last executing test programs:

9.839679865s ago: executing program 4 (id=187):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000000000000000000000000000000a38000000080a05000000000000000000020000000c00034000000000000000020900020063797a32000000000900010073797a30"], 0x60}}, 0x0) (async)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x4, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x80c0}, 0x4000)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan1\x00', <r5=>0x0}) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wpan3\x00', <r6=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r3, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x70, r4, 0x100, 0x70bd29, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_SEC_DEVKEY={0x10, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0102}}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x70}, 0x1, 0x0, 0x0, 0x8000}, 0x804)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x1c, r2, 0x305, 0x0, 0x0, {0x7}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}]}, 0x1c}}, 0x20000000)

9.092251882s ago: executing program 4 (id=190):
unshare(0x40020000)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000940)={{}, 'syz0\x00', 0x40})
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x12)
socket$inet6(0xa, 0x6, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000087}, 0x0)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@my=0x0, 0x1})
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000680)={@local})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f00000000c0)={&(0x7f0000000780)={{@my=0x0, 0x4}, {@local, 0x80000001}, 0x400, "982cbf5250a16070f462a33e81487dc2c89a71670d229a4958c91e934bf250b89ac9eb14f62abbceaa2758e59adbb3713426bfa62100d3cfb9fc3e2a1115a1c4c3e1fcb0811f30fe8a04c5a366bac1fe2ba60d3dc986fabef91bea03b79aa38665585ff12f61ddc9e602bb8e451e172e317ad7fa1308662d371cf74cd9d62fb3173f6ded9926ef88aa62e0af52fdc97cf474500c4364bd747d83e242c4de11c30f7f8507b60dac9ffa855914a4f010a793e5a463ca1431db2098d45f83805250f07edaca08852a27ab7df82a0c9165b5347c7f0d70473a6faa22a2c151583ed7d6b204c3a8fca9434b6c537f45511e1647cf34fc9af714f395b3ee99c950afd1f687d67a71a01a83a8e8d585b5a6b8f34ceb8a4253596f57ca4a4ecd8d194ef11d3592e389de788da42dde388f36c4e02e422851971f6d4c5673d986c047ab8e32b937594bc35b281cc0cdffd1876f5848a9a4a36335e584495e6a7be7c09fec288447e204c2e2e87717d2b425fc93d23459384ae3b1242050e044b1c2cd303dc6c59facc0ff3c66a44c0fbb95dbf237870ac88764be9d3491e5e46402f099b7cdcf9836670875ed0fdf96bbd3350e82da2e5ae5a1f8345e98bf3edafa8db44ee7aa0372eaebf9635a467c4570c2a779fcea3c543760329bb41a7c72f3dca444c2897bb7dda830b9fdd934483d90d7463f83185ee689f89b4960508f8130eb6cfa7e2ec8b7cc518312005d7825258801c46b5245ec6795248813b3bfac6e04039081da5a9c9a80637866f78039e7fde0b0362a09f827e98602028a0159a00f6a1e8c73c3ab00b73b3b0895a5bcb5aa5c4b6b0d9668ffdb9f3b11f2b213daf1088508fbf545c3a5d9e6ec9debc4648268879aec54059e0b3bb296ab1ea775b42d9b206e2f759e80ce47a9c5de8d753f6463856cc0ad94cff563e27621d137a0b61983bb49a795bc283956894b1ec4efc55dda0c62bc61c76f09fae24e5676bb73db392089477ec21b61534d84f912bbe5c8bea4167a5018317f5292561c9f76bfb969d7d67b26e9ddfe95cace6fbc5898b91396bf1c9a1cae3ce01cf8264f53e7c5c58bce6b9328f320a274f47f92d87f529ee2f9dce9a7711be65fe0f8787578809e365bca178f40a1813ebf5011233880108f4aa2d70a2a861a2849d878bed392b5fad306a26b35f25681cf5277b6573a53890dbabff34dee29a15ff56c86a0e422e67e36838384871197a759cccd3df30f4a4f4fb41a702334b92a0512569f9e197d75337e2baf6990ce3a556c56e26fc471054fe2ebd641212f86263804721e9bdeb88308bdecb531e247a8408fe85fbd261e7f8c190587a4d2710bbeb01749a5bd10249f4a3f87dcaf074ae948f0cd1483033b6b9f13fba50510522a4f81ab686b6515b7b7bd7d8f0e28320fd7fdc982f13c95195b7ac3e2f9ccbe097325"}, 0x418, 0x800})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r4=>0x0})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r5, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
recvfrom$inet(r5, 0x0, 0x0, 0x142, 0x0, 0x0)
recvfrom$inet(r5, 0x0, 0x0, 0x40, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r4})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000180)={0x28, 0x4, r4, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x100000000000000)
close(r3)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

7.206433817s ago: executing program 1 (id=195):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = dup(0xffffffffffffffff)
sendfile(0xffffffffffffffff, r1, 0x0, 0x80006)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
lseek(r3, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x3ff, 0xfe48, 0xd4e, 0x5200, r1, 0x5, '\x00', r2, r3, 0x1, 0x3, 0x2, 0xa, @void, @value, @void, @value}, 0x50)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x5c, 0x0, 0x1, 0xfffffffd, 0x0, {0x1, 0x6c00000000000000}, [{{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}]}, 0x5c}, 0x1, 0xf000, 0x0, 0x8c1}, 0x20040)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="180100002d000100000000000000000007"], 0x118}], 0x1}, 0x0)

7.171557797s ago: executing program 0 (id=196):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
getpid()
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000f0009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3, 0x0, 0x8}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="19000000044000000400000005000000000000004f89cc46ef14aa642e21a91fd9b9ffdf122f38404dc355849dc65efd2ec87f98fa1bea2ec1c35eb85e7db8965a9453c21e55bfffc867aa648550999ed724c86a53e2caa9005b67994668958b726a986ceaf2ab78bdbc67b32471b68031b69d553c0f5f0051fc56329a478487641ef9c4c1b72738ae34bbd25b2496e4ed6000"/159, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000004, 0x0, 0x0, r2})
r4 = eventfd2(0xe, 0x80001)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000180)={0x800, 0xdddd4000, 0x2, r4, 0x4})

6.711861022s ago: executing program 1 (id=198):
pidfd_send_signal(0xffffffffffffffff, 0x1b, 0x0, 0x700)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x1)
mount$9p_tcp(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x80, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000004e20,mmap,directio,cache=none,msize=0x0000000000000002,noxattr,fscontext=unconfined_u,mand,fsname=N%&@.g$,uid=', @ANYRESDEC=0x0, @ANYBLOB=',kmackfsroot=sched_switah\x00,seclabel,fscontext=staff_u,permit_directio,smackfsdef=(,,\x00'])
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400"], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x60200, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r5, 0x400455c8, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_bt_hci(r4, 0x400448ca, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)

6.614533174s ago: executing program 0 (id=199):
r0 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8)
read(r0, &(0x7f0000000040)=""/199, 0xc7)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
unshare(0x2040400)
signalfd4(r1, &(0x7f0000000340)={[0x1]}, 0x8, 0x800)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000200)='.\x00', 0x400)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r3, &(0x7f0000000340), 0x8)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='pagemap\x00')
madvise(&(0x7f0000569000/0x2000)=nil, 0x2000, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fd/3\x00')

5.103792502s ago: executing program 0 (id=201):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120141014813442024040075ee69010203010902240001000010000904b8070296d1ca000905060200020d0006090582020002"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000080), 0x6)
write$bt_hci(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="016432"], 0x5)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, &(0x7f0000000780)={0x48, 0x2, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$IOMMU_HWPT_SET_DIRTY_TRACKING(0xffffffffffffffff, 0x3b8b, &(0x7f0000000380)={0x10, 0x1, r2})
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f00000003c0)={0x0, 0x5, 0x4, "abe763a8"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000e40)={0x1c, &(0x7f0000000c00)={0x40, 0x15, 0x4, 'U$i$'}, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = socket(0x10, 0x3, 0x0)
ioctl$SIOCX25SFACILITIES(r3, 0x89e3, &(0x7f0000000240)={0x25, 0x8, 0x7, 0xc, 0x8})
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r3, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24)
syz_usb_connect(0x4, 0xba5, &(0x7f0000001080)={{0x12, 0x1, 0x300, 0x2e, 0xcf, 0xa2, 0x0, 0x45e, 0xffff, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xb93, 0x3, 0x80, 0x8d, 0x50, 0x7, [{{0x9, 0x4, 0xa8, 0x3, 0xf, 0xab, 0xa, 0xba, 0x80, [@uac_control={{0xa, 0x24, 0x1, 0x1, 0x4}, [@mixer_unit={0x5, 0x24, 0x4, 0x4, 0x5}, @output_terminal={0x9, 0x24, 0x3, 0x5, 0x1fe, 0x3, 0x2, 0x1}]}, @uac_as={[@format_type_ii_discrete={0x11, 0x24, 0x2, 0x2, 0x1, 0x80, 0x7, "b474ef1d0614e879"}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x9, 0x2, 0x5, 0x5, "", "83ac"}, @format_type_ii_discrete={0xb, 0x24, 0x2, 0x2, 0x7, 0x5, 0x2, '\n7'}, @as_header={0x7, 0x24, 0x1, 0x14, 0x3}, @format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x6, 0x1, 0x2, 0x3, "d6041ab59a6d"}]}], [{{0x9, 0x5, 0xb, 0x3, 0x40, 0x1, 0x5, 0xf9, [@generic={0xfa, 0x30, "13487c9f08975148aabea3827e993cd4ffd7964be453a1e84bf3c21891e7619cc2c278a1ca97f3ff9b716fdc45bd2bf236d6c5593051c6e63861cc496249b4c1da2e3e517d1b201587f252140451d81b4380dc06a68120ff16897e50470ecff2b4dbe4142df8e45e607b7be2730d6f8f709e2907f0ba267970679e449b3806c841fa9de12a77e5bd2318726e65072b3364a3d84f4c3907027f22cc41445823f09c3a833203366a0e495cf6421fc0d4a40c71074f327a93fd734bcbb2130cefeff43608d51d95e72fa082ac533e818ffd2b3f7e50bbf25de2c9e08f87db3b39af814eeccc2938b3f0b8eafa3cfdeb74149d6e223d509b967c"}, @generic={0x1d, 0x23, "cf651fb37fd151d584cd2ffebde65b0fdf3c670ac98a944cd2a29f"}]}}, {{0x9, 0x5, 0x80, 0x10, 0x20, 0x77, 0xfb, 0x7}}, {{0x9, 0x5, 0xf, 0x10, 0x400, 0xf, 0x6}}, {{0x9, 0x5, 0x4, 0x0, 0x3ff, 0x5, 0x1, 0x5, [@generic={0x9f, 0xc, "754300530235d3ba29b6a8ee669eb5db08decf020cd4e34bafefa64d3e6ef82245f40e57d3c3088686c192550a95cd76e290607399d6dba1b3717404209a5f2cda09930ae4ee8e3737760838f391cac42f7e28bfbbcf1921d86849ad5359b47d87e3265e5ed0bbe856de5461828fef6f500731aaabb36e09a4332e79deb5120023f947eb8a454e9acc44f67859757fe3bf621485d92bcdc051ce4e3131"}]}}, {{0x9, 0x5, 0x80, 0x0, 0x200, 0xaa, 0xf, 0xa, [@generic={0xa, 0x12, "97e53f1323d7658c"}]}}, {{0x9, 0x5, 0x2, 0x0, 0x200, 0x0, 0xff, 0x6}}, {{0x9, 0x5, 0xc, 0x1, 0x400, 0x0, 0x3, 0xe, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x2, 0x68d}, @generic={0xb2, 0x5, "8d5585757ef15e1da7d59f0f29adb84334961c6c5bf4d5e162d3062ad8cb3e72a0a05694c366fcef4cfab6a3adbc97f2ee72d473ee04d65fa5dfb6607d151f214a80ef890a4b1af3a73e4c45aad3097c570a2dc698e51abcb587d7244fc7f4be441f016901216921c0e8e8e94081faab3929ea88d933c548063726932b3086a397c0ca30d35f2c86d401f1de126eeb88b3839a5383a67a4d1c7fb2110e9eb7e8d925c7e3fdfa7ee644c8575922726d79"}]}}, {{0x9, 0x5, 0x6, 0x5, 0x200, 0x9, 0xfa, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x1, 0x9}, @generic={0x88, 0xb, "45e1a1dfe6d2e26e01d196709faaedf041c177befaf4018da887aa52ac88d44fc405aedf88c022049928413f3f84d008204499d0ee8466aef72a58cbec82b0df4fc0397b327a824fe56d49c9a58ad01ae3d7fbdc41f92add8ad47798825169b0763fd7759839fa80cae995b206f325fe352b7e03447ba16a7d6039bc09bfff14496b782ff04b"}]}}, {{0x9, 0x5, 0xc, 0x0, 0x400, 0xd, 0x4, 0xff, [@uac_iso={0x7, 0x25, 0x1, 0x7, 0x0, 0x7}]}}, {{0x9, 0x5, 0xa, 0x8, 0x3ff, 0xa0, 0x1, 0x9}}, {{0x9, 0x5, 0x4, 0x3, 0x10, 0xd6, 0xff, 0xaa, [@generic={0xa0, 0xc, "a1c9abef19b2cb0790f67dd16b68784aac8de2bb67287adcc25872842cbec4594a77dab46b41460b189d895051e3bd137b9c2acd1cfe7ecae46663fe00eb9e28de98bcadd1524ff3efb6894e794a4cee47bfe69100a015f097fc1826a315f07a9acf4eb05309c6d6b6292709c0a0ed8fb8cdd017ed25dd6b9469c62b290df6bc76e41bf7ff41c635ac56b9b6b7f7271022dfbd87ddc29a12a7e24832952e"}]}}, {{0x9, 0x5, 0x1, 0x8, 0x10, 0x1, 0x7, 0xe2}}, {{0x9, 0x5, 0x4, 0x8, 0x200, 0x6, 0x2, 0x7, [@generic={0xae, 0x22, "54969ca100f9328bea9f78581c95bd6ed931d6da7524326678ea872ea239b8fd610384012cf62f7b46c9ef7322771f5c18b5790278b8d1a876826f4beba90db294e1a9b970f975e77502b000f40a756d04a671a37de56c30064f0063fc7f36dbb66baae2da62f44ec74bfa5b46216dd3fd5a668c39f3e9c95e5d941f2ace301a2933c12a2ee8629610b49b84ec5ae71ad4eb6e9b5df737fd5b735e8b79eb0e6e7f7650dbd169402e651df064"}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0xa, 0x8}]}}, {{0x9, 0x5, 0xf, 0x2, 0x40, 0x8, 0x8, 0xf8}}, {{0x9, 0x5, 0xd, 0x3, 0x200, 0x9, 0x8, 0x0, [@generic={0xff, 0x21, "40bd593c4a86b35526d0749cec8388ce606185403980ab4fa8ade599432296e111ff2bdcc1a27e98b1b6dfb6a39a541cd69aa258c1f0145dec9cd5f140516f5d1648fb6b4e6525bd3fd0be2212cee3cd1cab9e20d8bb2885e8daf91d54df5076bbbb2b99fc815fb7dd691872870aea428178dd72d92e58ae3f57f6a51a2280c7b5d39e24117b52a6b5d1ee5311f09637a865d6c1a4e59510dc72d30d0d091818ac741e624850c8397d097410e7dccbcecc81fb127aa8ee68bef94983536372d20feabd7dfd8a6465714bfd6942abae52c3dfba1970352f440a17233cb59fa042fa0aa52bb13aabbe28b6054c0888114f44775286662017a6df8fe8c853"}]}}]}}, {{0x9, 0x4, 0x7d, 0x78, 0xd, 0x2, 0x2, 0xff, 0xe, [], [{{0x9, 0x5, 0x8, 0x0, 0x20, 0xb2, 0x1, 0x9, [@generic={0xb0, 0x22, "93d9301ff14bc4fa09962a54c6e8f528cc0049fde613df24027819fdc607df164a0e50adf672410cf9dbe50621b2484020d2edb3708753513ae99cbf4fec91050e21b4c52fc8f14715c1c3e8a384fcde9ed05dd4f4094769c89141dce06a4ca19cca4cfb1c3840393fbbfd48cc890e8f319e5b7d85df23d401177e861d53e5c2e02ebdf83fcd0ad70d6612a784382cddeddc9c3d300af4a5c975d145d0695049b7f1742dc4cedf1c9411dbc97cf7"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x6, 0x2}]}}, {{0x9, 0x5, 0x9, 0x0, 0x40, 0x45, 0x8f, 0xbd, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x0, 0x7}, @generic={0x54, 0x23, "a8c2452b4b581f28c9b0121a41d87fb21b55b90516ff13db557350d8f71591b53959b576f219be9fdca479f921875d1c59ba1f432a9dfe63777d6b0f2e8f82a94568a7f282c1cc21966155209774d0cbaebe"}]}}, {{0x9, 0x5, 0xb, 0x10, 0x40, 0xff, 0x8, 0x7f, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x5, 0x3ff}]}}, {{0x9, 0x5, 0xd, 0x10, 0x40, 0xfd, 0x5, 0x2, [@generic={0x57, 0xd, "468bdc9526b00fc74a3d86186f8e62c40a972afeb221f10d2a48842e52b846cadd68743928ccc0b24128332f3548c19151e1efb28eacfc6c92c26301cacd41d646381f3f5580d3b0ad0dddf0317709e2c92287933d"}, @generic={0x30, 0x7, "3e4bba98e2d1a4256c8a8ff45522b26770dc8603de5180b65f23c9e9cef693a8406c3616babbe55c192c555827ca"}]}}, {{0x9, 0x5, 0x0, 0x8, 0x10, 0x7, 0x1, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x9, 0x1}]}}, {{0x9, 0x5, 0x9, 0x0, 0x400, 0x5, 0x1, 0x87, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xae, 0x7}]}}, {{0x9, 0x5, 0x9, 0x0, 0x200, 0x6, 0x8, 0xdf, [@generic={0x53, 0x8, "e5dd9078a109261df165112a2d1105b3623fec61ac0a72150d3ce2e9e4255aee545cfccdd730c7458615f828ef4f4a21bdbd66b9637f39479c2ea8bb1e7284682a34fa4a4982f2de47417a2ffa56f6e756"}]}}, {{0x9, 0x5, 0x80, 0xc, 0x8, 0xb, 0x3, 0x4}}, {{0x9, 0x5, 0x7, 0x4, 0x400, 0x1, 0x1, 0x40, [@uac_iso={0x7, 0x25, 0x1, 0x182, 0x23, 0xfff7}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0xf6}]}}, {{0x9, 0x5, 0xb, 0xc, 0x3ff, 0x6, 0xb4, 0x9, [@generic={0x30, 0x31, "ecea0f3a77d6d8329151c0be6d97dbce6fe9eb4244082dfed058f026f786bc5f8224e1e783c030406292f6da10fc"}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x1, 0x200}]}}, {{0x9, 0x5, 0xb, 0x10, 0x200, 0x1, 0x31, 0x4a, [@generic={0x8c, 0x0, "b401a94e198fda43c29486080b4ed6a43e399280f49a786467411cbac4c9e3d32f630dc7985f5c1780d6c14adea150eb3a4b66e85f879992b3b8dac46b697f9cacde75b79c1c3839590175024fcc3c190db60086e56f9fe8004c3bbf9af44bd0d959be94329af10f760a5d9802634815fb025bc2f595840d2e9d3f9b568ac68f1a652ac4137b14b78d78"}, @generic={0x79, 0xb, "5962994befee8d180b05d78b2de12c9192617fe2ac04881f0f6b40baf81d0718c5ed9e92c4dc35ec94f91b9da94c53cf326611c32e6912907fd5c3da019f9829ad1a10dd37dd661fe646c051ebe8aa705b349cde7610c1e1ade0f2a22c83dd65519c335e3d883500314391ddde6cfa346deb4dff1b53a2"}]}}, {{0x9, 0x5, 0x1, 0x10, 0x3ff, 0xc0, 0x1, 0x9, [@generic={0x9f, 0xf, "01acccb755befb1bf55c2aefb09d07d0f39979db899588a51ced52f632f1216099113abb1f62dee1d0178382dbf3534a90476b1464ade8dc58c9b6bc36e2b2ea2759d2742cb8f524896886a98db9c9a12c0c429af4ae53af8bdcaa258f06de4db1615eccb2c1f17c7824691eb2d6dc6e5a18cff850e48b80bff16f2f18c780135caaefbdef1f07e504c8c30cfe6f0b43792ff79a798da41288f7784dda"}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0xb4, 0x180}]}}, {{0x9, 0x5, 0x0, 0x10, 0x400, 0xff, 0x9, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x40, 0x9}, @generic={0x1b, 0x21, "079cc27177ec87ed10d49fc67b5d46971ab18125d910c0be70"}]}}]}}, {{0x9, 0x4, 0x72, 0x2, 0x4, 0x90, 0x99, 0xfa, 0x9, [], [{{0x9, 0x5, 0xf, 0x0, 0x200, 0x5d, 0x6, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x84, 0x1, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0xb2, 0x3}]}}, {{0x9, 0x5, 0x4, 0xc, 0x10, 0xfa, 0x1, 0xff, [@generic={0x3, 0x21, '?'}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x8, 0x2}]}}, {{0x9, 0x5, 0xf, 0x0, 0x20, 0x2, 0x2, 0x9}}, {{0x9, 0x5, 0x8, 0x4, 0x20, 0x4, 0x0, 0xf7, [@generic={0x6f, 0xe, "6d255c199f45cd58a5261da4b43f97fa2e93a8f2ceeec1e724392ce185aaf1c28ae9bced5987ab1ce847bb89ee4bb0885d0b2689bddd04023f615cf1cea5f5ff0d7c98ac8475afe40b4f9bc0411df60e25955c71bfb536dae3598fa2738c0ef8a5d3acdf6f012006d5e4ecc7d6"}]}}]}}]}}]}}, &(0x7f0000000700)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x110, 0x6, 0x8, 0x26, 0x10, 0x1}, 0x183, &(0x7f0000000540)={0x5, 0xf, 0x183, 0x6, [@ext_cap={0x7, 0x10, 0x2, 0x20, 0x7, 0x6, 0xfffb}, @ss_container_id={0x14, 0x10, 0x4, 0x5, "c3b762a69a4c20d99e8af3df723b9d9f"}, @generic={0x58, 0x10, 0xb, "da783f0885f68cc49c820d39039d2ca2fec3f28ebd9f7e0249ce29216ae23f85b75b4ac349b11d9bdd581f3d8ab5a3787f40af8d1aed042bd7af1278c9de433bd549d5572b45d7c0d852db02b3d3278fda35073997"}, @ext_cap={0x7, 0x10, 0x2, 0x0, 0x4, 0x2, 0x8c21}, @ext_cap={0x7, 0x10, 0x2, 0x18, 0xf, 0x9, 0x80}, @generic={0xfd, 0x10, 0x2, "0d8ec2f5c1679d858b163ac5bc3bcd01ab729c64e57b10bef6e6b5a109eb76db4ca444658b259600a017089eec5bd91f446f9b1c8d0642fe513d3f5d891fec76bb306fd66407e0f5ce3c1a46989083586723a452c6297df3b928a41f9e29b8c45c29fbb624352da7a3bb088eb3910670e3dcb67ee7543c724a06f0c349b6efc367cabdcce6fa1f30c5efceed3afbaf91817f217e44d4d7325c2736f072d55d541b601fc3bf4ef170d8d627239d2426ba9b72d6b446f5933953dd8b25b0e988a9952a37fc896e9fb31d6fcffd222298890e4eece6b9a5e6a8478d28c543820c8829ff6047752d0c4694aabf251d7afbe1efc8b843f3ea8724ea9e"}]}, 0x7, [{0x4, &(0x7f0000000040)=@lang_id={0x4, 0x3, 0x180c}}, {0x75, &(0x7f0000000100)=@string={0x75, 0x3, "a89182fb2ac034d04dfd6154494ce30c1725e2963dc4829a3fcf400dcf8e338b7010cc727e62267e9a5ae69b4005a7a81ca42536747a5da192b4029dfe3d901a153ba424ea1fcd8a40f24ca01c37ac6e35af977946d4eec02b36375aa0b39977d50e8db49b4caba394ac957fb27de0edd1416a"}}, {0x46, &(0x7f0000000180)=@string={0x46, 0x3, "99109d84fc01ac0c8d71cda8edef7a39cd784e9bac70eeabd28359640b9176092d514183f1ca5b4f3195ffe35a6e8feea38674c3aa0bd2d68fad25f542ebdbffcac107bb"}}, {0x4, &(0x7f0000000080)=@lang_id={0x4}}, {0x95, &(0x7f00000002c0)=@string={0x95, 0x3, "97a04dca599097161274c97624a9a9346c7f305b9c263af0eaa9ac33a348c59071936ca4776b698417a2c0f056f7b2469c7d3db7869692413884a378a112efc961f76aaf1ed31837eedf5d05d3d759bb031210d201d189e42382eb45af4853e09500a1115e8ab42fb29fa3b2f673d7f0b390afc93df685daecf4d06426857abfbe0e6b5155a1b79f00f35f1226aa76ff33c0ae"}}, {0x98, &(0x7f0000000400)=@string={0x98, 0x3, "de9e4af3c1c5d23f020fbcc1d6a9d4bf862fa936cbf44255a538217fe050d9e43da276ed71597395c918732bdd7f38a18a08ef0bdeaf0c05770e66b088a8be711078cfa0a0bf73aaa421fa629475e6d5b7f4d942eabea303f99847b3ffaf6f79cf40ff7d32692d83f67ce170ae9dbe3933c87bac1f0b64b4c64e901131234d63fc0d93fa3b1477966e682ec1dd1c48b935bf81de8fcb"}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x439}}]})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000fc0)={0x84, &(0x7f0000000ac0)={0x40, 0x14, 0x4, "a350551c"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000500)={0x2c, &(0x7f0000000280)={0x20, 0x15, 0x4, "a9e94060"}, 0x0, 0x0, 0x0, 0x0})

