last executing test programs:

1m34.706389726s ago: executing program 4 (id=105):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r5}]}, 0x20}}, 0x0)

1m29.905140407s ago: executing program 4 (id=122):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}}], {0x14}}, 0x3c}}, 0x0)

1m29.556571901s ago: executing program 4 (id=124):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x21, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
getpriority(0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000600), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000780))
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, 0x0, 0x0)

1m29.370211746s ago: executing program 4 (id=125):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000100)={0x2c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_TX_RATES={0x4}]}, 0x2c}}, 0x0)

1m29.178598885s ago: executing program 4 (id=126):
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x5c094}, 0x40095)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_type(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r2, &(0x7f0000000280), 0x9)
r3 = openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000c40), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_subtree(r4, &(0x7f0000000140), 0x2, 0x0)
syz_clone(0x5000000, 0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000300))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f00000001c0), 0x12)
write$cgroup_subtree(r5, &(0x7f0000000100)={[{0x2b, 'pids'}]}, 0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
bind$unix(r8, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r9, 0x6, 0xe, &(0x7f0000001500)={@in6={{0xa, 0x4e20, 0xc, @empty, 0x5f6}}, 0x0, 0x0, 0x48, 0x0, "bb353738cb473fc7c9f1cf53b6a7b4e23602a3c364ca41d6e5615445244740bd4c0b42a21d7214bf92594925208a0e2f964e654dc534a6324d4993fcf19b2df3ee818a118a7c49462189316d556d2ccd"}, 0xd8)
sendto$inet6(r9, &(0x7f00000000c0), 0xfe8d, 0x20008045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[], 0x48)
r11 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r11, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095", @ANYRES64=r10, @ANYRES64=r11], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r12}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wg1\x00'})

1m28.937507054s ago: executing program 4 (id=128):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x8)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$TCFLSH(r6, 0x400455c8, 0x2)
ioctl$TIOCSETD(r6, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0xfc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000300)=@framed={{}, [@jmp={0x5, 0x0, 0xe, 0x0, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}]}, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000280)=0x4)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f00000001c0)=0xfe)
sendmsg$rds(r6, 0x0, 0x8000)

1m13.894037919s ago: executing program 32 (id=128):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x8)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$TCFLSH(r6, 0x400455c8, 0x2)
ioctl$TIOCSETD(r6, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0xfc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000300)=@framed={{}, [@jmp={0x5, 0x0, 0xe, 0x0, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}]}, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000280)=0x4)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f00000001c0)=0xfe)
sendmsg$rds(r6, 0x0, 0x8000)

20.437516265s ago: executing program 0 (id=319):
r0 = syz_open_dev$loop(&(0x7f0000000180), 0x8, 0x200000)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f00000001c0))
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fstat(r1, &(0x7f00000043c0))
r2 = accept4$ax25(0xffffffffffffffff, &(0x7f0000000000)={{0x3, @bcast}, [@bcast, @netrom, @remote, @null, @netrom, @null, @rose]}, &(0x7f0000000080)=0x48, 0x80800)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
read$FUSE(r3, &(0x7f0000000240)={0x2020}, 0x2020)
setsockopt$ax25_SO_BINDTODEVICE(r2, 0x101, 0x19, &(0x7f00000000c0)=@netrom={'nr', 0x0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3)
r7 = socket$kcm(0x29, 0x5, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r7, 0x119, 0x1, &(0x7f00000000c0), 0x4)
getresuid(&(0x7f0000004640), 0x0, 0x0)
getsockname(r1, 0x0, &(0x7f0000006380))
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x9, 0x16, &(0x7f0000001900)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

14.152339791s ago: executing program 0 (id=339):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_lsm={0x1d, 0x11, &(0x7f0000000340)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x90c0022}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @map_idx={0x18, 0x8}, @jmp={0x5, 0x0, 0x9, 0x3, 0x9, 0x4, 0xffffffffffffffff}, @ringbuf_query, @map_fd={0x18, 0x6}, @call={0x85, 0x0, 0x0, 0xa9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x4b, &(0x7f0000000400)=""/75, 0x41000, 0x2, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x1, 0x1, 0x8, 0x2}, 0x10, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000480)=[0xffffffffffffffff], 0x0, 0x10, 0x8, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0xffffffffffffff47, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x20, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'bridge0\x00'})
open(0x0, 0x145142, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff810000400e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = open(0x0, 0x4c37e, 0x0)
r8 = socket$tipc(0x1e, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x1}, &(0x7f00000001c0)=0x8)
bind$tipc(r8, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1806000000000b0056109122230000000964fdd601ff49820051790e67ed4cb581de56b9ddf10568", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r7)

11.36955965s ago: executing program 0 (id=344):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
preadv(r1, 0x0, 0x0, 0x10007, 0xd273)
socket(0x200000100000011, 0x3, 0x3)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x121041)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x20002)
r5 = socket$alg(0x26, 0x5, 0x0)
getsockopt$sock_buf(r5, 0x1, 0x1c, 0x0, &(0x7f0000000100))
write$evdev(r4, &(0x7f0000000040), 0x373)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)

10.382595647s ago: executing program 0 (id=347):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x1b1101, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0xc, 0x8, 0x1, 0x483}})
ioctl$KDGKBMODE(r3, 0x4b44, &(0x7f0000000040))
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_usb_connect$uac1(0x2, 0xa6, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000106b1d01010000000003010902940003010040000904000000010100000a2401000000020102132406000006000000281ab0ab2c90619b34000000000000000000000924030000000000000924050000f8211cfd0924030500000004000724050401"], 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
fcntl$setstatus(r4, 0x4, 0x7c00)
writev(r4, &(0x7f0000000040)=[{&(0x7f0000000000)='5', 0xfdef}], 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0xa, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003440), 0x0, 0x22, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0a00000004007dfd3ce86f02198063ee4d276b4e759fac018a33fbe552f95565489f010cf2ea478b6c427ff899df8a0f24577099895f75347efb4bbcc50c467cf4ee0f337ea62b67a925f9b957ad1c64dd016547e70907957311a1225fa8a9f42d8136ccf1f27ac857d8279a50f93b3a5f613f5f66718321e791e4251b2ccd5a7b99b0aec5d4dc47a46e39bc5cc910b60749436a5bf0ffcb42e90d35dab30e709213e78ebdee2ea5df39a11d6fe13d5e00"/186, @ANYRES32, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b304000000000000850000000100000095f0a460a2e81d03e38dd7443e17a57faa4bba60cbe811791ce36faf9889e56be75649a5b76cb95233934c0850159de2aecfca20876a389d6dd596f9d8"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='mmap_lock_acquire_returned\x00', r6}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000240)=ANY=[@ANYBLOB="050000000000000069113200000000008510000002000000850000000500000095000000000000009500a5050000000045dd0bfd9563458fcdf3"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
set_mempolicy(0x4003, 0x0, 0x3)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
munlockall()
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f0000000900)={0x0, 0x0, 0x2, 0x7, 0x2000, 0x2}, 0x14)
listen(r7, 0x1ff)
socket$inet_sctp(0x2, 0x5, 0x84)

10.105335041s ago: executing program 3 (id=349):
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000140)={0x1d, r2, 0x2, {0x0, 0x0, 0x1}, 0x1}, 0x18)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0xc7ec}, 0x1c)
r3 = socket$igmp6(0xa, 0x3, 0x2)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000000380)={0x0, 0x2, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
close_range(r4, 0xffffffffffffffff, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

9.081435997s ago: executing program 3 (id=352):
r0 = socket$kcm(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20044818)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000380), 0x109000, 0x0) (fail_nth: 3)

8.972213809s ago: executing program 5 (id=353):
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
r0 = getegid()
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
getpgid(r1)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, <r3=>0x0}, 0x2020)
fstat(0xffffffffffffffff, &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
write$FUSE_STATX(r2, &(0x7f0000002100)={0x130, 0xfffffffffffffff5, r3, {0x3, 0x9, 0x0, '\x00', {0x10000, 0x8a41, 0x8000, 0xd, r4, r0, 0x1000, '\x00', 0x6, 0x4, 0x5, 0x7a45, {0x3, 0xb}, {0x1, 0x8}, {0x4, 0x2}, {0x2, 0x10000}, 0x401, 0x9, 0x2}}}, 0x130)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
ftruncate(0xffffffffffffffff, 0xfffffffffffffffc)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)

8.74558748s ago: executing program 5 (id=355):
syz_io_uring_setup(0x5e78, &(0x7f0000000440)={0x0, 0x6d87, 0x4000, 0x40000, 0x359}, &(0x7f0000000400), &(0x7f0000000040)=<r0=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f00000000c0)=0xfffffffc, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001000000", @ANYRESHEX=r0, @ANYBLOB='\x00'/20, @ANYRESDEC=r1, @ANYRES32, @ANYBLOB="00000000000100"/28], 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES64], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
r5 = accept$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, &(0x7f0000000300)=0x10)
shutdown(r5, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000540)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r8, &(0x7f0000000000), 0xd)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
timerfd_create(0x8, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, <r9=>0x0}, &(0x7f0000000280)=0xc)
setreuid(0x0, r9)

8.511552664s ago: executing program 2 (id=356):
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_dccp(0x2, 0x6, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
socket$inet(0x2, 0x2, 0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000640)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106}}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b70300000000002085000000720000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = socket(0x10, 0x2, 0x0)
write(r5, &(0x7f0000000040)="1c0000001a009b8a14e5f40700426e2400000000ff00000000000000", 0x23)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)

7.431884396s ago: executing program 2 (id=357):
socket$nl_route(0x10, 0x3, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000001, 0x12, r0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000010a80)=@raw={'raw\x00', 0x8, 0x3, 0xa08, 0x100, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x970, 0xffffffff, 0xffffffff, 0x970, 0xffffffff, 0x3, 0x0, {[{{@ip={@broadcast, @private, 0x0, 0x0, 'batadv0\x00', 'batadv_slave_0\x00', {}, {}, 0x21}, 0x6, 0xa0, 0x100, 0x0, {}, [@common=@inet=@dccp={{0x30}, {[], [], 0x3d8}}]}, @common=@SET={0x60}}, {{@ip={@loopback, @dev, 0x0, 0x0, 'veth0_virt_wifi\x00', 'bond_slave_0\x00'}, 0x0, 0x850, 0x870, 0x0, {}, [@common=@unspec=@u32={{0x7e0}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xa68)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1c, 0x0, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6089, @void, @value}, 0x94)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x8000, 0x0, 0xfffffffffffffffd, 0x2)
ppoll(&(0x7f0000000500), 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000240)='n7', 0x2}], 0x1}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
r5 = syz_init_net_socket$ax25(0x3, 0x3, 0x7)
bind$ax25(r5, &(0x7f0000000540)={{0x3, @default}, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)

7.29350147s ago: executing program 5 (id=358):
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(r1, 0x6)
socket(0x10, 0x3, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0) (fail_nth: 3)

7.052965337s ago: executing program 0 (id=360):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000795d6c08450c3b616dc4010203010902120001000000200904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000140)={0x20, 0xd, 0x84, {0x84, 0x5, "b5042f903bfa199825154e2b0e9ec085431c1c52d4e766ba77f023acaecb2e621afb01f3126b79892fa7d0503e17cfa1de9f5437c8453a2922e26afc6a2755e51cb66145313ef7502e6dcf2dc0c0ab8b5ba839444b939801b7131d72829e5687fb9ed7ed090c92aec486ce9a4fd06de007f2cdbaf6229c01bfa51655e23bbb294fa3"}}, &(0x7f0000000080)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x42d}}, &(0x7f0000000280)={0x0, 0xf, 0x20, {0x5, 0xf, 0x20, 0x2, [@ext_cap={0x7, 0x10, 0x2, 0x6, 0x3, 0x2, 0x4}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "b7c530860253184624dfe8b0c5b1ea3c"}]}}, &(0x7f00000002c0)={0x20, 0x29, 0xf, {0xf, 0x29, 0x0, 0x2, 0x7f, 0x4, "cb91699a", "0fb9ec4b"}}, &(0x7f0000000300)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x2, 0x60, 0x0, 0x0, 0x2, 0x200, 0x6}}}, &(0x7f0000000ac0)={0x84, &(0x7f0000000440)={0x20, 0x8, 0xc2, "416789f8deae8697bd541ee2a2ac43a6dabcfc71e6d9c5818c7320a3e9a106e26c628cd646c9b43e389800026d62bd75797f290800de8ecfde72084289e85520b60b40bb3179349c549a6c6f81eab08a1bd0b4ad084eb08a3843c6b4ea9ab1d4592943b85cdeabffec5f2ba9e03463c9426a20dbd2bf742e30c02566032f2fda5c61592e27c9543f5cdd6746daae2d331c2ac3137ceda55852506388d1beccc82920450e863381f0b116e8027d7b1d25258059733bbbc77964cf160d872cf27190da"}, &(0x7f0000000380)={0x0, 0xa, 0x1, 0x8}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0xf9}, &(0x7f0000000540)={0x20, 0x0, 0x4, {0x1}}, &(0x7f0000000580)={0x20, 0x0, 0x4, {0x100, 0x40}}, &(0x7f00000005c0)={0x40, 0x7, 0x2, 0x44c}, &(0x7f0000000600)={0x40, 0x9, 0x1, 0x3}, &(0x7f0000000640)={0x40, 0xb, 0x2, "9b5f"}, &(0x7f0000000680)={0x40, 0xf, 0x2, 0x3}, &(0x7f00000006c0)={0x40, 0x13, 0x6, @multicast}, &(0x7f00000007c0)={0x40, 0x17, 0x6, @broadcast}, &(0x7f00000008c0)={0x40, 0x19, 0x2, "0f49"}, &(0x7f0000000900)={0x40, 0x1a, 0x2, 0xb}, &(0x7f0000000940)={0x40, 0x1c, 0x1, 0x3a}, &(0x7f0000000980)={0x40, 0x1e, 0x1, 0x8}, &(0x7f00000009c0)={0x40, 0x21, 0x1, 0x6}})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000500)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
setresuid(0xee00, 0xee01, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_clone3(&(0x7f0000000200)={0x4304000, 0x0, 0x0, 0x0, {0x16}, 0x0, 0x0, 0x0, 0x0}, 0x63)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1, 0xf, &(0x7f0000000a40)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

6.565390665s ago: executing program 3 (id=361):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000001640)={0x24, &(0x7f00000003c0)=ANY=[@ANYBLOB="0022410000004108840b51afeb2a47c70e863b81a38ef7f37e705dc1cd895c"], 0x0, 0x0, &(0x7f0000001600)={0x0, 0x21, 0x9, {0x9, 0x21, 0x5, 0x6, 0x1, {0x22, 0x85e}}}}, 0x0)
fsync(0xffffffffffffffff)
syz_usb_control_io(r1, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socketpair(0x29, 0x2, 0x4, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000012020000000000000000000001050000018000000000000000010000850200000000000000010000000000000400000000da"], 0x0, 0x52, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

6.347925809s ago: executing program 5 (id=362):
socket$inet6(0xa, 0x2, 0x0)
msgsnd(0x0, &(0x7f0000000180)={0x3}, 0x8, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x2, 0x1800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, 0x0)
write$vhost_msg_v2(r1, &(0x7f00000003c0)={0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8040, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000002100)=0x1)

5.413625964s ago: executing program 2 (id=363):
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(r1, 0x6)
socket(0x10, 0x3, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0)

5.272062558s ago: executing program 5 (id=365):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000004c0), 0x4)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff})
rseq(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x2, &(0x7f0000000200)=<r7=>0x0)
eventfd2(0x0, 0x0)
io_getevents(r7, 0x1, 0x1, &(0x7f0000000080)=[{}], 0x0)
io_submit(r7, 0x1, &(0x7f0000000680)=[0x0])
shutdown(r6, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$inet(r3, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r3, &(0x7f0000004900)=[{{0x0, 0x0, 0x0}, 0xd57e}], 0x1, 0x60010020, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000e4c5ad101d062003010902120001000000000904000000102db00000000000006e71497b54261717e1cd0859d24d42a2c6f4fe2c70b9432edf3f824bf3730b8cb1b7537da25d72a6ad22df8a700f4a38baa45456ed9154f53f6d3b0af92ac6d4845beda38f35e2dfd78f099c6bfe677d45163a816a94674285e93cb4aacfedc04744ab0f194e31e6"], 0x0)
mknod(&(0x7f0000000280)='./file0\x00', 0x0, 0xfffffffd)
setxattr$trusted_overlay_origin(0x0, &(0x7f0000000440), 0x0, 0x0, 0x1)
sendto$inet(r3, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

4.977540677s ago: executing program 1 (id=366):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0xd9623000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')

