.909127][    C1]  ? trace_lock_acquire+0x146/0x1e0
[  617.909152][    C1]  ? process_one_work+0x921/0x1ba0
[  617.909171][    C1]  ? lock_acquire+0x2f/0xb0
[  617.909189][    C1]  ? process_one_work+0x921/0x1ba0
[  617.909210][    C1]  process_one_work+0x9c5/0x1ba0
[  617.909236][    C1]  ? __pfx_cfg80211_wiphy_work+0x10/0x10
[  617.909255][    C1]  ? __pfx_process_one_work+0x10/0x10
[  617.909273][    C1]  ? rcu_is_watching+0x12/0xc0
[  617.909301][    C1]  ? assign_work+0x1a0/0x250
[  617.909322][    C1]  worker_thread+0x6c8/0xf00
[  617.909356][    C1]  ? __pfx_worker_thread+0x10/0x10
[  617.909374][    C1]  kthread+0x2c1/0x3a0
[  617.909395][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  617.909414][    C1]  ? __pfx_kthread+0x10/0x10
[  617.909437][    C1]  ret_from_fork+0x45/0x80
[  617.909453][    C1]  ? __pfx_kthread+0x10/0x10
[  617.909475][    C1]  ret_from_fork_asm+0x1a/0x30
[  617.909509][    C1]  </TASK>
[  617.909517][    C1] Sending NMI from CPU 1 to CPUs 0:
[  617.909538][    C0] NMI backtrace for cpu 0
[  617.909546][    C0] CPU: 0 UID: 0 PID: 29 Comm: kauditd Not tainted 6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  617.909562][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  617.909569][    C0] RIP: 0010:_raw_spin_lock+0x21/0x40
[  617.909584][    C0] Code: 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 53 48 89 fb bf 01 00 00 00 e8 fe 49 2b f6 45 31 c9 41 b8 01 00 00 00 31 c9 ff 74 24 08 <48> 8d 7b 18 31 d2 31 f6 e8 c2 95 39 f6 48 89 df 58 5b e9 b8 fd 39
[  617.909597][    C0] RSP: 0018:ffffc90000007680 EFLAGS: 00000046
[  617.909612][    C0] RAX: 0000000000010102 RBX: ffff88805cf262e8 RCX: 0000000000000000
[  617.909621][    C0] RDX: 0000000000000000 RSI: ffffffff893c054a RDI: 0000000000000001
[  617.909630][    C0] RBP: 000000000003d90c R08: 0000000000000001 R09: 0000000000000000
[  617.909639][    C0] R10: 0000000000000000 R11: 0000000000000004 R12: ffff88805cf26340
[  617.909648][    C0] R13: ffff8880b862cb00 R14: ffff88805cf26340 R15: ffffffff893c0530
[  617.909657][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  617.909671][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  617.909681][    C0] CR2: 0000001b3051fffc CR3: 000000003678c000 CR4: 00000000003526f0
[  617.909690][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  617.909698][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  617.909707][    C0] Call Trace:
[  617.909712][    C0]  <NMI>
[  617.909716][    C0]  ? nmi_cpu_backtrace+0x1d8/0x390
[  617.909731][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  617.909744][    C0]  ? nmi_handle+0x1a7/0x5c0
[  617.909759][    C0]  ? _raw_spin_lock+0x21/0x40
[  617.909773][    C0]  ? default_do_nmi+0x6a/0x160
[  617.909786][    C0]  ? exc_nmi+0x170/0x1e0
[  617.909798][    C0]  ? end_repeat_nmi+0xf/0x53
[  617.909815][    C0]  ? __pfx_advance_sched+0x10/0x10
[  617.909832][    C0]  ? advance_sched+0x1a/0xc60
[  617.909845][    C0]  ? _raw_spin_lock+0x21/0x40
[  617.909858][    C0]  ? _raw_spin_lock+0x21/0x40
[  617.909872][    C0]  ? _raw_spin_lock+0x21/0x40
[  617.909886][    C0]  </NMI>
[  617.909890][    C0]  <IRQ>
[  617.909894][    C0]  ? advance_sched+0xd8/0xc60
[  617.909907][    C0]  advance_sched+0xd8/0xc60
[  617.909922][    C0]  ? timerqueue_del+0x83/0x150
[  617.909941][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  617.909958][    C0]  ? __pfx_advance_sched+0x10/0x10