4.700304778s ago: executing program 4 (id=202):
listen(0xffffffffffffffff, 0x0)
syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x121041)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000000, 0x30, r0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000140)={0x6d1d9759})

4.525721791s ago: executing program 4 (id=204):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000000)=""/188, 0xbc)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_disconnect(r0)

4.236067071s ago: executing program 1 (id=205):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000000)=""/188, 0xbc)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r2 = inotify_init1(0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r5, r5}, &(0x7f0000000100), &(0x7f0000000640)=r4}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0)
inotify_add_watch(r2, &(0x7f0000000100)='.\x00', 0x24000420)
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f00000001c0)={0x0, 0x4, 0x57, {0x57, 0x24, "60c5df7a6b77c07dfcbf0dd667c0247a60c1c63a90d5ff8d5478d3471815c796cc59603dba91adf23e4b9a364f7f5a63332cce2511a602d48dd3e0bc814f6a8194a1a6cda96252537661684400448780ef5e69d182"}}, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x80a}}, &(0x7f0000000240)={0x0, 0xf, 0x165, {0x5, 0xf, 0x165, 0x6, [@ssp_cap={0x1c, 0x10, 0xa, 0x2, 0x4, 0x3, 0xf00, 0x1, [0xffc0cf, 0xff0000, 0xff3f00, 0xffff00]}, @wireless={0xb, 0x10, 0x1, 0x2, 0x1, 0x90, 0x5, 0x113, 0xac}, @generic={0x4b, 0x10, 0x4, "0c992211d85422fad54bad22eaf8b248fb3b7ed10e159a45deb3bf9936c2d6496891d40f4959986e6b668164680c5ac42753775998ce529bcdbaa2c92a8f3bb7cdd0f7d393c969d0"}, @generic={0xe1, 0x10, 0x4, "c8bdc1b5633241c251f11becd82e687c0b953d3e91a750a675c56bed5a09bcb9b087be987869af23c61ada59c15a92bb80070e8fd821c797331b7d660cb418e6186268c0701032c8cd1553c4b9cb26a5e1aa05e5530b01943ed578b84309c88fef2cd43a14959929d4697cc4687892c48d0e205a06bdb06acbef0b27d2218e76008a536fc5e0ce301c889e1703e895b1d5c0b95ccfba411ec6b46a044678ec47118d717af76a42a970f98ca6b2135cb23d3a7ac9cd71cfe9c9830755a41aff5bfc2cd3e732aad309e166b962c62543f5360a0fd606e94e91eff3e0ae8000"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x3, 0x8, 0x4, 0x6}, @ptm_cap={0x3}]}}, &(0x7f0000000140)={0x20, 0x29, 0xf, {0xf, 0x29, 0x6, 0x80, 0x81, 0x3, "467b9f90", "08b49da1"}}, &(0x7f00000003c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x1, 0x2, 0x4, 0x0, 0x40, 0x1, 0x800}}}, &(0x7f0000000900)={0x84, &(0x7f0000000440)={0x20, 0x0, 0xe2, "5d6cda8161f3ff42e8c07700fe3fe0d90bc8389d6dfcbcbd52e5e1176a27fdb526fd13d2f9266533dbcabd581127cb33340b6b59a17dd4695bd61f71531fd88d1a90656314a78bb399e251ec82ee655fb9e208fdbb0a3c521a94283ac6c6b380ca8f866a07104233d36bbe5546af301b63b6bfd4e28836bbb25b533afb8b3576c8392ad14427a414622ed4b8428a331e86403749e9c8651cabba464ae7e183935db716f8b4a9a5b0a8583eae495e29caebf3db140e8f2724cb8978869b73e5103ba659942faa616a303efdc786e67dfc454f5673d2af400855c5f928a6d846891806"}, &(0x7f0000000540)={0x0, 0xa, 0x1, 0xe6}, &(0x7f0000000580)={0x0, 0x8, 0x1, 0x8}, &(0x7f00000005c0)={0x20, 0x0, 0x4, {0x5, 0x2}}, &(0x7f0000000600)={0x20, 0x0, 0x8, {0x8, 0x0, [0x0]}}, &(0x7f0000000640)={0x40, 0x7, 0x2, 0x4b}, &(0x7f0000000680)={0x40, 0x9, 0x1, 0x2}, &(0x7f00000006c0)={0x40, 0xb, 0x2, "913a"}, &(0x7f0000000700)={0x40, 0xf, 0x2, 0x1ff}, &(0x7f0000000740)={0x40, 0x13, 0x6, @local}, &(0x7f0000000780)={0x40, 0x17, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}}, &(0x7f00000007c0)={0x40, 0x19, 0x2, "e03c"}, &(0x7f0000000800)={0x40, 0x1a, 0x2, 0xc}, &(0x7f0000000840)={0x40, 0x1c, 0x1, 0x5}, &(0x7f0000000880)={0x40, 0x1e, 0x1, 0x7}, &(0x7f00000008c0)={0x40, 0x21, 0x1, 0x81}})
read$eventfd(r6, &(0x7f0000000100), 0xfffffd79)
syz_usb_disconnect(r0)

3.530711339s ago: executing program 3 (id=210):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@delsa={0x48, 0x12, 0x1, 0x0, 0x20, {@in=@dev}, [@srcaddr={0x14, 0xd, @in6=@rand_addr=' \x01\x00'}, @mark={0xc}]}, 0x48}}, 0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='environ\x00')
read$FUSE(r0, &(0x7f0000002900)={0x2020}, 0x2020)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001000010400000000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000201200001c001280090001006200b05f01ddcb1b48ba2a17942a614900000000000000"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x0)

3.367715165s ago: executing program 3 (id=212):
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000140)={0x9, 0x5ea4, 0x1, 0x2ae2, 0x7ff, 0x9, 0x1, 0x40}, 0x20)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r4=>0x0})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112})
ioctl$TUNSETOFFLOAD(r5, 0x400454d0, 0x79a08b386f22a1e1)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x2c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x5, 0x1, [0x0]}]}]}]}, 0x2c}}, 0x0)
lstat(&(0x7f0000000100)='./file0/file0\x00', 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800018, 0x19)
syz_clone3(&(0x7f0000000540)={0x101840000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
capset(&(0x7f0000000300)={0x20080522}, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
r6 = timerfd_create(0x0, 0x80800)
syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000080)="2ac8bbf025a7c367b93be7334e", 0xd)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000400)={0xb, {'syz0\x00', 'syz1\x00', 'syz0\x00', 0x0, 0xf01, 0x4, 0x7, 0x81, 0x707d}}, 0x118)
syz_io_uring_setup(0x258f2, &(0x7f0000000140)={0x0, 0x0, 0x8000}, &(0x7f0000000240)=<r7=>0x0, &(0x7f0000000100)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r6, 0xfffffffffffffffe, &(0x7f0000001240)=""/4102, 0x1006})
ioctl$TFD_IOC_SET_TICKS(r6, 0x40085400, &(0x7f0000000080)=0x6)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x30001, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010100000000000000002b00000008000300", @ANYRES32=r1, @ANYBLOB="524c9533712ad0ec586e3c0abc0ba2febaf61a8af13b4d8bf7490ed06d1ac4d80ca338d8b8ae7f0d3b184590feabb396b6"], 0x28}}, 0x0)

3.216213976s ago: executing program 3 (id=213):
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
ioctl$KVM_CAP_STEAL_TIME(0xffffffffffffffff, 0x4068aea3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x6)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
fanotify_init(0xf00, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x0)
mknod(0x0, 0x8001420, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000a40)='./file5\x00', 0x2)
close_range(r0, 0xffffffffffffffff, 0x0) (fail_nth: 1)

2.80048985s ago: executing program 4 (id=214):
listen(0xffffffffffffffff, 0x0)
syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x121041)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000000, 0x30, r0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000140)={0x6d1d9759})

2.704240824s ago: executing program 3 (id=215):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x65, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200890, 0x0)
pread64(r3, &(0x7f0000002240)=""/237, 0xed, 0x4eb) (fail_nth: 1)

2.609326444s ago: executing program 4 (id=216):
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=<r0=>0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x2)
lstat(0xfffffffffffffffe, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = epoll_create1(0x0)
epoll_pwait(r2, &(0x7f0000000100)=[{}, {}, {}, {}], 0x4, 0x401, &(0x7f0000000140)={[0x5]}, 0x8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'gre0\x00'})
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2, 0x10010, r3, 0x8baa6000)
mount$cgroup(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x870000, &(0x7f00000002c0)={[{@clone_children}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@fowner_eq={'fowner', 0x3d, r1}}, {@appraise_type}, {@pcr={'pcr', 0x3d, 0x12}}, {@dont_hash}]})
syz_open_dev$loop(&(0x7f0000000340), 0x1000, 0x48841)
r4 = creat(&(0x7f0000000380)='./file0\x00', 0xc8)
setsockopt$MRT_DONE(r4, 0x0, 0xc9, 0x0, 0x0)
sched_setscheduler(r0, 0x0, &(0x7f00000003c0)=0x7)
r5 = eventfd(0xa)
preadv2(r5, &(0x7f00000007c0)=[{&(0x7f0000000400)=""/72, 0x48}, {&(0x7f0000000480)=""/172, 0xac}, {&(0x7f0000000540)=""/107, 0x6b}, {&(0x7f00000005c0)=""/8, 0x8}, {&(0x7f0000000600)=""/246, 0xf6}, {&(0x7f0000000700)=""/86, 0x56}, {&(0x7f0000000780)=""/55, 0x37}], 0x7, 0x6, 0x9, 0x10)
syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000840)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x10, 0x150a, 0x1201, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x4, 0x20, 0x0, [{{0x9, 0x4, 0x0, 0x7f, 0x1, 0x3, 0x1, 0x1, 0xb, {0x9, 0x21, 0x101, 0x1, 0x1, {0x22, 0x265}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x1, 0x4, 0x8}}}}}]}}]}}, &(0x7f0000000a40)={0xa, &(0x7f0000000880)={0xa, 0x6, 0x201, 0x47, 0x81, 0x1, 0x40, 0x4}, 0x113, &(0x7f00000008c0)={0x5, 0xf, 0x113, 0x4, [@ssp_cap={0xc, 0x10, 0xa, 0x1, 0x0, 0x9, 0xf, 0x3ff}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "d3d50beedc075a690994eba5458763f7"}, @ss_container_id={0x14, 0x10, 0x4, 0x99, "5b207f7d37997f8aee387bc9269c85f5"}, @generic={0xda, 0x10, 0x1, "2f7dd2902afb92b9f46624cc7a14f6519192f0c856d5db8b34ec8c6cb783f82860c9f2e798889053a7f764526150d64842a6cebbb3dd9ce747641516c22890844d606ac8cf290b3663148282b870242f3aac36e6823476782cf8126bdd788fca42fd4e39ca7f197d9ec0449be5db12be7100c07f7231cf10a7a86783a2c2c9ec6f9b56fb6e5879763f11d1aecc7860945e6a9c7a2cff6f7660d7e1457e36b9f441c237760805bdcc1545dd9370503673a97726fb2ffed4bb332520f5143948937c13d3893bf969a13de063dfd15ef5df7cec995299d65c"}]}, 0x1, [{0x4, &(0x7f0000000a00)=@lang_id={0x4, 0x3, 0x437}}]})
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r4, 0x84, 0x1c, &(0x7f0000000a80), &(0x7f0000000ac0)=0x4)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r4, 0x8983, &(0x7f0000000b00))
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f0000000b40)={<r7=>0x0, @in6={{0xa, 0x4e21, 0x9, @private2, 0x6}}, 0x80000000, 0x2e23, 0x1, 0x2, 0xfa}, &(0x7f0000000c00)=0x98)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000c40)={r7, 0x7}, &(0x7f0000000c80)=0x8)
getsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, &(0x7f0000000cc0)=0x3, &(0x7f0000000d00)=0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
r8 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000d40), 0x4000, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r8, 0xc010640c, &(0x7f0000000d80)={0x5})
renameat2(r4, &(0x7f0000000dc0)='./file0\x00', r4, &(0x7f0000000e00)='./file1\x00', 0x1)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000e40), 0xffffffffffffffff)
connect$unix(r4, &(0x7f0000000e80)=@file={0x0, './file1\x00'}, 0x6e)

1.83387867s ago: executing program 0 (id=217):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@getstat={0xe0, 0x15, 0x0, 0x70bd29, 0x0, {{'digest_null-generic\x00'}, '\x00', '\x00', 0x0, 0x2400}}, 0xe0}}, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x7})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_crypto(r0, 0x0, 0x0)

1.785276166s ago: executing program 3 (id=218):
syz_usb_connect(0x4, 0x24, &(0x7f00000001c0)=ANY=[], 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_clone3(&(0x7f00000006c0)={0x40000, &(0x7f0000000240), &(0x7f00000003c0), &(0x7f0000000400)=<r0=>0x0, {0x8}, &(0x7f00000005c0)=""/167, 0xa7, &(0x7f0000000440)=""/116, &(0x7f0000000680)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2}, 0x58)
sched_setscheduler(r0, 0x2, &(0x7f0000000740)=0x6)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000040)={@my=0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000000080), 0x2, 0x0)
sendfile(r3, r3, 0x0, 0x200)

1.784471981s ago: executing program 2 (id=219):
socket$inet6(0xa, 0x3, 0x26)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_clone3(&(0x7f0000000600)={0x4040100, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)

1.725680008s ago: executing program 0 (id=220):
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x1f2, @time={0x65757900}})
syz_open_dev$video4linux(&(0x7f00000000c0), 0x48, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400100142603600e1208000b0000000401a80016000800014009001100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
sendmmsg$inet(r1, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
faccessat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2)
mount$afs(&(0x7f0000000000)=@cell={0x23, 'syz1:', 'syz1', '.readonly'}, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
writev(r4, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025", 0x1d}], 0x1)

1.60892755s ago: executing program 2 (id=221):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
getpid()
r0 = openat$kvm(0x0, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000f0009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="19000000044000000400000005000000000000004f89cc46ef14aa642e21a91fd9b9ffdf122f38404dc355849dc65efd2ec87f98fa1bea2ec1c35eb85e7db8965a9453c21e55bfffc867aa648550999ed724c86a53e2caa9005b67994668958b726a986ceaf2ab78bdbc67b32471b68031b69d553c0f5f0051fc56329a478487641ef9c4c1b72738ae34bbd25b2496e4ed6000"/159, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x8000000000000004, 0x0, 0x0, r2})
r3 = eventfd2(0xe, 0x80001)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000180)={0x800, 0xdddd4000, 0x2, r3, 0x4})

1.368787836s ago: executing program 2 (id=222):
r0 = syz_io_uring_setup(0x430d, &(0x7f0000000000)={0x0, 0xba24, 0x80, 0x2, 0xce}, &(0x7f0000000080), &(0x7f00000000c0))
r1 = syz_io_uring_setup(0x74d7, &(0x7f0000000100)={0x0, 0xf61, 0x4, 0x3, 0x13e, 0x0, r0}, &(0x7f0000000180), &(0x7f00000001c0))
flistxattr(r1, &(0x7f0000000200)=""/37, 0x25)
r2 = socket$inet6(0xa, 0x6, 0x5) (async)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/crypto\x00', 0x0, 0x0)
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r3, 0x40046210, &(0x7f0000000280)=0x1) (async)
write$char_usb(r2, &(0x7f00000002c0)="a691074a22d35deabd0f8677d7fe12dc94194d8f651de4720fcc0fcc3d350e7eef70d9c6d0f746fb4766cc48619491762bfeab3126344f22fa53bb25c6c9f0882737b5c6ddf82a51463ceaf105d6063f4a6a1a3973e3ca167aa92d4f9f81eb6d59c6662b9942ead0b93fb7be421703b5b4fb2f6b87585f1eb30f4098e8e92f12a322acd00cc996886ace9aa494479da82258016ae468f7cd9e", 0x99) (async)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000380)={0x0, 0x0, <r4=>0xffffffffffffffff}) (async)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000000480)={&(0x7f00000003c0)="a9d6631a3a941429d0a5e90f537e61fc87dc970560a537c18c59e5c5b65182a474e077bf8d5120200eb3e41992d828870012d1461325278b8d582d457f58a859ba42ff6555d10f0fd91d0013a613bad2c74c94e3b0c9a6f23daaa59d8fef5cf069751ba520305628bfd71227e27ef46e178b30077cb1b1cc408e3f57be4e7b0ea6de214831d50b3e9e4cd3788334000a1cd61d393c0887e74972ad13305a801e63df97658006d1c9258edcf40ab8ed004c9cba9b9b0d", 0xb6, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r4, 0xc00464be, &(0x7f00000004c0)={r5})
ioctl$DRM_IOCTL_SET_VERSION(r3, 0xc0106407, &(0x7f0000000500)={0x0, 0x80, 0xfffffffd, 0x8})
socket$inet(0x2, 0x800, 0x1) (async, rerun: 32)
r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000540), 0x101800, 0x0) (rerun: 32)
ioctl$TIOCSISO7816(r6, 0xc0285443, &(0x7f0000000580)={0x5, 0x7f, 0x7, 0x3, 0x6}) (async)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000005c0), r7) (async)
syz_clone3(&(0x7f0000000840)={0x400, &(0x7f0000000600), &(0x7f0000000640), &(0x7f0000000680)=<r8=>0x0, {0x38}, &(0x7f00000006c0)=""/30, 0x1e, &(0x7f0000000700)=""/244, &(0x7f0000000800)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff], 0x5, {r6}}, 0x58)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000900)={r8, r3, 0x0, 0xd, &(0x7f00000008c0)='/proc/crypto\x00'}, 0x30) (async, rerun: 32)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f0000000a00)={'syztnl1\x00', &(0x7f0000000980)={'ip6_vti0\x00', <r9=>0x0, 0x4, 0x9, 0x6, 0x3, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @empty, 0x10, 0x8000, 0x1, 0x4}}) (rerun: 32)
sendmsg$nl_route(r3, &(0x7f0000000ac0)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)=@ipv6_getnexthop={0x34, 0x6a, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NHA_ID={0x8, 0x1, 0x2}, @NHA_GROUPS={0x4}, @NHA_ID={0x8}, @NHA_OIF={0x8, 0x5, r9}]}, 0x34}}, 0x40081) (async)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000000b00)={r6}, 0x8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000b40)={<r11=>0x0}) (async, rerun: 64)
r12 = socket$nl_rdma(0x10, 0x3, 0x14) (rerun: 64)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r10, 0x40182103, &(0x7f0000000bc0)={r11, 0x2, r12, 0x3, 0x80000}) (async)
r13 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000c00), 0x8000, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000c80)={0x6, &(0x7f0000000c40)=[{}, {}, {}, {}, {}, {<r14=>0x0}]})
ioctl$DRM_IOCTL_UNLOCK(r13, 0x4008642b, &(0x7f0000000cc0)={r14, 0x13}) (async, rerun: 64)
r15 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000d00), 0x40, 0x0) (rerun: 64)
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000d80)={&(0x7f0000000d40)=[0x0, 0x0, 0x0], 0x3, 0x0, <r16=>0x0})
ioctl$DRM_IOCTL_MODE_DIRTYFB(r15, 0xc01864b1, &(0x7f0000000e40)={r16, 0x3, 0x9, 0x1, &(0x7f0000000e00)=[{0x7, 0xffff, 0x1, 0x3}]})

1.343786587s ago: executing program 0 (id=223):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="1700000055002f03020000000000000007"], 0x38}}, 0x40840)
timer_create(0x7, &(0x7f0000000780)={0x0, 0x3f, 0x0, @thr={0x0, 0x0}}, &(0x7f00000007c0)=<r1=>0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f00000003a8407a730b93bf0280b3"], 0x0}, 0x0)
r3 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGREPORT(r3, 0x400c4807, &(0x7f0000000480)={0x2, 0x3})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
sendmsg$NFC_CMD_DEV_DOWN(r4, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000b80)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="01000bbd7000fc9bdf250300000008000100", @ANYRESOCT], 0x1c}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
timer_settime(r1, 0x1, &(0x7f0000000840)={{}, {0x0, 0x989680}}, 0x0)
rt_sigaction(0x3f, &(0x7f0000000940)={&(0x7f00000008c0)="c46279340cdbc4c261ad9a0c000000c4c2d503f264430fae54bcc0660f638d9b540000c482c5ac2c566742d0430366f30fbae70040d9fa90", 0x40000001, 0x0, {[0x40]}}, 0x0, 0x8, &(0x7f0000000a80))

1.22409267s ago: executing program 2 (id=224):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$swradio(&(0x7f0000002440), 0x1, 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4820)
recvmmsg(r3, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000440)=""/160, 0xa0}, {&(0x7f0000000540)=""/216, 0xd8}, {&(0x7f0000000100)=""/119, 0x77}, {&(0x7f00000000c0)=""/23, 0x17}, {&(0x7f0000003c40)=""/4092, 0xffc}, {&(0x7f0000001840)=""/105, 0x69}, {&(0x7f0000000640)=""/4096, 0x1000}], 0x7}, 0x80000000}], 0x3, 0x40008062, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={{0x14}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x58}}, 0x0)

426.70171ms ago: executing program 1 (id=225):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000004c0)={0xb, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x0, 0x1aa0, 0x2, 0x6, 0x1, 0xffffffc0}}, 0x118) (fail_nth: 1)

361.194309ms ago: executing program 2 (id=226):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f0000000140)={0x6d1d9759})