4.336727913s ago: executing program 2 (id=367):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r3, 0x0, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r3)
sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(r3, 0x0, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000009c0)=@newtclass={0x88c, 0x28, 0x100, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x6, 0x3}, {0xf, 0xffe0}, {0xec16b97b6c14e65e, 0xb}}, [@TCA_RATE={0x6, 0x5, {0xfc, 0xf9}}, @TCA_RATE={0x6, 0x5, {0x81, 0x2}}, @tclass_kind_options=@c_htb={{0x8}, {0x824, 0x2, [@TCA_HTB_CEIL64={0xc, 0x7, 0x4}, @TCA_HTB_CTAB={0x404, 0x3, [0x8, 0xfffffff7, 0x5bf67ff, 0x0, 0x5, 0xffffffff, 0x8, 0xe40, 0x8, 0x4, 0x45, 0x31, 0xa, 0x6, 0xe, 0x10, 0x5, 0x3, 0xffffff52, 0x8, 0x7, 0xf5, 0x5c, 0xffffffff, 0x10, 0x8, 0xf, 0xfffffffe, 0x1000, 0x4, 0xe8f, 0x8, 0x7, 0x8, 0xa, 0x3, 0x2, 0x70, 0xfff, 0x40, 0x1e34, 0x5, 0x6, 0xa, 0x0, 0x9b7a, 0x6, 0x40, 0x8, 0x1, 0xbe, 0xa, 0xfffffffa, 0x1, 0x7, 0xd2e, 0xee3e, 0x6, 0x300000, 0x1, 0xe, 0x6922, 0x8, 0x5, 0x2, 0x8, 0xc, 0x3, 0x2, 0xffffffff, 0x3, 0x6, 0x1ff, 0x3, 0x0, 0xf4, 0x8eb, 0x80000000, 0x45ec, 0x4, 0xe, 0xfaf, 0x40, 0xbd3, 0xbe, 0x5, 0x7, 0x1, 0x9, 0xffffffff, 0x3e, 0x800, 0x8d000000, 0x80, 0x6, 0x5e0, 0x40, 0x5, 0x7fffffff, 0x9, 0x1, 0xfffffffe, 0x9, 0x1, 0x6, 0x5, 0x8, 0x2, 0x80000001, 0x2, 0xffffffff, 0x1, 0x6, 0x29a5, 0x10001, 0xc2, 0xe0f3, 0x0, 0x9, 0xffffff7b, 0x80000001, 0x80000000, 0x9, 0x1, 0x7, 0x1, 0x1, 0xe, 0xcf, 0xfffffff9, 0x80, 0xd0c, 0x3, 0x8, 0xc, 0x1000, 0x80000000, 0x1, 0x5, 0xfd8a, 0x6, 0x5, 0x194aa4d6, 0x4f8, 0x8, 0x9, 0xfffffffa, 0x0, 0x3, 0x6, 0x3ff, 0x8, 0xff, 0xfffffc01, 0xe, 0x9, 0x9, 0xc2b, 0x73a00000, 0x4, 0x1, 0x9, 0xdce, 0x0, 0x0, 0x6, 0x3, 0x101, 0x10000, 0xa, 0x7f, 0x3d9, 0x7, 0x6, 0x100, 0x7, 0x3e90, 0x8, 0x7, 0x4, 0x7fffffff, 0x8, 0x6, 0x5, 0xfffff800, 0xd, 0x1, 0x0, 0x8, 0x6, 0x6, 0xff, 0xb0e, 0x0, 0x8001, 0x83a, 0x6, 0x4, 0x0, 0x0, 0xc, 0x1, 0x4, 0x8, 0x7, 0xbe, 0x5, 0xa7f5, 0xcc, 0xffffff3f, 0x800, 0x5, 0x8, 0x9, 0x8, 0x7fffffff, 0x80000001, 0x0, 0x2, 0x2, 0x2, 0x10000, 0x40, 0x2, 0x6, 0xc10, 0x4, 0x5, 0x0, 0x0, 0xd, 0x9, 0x7, 0xffffffff, 0x4, 0x9, 0x39, 0x0, 0xb8c, 0xfffffffa, 0x4, 0x6, 0xb, 0x101, 0xfffffffd, 0x6, 0x4, 0xbe9, 0x5, 0x6, 0xd, 0x5, 0x3, 0x936d, 0x2, 0x94f]}, @TCA_HTB_RATE64={0xc, 0x6, 0x6}, @TCA_HTB_CTAB={0x404, 0x3, [0xfffffffa, 0x2, 0xa9, 0x2, 0x6, 0x5, 0xd2, 0x9313, 0xbde1, 0x5ead, 0x3, 0x1, 0x7fff, 0xfffffffc, 0x53a, 0x2, 0x7fff, 0x7, 0x1, 0x200, 0x800, 0x1, 0x0, 0x6, 0x0, 0x1, 0x2, 0x7, 0x8, 0x2, 0x8, 0x2, 0x8, 0xa, 0x5, 0x2, 0x40, 0x4d, 0xc, 0xed30, 0x607, 0x81, 0xfffffc81, 0x0, 0x200, 0x4, 0x7fffffff, 0x2, 0x4, 0x8, 0x11, 0x0, 0x4, 0x4, 0x5, 0x0, 0x3, 0x4, 0x1, 0x6, 0x9bc7, 0x3, 0x8, 0x40d, 0x401, 0x8f, 0x3cf3, 0x1, 0x5, 0x1, 0x2, 0x4, 0x6, 0x3, 0x1, 0xfffffff7, 0x1, 0x7fff, 0x1, 0xffffffff, 0x40, 0xfed13a76, 0x5, 0xfffffff7, 0x3, 0x4, 0x7, 0x0, 0x9, 0x7f54, 0xf, 0x81, 0x5, 0x2, 0x5, 0x7, 0x1, 0x7, 0x10001, 0x0, 0x4, 0x3, 0x1, 0x800, 0x0, 0x10, 0x7718, 0x2, 0x9, 0xfff, 0x32ca, 0x6, 0x80000001, 0x7, 0x0, 0x3a, 0x8, 0x100, 0xfffffffa, 0x5, 0xc0, 0x1, 0x10001, 0x81, 0x9fcd, 0x10000000, 0x9, 0x1, 0x7, 0x866, 0x6, 0x370, 0x7, 0x236, 0x80, 0x7, 0x80, 0x100, 0x1, 0x7f, 0x7, 0x6, 0x1, 0x0, 0x2, 0x10001, 0x0, 0x8, 0x4, 0x9, 0xa, 0x5, 0x7c000, 0x1, 0x93, 0x200, 0x4, 0x7d6, 0x5, 0x60e7, 0x8, 0x9f, 0x4, 0xeb, 0xfffffe4f, 0xf5f, 0x8, 0x9, 0x1, 0x0, 0xa2b9, 0x7, 0x3, 0x7fff, 0x8, 0x7, 0x8, 0xd, 0x2, 0x8, 0xd, 0x0, 0x5, 0x1, 0x1, 0x0, 0x7, 0x1, 0x5, 0x1000, 0x3, 0x1000, 0x8001, 0xe1, 0x9, 0x2, 0x3, 0xb, 0x6, 0x8000, 0x6, 0xfffffffd, 0xffffffff, 0x9, 0x10, 0x1, 0x8, 0x4, 0x7, 0x81, 0x5, 0x6, 0x4, 0x4, 0xc482, 0x6d, 0x8, 0x9be, 0x0, 0x5, 0x11a, 0x9, 0x4, 0xdf4, 0x0, 0x3, 0x4, 0xfffffffd, 0x6, 0x2, 0x7, 0x1, 0x5, 0x6, 0x3, 0x3ff, 0x0, 0x9, 0x5, 0x1, 0x6, 0x7, 0xe, 0x4, 0x1, 0xc0e5, 0x6, 0x9, 0x0, 0x9, 0x8, 0x7, 0x4, 0xffff8f1d, 0x99]}]}}, @TCA_RATE={0x6, 0x5, {0x7}}, @TCA_RATE={0x6, 0x5, {0x9, 0x6}}, @tclass_kind_options=@c_red={0x8}, @tclass_kind_options=@c_taprio={0xb}, @TCA_RATE={0x6, 0x5, {0x3}}]}, 0x88c}}, 0x4044040)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000002100))
ioctl$VHOST_GET_VRING_ENDIAN(r4, 0x4028af11, &(0x7f00000001c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000040))
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000980), r7)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000180)={'wpan0\x00'})
sendmsg$NL802154_CMD_SET_TX_POWER(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x801)
ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f0000000280)={0x10000, 0x108000})
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)

2.540798261s ago: executing program 0 (id=368):
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0) (async)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0)
socket$inet(0x2, 0x3, 0x6)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffd8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) (async)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) (async)
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x20000008, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x20000008, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_open_dev$sndmidi(&(0x7f0000000080), 0xc, 0x109042)
syz_open_dev$amidi(&(0x7f0000000040), 0x2, 0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000001c0)={'wg0\x00'})
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
read$FUSE(0xffffffffffffffff, &(0x7f0000000440)={0x2020}, 0x2020) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000000440)={0x2020}, 0x2020)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x390, 0x218, 0x43, 0xa0, 0x218, 0x98, 0x2f8, 0x178, 0x178, 0x2f8, 0x178, 0x49, 0x0, {[{{@uncond, 0x12a, 0x1f0, 0x218, 0x0, {0x0, 0x7a010000}, [@common=@inet=@hashlimit2={{0x150}, {'veth0_to_hsr\x00', {0x1, 0xffffffff, 0x20, 0x5, 0xfffff9ae, 0x8001, 0x2, 0x20, 0x78}, {0x5}}}, @common=@inet=@dccp={{0x30}, {[0x4e23, 0x4e25], [0x4e23, 0x4e24], 0x5, 0x0, 0x7, 0x6}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x2, 0x4, 0x1}, {0x4, 0x3}}}}, {{@uncond, 0x0, 0x70, 0xe0}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x4, 0x4, 0x5, 0x1, 0x0, "dbb5764d0547ea9c46dc7226d59f04de76f192e1a0860c9b15330ba739e3d6603e2461114edde3f54ac09b5326939b10e743adb0c4a0b5cce3341ca32b1ddb2f"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3f0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r5 = socket$inet(0x2, 0x3, 0x30)
getsockopt$inet_mreqsrc(r5, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000080)=0x5)

2.533375208s ago: executing program 3 (id=369):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
landlock_create_ruleset(&(0x7f00000000c0)={0x3ca77cb50a882084, 0x1}, 0x18, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r6, 0x29, 0x41, 0x0, &(0x7f0000000500))
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="8c0000000001010400000000ffffff8802000000240001801400018008000100ac1414bb08000200ac1414bb0c00028005000100000000002400028014000180080001000000004008000200ac1414bb0c0002800500010000000000080007400000000028000680080002007f000001080001000000000014000380060001"], 0x8c}, 0x1, 0x600000000000000, 0x0, 0x40}, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r4, 0x8914, &(0x7f0000000000))
syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f00000007c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @bcast, @bpq0, 0x2, [@default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default]})
r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r7, 0xc0045540, 0xffffffffffffffff)
r8 = syz_open_dev$evdev(&(0x7f0000000340), 0xfffffffffffffff7, 0x2000)
ioctl$EVIOCGVERSION(r8, 0x5421, &(0x7f0000002200)=""/188)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e21, 0x4, @loopback, 0x80000000}, 0x1c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000440)=0x8, 0x4)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000004c0)="cc", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000005c0)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f93076aea55ed9cf12512ce3ac3df331695024bd1e53369a87caf6894fce811a64dad315402678de76", 0x390}, {&(0x7f0000000300)="439e9c06fc666cabc8569d63a866b31ff3ceda1e28f23f455e96a02001fc3fb089ed9e5234", 0x25}], 0x2}}], 0x2, 0x4048884)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1ff, 0x8b}, 0x0)

2.346941129s ago: executing program 2 (id=370):
openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f00000014c0), 0x40280, 0x0)
fanotify_init(0x0, 0x80000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
close_range(r0, 0xffffffffffffffff, 0x0)

2.297978007s ago: executing program 1 (id=371):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='uid_map\x00')
preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000480)=""/175, 0xaf}], 0x1, 0x8b, 0x8b)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
write$binfmt_script(r5, 0x0, 0x0)
sendmsg(r5, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000003000000000000000000"], 0x48)
r7 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000000c0)={'lo\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="300000001c000102000000000000000002000009", @ANYRES32=r9, @ANYBLOB="000000000a0001"], 0x30}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000))
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff)
sendmsg$NFT_MSG_GETCHAIN(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)={0x14, 0x4, 0xa, 0x301}, 0x14}}, 0x0)

2.085290903s ago: executing program 5 (id=372):
r0 = syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x113100)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
readv(r1, &(0x7f0000000240)=[{&(0x7f0000000140)=""/201, 0xc9}], 0x6) (fail_nth: 3)
close(r1)
mremap(&(0x7f0000638000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000805000/0x2000)=nil)
read$FUSE(r0, &(0x7f0000005140)={0x2020}, 0x2020)

892.063395ms ago: executing program 2 (id=373):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
r2 = io_uring_setup(0x929, &(0x7f0000000100)={0x0, 0xffffeff7, 0x8000, 0x1, 0x3, 0x0, r1})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000580)=""/4082, 0xff2}], 0x1)
r3 = syz_open_pts(r0, 0xca000)
ioctl$KDSIGACCEPT(r3, 0x5607, 0x100000000f)
r4 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r4, 0xc0287c02, &(0x7f0000000180)={0x80000000, 0x0, &(0x7f00000006c0)=[{}, {{}, {<r5=>0x80000000}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r4, 0xc0347c03, &(0x7f0000000400)={{0x80000000, 0x0, 0x3, [0x0, 0x200]}, {r5}, 0x1})
syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03"], 0x0)

855.726087ms ago: executing program 3 (id=374):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000b40), 0x600, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000))
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000080)=<r1=>0x0)
r2 = syz_open_procfs(r1, &(0x7f0000000040)='net/fib_triestat\x00')
write$P9_RWSTAT(r2, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
shutdown(r3, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x9, &(0x7f0000000900)="f7a41e92f1f7fee9d7ec2c4d22341d3b520bb2bc22e8cd9b9d54929f4b17e09f624f31f2fe09bb75f4d4820d5c6f35557408734173e45a6296ef22389904c476bab15d57ef7e5481139826f03b60b7180f6606e97915ea6087134dacb15d1211c441c951122489aab5ce7334e5355e99f54e5bcc696d906862c620a5969a934ce4260a6c939981f862e5b02eafdabc3d63a6941a313604750629bd149d336d452c539eaf2363a3665db49998979ca40e121a82247a503c318c234dd1bff859e5af151b5257c95311619b02e37bfba7a25e64498e5b1df928c51edee80d8aa27c2768e72c761851", 0xe7)
r4 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
setsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, &(0x7f0000000480)={0x8, 0x4}, 0x2)
r5 = dup3(r3, r0, 0x0)
recvmmsg(r5, &(0x7f0000000880)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000000c0)=@ll, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000140)=""/167, 0xa7}, {&(0x7f0000000200)=""/31, 0x1f}, {&(0x7f0000000240)=""/140, 0x8c}, {&(0x7f0000000300)=""/244, 0xf4}, {&(0x7f0000000500)=""/217, 0xd9}, {&(0x7f0000000b80)=""/4096, 0x1000}, {&(0x7f0000000400)=""/71, 0x47}, {&(0x7f0000000600)=""/250, 0xfa}, {&(0x7f0000000700)=""/162, 0xa2}], 0x9, &(0x7f0000000480)}, 0x6925}], 0x2, 0xf0, 0x0)

727.859662ms ago: executing program 1 (id=375):
r0 = socket(0x22, 0x2, 0x3)
sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4041094}, 0x8d811)
r1 = openat$binfmt_register(0xffffff9c, &(0x7f0000000140), 0x1, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x230000, 0x0)
fsopen(0x0, 0x0)
r2 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
r3 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000002c0)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x80000180], 0x88, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff880000000000000000000000000000000000000000000000000002306d000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000b891e0afc7cd2f9cdb82164530b2eef3587dfc2f2a9547d193"]}, 0x124)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r3, &(0x7f0000000000)={0xa0000001})
epoll_wait(r7, &(0x7f0000000240)=[{}], 0x1, 0x100)
write$binfmt_register(r1, &(0x7f0000000200)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x9, 0x3a, '\\', 0x3a, 'resv_level', 0x3a, './file0'}, 0x32)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r9=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r8, 0x3b85, &(0x7f0000000080)={0x28, 0x0, r9, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x9})
sendmsg$TIPC_NL_BEARER_ENABLE(r6, &(0x7f0000000a80)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000b40)={0x308, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x24, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}]}, @TIPC_NLA_PUBL={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xe08}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xb798}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xb4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x35126640}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffffffa}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xff}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffffffff}]}, @TIPC_NLA_NODE={0x4}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xe55}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xdd38}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}]}, @TIPC_NLA_BEARER={0x90, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'erspan0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x29}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff0}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7}, @TIPC_NLA_BEARER_NAME={0xfffffffffffffef4, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x6, @empty, 0x7ff}}}}]}, @TIPC_NLA_LINK={0x4}, @TIPC_NLA_NODE={0xa8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x57, 0x3, "9d65635ff5c2178912b63ecbd5770c48b3f75da87ef55fe21fa76b88cfd7af50c735ee53706b94496e2ab44cb26450355c785f883b591efa52d64f6a31d2c421320c09b87bdf070916dc324a4c41ddb52d1788"}, @TIPC_NLA_NODE_KEY={0x3f, 0x4, {'gcm(aes)\x00', 0x17, "dff01aa7a93c2e7e8757a4cbc89e9d06eafc738772f744"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_MEDIA={0x54, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffff236}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_LINK={0xbc, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}, @TIPC_NLA_LINK_PROP={0x4}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5f0f}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x308}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="1000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000000000000200000000000000000000000000000000000000024366dd680a0c2722c896a024978443b3ddccd11007314ea9b60b3c9f7da1dbc716c40e0c060fd23f2441244d799cb0c88199b0274c00000000000000004b3a10e810b965980c1032f98fda9996f4a9c7ff42db1425e883e39dc09c1196995e3a99e6e2c498b601887213a9e266c68fdbe92449922a96eba3b72c11e74b8ea7a589c2086d66368e23c954767e97fdf16dcf92f27082c856e0e0d71364fefe7bd6012018d3471a96348dbccd452eaaea4f4ddf77833a3a55a88ffdcc422484c7b489b5d70845cbc6e99169e10ee1e3914e071cfae667d4e94d9b02637fdc02d8e4a2b48d9cb03c6ea4f0f5a5f4a404fecfeca1f5dab73372121030a1"], 0x50)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000280)={'wg0\x00', <r11=>0x0})
r12 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x8000, 0x0)
lseek(r12, 0xffffffff, 0x4)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0300000004000000040000000a0000810d63e178b6440000000000", @ANYRES32=r10, @ANYBLOB="0500"/20, @ANYRES32=r11, @ANYRES32=r12, @ANYBLOB="04000000050000000400"/28], 0x50)

601.596097ms ago: executing program 3 (id=376):
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_dccp(0x2, 0x6, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
socket$inet(0x2, 0x2, 0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000640)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106}}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket(0x10, 0x2, 0x0)
write(r3, &(0x7f0000000040)="1c0000001a009b8a14e5f40700426e2400000000ff000000000000", 0x1b)

344.110437ms ago: executing program 1 (id=377):
r0 = fanotify_init(0x1, 0x2)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0xe, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
fanotify_mark(r0, 0x455, 0x40000008, r1, 0x0)
fanotify_mark(r0, 0x41, 0x8000038, r1, 0x0)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b4000000000000007911a80088ffffff1e00000000000000950000ace684788a18ae28b18fb80c00000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)

