last executing test programs:

10.070907636s ago: executing program 0 (id=1302):
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000000)={0x0, 0x9, 0x0, 0x0, 0x0, 0x8000})
socket$alg(0x26, 0x5, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x7, 0x4, 0x1b3, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x7f, 0x2, 0x7, 0x7f, 0x6, 0xfffffff9, 0x3, 0x5f, 0xa, 0x3, 0xdfff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xffffffff, 0x1f461e2c, 0x2, 0xe65f, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0x0, 0x3, 0x5, 0x4, 0x8, 0x0, 0x1, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x12f, 0x8000, 0x10, 0x8, 0x129432e2, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffe, 0x200003, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0x400, 0x1, 0x6, 0xfffffffd, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0xe8cc, 0x6, 0x9, 0xa, 0x0, 0x9, 0x9, 0x9, 0x6, 0x2, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x10003, 0x4, 0x1, 0x7, 0xb, 0x9, 0x48c93690, 0x3, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x1, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x2, 0x3b, 0x71, 0x2, 0x80, 0x3, 0x10001, 0x2, 0x0, 0xa2, 0x7, 0x53cf697b, 0xd, 0x6, 0x54fe12d2, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb2f, 0x3, 0x7, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x41ff, 0x6, 0x5, 0x5, 0x3, 0x2, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x10, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x4, 0x61dc, 0xffff, 0x1, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xffb]}, 0x45c)
syz_emit_ethernet(0x3e, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0xfe4e, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0xfffffffffffffffe)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket(0x28, 0x1, 0x0)
r3 = syz_io_uring_setup(0x112, &(0x7f0000000280)={0x0, 0x408c, 0x100, 0x8, 0x40}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r2, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0, 0x2121, 0x0, {0x3}})
io_uring_enter(r3, 0x47f6, 0xb277, 0x0, 0x0, 0x0)
r6 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
write$sndseq(r6, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x5}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

9.611964349s ago: executing program 4 (id=1303):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, 0x0)
r6 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r7 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r8 = add_key$user(&(0x7f0000006400), &(0x7f0000006c00)={'syz', 0x3}, &(0x7f0000000840)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b1a03dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc95b4b88e", 0x94, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r6, r7, r8}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha256\x00'}})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/consoles\x00', 0x0, 0x0)
syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x800, 0x7fff, 0x40024e}, &(0x7f0000000340), &(0x7f0000000040))
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000240)={{'fd', 0x3d, r9}, 0x2c, {'rootmode', 0x3d, 0x1000}})
write$FUSE_NOTIFY_INVAL_ENTRY(r9, &(0x7f00000001c0)={0x2b, 0x3, 0x0, {0x1, 0xa, 0x0, '/dev/fuse\x00'}}, 0x2b)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

8.457522794s ago: executing program 4 (id=1308):
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_setup(0x83b, &(0x7f0000000240))
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
syz_open_dev$vim2m(0x0, 0x20003, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x1, 0x401, 0x0, 0x92, 0x55, 0x8, 0x7, 0x8}, 0x0)
fanotify_init(0xa00, 0x0)
clock_gettime(0xfffffffffffffffc, &(0x7f0000003a40))
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000, 0x2, &(0x7f0000ffc000/0x3000)=nil)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r3, &(0x7f0000000000)='2\x00', 0x2)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
preadv(r0, &(0x7f0000000740), 0x0, 0x401, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000008c0)=@newtaction={0x214, 0x30, 0x300, 0x71bd2a, 0x25dfdbff, {}, [{0x200, 0x1, [@m_gact={0x14c, 0x17, 0x0, 0x0, {{0x9}, {0x4}, {0x11d, 0x6, "0f617356f0a663079abe295a350af32575b7576a2846e5b3b3d9b048dc90bac2c3b40552dc14f7774371c98d6e2763d4fda783e36f45e224474cc6a0e6a530d841c87c70bbf3448d6187a58197fa3ffb0b318a51ba59415ac311a355fe1d08f8de9966d8ba89a56bfbc37c6af7d37dcdeb618f98f29bf3b05a23cefbbf51193614c08c162352d9eaad342b2f307dd8babd71ab8a1c4f80bbbbccc8ce4d369a33f9c6fc16198b2cfa20bc906e08c92c0642310e03f00a0ed12baa1df64f1bf0502f23ff4d6a5e05aa81fa19a9b88c32227231211d5d298a3c63d5549b1a72ad3a2c2dbf727e06036e6f15f608bea0e2a8ff93600a6133a9b45faa6924e7b9e8756e78750bdef4103fcd162842f48260e1dbb952cf91a4fdf9ca"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_sample={0x30, 0x1c, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_bpf={0x34, 0xa, 0x0, 0x0, {{0x8}, {0x4}, {0x9, 0x6, "266510c489"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_vlan={0x4c, 0x13, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x6, 0x4, 0x3, 0x7, 0x294cce70}, 0x3}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x214}, 0x1, 0x0, 0x0, 0x4000810}, 0x40)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x18, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x11}]}, 0x18}}, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000540)='vegas\x00', 0x6)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000840)="89000000120081ae08060cdc030000fe7f030000000000000001ffca1b1f0000000024c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00150c00014003080c00bdad446b31007a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947e", 0x75}, {&(0x7f0000000140)="11d6cb557c8496a2fe7a81f38210bfa9b70ee09c", 0x14}], 0x2}, 0x0)
ioctl$USBDEVFS_CONTROL(r5, 0xc0105500, &(0x7f0000000000)={0x80, 0xa, 0xf, 0xd, 0x0, 0xb021, 0x0})