113.291673ms ago: executing program 3 (id=227):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = syz_open_procfs(r1, &(0x7f0000000040)='fdinfo/3\x00')
preadv(r2, &(0x7f0000000280)=[{&(0x7f0000000380)=""/218, 0xda}], 0x1, 0x14a, 0x0)
r3 = fanotify_init(0x1, 0x0)
fchmod(r3, 0x0)
unshare(0x68020280)
r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0xb826, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r4, 0xc0505510, &(0x7f00000004c0)={0x101, 0x1, 0x10, 0x5, &(0x7f0000000340)=[{}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newtaction={0x78, 0x30, 0x216822a75a8bdd29, 0x0, 0x0, {}, [{0x64, 0x1, [@m_skbmod={0x60, 0x1, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x2, 0x1800000, 0x1, 0x0, 0x5}, 0x7}}, @TCA_SKBMOD_SMAC={0xa, 0x4, @broadcast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x20048005}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x8, 0x5, 0x490, 0x2d0, 0x0, 0xffffffff, 0x2d0, 0x1e0, 0x3c0, 0x3c0, 0xffffffff, 0x3c0, 0x3c0, 0x5, 0x0, {[{{@ipv6={@private0, @loopback, [0xb8693402ca2168f6, 0x0, 0xffffffff, 0xffffffff], [0xffffffff, 0xffffff00, 0xff, 0xffffff00], 'team0\x00', 'pimreg1\x00', {0xff}, {}, 0x53aeb1ec95656ffc, 0x40, 0x4, 0x30}, 0xb7030000, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x9, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv6=@empty, @port=0x4e23, @port=0x4e22}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4=@loopback, @ipv6=@local, @gre_key=0x8000, @gre_key=0x1}}}, {{@ipv6={@mcast1, @local, [0x0, 0xffffff], [], 'wg1\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x4}, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x10, @ipv4=@rand_addr=0x64010100, @ipv4=@private=0xa010101, @gre_key=0x2, @port=0x4e24}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4={'\x00', '\xff\xff', @loopback}, [], [0x0, 0x0, 0xff000000], 'lo\x00', 'wlan0\x00', {}, {}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv4=@private=0xa010102, @port=0x4e21, @icmp_id}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4f0)
setreuid(0x0, 0xee01)
r7 = syz_pidfd_open(0x0, 0x0)
setns(r7, 0x40000000)
accept4$tipc(0xffffffffffffffff, &(0x7f0000000500)=@id, &(0x7f0000000540)=0x10, 0x80000)

111.980369ms ago: executing program 2 (id=228):
r0 = gettid()
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffff]}, 0x0, 0x0, 0x8)
timer_create(0x2, &(0x7f0000000180)={0x0, 0x4, 0x4, @tid=r0}, &(0x7f0000000140))
timer_settime(0x0, 0xe54aef35e9c2845d, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000040)={0x7, 'veth0_to_bridge\x00', {0xe9fc75f}, 0x1ff})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = syz_open_dev$mouse(&(0x7f0000000080), 0x1, 0x400)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000440)={0x6, &(0x7f00000000c0)=[{@none}, {}, {@fixed}, {}, {@fixed}, {@none}]})
getsockopt$inet6_buf(r1, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xf9)

73.708639ms ago: executing program 1 (id=229):
creat(&(0x7f0000000000)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50)
socket(0x40000000002, 0x3, 0x80000000002)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8010, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000700)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000006c0)='i2c_read\x00', r6, 0x0, 0x94}, 0x18)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$dupfd(r3, 0x406, r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000000680)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xa4}, [@cb_func={0x18, 0x6, 0x4, 0x0, 0xfffffffffffffffa}]}, &(0x7f0000000180)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x41100, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r8, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)

0s ago: executing program 1 (id=230):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2e9a20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1015ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846899c6b23c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33694f40000000000005d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b95bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca86f750189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc681b6c9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8504611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7e07544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c01446234437b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c64cd14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e87973d574ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7430100bf3825a1996c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb150963b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b16500"/4081], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x12, &(0x7f00000003c0), 0x4)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, 0x0, &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x0)
r4 = syz_open_procfs$pagemap(0x0, &(0x7f0000000940))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000240)={0x60, 0x2, &(0x7f00008b0000/0x3000)=nil, &(0x7f00008e9000/0x4000)=nil, 0x670, 0x0, 0x0, 0x3, 0x40, 0x1, 0x0, 0xb})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendto$inet6(r5, &(0x7f0000000180)="9000000018001f2fb9409b52ffff65580200be04020c060560020b0243000f00ffffff9e00c8388827a685a168d0bf47d32345653602648dcaaf6c26c291214549935ade4a460c20b6ec0cff3959547f500f58ba86c902000f1d012e02000280160012000a000000000000000000000000080000000eceb6b362bb944cf2e70100aba4183b003e5fa424ac4d31c4f7a1", 0x90, 0x0, 0x0, 0xf)
bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)

kernel console output (not intermixed with test programs):