242.268241ms ago: executing program 1 (id=378):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r1 = dup(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000014d564b00000000af"])
ioctl$KVM_RUN(r5, 0xae80, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYRESHEX=r2, @ANYBLOB="70b880026481e5e806b8b14df4ad28f1ed1ad41b434cbf6948e1e241f1ae11371d8855ff87c10ca123b02110c29af450d4b4b1366e0467d9098e22a2a29b56b75786c02b1cbf101db38a950af2a2b8a544a982137c92eef5a0e2946b23a6cdb4e46926a0800f", @ANYBLOB="20fa9cf0e59b28502da42a94d9a94754943121d04d0648e6a54c05d06960b1bb1b04b027b8282522c7adadb6b54d28bc2127141a2818092af77821788751c6ee49d19c112b81b0da2b1f8b032b64d67bb066437ee83fbd3fa312e79c25268615dc97c2bd41b18e5d3a30e04bb0b7472b6db0e134249d9c26a60b2c9a5f84f1365fe12e8954048beb6770ef6ca9c8c2d97d3bd92d77619c8a942100ee4f420f7b8d35658af117e793d38b2e10563dea53ca0714fe62f47618c8196d5c9b04f15d809194fe"])

0s ago: executing program 1 (id=379):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x101000)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_emit_vhci(0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
rt_sigaction(0x8, 0x0, 0x0, 0x8, &(0x7f0000000300))
r2 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, 0x0)

kernel console output (not intermixed with test programs):