[  617.909971][    C0]  __hrtimer_run_queues+0x20a/0xae0
[  617.909990][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  617.910007][    C0]  ? read_tsc+0x9/0x20
[  617.910026][    C0]  hrtimer_interrupt+0x392/0x8e0
[  617.910048][    C0]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  617.910063][    C0]  sysvec_apic_timer_interrupt+0x52/0xc0
[  617.910079][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  617.910097][    C0] RIP: 0010:stack_trace_consume_entry+0x10/0x170
[  617.910118][    C0] Code: ff ff ff eb c7 e8 60 cc b4 09 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 55 53 <48> 89 fb 48 83 c7 10 48 89 fa 48 83 ec 08 48 c1 ea 03 0f b6 04 02
[  617.910130][    C0] RSP: 0018:ffffc900000079d0 EFLAGS: 00000282
[  617.910141][    C0] RAX: dffffc0000000000 RBX: ffffc900000079e8 RCX: 0000000000000000
[  617.910150][    C0] RDX: 1ffff92000000f46 RSI: ffffffff8175fb0d RDI: ffffc90000007aa8
[  617.910159][    C0] RBP: ffffc90000007a78 R08: ffffc90000007a1c R09: ffffffff91830b6e
[  617.910168][    C0] R10: ffffc900000079e8 R11: 000000000008089b R12: ffffffff817a8a00
[  617.910177][    C0] R13: ffffc90000007aa8 R14: 0000000000000000 R15: ffff88801da82440
[  617.910186][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  617.910207][    C0]  ? rcu_core+0x79d/0x14d0
[  617.910226][    C0]  arch_stack_walk+0x86/0x100
[  617.910244][    C0]  ? rcu_core+0x79d/0x14d0
[  617.910261][    C0]  stack_trace_save+0x95/0xd0
[  617.910280][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  617.910298][    C0]  ? __pfx_mark_lock+0x10/0x10
[  617.910314][    C0]  ? lock_acquire.part.0+0x11b/0x380
[  617.910329][    C0]  kasan_save_stack+0x33/0x60
[  617.910342][    C0]  ? kasan_save_stack+0x33/0x60
[  617.910355][    C0]  ? kasan_save_track+0x14/0x30
[  617.910369][    C0]  ? kasan_save_free_info+0x3b/0x60
[  617.910387][    C0]  ? __kasan_slab_free+0x51/0x70
[  617.910401][    C0]  ? kmem_cache_free+0x152/0x4c0
[  617.910416][    C0]  ? dst_destroy+0x2c2/0x3f0
[  617.910444][    C0]  kasan_save_track+0x14/0x30
[  617.910458][    C0]  kasan_save_free_info+0x3b/0x60
[  617.910477][    C0]  __kasan_slab_free+0x51/0x70
[  617.910492][    C0]  kmem_cache_free+0x152/0x4c0
[  617.910506][    C0]  ? dst_destroy+0x2c2/0x3f0
[  617.910524][    C0]  dst_destroy+0x2c2/0x3f0
[  617.910541][    C0]  ? rcu_core+0x79b/0x14d0
[  617.910556][    C0]  rcu_core+0x79d/0x14d0
[  617.910574][    C0]  ? __pfx_rcu_core+0x10/0x10
[  617.910591][    C0]  ? mark_held_locks+0x9f/0xe0
[  617.910610][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  617.910626][    C0]  handle_softirqs+0x213/0x8f0
[  617.910643][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  617.910660][    C0]  __irq_exit_rcu+0x109/0x170
[  617.910675][    C0]  irq_exit_rcu+0x9/0x30
[  617.910689][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  617.910705][    C0]  </IRQ>
[  617.910709][    C0]  <TASK>
[  617.910713][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  617.910731][    C0] RIP: 0010:console_flush_all+0x9a4/0xc60
[  617.910749][    C0] Code: 00 e8 00 1d 28 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 1e 70 20 00 48 85 db 0f 85 55 01 00 00 e8 a0 6d 20 00 fb 4c 89 e0 <48> c1 e8 03 42 80 3c 38 00 0f 84 11 ff ff ff 4c 89 e7 e8 55 55 83
[  617.910761][    C0] RSP: 0018:ffffc90000a57a18 EFLAGS: 00000293
[  617.910772][    C0] RAX: ffffffff8ee934d8 RBX: 0000000000000000 RCX: ffffffff816e5ef2