1 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   68.955070][ T5949] RSP: 002b:00007fdc705b4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   68.955087][ T5949] RAX: ffffffffffffffda RBX: 00007fdc729a6160 RCX: 00007fdc7278b73c
[   68.955099][ T5949] RDX: 000000000000000f RSI: 00007fdc705b40a0 RDI: 0000000000000005
[   68.955110][ T5949] RBP: 00007fdc705b4090 R08: 0000000000000000 R09: 0000000000000000
[   68.955121][ T5949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.955131][ T5949] R13: 0000000000000001 R14: 00007fdc729a6160 R15: 00007ffc4c7741d8
[   68.955158][ T5949]  </TASK>
[   69.143928][    C0] vkms_vblank_simulate: vblank timer overrun
[   69.162689][    C0] Illegal XDP return value 16128 on prog  (id 6) dev bond_slave_0, expect packet loss!
[   69.181898][   T25] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   69.441860][   T25] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[   69.451944][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.463384][   T25] usb 4-1: config 0 descriptor??
[   69.472933][   T25] gspca_main: STV06xx-2.14.0 probing 046d:0870
[   69.776905][ T5957] FAULT_INJECTION: forcing a failure.
[   69.776905][ T5957] name failslab, interval 1, probability 0, space 0, times 0
[   69.860938][   T29] kauditd_printk_skb: 43 callbacks suppressed
[   69.860953][   T29] audit: type=1400 audit(1737785551.654:165): avc:  denied  { create } for  pid=5958 comm="syz.0.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   69.879708][ T5957] CPU: 1 UID: 0 PID: 5957 Comm: syz.4.16 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   69.879739][ T5957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   69.879749][ T5957] Call Trace:
[   69.879755][ T5957]  <TASK>
[   69.879762][ T5957]  dump_stack_lvl+0x16c/0x1f0
[   69.879792][ T5957]  should_fail_ex+0x497/0x5b0
[   69.879814][ T5957]  ? fs_reclaim_acquire+0xae/0x150
[   69.879840][ T5957]  should_failslab+0xc2/0x120
[   69.879860][ T5957]  __kmalloc_noprof+0xcb/0x510
[   69.879877][ T5957]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   69.879907][ T5957]  tomoyo_realpath_from_path+0xb9/0x720
[   69.879928][ T5957]  ? tomoyo_path_number_perm+0x235/0x590
[   69.879947][ T5957]  ? tomoyo_path_number_perm+0x235/0x590
[   69.879967][ T5957]  tomoyo_path_number_perm+0x248/0x590
[   69.879983][ T5957]  ? tomoyo_path_number_perm+0x235/0x590
[   69.880003][ T5957]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   69.880030][ T5957]  ? bpf_send_signal_common+0x3aa/0x540
[   69.880052][ T5957]  ? find_held_lock+0x2d/0x110
[   69.880083][ T5957]  ? __pfx_lock_release+0x10/0x10
[   69.880105][ T5957]  ? trace_lock_acquire+0x14e/0x1f0
[   69.880126][ T5957]  ? find_held_lock+0x2d/0x110
[   69.880145][ T5957]  ? lock_acquire+0x2f/0xb0
[   69.880166][ T5957]  ? __fget_files+0x40/0x3a0
[   69.880195][ T5957]  ? __fget_files+0x206/0x3a0
[   69.880224][ T5957]  security_file_ioctl+0x9b/0x240
[   69.880246][ T5957]  __x64_sys_ioctl+0xb7/0x200
[   69.880270][ T5957]  do_syscall_64+0xcd/0x250
[   69.880297][ T5957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.880322][ T5957] RIP: 0033:0x7f641538cd29
[   69.880336][ T5957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.880352][ T5957] RSP: 002b:00007f64161b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   69.880368][ T5957] RAX: ffffffffffffffda RBX: 00007f64155a5fa0 RCX: 00007f641538cd29
[   69.880380][ T5957] RDX: 00000000200000c0 RSI: 00000000c020aa08 RDI: 0000000000000004
[   69.880390][ T5957] RBP: 00007f64161b4090 R08: 0000000000000000 R09: 0000000000000000
[   69.880400][ T5957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.880410][ T5957] R13: 0000000000000000 R14: 00007f64155a5fa0 R15: 00007ffff85bf5a8
[   69.880434][ T5957]  </TASK>
[   69.880460][ T5957] ERROR: Out of memory at tomoyo_realpath_from_path.
[   69.887543][    C0] vkms_vblank_simulate: vblank timer overrun
[   70.004810][ T5870] libceph: connect (1)[c::]:6789 error -101
[   70.014048][ T5961] capability: warning: `syz.0.18' uses deprecated v2 capabilities in a way that may be insecure
[   70.024165][ T5870] libceph: mon0 (1)[c::]:6789 connect error
[   70.064587][ T5960] ceph: No mds server is up or the cluster is laggy
[   70.217924][   T29] audit: type=1400 audit(1737785552.014:166): avc:  denied  { create } for  pid=5958 comm="syz.0.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   70.218359][ T5961] netlink: 16 bytes leftover after parsing attributes in process `syz.0.18'.
[   70.371933][   T29] audit: type=1400 audit(1737785552.014:167): avc:  denied  { write } for  pid=5958 comm="syz.0.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   70.750961][   T29] audit: type=1400 audit(1737785552.544:168): avc:  denied  { create } for  pid=5968 comm="syz.4.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   70.770521][    C0] vkms_vblank_simulate: vblank timer overrun
[   70.842019][   T29] audit: type=1400 audit(1737785552.544:169): avc:  denied  { connect } for  pid=5968 comm="syz.4.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   70.862824][ T5971] FAULT_INJECTION: forcing a failure.
[   70.862824][ T5971] name failslab, interval 1, probability 0, space 0, times 0
[   70.863429][   T29] audit: type=1400 audit(1737785552.544:170): avc:  denied  { bind } for  pid=5968 comm="syz.4.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   70.890820][ T5971] CPU: 0 UID: 0 PID: 5971 Comm: syz.0.20 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   70.890850][ T5971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   70.890860][ T5971] Call Trace:
[   70.890865][ T5971]  <TASK>
[   70.890872][ T5971]  dump_stack_lvl+0x16c/0x1f0
[   70.890903][ T5971]  should_fail_ex+0x497/0x5b0
[   70.890925][ T5971]  ? fs_reclaim_acquire+0xae/0x150
[   70.890951][ T5971]  should_failslab+0xc2/0x120
[   70.890971][ T5971]  __kmalloc_node_noprof+0xd1/0x510
[   70.890990][ T5971]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   70.891026][ T5971]  __kvmalloc_node_noprof+0xad/0x1a0
[   70.891053][ T5971]  traverse.part.0.constprop.0+0x392/0x640
[   70.891079][ T5971]  ? __pfx___lock_acquire+0x10/0x10
[   70.891109][ T5971]  seq_read_iter+0x934/0x12b0
[   70.891133][ T5971]  ? hlock_class+0x4e/0x130
[   70.891160][ T5971]  seq_read+0x39f/0x4e0
[   70.891182][ T5971]  ? __pfx_seq_read+0x10/0x10
[   70.891216][ T5971]  ? avc_policy_seqno+0x9/0x20
[   70.891243][ T5971]  ? __pfx_seq_read+0x10/0x10
[   70.891265][ T5971]  proc_reg_read+0x23d/0x330
[   70.891291][ T5971]  ? __pfx_proc_reg_read+0x10/0x10
[   70.891316][ T5971]  vfs_readv+0x6c2/0x8a0
[   70.891344][ T5971]  ? __pfx___lock_acquire+0x10/0x10
[   70.891367][ T5971]  ? find_held_lock+0x2d/0x110
[   70.891390][ T5971]  ? __pfx_vfs_readv+0x10/0x10
[   70.891418][ T5971]  ? __fget_files+0x1fc/0x3a0
[   70.891443][ T5971]  ? __pfx_lock_release+0x10/0x10
[   70.891477][ T5971]  ? __fget_files+0x206/0x3a0
[   70.891508][ T5971]  ? do_preadv+0x1b1/0x270
[   70.891528][ T5971]  do_preadv+0x1b1/0x270
[   70.891551][ T5971]  ? __pfx_do_preadv+0x10/0x10
[   70.891581][ T5971]  do_syscall_64+0xcd/0x250
[   70.891608][ T5971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.891632][ T5971] RIP: 0033:0x7fdc7278cd29
[   70.891647][ T5971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.891663][ T5971] RSP: 002b:00007fdc705f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   70.891680][ T5971] RAX: ffffffffffffffda RBX: 00007fdc729a5fa0 RCX: 00007fdc7278cd29
[   70.891692][ T5971] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004
[   70.891702][ T5971] RBP: 00007fdc705f6090 R08: 0000000000000000 R09: 0000000000000000
[   70.891712][ T5971] R10: 0000000000000033 R11: 0000000000000246 R12: 0000000000000001
[   70.891722][ T5971] R13: 0000000000000000 R14: 00007fdc729a5fa0 R15: 00007ffc4c7741d8
[   70.891749][ T5971]  </TASK>
[   71.021940][ T5870] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   71.033472][   T29] audit: type=1400 audit(1737785552.634:171): avc:  denied  { create } for  pid=5970 comm="syz.0.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   71.218930][ T5870] usb 5-1: config 1 has an invalid descriptor of length 172, skipping remainder of the config
[   71.251828][   T25] gspca_stv06xx: I2C: Read error writing address: -71
[   71.266562][ T5870] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[   71.274243][   T25] usb 4-1: USB disconnect, device number 2
[   71.362138][ T5870] usb 5-1: New USB device found, idVendor=056a, idProduct=0019, bcdDevice= 0.40
[   71.384754][   T29] audit: type=1400 audit(1737785552.634:172): avc:  denied  { ioctl } for  pid=5970 comm="syz.0.20" path="socket:[9112]" dev="sockfs" ino=9112 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   71.422003][ T5870] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.429564][ T5978] overlayfs: workdir and upperdir must be separate subtrees
[   71.459423][ T5983] FAULT_INJECTION: forcing a failure.
[   71.459423][ T5983] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.482000][ T5870] usb 5-1: Product: ж
[   71.503552][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[   71.531026][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[   71.553452][ T5870] usb 5-1: Manufacturer: 淈李�㔆쵾纂갥咶罬볬紬쯰羷瓲⛣쉨�꺟♚唃ೊꊲ뿼㭋K鰀㌙孔⺇⑵Ế攙ᦀ䓑テ頞Ꚁ♓ᯌ�旓회��䱴䭎⛩﫚ዑ鎈耫ᔸ蘳ᨽ䧊襜僿狚ᇖ影ꤓ�툶㡎⿶￫ᬮ麹㑰掇믰뜻Ϫਪౡ䀡⻮冾猔虀熡츅㳷꛷繦软⤳慷쵟뮥ⴧ擴�嘠喲
[   71.585410][    C0] vkms_vblank_simulate: vblank timer overrun
[   71.608777][ T5983] CPU: 0 UID: 0 PID: 5983 Comm: syz.0.24 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   71.608804][ T5983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   71.608813][ T5983] Call Trace:
[   71.608818][ T5983]  <TASK>
[   71.608825][ T5983]  dump_stack_lvl+0x16c/0x1f0
[   71.608854][ T5983]  should_fail_ex+0x497/0x5b0
[   71.608878][ T5983]  _copy_from_user+0x2e/0xd0
[   71.608902][ T5983]  vga_arb_write+0xf9/0x1360
[   71.608924][ T5983]  ? __pfx_vga_arb_write+0x10/0x10
[   71.608942][ T5983]  ? inode_security+0xe/0x130
[   71.608965][ T5983]  ? inode_security+0x101/0x130
[   71.608988][ T5983]  ? bpf_lsm_file_permission+0x9/0x10
[   71.609006][ T5983]  ? security_file_permission+0x71/0x210
[   71.609027][ T5983]  ? rw_verify_area+0xcf/0x680
[   71.609048][ T5983]  ? __pfx_vga_arb_write+0x10/0x10
[   71.609067][ T5983]  vfs_write+0x24c/0x1150
[   71.609092][ T5983]  ? __fget_files+0x1fc/0x3a0
[   71.609115][ T5983]  ? __pfx_lock_release+0x10/0x10
[   71.609139][ T5983]  ? __pfx_vfs_write+0x10/0x10
[   71.609162][ T5983]  ? lock_acquire+0x2f/0xb0
[   71.609183][ T5983]  ? __fget_files+0x40/0x3a0
[   71.609209][ T5983]  ? __fget_files+0x206/0x3a0
[   71.609239][ T5983]  ksys_write+0x12b/0x250
[   71.609260][ T5983]  ? __pfx_ksys_write+0x10/0x10
[   71.609291][ T5983]  do_syscall_64+0xcd/0x250
[   71.609319][ T5983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.609342][ T5983] RIP: 0033:0x7fdc7278cd29
[   71.609356][ T5983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.609372][ T5983] RSP: 002b:00007fdc705f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   71.609389][ T5983] RAX: ffffffffffffffda RBX: 00007fdc729a5fa0 RCX: 00007fdc7278cd29
[   71.609400][ T5983] RDX: 0000000000000008 RSI: 00000000200002c0 RDI: 0000000000000003
[   71.609410][ T5983] RBP: 00007fdc705f6090 R08: 0000000000000000 R09: 0000000000000000
[   71.609420][ T5983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.609430][ T5983] R13: 0000000000000000 R14: 00007fdc729a5fa0 R15: 00007ffc4c7741d8
[   71.609452][ T5983]  </TASK>
[   71.622160][   T29] audit: type=1400 audit(1737785552.634:173): avc:  denied  { bind } for  pid=5970 comm="syz.0.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   71.672197][ T5870] usb 5-1: SerialNumber: syz
[   71.698936][   T29] audit: type=1400 audit(1737785552.694:174): avc:  denied  { name_bind } for  pid=5972 comm="syz.2.21" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   71.789114][ T5978] netlink: 44 bytes leftover after parsing attributes in process `syz.1.25'.
[   71.880274][ T5986] netlink: 'syz.0.26': attribute type 21 has an invalid length.
[   71.917213][ T5986] netlink: 156 bytes leftover after parsing attributes in process `syz.0.26'.
[   71.961185][ T5987] netlink: 'syz.0.26': attribute type 21 has an invalid length.
[   71.977545][ T5987] netlink: 156 bytes leftover after parsing attributes in process `syz.0.26'.
[   72.151997][   T25] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   72.198579][ T5969] wg1 speed is unknown, defaulting to 1000
[   72.205644][ T5969] wg1 speed is unknown, defaulting to 1000
[   72.249044][ T5969] wg1 speed is unknown, defaulting to 1000
[   72.332398][   T25] usb 2-1: Using ep0 maxpacket: 8
[   72.361959][ T5969] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   72.382146][   T25] usb 2-1: unable to get BOS descriptor set
[   72.392439][ T5986] syz.0.26 (5986) used greatest stack depth: 19984 bytes left
[   72.409998][ T5969] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   72.417669][   T25] usb 2-1: config 4 has an invalid interface number: 55 but max is 0
[   72.450961][   T25] usb 2-1: config 4 has no interface number 0
[   72.471634][ T5969] wg1 speed is unknown, defaulting to 1000
[   72.489518][   T25] usb 2-1: config 4 interface 55 has no altsetting 0
[   72.519623][   T25] usb 2-1: New USB device found, idVendor=07d1, idProduct=3c0b, bcdDevice=a5.be
[   72.530191][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.538690][   T25] usb 2-1: Product: syz
[   72.545917][ T5969] wg1 speed is unknown, defaulting to 1000
[   72.547005][   T25] usb 2-1: Manufacturer: syz
[   72.561504][   T25] usb 2-1: SerialNumber: syz
[   72.572828][ T5969] wg1 speed is unknown, defaulting to 1000
[   72.586791][ T5969] wg1 speed is unknown, defaulting to 1000
[   72.594715][ T5969] wg1 speed is unknown, defaulting to 1000
[   72.641464][ T5870] usb 5-1: USB disconnect, device number 3
[   72.796714][   T25] usb 2-1: USB disconnect, device number 3
[   73.023649][ T6004] FAULT_INJECTION: forcing a failure.
[   73.023649][ T6004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.056243][ T6004] CPU: 1 UID: 0 PID: 6004 Comm: syz.0.30 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   73.056271][ T6004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   73.056282][ T6004] Call Trace:
[   73.056288][ T6004]  <TASK>
[   73.056295][ T6004]  dump_stack_lvl+0x16c/0x1f0
[   73.056327][ T6004]  should_fail_ex+0x497/0x5b0
[   73.056360][ T6004]  _copy_from_user+0x2e/0xd0
[   73.056387][ T6004]  copy_msghdr_from_user+0x99/0x160
[   73.056407][ T6004]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   73.056429][ T6004]  ? __pfx___lock_acquire+0x10/0x10
[   73.056462][ T6004]  ___sys_recvmsg+0xdc/0x1a0
[   73.056481][ T6004]  ? __pfx____sys_recvmsg+0x10/0x10
[   73.056499][ T6004]  ? __pfx_lock_release+0x10/0x10
[   73.056522][ T6004]  ? trace_lock_acquire+0x14e/0x1f0
[   73.056561][ T6004]  do_recvmmsg+0x2f8/0x740
[   73.056583][ T6004]  ? __pfx_do_recvmmsg+0x10/0x10
[   73.056599][ T6004]  ? vfs_write+0x306/0x1150
[   73.056630][ T6004]  ? __mutex_unlock_slowpath+0x164/0x6a0
[   73.056665][ T6004]  ? __fget_files+0x206/0x3a0
[   73.056698][ T6004]  __x64_sys_recvmmsg+0x239/0x290
[   73.056719][ T6004]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[   73.056746][ T6004]  do_syscall_64+0xcd/0x250
[   73.056774][ T6004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.056799][ T6004] RIP: 0033:0x7fdc7278cd29
[   73.056814][ T6004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.056831][ T6004] RSP: 002b:00007fdc705b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   73.056848][ T6004] RAX: ffffffffffffffda RBX: 00007fdc729a6160 RCX: 00007fdc7278cd29
[   73.056861][ T6004] RDX: 0400000000000179 RSI: 0000000020000480 RDI: 0000000000000005
[   73.056872][ T6004] RBP: 00007fdc705b4090 R08: 0000000000000000 R09: 0000000000000000
[   73.056883][ T6004] R10: 0000000000010022 R11: 0000000000000246 R12: 0000000000000001
[   73.056893][ T6004] R13: 0000000000000000 R14: 00007fdc729a6160 R15: 00007ffc4c7741d8
[   73.056917][ T6004]  </TASK>
[   73.577502][ T6009] FAULT_INJECTION: forcing a failure.
[   73.577502][ T6009] name failslab, interval 1, probability 0, space 0, times 0
[   73.591485][ T6006] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   73.612493][ T6009] CPU: 0 UID: 0 PID: 6009 Comm: syz.1.33 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   73.612521][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   73.612531][ T6009] Call Trace:
[   73.612537][ T6009]  <TASK>
[   73.612544][ T6009]  dump_stack_lvl+0x16c/0x1f0
[   73.612576][ T6009]  should_fail_ex+0x497/0x5b0
[   73.612599][ T6009]  ? fs_reclaim_acquire+0xae/0x150
[   73.612627][ T6009]  should_failslab+0xc2/0x120
[   73.612647][ T6009]  __kmalloc_noprof+0xcb/0x510
[   73.612665][ T6009]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   73.612696][ T6009]  tomoyo_realpath_from_path+0xb9/0x720
[   73.612719][ T6009]  ? tomoyo_path_number_perm+0x235/0x590
[   73.612739][ T6009]  ? tomoyo_path_number_perm+0x235/0x590
[   73.612760][ T6009]  tomoyo_path_number_perm+0x248/0x590
[   73.612777][ T6009]  ? tomoyo_path_number_perm+0x235/0x590
[   73.612798][ T6009]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   73.612843][ T6009]  ? __pfx_lock_release+0x10/0x10
[   73.612867][ T6009]  ? trace_lock_acquire+0x14e/0x1f0
[   73.612892][ T6009]  ? lock_acquire+0x2f/0xb0
[   73.612914][ T6009]  ? __fget_files+0x40/0x3a0
[   73.612944][ T6009]  ? __fget_files+0x206/0x3a0
[   73.612974][ T6009]  security_file_ioctl+0x9b/0x240
[   73.612997][ T6009]  __x64_sys_ioctl+0xb7/0x200
[   73.613023][ T6009]  do_syscall_64+0xcd/0x250
[   73.613057][ T6009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.613082][ T6009] RIP: 0033:0x7effe8f8cd29
[   73.613097][ T6009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.613113][ T6009] RSP: 002b:00007effe9e8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   73.613129][ T6009] RAX: ffffffffffffffda RBX: 00007effe91a5fa0 RCX: 00007effe8f8cd29
[   73.613141][ T6009] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   73.613151][ T6009] RBP: 00007effe9e8b090 R08: 0000000000000000 R09: 0000000000000000
[   73.613163][ T6009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.613173][ T6009] R13: 0000000000000000 R14: 00007effe91a5fa0 R15: 00007ffe56289278
[   73.613199][ T6009]  </TASK>
[   73.613207][ T6009] ERROR: Out of memory at tomoyo_realpath_from_path.
[   73.707084][ T6006] syz.2.31 uses obsolete (PF_INET,SOCK_PACKET)
[   74.642145][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   74.650685][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   74.659241][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   74.670814][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   74.896821][   T29] kauditd_printk_skb: 22 callbacks suppressed
[   74.896836][   T29] audit: type=1400 audit(1737785556.694:197): avc:  denied  { create } for  pid=6027 comm="syz.1.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   75.011159][   T29] audit: type=1400 audit(1737785556.804:198): avc:  denied  { unmount } for  pid=5828 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   75.198084][   T29] audit: type=1400 audit(1737785556.984:199): avc:  denied  { create } for  pid=6040 comm="syz.3.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[   75.233343][ T5867] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   75.281071][   T29] audit: type=1400 audit(1737785556.984:200): avc:  denied  { write } for  pid=6040 comm="syz.3.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[   75.561791][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   75.840305][ T5867] usb 2-1: New USB device found, idVendor=0f11, idProduct=1000, bcdDevice= 0.7f
[   75.855905][ T5867] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.057022][   T29] audit: type=1400 audit(1737785557.824:201): avc:  denied  { read write } for  pid=6048 comm="syz.0.40" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   76.525635][ T5867] usb 2-1: config 0 descriptor??
[   76.609760][  T902] cfg80211: failed to load regulatory.db
[   76.784590][   T29] audit: type=1400 audit(1737785557.824:202): avc:  denied  { open } for  pid=6048 comm="syz.0.40" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   77.025755][   T29] audit: type=1400 audit(1737785558.444:203): avc:  denied  { mount } for  pid=6056 comm="syz.0.42" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   77.302890][ T6067] FAULT_INJECTION: forcing a failure.
[   77.302890][ T6067] name failslab, interval 1, probability 0, space 0, times 0
[   77.537900][ T6067] CPU: 0 UID: 0 PID: 6067 Comm: syz.0.44 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   77.537921][ T6067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   77.537928][ T6067] Call Trace:
[   77.537933][ T6067]  <TASK>
[   77.537938][ T6067]  dump_stack_lvl+0x16c/0x1f0
[   77.537958][ T6067]  should_fail_ex+0x497/0x5b0
[   77.537980][ T6067]  ? fs_reclaim_acquire+0xae/0x150
[   77.538007][ T6067]  should_failslab+0xc2/0x120
[   77.538027][ T6067]  __kmalloc_noprof+0xcb/0x510
[   77.538044][ T6067]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   77.538067][ T6067]  tomoyo_realpath_from_path+0xb9/0x720
[   77.538080][ T6067]  ? tomoyo_path_number_perm+0x235/0x590
[   77.538091][ T6067]  ? tomoyo_path_number_perm+0x235/0x590
[   77.538102][ T6067]  tomoyo_path_number_perm+0x248/0x590
[   77.538112][ T6067]  ? tomoyo_path_number_perm+0x235/0x590
[   77.538132][ T6067]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   77.538177][ T6067]  ? __pfx_lock_release+0x10/0x10
[   77.538200][ T6067]  ? trace_lock_acquire+0x14e/0x1f0
[   77.538215][ T6067]  ? lock_acquire+0x2f/0xb0
[   77.538228][ T6067]  ? __fget_files+0x40/0x3a0
[   77.538254][ T6067]  ? __fget_files+0x206/0x3a0
[   77.538280][ T6067]  security_file_ioctl+0x9b/0x240
[   77.538300][ T6067]  __x64_sys_ioctl+0xb7/0x200
[   77.538324][ T6067]  do_syscall_64+0xcd/0x250
[   77.538350][ T6067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.538376][ T6067] RIP: 0033:0x7fdc7278cd29
[   77.538390][ T6067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.538407][ T6067] RSP: 002b:00007fdc705f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   77.538424][ T6067] RAX: ffffffffffffffda RBX: 00007fdc729a5fa0 RCX: 00007fdc7278cd29
[   77.538435][ T6067] RDX: 0000000020000080 RSI: 00000000c0585605 RDI: 0000000000000003
[   77.538446][ T6067] RBP: 00007fdc705f6090 R08: 0000000000000000 R09: 0000000000000000
[   77.538457][ T6067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.538467][ T6067] R13: 0000000000000000 R14: 00007fdc729a5fa0 R15: 00007ffc4c7741d8
[   77.538502][ T6067]  </TASK>
[   77.540953][ T6067] ERROR: Out of memory at tomoyo_realpath_from_path.
[   77.781206][   T29] audit: type=1400 audit(1737785558.724:204): avc:  denied  { unmount } for  pid=5823 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   78.306325][   T29] audit: type=1400 audit(1737785558.894:205): avc:  denied  { watch } for  pid=6061 comm="syz.2.43" path="/10" dev="tmpfs" ino=72 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   78.395013][   T29] audit: type=1400 audit(1737785558.894:206): avc:  denied  { setopt } for  pid=6027 comm="syz.1.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   78.395502][ T6071] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   78.432382][ T6073] FAULT_INJECTION: forcing a failure.
[   78.432382][ T6073] name failslab, interval 1, probability 0, space 0, times 0
[   78.500853][ T6073] CPU: 0 UID: 0 PID: 6073 Comm: syz.0.47 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   78.500878][ T6073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   78.500886][ T6073] Call Trace:
[   78.500891][ T6073]  <TASK>
[   78.500898][ T6073]  dump_stack_lvl+0x16c/0x1f0
[   78.500928][ T6073]  should_fail_ex+0x497/0x5b0
[   78.500949][ T6073]  ? fs_reclaim_acquire+0xae/0x150
[   78.500974][ T6073]  should_failslab+0xc2/0x120
[   78.500992][ T6073]  __kmalloc_noprof+0xcb/0x510
[   78.501008][ T6073]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   78.501035][ T6073]  tomoyo_realpath_from_path+0xb9/0x720
[   78.501055][ T6073]  ? tomoyo_path_number_perm+0x235/0x590
[   78.501073][ T6073]  ? tomoyo_path_number_perm+0x235/0x590
[   78.501091][ T6073]  tomoyo_path_number_perm+0x248/0x590
[   78.501107][ T6073]  ? tomoyo_path_number_perm+0x235/0x590
[   78.501126][ T6073]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   78.501166][ T6073]  ? __pfx_lock_release+0x10/0x10
[   78.501187][ T6073]  ? trace_lock_acquire+0x14e/0x1f0
[   78.501209][ T6073]  ? lock_acquire+0x2f/0xb0
[   78.501229][ T6073]  ? __fget_files+0x40/0x3a0
[   78.501256][ T6073]  ? __fget_files+0x206/0x3a0
[   78.501282][ T6073]  security_file_ioctl+0x9b/0x240
[   78.501302][ T6073]  __x64_sys_ioctl+0xb7/0x200
[   78.501325][ T6073]  do_syscall_64+0xcd/0x250
[   78.501351][ T6073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.501374][ T6073] RIP: 0033:0x7fdc7278cd29
[   78.501388][ T6073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.501403][ T6073] RSP: 002b:00007fdc705f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   78.501420][ T6073] RAX: ffffffffffffffda RBX: 00007fdc729a5fa0 RCX: 00007fdc7278cd29
[   78.501432][ T6073] RDX: 0000000020000240 RSI: 0000000040045612 RDI: 0000000000000003
[   78.501442][ T6073] RBP: 00007fdc705f6090 R08: 0000000000000000 R09: 0000000000000000
[   78.501451][ T6073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.501461][ T6073] R13: 0000000000000000 R14: 00007fdc729a5fa0 R15: 00007ffc4c7741d8
[   78.501484][ T6073]  </TASK>
[   78.501491][ T6073] ERROR: Out of memory at tomoyo_realpath_from_path.
[   78.515495][ T5867] usb 2-1: string descriptor 0 read error: -71
[   78.515849][ T5867] ldusb 2-1:0.0: Interrupt in endpoint not found
[   78.527659][ T5867] usb 2-1: USB disconnect, device number 4
[   78.737396][ T6074] netlink: 8 bytes leftover after parsing attributes in process `syz.3.46'.