dit: type=1400 audit(1742745727.805:259): avc:  denied  { block_suspend } for  pid=6252 comm="syz.2.98" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   81.719388][   T30] kauditd_printk_skb: 1 callbacks suppressed
[   81.719423][   T30] audit: type=1400 audit(1742745728.765:261): avc:  denied  { setopt } for  pid=6263 comm="syz.1.101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   81.840113][ T5902] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   82.675637][   T30] audit: type=1326 audit(1742745729.725:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.0.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d8b8d169 code=0x7ffc0000
[   82.863672][   T30] audit: type=1326 audit(1742745729.725:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.0.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d8b8d169 code=0x7ffc0000
[   82.886908][    C0] vkms_vblank_simulate: vblank timer overrun
[   82.895587][   T30] audit: type=1326 audit(1742745729.765:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.0.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f96d8b8d169 code=0x7ffc0000
[   82.918809][    C0] vkms_vblank_simulate: vblank timer overrun
[   82.941180][   T30] audit: type=1326 audit(1742745729.765:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.0.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d8b8d169 code=0x7ffc0000
[   82.990146][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   83.011126][ T6287] netlink: 8 bytes leftover after parsing attributes in process `syz.0.104'.
[   83.250128][    T9] usb 3-1: Using ep0 maxpacket: 16
[   83.276399][    T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   83.467874][   T30] audit: type=1326 audit(1742745729.765:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.0.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d8b8d169 code=0x7ffc0000
[   83.500473][    T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[   83.573687][   T30] audit: type=1326 audit(1742745729.765:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.0.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f96d8b8bad0 code=0x7ffc0000
[   83.714602][    T9] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   83.880036][   T30] audit: type=1326 audit(1742745729.765:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.0.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d8b8d169 code=0x7ffc0000
[   83.903269][    C0] vkms_vblank_simulate: vblank timer overrun
[   83.959302][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   84.010342][    T9] usb 3-1: Product: syz
[   84.014543][    T9] usb 3-1: Manufacturer: syz
[   84.019182][    T9] usb 3-1: SerialNumber: syz
[   84.024760][   T30] audit: type=1326 audit(1742745729.765:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.0.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d8b8d169 code=0x7ffc0000
[   84.118621][   T30] audit: type=1326 audit(1742745729.765:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.0.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f96d8b8d169 code=0x7ffc0000
[   84.268364][    T9] usb 3-1: 0:2 : does not exist
[   84.276604][    T9] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[   84.330031][    T9] usb 3-1: USB disconnect, device number 4
[   84.338917][ T6296] 9pnet_fd: Insufficient options for proto=fd
[   84.632448][ T5919] udevd[5919]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   85.955150][ T6318] FAULT_INJECTION: forcing a failure.
[   85.955150][ T6318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.674905][ T6318] CPU: 0 UID: 0 PID: 6318 Comm: syz.2.116 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[   86.674928][ T6318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   86.674936][ T6318] Call Trace:
[   86.674941][ T6318]  <TASK>
[   86.674946][ T6318]  dump_stack_lvl+0x16c/0x1f0
[   86.674974][ T6318]  should_fail_ex+0x50a/0x650
[   86.675002][ T6318]  _copy_from_user+0x2e/0xd0
[   86.675019][ T6318]  copy_msghdr_from_user+0x99/0x160
[   86.675044][ T6318]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   86.675079][ T6318]  ___sys_sendmsg+0xff/0x1e0
[   86.675104][ T6318]  ? __pfx____sys_sendmsg+0x10/0x10
[   86.675135][ T6318]  ? __pfx_lock_release+0x10/0x10
[   86.675157][ T6318]  ? trace_lock_acquire+0x14e/0x1f0
[   86.675182][ T6318]  ? __fget_files+0x206/0x3a0
[   86.675204][ T6318]  __sys_sendmsg+0x16e/0x220
[   86.675228][ T6318]  ? __pfx___sys_sendmsg+0x10/0x10
[   86.675266][ T6318]  do_syscall_64+0xcd/0x250
[   86.675291][ T6318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.675313][ T6318] RIP: 0033:0x7f22e958d169
[   86.675326][ T6318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.675339][ T6318] RSP: 002b:00007f22ea3ba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.675354][ T6318] RAX: ffffffffffffffda RBX: 00007f22e97a5fa0 RCX: 00007f22e958d169
[   86.675364][ T6318] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[   86.675374][ T6318] RBP: 00007f22ea3ba090 R08: 0000000000000000 R09: 0000000000000000
[   86.675383][ T6318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.675392][ T6318] R13: 0000000000000000 R14: 00007f22e97a5fa0 R15: 00007fff7d47e098
[   86.675421][ T6318]  </TASK>
[   87.274740][   T30] kauditd_printk_skb: 25 callbacks suppressed
[   87.274755][   T30] audit: type=1400 audit(1742745734.335:296): avc:  denied  { bind } for  pid=6329 comm="syz.2.121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   87.497049][ T6328] netlink: 8 bytes leftover after parsing attributes in process `syz.1.119'.
[   87.563035][   T30] audit: type=1400 audit(1742745734.335:297): avc:  denied  { node_bind } for  pid=6329 comm="syz.2.121" saddr=fe80::38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   87.716279][   T30] audit: type=1326 audit(1742745734.445:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6323 comm="syz.1.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e3b18d169 code=0x7ffc0000
[   87.782641][   T30] audit: type=1326 audit(1742745734.445:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6323 comm="syz.1.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e3b18d169 code=0x7ffc0000
[   87.807441][   T30] audit: type=1326 audit(1742745734.555:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6323 comm="syz.1.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f6e3b18d169 code=0x7ffc0000
[   87.947209][   T30] audit: type=1326 audit(1742745734.555:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6323 comm="syz.1.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e3b18d169 code=0x7ffc0000
[   87.973936][   T30] audit: type=1326 audit(1742745734.555:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6323 comm="syz.1.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e3b18d169 code=0x7ffc0000
[   87.980151][ T5902] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   88.091784][   T30] audit: type=1326 audit(1742745734.565:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6323 comm="syz.1.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e3b18d169 code=0x7ffc0000
[   88.136653][   T30] audit: type=1326 audit(1742745734.565:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6323 comm="syz.1.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e3b18d169 code=0x7ffc0000
[   88.311254][ T5902] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   88.336073][ T6346] syz.0.120: attempt to access beyond end of device
[   88.336073][ T6346] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0
[   88.349863][ T5902] usb 3-1: config 0 interface 0 has no altsetting 0
[   88.361984][ T5902] usb 3-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[   88.372105][   T30] audit: type=1326 audit(1742745734.565:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6323 comm="syz.1.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6e3b18d169 code=0x7ffc0000
[   88.414422][ T5902] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.444231][ T5902] usb 3-1: Product: syz
[   88.454355][ T5902] usb 3-1: Manufacturer: syz
[   88.458991][ T5902] usb 3-1: SerialNumber: syz
[   88.510659][ T5902] usb 3-1: config 0 descriptor??
[   88.517924][ T6346] XFS (nbd0): SB validate failed with error -5.
[   88.546485][ T5902] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[   88.778289][ T5902] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   88.791752][ T5902] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[   88.801322][ T5902] usb 3-1: media controller created
[   88.915702][ T5902] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   88.984918][    T9] usb 2-1: new low-speed USB device number 2 using dummy_hcd
[   89.140064][ T5902] DVB: Unable to find symbol tda10046_attach()
[   89.200605][    T9] usb 2-1: config 0 interface 0 altsetting 10 endpoint 0x81 has invalid wMaxPacketSize 0
[   89.217287][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[   89.227415][ T5902] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[   89.234251][    T9] usb 2-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[   89.258315][ T5902] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[   89.265458][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.295679][    T9] usb 2-1: config 0 descriptor??
[   89.727258][    T9] uclogic 0003:145F:0212.0001: interface is invalid, ignoring
[   89.940834][ T5869] IPVS: starting estimator thread 0...
[   89.948880][ T5869] usb 2-1: USB disconnect, device number 2
[   90.051027][ T5902] dvb_usb_m920x 3-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[   90.060174][ T6367] IPVS: using max 51 ests per chain, 122400 per kthread
[   90.069355][ T5902] usb 3-1: USB disconnect, device number 5
[   93.134004][   T30] kauditd_printk_skb: 21 callbacks suppressed
[   93.144550][   T30] audit: type=1400 audit(1742745740.195:327): avc:  denied  { write } for  pid=6405 comm="syz.0.140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   93.266694][ T6410] x_tables: ip_tables: osf match: only valid for protocol 6
[   93.560084][   T30] audit: type=1400 audit(1742745740.195:328): avc:  denied  { nlmsg_read } for  pid=6405 comm="syz.0.140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   93.618116][ T6414] syz.2.142 uses obsolete (PF_INET,SOCK_PACKET)
[   93.723036][ T6416] 9pnet: p9_errstr2errno: server reported unknown error 18446744073
[   95.111456][ T6424] netlink: 6 bytes leftover after parsing attributes in process `syz.3.141'.
[   95.170093][    T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   95.283592][ T6430] 8021q: adding VLAN 0 to HW filter on device bond1
[   95.313771][ T6434] ptrace attach of "./syz-executor exec"[5819] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[   95.336281][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   95.604834][    T9] usb 1-1: config 0 interface 0 has no altsetting 0
[   95.613972][    T9] usb 1-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[   95.623531][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.631612][    T9] usb 1-1: Product: syz
[   95.640009][    T9] usb 1-1: Manufacturer: syz
[   95.644646][    T9] usb 1-1: SerialNumber: syz
[   95.661015][    T9] usb 1-1: config 0 descriptor??
[   95.674667][    T9] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[   95.711734][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   95.740426][    T9] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[   95.749079][    T9] usb 1-1: media controller created
[   95.777818][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   95.869313][    T9] DVB: Unable to find symbol tda10046_attach()
[   95.890640][    T9] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[   95.899268][    T9] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[   95.947375][   T30] audit: type=1400 audit(1742745743.005:329): avc:  denied  { name_connect } for  pid=6441 comm="syz.3.149" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   96.000077][   T30] audit: type=1400 audit(1742745743.055:330): avc:  denied  { read write } for  pid=6441 comm="syz.3.149" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   96.049795][   T30] audit: type=1400 audit(1742745743.055:331): avc:  denied  { open } for  pid=6441 comm="syz.3.149" path="/dev/raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   96.099053][   T30] audit: type=1400 audit(1742745743.055:332): avc:  denied  { ioctl } for  pid=6441 comm="syz.3.149" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   96.230095][ T5838] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[   96.407217][ T5838] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   96.435617][ T5838] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   96.453052][ T5838] usb 4-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[   96.458551][   T30] audit: type=1326 audit(1742745743.515:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6445 comm="syz.2.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22e958d169 code=0x7ffc0000
[   96.468110][ T5838] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[   96.528141][ T5838] usb 4-1: Manufacturer: syz
[   96.549499][ T5838] usb 4-1: config 0 descriptor??
[   96.642345][   T30] audit: type=1326 audit(1742745743.515:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6445 comm="syz.2.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22e958d169 code=0x7ffc0000
[   96.666473][   T30] audit: type=1326 audit(1742745743.515:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6445 comm="syz.2.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f22e958d169 code=0x7ffc0000
[   96.690131][   T30] audit: type=1326 audit(1742745743.515:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6445 comm="syz.2.150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22e958d169 code=0x7ffc0000
[   96.745858][ T6447] netlink: 8 bytes leftover after parsing attributes in process `syz.2.150'.
[   96.973522][    T9] dvb_usb_m920x 1-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[   97.000258][    T9] usb 1-1: USB disconnect, device number 5
[   97.026609][ T5838] cougar 0003:060B:700A.0002: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[   97.383835][ T5838] usb 4-1: USB disconnect, device number 4
[   97.661329][ T6459] x_tables: ip_tables: osf match: only valid for protocol 6
[   99.322116][ T5838] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   99.380063][   T30] kauditd_printk_skb: 32 callbacks suppressed
[   99.380078][   T30] audit: type=1400 audit(1742745746.415:369): avc:  denied  { create } for  pid=6474 comm="syz.0.159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   99.436420][   T30] audit: type=1400 audit(1742745746.475:370): avc:  denied  { accept } for  pid=6472 comm="syz.1.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[   99.460276][   T26] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   99.494804][ T5838] usb 3-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[   99.504247][ T5838] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.518667][ T5838] usb 3-1: Product: syz
[   99.528217][ T5838] usb 3-1: Manufacturer: syz
[   99.538195][ T5838] usb 3-1: SerialNumber: syz
[   99.549980][ T5838] usb 3-1: config 0 descriptor??
[   99.566339][ T5838] i2c-tiny-usb 3-1:0.0: version 6d.cc found at bus 003 address 006
[   99.633302][   T26] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[   99.660090][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.680003][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.689773][   T26] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[   99.730962][   T26] usb 4-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[   99.740568][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.756536][   T26] usb 4-1: config 0 descriptor??
[   99.856209][   T30] audit: type=1400 audit(1742745746.915:371): avc:  denied  { create } for  pid=6474 comm="syz.0.159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  100.197791][ T6469] overlayfs: missing 'lowerdir'
[  100.236601][   T26] usbhid 4-1:0.0: can't add hid device: -71
[  100.254409][   T26] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  100.282371][   T26] usb 4-1: USB disconnect, device number 5
[  100.391946][ T6483] x_tables: ip_tables: osf match: only valid for protocol 6
[  101.960292][ T5838] i2c i2c-3: failure reading functionality
[  102.004736][ T5838] i2c i2c-3: connected i2c-tiny-usb device
[  102.317625][ T5838] usb 3-1: USB disconnect, device number 6
[  102.545387][   T30] audit: type=1400 audit(1742745749.605:372): avc:  denied  { ioctl } for  pid=6495 comm="syz.2.164" path="socket:[10235]" dev="sockfs" ino=10235 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  102.695879][   T30] audit: type=1400 audit(1742745749.725:373): avc:  denied  { create } for  pid=6495 comm="syz.2.164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  102.840118][ T5902] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  102.994741][ T5902] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  103.010015][ T5902] usb 4-1: config 0 interface 0 has no altsetting 0
[  103.042152][ T5902] usb 4-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  103.061033][ T5902] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.069063][ T5902] usb 4-1: Product: syz
[  103.100006][ T5902] usb 4-1: Manufacturer: syz
[  103.104637][ T5902] usb 4-1: SerialNumber: syz
[  103.121075][ T5902] usb 4-1: config 0 descriptor??
[  103.131982][ T5902] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  103.176695][ T5902] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  103.204853][ T5902] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  103.225222][ T5902] usb 4-1: media controller created
[  103.282865][ T5902] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  103.525455][ T5902] DVB: Unable to find symbol tda10046_attach()
[  103.542710][ T5902] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  103.560256][ T5902] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  103.570508][ T6518] netlink: 'syz.0.166': attribute type 1 has an invalid length.
[  104.426076][ T5828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  104.434775][ T5828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  104.496083][ T5828] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  104.506480][ T5828] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  104.513997][ T5828] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  104.521347][ T5828] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  104.538526][   T30] audit: type=1400 audit(1742745751.595:374): avc:  denied  { mounton } for  pid=6531 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  104.630126][   T52] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  104.645718][   T30] audit: type=1400 audit(1742745751.705:375): avc:  denied  { execute } for  pid=6507 comm="syz.1.167" path="/41/cpu.stat" dev="tmpfs" ino=238 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  104.682016][ T5902] dvb_usb_m920x 4-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  104.715661][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.728672][ T5902] usb 4-1: USB disconnect, device number 6
[  104.833492][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.844210][   T52] usb 3-1: Using ep0 maxpacket: 8
[  104.851274][   T52] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.868527][   T52] usb 3-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  104.895063][   T52] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.918145][   T52] usb 3-1: config 0 descriptor??
[  104.930253][ T6531] chnl_net:caif_netlink_parms(): no params data found
[  105.004697][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.122480][ T6542] FAULT_INJECTION: forcing a failure.
[  105.122480][ T6542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.137956][ T6542] CPU: 0 UID: 0 PID: 6542 Comm: syz.1.173 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  105.137982][ T6542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  105.137991][ T6542] Call Trace:
[  105.137996][ T6542]  <TASK>
[  105.138002][ T6542]  dump_stack_lvl+0x16c/0x1f0
[  105.138028][ T6542]  should_fail_ex+0x50a/0x650
[  105.138061][ T6542]  _copy_from_user+0x2e/0xd0
[  105.138079][ T6542]  __sys_bpf+0x21c/0x49c0
[  105.138097][ T6542]  ? __pfx_lock_release+0x10/0x10
[  105.138120][ T6542]  ? __pfx___sys_bpf+0x10/0x10
[  105.138135][ T6542]  ? vfs_write+0x306/0x1150
[  105.138156][ T6542]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  105.138178][ T6542]  ? fput+0x67/0x440
[  105.138189][ T6542]  ? ksys_write+0x1ba/0x250
[  105.138199][ T6542]  ? __pfx_ksys_write+0x10/0x10
[  105.138217][ T6542]  __x64_sys_bpf+0x78/0xc0
[  105.138234][ T6542]  ? lockdep_hardirqs_on+0x7c/0x110
[  105.138254][ T6542]  do_syscall_64+0xcd/0x250
[  105.138276][ T6542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.138294][ T6542] RIP: 0033:0x7f6e3b18d169
[  105.138303][ T6542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.138312][ T6542] RSP: 002b:00007f6e3bf96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  105.138322][ T6542] RAX: ffffffffffffffda RBX: 00007f6e3b3a6080 RCX: 00007f6e3b18d169
[  105.138328][ T6542] RDX: 0000000000000020 RSI: 0000200000000080 RDI: 0000000000000012
[  105.138334][ T6542] RBP: 00007f6e3bf96090 R08: 0000000000000000 R09: 0000000000000000
[  105.138340][ T6542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.138347][ T6542] R13: 0000000000000001 R14: 00007f6e3b3a6080 R15: 00007ffc247757e8
[  105.138367][ T6542]  </TASK>
[  105.405997][   T52] holtek 0003:1241:5015.0003: unknown main item tag 0x0
[  105.428907][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.468243][   T52] holtek 0003:1241:5015.0003: unknown main item tag 0x0
[  105.549164][ T6548] capability: warning: `syz.3.176' uses deprecated v2 capabilities in a way that may be insecure
[  105.598619][ T6531] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.605419][   T52] holtek 0003:1241:5015.0003: unknown main item tag 0x0
[  105.614288][   T52] holtek 0003:1241:5015.0003: unknown main item tag 0x0
[  105.621781][   T52] holtek 0003:1241:5015.0003: unknown main item tag 0x0
[  105.625246][ T6531] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.636416][   T52] holtek 0003:1241:5015.0003: hidraw0: USB HID vff.ff Device [HID 1241:5015] on usb-dummy_hcd.2-1/input0
[  105.646819][ T6531] bridge_slave_0: entered allmulticast mode
[  105.781190][ T6551] netlink: 'syz.1.174': attribute type 1 has an invalid length.
[  105.788888][ T6551] netlink: 224 bytes leftover after parsing attributes in process `syz.1.174'.
[  105.804346][   T52] holtek 0003:1241:5015.0003: no inputs found
[  105.818874][   T52] usb 3-1: USB disconnect, device number 7
[  105.933369][ T6550] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  105.939553][ T6550] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  106.157975][ T6531] bridge_slave_0: entered promiscuous mode