[  617.910781][    C0] RDX: ffff88801da82440 RSI: ffffffff816e5f00 RDI: 0000000000000007
[  617.910790][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  617.910798][    C0] R10: 0000000000000000 R11: 0000000000000003 R12: ffffffff8ee934d8
[  617.910806][    C0] R13: ffffffff8ee93480 R14: ffffc90000a57aa8 R15: dffffc0000000000
[  617.910817][    C0]  ? console_flush_all+0x992/0xc60
[  617.910834][    C0]  ? console_flush_all+0x9a0/0xc60
[  617.910852][    C0]  ? console_flush_all+0x9a0/0xc60
[  617.910870][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  617.910890][    C0]  ? printk_percpu_data_ready+0x9/0x20
[  617.910906][    C0]  ? nbcon_get_cpu_emergency_nesting+0x3b/0x50
[  617.910919][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  617.910936][    C0]  console_unlock+0xd9/0x210
[  617.910953][    C0]  ? __pfx_console_unlock+0x10/0x10
[  617.910970][    C0]  ? lock_acquire+0x2f/0xb0
[  617.910984][    C0]  ? vprintk+0x7f/0xa0
[  617.911001][    C0]  ? __down_trylock_console_sem+0xb0/0x140
[  617.911017][    C0]  vprintk_emit+0x424/0x6f0
[  617.911034][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  617.911053][    C0]  ? __pfx_lock_release+0x10/0x10
[  617.911067][    C0]  ? trace_lock_acquire+0x146/0x1e0
[  617.911086][    C0]  ? __pfx_kauditd_send_multicast_skb+0x10/0x10
[  617.911099][    C0]  vprintk+0x7f/0xa0
[  617.911117][    C0]  _printk+0xc8/0x100
[  617.911131][    C0]  ? __pfx__printk+0x10/0x10
[  617.911145][    C0]  ? ___ratelimit+0x24c/0x570
[  617.911160][    C0]  ? __pfx____ratelimit+0x10/0x10
[  617.911176][    C0]  ? kauditd_hold_skb+0x1bc/0x250
[  617.911190][    C0]  kauditd_hold_skb+0x205/0x250
[  617.911204][    C0]  kauditd_send_queue+0x236/0x290
[  617.911218][    C0]  ? __pfx_kauditd_hold_skb+0x10/0x10
[  617.911233][    C0]  kauditd_thread+0x611/0xa60
[  617.911246][    C0]  ? __pfx_kauditd_thread+0x10/0x10
[  617.911260][    C0]  ? __pfx_autoremove_wake_function+0x10/0x10
[  617.911274][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  617.911290][    C0]  ? __kthread_parkme+0x148/0x220
[  617.911307][    C0]  ? __pfx_kauditd_thread+0x10/0x10
[  617.911320][    C0]  kthread+0x2c1/0x3a0
[  617.911336][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  617.911349][    C0]  ? __pfx_kthread+0x10/0x10
[  617.911366][    C0]  ret_from_fork+0x45/0x80
[  617.911379][    C0]  ? __pfx_kthread+0x10/0x10
[  617.911396][    C0]  ret_from_fork_asm+0x1a/0x30
[  617.911417][    C0]  </TASK>
[  617.911535][    C1] Kernel panic - not syncing: softlockup: hung tasks
[  617.911547][    C1] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:1 Tainted: G             L     6.12.0-syzkaller-09734-g445d9f05fa14 #0
[  617.911569][    C1] Tainted: [L]=SOFTLOCKUP
[  617.911576][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  617.911587][    C1] Workqueue: events_unbound toggle_allocation_gate
[  617.911605][    C1] Call Trace:
[  617.911611][    C1]  <IRQ>
[  617.911617][    C1]  dump_stack_lvl+0x3d/0x1f0
[  617.911639][    C1]  panic+0x71d/0x800
[  617.911665][    C1]  ? __pfx_panic+0x10/0x10
[  617.911686][    C1]  ? __pfx__printk+0x10/0x10
[  617.911707][    C1]  ? __irq_work_queue_local+0xdd/0x460
[  617.911729][    C1]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  617.911745][    C1]  ? irq_work_queue+0x2a/0x80
[  617.911764][    C1]  ? watchdog_timer_fn+0x5f2/0x7d0
[  617.911785][    C1]  ? watchdog_timer_fn+0x5e5/0x7d0
[  617.911809][    C1]  watchdog_timer_fn+0x603/0x7d0