[   78.812492][ T6073] vimc link validate: Sensor B:src:16x2160 (0x33424752, 6, 0, 1, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[   78.841854][ T6074] netlink: 4 bytes leftover after parsing attributes in process `syz.3.46'.
[   78.842688][ T6071] netlink: 20 bytes leftover after parsing attributes in process `syz.3.46'.
[   78.981856][ T6079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.49'.
[   79.003183][ T6079] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   79.897639][ T6111] capability: warning: `syz.1.61' uses 32-bit capabilities (legacy support in use)
[   79.921921][   T29] kauditd_printk_skb: 15 callbacks suppressed
[   79.921936][   T29] audit: type=1400 audit(1737785561.714:222): avc:  denied  { write } for  pid=6112 comm="syz.4.62" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   80.031058][   T29] audit: type=1400 audit(1737785561.714:223): avc:  denied  { name_connect } for  pid=6112 comm="syz.4.62" dest=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[   80.110757][   T29] audit: type=1400 audit(1737785561.904:224): avc:  denied  { read write } for  pid=6116 comm="syz.2.64" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   80.153873][   T29] audit: type=1400 audit(1737785561.904:225): avc:  denied  { map } for  pid=6120 comm="syz.0.65" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=9411 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   80.214918][   T25] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   80.239091][   T29] audit: type=1400 audit(1737785561.904:226): avc:  denied  { read write } for  pid=6120 comm="syz.0.65" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=9411 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   80.258156][ T6125] wg1 speed is unknown, defaulting to 1000
[   80.272584][   T29] audit: type=1400 audit(1737785561.904:227): avc:  denied  { execute } for  pid=6120 comm="syz.0.65" path="/18/cpu.stat" dev="tmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   80.313941][   T29] audit: type=1400 audit(1737785561.934:228): avc:  denied  { open } for  pid=6116 comm="syz.2.64" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   80.322012][ T5867] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   80.337263][   T29] audit: type=1400 audit(1737785561.984:229): avc:  denied  { rename } for  pid=5173 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   80.366957][   T29] audit: type=1400 audit(1737785561.984:230): avc:  denied  { unlink } for  pid=5173 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   80.380403][ T6130] FAULT_INJECTION: forcing a failure.
[   80.380403][ T6130] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.411373][ T6130] CPU: 0 UID: 0 PID: 6130 Comm: syz.1.69 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   80.411400][ T6130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   80.411410][ T6130] Call Trace:
[   80.411416][ T6130]  <TASK>
[   80.411423][ T6130]  dump_stack_lvl+0x16c/0x1f0
[   80.411454][ T6130]  should_fail_ex+0x497/0x5b0
[   80.411481][ T6130]  _copy_from_user+0x2e/0xd0
[   80.411507][ T6130]  copy_msghdr_from_user+0x99/0x160
[   80.411526][ T6130]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   80.411542][ T6130]  ? __lock_acquire+0xcc5/0x3c40
[   80.411578][ T6130]  ___sys_sendmsg+0xff/0x1e0
[   80.411597][ T6130]  ? __pfx____sys_sendmsg+0x10/0x10
[   80.411626][ T6130]  ? trace_lock_acquire+0x14e/0x1f0
[   80.411666][ T6130]  __sys_sendmmsg+0x201/0x420
[   80.411688][ T6130]  ? __pfx___sys_sendmmsg+0x10/0x10
[   80.411715][ T6130]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   80.411751][ T6130]  ? fput+0x67/0x440
[   80.411769][ T6130]  ? ksys_write+0x1ba/0x250
[   80.411791][ T6130]  ? __pfx_ksys_write+0x10/0x10
[   80.411818][ T6130]  __x64_sys_sendmmsg+0x9c/0x100
[   80.411833][ T6130]  ? lockdep_hardirqs_on+0x7c/0x110
[   80.411855][ T6130]  do_syscall_64+0xcd/0x250
[   80.411881][ T6130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.411907][ T6130] RIP: 0033:0x7effe8f8cd29
[   80.411921][ T6130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.411938][ T6130] RSP: 002b:00007effe9e8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   80.411955][ T6130] RAX: ffffffffffffffda RBX: 00007effe91a5fa0 RCX: 00007effe8f8cd29
[   80.411967][ T6130] RDX: 0000000000000001 RSI: 0000000020003280 RDI: 0000000000000004
[   80.411978][ T6130] RBP: 00007effe9e8b090 R08: 0000000000000000 R09: 0000000000000000
[   80.411989][ T6130] R10: 000000002004c095 R11: 0000000000000246 R12: 0000000000000001
[   80.412000][ T6130] R13: 0000000000000000 R14: 00007effe91a5fa0 R15: 00007ffe56289278
[   80.412024][ T6130]  </TASK>
[   80.413065][ T6131] netlink: 'syz.2.67': attribute type 2 has an invalid length.
[   80.469542][   T29] audit: type=1400 audit(1737785561.984:231): avc:  denied  { create } for  pid=5173 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   80.495631][ T6133] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   80.648629][   T25] usb 4-1: Using ep0 maxpacket: 8
[   80.657107][   T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   80.673644][   T25] usb 4-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[   80.684004][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.693174][   T25] usb 4-1: Product: syz
[   80.693332][ T6125] veth1_vlan: left promiscuous mode
[   80.697347][   T25] usb 4-1: Manufacturer: syz
[   80.697365][   T25] usb 4-1: SerialNumber: syz
[   80.699142][   T25] usb 4-1: config 0 descriptor??
[   80.734390][ T5867] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   80.749246][ T5867] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   80.761720][ T5867] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   80.781125][ T5867] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.828489][ T6119] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[   80.840649][ T5867] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[   80.901336][   T25] msi2500 4-1:0.0: Registered as swradio24
[   80.938627][   T25] msi2500 4-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[   81.433817][ T6149] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0
[   81.459605][    T9] usb 4-1: USB disconnect, device number 3
[   81.482148][ T5867] usb 5-1: USB disconnect, device number 4
[   81.796197][ T6153] udevd[6153]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   81.981897][ T5897] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   82.053132][ T6162] wg1 speed is unknown, defaulting to 1000
[   82.225474][ T5897] usb 3-1: config 1 has an invalid descriptor of length 172, skipping remainder of the config
[   82.281810][ T5897] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[   82.325029][ T6166] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65522 sclass=netlink_route_socket pid=6166 comm=syz.4.77
[   82.348378][ T5897] usb 3-1: New USB device found, idVendor=056a, idProduct=0019, bcdDevice= 0.40
[   82.403155][ T6168] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket pid=6168 comm=syz.4.77
[   82.415665][ T5897] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.466469][ T5897] usb 3-1: Product: ж
[   82.470601][ T5897] usb 3-1: Manufacturer: 淈李�㔆쵾纂갥咶罬볬紬쯰羷瓲⛣쉨�꺟♚唃ೊꊲ뿼㭋K鰀㌙孔⺇⑵Ế攙ᦀ䓑テ頞Ꚁ♓ᯌ�旓회��䱴䭎⛩﫚ዑ鎈耫ᔸ蘳ᨽ䧊襜僿狚ᇖ影ꤓ�툶㡎⿶￫ᬮ麹㑰掇믰뜻Ϫਪౡ䀡⻮冾猔虀熡츅㳷꛷繦软⤳慷쵟뮥ⴧ擴�嘠喲
[   82.762938][ T5897] usb 3-1: SerialNumber: syz
[   82.832032][ T6173] FAULT_INJECTION: forcing a failure.
[   82.832032][ T6173] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.882732][ T6175] netlink: 'syz.0.80': attribute type 10 has an invalid length.
[   82.915257][ T6177] FAULT_INJECTION: forcing a failure.
[   82.915257][ T6177] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.928505][ T6173] CPU: 1 UID: 0 PID: 6173 Comm: syz.1.79 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   82.928528][ T6173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   82.928538][ T6173] Call Trace:
[   82.928544][ T6173]  <TASK>
[   82.928551][ T6173]  dump_stack_lvl+0x16c/0x1f0
[   82.928583][ T6173]  should_fail_ex+0x497/0x5b0
[   82.928610][ T6173]  _copy_from_user+0x2e/0xd0
[   82.928637][ T6173]  copy_msghdr_from_user+0x99/0x160
[   82.928657][ T6173]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   82.928688][ T6173]  ___sys_sendmsg+0xff/0x1e0
[   82.928708][ T6173]  ? __pfx____sys_sendmsg+0x10/0x10
[   82.928737][ T6173]  ? __pfx_lock_release+0x10/0x10
[   82.928762][ T6173]  ? trace_lock_acquire+0x14e/0x1f0
[   82.928792][ T6173]  ? __fget_files+0x206/0x3a0
[   82.928826][ T6173]  __sys_sendmsg+0x16e/0x220
[   82.928845][ T6173]  ? __pfx___sys_sendmsg+0x10/0x10
[   82.928876][ T6173]  ? rcu_is_watching+0x12/0xc0
[   82.928900][ T6173]  do_syscall_64+0xcd/0x250
[   82.928928][ T6173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.928953][ T6173] RIP: 0033:0x7effe8f8cd29
[   82.928969][ T6173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.928986][ T6173] RSP: 002b:00007effe9e8b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.929002][ T6173] RAX: ffffffffffffffda RBX: 00007effe91a5fa0 RCX: 00007effe8f8cd29
[   82.929015][ T6173] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[   82.929025][ T6173] RBP: 00007effe9e8b090 R08: 0000000000000000 R09: 0000000000000000
[   82.929036][ T6173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.929046][ T6173] R13: 0000000000000000 R14: 00007effe91a5fa0 R15: 00007ffe56289278
[   82.929071][ T6173]  </TASK>
[   83.162079][ T6175] netlink: 40 bytes leftover after parsing attributes in process `syz.0.80'.
[   83.187943][ T6159] siw: device registration error -23
[   83.191178][ T6175] batadv0: entered promiscuous mode
[   83.198590][ T6175] batadv0: entered allmulticast mode
[   83.204626][ T6175] bridge0: port 3(batadv0) entered blocking state
[   83.211138][ T6175] bridge0: port 3(batadv0) entered disabled state
[   83.216258][ T6177] CPU: 0 UID: 0 PID: 6177 Comm: syz.4.81 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   83.216284][ T6177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   83.216294][ T6177] Call Trace:
[   83.216300][ T6177]  <TASK>
[   83.216307][ T6177]  dump_stack_lvl+0x16c/0x1f0
[   83.216336][ T6177]  should_fail_ex+0x497/0x5b0
[   83.216368][ T6177]  _copy_from_user+0x2e/0xd0
[   83.216393][ T6177]  copy_msghdr_from_user+0x99/0x160
[   83.216413][ T6177]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   83.216443][ T6177]  ___sys_sendmsg+0xff/0x1e0
[   83.216462][ T6177]  ? __pfx____sys_sendmsg+0x10/0x10
[   83.216489][ T6177]  ? __pfx_lock_release+0x10/0x10
[   83.216513][ T6177]  ? trace_lock_acquire+0x14e/0x1f0
[   83.216542][ T6177]  ? __fget_files+0x206/0x3a0
[   83.216575][ T6177]  __sys_sendmsg+0x16e/0x220
[   83.216592][ T6177]  ? __pfx___sys_sendmsg+0x10/0x10
[   83.216621][ T6177]  ? rcu_is_watching+0x12/0xc0
[   83.216643][ T6177]  do_syscall_64+0xcd/0x250
[   83.216670][ T6177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.216695][ T6177] RIP: 0033:0x7f641538cd29
[   83.216709][ T6177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.216725][ T6177] RSP: 002b:00007f64161b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.216742][ T6177] RAX: ffffffffffffffda RBX: 00007f64155a5fa0 RCX: 00007f641538cd29
[   83.216754][ T6177] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[   83.216764][ T6177] RBP: 00007f64161b4090 R08: 0000000000000000 R09: 0000000000000000
[   83.216775][ T6177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.216785][ T6177] R13: 0000000000000000 R14: 00007f64155a5fa0 R15: 00007ffff85bf5a8
[   83.216809][ T6177]  </TASK>
[   83.308788][ T5897] usb 3-1: USB disconnect, device number 3
[   83.311675][ T6175] bridge0: port 3(batadv0) entered blocking state
[   83.407611][ T6175] bridge0: port 3(batadv0) entered forwarding state
[   83.582902][ T6186] Zero length message leads to an empty skb
[   83.589351][ T6186] netlink: 'syz.3.85': attribute type 10 has an invalid length.
[   83.618015][ T4371] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   83.627735][ T4371] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   83.652837][ T6186] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.674036][ T6186] team0: Port device batadv0 added
[   83.698706][ T6184] ./file0: Can't lookup blockdev
[   83.729570][ T6184] netlink: 40 bytes leftover after parsing attributes in process `syz.0.84'.
[   83.750166][ T6186] netlink: 'syz.3.85': attribute type 10 has an invalid length.
[   83.760907][ T6184] netlink: 'syz.0.84': attribute type 1 has an invalid length.
[   83.842371][ T5897] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   84.022027][ T5897] usb 2-1: Using ep0 maxpacket: 16
[   84.031326][ T5897] usb 2-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 32, changing to 9
[   84.046605][ T5897] usb 2-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[   84.101867][ T5897] usb 2-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   84.135440][ T5897] usb 2-1: config 0 interface 0 has no altsetting 0
[   84.162526][ T5897] usb 2-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[   84.198536][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.221111][ T5897] usb 2-1: config 0 descriptor??
[   84.670379][ T5897] input: HID 054c:03d5 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:054C:03D5.0001/input/input5
[   84.812961][ T5897] sony 0003:054C:03D5.0001: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.1-1/input0
[   84.868473][ T6217] FAULT_INJECTION: forcing a failure.
[   84.868473][ T6217] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.888293][ T6217] CPU: 0 UID: 0 PID: 6217 Comm: syz.4.95 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   84.888317][ T6217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   84.888326][ T6217] Call Trace:
[   84.888331][ T6217]  <TASK>
[   84.888338][ T6217]  dump_stack_lvl+0x16c/0x1f0
[   84.888368][ T6217]  should_fail_ex+0x497/0x5b0
[   84.888394][ T6217]  _copy_from_iter+0x2a1/0x1560
[   84.888418][ T6217]  ? find_held_lock+0x2d/0x110
[   84.888440][ T6217]  ? __pfx__copy_from_iter+0x10/0x10
[   84.888460][ T6217]  ? rawv6_sendmsg+0xa6a/0x4450
[   84.888482][ T6217]  ? __pfx_lock_release+0x10/0x10
[   84.888505][ T6217]  ? trace_lock_acquire+0x14e/0x1f0
[   84.888534][ T6217]  rawv6_sendmsg+0x2375/0x4450
[   84.888553][ T6217]  ? avc_has_perm_noaudit+0x119/0x3a0
[   84.888587][ T6217]  ? __pfx_rawv6_sendmsg+0x10/0x10
[   84.888610][ T6217]  ? avc_has_perm_noaudit+0x143/0x3a0
[   84.888635][ T6217]  ? avc_has_perm+0x11b/0x1c0
[   84.888659][ T6217]  ? __pfx_avc_has_perm+0x10/0x10
[   84.888704][ T6217]  ? __pfx_rawv6_sendmsg+0x10/0x10
[   84.888728][ T6217]  ? inet_sendmsg+0x119/0x140
[   84.888746][ T6217]  inet_sendmsg+0x119/0x140
[   84.888765][ T6217]  __sys_sendto+0x42a/0x4f0
[   84.888792][ T6217]  ? __pfx___sys_sendto+0x10/0x10
[   84.888837][ T6217]  ? ksys_write+0x1ba/0x250
[   84.888862][ T6217]  ? __pfx_ksys_write+0x10/0x10
[   84.888886][ T6217]  __x64_sys_sendto+0xe0/0x1c0
[   84.888910][ T6217]  ? do_syscall_64+0x91/0x250
[   84.888934][ T6217]  ? lockdep_hardirqs_on+0x7c/0x110
[   84.888957][ T6217]  do_syscall_64+0xcd/0x250
[   84.888983][ T6217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.889009][ T6217] RIP: 0033:0x7f641538cd29
[   84.889024][ T6217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.889041][ T6217] RSP: 002b:00007f64161b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   84.889058][ T6217] RAX: ffffffffffffffda RBX: 00007f64155a5fa0 RCX: 00007f641538cd29
[   84.889070][ T6217] RDX: 0000000000000019 RSI: 0000000020000300 RDI: 0000000000000003
[   84.889081][ T6217] RBP: 00007f64161b4090 R08: 0000000000000000 R09: fffffffffffffdfd
[   84.889092][ T6217] R10: 0000000000003b00 R11: 0000000000000246 R12: 0000000000000001
[   84.889102][ T6217] R13: 0000000000000000 R14: 00007f64155a5fa0 R15: 00007ffff85bf5a8
[   84.889138][ T6217]  </TASK>
[   85.122217][ T6182] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.132288][ T6182] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.195079][ T5898] usb 2-1: USB disconnect, device number 5
[   85.242627][ T5867] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   85.251082][ T6219] evm: overlay not supported
[   85.303438][ T6221] bridge0: port 3(syz_tun) entered blocking state
[   85.310531][ T6221] bridge0: port 3(syz_tun) entered disabled state
[   85.319311][ T6221] syz_tun: entered allmulticast mode
[   85.327788][ T6221] syz_tun: entered promiscuous mode
[   85.334743][ T6221] bridge0: port 3(syz_tun) entered blocking state
[   85.341528][ T6221] bridge0: port 3(syz_tun) entered forwarding state
[   85.384885][ T6221] openvswitch: netlink: IP tunnel TTL not specified.
[   85.394428][ T6221] netlink: 4 bytes leftover after parsing attributes in process `syz.3.96'.
[   85.403542][ T6221] syz_tun: left allmulticast mode
[   85.408570][ T6221] syz_tun: left promiscuous mode
[   85.415493][ T5867] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   85.415831][ T6226] FAULT_INJECTION: forcing a failure.
[   85.415831][ T6226] name failslab, interval 1, probability 0, space 0, times 0
[   85.431647][ T5867] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   85.442160][ T6226] CPU: 0 UID: 0 PID: 6226 Comm: syz.2.98 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   85.442183][ T6226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   85.442194][ T6226] Call Trace:
[   85.442199][ T6226]  <TASK>
[   85.442206][ T6226]  dump_stack_lvl+0x16c/0x1f0
[   85.442236][ T6226]  should_fail_ex+0x497/0x5b0
[   85.442258][ T6226]  ? fs_reclaim_acquire+0xae/0x150
[   85.442285][ T6226]  should_failslab+0xc2/0x120
[   85.442304][ T6226]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   85.442332][ T6226]  ? is_bpf_text_address+0x30/0x1a0
[   85.442357][ T6226]  ? fuse_request_alloc+0x22/0x1a0
[   85.442387][ T6226]  fuse_request_alloc+0x22/0x1a0
[   85.442413][ T6226]  fuse_get_req+0x4c3/0xbd0
[   85.442440][ T6226]  ? __kernel_text_address+0xd/0x40
[   85.442463][ T6226]  ? unwind_get_return_address+0x59/0xa0
[   85.442491][ T6226]  ? __pfx_fuse_get_req+0x10/0x10
[   85.442531][ T6226]  __fuse_simple_request+0xb8/0xcb0
[   85.442555][ T6226]  fuse_do_getattr+0x282/0x540
[   85.442579][ T6226]  ? __pfx_fuse_do_getattr+0x10/0x10
[   85.442603][ T6226]  ? lockdep_unlock+0x11a/0x290
[   85.442622][ T6226]  ? __lock_acquire+0x2077/0x3c40
[   85.442676][ T6226]  fuse_update_get_attr+0x53c/0x630
[   85.442703][ T6226]  fuse_file_write_iter+0x2f2/0x8c0
[   85.442726][ T6226]  vfs_write+0x5ae/0x1150
[   85.442752][ T6226]  ? __pfx_fuse_file_write_iter+0x10/0x10
[   85.442772][ T6226]  ? __pfx___mutex_lock+0x10/0x10
[   85.442797][ T6226]  ? __pfx_vfs_write+0x10/0x10
[   85.442839][ T6226]  ksys_write+0x12b/0x250
[   85.442862][ T6226]  ? __pfx_ksys_write+0x10/0x10
[   85.442884][ T6226]  ? __might_fault+0xe3/0x190
[   85.442907][ T6226]  ? rcu_is_watching+0x12/0xc0
[   85.442929][ T6226]  do_syscall_64+0xcd/0x250
[   85.442955][ T6226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.442980][ T6226] RIP: 0033:0x7fdadd58cd29
[   85.442994][ T6226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.443010][ T6226] RSP: 002b:00007fdade46d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   85.443026][ T6226] RAX: ffffffffffffffda RBX: 00007fdadd7a6160 RCX: 00007fdadd58cd29
[   85.443038][ T6226] RDX: 00000000fffffdef RSI: 00000000200000c0 RDI: 0000000000000006
[   85.443048][ T6226] RBP: 00007fdade46d090 R08: 0000000000000000 R09: 0000000000000000
[   85.443059][ T6226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.443069][ T6226] R13: 0000000000000000 R14: 00007fdadd7a6160 R15: 00007ffea690cfc8
[   85.443099][ T6226]  </TASK>
[   85.445333][ T6221] bridge0: port 3(syz_tun) entered disabled state
[   85.465955][ T5867] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   85.531887][  T902] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   85.547231][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.555483][ T6215] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[   85.736174][ T6221] bridge_slave_1: left allmulticast mode
[   85.738534][ T5867] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[   85.788871][ T6221] bridge_slave_1: left promiscuous mode
[   85.799849][  T902] usb 5-1: Using ep0 maxpacket: 32
[   85.800077][ T6221] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.818497][  T902] usb 5-1: config 0 has an invalid interface number: 116 but max is 1
[   85.830761][ T6221] bridge_slave_0: left allmulticast mode
[   85.832479][  T902] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[   85.846878][ T6221] bridge_slave_0: left promiscuous mode
[   85.855871][ T6221] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.029688][  T902] usb 5-1: config 0 has no interface number 0
[   86.041498][   T29] kauditd_printk_skb: 15 callbacks suppressed
[   86.041515][   T29] audit: type=1400 audit(1737785567.834:247): avc:  denied  { override_creds } for  pid=6214 comm="syz.0.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   86.051880][  T902] usb 5-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[   86.076862][  T902] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.085194][  T902] usb 5-1: Product: syz
[   86.091374][  T902] usb 5-1: Manufacturer: syz
[   86.105607][ T6229] FAULT_INJECTION: forcing a failure.
[   86.105607][ T6229] name failslab, interval 1, probability 0, space 0, times 0
[   86.119163][ T6229] CPU: 0 UID: 0 PID: 6229 Comm: syz.2.99 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   86.119185][ T6229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   86.119196][ T6229] Call Trace:
[   86.119202][ T6229]  <TASK>
[   86.119209][ T6229]  dump_stack_lvl+0x16c/0x1f0
[   86.119239][ T6229]  should_fail_ex+0x497/0x5b0
[   86.119260][ T6229]  ? fs_reclaim_acquire+0xae/0x150
[   86.119287][ T6229]  should_failslab+0xc2/0x120
[   86.119307][ T6229]  __kmalloc_noprof+0xcb/0x510
[   86.119325][ T6229]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   86.119357][ T6229]  tomoyo_realpath_from_path+0xb9/0x720
[   86.119379][ T6229]  ? tomoyo_path_number_perm+0x235/0x590
[   86.119399][ T6229]  ? tomoyo_path_number_perm+0x235/0x590
[   86.119421][ T6229]  tomoyo_path_number_perm+0x248/0x590
[   86.119436][ T6229]  ? tomoyo_path_number_perm+0x235/0x590
[   86.119457][ T6229]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   86.119501][ T6229]  ? __pfx_lock_release+0x10/0x10
[   86.119523][ T6229]  ? trace_lock_acquire+0x14e/0x1f0
[   86.119545][ T6229]  ? lock_acquire+0x2f/0xb0
[   86.119564][ T6229]  ? __fget_files+0x40/0x3a0
[   86.119593][ T6229]  ? __fget_files+0x206/0x3a0
[   86.119620][ T6229]  security_file_ioctl+0x9b/0x240
[   86.119643][ T6229]  __x64_sys_ioctl+0xb7/0x200
[   86.119667][ T6229]  do_syscall_64+0xcd/0x250
[   86.119695][ T6229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.119718][ T6229] RIP: 0033:0x7fdadd58cd29
[   86.119733][ T6229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.119749][ T6229] RSP: 002b:00007fdade48e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   86.119767][ T6229] RAX: ffffffffffffffda RBX: 00007fdadd7a6080 RCX: 00007fdadd58cd29
[   86.119778][ T6229] RDX: 0000000020000040 RSI: 00000000c0105512 RDI: 0000000000000007
[   86.119788][ T6229] RBP: 00007fdade48e090 R08: 0000000000000000 R09: 0000000000000000
[   86.119798][ T6229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.119808][ T6229] R13: 0000000000000000 R14: 00007fdadd7a6080 R15: 00007ffea690cfc8
[   86.119832][ T6229]  </TASK>
[   86.119839][ T6229] ERROR: Out of memory at tomoyo_realpath_from_path.
[   86.181226][ T5867] usb 1-1: USB disconnect, device number 3
[   86.190815][  T902] usb 5-1: SerialNumber: syz
[   86.244976][ T6229] hub 2-0:1.0: USB hub found
[   86.286819][   T29] audit: type=1400 audit(1737785568.044:248): avc:  denied  { read write } for  pid=6227 comm="syz.2.99" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   86.325388][ T6229] hub 2-0:1.0: 1 port detected
[   86.334222][  T902] usb 5-1: config 0 descriptor??
[   86.355334][   T29] audit: type=1400 audit(1737785568.044:249): avc:  denied  { open } for  pid=6227 comm="syz.2.99" path="/dev/uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   86.427779][   T29] audit: type=1400 audit(1737785568.044:250): avc:  denied  { bind } for  pid=6230 comm="syz.1.100" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   86.452068][   T29] audit: type=1400 audit(1737785568.044:251): avc:  denied  { name_bind } for  pid=6230 comm="syz.1.100" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   86.474329][   T29] audit: type=1400 audit(1737785568.044:252): avc:  denied  { node_bind } for  pid=6230 comm="syz.1.100" saddr=::1 src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   86.601875][ T5898] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[   86.624816][  T902] viperboard 5-1:0.116: version 0.00 found at bus 005 address 005
[   86.641905][  T902] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100
[   86.650749][  T902] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[   86.671328][  T902] usb 5-1: USB disconnect, device number 5
[   86.767390][ T5898] usb 2-1: New USB device found, idVendor=15f4, idProduct=0015, bcdDevice=fd.bf
[   86.776885][ T5898] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.899737][ T5898] usb 2-1: Product: syz
[   86.904470][ T5898] usb 2-1: Manufacturer: syz
[   86.909484][ T5898] usb 2-1: SerialNumber: syz
[   86.919684][ T5898] dvb-usb: found a 'Hanftek UMT-010 DVB-T USB2.0' in warm state.
[   86.927806][ T5898] dvb-usb: bulk message failed: -22 (3/0)
[   86.987407][ T5898] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[   87.020242][ T6239] FAULT_INJECTION: forcing a failure.
[   87.020242][ T6239] name failslab, interval 1, probability 0, space 0, times 0
[   87.032957][ T6239] CPU: 1 UID: 0 PID: 6239 Comm: syz.0.102 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   87.032980][ T6239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   87.032991][ T6239] Call Trace:
[   87.032997][ T6239]  <TASK>
[   87.033005][ T6239]  dump_stack_lvl+0x16c/0x1f0
[   87.033036][ T6239]  should_fail_ex+0x497/0x5b0
[   87.033059][ T6239]  ? fs_reclaim_acquire+0xae/0x150