[  106.171230][   T30] audit: type=1400 audit(1742745753.015:376): avc:  denied  { write } for  pid=6544 comm="syz.1.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  106.176194][ T6531] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.212883][ T6531] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.225812][ T6550] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  106.232782][ T6550] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  106.244612][ T6531] bridge_slave_1: entered allmulticast mode
[  106.258377][ T6531] bridge_slave_1: entered promiscuous mode
[  106.258730][ T6550] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  106.270335][ T6550] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  106.315872][ T6550] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  106.321856][ T6550] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  106.359697][ T6550] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  106.365896][ T6550] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  106.526162][ T6531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.550936][ T5838] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  106.603768][ T6531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.620581][ T6563] netlink: 4 bytes leftover after parsing attributes in process `syz.2.179'.
[  106.682058][ T6565] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  106.750035][ T5838] usb 1-1: Using ep0 maxpacket: 16
[  106.750468][ T6531] team0: Port device team_slave_0 added
[  106.756517][ T5838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.807424][   T30] audit: type=1400 audit(1742745753.865:377): avc:  denied  { search } for  pid=5488 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  106.829314][ T5838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.834773][ T6531] team0: Port device team_slave_1 added
[  106.867292][ T5838] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  106.906867][ T5838] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  106.949777][ T5838] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.002419][ T5838] usb 1-1: config 0 descriptor??
[  107.032957][   T30] audit: type=1400 audit(1742745753.865:378): avc:  denied  { read } for  pid=5488 comm="dhcpcd" name="n101" dev="tmpfs" ino=2628 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  107.055120][   T30] audit: type=1400 audit(1742745753.865:379): avc:  denied  { open } for  pid=5488 comm="dhcpcd" path="/run/udev/data/n101" dev="tmpfs" ino=2628 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  107.078135][   T30] audit: type=1400 audit(1742745753.865:380): avc:  denied  { getattr } for  pid=5488 comm="dhcpcd" path="/run/udev/data/n101" dev="tmpfs" ino=2628 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  107.130697][   T12] bridge_slave_1: left allmulticast mode
[  107.162034][   T12] bridge_slave_1: left promiscuous mode
[  107.332622][ T5868] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  107.715513][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.718736][ T5838] hid (null): report_id 0 is invalid
[  107.957712][   T12] bridge_slave_0: left allmulticast mode
[  107.962409][ T5838] shield 0003:0955:7214.0004: unknown main item tag 0x4
[  107.990776][   T30] audit: type=1400 audit(1742745755.045:381): avc:  denied  { search } for  pid=5176 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  107.999928][ T5838] shield 0003:0955:7214.0004: report_id 0 is invalid
[  108.017442][   T12] bridge_slave_0: left promiscuous mode
[  108.026079][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.103472][ T6573] netlink: 'syz.2.182': attribute type 1 has an invalid length.
[  108.111492][ T5868] usb 2-1: Using ep0 maxpacket: 16
[  108.136179][ T5838] shield 0003:0955:7214.0004: item 0 0 1 8 parsing failed
[  108.146917][ T6573] netlink: 197260 bytes leftover after parsing attributes in process `syz.2.182'.
[  108.156957][ T5838] shield 0003:0955:7214.0004: Parse failed
[  108.176837][ T5868] usb 2-1: unable to get BOS descriptor or descriptor too short
[  108.185663][   T30] audit: type=1400 audit(1742745755.245:382): avc:  denied  { read } for  pid=6586 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  108.209631][ T5838] shield 0003:0955:7214.0004: probe with driver shield failed with error -22
[  108.230355][ T5868] usb 2-1: config 8 has an invalid interface number: 64 but max is 0
[  108.238455][ T5868] usb 2-1: config 8 has no interface number 0
[  108.250162][   T30] audit: type=1400 audit(1742745755.265:383): avc:  denied  { open } for  pid=6586 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  108.310648][ T5868] usb 2-1: config 8 interface 64 has no altsetting 0
[  108.359375][ T5868] usb 2-1: New USB device found, idVendor=19d2, idProduct=64c6, bcdDevice= e.34
[  108.394604][ T5868] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.428502][ T5868] usb 2-1: Product: syz
[  108.444873][ T5868] usb 2-1: Manufacturer: syz
[  108.468760][ T5868] usb 2-1: SerialNumber: syz
[  108.626335][ T6596] netlink: 'syz.2.184': attribute type 10 has an invalid length.
[  108.751395][ T5868] usb 2-1: bad CDC descriptors
[  108.790294][ T5868] usb 2-1: USB disconnect, device number 3
[  109.094668][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  109.106941][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  109.122081][   T12] bond0 (unregistering): Released all slaves
[  109.142412][ T6531] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.149480][ T6531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.175885][ T6531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.245853][ T6596] macvlan0: entered promiscuous mode
[  109.251260][ T6596] macvlan0: entered allmulticast mode
[  109.260190][ T6596] veth1_vlan: entered allmulticast mode
[  109.267898][ T6596] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  109.366969][ T6531] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.376671][ T6531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.420022][ T6531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.568397][ T5868] usb 1-1: USB disconnect, device number 6
[  109.703604][ T6531] hsr_slave_0: entered promiscuous mode
[  109.729141][ T6531] hsr_slave_1: entered promiscuous mode
[  109.786113][ T6531] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.843803][ T6531] Cannot create hsr debugfs directory
[  110.213698][   T12] hsr_slave_0: left promiscuous mode
[  110.303953][   T12] hsr_slave_1: left promiscuous mode
[  110.328047][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  110.335588][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  110.427936][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  110.455820][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  110.531119][ T6623] netlink: 'syz.1.189': attribute type 4 has an invalid length.
[  110.571173][   T12] veth1_macvtap: left promiscuous mode
[  110.576953][   T12] veth0_macvtap: left promiscuous mode
[  110.590171][   T12] veth1_vlan: left promiscuous mode
[  110.600220][   T12] veth0_vlan: left promiscuous mode
[  110.782383][ T6629] openvswitch: netlink: IPv4 frag type 255 is out of range max 2
[  111.419369][   T12] team0 (unregistering): Port device team_slave_1 removed
[  111.495574][   T12] team0 (unregistering): Port device team_slave_0 removed
[  111.587163][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  111.587178][   T30] audit: type=1400 audit(1742745758.645:395): avc:  denied  { create } for  pid=6631 comm="syz.3.192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  112.294433][ T6641] FAULT_INJECTION: forcing a failure.
[  112.294433][ T6641] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.307850][ T6641] CPU: 0 UID: 0 PID: 6641 Comm: syz.0.193 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  112.307872][ T6641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  112.307881][ T6641] Call Trace:
[  112.307886][ T6641]  <TASK>
[  112.307893][ T6641]  dump_stack_lvl+0x16c/0x1f0
[  112.307921][ T6641]  should_fail_ex+0x50a/0x650
[  112.307951][ T6641]  _copy_from_user+0x2e/0xd0
[  112.307970][ T6641]  copy_msghdr_from_user+0x99/0x160
[  112.307996][ T6641]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  112.308032][ T6641]  ___sys_sendmsg+0xff/0x1e0
[  112.308058][ T6641]  ? __pfx____sys_sendmsg+0x10/0x10
[  112.308092][ T6641]  ? __pfx_lock_release+0x10/0x10
[  112.308114][ T6641]  ? trace_lock_acquire+0x14e/0x1f0
[  112.308167][ T6641]  ? __fget_files+0x206/0x3a0
[  112.308190][ T6641]  __sys_sendmsg+0x16e/0x220
[  112.308215][ T6641]  ? __pfx___sys_sendmsg+0x10/0x10
[  112.308256][ T6641]  do_syscall_64+0xcd/0x250
[  112.308282][ T6641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.308305][ T6641] RIP: 0033:0x7f96d8b8d169
[  112.308318][ T6641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.308340][ T6641] RSP: 002b:00007f96d99e0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  112.308356][ T6641] RAX: ffffffffffffffda RBX: 00007f96d8da6080 RCX: 00007f96d8b8d169
[  112.308367][ T6641] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000008
[  112.308376][ T6641] RBP: 00007f96d99e0090 R08: 0000000000000000 R09: 0000000000000000
[  112.308386][ T6641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.308395][ T6641] R13: 0000000000000000 R14: 00007f96d8da6080 R15: 00007ffecd17e928
[  112.308417][ T6641]  </TASK>
[  112.845341][   T30] audit: type=1400 audit(1742745759.905:396): avc:  denied  { ioctl } for  pid=6645 comm="syz.1.194" path="socket:[11152]" dev="sockfs" ino=11152 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  113.110073][   T30] audit: type=1400 audit(1742745760.155:397): avc:  denied  { write } for  pid=6654 comm="syz.0.196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  113.220144][   T52] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  113.550069][   T52] usb 2-1: Using ep0 maxpacket: 8
[  113.609878][   T52] usb 2-1: config 0 has an invalid interface number: 186 but max is 0
[  113.873722][   T52] usb 2-1: config 0 has no interface number 0
[  113.879851][   T52] usb 2-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  113.908190][   T52] usb 2-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  113.942262][   T52] usb 2-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  113.969997][   T52] usb 2-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  114.000588][   T52] usb 2-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  114.063673][   T52] usb 2-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  114.072895][ T6531] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  114.097753][ T6531] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  114.104609][   T52] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.104634][   T52] usb 2-1: Product: syz
[  114.104648][   T52] usb 2-1: Manufacturer: syz
[  114.104663][   T52] usb 2-1: SerialNumber: syz
[  114.135212][   T52] usb 2-1: config 0 descriptor??
[  114.196048][ T6531] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  114.206352][ T6671] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  114.254086][ T6671] SET target dimension over the limit!
[  114.264810][   T30] audit: type=1400 audit(1742745761.315:398): avc:  denied  { setopt } for  pid=6670 comm="syz.0.200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  114.303407][   T30] audit: type=1400 audit(1742745761.325:399): avc:  denied  { write } for  pid=6670 comm="syz.0.200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  114.328215][ T6667] syzkaller0: entered promiscuous mode
[  114.369649][ T6667] syzkaller0: entered allmulticast mode
[  114.433840][   T52] iowarrior 2-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0
[  114.439859][ T6673] netlink: 12 bytes leftover after parsing attributes in process `syz.0.200'.
[  114.489073][ T6675] openvswitch: netlink: Key type 308 is out of range max 32
[  114.508233][ T6531] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  114.571524][ T5903] usb 2-1: USB disconnect, device number 4
[  115.197332][   T30] audit: type=1400 audit(1742745762.255:400): avc:  denied  { mount } for  pid=6680 comm="syz.1.202" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  115.816628][   T30] audit: type=1400 audit(1742745762.855:401): avc:  denied  { write } for  pid=6683 comm="syz.2.203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  116.137997][   T30] audit: type=1400 audit(1742745763.195:402): avc:  denied  { unmount } for  pid=5818 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  116.232775][ T6692] FAULT_INJECTION: forcing a failure.
[  116.232775][ T6692] name failslab, interval 1, probability 0, space 0, times 0
[  116.252202][ T6692] CPU: 1 UID: 0 PID: 6692 Comm: syz.1.204 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  116.252226][ T6692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  116.252235][ T6692] Call Trace:
[  116.252240][ T6692]  <TASK>
[  116.252246][ T6692]  dump_stack_lvl+0x16c/0x1f0
[  116.252271][ T6692]  should_fail_ex+0x50a/0x650
[  116.252299][ T6692]  ? fs_reclaim_acquire+0xae/0x150
[  116.252323][ T6692]  ? vhost_task_create+0xe6/0x2e0
[  116.252342][ T6692]  should_failslab+0xc2/0x120
[  116.252359][ T6692]  __kmalloc_cache_noprof+0x68/0x410
[  116.252383][ T6692]  ? rcu_is_watching+0x12/0xc0
[  116.252400][ T6692]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  116.252424][ T6692]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  116.252440][ T6692]  vhost_task_create+0xe6/0x2e0
[  116.252459][ T6692]  ? __pfx_vhost_task_create+0x10/0x10
[  116.252477][ T6692]  ? kvm_mmu_post_init_vm+0xb4/0x370
[  116.252502][ T6692]  ? __pfx_vhost_task_fn+0x10/0x10
[  116.252523][ T6692]  ? lock_acquire.part.0+0x11b/0x380
[  116.252544][ T6692]  ? find_held_lock+0x2d/0x110
[  116.252566][ T6692]  kvm_mmu_post_init_vm+0x1b7/0x370
[  116.252587][ T6692]  kvm_arch_vcpu_ioctl_run+0x66/0x17f0
[  116.252605][ T6692]  ? lock_acquire+0x2f/0xb0
[  116.252624][ T6692]  ? kvm_vcpu_ioctl+0x14be/0x16b0
[  116.252643][ T6692]  kvm_vcpu_ioctl+0x5ea/0x16b0
[  116.252661][ T6692]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  116.252683][ T6692]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  116.252707][ T6692]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  116.252731][ T6692]  ? __pfx_lock_release+0x10/0x10
[  116.252760][ T6692]  ? selinux_file_ioctl+0x180/0x270
[  116.252780][ T6692]  ? selinux_file_ioctl+0xb4/0x270
[  116.252802][ T6692]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  116.252819][ T6692]  __x64_sys_ioctl+0x190/0x200
[  116.252840][ T6692]  do_syscall_64+0xcd/0x250
[  116.252861][ T6692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.252881][ T6692] RIP: 0033:0x7f6e3b18d169
[  116.252893][ T6692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.252906][ T6692] RSP: 002b:00007f6e3bfb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  116.252921][ T6692] RAX: ffffffffffffffda RBX: 00007f6e3b3a5fa0 RCX: 00007f6e3b18d169
[  116.252930][ T6692] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  116.252938][ T6692] RBP: 00007f6e3bfb7090 R08: 0000000000000000 R09: 0000000000000000
[  116.252947][ T6692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.252956][ T6692] R13: 0000000000000000 R14: 00007f6e3b3a5fa0 R15: 00007ffc247757e8
[  116.252975][ T6692]  </TASK>
[  116.596624][   T30] audit: type=1400 audit(1742745763.655:403): avc:  denied  { connect } for  pid=6693 comm="syz.1.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  116.841246][ T6671] netlink: 71 bytes leftover after parsing attributes in process `syz.0.200'.
[  116.951455][   T30] audit: type=1400 audit(1742745764.005:404): avc:  denied  { create } for  pid=6695 comm="syz.1.206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  117.356479][   T30] audit: type=1400 audit(1742745764.005:405): avc:  denied  { ioctl } for  pid=6695 comm="syz.1.206" path="socket:[12334]" dev="sockfs" ino=12334 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  117.454766][ T6531] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.491504][ T6531] 8021q: adding VLAN 0 to HW filter on device team0
[  117.513275][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.521340][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.620507][ T6463] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.627596][ T6463] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.730878][ T5904] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  117.781562][ T6531] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  117.807480][ T6719] trusted_key: encrypted_key: insufficient parameters specified
[  117.917785][ T5904] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  117.926901][   T30] audit: type=1400 audit(1742745764.935:406): avc:  denied  { setopt } for  pid=6715 comm="syz.1.210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  118.020344][ T5904] usb 3-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  118.128932][ T5904] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  118.139184][   T30] audit: type=1400 audit(1742745765.185:407): avc:  denied  { ioctl } for  pid=6720 comm="syz.3.211" path="socket:[11941]" dev="sockfs" ino=11941 ioctlcmd=0x6721 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  118.655766][ T5904] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12336, setting to 64
[  119.245367][ T5904] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  119.280505][ T5904] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  119.304874][ T5904] usb 3-1: Product: syz
[  119.309087][ T5904] usb 3-1: Manufacturer: syz
[  119.376816][ T5904] cdc_wdm 3-1:1.0: skipping garbage
[  119.415884][ T5904] cdc_wdm 3-1:1.0: skipping garbage
[  119.430264][ T6531] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.444610][ T5904] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22
[  120.188434][ T6531] veth0_vlan: entered promiscuous mode
[  120.223586][ T6531] veth1_vlan: entered promiscuous mode
[  120.235794][ T6750] syz.1.214: attempt to access beyond end of device
[  120.235794][ T6750] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0
[  120.277809][ T6750] XFS (nbd1): SB validate failed with error -5.
[  120.294989][ T6531] veth0_macvtap: entered promiscuous mode
[  120.303466][ T6531] veth1_macvtap: entered promiscuous mode
[  120.318013][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.329331][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.340299][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.350816][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.376568][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.404504][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.421380][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.464626][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.579676][   T30] audit: type=1400 audit(1742745767.565:408): avc:  denied  { connect } for  pid=6757 comm="syz.0.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  121.070661][ T6531] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.101969][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.116448][ T5903] usb 3-1: USB disconnect, device number 8
[  121.292634][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.378179][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.397902][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.439263][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.460130][    T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  121.493935][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.544564][ T6531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.593627][ T6531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.630130][    T9] usb 4-1: Using ep0 maxpacket: 16
[  121.631073][ T6531] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.649315][    T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  121.667072][    T9] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7
[  121.693248][    T9] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  121.732821][ T6531] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.746889][    T9] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  121.750056][ T6531] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.760027][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.764741][ T5903] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  121.784061][    T9] usb 4-1: Product: syz
[  121.795026][    T9] usb 4-1: Manufacturer: syz
[  121.799768][    T9] usb 4-1: SerialNumber: syz
[  121.925306][ T6531] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.062149][ T6531] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.147425][ T5903] usb 3-1: Using ep0 maxpacket: 32
[  122.209540][ T1128] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.237108][   T30] audit: type=1400 audit(1742745769.295:409): avc:  denied  { write } for  pid=6780 comm="syz.0.219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  122.306211][   T30] audit: type=1400 audit(1742745769.335:410): avc:  denied  { read } for  pid=6772 comm="syz.3.217" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  122.407900][ T1128] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.416556][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.435309][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.455928][ T5903] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  122.465215][ T5903] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.475561][ T5903] usb 3-1: config 0 descriptor??
[  122.492178][ T5903] hub 3-1:0.0: USB hub found
[  122.510474][   T30] audit: type=1400 audit(1742745769.335:411): avc:  denied  { open } for  pid=6772 comm="syz.3.217" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  123.043540][ T1157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.060368][ T1157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.068840][   T30] audit: type=1400 audit(1742745769.625:412): avc:  denied  { connect } for  pid=6772 comm="syz.3.217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  123.108587][   T30] audit: type=1400 audit(1742745770.165:413): avc:  denied  { mounton } for  pid=6531 comm="syz-executor" path="/root/syzkaller.g8lhgq/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  123.264838][ T5903] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  123.305936][ T5903] usbhid 3-1:0.0: can't add hid device: -71
[  123.327276][ T5903] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  123.398815][ T5903] usb 3-1: USB disconnect, device number 9
[  123.736386][ T6805] RDS: rds_bind could not find a transport for ::ffff:172.30.0.6, load rds_tcp or rds_rdma?
[  124.368407][    T9] usb 4-1: USB disconnect, device number 7
[  124.415431][ T6815] FAULT_INJECTION: forcing a failure.
[  124.415431][ T6815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.465288][ T6815] CPU: 1 UID: 0 PID: 6815 Comm: syz.2.222 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  124.465311][ T6815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  124.465323][ T6815] Call Trace:
[  124.465328][ T6815]  <TASK>
[  124.465334][ T6815]  dump_stack_lvl+0x16c/0x1f0
[  124.465361][ T6815]  should_fail_ex+0x50a/0x650
[  124.465388][ T6815]  _copy_from_user+0x2e/0xd0
[  124.465405][ T6815]  ucma_write+0x129/0x330