[  617.911832][    C1]  ? __pfx_watchdog_timer_fn+0x10/0x10
[  617.911852][    C1]  __hrtimer_run_queues+0x5fb/0xae0
[  617.911880][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  617.911901][    C1]  ? read_tsc+0x9/0x20
[  617.911929][    C1]  hrtimer_interrupt+0x392/0x8e0
[  617.911962][    C1]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  617.911983][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  617.912003][    C1]  </IRQ>
[  617.912009][    C1]  <TASK>
[  617.912016][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  617.912037][    C1] RIP: 0010:smp_call_function_many_cond+0x458/0x1300
[  617.912060][    C1] Code: 0c 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 f4 4c 89 f5 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 2a 17 0c 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 a7 0c 00 00 8b 43 08 31
[  617.912076][    C1] RSP: 0018:ffffc90000117998 EFLAGS: 00000293
[  617.912089][    C1] RAX: 0000000000000000 RBX: ffff8880b86469c0 RCX: ffffffff8182b59c
[  617.912101][    C1] RDX: ffff88801cef4880 RSI: ffffffff8182b576 RDI: 0000000000000005
[  617.912112][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  617.912122][    C1] R10: 0000000000000001 R11: 0000000000000006 R12: ffffed10170c8d39
[  617.912133][    C1] R13: 0000000000000001 R14: ffff8880b86469c8 R15: ffff8880b873fe40
[  617.912151][    C1]  ? smp_call_function_many_cond+0x47c/0x1300
[  617.912173][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  617.912198][    C1]  ? smp_call_function_many_cond+0x456/0x1300
[  617.912220][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  617.912247][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  617.912267][    C1]  on_each_cpu_cond_mask+0x40/0x90
[  617.912291][    C1]  text_poke_bp_batch+0x22b/0x760
[  617.912318][    C1]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  617.912339][    C1]  ? __jump_label_patch+0x1db/0x400
[  617.912371][    C1]  ? arch_jump_label_transform_queue+0xc0/0x120
[  617.912401][    C1]  text_poke_finish+0x30/0x40
[  617.912422][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  617.912446][    C1]  jump_label_update+0x1d7/0x400
[  617.912472][    C1]  static_key_enable_cpuslocked+0x1b7/0x270
[  617.912496][    C1]  static_key_enable+0x1a/0x20
[  617.912519][    C1]  toggle_allocation_gate+0xfc/0x260
[  617.912540][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  617.912559][    C1]  ? trace_lock_acquire+0x146/0x1e0
[  617.912583][    C1]  ? process_one_work+0x921/0x1ba0
[  617.912601][    C1]  ? lock_acquire+0x2f/0xb0
[  617.912618][    C1]  ? process_one_work+0x921/0x1ba0
[  617.912639][    C1]  process_one_work+0x9c5/0x1ba0
[  617.912665][    C1]  ? __pfx_cfg80211_wiphy_work+0x10/0x10
[  617.912683][    C1]  ? __pfx_process_one_work+0x10/0x10
[  617.912700][    C1]  ? rcu_is_watching+0x12/0xc0
[  617.912728][    C1]  ? assign_work+0x1a0/0x250
[  617.912747][    C1]  worker_thread+0x6c8/0xf00
[  617.912775][    C1]  ? __pfx_worker_thread+0x10/0x10
[  617.912794][    C1]  kthread+0x2c1/0x3a0
[  617.912814][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  617.912832][    C1]  ? __pfx_kthread+0x10/0x10
[  617.912854][    C1]  ret_from_fork+0x45/0x80
[  617.912870][    C1]  ? __pfx_kthread+0x10/0x10
[  617.912892][    C1]  ret_from_fork_asm+0x1a/0x30
[  617.912925][    C1]  </TASK>
[  618.993247][    C1] Shutting down cpus with NMI
[  618.993368][    C1] Kernel Offset: disabled