[   87.033086][ T6239]  should_failslab+0xc2/0x120
[   87.033107][ T6239]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   87.033136][ T6239]  ? do_timer_create+0x16b/0x1550
[   87.033165][ T6239]  do_timer_create+0x16b/0x1550
[   87.033188][ T6239]  ? __pfx___schedule+0x10/0x10
[   87.033216][ T6239]  ? __pfx_do_timer_create+0x10/0x10
[   87.033249][ T6239]  __x64_sys_timer_create+0x19b/0x1d0
[   87.033274][ T6239]  ? __pfx___x64_sys_timer_create+0x10/0x10
[   87.033313][ T6239]  do_syscall_64+0xcd/0x250
[   87.033341][ T6239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.033366][ T6239] RIP: 0033:0x7fdc7278cd29
[   87.033381][ T6239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.033398][ T6239] RSP: 002b:00007fdc705b4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000de
[   87.033415][ T6239] RAX: ffffffffffffffda RBX: 00007fdc729a6160 RCX: 00007fdc7278cd29
[   87.033427][ T6239] RDX: 0000000020000300 RSI: 0000000000000000 RDI: 0000000000000008
[   87.033438][ T6239] RBP: 00007fdc705b4090 R08: 0000000000000000 R09: 0000000000000000
[   87.033448][ T6239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.033459][ T6239] R13: 0000000000000000 R14: 00007fdc729a6160 R15: 00007ffc4c7741d8
[   87.033484][ T6239]  </TASK>
[   87.508827][ T5898] dvb-usb: Hanftek UMT-010 DVB-T USB2.0 error while loading driver (-19)
[   87.518834][ T5898] dvb_usb_umt_010 2-1:1.0: probe with driver dvb_usb_umt_010 failed with error -22
[   87.620719][ T5898] usb 2-1: USB disconnect, device number 6
[   88.354872][   T29] audit: type=1400 audit(1737785570.154:253): avc:  denied  { create } for  pid=6261 comm="syz.4.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   88.476025][   T29] audit: type=1400 audit(1737785570.254:254): avc:  denied  { create } for  pid=6261 comm="syz.4.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   88.495237][    C0] vkms_vblank_simulate: vblank timer overrun
[   88.613689][ T6268] FAULT_INJECTION: forcing a failure.
[   88.613689][ T6268] name failslab, interval 1, probability 0, space 0, times 0
[   88.626410][ T6268] CPU: 1 UID: 0 PID: 6268 Comm: syz.3.109 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   88.626434][ T6268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   88.626444][ T6268] Call Trace:
[   88.626450][ T6268]  <TASK>
[   88.626457][ T6268]  dump_stack_lvl+0x16c/0x1f0
[   88.626487][ T6268]  should_fail_ex+0x497/0x5b0
[   88.626510][ T6268]  ? fs_reclaim_acquire+0xae/0x150
[   88.626544][ T6268]  should_failslab+0xc2/0x120
[   88.626564][ T6268]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   88.626594][ T6268]  ? getname_flags.part.0+0x4c/0x550
[   88.626616][ T6268]  ? build_open_flags+0x26f/0x6e0
[   88.626639][ T6268]  getname_flags.part.0+0x4c/0x550
[   88.626664][ T6268]  getname+0x8d/0xe0
[   88.626688][ T6268]  do_sys_openat2+0x104/0x1e0
[   88.626707][ T6268]  ? __pfx_do_sys_openat2+0x10/0x10
[   88.626726][ T6268]  ? bpf_probe_read_compat_str+0x10e/0x170
[   88.626752][ T6268]  ? find_held_lock+0x2d/0x110
[   88.626778][ T6268]  __x64_sys_openat+0x175/0x210
[   88.626799][ T6268]  ? __pfx___x64_sys_openat+0x10/0x10
[   88.626826][ T6268]  ? rcu_is_watching+0x12/0xc0
[   88.626848][ T6268]  do_syscall_64+0xcd/0x250
[   88.626877][ T6268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.626902][ T6268] RIP: 0033:0x7f41c7d8cd29
[   88.626917][ T6268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.626934][ T6268] RSP: 002b:00007f41c8b23038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   88.626951][ T6268] RAX: ffffffffffffffda RBX: 00007f41c7fa6160 RCX: 00007f41c7d8cd29
[   88.626963][ T6268] RDX: 0000000000022242 RSI: 0000000020000080 RDI: ffffffffffffff9c
[   88.626975][ T6268] RBP: 00007f41c8b23090 R08: 0000000000000000 R09: 0000000000000000
[   88.626985][ T6268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.626996][ T6268] R13: 0000000000000000 R14: 00007f41c7fa6160 R15: 00007ffe30401718
[   88.627021][ T6268]  </TASK>
[   88.980560][   T29] audit: type=1400 audit(1737785570.774:255): avc:  denied  { read } for  pid=6267 comm="syz.2.112" name="binder1" dev="binder" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   89.009103][ T6269] binder: 6267:6269 ioctl 4018620d 0 returned -22
[   89.021802][   T29] audit: type=1400 audit(1737785570.774:256): avc:  denied  { open } for  pid=6267 comm="syz.2.112" path="/dev/binderfs/binder1" dev="binder" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   89.098840][ T6275] syz.2.112: attempt to access beyond end of device
[   89.098840][ T6275] nbd2: rw=0, sector=0, nr_sectors = 2 limit=0
[   89.145070][ T6278] binder: 6267:6278 ioctl 80106720 200001c0 returned -22
[   89.226138][ T6275] befs: (nbd2): unable to read superblock
[   89.286227][ T6277] wg1 speed is unknown, defaulting to 1000
[   89.427015][ T6282] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[   89.649281][ T6287] FAULT_INJECTION: forcing a failure.
[   89.649281][ T6287] name failslab, interval 1, probability 0, space 0, times 0
[   89.737979][ T6287] CPU: 0 UID: 0 PID: 6287 Comm: syz.4.117 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   89.738007][ T6287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   89.738017][ T6287] Call Trace:
[   89.738023][ T6287]  <TASK>
[   89.738030][ T6287]  dump_stack_lvl+0x16c/0x1f0
[   89.738062][ T6287]  should_fail_ex+0x497/0x5b0
[   89.738084][ T6287]  ? fs_reclaim_acquire+0xae/0x150
[   89.738112][ T6287]  should_failslab+0xc2/0x120
[   89.738132][ T6287]  __kmalloc_noprof+0xcb/0x510
[   89.738150][ T6287]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   89.738181][ T6287]  tomoyo_realpath_from_path+0xb9/0x720
[   89.738203][ T6287]  ? tomoyo_path_number_perm+0x235/0x590
[   89.738223][ T6287]  ? tomoyo_path_number_perm+0x235/0x590
[   89.738244][ T6287]  tomoyo_path_number_perm+0x248/0x590
[   89.738261][ T6287]  ? tomoyo_path_number_perm+0x235/0x590
[   89.738283][ T6287]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   89.738311][ T6287]  ? bpf_send_signal_common+0x3aa/0x540
[   89.738333][ T6287]  ? find_held_lock+0x2d/0x110
[   89.738366][ T6287]  ? __pfx_lock_release+0x10/0x10
[   89.738390][ T6287]  ? trace_lock_acquire+0x14e/0x1f0
[   89.738411][ T6287]  ? find_held_lock+0x2d/0x110
[   89.738431][ T6287]  ? lock_acquire+0x2f/0xb0
[   89.738454][ T6287]  ? __fget_files+0x40/0x3a0
[   89.738484][ T6287]  ? __fget_files+0x206/0x3a0
[   89.738514][ T6287]  security_file_ioctl+0x9b/0x240
[   89.738538][ T6287]  __x64_sys_ioctl+0xb7/0x200
[   89.738563][ T6287]  do_syscall_64+0xcd/0x250
[   89.738592][ T6287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.738617][ T6287] RIP: 0033:0x7f641538cd29
[   89.738637][ T6287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.738653][ T6287] RSP: 002b:00007f64161b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   89.738671][ T6287] RAX: ffffffffffffffda RBX: 00007f64155a5fa0 RCX: 00007f641538cd29
[   89.738683][ T6287] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   89.738693][ T6287] RBP: 00007f64161b4090 R08: 0000000000000000 R09: 0000000000000000
[   89.738704][ T6287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.738714][ T6287] R13: 0000000000000000 R14: 00007f64155a5fa0 R15: 00007ffff85bf5a8
[   89.738739][ T6287]  </TASK>
[   89.738747][ T6287] ERROR: Out of memory at tomoyo_realpath_from_path.
[   89.914076][    C0] vkms_vblank_simulate: vblank timer overrun
[   90.087669][ T6295] netlink: 12 bytes leftover after parsing attributes in process `syz.1.118'.
[   91.230223][   T29] kauditd_printk_skb: 13 callbacks suppressed
[   91.230239][   T29] audit: type=1400 audit(1737785573.024:270): avc:  denied  { setattr } for  pid=6306 comm="syz.2.120" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[   91.431662][   T29] audit: type=1400 audit(1737785573.104:271): avc:  denied  { read write } for  pid=6313 comm="syz.4.123" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   91.581844][ T5867] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   91.623003][   T29] audit: type=1400 audit(1737785573.104:272): avc:  denied  { open } for  pid=6313 comm="syz.4.123" path="/dev/raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   91.646223][    C0] vkms_vblank_simulate: vblank timer overrun
[   91.811903][ T5867] usb 5-1: Using ep0 maxpacket: 16
[   91.821065][ T6319] FAULT_INJECTION: forcing a failure.
[   91.821065][ T6319] name failslab, interval 1, probability 0, space 0, times 0
[   91.866304][ T5867] usb 5-1: config index 0 descriptor too short (expected 55844, got 36)
[   91.884024][   T29] audit: type=1400 audit(1737785573.104:273): avc:  denied  { ioctl } for  pid=6313 comm="syz.4.123" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   91.913995][ T5867] usb 5-1: config 128 has too many interfaces: 245, using maximum allowed: 32
[   91.950635][ T5867] usb 5-1: config 128 has an invalid interface number: 251 but max is 244
[   91.950692][ T6319] CPU: 0 UID: 0 PID: 6319 Comm: syz.2.125 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   91.950711][ T6319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   91.950720][ T6319] Call Trace:
[   91.950725][ T6319]  <TASK>
[   91.950732][ T6319]  dump_stack_lvl+0x16c/0x1f0
[   91.950763][ T6319]  should_fail_ex+0x497/0x5b0
[   91.950785][ T6319]  ? fs_reclaim_acquire+0xae/0x150
[   91.950812][ T6319]  should_failslab+0xc2/0x120
[   91.950830][ T6319]  __kmalloc_noprof+0xcb/0x510
[   91.950847][ T6319]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   91.950876][ T6319]  tomoyo_realpath_from_path+0xb9/0x720
[   91.950898][ T6319]  ? tomoyo_path_number_perm+0x235/0x590
[   91.950916][ T6319]  ? tomoyo_path_number_perm+0x235/0x590
[   91.950937][ T6319]  tomoyo_path_number_perm+0x248/0x590
[   91.950953][ T6319]  ? tomoyo_path_number_perm+0x235/0x590
[   91.950973][ T6319]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   91.950999][ T6319]  ? bpf_send_signal_common+0x3aa/0x540
[   91.951022][ T6319]  ? find_held_lock+0x2d/0x110
[   91.951053][ T6319]  ? __pfx_lock_release+0x10/0x10
[   91.951075][ T6319]  ? trace_lock_acquire+0x14e/0x1f0
[   91.951094][ T6319]  ? find_held_lock+0x2d/0x110
[   91.951114][ T6319]  ? lock_acquire+0x2f/0xb0
[   91.951135][ T6319]  ? __fget_files+0x40/0x3a0
[   91.951163][ T6319]  ? __fget_files+0x206/0x3a0
[   91.951198][ T6319]  security_file_ioctl+0x9b/0x240
[   91.951221][ T6319]  __x64_sys_ioctl+0xb7/0x200
[   91.951244][ T6319]  do_syscall_64+0xcd/0x250
[   91.951272][ T6319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.951295][ T6319] RIP: 0033:0x7fdadd58cd29
[   91.951310][ T6319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.951326][ T6319] RSP: 002b:00007fdade4af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   91.951343][ T6319] RAX: ffffffffffffffda RBX: 00007fdadd7a5fa0 RCX: 00007fdadd58cd29
[   91.951355][ T6319] RDX: 00000000200001c0 RSI: 00000000402c542c RDI: 0000000000000003
[   91.951365][ T6319] RBP: 00007fdade4af090 R08: 0000000000000000 R09: 0000000000000000
[   91.951376][ T6319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.951386][ T6319] R13: 0000000000000000 R14: 00007fdadd7a5fa0 R15: 00007ffea690cfc8
[   91.951410][ T6319]  </TASK>
[   91.951417][ T6319] ERROR: Out of memory at tomoyo_realpath_from_path.
[   92.000952][ T5867] usb 5-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[   92.209463][   T29] audit: type=1400 audit(1737785573.274:274): avc:  denied  { read write } for  pid=6315 comm="syz.1.124" name="mouse0" dev="devtmpfs" ino=1000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[   92.233009][    C0] vkms_vblank_simulate: vblank timer overrun
[   92.372608][   T29] audit: type=1400 audit(1737785573.274:275): avc:  denied  { open } for  pid=6315 comm="syz.1.124" path="/dev/input/mouse0" dev="devtmpfs" ino=1000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[   92.396604][    C0] vkms_vblank_simulate: vblank timer overrun
[   92.439678][   T29] audit: type=1400 audit(1737785573.494:276): avc:  denied  { write } for  pid=6304 comm="syz.3.122" path="socket:[10001]" dev="sockfs" ino=10001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   92.534135][ T5867] usb 5-1: config 128 has 1 interface, different from the descriptor's value: 245
[   92.594966][ T5867] usb 5-1: config 128 has no interface number 0
[   92.667693][ T5867] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[   92.716312][ T5867] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.775687][ T5867] usb 5-1: Product: syz
[   92.856868][ T5867] usb 5-1: Manufacturer: syz
[   93.020675][ T5867] usb 5-1: SerialNumber: syz
[   93.023853][   T29] audit: type=1400 audit(1737785574.524:277): avc:  denied  { create } for  pid=6328 comm="syz.0.129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[   93.334453][   T29] audit: type=1400 audit(1737785574.524:278): avc:  denied  { write } for  pid=6328 comm="syz.0.129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[   93.368696][   T29] audit: type=1400 audit(1737785574.594:279): avc:  denied  { create } for  pid=6325 comm="syz.2.128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   93.623955][ T5867] asix 5-1:128.251: probe with driver asix failed with error -22
[   93.686938][ T5867] usb 5-1: USB disconnect, device number 6
[   93.984786][ T6341] netlink: 24 bytes leftover after parsing attributes in process `syz.0.131'.
[   94.027166][ T6341] bridge1: the hash_elasticity option has been deprecated and is always 16
[   94.224852][ T6344] warning: `syz.3.127' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   94.283445][ T6347] netlink: 8 bytes leftover after parsing attributes in process `syz.1.132'.
[   94.332356][ T5868] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   94.538924][ T5868] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   94.568196][ T5868] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[   94.581955][ T5870] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   94.625242][ T5868] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   94.655514][ T5868] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   94.742185][ T5868] usb 1-1: New USB device found, idVendor=a9cd, idProduct=cdee, bcdDevice= 5.b9
[   94.759093][ T5868] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.768425][ T5870] usb 2-1: Using ep0 maxpacket: 16
[   94.777733][ T5868] usb 1-1: config 0 descriptor??
[   94.794657][ T6359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.134'.
[   94.814144][ T5868] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[   94.821525][ T6359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.134'.
[   94.822473][ T5870] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.841224][ T5868] usb 1-1: MIDIStreaming interface descriptor not found
[   94.852789][ T6349] ceph: No mds server is up or the cluster is laggy
[   94.865565][ T6359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.134'.
[   94.865665][ T5870] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.951896][ T5870] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[   94.961248][ T5870] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.973958][ T5870] usb 2-1: config 0 descriptor??
[   95.129299][ T6341] loop6: detected capacity change from 0 to 524287999
[   95.159718][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   95.169167][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[   95.207201][ T6347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.207629][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   95.224783][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[   95.251927][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   95.261097][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[   95.271595][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   95.280793][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[   95.290540][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   95.299782][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   95.302226][ T6347] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   95.318555][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   95.327732][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[   95.335849][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   95.344979][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[   95.356341][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   95.365523][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[   95.373721][ T6341] ldm_validate_partition_table(): Disk read failed.
[   95.403941][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   95.413105][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[   95.421401][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   95.430631][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   95.438965][ T6341] Dev loop6: unable to read RDB block 0
[   95.458087][ T6341]  loop6: unable to read partition table
[   95.479483][ T6341] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[   95.523389][ T5867] usb 1-1: USB disconnect, device number 4
[   95.552106][ T6371] wg1 speed is unknown, defaulting to 1000
[   95.554645][ T6372] netlink: 16 bytes leftover after parsing attributes in process `syz.3.136'.
[   95.581649][ T6372] netlink: 4 bytes leftover after parsing attributes in process `syz.3.136'.
[   95.675960][ T5870] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[   95.717564][ T5870] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[   95.758755][ T5870] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[   95.810907][ T5870] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[   95.831307][ T6381] netlink: 'syz.3.139': attribute type 10 has an invalid length.
[   95.839427][ T5870] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[   95.850713][ T5870] elan 0003:04F3:0755.0002: failed to start in urb: -90
[   95.853248][ T6381] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   95.888624][ T5870] elan 0003:04F3:0755.0002: hidraw0: USB HID v0.00 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[   95.910595][ T5870] usb 2-1: USB disconnect, device number 7
[   95.916490][ T6383] FAULT_INJECTION: forcing a failure.
[   95.916490][ T6383] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.916519][ T6383] CPU: 1 UID: 0 PID: 6383 Comm: syz.2.138 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   95.916538][ T6383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   95.916548][ T6383] Call Trace:
[   95.916554][ T6383]  <TASK>
[   95.916561][ T6383]  dump_stack_lvl+0x16c/0x1f0
[   95.916589][ T6383]  should_fail_ex+0x497/0x5b0
[   95.916636][ T6383]  copy_fpstate_to_sigframe+0x894/0xb20
[   95.916664][ T6383]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[   95.916685][ T6383]  ? posixtimer_deliver_signal+0x1ad/0x650
[   95.916716][ T6383]  ? posixtimer_deliver_signal+0x1ad/0x650
[   95.916740][ T6383]  ? find_held_lock+0x2d/0x110
[   95.916763][ T6383]  get_sigframe+0x4aa/0x9c0
[   95.916785][ T6383]  ? __pfx_get_sigframe+0x10/0x10
[   95.916806][ T6383]  ? _raw_spin_unlock_irq+0x23/0x50
[   95.916828][ T6383]  ? siginfo_layout+0x177/0x290
[   95.916857][ T6383]  x64_setup_rt_frame+0x129/0xcf0
[   95.916883][ T6383]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[   95.916900][ T6383]  ? __pfx_vfs_read+0x10/0x10
[   95.916927][ T6383]  ? __fget_files+0x40/0x3a0
[   95.916954][ T6383]  arch_do_signal_or_restart+0x5e6/0x7e0
[   95.916975][ T6383]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   95.917007][ T6383]  ? ksys_read+0x1ba/0x250
[   95.917030][ T6383]  ? __pfx_ksys_read+0x10/0x10
[   95.917059][ T6383]  syscall_exit_to_user_mode+0x150/0x2a0
[   95.917084][ T6383]  do_syscall_64+0xda/0x250
[   95.917111][ T6383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.917135][ T6383] RIP: 0033:0x7fdadd58cd27
[   95.917149][ T6383] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[   95.917165][ T6383] RSP: 002b:00007fdade4af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   95.917181][ T6383] RAX: 0000000000000000 RBX: 00007fdadd7a5fa0 RCX: 00007fdadd58cd29
[   95.917192][ T6383] RDX: 0000000000002020 RSI: 0000000020000b00 RDI: 0000000000000003
[   95.917203][ T6383] RBP: 00007fdade4af090 R08: 0000000000000000 R09: 0000000000000000
[   95.917216][ T6383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.917226][ T6383] R13: 0000000000000000 R14: 00007fdadd7a5fa0 R15: 00007ffea690cfc8
[   95.917249][ T6383]  </TASK>
[   96.195840][ T6387] FAULT_INJECTION: forcing a failure.
[   96.195840][ T6387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.210397][ T6387] CPU: 1 UID: 0 PID: 6387 Comm: syz.0.140 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   96.210423][ T6387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   96.210433][ T6387] Call Trace:
[   96.210438][ T6387]  <TASK>
[   96.210446][ T6387]  dump_stack_lvl+0x16c/0x1f0
[   96.210476][ T6387]  should_fail_ex+0x497/0x5b0
[   96.210504][ T6387]  _copy_to_user+0x32/0xd0
[   96.210532][ T6387]  simple_read_from_buffer+0xd0/0x160
[   96.210559][ T6387]  proc_fail_nth_read+0x198/0x270
[   96.210583][ T6387]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   96.210608][ T6387]  ? rw_verify_area+0xcf/0x680
[   96.210632][ T6387]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   96.210655][ T6387]  vfs_read+0x1df/0xbf0
[   96.210681][ T6387]  ? __fget_files+0x1fc/0x3a0
[   96.210707][ T6387]  ? __pfx___mutex_lock+0x10/0x10
[   96.210734][ T6387]  ? __pfx_vfs_read+0x10/0x10
[   96.210766][ T6387]  ? __fget_files+0x206/0x3a0
[   96.210801][ T6387]  ksys_read+0x12b/0x250
[   96.210824][ T6387]  ? __pfx_ksys_read+0x10/0x10
[   96.210856][ T6387]  do_syscall_64+0xcd/0x250
[   96.210884][ T6387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.210909][ T6387] RIP: 0033:0x7fdc7278b73c
[   96.210923][ T6387] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   96.210940][ T6387] RSP: 002b:00007fdc705f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   96.210957][ T6387] RAX: ffffffffffffffda RBX: 00007fdc729a5fa0 RCX: 00007fdc7278b73c
[   96.210976][ T6387] RDX: 000000000000000f RSI: 00007fdc705f60a0 RDI: 0000000000000004
[   96.210986][ T6387] RBP: 00007fdc705f6090 R08: 0000000000000000 R09: 0000000000000000
[   96.210997][ T6387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.211008][ T6387] R13: 0000000000000000 R14: 00007fdc729a5fa0 R15: 00007ffc4c7741d8
[   96.211034][ T6387]  </TASK>
[   96.410984][ T6389] netlink: 'syz.3.141': attribute type 3 has an invalid length.
[   97.451426][ T6395] FAULT_INJECTION: forcing a failure.
[   97.451426][ T6395] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.527818][ T6395] CPU: 1 UID: 0 PID: 6395 Comm: syz.0.143 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   97.527847][ T6395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   97.527858][ T6395] Call Trace:
[   97.527864][ T6395]  <TASK>
[   97.527871][ T6395]  dump_stack_lvl+0x16c/0x1f0
[   97.527902][ T6395]  should_fail_ex+0x497/0x5b0
[   97.527930][ T6395]  _copy_from_user+0x2e/0xd0
[   97.527956][ T6395]  __sys_bpf+0x21c/0x49c0
[   97.527980][ T6395]  ? __pfx___sys_bpf+0x10/0x10
[   97.528003][ T6395]  ? vfs_write+0x306/0x1150
[   97.528036][ T6395]  ? __pfx___schedule+0x10/0x10
[   97.528059][ T6395]  ? __mutex_unlock_slowpath+0x164/0x6a0
[   97.528116][ T6395]  __x64_sys_bpf+0x78/0xc0
[   97.528137][ T6395]  do_syscall_64+0xcd/0x250
[   97.528166][ T6395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.528192][ T6395] RIP: 0033:0x7fdc7278cd29
[   97.528211][ T6395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.528229][ T6395] RSP: 002b:00007fdc705d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   97.528250][ T6395] RAX: ffffffffffffffda RBX: 00007fdc729a6080 RCX: 00007fdc7278cd29
[   97.528263][ T6395] RDX: 0000000000000048 RSI: 00000000200054c0 RDI: 0000000000000005
[   97.528277][ T6395] RBP: 00007fdc705d5090 R08: 0000000000000000 R09: 0000000000000000
[   97.528289][ T6395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.528310][ T6395] R13: 0000000000000000 R14: 00007fdc729a6080 R15: 00007ffc4c7741d8
[   97.528339][ T6395]  </TASK>
[   97.834792][ T6405] netlink: 'syz.1.145': attribute type 21 has an invalid length.
[   97.844960][ T6405] netlink: 156 bytes leftover after parsing attributes in process `syz.1.145'.
[   97.871365][ T6405] netlink: 'syz.1.145': attribute type 21 has an invalid length.
[   97.891976][ T6405] netlink: 156 bytes leftover after parsing attributes in process `syz.1.145'.
[   98.085585][ T5898] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[   98.215397][ T6417] FAULT_INJECTION: forcing a failure.
[   98.215397][ T6417] name failslab, interval 1, probability 0, space 0, times 0
[   98.228417][ T6417] CPU: 1 UID: 0 PID: 6417 Comm: syz.0.148 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[   98.228441][ T6417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   98.228452][ T6417] Call Trace:
[   98.228458][ T6417]  <TASK>
[   98.228465][ T6417]  dump_stack_lvl+0x16c/0x1f0
[   98.228497][ T6417]  should_fail_ex+0x497/0x5b0
[   98.228526][ T6417]  ? fs_reclaim_acquire+0xae/0x150
[   98.228555][ T6417]  should_failslab+0xc2/0x120
[   98.228575][ T6417]  __kmalloc_noprof+0xcb/0x510
[   98.228593][ T6417]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   98.228625][ T6417]  tomoyo_realpath_from_path+0xb9/0x720
[   98.228647][ T6417]  ? tomoyo_path_number_perm+0x235/0x590
[   98.228667][ T6417]  ? tomoyo_path_number_perm+0x235/0x590
[   98.228689][ T6417]  tomoyo_path_number_perm+0x248/0x590
[   98.228706][ T6417]  ? tomoyo_path_number_perm+0x235/0x590
[   98.228727][ T6417]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   98.228772][ T6417]  ? __pfx_lock_release+0x10/0x10
[   98.228796][ T6417]  ? trace_lock_acquire+0x14e/0x1f0
[   98.228821][ T6417]  ? lock_acquire+0x2f/0xb0
[   98.228843][ T6417]  ? __fget_files+0x40/0x3a0
[   98.228874][ T6417]  ? __fget_files+0x206/0x3a0
[   98.228904][ T6417]  security_file_ioctl+0x9b/0x240
[   98.228927][ T6417]  __x64_sys_ioctl+0xb7/0x200