[  124.465426][ T6815]  ? __pfx_ucma_write+0x10/0x10
[  124.465445][ T6815]  ? bpf_lsm_file_permission+0x9/0x10
[  124.465461][ T6815]  ? security_file_permission+0x71/0x210
[  124.465486][ T6815]  ? rw_verify_area+0xcf/0x680
[  124.465508][ T6815]  ? __pfx_ucma_write+0x10/0x10
[  124.465526][ T6815]  vfs_write+0x24c/0x1150
[  124.465551][ T6815]  ? __fget_files+0x1fc/0x3a0
[  124.465567][ T6815]  ? __pfx_lock_release+0x10/0x10
[  124.465590][ T6815]  ? __pfx_vfs_write+0x10/0x10
[  124.465615][ T6815]  ? lock_acquire+0x2f/0xb0
[  124.465635][ T6815]  ? __fget_files+0x40/0x3a0
[  124.465653][ T6815]  ? __fget_files+0x206/0x3a0
[  124.465675][ T6815]  ksys_write+0x207/0x250
[  124.465689][ T6815]  ? __pfx_ksys_write+0x10/0x10
[  124.465710][ T6815]  do_syscall_64+0xcd/0x250
[  124.465735][ T6815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.465756][ T6815] RIP: 0033:0x7f22e958d169
[  124.465769][ T6815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.465784][ T6815] RSP: 002b:00007f22ea3ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  124.465801][ T6815] RAX: ffffffffffffffda RBX: 00007f22e97a5fa0 RCX: 00007f22e958d169
[  124.465812][ T6815] RDX: 0000000000000018 RSI: 0000200000000ec0 RDI: 0000000000000003
[  124.465822][ T6815] RBP: 00007f22ea3ba090 R08: 0000000000000000 R09: 0000000000000000
[  124.465831][ T6815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.465840][ T6815] R13: 0000000000000000 R14: 00007f22e97a5fa0 R15: 00007fff7d47e098
[  124.465862][ T6815]  </TASK>
[  124.609856][ T6816] netlink: 52 bytes leftover after parsing attributes in process `syz.3.224'.
[  124.738550][   T30] audit: type=1400 audit(1742745771.795:414): avc:  denied  { read } for  pid=6819 comm="syz.2.225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  124.813844][ T6819] mmap: syz.2.225 (6819): VmData 37597184 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  124.871548][ T5919] udevd[5919]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  124.913285][   T30] audit: type=1400 audit(1742745771.795:415): avc:  denied  { connect } for  pid=6819 comm="syz.2.225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  124.947723][ T6818] sp0: Synchronizing with TNC
[  125.004346][   T30] audit: type=1400 audit(1742745771.795:416): avc:  denied  { write } for  pid=6819 comm="syz.2.225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  125.056387][   T30] audit: type=1400 audit(1742745772.115:417): avc:  denied  { search } for  pid=6829 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  125.139480][   T30] audit: type=1400 audit(1742745772.145:418): avc:  denied  { read write } for  pid=6531 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  125.340265][ T5869] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  125.719453][ T5869] usb 4-1: Using ep0 maxpacket: 16
[  126.225094][ T5869] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  126.238832][ T5869] usb 4-1: config 0 interface 0 has no altsetting 0
[  126.263978][ T5869] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=9d.3d
[  126.274046][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.282377][ T5869] usb 4-1: Product: syz
[  126.288456][ T5869] usb 4-1: Manufacturer: syz
[  126.295248][ T5869] usb 4-1: SerialNumber: syz
[  126.308618][ T5869] usb 4-1: config 0 descriptor??
[  126.315853][ T5869] hub 4-1:0.0: bad descriptor, ignoring hub
[  126.327546][ T5869] hub 4-1:0.0: probe with driver hub failed with error -5
[  126.359119][ T5869] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  126.505053][   T54] usb 4-1: Failed to submit usb control message: -71
[  126.514769][   T54] usb 4-1: unable to send the bmi data to the device: -71
[  126.543852][ T5869] usb 4-1: USB disconnect, device number 8
[  126.551405][ T6813] [U] è
[  126.576125][   T54] usb 4-1: unable to get target info from device
[  126.621900][   T54] usb 4-1: could not get target info (-71)
[  126.634906][   T54] usb 4-1: could not probe fw (-71)
[  127.276346][   T30] kauditd_printk_skb: 44 callbacks suppressed
[  127.276382][   T30] audit: type=1400 audit(1742745774.305:463): avc:  denied  { write } for  pid=6829 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1707 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  127.457873][   T30] audit: type=1400 audit(1742745774.375:464): avc:  denied  { add_name } for  pid=6829 comm="dhcpcd-run-hook" name="resolv.conf.lapb7.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  127.596104][   T30] audit: type=1400 audit(1742745774.375:465): avc:  denied  { create } for  pid=6829 comm="dhcpcd-run-hook" name="resolv.conf.lapb7.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  127.644289][   T30] audit: type=1400 audit(1742745774.375:466): avc:  denied  { write } for  pid=6829 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.lapb7.link" dev="tmpfs" ino=2914 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  127.671008][   T30] audit: type=1400 audit(1742745774.375:467): avc:  denied  { append } for  pid=6829 comm="dhcpcd-run-hook" name="resolv.conf.lapb7.link" dev="tmpfs" ino=2914 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  127.695810][   T30] audit: type=1400 audit(1742745774.405:468): avc:  denied  { bind } for  pid=6866 comm="syz.1.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  127.716843][   T30] audit: type=1400 audit(1742745774.405:469): avc:  denied  { setopt } for  pid=6866 comm="syz.1.233" laddr=fe80::b lport=7 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  127.740418][   T30] audit: type=1400 audit(1742745774.405:470): avc:  denied  { write } for  pid=6866 comm="syz.1.233" laddr=fe80::b lport=7 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  127.763189][   T30] audit: type=1400 audit(1742745774.425:471): avc:  denied  { sys_module } for  pid=6855 comm="syz.5.232" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  127.784800][   T30] audit: type=1400 audit(1742745774.745:472): avc:  denied  { remove_name } for  pid=6870 comm="rm" name="resolv.conf.lapb7.link" dev="tmpfs" ino=2914 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  128.430021][ T5869] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  128.468459][ T6888] netlink: 4104 bytes leftover after parsing attributes in process `syz.1.238'.
[  128.593247][ T5869] usb 4-1: unable to get BOS descriptor or descriptor too short
[  128.605916][ T5869] usb 4-1: config 10 has an invalid interface number: 166 but max is 1
[  128.618180][ T5869] usb 4-1: config 10 has an invalid interface number: 113 but max is 1
[  128.830145][ T5869] usb 4-1: config 10 has no interface number 0
[  128.948627][ T5869] usb 4-1: config 10 has no interface number 1
[  128.960874][ T5869] usb 4-1: config 10 interface 113 has no altsetting 0
[  128.983732][ T5869] usb 4-1: New USB device found, idVendor=1199, idProduct=c081, bcdDevice=9c.df
[  128.997401][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.042371][ T5869] usb 4-1: Product: syz
[  129.142624][ T5869] usb 4-1: Manufacturer: syz
[  129.149680][ T5869] usb 4-1: SerialNumber: syz
[  130.270443][ T5869] usb 4-1: USB disconnect, device number 9
[  130.405071][ T6914] FAULT_INJECTION: forcing a failure.
[  130.405071][ T6914] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  130.424306][ T6914] CPU: 1 UID: 0 PID: 6914 Comm: syz.1.243 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  130.424331][ T6914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  130.424341][ T6914] Call Trace:
[  130.424346][ T6914]  <TASK>
[  130.424352][ T6914]  dump_stack_lvl+0x16c/0x1f0
[  130.424382][ T6914]  should_fail_ex+0x50a/0x650
[  130.424407][ T6914]  ? __pfx___might_resched+0x10/0x10
[  130.424436][ T6914]  should_fail_alloc_page+0xe7/0x130
[  130.424458][ T6914]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  130.424488][ T6914]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  130.424508][ T6914]  ? __pfx_mark_lock+0x10/0x10
[  130.424532][ T6914]  ? __pfx_mark_lock+0x10/0x10
[  130.424554][ T6914]  ? hlock_class+0x4e/0x130
[  130.424574][ T6914]  ? hlock_class+0x4e/0x130
[  130.424591][ T6914]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  130.424610][ T6914]  ? hlock_class+0x4e/0x130
[  130.424627][ T6914]  ? mark_lock+0xb5/0xc60
[  130.424653][ T6914]  ? mark_lock+0xb5/0xc60
[  130.424674][ T6914]  ? __pfx___lock_acquire+0x10/0x10
[  130.424699][ T6914]  ? __pfx_mark_lock+0x10/0x10
[  130.424719][ T6914]  ? mark_lock+0xb5/0xc60
[  130.424741][ T6914]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  130.424768][ T6914]  ? policy_nodemask+0xea/0x4e0
[  130.424790][ T6914]  alloc_pages_mpol+0x1fc/0x540
[  130.424810][ T6914]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  130.424831][ T6914]  ? find_held_lock+0x2d/0x110
[  130.424853][ T6914]  folio_alloc_mpol_noprof+0x36/0x2f0
[  130.424876][ T6914]  vma_alloc_folio_noprof+0xee/0x1b0
[  130.424898][ T6914]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  130.424921][ T6914]  ? __pfx___lock_acquire+0x10/0x10
[  130.424948][ T6914]  do_wp_page+0x105a/0x4670
[  130.424979][ T6914]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  130.425002][ T6914]  ? __pfx_do_wp_page+0x10/0x10
[  130.425024][ T6914]  ? rcu_is_watching+0x12/0xc0
[  130.425045][ T6914]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  130.425061][ T6914]  ? lock_acquire+0x2f/0xb0
[  130.425082][ T6914]  ? __handle_mm_fault+0xdfa/0x2a40
[  130.425103][ T6914]  __handle_mm_fault+0x1ade/0x2a40
[  130.425128][ T6914]  ? __pfx___handle_mm_fault+0x10/0x10
[  130.425144][ T6914]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  130.425182][ T6914]  ? find_vma+0xc0/0x140
[  130.425204][ T6914]  ? __pfx_find_vma+0x10/0x10
[  130.425230][ T6914]  handle_mm_fault+0x3fa/0xaa0
[  130.425253][ T6914]  do_user_addr_fault+0x7a3/0x13f0
[  130.425282][ T6914]  exc_page_fault+0x5c/0xc0
[  130.425308][ T6914]  asm_exc_page_fault+0x26/0x30
[  130.425329][ T6914] RIP: 0010:__put_user_4+0x11/0x20
[  130.425355][ T6914] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  130.425370][ T6914] RSP: 0018:ffffc90005117d58 EFLAGS: 00050206
[  130.425384][ T6914] RAX: 00000000fffffff2 RBX: 0000000000000000 RCX: 0000200000003000
[  130.425395][ T6914] RDX: ffff888025fd2440 RSI: ffffffff821ea5a2 RDI: ffffffff8bd36a20
[  130.425404][ T6914] RBP: 00000000fffffff2 R08: 0000000000000000 R09: fffffbfff20c4d82
[  130.425413][ T6914] R10: ffffffff90626c17 R11: 0000000000000000 R12: dffffc0000000000
[  130.425423][ T6914] R13: 0000200000000000 R14: 0000000000000000 R15: ffff888025fd2440
[  130.425440][ T6914]  ? kernel_move_pages+0xca2/0x1560
[  130.425463][ T6914]  kernel_move_pages+0xcb6/0x1560
[  130.425491][ T6914]  ? __pfx_kernel_move_pages+0x10/0x10
[  130.425516][ T6914]  ? fput+0x67/0x440
[  130.425536][ T6914]  ? ksys_write+0x1ba/0x250
[  130.425549][ T6914]  ? __pfx_ksys_write+0x10/0x10
[  130.425566][ T6914]  __x64_sys_move_pages+0xe0/0x1c0
[  130.425587][ T6914]  ? do_syscall_64+0x91/0x250
[  130.425610][ T6914]  ? lockdep_hardirqs_on+0x7c/0x110
[  130.425630][ T6914]  do_syscall_64+0xcd/0x250
[  130.425652][ T6914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.425673][ T6914] RIP: 0033:0x7f6e3b18d169
[  130.425686][ T6914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.425701][ T6914] RSP: 002b:00007f6e3bfb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  130.425716][ T6914] RAX: ffffffffffffffda RBX: 00007f6e3b3a5fa0 RCX: 00007f6e3b18d169
[  130.425727][ T6914] RDX: 0000200000000040 RSI: 0000000000002064 RDI: 0000000000000000
[  130.425736][ T6914] RBP: 00007f6e3bfb7090 R08: 0000200000000000 R09: 0000000000000000
[  130.425746][ T6914] R10: 0000200000001180 R11: 0000000000000246 R12: 0000000000000001
[  130.425755][ T6914] R13: 0000000000000001 R14: 00007f6e3b3a5fa0 R15: 00007ffc247757e8
[  130.425777][ T6914]  </TASK>
[  131.035680][ T6930] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  131.613496][ T6938] netlink: 'syz.1.247': attribute type 10 has an invalid length.
[  131.630044][ T6938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.247'.
[  131.960167][   T52] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[  132.303989][   T52] usb 6-1: config 2 has an invalid interface number: 222 but max is 0
[  132.408113][   T52] usb 6-1: config 2 has no interface number 0
[  132.517023][   T52] usb 6-1: New USB device found, idVendor=12d1, idProduct=ef21, bcdDevice=64.b0
[  132.540814][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  132.606227][   T52] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.900078][   T30] kauditd_printk_skb: 51 callbacks suppressed
[  132.900113][   T30] audit: type=1400 audit(1742745779.955:524): avc:  denied  { execute } for  pid=6933 comm="syz.5.249" path=2F6D656D66643A202864656C6574656429 dev="tmpfs" ino=1070 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  133.001351][   T52] usb 6-1: string descriptor 0 read error: -71
[  133.085785][   T52] hub 6-1:2.222: bad descriptor, ignoring hub
[  133.209572][   T52] hub 6-1:2.222: probe with driver hub failed with error -5
[  133.260245][   T26] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  133.299569][   T52] option 6-1:2.222: GSM modem (1-port) converter detected
[  133.491306][   T52] usb 6-1: USB disconnect, device number 2
[  133.510961][   T52] option 6-1:2.222: device disconnected
[  133.682844][   T30] audit: type=1400 audit(1742745780.685:525): avc:  denied  { create } for  pid=6952 comm="syz.0.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  133.701508][   T26] usb 2-1: config index 0 descriptor too short (expected 63186, got 210)
[  133.809858][   T26] usb 2-1: config 0 has an invalid interface number: 106 but max is 0
[  133.827197][   T30] audit: type=1400 audit(1742745780.685:526): avc:  denied  { shutdown } for  pid=6952 comm="syz.0.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  134.153051][   T26] usb 2-1: config 0 has an invalid descriptor of length 65, skipping remainder of the config
[  134.153072][   T30] audit: type=1400 audit(1742745780.685:527): avc:  denied  { connect } for  pid=6952 comm="syz.0.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  134.207398][   T30] audit: type=1400 audit(1742745780.685:528): avc:  denied  { name_connect } for  pid=6952 comm="syz.0.252" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  134.233045][   T30] audit: type=1400 audit(1742745780.695:529): avc:  denied  { accept } for  pid=6952 comm="syz.0.252" laddr=::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  134.254344][   T26] usb 2-1: config 0 has no interface number 0
[  134.254387][   T26] usb 2-1: config 0 interface 106 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  134.254408][   T26] usb 2-1: config 0 interface 106 altsetting 0 has an endpoint descriptor with address 0xFB, changing to 0x8B
[  134.254429][   T26] usb 2-1: config 0 interface 106 altsetting 0 endpoint 0x8B has invalid maxpacket 7971, setting to 64
[  134.254451][   T26] usb 2-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  134.326637][   T30] audit: type=1400 audit(1742745780.705:530): avc:  denied  { watch } for  pid=6945 comm="syz.2.250" path="/52/control" dev="tmpfs" ino=293 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  134.442722][   T26] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  134.496036][   T30] audit: type=1400 audit(1742745780.825:531): avc:  denied  { create } for  pid=6976 comm="syz.5.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  134.498868][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.522583][   T30] audit: type=1400 audit(1742745780.835:532): avc:  denied  { bind } for  pid=6976 comm="syz.5.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  134.594961][ T6990] netlink: 32 bytes leftover after parsing attributes in process `syz.3.259'.
[  134.615679][   T30] audit: type=1400 audit(1742745780.835:533): avc:  denied  { accept } for  pid=6976 comm="syz.5.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  134.734913][ T6990] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57103 sclass=netlink_route_socket pid=6990 comm=syz.3.259
[  134.788450][   T26] usb 2-1: config 0 descriptor??
[  134.805163][ T6963] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  134.825969][   T26] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  135.033726][ T6962] veth0_vlan: entered allmulticast mode
[  135.098498][ T7005] veth0_vlan: entered allmulticast mode
[  135.217786][ T7007] veth0_vlan: entered allmulticast mode
[  135.850267][ T6463] usb 2-1: Failed to submit usb control message: -110
[  135.861644][ T6463] usb 2-1: unable to send the bmi data to the device: -110
[  135.870615][ T6463] usb 2-1: unable to get target info from device
[  135.877035][ T6463] usb 2-1: could not get target info (-110)
[  135.883110][ T6463] usb 2-1: could not probe fw (-110)
[  136.014581][ T7015] veth0_vlan: entered allmulticast mode
[  136.105657][ T5904] usb 2-1: USB disconnect, device number 5
[  137.958352][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  137.958367][   T30] audit: type=1400 audit(1742745785.015:552): avc:  denied  { unmount } for  pid=6531 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  138.002695][    T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  138.638530][   T30] audit: type=1400 audit(1742745785.645:553): avc:  denied  { map } for  pid=7033 comm="syz.0.268" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  138.661974][    C0] vkms_vblank_simulate: vblank timer overrun
[  138.692179][   T30] audit: type=1400 audit(1742745785.655:554): avc:  denied  { execute } for  pid=7033 comm="syz.0.268" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  138.716636][ T7043] FAULT_INJECTION: forcing a failure.
[  138.716636][ T7043] name failslab, interval 1, probability 0, space 0, times 0
[  138.811575][ T7043] CPU: 0 UID: 0 PID: 7043 Comm: syz.1.270 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  138.811604][ T7043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  138.811614][ T7043] Call Trace:
[  138.811620][ T7043]  <TASK>
[  138.811626][ T7043]  dump_stack_lvl+0x16c/0x1f0
[  138.811656][ T7043]  should_fail_ex+0x50a/0x650
[  138.811683][ T7043]  ? fs_reclaim_acquire+0xae/0x150
[  138.811710][ T7043]  should_failslab+0xc2/0x120
[  138.811730][ T7043]  __kmalloc_node_noprof+0xd1/0x510
[  138.811754][ T7043]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  138.811786][ T7043]  __kvmalloc_node_noprof+0xad/0x1a0
[  138.811814][ T7043]  seq_read_iter+0x82a/0x12b0
[  138.811850][ T7043]  seq_read+0x39f/0x4e0
[  138.811875][ T7043]  ? __pfx_seq_read+0x10/0x10
[  138.811910][ T7043]  ? avc_policy_seqno+0x9/0x20
[  138.811933][ T7043]  ? __pfx_seq_read+0x10/0x10
[  138.811956][ T7043]  proc_reg_read+0x23d/0x330
[  138.811975][ T7043]  ? __pfx_proc_reg_read+0x10/0x10
[  138.811994][ T7043]  vfs_read+0x1df/0xbf0
[  138.812020][ T7043]  ? __fget_files+0x1fc/0x3a0
[  138.812044][ T7043]  ? __pfx___mutex_lock+0x10/0x10
[  138.812070][ T7043]  ? __pfx_vfs_read+0x10/0x10
[  138.812102][ T7043]  ? __fget_files+0x206/0x3a0
[  138.812127][ T7043]  ksys_read+0x12b/0x250
[  138.812152][ T7043]  ? __pfx_ksys_read+0x10/0x10
[  138.812185][ T7043]  do_syscall_64+0xcd/0x250
[  138.812211][ T7043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.812233][ T7043] RIP: 0033:0x7f6e3b18d169
[  138.812248][ T7043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.812265][ T7043] RSP: 002b:00007f6e3bfb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  138.812282][ T7043] RAX: ffffffffffffffda RBX: 00007f6e3b3a5fa0 RCX: 00007f6e3b18d169
[  138.812294][ T7043] RDX: 00000000000000c6 RSI: 0000200000000680 RDI: 0000000000000003
[  138.812304][ T7043] RBP: 00007f6e3bfb7090 R08: 0000000000000000 R09: 0000000000000000
[  138.812315][ T7043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.812325][ T7043] R13: 0000000000000000 R14: 00007f6e3b3a5fa0 R15: 00007ffc247757e8
[  138.812349][ T7043]  </TASK>
[  138.940154][   T30] audit: type=1400 audit(1742745785.685:555): avc:  denied  { read } for  pid=7033 comm="syz.0.268" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  138.941711][    C0] vkms_vblank_simulate: vblank timer overrun
[  138.946394][   T30] audit: type=1400 audit(1742745785.685:556): avc:  denied  { open } for  pid=7033 comm="syz.0.268" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  139.158092][    T9] usb 3-1: Using ep0 maxpacket: 8
[  139.271799][    T9] usb 3-1: device descriptor read/all, error -71
[  139.385125][   T30] audit: type=1400 audit(1742745786.445:557): avc:  denied  { create } for  pid=7056 comm="syz.1.274" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  139.759785][   T30] audit: type=1400 audit(1742745786.785:558): avc:  denied  { create } for  pid=7067 comm="syz.2.276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  140.132350][   T30] audit: type=1400 audit(1742745787.045:559): avc:  denied  { create } for  pid=7067 comm="syz.2.276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  140.909672][ T7071] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  140.970566][   T30] audit: type=1400 audit(1742745788.025:560): avc:  denied  { create } for  pid=7067 comm="syz.2.276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  141.046019][   T30] audit: type=1400 audit(1742745788.025:561): avc:  denied  { write } for  pid=7067 comm="syz.2.276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  142.370044][ T5904] usb 1-1: new low-speed USB device number 7 using dummy_hcd
[  143.390363][   T30] audit: type=1400 audit(1742745790.445:562): avc:  denied  { write } for  pid=7106 comm="syz.1.283" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  143.391749][ T5904] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  143.598215][ T5904] usb 1-1: config 0 has no interface number 0
[  143.605914][ T5904] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  143.617035][ T5904] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  143.628161][ T5904] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  143.637279][ T5904] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.649780][ T5904] usb 1-1: config 0 descriptor??
[  143.656159][ T7089] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  143.793625][ T5904] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  144.184039][ T5904] usb 1-1: USB disconnect, device number 7
[  144.222985][ T5869] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  144.245631][   T30] audit: type=1400 audit(1742745791.305:563): avc:  denied  { unlink } for  pid=7124 comm="syz.1.286" name="#7" dev="tmpfs" ino=403 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  144.269177][   T30] audit: type=1400 audit(1742745791.305:564): avc:  denied  { mount } for  pid=7124 comm="syz.1.286" name="/" dev="overlay" ino=398 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  144.300522][   T30] audit: type=1400 audit(1742745791.315:565): avc:  denied  { write } for  pid=7124 comm="syz.1.286" name="snmp" dev="proc" ino=4026532982 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  144.454474][ T5869] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  144.464870][ T5869] usb 3-1: config 0 interface 0 has no altsetting 0
[  144.473280][ T5869] usb 3-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  144.599568][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.226705][ T5869] usb 3-1: Product: syz
[  145.254722][   T30] audit: type=1400 audit(1742745792.295:566): avc:  denied  { append } for  pid=5176 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  145.315050][ T5869] usb 3-1: Manufacturer: syz
[  145.319667][ T5869] usb 3-1: SerialNumber: syz
[  145.364064][   T30] audit: type=1400 audit(1742745792.395:567): avc:  denied  { read write } for  pid=5816 comm="syz-executor" name="loop0" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  145.404321][ T5869] usb 3-1: config 0 descriptor??
[  145.421601][ T5869] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  145.467400][   T30] audit: type=1400 audit(1742745792.395:568): avc:  denied  { open } for  pid=5816 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  145.516190][ T5869] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  145.579703][   T30] audit: type=1400 audit(1742745792.395:569): avc:  denied  { ioctl } for  pid=5816 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=647 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  145.596186][ T5869] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  145.703447][   T30] audit: type=1400 audit(1742745792.415:570): avc:  denied  { search } for  pid=7136 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  145.747357][   T30] audit: type=1400 audit(1742745792.425:571): avc:  denied  { create } for  pid=7128 comm="syz.5.287" anonclass=[secretmem] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  145.788832][ T5869] usb 3-1: media controller created
[  145.828137][ T5869] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  145.972838][ T7158] FAULT_INJECTION: forcing a failure.
[  145.972838][ T7158] name failslab, interval 1, probability 0, space 0, times 0
[  146.029255][ T5869] DVB: Unable to find symbol tda10046_attach()
[  146.040274][ T7158] CPU: 0 UID: 0 PID: 7158 Comm: syz.5.292 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  146.040299][ T7158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  146.040309][ T7158] Call Trace:
[  146.040314][ T7158]  <TASK>
[  146.040321][ T7158]  dump_stack_lvl+0x16c/0x1f0
[  146.040351][ T7158]  should_fail_ex+0x50a/0x650
[  146.040376][ T7158]  ? fs_reclaim_acquire+0xae/0x150
[  146.040403][ T7158]  ? tomoyo_encode2+0x100/0x3e0
[  146.040426][ T7158]  should_failslab+0xc2/0x120
[  146.040445][ T7158]  __kmalloc_noprof+0xcb/0x510
[  146.040462][ T7158]  ? d_absolute_path+0x137/0x1b0
[  146.040483][ T7158]  ? rcu_is_watching+0x12/0xc0
[  146.040505][ T7158]  tomoyo_encode2+0x100/0x3e0
[  146.040532][ T7158]  tomoyo_encode+0x29/0x50
[  146.040555][ T7158]  tomoyo_realpath_from_path+0x19d/0x720
[  146.040587][ T7158]  tomoyo_path_number_perm+0x248/0x590
[  146.040607][ T7158]  ? tomoyo_path_number_perm+0x235/0x590
[  146.040630][ T7158]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  146.040677][ T7158]  ? __pfx_lock_release+0x10/0x10
[  146.040699][ T7158]  ? trace_lock_acquire+0x14e/0x1f0
[  146.040722][ T7158]  ? lock_acquire+0x2f/0xb0
[  146.040741][ T7158]  ? __fget_files+0x40/0x3a0
[  146.040760][ T7158]  ? __fget_files+0x206/0x3a0
[  146.040779][ T7158]  security_file_ioctl+0x9b/0x240
[  146.040819][ T7158]  __x64_sys_ioctl+0xb7/0x200
[  146.040843][ T7158]  do_syscall_64+0xcd/0x250
[  146.040867][ T7158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.040889][ T7158] RIP: 0033:0x7f0b5858d169
[  146.040902][ T7158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.040918][ T7158] RSP: 002b:00007f0b59347038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  146.040934][ T7158] RAX: ffffffffffffffda RBX: 00007f0b587a5fa0 RCX: 00007f0b5858d169
[  146.040945][ T7158] RDX: 0000200000000080 RSI: 00000000c0189379 RDI: 0000000000000004
[  146.040954][ T7158] RBP: 00007f0b59347090 R08: 0000000000000000 R09: 0000000000000000
[  146.040963][ T7158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.040971][ T7158] R13: 0000000000000000 R14: 00007f0b587a5fa0 R15: 00007ffe60fd97e8
[  146.040990][ T7158]  </TASK>
[  146.041002][ T7158] ERROR: Out of memory at tomoyo_realpath_from_path.
[  146.274231][ T5869] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  146.283145][ T5869] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  146.989768][ T5869] dvb_usb_m920x 3-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  147.020759][ T5869] usb 3-1: USB disconnect, device number 12
[  148.463058][ T7215] audit_log_lost: 60 callbacks suppressed
[  148.463069][ T7215] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  148.488237][ T7215] audit: out of memory in audit_log_start
[  148.550530][ T7215] netlink: 1256 bytes leftover after parsing attributes in process `syz.2.296'.
[  148.581209][   T30] audit: type=1400 audit(1742745795.645:632): avc:  denied  { read } for  pid=7213 comm="syz.5.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  148.611234][ T7219] netlink: 16 bytes leftover after parsing attributes in process `syz.5.298'.
[  148.630799][ T7215] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  148.663529][ T7219] netlink: 16 bytes leftover after parsing attributes in process `syz.5.298'.
[  148.894849][   T30] audit: type=1400 audit(1742745795.955:633): avc:  denied  { unmount } for  pid=5819 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  148.981776][   T30] audit: type=1400 audit(1742745796.045:634): avc:  denied  { create } for  pid=7225 comm="syz.2.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  149.042756][ T7232] netlink: zone id is out of range
[  149.048375][ T7232] netlink: zone id is out of range
[  149.051420][   T30] audit: type=1400 audit(1742745796.045:635): avc:  denied  { getopt } for  pid=7225 comm="syz.2.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  149.057035][ T7232] netlink: zone id is out of range
[  149.098526][ T7234] netlink: 644 bytes leftover after parsing attributes in process `syz.2.299'.
[  149.198811][   T30] audit: type=1400 audit(1742745796.085:636): avc:  denied  { setopt } for  pid=7225 comm="syz.2.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  149.265171][ T7238] FAULT_INJECTION: forcing a failure.
[  149.265171][ T7238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.278547][ T7238] CPU: 0 UID: 0 PID: 7238 Comm: syz.3.301 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  149.278571][ T7238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  149.278581][ T7238] Call Trace:
[  149.278588][ T7238]  <TASK>
[  149.278594][ T7238]  dump_stack_lvl+0x16c/0x1f0
[  149.278624][ T7238]  should_fail_ex+0x50a/0x650
[  149.278655][ T7238]  _copy_from_user+0x2e/0xd0
[  149.278674][ T7238]  memdup_user_nul+0x72/0x110
[  149.278700][ T7238]  sel_commit_bools_write+0x13f/0x430
[  149.278721][ T7238]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  149.278747][ T7238]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  149.278768][ T7238]  vfs_writev+0x6da/0xdd0
[  149.278792][ T7238]  ? fdget_pos+0x267/0x390
[  149.278816][ T7238]  ? __pfx_vfs_writev+0x10/0x10
[  149.278839][ T7238]  ? __mutex_lock+0x1cc/0xb10
[  149.278860][ T7238]  ? find_held_lock+0x2d/0x110
[  149.278885][ T7238]  ? __pfx___mutex_lock+0x10/0x10
[  149.278906][ T7238]  ? trace_lock_acquire+0x14e/0x1f0
[  149.278935][ T7238]  ? __fget_files+0x206/0x3a0
[  149.278959][ T7238]  ? do_writev+0x133/0x340
[  149.278980][ T7238]  do_writev+0x133/0x340
[  149.279004][ T7238]  ? __pfx_do_writev+0x10/0x10
[  149.279035][ T7238]  do_syscall_64+0xcd/0x250
[  149.279059][ T7238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.279083][ T7238] RIP: 0033:0x7efeb3b8d169
[  149.279097][ T7238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.279113][ T7238] RSP: 002b:00007efeb4a5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  149.279130][ T7238] RAX: ffffffffffffffda RBX: 00007efeb3da6160 RCX: 00007efeb3b8d169
[  149.279141][ T7238] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000004
[  149.279151][ T7238] RBP: 00007efeb4a5d090 R08: 0000000000000000 R09: 0000000000000000
[  149.279161][ T7238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.279171][ T7238] R13: 0000000000000000 R14: 00007efeb3da6160 R15: 00007fff30be2068
[  149.279195][ T7238]  </TASK>
[  149.467563][   T30] audit: type=1400 audit(1742745796.085:637): avc:  denied  { connect } for  pid=7225 comm="syz.2.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  149.557409][   T30] audit: type=1400 audit(1742745796.085:638): avc:  denied  { name_connect } for  pid=7225 comm="syz.2.299" dest=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  149.580042][   T30] audit: type=1400 audit(1742745796.095:639): avc:  denied  { create } for  pid=7225 comm="syz.2.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  150.076763][ T7240] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  151.810249][ T5838] usb 2-1: new low-speed USB device number 6 using dummy_hcd
[  152.015304][ T5838] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  152.028316][ T5838] usb 2-1: config 0 has no interface number 0
[  152.044517][ T5838] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  152.084628][ T5838] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  152.680794][ T5838] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  152.690312][ T5838] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.700049][   T26] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  152.702763][ T5838] usb 2-1: config 0 descriptor??
[  152.714434][ T7275] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  152.728789][ T5838] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  152.881477][   T26] usb 3-1: Using ep0 maxpacket: 32
[  152.902107][   T26] usb 3-1: config 1 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 119, changing to 10
[  152.994931][   T26] usb 3-1: config 1 interface 0 altsetting 7 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  153.013361][ T5838] usb 2-1: USB disconnect, device number 6
[  153.069429][   T26] usb 3-1: config 1 interface 0 has no altsetting 0
[  153.087299][ T7310] loop2: detected capacity change from 0 to 7
[  153.097940][   T26] usb 3-1: New USB device found, idVendor=056a, idProduct=030a, bcdDevice= 0.40
[  153.111927][ T7310] Dev loop2: unable to read RDB block 7
[  153.130034][   T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.163938][   T26] usb 3-1: Product: syz
[  153.168153][   T26] usb 3-1: Manufacturer: syz
[  153.180517][   T26] usb 3-1: SerialNumber: syz
[  153.185222][ T7310]  loop2: AHDI p1 p2
[  153.189139][ T7310] loop2: partition table partially beyond EOD, truncated
[  153.250696][ T5869] usb 1-1: new low-speed USB device number 8 using dummy_hcd
[  153.288615][ T7310] loop2: p1 size 4227858431 extends beyond EOD, truncated
[  153.470442][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  153.470482][   T30] audit: type=1400 audit(1742745800.525:668): avc:  denied  { create } for  pid=7312 comm="syz.3.314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  153.490015][ T5869] usb 1-1: no configurations
[  153.735642][ T5869] usb 1-1: can't read configurations, error -22
[  153.752401][ T5836] udevd[5836]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  153.870089][ T5869] usb 1-1: new low-speed USB device number 9 using dummy_hcd
[  153.925554][   T30] audit: type=1400 audit(1742745800.985:669): avc:  denied  { connect } for  pid=7312 comm="syz.3.314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  153.928207][ T7322] netlink: 'syz.1.315': attribute type 3 has an invalid length.
[  154.030270][ T7322] netlink: 'syz.1.315': attribute type 1 has an invalid length.
[  154.444074][   T30] audit: type=1400 audit(1742745801.005:670): avc:  denied  { create } for  pid=7287 comm="syz.2.311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  155.586391][ T7315] netlink: 56 bytes leftover after parsing attributes in process `syz.3.314'.
[  155.669252][ T7322] netlink: 216 bytes leftover after parsing attributes in process `syz.1.315'.
[  155.844403][   T30] audit: type=1400 audit(1742745801.135:671): avc:  denied  { setopt } for  pid=7312 comm="syz.3.314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  156.079165][ T7334] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  156.097736][ T7322] NCSI netlink: No device for ifindex 33022
[  156.103755][   T30] audit: type=1400 audit(1742745801.315:672): avc:  denied  { read } for  pid=7312 comm="syz.3.314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  156.110216][   T30] audit: type=1400 audit(1742745801.325:673): avc:  denied  { ioctl } for  pid=7287 comm="syz.2.311" path="socket:[15433]" dev="sockfs" ino=15433 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  156.150756][ T5869] usb 1-1: device descriptor read/all, error -71
[  156.157380][ T5869] usb usb1-port1: attempt power cycle
[  156.211574][   T26] usbhid 3-1:1.0: can't add hid device: -71
[  156.238844][   T26] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  156.314782][   T26] usb 3-1: USB disconnect, device number 13
[  156.328656][   T30] audit: type=1400 audit(1742745801.335:674): avc:  denied  { getopt } for  pid=7287 comm="syz.2.311" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  156.400684][   T30] audit: type=1400 audit(1742745802.725:675): avc:  denied  { mount } for  pid=7320 comm="syz.1.315" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  156.500037][ T7348] netlink: 'syz.5.318': attribute type 1 has an invalid length.
[  156.510407][ T7348] netlink: 134744 bytes leftover after parsing attributes in process `syz.5.318'.
[  156.530337][ T5903] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  156.606067][   T30] audit: type=1400 audit(1742745803.545:676): avc:  denied  { setopt } for  pid=7345 comm="syz.5.318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  156.650188][ T5838] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  156.724661][   T30] audit: type=1400 audit(1742745803.665:677): avc:  denied  { mount } for  pid=7345 comm="syz.5.318" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  156.747346][ T5903] usb 4-1: Using ep0 maxpacket: 16
[  156.827857][ T5903] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.873868][ T5903] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.900134][ T5838] usb 2-1: Using ep0 maxpacket: 8
[  156.909331][ T5838] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  156.935633][ T5838] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  156.939994][ T5903] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  157.010201][ T5838] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  157.025166][ T5903] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  157.044362][ T5838] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 194, changing to 11
[  157.073221][ T5903] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.076253][ T5838] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  157.154259][ T5903] usb 4-1: config 0 descriptor??
[  157.162512][ T5838] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  157.170215][ T5838] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  157.239980][ T5838] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  157.283625][ T5838] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 194, changing to 11
[  157.344450][ T5838] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  157.389217][ T5838] usb 2-1: unable to read config index 2 descriptor/start: -71
[  157.403332][ T5838] usb 2-1: can't read configurations, error -71
[  157.436501][ T7366] capability: warning: `syz.2.322' uses 32-bit capabilities (legacy support in use)
[  157.622037][ T5903] hid (null): report_id 0 is invalid
[  157.643809][ T5903] shield 0003:0955:7214.0005: unknown main item tag 0x4
[  157.662900][ T5903] shield 0003:0955:7214.0005: report_id 0 is invalid
[  157.706149][ T5903] shield 0003:0955:7214.0005: item 0 0 1 8 parsing failed
[  157.706496][ T5903] shield 0003:0955:7214.0005: Parse failed
[  157.706536][ T5903] shield 0003:0955:7214.0005: probe with driver shield failed with error -22
[  157.775541][ T7375] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  158.762279][ T5838] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  158.920289][ T5838] usb 2-1: Using ep0 maxpacket: 16
[  158.947756][ T5838] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 255, changing to 7
[  158.980310][ T5838] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  158.998910][ T5838] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  159.014502][ T5838] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.036107][ T5838] usb 2-1: Product: syz
[  159.652171][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  159.652188][   T30] audit: type=1400 audit(1742745806.165:695): avc:  denied  { connect } for  pid=7385 comm="syz.2.326" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  159.678439][    C0] vkms_vblank_simulate: vblank timer overrun
[  159.685542][ T5838] usb 2-1: Manufacturer: syz
[  159.692938][ T7391] netlink: 68 bytes leftover after parsing attributes in process `syz.5.327'.
[  159.702102][ T5838] usb 2-1: SerialNumber: syz
[  159.706867][   T30] audit: type=1400 audit(1742745806.165:696): avc:  denied  { setopt } for  pid=7385 comm="syz.2.326" laddr=::1 lport=7 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  159.759317][ T5904] usb 4-1: USB disconnect, device number 10
[  159.782881][   T30] audit: type=1400 audit(1742745806.165:697): avc:  denied  { write } for  pid=7385 comm="syz.2.326" laddr=::1 lport=7 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  159.918886][ T7394] netlink: 12 bytes leftover after parsing attributes in process `syz.2.329'.
[  160.875963][ T5838] usb 2-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  161.308574][ T5838] usb 2-1: USB disconnect, device number 8
[  161.566676][ T7408] FAULT_INJECTION: forcing a failure.
[  161.566676][ T7408] name failslab, interval 1, probability 0, space 0, times 0
[  161.579739][ T7408] CPU: 0 UID: 0 PID: 7408 Comm: syz.5.330 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  161.579762][ T7408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  161.579772][ T7408] Call Trace:
[  161.579777][ T7408]  <TASK>
[  161.579784][ T7408]  dump_stack_lvl+0x16c/0x1f0
[  161.579813][ T7408]  should_fail_ex+0x50a/0x650
[  161.579839][ T7408]  ? fs_reclaim_acquire+0xae/0x150
[  161.579865][ T7408]  ? btrfs_get_tree+0x8ef/0x1b80
[  161.579881][ T7408]  should_failslab+0xc2/0x120
[  161.579900][ T7408]  __kmalloc_cache_noprof+0x68/0x410
[  161.579934][ T7408]  btrfs_get_tree+0x8ef/0x1b80
[  161.579957][ T7408]  ? rcu_is_watching+0x12/0xc0
[  161.579975][ T7408]  ? __pfx_btrfs_get_tree+0x10/0x10
[  161.579992][ T7408]  ? cap_capable+0xb3/0x250
[  161.580014][ T7408]  ? bpf_lsm_capable+0x9/0x10
[  161.580031][ T7408]  ? security_capable+0x7e/0x260
[  161.580053][ T7408]  vfs_get_tree+0x8b/0x340
[  161.580074][ T7408]  vfs_cmd_create+0xd7/0x2a0
[  161.580094][ T7408]  __do_sys_fsconfig+0x7ba/0xbe0
[  161.580115][ T7408]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  161.580142][ T7408]  do_syscall_64+0xcd/0x250
[  161.580164][ T7408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.580184][ T7408] RIP: 0033:0x7f0b5858d169
[  161.580197][ T7408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.580211][ T7408] RSP: 002b:00007f0b59305038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  161.580227][ T7408] RAX: ffffffffffffffda RBX: 00007f0b587a6160 RCX: 00007f0b5858d169
[  161.580237][ T7408] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  161.580246][ T7408] RBP: 00007f0b59305090 R08: 0000000000000000 R09: 0000000000000000
[  161.580255][ T7408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.580264][ T7408] R13: 0000000000000000 R14: 00007f0b587a6160 R15: 00007ffe60fd97e8
[  161.580284][ T7408]  </TASK>
[  161.769910][    C0] vkms_vblank_simulate: vblank timer overrun
[  161.787415][   T30] audit: type=1400 audit(1742745808.585:698): avc:  denied  { bind } for  pid=7402 comm="syz.2.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  162.859152][   T30] audit: type=1400 audit(1742745809.395:699): avc:  denied  { create } for  pid=7412 comm="syz.3.334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  162.915163][   T30] audit: type=1400 audit(1742745809.405:700): avc:  denied  { read write } for  pid=7412 comm="syz.3.334" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  162.990737][   T30] audit: type=1400 audit(1742745809.405:701): avc:  denied  { open } for  pid=7412 comm="syz.3.334" path="/dev/uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  163.036675][   T30] audit: type=1400 audit(1742745809.415:702): avc:  denied  { ioctl } for  pid=7412 comm="syz.3.334" path="/dev/uinput" dev="devtmpfs" ino=920 ioctlcmd=0x5564 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  163.110325][   T30] audit: type=1400 audit(1742745809.415:703): avc:  denied  { bind } for  pid=7412 comm="syz.3.334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  163.157282][   T30] audit: type=1400 audit(1742745809.415:704): avc:  denied  { name_bind } for  pid=7412 comm="syz.3.334" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  164.342580][ T5838] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[  165.176620][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  165.176639][   T30] audit: type=1400 audit(1742745811.585:713): avc:  denied  { create } for  pid=7427 comm="syz.0.339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  165.413174][   T30] audit: type=1400 audit(1742745811.905:714): avc:  denied  { bind } for  pid=7427 comm="syz.0.339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  165.447231][ T5838] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  165.649994][ T5838] usb 6-1: config 0 has no interface number 0
[  165.656122][ T5838] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  165.672562][ T5838] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  165.683496][ T5838] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  165.851548][ T5838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.861539][ T5838] usb 6-1: config 0 descriptor??
[  165.874413][ T7420] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  166.075299][ T5838] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  166.219676][   T30] audit: type=1400 audit(1742745813.265:715): avc:  denied  { getopt } for  pid=7446 comm="syz.0.344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  166.400098][ T5838] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  166.637628][    T9] usb 6-1: USB disconnect, device number 3
[  166.644835][ T5838] usb 2-1: Using ep0 maxpacket: 32
[  166.692915][ T5838] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  166.737644][ T5838] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.807162][   T30] audit: type=1400 audit(1742745813.855:716): avc:  denied  { getopt } for  pid=7453 comm="syz.5.346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  166.810384][ T5838] usb 2-1: config 0 descriptor??