[   98.228952][ T6417]  do_syscall_64+0xcd/0x250
[   98.228981][ T6417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.229006][ T6417] RIP: 0033:0x7fdc7278cd29
[   98.229022][ T6417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.229039][ T6417] RSP: 002b:00007fdc705b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   98.229057][ T6417] RAX: ffffffffffffffda RBX: 00007fdc729a6160 RCX: 00007fdc7278cd29
[   98.229069][ T6417] RDX: 0000000020000040 RSI: 00000000c0105512 RDI: 0000000000000008
[   98.229081][ T6417] RBP: 00007fdc705b4090 R08: 0000000000000000 R09: 0000000000000000
[   98.229093][ T6417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.229104][ T6417] R13: 0000000000000000 R14: 00007fdc729a6160 R15: 00007ffc4c7741d8
[   98.229130][ T6417]  </TASK>
[   98.229157][ T6417] ERROR: Out of memory at tomoyo_realpath_from_path.
[   98.451618][ T6417] hub 2-0:1.0: USB hub found
[   98.459860][ T6417] hub 2-0:1.0: 1 port detected
[   98.572107][ T5898] usb 4-1: config 0 has an invalid interface number: 30 but max is 0
[   98.589968][ T5898] usb 4-1: config 0 has no interface number 0
[   98.612707][ T5898] usb 4-1: New USB device found, idVendor=0572, idProduct=d811, bcdDevice=94.e2
[   98.625646][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.637969][ T5898] usb 4-1: config 0 descriptor??
[   98.646947][ T5898] dvb-usb: found a 'Mygica D689 DMB-TH' in warm state.
[   98.658496][ T5898] usb 4-1: setting power ON
[   98.663782][ T5898] dvb-usb: bulk message failed: -22 (2/0)
[   98.671363][   T29] kauditd_printk_skb: 12 callbacks suppressed
[   98.671377][   T29] audit: type=1400 audit(1737785580.464:292): avc:  denied  { create } for  pid=6419 comm="syz.4.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   98.703112][ T6420] process 'syz.4.150' launched '/dev/fd/6/./file2' with NULL argv: empty string added
[   98.843084][ T5898] dvb-usb: bulk message failed: -22 (1/0)
[   99.803292][ T5898] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[   99.961836][   T29] audit: type=1400 audit(1737785580.744:293): avc:  denied  { open } for  pid=6423 comm="syz.1.152" path="/dev/ptyq7" dev="devtmpfs" ino=126 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  100.586085][ T6433] block device autoloading is deprecated and will be removed.
[  100.639989][ T5898] dvb-usb: Mygica D689 DMB-TH error while loading driver (-19)
[  100.673362][ T5898] dvb_usb_cxusb 4-1:0.30: probe with driver dvb_usb_cxusb failed with error -22
[  100.841363][ T6428] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  100.856974][   T29] audit: type=1400 audit(1737785580.744:294): avc:  denied  { ioctl } for  pid=6423 comm="syz.1.152" path="/dev/ptyq7" dev="devtmpfs" ino=126 ioctlcmd=0x4b71 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  100.891440][   T29] audit: type=1400 audit(1737785581.614:295): avc:  denied  { search } for  pid=5173 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  101.018178][   T29] audit: type=1400 audit(1737785582.814:296): avc:  denied  { getopt } for  pid=6438 comm="syz.2.155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  101.243547][   T29] audit: type=1400 audit(1737785582.814:297): avc:  denied  { read } for  pid=6438 comm="syz.2.155" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  101.277212][   T29] audit: type=1400 audit(1737785582.814:298): avc:  denied  { open } for  pid=6438 comm="syz.2.155" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  101.340917][   T29] audit: type=1400 audit(1737785582.814:299): avc:  denied  { setopt } for  pid=6438 comm="syz.2.155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  101.488641][ T6436] FAULT_INJECTION: forcing a failure.
[  101.488641][ T6436] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.512549][ T6449] lo speed is unknown, defaulting to 1000
[  101.520810][ T6449] lo speed is unknown, defaulting to 1000
[  101.527405][ T6449] lo speed is unknown, defaulting to 1000
[  101.624648][ T6449] infiniband s
z1: set active
[  101.629532][ T6449] infiniband s
z1: added lo
[  101.648639][  T902] lo speed is unknown, defaulting to 1000
[  101.780536][ T6451] FAULT_INJECTION: forcing a failure.
[  101.780536][ T6451] name failslab, interval 1, probability 0, space 0, times 0
[  101.793563][ T6451] CPU: 1 UID: 0 PID: 6451 Comm: syz.0.157 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[  101.793587][ T6451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  101.793599][ T6451] Call Trace:
[  101.793605][ T6451]  <TASK>
[  101.793612][ T6451]  dump_stack_lvl+0x16c/0x1f0
[  101.793643][ T6451]  should_fail_ex+0x497/0x5b0
[  101.793666][ T6451]  ? fs_reclaim_acquire+0xae/0x150
[  101.793694][ T6451]  should_failslab+0xc2/0x120
[  101.793714][ T6451]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  101.793742][ T6451]  ? __pfx_tcp_current_mss+0x10/0x10
[  101.793764][ T6451]  ? __alloc_skb+0x2b1/0x380
[  101.793795][ T6451]  __alloc_skb+0x2b1/0x380
[  101.793822][ T6451]  ? __pfx___alloc_skb+0x10/0x10
[  101.793860][ T6451]  tcp_stream_alloc_skb+0x34/0x570
[  101.793883][ T6451]  tcp_sendmsg_locked+0xf13/0x37c0
[  101.793907][ T6451]  ? __pfx___lock_acquire+0x10/0x10
[  101.793933][ T6451]  ? __pfx_avc_has_perm+0x10/0x10
[  101.793966][ T6451]  ? mark_held_locks+0x9f/0xe0
[  101.793991][ T6451]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  101.794010][ T6451]  ? irqentry_exit+0x3b/0x90
[  101.794034][ T6451]  ? lockdep_hardirqs_on+0x7c/0x110
[  101.794062][ T6451]  ? tcp_sendmsg+0x20/0x50
[  101.794088][ T6451]  ? __local_bh_enable_ip+0xac/0x120
[  101.794118][ T6451]  tcp_sendmsg+0x2e/0x50
[  101.794135][ T6451]  ? __pfx_tcp_sendmsg+0x10/0x10
[  101.794155][ T6451]  inet_sendmsg+0xb9/0x140
[  101.794175][ T6451]  __sys_sendto+0x42a/0x4f0
[  101.794203][ T6451]  ? __pfx___sys_sendto+0x10/0x10
[  101.794260][ T6451]  ? ksys_write+0x1ba/0x250
[  101.794292][ T6451]  __x64_sys_sendto+0xe0/0x1c0
[  101.794318][ T6451]  ? do_syscall_64+0x91/0x250
[  101.794343][ T6451]  ? lockdep_hardirqs_on+0x7c/0x110
[  101.794367][ T6451]  do_syscall_64+0xcd/0x250
[  101.794395][ T6451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.794421][ T6451] RIP: 0033:0x7fdc7278cd29
[  101.794437][ T6451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.794455][ T6451] RSP: 002b:00007fdc705b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  101.794472][ T6451] RAX: ffffffffffffffda RBX: 00007fdc729a6160 RCX: 00007fdc7278cd29
[  101.794485][ T6451] RDX: 00000000000020c8 RSI: 00000000200012c0 RDI: 0000000000000008
[  101.794497][ T6451] RBP: 00007fdc705b4090 R08: 0000000000000000 R09: 0000000000000027
[  101.794508][ T6451] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[  101.794519][ T6451] R13: 0000000000000000 R14: 00007fdc729a6160 R15: 00007ffc4c7741d8
[  101.794545][ T6451]  </TASK>
[  102.039409][  T902] usb 4-1: USB disconnect, device number 4
[  102.083596][   T29] audit: type=1400 audit(1737785583.434:300): avc:  denied  { ioctl } for  pid=6441 comm="syz.1.156" path="socket:[11314]" dev="sockfs" ino=11314 ioctlcmd=0x89b1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  102.088002][ T6449] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  102.110806][ T6436] CPU: 1 UID: 0 PID: 6436 Comm: syz.4.154 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[  102.110831][ T6436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  102.110841][ T6436] Call Trace:
[  102.110846][ T6436]  <TASK>
[  102.110852][ T6436]  dump_stack_lvl+0x16c/0x1f0
[  102.110878][ T6436]  should_fail_ex+0x497/0x5b0
[  102.110902][ T6436]  _copy_from_user+0x2e/0xd0
[  102.110925][ T6436]  copy_msghdr_from_user+0x99/0x160
[  102.110942][ T6436]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  102.110969][ T6436]  ___sys_sendmsg+0xff/0x1e0
[  102.110985][ T6436]  ? __pfx____sys_sendmsg+0x10/0x10
[  102.111011][ T6436]  ? __pfx_lock_release+0x10/0x10
[  102.111036][ T6436]  ? trace_lock_acquire+0x14e/0x1f0
[  102.111063][ T6436]  ? __fget_files+0x206/0x3a0
[  102.111093][ T6436]  __sys_sendmsg+0x16e/0x220
[  102.111110][ T6436]  ? __pfx___sys_sendmsg+0x10/0x10
[  102.111140][ T6436]  do_syscall_64+0xcd/0x250
[  102.111166][ T6436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.111189][ T6436] RIP: 0033:0x7f641538cd29
[  102.111203][ T6436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.111231][ T6436] RSP: 002b:00007f64161b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.111246][ T6436] RAX: ffffffffffffffda RBX: 00007f64155a5fa0 RCX: 00007f641538cd29
[  102.111256][ T6436] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  102.111266][ T6436] RBP: 00007f64161b4090 R08: 0000000000000000 R09: 0000000000000000
[  102.111275][ T6436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.111284][ T6436] R13: 0000000000000000 R14: 00007f64155a5fa0 R15: 00007ffff85bf5a8
[  102.111306][ T6436]  </TASK>
[  102.113573][ T6449] infiniband s
z1: Couldn't open port 1
[  102.329349][ T6449] RDS/IB: s
z1: added
[  102.333972][ T6449] smc: adding ib device s
z1 with port count 1
[  102.340418][ T6449] smc:    ib device s
z1 port 1 has pnetid 
[  102.348924][ T6449] lo speed is unknown, defaulting to 1000
[  102.444353][ T6449] lo speed is unknown, defaulting to 1000
[  102.540002][ T6449] lo speed is unknown, defaulting to 1000
[  102.634225][ T6449] lo speed is unknown, defaulting to 1000
[  102.727245][ T6449] lo speed is unknown, defaulting to 1000
[  102.900889][ T5870] lo speed is unknown, defaulting to 1000
[  103.149825][ T6464] netlink: 'syz.4.162': attribute type 21 has an invalid length.
[  103.167471][ T6464] netlink: 156 bytes leftover after parsing attributes in process `syz.4.162'.
[  103.178850][ T6464] netlink: 'syz.4.162': attribute type 21 has an invalid length.
[  103.200713][ T6464] netlink: 156 bytes leftover after parsing attributes in process `syz.4.162'.
[  103.292059][ T5870] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  103.420991][   T29] audit: type=1400 audit(1737785585.174:301): avc:  denied  { getopt } for  pid=6466 comm="syz.2.163" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  103.451966][ T6469] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  104.182314][ T5870] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  104.191000][ T5870] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  104.201470][ T5870] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  104.210712][ T5870] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  104.407146][ T6477] FAULT_INJECTION: forcing a failure.
[  104.407146][ T6477] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.420361][ T6477] CPU: 1 UID: 0 PID: 6477 Comm: syz.4.164 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[  104.420384][ T6477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  104.420395][ T6477] Call Trace:
[  104.420401][ T6477]  <TASK>
[  104.420408][ T6477]  dump_stack_lvl+0x16c/0x1f0
[  104.420439][ T6477]  should_fail_ex+0x497/0x5b0
[  104.420466][ T6477]  _copy_from_user+0x2e/0xd0
[  104.420493][ T6477]  copy_msghdr_from_user+0x99/0x160
[  104.420513][ T6477]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  104.420544][ T6477]  ___sys_sendmsg+0xff/0x1e0
[  104.420564][ T6477]  ? __pfx____sys_sendmsg+0x10/0x10
[  104.420593][ T6477]  ? __pfx_lock_release+0x10/0x10
[  104.420618][ T6477]  ? trace_lock_acquire+0x14e/0x1f0
[  104.420648][ T6477]  ? __fget_files+0x206/0x3a0
[  104.420683][ T6477]  __sys_sendmsg+0x16e/0x220
[  104.420701][ T6477]  ? __pfx___sys_sendmsg+0x10/0x10
[  104.420737][ T6477]  do_syscall_64+0xcd/0x250
[  104.420766][ T6477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.420791][ T6477] RIP: 0033:0x7f641538cd29
[  104.420807][ T6477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.420825][ T6477] RSP: 002b:00007f6416172038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.420843][ T6477] RAX: ffffffffffffffda RBX: 00007f64155a6160 RCX: 00007f641538cd29
[  104.420855][ T6477] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 000000000000000a
[  104.420867][ T6477] RBP: 00007f6416172090 R08: 0000000000000000 R09: 0000000000000000
[  104.420878][ T6477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.420888][ T6477] R13: 0000000000000000 R14: 00007f64155a6160 R15: 00007ffff85bf5a8
[  104.420914][ T6477]  </TASK>
[  104.512076][ T5870] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  104.524016][ T6473] FAULT_INJECTION: forcing a failure.
[  104.524016][ T6473] name failslab, interval 1, probability 0, space 0, times 0
[  104.586025][ T5870] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  104.751846][ T6473] CPU: 1 UID: 0 PID: 6473 Comm: syz.3.161 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[  104.751878][ T6473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  104.751889][ T6473] Call Trace:
[  104.751895][ T6473]  <TASK>
[  104.751903][ T6473]  dump_stack_lvl+0x16c/0x1f0
[  104.751943][ T6473]  should_fail_ex+0x497/0x5b0
[  104.751967][ T6473]  ? fs_reclaim_acquire+0xae/0x150
[  104.751994][ T6473]  should_failslab+0xc2/0x120
[  104.752015][ T6473]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  104.752042][ T6473]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  104.752070][ T6473]  ? getname_flags.part.0+0x4c/0x550
[  104.752096][ T6473]  getname_flags.part.0+0x4c/0x550
[  104.752121][ T6473]  getname_flags+0x93/0xf0
[  104.752146][ T6473]  do_readlinkat+0xb5/0x390
[  104.752169][ T6473]  ? __pfx_do_readlinkat+0x10/0x10
[  104.752187][ T6473]  ? ksys_write+0x1ba/0x250
[  104.752212][ T6473]  ? __pfx_ksys_write+0x10/0x10
[  104.752243][ T6473]  __x64_sys_readlink+0x78/0xc0
[  104.752264][ T6473]  ? lockdep_hardirqs_on+0x7c/0x110
[  104.752288][ T6473]  do_syscall_64+0xcd/0x250
[  104.752317][ T6473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.752343][ T6473] RIP: 0033:0x7f41c7d8cd29
[  104.752359][ T6473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.752377][ T6473] RSP: 002b:00007f41c8b44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000059
[  104.752395][ T6473] RAX: ffffffffffffffda RBX: 00007f41c7fa6080 RCX: 00007f41c7d8cd29
[  104.752407][ T6473] RDX: 0000000000001000 RSI: 0000000020001200 RDI: 0000000020000240
[  104.752419][ T6473] RBP: 00007f41c8b44090 R08: 0000000000000000 R09: 0000000000000000
[  104.752430][ T6473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.752441][ T6473] R13: 0000000000000000 R14: 00007f41c7fa6080 R15: 00007ffe30401718
[  104.752467][ T6473]  </TASK>
[  105.005771][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  105.045540][   T29] audit: type=1400 audit(1737785586.194:302): avc:  denied  { create } for  pid=6470 comm="syz.4.164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  105.065051][   T29] audit: type=1400 audit(1737785586.834:303): avc:  denied  { setopt } for  pid=6457 comm="syz.1.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  105.115268][ T5870] usb 1-1: Product: syz
[  105.119475][ T5870] usb 1-1: Manufacturer: syz
[  105.214813][ T6483] netlink: 'syz.4.166': attribute type 3 has an invalid length.
[  105.220239][ T5870] cdc_wdm 1-1:1.0: skipping garbage
[  105.248231][ T5870] cdc_wdm 1-1:1.0: skipping garbage
[  105.272096][ T5870] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  105.278036][ T5870] cdc_wdm 1-1:1.0: Unknown control protocol
[  105.645026][ T6489] FAULT_INJECTION: forcing a failure.
[  105.645026][ T6489] name failslab, interval 1, probability 0, space 0, times 0
[  105.658041][ T6489] CPU: 1 UID: 0 PID: 6489 Comm: syz.2.167 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[  105.658064][ T6489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  105.658080][ T6489] Call Trace:
[  105.658085][ T6489]  <TASK>
[  105.658092][ T6489]  dump_stack_lvl+0x16c/0x1f0
[  105.658120][ T6489]  should_fail_ex+0x497/0x5b0
[  105.658140][ T6489]  ? fs_reclaim_acquire+0xae/0x150
[  105.658165][ T6489]  should_failslab+0xc2/0x120
[  105.658184][ T6489]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  105.658210][ T6489]  ? __pfx_tcp_current_mss+0x10/0x10
[  105.658231][ T6489]  ? __alloc_skb+0x2b1/0x380
[  105.658263][ T6489]  __alloc_skb+0x2b1/0x380
[  105.658289][ T6489]  ? __pfx___alloc_skb+0x10/0x10
[  105.658321][ T6489]  ? hlock_class+0x4e/0x130
[  105.658346][ T6489]  tcp_stream_alloc_skb+0x34/0x570
[  105.658369][ T6489]  tcp_sendmsg_locked+0xf13/0x37c0
[  105.658393][ T6489]  ? __pfx___lock_acquire+0x10/0x10
[  105.658418][ T6489]  ? __pfx_avc_has_perm+0x10/0x10
[  105.658455][ T6489]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  105.658478][ T6489]  ? tcp_sendmsg+0x20/0x50
[  105.658496][ T6489]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  105.658516][ T6489]  ? mark_held_locks+0x9f/0xe0
[  105.658540][ T6489]  ? __local_bh_enable_ip+0xa4/0x120
[  105.658571][ T6489]  tcp_sendmsg+0x2e/0x50
[  105.658589][ T6489]  ? __pfx_tcp_sendmsg+0x10/0x10
[  105.658609][ T6489]  inet_sendmsg+0xb9/0x140
[  105.658630][ T6489]  __sys_sendto+0x42a/0x4f0
[  105.658658][ T6489]  ? __pfx___sys_sendto+0x10/0x10
[  105.658708][ T6489]  ? ksys_write+0x1ba/0x250
[  105.658734][ T6489]  ? __pfx_ksys_write+0x10/0x10
[  105.658763][ T6489]  __x64_sys_sendto+0xe0/0x1c0
[  105.658789][ T6489]  ? do_syscall_64+0x91/0x250
[  105.658816][ T6489]  ? lockdep_hardirqs_on+0x7c/0x110
[  105.658840][ T6489]  do_syscall_64+0xcd/0x250
[  105.658868][ T6489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.658893][ T6489] RIP: 0033:0x7fdadd58cd29
[  105.658910][ T6489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.658928][ T6489] RSP: 002b:00007fdade46d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  105.658946][ T6489] RAX: ffffffffffffffda RBX: 00007fdadd7a6160 RCX: 00007fdadd58cd29
[  105.658959][ T6489] RDX: 00000000000020c8 RSI: 00000000200012c0 RDI: 0000000000000008
[  105.658971][ T6489] RBP: 00007fdade46d090 R08: 0000000000000000 R09: 0000000000000027
[  105.658982][ T6489] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[  105.658993][ T6489] R13: 0000000000000000 R14: 00007fdadd7a6160 R15: 00007ffea690cfc8
[  105.659020][ T6489]  </TASK>
[  106.039414][ T6496] hub 2-0:1.0: USB hub found
[  106.044730][ T6496] hub 2-0:1.0: 1 port detected
[  106.442719][ T6495] netlink: 188 bytes leftover after parsing attributes in process `syz.0.159'.
[  106.544098][ T6495] netlink: 'syz.0.159': attribute type 1 has an invalid length.
[  106.562689][   T29] audit: type=1400 audit(1737785588.364:304): avc:  denied  { read } for  pid=6494 comm="syz.3.170" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  106.588052][ T6499] FAULT_INJECTION: forcing a failure.
[  106.588052][ T6499] name failslab, interval 1, probability 0, space 0, times 0
[  106.608573][ T6499] CPU: 0 UID: 0 PID: 6499 Comm: syz.3.170 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[  106.608601][ T6499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  106.608612][ T6499] Call Trace:
[  106.608618][ T6499]  <TASK>
[  106.608626][ T6499]  dump_stack_lvl+0x16c/0x1f0
[  106.608658][ T6499]  should_fail_ex+0x497/0x5b0
[  106.608680][ T6499]  ? fs_reclaim_acquire+0xae/0x150
[  106.608709][ T6499]  should_failslab+0xc2/0x120
[  106.608729][ T6499]  __kmalloc_noprof+0xcb/0x510
[  106.608747][ T6499]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  106.608778][ T6499]  tomoyo_realpath_from_path+0xb9/0x720
[  106.608801][ T6499]  ? tomoyo_path_number_perm+0x235/0x590
[  106.608821][ T6499]  ? tomoyo_path_number_perm+0x235/0x590
[  106.608843][ T6499]  tomoyo_path_number_perm+0x248/0x590
[  106.608861][ T6499]  ? tomoyo_path_number_perm+0x235/0x590
[  106.608882][ T6499]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  106.608928][ T6499]  ? __pfx_lock_release+0x10/0x10
[  106.608952][ T6499]  ? trace_lock_acquire+0x14e/0x1f0
[  106.608981][ T6499]  ? lock_acquire+0x2f/0xb0
[  106.609003][ T6499]  ? __fget_files+0x40/0x3a0
[  106.609034][ T6499]  ? __fget_files+0x206/0x3a0
[  106.609064][ T6499]  security_file_ioctl+0x9b/0x240
[  106.609087][ T6499]  __x64_sys_ioctl+0xb7/0x200
[  106.609114][ T6499]  do_syscall_64+0xcd/0x250
[  106.609143][ T6499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.609168][ T6499] RIP: 0033:0x7f41c7d8cd29
[  106.609184][ T6499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.609201][ T6499] RSP: 002b:00007f41c8b65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  106.609218][ T6499] RAX: ffffffffffffffda RBX: 00007f41c7fa5fa0 RCX: 00007f41c7d8cd29
[  106.609230][ T6499] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000003
[  106.609240][ T6499] RBP: 00007f41c8b65090 R08: 0000000000000000 R09: 0000000000000000
[  106.609251][ T6499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.609262][ T6499] R13: 0000000000000000 R14: 00007f41c7fa5fa0 R15: 00007ffe30401718
[  106.609287][ T6499]  </TASK>
[  106.609295][ T6499] ERROR: Out of memory at tomoyo_realpath_from_path.
[  106.612637][ T6498] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.865808][   T29] audit: type=1400 audit(1737785588.364:305): avc:  denied  { open } for  pid=6494 comm="syz.3.170" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  106.892128][ T6498] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.925266][   T29] audit: type=1400 audit(1737785588.394:306): avc:  denied  { ioctl } for  pid=6494 comm="syz.3.170" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  107.177071][   T29] audit: type=1400 audit(1737785588.944:307): avc:  denied  { name_connect } for  pid=6501 comm="syz.2.172" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  107.394936][ T6512] netlink: 'syz.4.174': attribute type 21 has an invalid length.
[  107.433861][ T6512] netlink: 156 bytes leftover after parsing attributes in process `syz.4.174'.
[  107.452749][ T6515] netlink: 'syz.4.174': attribute type 21 has an invalid length.
[  107.474962][ T6515] netlink: 156 bytes leftover after parsing attributes in process `syz.4.174'.
[  108.012162][   T29] audit: type=1400 audit(1737785589.804:308): avc:  denied  { listen } for  pid=6518 comm="syz.1.177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  108.046357][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  108.053234][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  108.060161][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  108.066800][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  108.073417][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  108.080047][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  108.086173][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  108.097308][   T29] audit: type=1400 audit(1737785589.874:309): avc:  denied  { setattr } for  pid=6518 comm="syz.1.177" name="NETLINK" dev="sockfs" ino=11440 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  108.125179][ T5868] usb 1-1: USB disconnect, device number 5
[  108.386327][   T29] audit: type=1400 audit(1737785590.184:310): avc:  denied  { getopt } for  pid=6528 comm="syz.1.182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  108.588068][ T6537] netlink: 32 bytes leftover after parsing attributes in process `syz.1.184'.
[  109.488029][   T29] audit: type=1400 audit(1737785590.704:311): avc:  denied  { connect } for  pid=6535 comm="syz.1.184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  110.133209][ T6545] wg1 speed is unknown, defaulting to 1000
[  110.140555][ T6545] lo speed is unknown, defaulting to 1000
[  110.257167][ T6504] kexec: Could not allocate control_code_buffer
[  110.356285][   T29] audit: type=1400 audit(1737785592.154:312): avc:  denied  { search } for  pid=6556 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  110.470633][   T29] audit: type=1400 audit(1737785592.214:313): avc:  denied  { read } for  pid=6559 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  110.510410][   T29] audit: type=1400 audit(1737785592.214:314): avc:  denied  { open } for  pid=6559 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  110.579179][   T29] audit: type=1400 audit(1737785592.214:315): avc:  denied  { getattr } for  pid=6559 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  110.741872][ T6557] wg1 speed is unknown, defaulting to 1000
[  110.845886][   T29] audit: type=1400 audit(1737785592.214:316): avc:  denied  { getattr } for  pid=6559 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=1747 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  111.101807][   T29] audit: type=1400 audit(1737785592.234:317): avc:  denied  { create } for  pid=6554 comm="syz.4.190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  111.130243][   T29] audit: type=1400 audit(1737785592.384:318): avc:  denied  { read } for  pid=6561 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=1747 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  111.152400][   T29] audit: type=1400 audit(1737785592.384:319): avc:  denied  { open } for  pid=6561 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=1747 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  111.213683][   T29] audit: type=1400 audit(1737785592.994:320): avc:  denied  { read } for  pid=6554 comm="syz.4.190" laddr=172.20.20.170 lport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  111.605856][ T6557] lo speed is unknown, defaulting to 1000
[  112.188020][ T6562] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  112.395567][ T6582] netlink: 188 bytes leftover after parsing attributes in process `syz.1.195'.
[  112.413979][   T29] audit: type=1400 audit(1737785594.204:321): avc:  denied  { write } for  pid=6556 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1705 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  112.500142][ T6582] netlink: 'syz.1.195': attribute type 1 has an invalid length.
[  112.773718][ T6581] wg1 speed is unknown, defaulting to 1000
[  112.824747][ T6581] lo speed is unknown, defaulting to 1000
[  112.896090][ T6597] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  112.977561][ T1317] Bluetooth: hci5: Frame reassembly failed (-84)
[  114.722713][ T5868] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  114.901993][ T5868] usb 1-1: Using ep0 maxpacket: 32
[  114.910507][ T5868] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  114.926176][ T5868] usb 1-1: config 0 has no interface number 0
[  114.941874][ T5868] usb 1-1: config 0 interface 184 has no altsetting 0
[  114.943351][ T6645] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  114.963046][ T5868] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  114.973483][ T5868] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.981500][ T5868] usb 1-1: Product: syz
[  114.991894][ T5833] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  115.020589][ T5868] usb 1-1: Manufacturer: syz
[  115.031886][ T5868] usb 1-1: SerialNumber: syz
[  115.045705][ T5868] usb 1-1: config 0 descriptor??
[  115.063270][ T5868] smsc75xx v1.0.0
[  115.121936][ T5903] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  115.302051][ T5903] usb 5-1: Using ep0 maxpacket: 32
[  115.315096][ T5903] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  115.342265][ T5903] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  115.352656][ T5903] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  115.360919][ T5903] usb 5-1: Product: syz
[  115.366150][ T5903] usb 5-1: Manufacturer: syz
[  115.370842][ T5903] usb 5-1: SerialNumber: syz
[  115.382961][ T5903] usb 5-1: config 0 descriptor??
[  115.393018][ T6644] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  115.403062][   T29] kauditd_printk_skb: 32 callbacks suppressed
[  115.403076][   T29] audit: type=1400 audit(1737785597.204:354): avc:  denied  { getattr } for  pid=6646 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  115.434753][  T902] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  115.449207][   T29] audit: type=1400 audit(1737785597.234:355): avc:  denied  { write } for  pid=6646 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1705 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  115.500974][   T29] audit: type=1400 audit(1737785597.234:356): avc:  denied  { add_name } for  pid=6646 comm="dhcpcd-run-hook" name="resolv.conf.lapb5.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  115.544743][   T29] audit: type=1400 audit(1737785597.234:357): avc:  denied  { create } for  pid=6646 comm="dhcpcd-run-hook" name="resolv.conf.lapb5.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  115.577578][   T29] audit: type=1400 audit(1737785597.234:358): avc:  denied  { write } for  pid=6646 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.lapb5.link" dev="tmpfs" ino=2585 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  115.622134][  T902] usb 2-1: Using ep0 maxpacket: 32
[  115.627688][   T29] audit: type=1400 audit(1737785597.234:359): avc:  denied  { append } for  pid=6646 comm="dhcpcd-run-hook" name="resolv.conf.lapb5.link" dev="tmpfs" ino=2585 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  115.666425][  T902] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  115.677688][   T29] audit: type=1400 audit(1737785597.264:360): avc:  denied  { read } for  pid=6626 comm="syz.0.201" dev="nsfs" ino=4026532948 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  115.692406][ T5898] usb 5-1: USB disconnect, device number 7
[  115.709641][   T29] audit: type=1400 audit(1737785597.264:361): avc:  denied  { open } for  pid=6626 comm="syz.0.201" path="net:[4026532948]" dev="nsfs" ino=4026532948 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  115.709774][  T902] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  115.754156][   T29] audit: type=1400 audit(1737785597.264:362): avc:  denied  { create } for  pid=6626 comm="syz.0.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  115.779304][  T902] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  115.787931][  T902] usb 2-1: Product: syz
[  115.794809][  T902] usb 2-1: Manufacturer: syz
[  115.861836][   T29] audit: type=1400 audit(1737785597.264:363): avc:  denied  { bind } for  pid=6626 comm="syz.0.201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  115.882146][  T902] usb 2-1: SerialNumber: syz
[  115.888761][  T902] usb 2-1: config 0 descriptor??
[  115.898565][ T6654] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  115.921544][ T6677] netlink: 8 bytes leftover after parsing attributes in process `syz.3.210'.
[  116.097254][ T6687] netlink: 12 bytes leftover after parsing attributes in process `syz.3.212'.
[  116.486958][ T5868] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  116.498030][ T5868] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  116.533465][ T5868] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  116.606477][ T5868] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  116.638938][ T5868] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  116.649988][ T5868] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  116.670455][ T5868] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  116.692383][ T5868] usb 1-1: USB disconnect, device number 6
[  116.778397][ T6712] FAULT_INJECTION: forcing a failure.
[  116.778397][ T6712] name failslab, interval 1, probability 0, space 0, times 0
[  116.791112][ T6712] CPU: 1 UID: 0 PID: 6712 Comm: syz.3.215 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[  116.791136][ T6712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  116.791148][ T6712] Call Trace:
[  116.791154][ T6712]  <TASK>
[  116.791162][ T6712]  dump_stack_lvl+0x16c/0x1f0
[  116.791194][ T6712]  should_fail_ex+0x497/0x5b0
[  116.791217][ T6712]  ? fs_reclaim_acquire+0xae/0x150
[  116.791246][ T6712]  should_failslab+0xc2/0x120
[  116.791267][ T6712]  __kmalloc_node_noprof+0xd1/0x510
[  116.791285][ T6712]  ? mark_held_locks+0x9f/0xe0
[  116.791310][ T6712]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  116.791338][ T6712]  ? irqentry_exit+0x3b/0x90
[  116.791365][ T6712]  __kvmalloc_node_noprof+0xad/0x1a0
[  116.791391][ T6712]  traverse.part.0.constprop.0+0x392/0x640
[  116.791416][ T6712]  ? seq_read_iter+0x1ac/0x12b0
[  116.791434][ T6712]  ? seq_read_iter+0x8ce/0x12b0
[  116.791456][ T6712]  seq_read_iter+0x934/0x12b0
[  116.791484][ T6712]  vfs_read+0x886/0xbf0
[  116.791510][ T6712]  ? __pfx_vfs_read+0x10/0x10
[  116.791532][ T6712]  ? lock_acquire+0x2f/0xb0
[  116.791551][ T6712]  ? __fget_files+0x40/0x3a0
[  116.791584][ T6712]  __x64_sys_pread64+0x1f6/0x250
[  116.791606][ T6712]  ? __pfx___x64_sys_pread64+0x10/0x10
[  116.791642][ T6712]  do_syscall_64+0xcd/0x250
[  116.791666][ T6712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.791688][ T6712] RIP: 0033:0x7f41c7d8cd29
[  116.791701][ T6712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.791716][ T6712] RSP: 002b:00007f41c8b23038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  116.791734][ T6712] RAX: ffffffffffffffda RBX: 00007f41c7fa6160 RCX: 00007f41c7d8cd29
[  116.791745][ T6712] RDX: 00000000000000ed RSI: 0000000020002240 RDI: 0000000000000005
[  116.791755][ T6712] RBP: 00007f41c8b23090 R08: 0000000000000000 R09: 0000000000000000
[  116.791764][ T6712] R10: 00000000000004eb R11: 0000000000000246 R12: 0000000000000001
[  116.791774][ T6712] R13: 0000000000000000 R14: 00007f41c7fa6160 R15: 00007ffe30401718
[  116.791796][ T6712]  </TASK>
[  117.721936][ T5868] usb 5-1: new low-speed USB device number 8 using dummy_hcd
[  117.764955][ T6729] netlink: 'syz.0.220': attribute type 21 has an invalid length.
[  117.806200][ T6729] netlink: 156 bytes leftover after parsing attributes in process `syz.0.220'.
[  117.826263][ T6733] netlink: 'syz.0.220': attribute type 21 has an invalid length.
[  117.864659][ T6733] netlink: 156 bytes leftover after parsing attributes in process `syz.0.220'.
[  117.891821][ T5868] usb 5-1: Invalid ep0 maxpacket: 16
[  118.026933][ T5868] usb 5-1: new low-speed USB device number 9 using dummy_hcd
[  118.222361][ T5870] usb 2-1: USB disconnect, device number 8
[  118.931912][ T5868] usb 5-1: Invalid ep0 maxpacket: 16
[  118.979714][  T902] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  118.991954][ T5868] usb usb5-port1: attempt power cycle
[  119.007286][ T6749] FAULT_INJECTION: forcing a failure.
[  119.007286][ T6749] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.041902][ T6749] CPU: 0 UID: 0 PID: 6749 Comm: syz.1.225 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[  119.041929][ T6749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  119.041939][ T6749] Call Trace:
[  119.041945][ T6749]  <TASK>
[  119.041952][ T6749]  dump_stack_lvl+0x16c/0x1f0
[  119.041983][ T6749]  should_fail_ex+0x497/0x5b0
[  119.042009][ T6749]  _copy_from_user+0x2e/0xd0
[  119.042032][ T6749]  uhid_char_write+0x190/0x10b0
[  119.042051][ T6749]  ? __pfx_uhid_char_write+0x10/0x10
[  119.042067][ T6749]  vfs_write+0x24c/0x1150
[  119.042090][ T6749]  ? __fget_files+0x1fc/0x3a0
[  119.042109][ T6749]  ? __pfx_lock_release+0x10/0x10
[  119.042125][ T6749]  ? __pfx_vfs_write+0x10/0x10
[  119.042140][ T6749]  ? lock_acquire+0x2f/0xb0
[  119.042154][ T6749]  ? __fget_files+0x40/0x3a0
[  119.042171][ T6749]  ? __fget_files+0x206/0x3a0
[  119.042190][ T6749]  ksys_write+0x207/0x250
[  119.042205][ T6749]  ? __pfx_ksys_write+0x10/0x10
[  119.042224][ T6749]  do_syscall_64+0xcd/0x250
[  119.042242][ T6749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.042257][ T6749] RIP: 0033:0x7effe8f8cd29
[  119.042267][ T6749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.042277][ T6749] RSP: 002b:00007effe9e8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  119.042287][ T6749] RAX: ffffffffffffffda RBX: 00007effe91a5fa0 RCX: 00007effe8f8cd29
[  119.042294][ T6749] RDX: 0000000000000118 RSI: 00000000200004c0 RDI: 0000000000000003
[  119.042300][ T6749] RBP: 00007effe9e8b090 R08: 0000000000000000 R09: 0000000000000000
[  119.042307][ T6749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.042313][ T6749] R13: 0000000000000000 R14: 00007effe91a5fa0 R15: 00007ffe56289278
[  119.042327][ T6749]  </TASK>
[  119.325759][  T902] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.332200][    C1] 
[  119.336764][  T902] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.338944][    C1] =============================
[  119.338953][    C1] [ BUG: Invalid wait context ]
[  119.348872][  T902] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  119.353455][    C1] 6.13.0-syzkaller-06167-g0afd22092df4 #0 Not tainted
[  119.353466][    C1] -----------------------------
[  119.353471][    C1] syz.2.228/6756 is trying to lock:
[  119.353479][    C1] ffff88813fffc298 (&zone->lock){-.-.}-{3:3}, at: get_page_from_freelist+0xbbe/0x2f80
[  119.353517][    C1] other info that might help us debug this:
[  119.353522][    C1] context-{2:2}
[  119.353529][    C1] 4 locks held by syz.2.228/6756:
[  119.353538][    C1]  #0: ffffffff8ec25fd0 (tomoyo_ss){.+.+}-{0:0}, at: tomoyo_check_open_permission+0x167/0x3c0
[  119.353576][    C1]  #1: ffffffff8e37fb10 (remove_cache_srcu){.+.+}-{0:0}, at: kasan_quarantine_reduce+0x88/0x1e0
[  119.353629][    C1]  #2: ffffffff8e1be140 (rcu_read_lock){....}-{1:3}, at: page_ext_get+0x34/0x310
[  119.353662][    C1]  #3: ffff8880b8744c18 (&pcp->lock){+.+.}-{3:3}, at: get_page_from_freelist+0x350/0x2f80
[  119.353698][    C1] stack backtrace:
[  119.353705][    C1] CPU: 1 UID: 0 PID: 6756 Comm: syz.2.228 Not tainted 6.13.0-syzkaller-06167-g0afd22092df4 #0
[  119.353724][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  119.353733][    C1] Call Trace:
[  119.353738][    C1]  <IRQ>
[  119.353746][    C1]  dump_stack_lvl+0x116/0x1f0
[  119.353768][    C1]  __lock_acquire+0x878/0x3c40
[  119.353794][    C1]  ? irq_exit_rcu+0x9/0x30
[  119.353819][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  119.353839][    C1]  ? shmem_get_folio_gfp+0x689/0x1530
[  119.353862][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  119.353882][    C1]  ? hlock_class+0x4e/0x130
[  119.353899][    C1]  ? mark_lock+0xb5/0xc60
[  119.353921][    C1]  lock_acquire.part.0+0x11b/0x380
[  119.353943][    C1]  ? get_page_from_freelist+0xbbe/0x2f80
[  119.353960][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  119.353983][    C1]  ? rcu_is_watching+0x12/0xc0
[  119.354000][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[  119.354018][    C1]  ? do_raw_spin_trylock+0x66/0x180
[  119.354035][    C1]  ? get_page_from_freelist+0xbbe/0x2f80
[  119.354051][    C1]  ? lock_acquire+0x2f/0xb0
[  119.354072][    C1]  ? get_page_from_freelist+0xbbe/0x2f80
[  119.354089][    C1]  _raw_spin_lock_irqsave+0x3a/0x60
[  119.354109][    C1]  ? get_page_from_freelist+0xbbe/0x2f80
[  119.354126][    C1]  get_page_from_freelist+0xbbe/0x2f80
[  119.354149][    C1]  ? __pfx_get_page_from_freelist+0x10/0x10
[  119.354165][    C1]  ? should_fail_alloc_page+0xee/0x130
[  119.354183][    C1]  ? prepare_alloc_pages.constprop.0+0x16f/0x560
[  119.354209][    C1]  __alloc_pages_noprof+0x221/0x2470
[  119.354245][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  119.354266][    C1]  ? mark_lock+0xb5/0xc60
[  119.354285][    C1]  ? __pfx_mark_lock+0x10/0x10
[  119.354306][    C1]  ? __pfx_mark_lock+0x10/0x10
[  119.354327][    C1]  ? hlock_class+0x4e/0x130
[  119.354345][    C1]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  119.354361][    C1]  ? find_held_lock+0x2d/0x110
[  119.354380][    C1]  ? is_bpf_text_address+0x8a/0x1a0
[  119.354408][    C1]  ? lock_acquire+0x2f/0xb0
[  119.354437][    C1]  ? is_bpf_text_address+0x30/0x1a0
[  119.354460][    C1]  ? bpf_ksym_find+0x127/0x1c0
[  119.354477][    C1]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  119.354502][    C1]  ? policy_nodemask+0xea/0x4e0
[  119.354521][    C1]  alloc_pages_mpol_noprof+0x2c8/0x620
[  119.354542][    C1]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  119.354567][    C1]  stack_depot_save_flags+0x8aa/0x9c0
[  119.354588][    C1]  ? __lock_acquire+0xcc5/0x3c40
[  119.354616][    C1]  kasan_save_stack+0x42/0x60
[  119.354641][    C1]  ? kasan_save_stack+0x33/0x60
[  119.354663][    C1]  ? __kasan_record_aux_stack+0xba/0xd0
[  119.354683][    C1]  ? task_work_add+0xc0/0x3b0
[  119.354703][    C1]  ? run_posix_cpu_timers+0x69f/0x7d0
[  119.354723][    C1]  ? update_process_times+0x1a1/0x2d0
[  119.354745][    C1]  ? tick_nohz_handler+0x376/0x530
[  119.354763][    C1]  ? __hrtimer_run_queues+0x5fb/0xae0
[  119.354779][    C1]  ? hrtimer_interrupt+0x392/0x8e0
[  119.354794][    C1]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  119.354819][    C1]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[  119.354839][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  119.354863][    C1]  ? _raw_spin_unlock_irqrestore+0x31/0x80
[  119.354884][    C1]  ? __rmqueue_pcplist+0x5b1/0x1600
[  119.354907][    C1]  ? get_page_from_freelist+0x3d2/0x2f80
[  119.354923][    C1]  ? __alloc_pages_noprof+0x221/0x2470
[  119.354938][    C1]  ? alloc_pages_mpol_noprof+0x2c8/0x620
[  119.354958][    C1]  ? stack_depot_save_flags+0x8aa/0x9c0
[  119.354978][    C1]  ? save_stack+0x16f/0x1f0
[  119.354999][    C1]  ? __reset_page_owner+0x8d/0x400
[  119.355022][    C1]  ? free_unref_page+0x661/0x1080
[  119.355045][    C1]  ? __put_partials+0x14c/0x170
[  119.355067][    C1]  ? qlist_free_all+0x4e/0x120
[  119.355089][    C1]  ? kasan_quarantine_reduce+0x195/0x1e0
[  119.355114][    C1]  ? __kasan_slab_alloc+0x69/0x90
[  119.355129][    C1]  ? __kmalloc_noprof+0x1cd/0x510
[  119.355143][    C1]  ? tomoyo_realpath_from_path+0xb9/0x720
[  119.355163][    C1]  ? tomoyo_check_open_permission+0x2ad/0x3c0
[  119.355179][    C1]  ? tomoyo_file_open+0x6b/0x90
[  119.355199][    C1]  ? security_file_open+0x84/0x1e0
[  119.355219][    C1]  ? do_dentry_open+0x57c/0x1c40
[  119.355242][    C1]  ? vfs_open+0x82/0x3f0
[  119.355258][    C1]  ? path_openat+0x1e88/0x2d80
[  119.355280][    C1]  ? do_filp_open+0x20c/0x470
[  119.355301][    C1]  ? file_open_name+0x2a4/0x450
[  119.355319][    C1]  ? filp_open+0x4b/0x80
[  119.355335][    C1]  ? do_coredump+0x1e27/0x4400
[  119.355352][    C1]  ? get_signal+0x230b/0x26c0
[  119.355376][    C1]  ? arch_do_signal_or_restart+0x90/0x7e0
[  119.355395][    C1]  ? syscall_exit_to_user_mode+0x150/0x2a0
[  119.355417][    C1]  ? do_syscall_64+0xda/0x250
[  119.355440][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.355468][    C1]  __kasan_record_aux_stack+0xba/0xd0
[  119.355489][    C1]  task_work_add+0xc0/0x3b0
[  119.355510][    C1]  ? __pfx_task_work_add+0x10/0x10
[  119.355531][    C1]  ? lock_acquire.part.0+0x11b/0x380
[  119.355552][    C1]  ? find_held_lock+0x2d/0x110
[  119.355571][    C1]  run_posix_cpu_timers+0x69f/0x7d0
[  119.355591][    C1]  ? __pfx_run_posix_cpu_timers+0x10/0x10
[  119.355617][    C1]  ? sched_balance_trigger+0x225/0xea0
[  119.355643][    C1]  ? __pfx_sched_balance_trigger+0x10/0x10
[  119.355667][    C1]  ? sched_tick+0x286/0x4f0
[  119.355690][    C1]  update_process_times+0x1a1/0x2d0
[  119.355714][    C1]  ? __pfx_update_process_times+0x10/0x10
[  119.355738][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  119.355756][    C1]  ? update_wall_time+0x1c/0x40
[  119.355778][    C1]  tick_nohz_handler+0x376/0x530
[  119.355796][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  119.355813][    C1]  __hrtimer_run_queues+0x5fb/0xae0
[  119.355833][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  119.355849][    C1]  ? read_tsc+0x9/0x20
[  119.355869][    C1]  hrtimer_interrupt+0x392/0x8e0
[  119.355891][    C1]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  119.355916][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  119.355938][    C1]  </IRQ>
[  119.355943][    C1]  <TASK>
[  119.355949][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  119.355972][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[  119.355995][    C1] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 96 ca 3e f6 48 89 df e8 ee 49 3f f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 35 20 30 f6 65 8b 05 96 f2 ab 74 85 c0 74 16 5b
[  119.356011][    C1] RSP: 0018:ffffc9001b336850 EFLAGS: 00000246
[  119.356025][    C1] RAX: 0000000000000002 RBX: ffff88813fffc280 RCX: 1ffffffff2dd7410
[  119.356035][    C1] RDX: 0000000000000000 RSI: ffffffff8b6cd840 RDI: ffffffff8bd2e7c0
[  119.356046][    C1] RBP: 0000000000000202 R08: 0000000000000001 R09: fffffbfff2dd6f98
[  119.356057][    C1] R10: ffffffff96eb7cc7 R11: dffffc0000000000 R12: 000000000000000f
[  119.356068][    C1] R13: dffffc0000000000 R14: ffff8880b8744cc8 R15: ffff8880b8744c00
[  119.356086][    C1]  __rmqueue_pcplist+0x5b1/0x1600
[  119.356114][    C1]  ? do_raw_spin_trylock+0xb1/0x180
[  119.356130][    C1]  ? __pfx___rmqueue_pcplist+0x10/0x10
[  119.356154][    C1]  ? lock_acquire+0x2f/0xb0
[  119.356175][    C1]  ? get_page_from_freelist+0x350/0x2f80
[  119.356193][    C1]  get_page_from_freelist+0x3d2/0x2f80
[  119.356214][    C1]  ? hlock_class+0x4e/0x130
[  119.356231][    C1]  ? __pfx_get_page_from_freelist+0x10/0x10
[  119.356247][    C1]  ? should_fail_alloc_page+0xee/0x130
[  119.356265][    C1]  ? prepare_alloc_pages.constprop.0+0x16f/0x560
[  119.356288][    C1]  ? hlock_class+0x4e/0x130
[  119.356306][    C1]  __alloc_pages_noprof+0x221/0x2470
[  119.356324][    C1]  ? hlock_class+0x4e/0x130
[  119.356341][    C1]  ? __lock_acquire+0xcc5/0x3c40
[  119.356361][    C1]  ? hlock_class+0x4e/0x130
[  119.356379][    C1]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  119.356397][    C1]  ? __pfx_mark_lock+0x10/0x10
[  119.356420][    C1]  ? unwind_next_frame+0xe5d/0x20c0
[  119.356444][    C1]  ? arch_stack_walk+0x74/0x100
[  119.356460][    C1]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  119.356485][    C1]  ? policy_nodemask+0xea/0x4e0
[  119.356503][    C1]  alloc_pages_mpol_noprof+0x2c8/0x620
[  119.356523][    C1]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  119.356544][    C1]  ? filp_open+0x4b/0x80
[  119.356564][    C1]  stack_depot_save_flags+0x8aa/0x9c0
[  119.356587][    C1]  save_stack+0x16f/0x1f0
[  119.356618][    C1]  ? __pfx_save_stack+0x10/0x10
[  119.356640][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  119.356662][    C1]  ? free_unref_page+0x661/0x1080
[  119.356685][    C1]  ? __put_partials+0x14c/0x170
[  119.356707][    C1]  ? qlist_free_all+0x4e/0x120
[  119.356729][    C1]  ? kasan_quarantine_reduce+0x195/0x1e0
[  119.356751][    C1]  ? __kasan_slab_alloc+0x69/0x90
[  119.356767][    C1]  ? __kmalloc_noprof+0x1cd/0x510
[  119.356781][    C1]  ? tomoyo_realpath_from_path+0xb9/0x720
[  119.356801][    C1]  ? tomoyo_check_open_permission+0x2ad/0x3c0
[  119.356817][    C1]  ? tomoyo_file_open+0x6b/0x90
[  119.356837][    C1]  ? security_file_open+0x84/0x1e0
[  119.356856][    C1]  ? do_dentry_open+0x57c/0x1c40
[  119.356878][    C1]  ? vfs_open+0x82/0x3f0
[  119.356894][    C1]  ? path_openat+0x1e88/0x2d80
[  119.356915][    C1]  ? do_filp_open+0x20c/0x470
[  119.356937][    C1]  ? file_open_name+0x2a4/0x450
[  119.356954][    C1]  ? filp_open+0x4b/0x80
[  119.356974][    C1]  __reset_page_owner+0x8d/0x400
[  119.357001][    C1]  free_unref_page+0x661/0x1080
[  119.357027][    C1]  __put_partials+0x14c/0x170
[  119.357052][    C1]  qlist_free_all+0x4e/0x120
[  119.357075][    C1]  ? tomoyo_realpath_from_path+0xb9/0x720
[  119.357094][    C1]  kasan_quarantine_reduce+0x195/0x1e0
[  119.357119][    C1]  __kasan_slab_alloc+0x69/0x90
[  119.357136][    C1]  __kmalloc_noprof+0x1cd/0x510
[  119.357151][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  119.357174][    C1]  ? rcu_is_watching+0x12/0xc0
[  119.357191][    C1]  tomoyo_realpath_from_path+0xb9/0x720
[  119.357215][    C1]  tomoyo_check_open_permission+0x2ad/0x3c0
[  119.357232][    C1]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  119.357260][    C1]  ? __pfx_hook_file_open+0x10/0x10
[  119.357285][    C1]  ? lock_acquire+0x2f/0xb0
[  119.357305][    C1]  ? mnt_get_write_access+0x6a/0x300
[  119.357325][    C1]  tomoyo_file_open+0x6b/0x90
[  119.357347][    C1]  security_file_open+0x84/0x1e0
[  119.357365][    C1]  do_dentry_open+0x57c/0x1c40
[  119.357390][    C1]  ? inode_permission+0xdd/0x5f0
[  119.357409][    C1]  vfs_open+0x82/0x3f0
[  119.357425][    C1]  ? may_open+0x1f2/0x400
[  119.357444][    C1]  path_openat+0x1e88/0x2d80
[  119.357472][    C1]  ? __pfx_path_openat+0x10/0x10
[  119.357494][    C1]  ? kasan_save_stack+0x42/0x60
[  119.357517][    C1]  ? kasan_save_stack+0x33/0x60
[  119.357540][    C1]  ? kasan_save_track+0x14/0x30
[  119.357564][    C1]  ? __kasan_slab_alloc+0x89/0x90
[  119.357580][    C1]  do_filp_open+0x20c/0x470
[  119.357608][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.357630][    C1]  ? __pfx_do_filp_open+0x10/0x10
[  119.357665][    C1]  file_open_name+0x2a4/0x450
[  119.357684][    C1]  ? __pfx_file_open_name+0x10/0x10
[  119.357701][    C1]  ? kmem_cache_alloc_noprof+0x279/0x3d0
[  119.357727][    C1]  ? getname_kernel+0x52/0x370
[  119.357744][    C1]  ? __asan_memcpy+0x3c/0x60
[  119.357767][    C1]  filp_open+0x4b/0x80
[  119.357784][    C1]  do_coredump+0x1e27/0x4400
[  119.357807][    C1]  ? __pfx_do_coredump+0x10/0x10
[  119.357827][    C1]  ? hlock_class+0x4e/0x130
[  119.357844][    C1]  ? __lock_acquire+0x15a9/0x3c40
[  119.357869][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  119.357890][    C1]  ? reacquire_held_locks+0x20b/0x4c0
[  119.357912][    C1]  ? __lock_task_sighand+0xc2/0x340
[  119.357935][    C1]  ? lock_acquire.part.0+0x11b/0x380
[  119.357962][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  119.357977][    C1]  ? lock_acquire+0x2f/0xb0
[  119.357999][    C1]  ? posixtimer_deliver_signal+0x1ad/0x650
[  119.358025][    C1]  ? posixtimer_deliver_signal+0x1ad/0x650
[  119.358047][    C1]  ? find_held_lock+0x2d/0x110
[  119.358072][    C1]  ? proc_coredump_connector+0x2d2/0x4f0
[  119.358093][    C1]  ? __pfx_proc_coredump_connector+0x10/0x10
[  119.358117][    C1]  get_signal+0x230b/0x26c0
[  119.358143][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  119.358165][    C1]  ? __pfx_get_signal+0x10/0x10
[  119.358189][    C1]  ? find_held_lock+0x2d/0x110
[  119.358207][    C1]  arch_do_signal_or_restart+0x90/0x7e0
[  119.358230][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  119.358252][    C1]  ? __might_fault+0xe3/0x190
[  119.358274][    C1]  syscall_exit_to_user_mode+0x150/0x2a0
[  119.358297][    C1]  do_syscall_64+0xda/0x250
[  119.358320][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.358342][    C1] RIP: 0033:0x7fdadd58cd29
[  119.358356][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.358372][    C1] RSP: 002b:00007fdade4af038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  119.358387][    C1] RAX: 0000000000000000 RBX: 00007fdadd7a5fa0 RCX: 00007fdadd58cd29
[  119.358397][    C1] RDX: 000000002006b000 RSI: e54aef35e9c2845d RDI: 0000000000000000
[  119.358408][    C1] RBP: 00007fdadd60e2a0 R08: 0000000000000000 R09: 0000000000000000
[  119.358419][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  119.358429][    C1] R13: 0000000000000000 R14: 00007fdadd7a5fa0 R15: 00007ffea690cfc8
[  119.358445][    C1]  </TASK>
[  119.387376][ T6758] wg1 speed is unknown, defaulting to 1000
[  119.388627][  T902] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  119.398485][ T5868] usb 5-1: new low-speed USB device number 10 using dummy_hcd
[  119.404069][  T902] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.437143][ T6758] lo speed is unknown, defaulting to 1000
[  119.592725][ T5868] usb 5-1: Invalid ep0 maxpacket: 16
[  119.598167][  T902] usb 1-1: config 0 descriptor??
[  119.776528][ T5868] usb 5-1: new low-speed USB device number 11 using dummy_hcd
[  120.188595][  T902] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  120.547647][ T6738] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  120.560947][  T902] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  120.847074][ T5868] usb 5-1: device not accepting address 11, error -71
[  120.860989][ T5868] usb usb5-port1: unable to enumerate USB device
[  120.892274][  T902] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  120.916209][  T902] usb 1-1: USB disconnect, device number 7
[  120.927649][ T6761] netlink: 'syz.1.230': attribute type 15 has an invalid length.
[  120.936305][ T6761] netlink: 24 bytes leftover after parsing attributes in process `syz.1.230'.