[  166.832739][   T30] audit: type=1400 audit(1742745813.855:717): avc:  denied  { write } for  pid=7453 comm="syz.5.346" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  166.857814][ T5838] gspca_main: sunplus-2.14.0 probing 041e:400b
[  166.932051][   T30] audit: type=1400 audit(1742745813.975:718): avc:  denied  { read write } for  pid=7453 comm="syz.5.346" name="video7" dev="devtmpfs" ino=949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  166.932088][   T30] audit: type=1400 audit(1742745813.975:719): avc:  denied  { open } for  pid=7453 comm="syz.5.346" path="/dev/video7" dev="devtmpfs" ino=949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  166.932116][   T30] audit: type=1400 audit(1742745813.975:720): avc:  denied  { ioctl } for  pid=7453 comm="syz.5.346" path="/dev/video7" dev="devtmpfs" ino=949 ioctlcmd=0x561c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  166.932192][   T30] audit: type=1400 audit(1742745813.975:721): avc:  denied  { bind } for  pid=7453 comm="syz.5.346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  167.077060][   T30] audit: type=1326 audit(1742745814.135:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7460 comm="syz.2.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22e958d169 code=0x7ffc0000
[  167.280442][   T10] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  167.478276][ T7467] netlink: 8 bytes leftover after parsing attributes in process `syz.2.348'.
[  168.164199][   T10] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  168.174853][   T10] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  168.186631][   T10] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  168.196246][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  168.205247][   T10] usb 1-1: SerialNumber: syz
[  168.219568][   T10] usb 1-1: 0:2 : does not exist
[  168.394845][ T7480] FAULT_INJECTION: forcing a failure.
[  168.394845][ T7480] name fail_futex, interval 1, probability 0, space 0, times 1
[  168.440080][ T7480] CPU: 0 UID: 0 PID: 7480 Comm: syz.2.354 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  168.440106][ T7480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  168.440116][ T7480] Call Trace:
[  168.440121][ T7480]  <TASK>
[  168.440131][ T7480]  dump_stack_lvl+0x16c/0x1f0
[  168.440166][ T7480]  should_fail_ex+0x50a/0x650
[  168.440192][ T7480]  ? hlock_class+0x4e/0x130
[  168.440213][ T7480]  get_futex_key+0x4a3/0x1000
[  168.440232][ T7480]  ? hlock_class+0x4e/0x130
[  168.440248][ T7480]  ? mark_lock+0xb5/0xc60
[  168.440271][ T7480]  ? __pfx_get_futex_key+0x10/0x10
[  168.440290][ T7480]  ? __pfx_mark_lock+0x10/0x10
[  168.440312][ T7480]  ? hlock_class+0x4e/0x130
[  168.440329][ T7480]  ? __lock_acquire+0xcc5/0x3c40
[  168.440355][ T7480]  futex_wake_op+0x12a/0xd30
[  168.440385][ T7480]  ? __pfx_futex_wake_op+0x10/0x10
[  168.440407][ T7480]  ? __lock_acquire+0x15a9/0x3c40
[  168.440440][ T7480]  ? __pfx___lock_acquire+0x10/0x10
[  168.440466][ T7480]  do_futex+0x2eb/0x350
[  168.440485][ T7480]  ? __pfx_do_futex+0x10/0x10
[  168.440503][ T7480]  ? find_held_lock+0x2d/0x110
[  168.440525][ T7480]  __x64_sys_futex+0x1e1/0x4c0
[  168.440548][ T7480]  ? __pfx___x64_sys_futex+0x10/0x10
[  168.440567][ T7480]  ? __might_fault+0xe3/0x190
[  168.440588][ T7480]  ? __might_fault+0xe3/0x190
[  168.440607][ T7480]  ? rcu_is_watching+0x12/0xc0
[  168.440626][ T7480]  do_syscall_64+0xcd/0x250
[  168.440650][ T7480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.440671][ T7480] RIP: 0033:0x7f22e958d169
[  168.440684][ T7480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.440699][ T7480] RSP: 002b:00007f22ea3ba038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  168.440715][ T7480] RAX: ffffffffffffffda RBX: 00007f22e97a5fa0 RCX: 00007f22e958d169
[  168.440741][ T7480] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000
[  168.440750][ T7480] RBP: 00007f22ea3ba090 R08: 0000000000000000 R09: 00000000b4000003
[  168.440759][ T7480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.440768][ T7480] R13: 0000000000000000 R14: 00007f22e97a5fa0 R15: 00007fff7d47e098
[  168.440788][ T7480]  </TASK>
[  168.668800][ T5838] gspca_sunplus: reg_w_riv err -110
[  168.674265][ T5838] sunplus 2-1:0.0: probe with driver sunplus failed with error -110
[  168.778417][ T7484] FAULT_INJECTION: forcing a failure.
[  168.778417][ T7484] name failslab, interval 1, probability 0, space 0, times 0
[  168.820387][ T7484] CPU: 0 UID: 0 PID: 7484 Comm: syz.3.352 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  168.820415][ T7484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  168.820425][ T7484] Call Trace:
[  168.820430][ T7484]  <TASK>
[  168.820437][ T7484]  dump_stack_lvl+0x16c/0x1f0
[  168.820466][ T7484]  should_fail_ex+0x50a/0x650
[  168.820493][ T7484]  ? fs_reclaim_acquire+0xae/0x150
[  168.820522][ T7484]  should_failslab+0xc2/0x120
[  168.820542][ T7484]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  168.820560][ T7484]  ? alloc_empty_file+0x73/0x1e0
[  168.820585][ T7484]  alloc_empty_file+0x73/0x1e0
[  168.820606][ T7484]  path_openat+0xe1/0x2d80
[  168.820621][ T7484]  ? hlock_class+0x4e/0x130
[  168.820639][ T7484]  ? __lock_acquire+0x15a9/0x3c40
[  168.820671][ T7484]  ? __pfx_path_openat+0x10/0x10
[  168.820688][ T7484]  ? __pfx___lock_acquire+0x10/0x10
[  168.820710][ T7484]  ? lock_acquire.part.0+0x11b/0x380
[  168.820746][ T7484]  ? find_held_lock+0x2d/0x110
[  168.820768][ T7484]  do_filp_open+0x20c/0x470
[  168.820785][ T7484]  ? __pfx_do_filp_open+0x10/0x10
[  168.820801][ T7484]  ? find_held_lock+0x2d/0x110
[  168.820835][ T7484]  ? alloc_fd+0x41f/0x760
[  168.820859][ T7484]  do_sys_openat2+0x17a/0x1e0
[  168.820881][ T7484]  ? __pfx_do_sys_openat2+0x10/0x10
[  168.820904][ T7484]  ? __fget_files+0x206/0x3a0
[  168.820932][ T7484]  __x64_sys_openat+0x175/0x210
[  168.820954][ T7484]  ? __pfx___x64_sys_openat+0x10/0x10
[  168.820974][ T7484]  ? ksys_write+0x1ba/0x250
[  168.820998][ T7484]  do_syscall_64+0xcd/0x250
[  168.821023][ T7484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.821047][ T7484] RIP: 0033:0x7efeb3b8d169
[  168.821061][ T7484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.821078][ T7484] RSP: 002b:00007efeb4a5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  168.821096][ T7484] RAX: ffffffffffffffda RBX: 00007efeb3da6160 RCX: 00007efeb3b8d169
[  168.821107][ T7484] RDX: 0000000000109000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[  168.821118][ T7484] RBP: 00007efeb4a5d090 R08: 0000000000000000 R09: 0000000000000000
[  168.821128][ T7484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.821138][ T7484] R13: 0000000000000000 R14: 00007efeb3da6160 R15: 00007fff30be2068
[  168.821160][ T7484]  </TASK>
[  169.409208][ T5838] usb 2-1: USB disconnect, device number 9
[  169.792987][   T10] usb 1-1: USB disconnect, device number 11
[  170.060858][ T5919] udevd[5919]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  170.451095][   T26] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  170.622957][   T26] usb 1-1: Using ep0 maxpacket: 8
[  170.634611][   T26] usb 1-1: New USB device found, idVendor=0c45, idProduct=613b, bcdDevice=c4.6d
[  170.647288][   T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.671800][   T26] usb 1-1: Product: syz
[  170.687107][   T26] usb 1-1: Manufacturer: syz
[  170.692352][   T26] usb 1-1: SerialNumber: syz
[  170.729082][   T26] usb 1-1: config 0 descriptor??
[  170.756080][   T26] gspca_main: sonixj-2.14.0 probing 0c45:613b
[  170.920291][   T10] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  171.070071][   T10] usb 4-1: Using ep0 maxpacket: 16
[  171.080896][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  171.096249][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  171.111442][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  171.130980][   T10] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  171.143612][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.158143][   T30] kauditd_printk_skb: 48 callbacks suppressed
[  171.158155][   T30] audit: type=1400 audit(1742745818.215:771): avc:  denied  { bind } for  pid=7492 comm="syz.2.357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  171.160543][   T10] usb 4-1: config 0 descriptor??
[  171.370564][   T30] audit: type=1400 audit(1742745818.425:772): avc:  denied  { read } for  pid=5488 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  171.561412][   T26] gspca_sonixj: reg_r err -32
[  171.687677][   T26] sonixj 1-1:0.0: probe with driver sonixj failed with error -32
[  171.989278][ T7518] overlayfs: failed to decode file handle (len=5, type=251, flags=0, err=-22)
[  172.021465][ T7528] netlink: 36 bytes leftover after parsing attributes in process `syz.2.363'.
[  172.045041][ T7528] netlink: 16 bytes leftover after parsing attributes in process `syz.2.363'.
[  172.063760][ T7528] netlink: 36 bytes leftover after parsing attributes in process `syz.2.363'.
[  172.081174][ T7528] netlink: 36 bytes leftover after parsing attributes in process `syz.2.363'.
[  172.149758][   T10] hid (null): report_id 0 is invalid
[  172.186605][   T10] shield 0003:0955:7214.0006: unknown main item tag 0x4
[  172.228273][   T10] shield 0003:0955:7214.0006: report_id 0 is invalid
[  172.247398][   T10] shield 0003:0955:7214.0006: item 0 0 1 8 parsing failed
[  172.260213][   T30] audit: type=1400 audit(1742745819.315:773): avc:  denied  { create } for  pid=7526 comm="syz.5.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  172.282164][   T10] shield 0003:0955:7214.0006: Parse failed
[  172.309576][   T10] shield 0003:0955:7214.0006: probe with driver shield failed with error -22
[  172.322448][   T30] audit: type=1400 audit(1742745819.315:774): avc:  denied  { setopt } for  pid=7526 comm="syz.5.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  172.345794][   T30] audit: type=1400 audit(1742745819.315:775): avc:  denied  { bind } for  pid=7526 comm="syz.5.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  172.399824][   T30] audit: type=1400 audit(1742745819.315:776): avc:  denied  { read } for  pid=7526 comm="syz.5.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  172.550114][   T26] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  172.704274][   T26] usb 6-1: Using ep0 maxpacket: 16
[  172.723378][   T26] usb 6-1: unable to read config index 0 descriptor/start: -61
[  172.762228][   T26] usb 6-1: can't read configurations, error -61
[  172.930072][   T26] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  174.630004][   T26] usb 6-1: Using ep0 maxpacket: 16
[  174.636748][   T26] usb 6-1: unable to read config index 0 descriptor/start: -61
[  174.645829][ T5827] usb 1-1: USB disconnect, device number 12
[  174.652804][   T26] usb 6-1: can't read configurations, error -61
[  174.660439][   T26] usb usb6-port1: attempt power cycle
[  174.717866][ T5869] usb 4-1: USB disconnect, device number 11
[  174.883542][   T30] audit: type=1400 audit(1742745821.945:777): avc:  denied  { ioctl } for  pid=7565 comm="syz.3.369" path="socket:[14775]" dev="sockfs" ino=14775 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  174.911667][ T7566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.369'.
[  174.953986][   T30] audit: type=1400 audit(1742745822.015:778): avc:  denied  { ioctl } for  pid=7565 comm="syz.3.369" path="socket:[15986]" dev="sockfs" ino=15986 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  174.990923][   T30] audit: type=1400 audit(1742745822.015:779): avc:  denied  { read write } for  pid=7567 comm="syz.2.370" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  175.015464][   T30] audit: type=1400 audit(1742745822.015:780): avc:  denied  { open } for  pid=7567 comm="syz.2.370" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  176.223293][ T7576] netlink: 8 bytes leftover after parsing attributes in process `syz.1.371'.
[  176.394515][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  176.401744][   T30] audit: type=1326 audit(1742745823.455:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7572 comm="syz.1.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e3b18d169 code=0x7ffc0000
[  176.487292][   T30] audit: type=1326 audit(1742745823.455:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7572 comm="syz.1.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e3b18d169 code=0x7ffc0000
[  176.513392][   T30] audit: type=1400 audit(1742745823.525:817): avc:  denied  { write } for  pid=7581 comm="syz.3.374" name="fib_triestat" dev="proc" ino=4026533060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  176.546600][   T30] audit: type=1400 audit(1742745823.605:818): avc:  denied  { create } for  pid=7583 comm="syz.1.375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  176.586960][   T30] audit: type=1400 audit(1742745823.635:819): avc:  denied  { write } for  pid=7583 comm="syz.1.375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  176.795007][   T30] audit: type=1400 audit(1742745823.855:820): avc:  denied  { ioctl } for  pid=7583 comm="syz.1.375" path="socket:[16015]" dev="sockfs" ino=16015 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  177.314578][   T30] audit: type=1400 audit(1742745824.375:821): avc:  denied  { read } for  pid=7598 comm="syz.1.379" name="sg0" dev="devtmpfs" ino=735 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  177.356020][ T7578] FAULT_INJECTION: forcing a failure.
[  177.356020][ T7578] name failslab, interval 1, probability 0, space 0, times 0
[  177.410152][ T5869] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  177.422656][ T7578] CPU: 0 UID: 0 PID: 7578 Comm: syz.5.372 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  177.422672][ T7578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  177.422678][ T7578] Call Trace:
[  177.422681][ T7578]  <TASK>
[  177.422685][ T7578]  dump_stack_lvl+0x16c/0x1f0
[  177.422704][ T7578]  should_fail_ex+0x50a/0x650
[  177.422720][ T7578]  ? fs_reclaim_acquire+0xae/0x150
[  177.422737][ T7578]  should_failslab+0xc2/0x120
[  177.422751][ T7578]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  177.422762][ T7578]  ? mas_alloc_nodes+0x18b/0x8b0
[  177.422781][ T7578]  mas_alloc_nodes+0x18b/0x8b0
[  177.422796][ T7578]  mas_node_count_gfp+0x105/0x130
[  177.422810][ T7578]  mas_preallocate+0x53f/0xce0
[  177.422827][ T7578]  ? mark_held_locks+0x9f/0xe0
[  177.422843][ T7578]  ? __pfx_mas_preallocate+0x10/0x10
[  177.422859][ T7578]  ? mark_lock+0xb5/0xc60
[  177.422876][ T7578]  ? __asan_memset+0x23/0x50
[  177.422899][ T7578]  commit_merge+0x61d/0xec0
[  177.422912][ T7578]  ? __pfx_commit_merge+0x10/0x10
[  177.422926][ T7578]  ? dup_anon_vma.constprop.0+0x74/0x330
[  177.422938][ T7578]  vma_merge_existing_range+0xedf/0x2070
[  177.422952][ T7578]  ? __pfx_vma_merge_existing_range+0x10/0x10
[  177.422967][ T7578]  vma_modify.constprop.0+0x87/0x410
[  177.422980][ T7578]  vma_modify_flags_uffd+0x241/0x2e0
[  177.422993][ T7578]  ? __pfx_vma_modify_flags_uffd+0x10/0x10
[  177.423013][ T7578]  userfaultfd_clear_vma+0x91/0x130
[  177.423029][ T7578]  userfaultfd_release_all+0x2ae/0x4c0
[  177.423045][ T7578]  ? __pfx_userfaultfd_release_all+0x10/0x10
[  177.423066][ T7578]  ? __pfx_userfaultfd_release+0x10/0x10
[  177.423079][ T7578]  userfaultfd_release+0xf4/0x1c0
[  177.423092][ T7578]  ? __pfx_userfaultfd_release+0x10/0x10
[  177.423104][ T7578]  ? __pfx___might_resched+0x10/0x10
[  177.423121][ T7578]  ? __pfx_lock_release+0x10/0x10
[  177.423134][ T7578]  ? evm_file_release+0xd0/0x200
[  177.423151][ T7578]  __fput+0x3ff/0xb70
[  177.423164][ T7578]  ? _raw_spin_unlock_irq+0x23/0x50
[  177.423178][ T7578]  task_work_run+0x14e/0x250
[  177.423193][ T7578]  ? __pfx_task_work_run+0x10/0x10
[  177.423207][ T7578]  ? __pfx_do_readv+0x10/0x10
[  177.423224][ T7578]  syscall_exit_to_user_mode+0x27b/0x2a0
[  177.423240][ T7578]  do_syscall_64+0xda/0x250
[  177.423255][ T7578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.423270][ T7578] RIP: 0033:0x7f0b5858d169
[  177.423279][ T7578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.423288][ T7578] RSP: 002b:00007f0b59347038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  177.423299][ T7578] RAX: 0000000000000020 RBX: 00007f0b587a5fa0 RCX: 00007f0b5858d169
[  177.423305][ T7578] RDX: 0000000000000006 RSI: 0000200000000240 RDI: 0000000000000003
[  177.423311][ T7578] RBP: 00007f0b59347090 R08: 0000000000000000 R09: 0000000000000000
[  177.423317][ T7578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.423323][ T7578] R13: 0000000000000000 R14: 00007f0b587a5fa0 R15: 00007ffe60fd97e8
[  177.423335][ T7578]  </TASK>
[  177.423359][ T7578] BUG: unable to handle page fault for address: fffffffffffffff4
[  177.725213][ T7578] #PF: supervisor read access in kernel mode
[  177.731170][ T7578] #PF: error_code(0x0000) - not-present page
[  177.737118][ T7578] PGD df84067 P4D df84067 PUD df86067 PMD 0 
[  177.743079][ T7578] Oops: Oops: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  177.749293][ T7578] CPU: 0 UID: 0 PID: 7578 Comm: syz.5.372 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
[  177.759846][ T7578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  177.769874][ T7578] RIP: 0010:vma_merge_existing_range+0x266/0x2070
[  177.776271][ T7578] Code: e8 0f 47 ac ff 48 8b 14 24 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 1c 19 00 00 48 8b 04 24 48 8b 74 24 08 <4c> 8b 38 4c 89 ff e8 4f 41 ac ff 48 8b 44 24 08 49 39 c7 0f 83 db
[  177.795858][ T7578] RSP: 0018:ffffc90002ed7998 EFLAGS: 00010246
[  177.801896][ T7578] RAX: fffffffffffffff4 RBX: ffffc90002ed7af8 RCX: ffffffff820db0e5
[  177.809852][ T7578] RDX: 1ffffffffffffffe RSI: 0000200000b36000 RDI: 0000000000000005
[  177.817799][ T7578] RBP: 0000200000ce2000 R08: 0000000000000005 R09: 0000000000000000
[  177.825746][ T7578] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[  177.833690][ T7578] R13: ffffc90002ed7b18 R14: ffff88802c292000 R15: ffff888056604600
[  177.841633][ T7578] FS:  00007f0b593476c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  177.850549][ T7578] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  177.857110][ T7578] CR2: fffffffffffffff4 CR3: 000000005d586000 CR4: 00000000003526f0
[  177.865055][ T7578] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  177.872998][ T7578] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  177.880943][ T7578] Call Trace:
[  177.884195][ T7578]  <TASK>
[  177.887101][ T7578]  ? __die+0x1e/0x60
[  177.890977][ T7578]  ? page_fault_oops+0x3b6/0xb90
[  177.895889][ T7578]  ? __pfx_page_fault_oops+0x10/0x10
[  177.901158][ T7578]  ? __pfx_lock_release+0x10/0x10
[  177.906178][ T7578]  ? trace_lock_acquire+0x14e/0x1f0
[  177.911373][ T7578]  ? is_prefetch.constprop.0+0x9d/0x520
[  177.916903][ T7578]  ? lock_acquire+0x2f/0xb0
[  177.921397][ T7578]  ? search_bpf_extables+0x36/0x320
[  177.926589][ T7578]  ? bpf_ksym_find+0x127/0x1c0
[  177.931338][ T7578]  ? __pfx_is_prefetch.constprop.0+0x10/0x10
[  177.937300][ T7578]  ? fixup_exception+0x10c/0xaf0
[  177.942215][ T7578]  ? kernelmode_fixup_or_oops.constprop.0+0xb8/0xe0
[  177.948781][ T7578]  ? __bad_area_nosemaphore+0x390/0x6a0
[  177.954301][ T7578]  ? spurious_kernel_fault+0x234/0x3a0
[  177.959736][ T7578]  ? do_kern_addr_fault+0x5b/0x80
[  177.964747][ T7578]  ? exc_page_fault+0xb1/0xc0
[  177.969401][ T7578]  ? asm_exc_page_fault+0x26/0x30
[  177.974404][ T7578]  ? vma_merge_existing_range+0x9c5/0x2070
[  177.980186][ T7578]  ? vma_merge_existing_range+0x266/0x2070
[  177.985964][ T7578]  ? vma_merge_existing_range+0x241/0x2070
[  177.991742][ T7578]  ? __pfx_vma_merge_existing_range+0x10/0x10
[  177.997782][ T7578]  vma_modify.constprop.0+0x87/0x410
[  178.003051][ T7578]  vma_modify_flags_uffd+0x241/0x2e0
[  178.008312][ T7578]  ? __pfx_vma_modify_flags_uffd+0x10/0x10
[  178.014097][ T7578]  userfaultfd_clear_vma+0x91/0x130
[  178.019272][ T7578]  userfaultfd_release_all+0x2ae/0x4c0
[  178.024706][ T7578]  ? __pfx_userfaultfd_release_all+0x10/0x10
[  178.030667][ T7578]  ? __pfx_userfaultfd_release+0x10/0x10
[  178.036272][ T7578]  userfaultfd_release+0xf4/0x1c0
[  178.041271][ T7578]  ? __pfx_userfaultfd_release+0x10/0x10
[  178.046887][ T7578]  ? __pfx___might_resched+0x10/0x10
[  178.052162][ T7578]  ? __pfx_lock_release+0x10/0x10
[  178.057162][ T7578]  ? evm_file_release+0xd0/0x200
[  178.062078][ T7578]  __fput+0x3ff/0xb70
[  178.066035][ T7578]  ? _raw_spin_unlock_irq+0x23/0x50
[  178.071220][ T7578]  task_work_run+0x14e/0x250
[  178.075797][ T7578]  ? __pfx_task_work_run+0x10/0x10
[  178.080885][ T7578]  ? __pfx_do_readv+0x10/0x10
[  178.085539][ T7578]  syscall_exit_to_user_mode+0x27b/0x2a0
[  178.091147][ T7578]  do_syscall_64+0xda/0x250
[  178.095629][ T7578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.101499][ T7578] RIP: 0033:0x7f0b5858d169
[  178.105885][ T7578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.125467][ T7578] RSP: 002b:00007f0b59347038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  178.133866][ T7578] RAX: 0000000000000020 RBX: 00007f0b587a5fa0 RCX: 00007f0b5858d169
[  178.141810][ T7578] RDX: 0000000000000006 RSI: 0000200000000240 RDI: 0000000000000003
[  178.149758][ T7578] RBP: 00007f0b59347090 R08: 0000000000000000 R09: 0000000000000000
[  178.157702][ T7578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.165645][ T7578] R13: 0000000000000000 R14: 00007f0b587a5fa0 R15: 00007ffe60fd97e8
[  178.173593][ T7578]  </TASK>
[  178.176587][ T7578] Modules linked in:
[  178.180467][ T7578] CR2: fffffffffffffff4
[  178.184600][ T7578] ---[ end trace 0000000000000000 ]---
[  178.190037][ T7578] RIP: 0010:vma_merge_existing_range+0x266/0x2070
[  178.196424][ T7578] Code: e8 0f 47 ac ff 48 8b 14 24 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 1c 19 00 00 48 8b 04 24 48 8b 74 24 08 <4c> 8b 38 4c 89 ff e8 4f 41 ac ff 48 8b 44 24 08 49 39 c7 0f 83 db
[  178.216015][ T7578] RSP: 0018:ffffc90002ed7998 EFLAGS: 00010246
[  178.222055][ T7578] RAX: fffffffffffffff4 RBX: ffffc90002ed7af8 RCX: ffffffff820db0e5
[  178.229999][ T7578] RDX: 1ffffffffffffffe RSI: 0000200000b36000 RDI: 0000000000000005
[  178.237941][ T7578] RBP: 0000200000ce2000 R08: 0000000000000005 R09: 0000000000000000
[  178.245908][ T7578] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[  178.253861][ T7578] R13: ffffc90002ed7b18 R14: ffff88802c292000 R15: ffff888056604600
[  178.261808][ T7578] FS:  00007f0b593476c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  178.270711][ T7578] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  178.277269][ T7578] CR2: fffffffffffffff4 CR3: 000000005d586000 CR4: 00000000003526f0
[  178.285215][ T7578] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  178.293159][ T7578] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  178.301109][ T7578] Kernel panic - not syncing: Fatal exception
[  178.307379][ T7578] Kernel Offset: disabled
[  178.311677][ T7578] Rebooting in 86400 seconds..