8.256264978s ago: executing program 2 (id=1309):
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_connect$printer(0x3, 0x0, 0x0, &(0x7f0000000a80)={0x0, 0x0, 0x13c, &(0x7f0000000140)={0x5, 0xf, 0x13c, 0x3, [@generic={0xdf, 0x10, 0xa, "b6b53d430dc983ba2115f910916f2cf7ad406bd923ac54ea44dd7f2e19205dfce1ab7c0e7074f248a2187e4d3283b0126784008f7d21758a28a8b0f2bdf2ecb9b18ad01db593109c0418c6723af7d76c9a53170556001160a3a01868d92306cc35c232c258ac6ac43161b649b3a104601e59f2dc48836869f96e0c3c51a490a71a409504bcd4f82f07442bf5142ef64a3cbc596c4e403134d47c3d6ab4c9f7a9fb87920d0ebf1954cd8c567a67a32682415a3a75f7b777ce811a31d0dc80066d09d2f412d55961431bd54111da473e5b63e2371e7840547f9fa19a3b"}, @generic={0x4e, 0x10, 0xb, "f310f8c5b989843bf002eea85763e653daf4ab6736db074e4737c86bf9f7f80398450d48b409ccb526e15b25bbb6ca7ee3979be459a6dfd0d88b7c21b68d9293bb8ce9d3d54f96b3b93bf8"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x6, 0x7, 0x4, 0x800}]}})
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x0, 0x0)
write$char_usb(r0, &(0x7f0000001300)="92", 0x2)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(r0, 0x0, 0x0)
syz_usb_connect(0x6, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc8, 0x6a, 0xe4, 0xff, 0x830, 0x3, 0x3528, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x53, 0x0, 0x0, 0xcf, 0x44, 0xe, 0x40}}]}}]}}, 0x0)

8.241659045s ago: executing program 1 (id=1310):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x10b})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000140)=0x1000)
r1 = syz_open_dev$dri(&(0x7f0000001100), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000b00)={0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000001000310400000000000000000000001f87709921fee6b672783a9048ca7b0d6242707a9da27498000000000000e0411686ac8a350316db00", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028008001500000000000600270000000000"], 0x44}}, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000880)=ANY=[@ANYBLOB="18000000f28bb01702011b7f5f0000000300000004000000"], 0x18}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
socket$inet6(0xa, 0x800, 0x3)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x10b}) (async)
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000140)=0x1000) (async)
syz_open_dev$dri(&(0x7f0000001100), 0x0, 0x0) (async)
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000b00)={0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000001000310400000000000000000000001f87709921fee6b672783a9048ca7b0d6242707a9da27498000000000000e0411686ac8a350316db00", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028008001500000000000600270000000000"], 0x44}}, 0x0) (async)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000880)=ANY=[@ANYBLOB="18000000f28bb01702011b7f5f0000000300000004000000"], 0x18}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094) (async)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0) (async)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) (async)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']}) (async)
socket$inet6(0xa, 0x800, 0x3) (async)

7.662774415s ago: executing program 2 (id=1311):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x40000, 0x100a8}}}}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x7}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x58}}, 0x40080)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4, 0x1, &(0x7f0000006680))
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, 0x0, 0x100)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
syz_open_dev$video4linux(0x0, 0x20, 0x400)
ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1b, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70400000800000085000000950001009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0xfc}}, 0x20000004)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, 0x0, 0xc0042, 0x1fe)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)

7.605215321s ago: executing program 0 (id=1312):
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$binderfs(0x0, &(0x7f00000001c0)='./binderfs\x00', 0x0, 0x801804, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x2, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
write$vga_arbiter(r0, &(0x7f0000000980), 0xf)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000001c0)={'dvmrp1\x00', 0x1})
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})
write$binfmt_elf32(r0, &(0x7f0000000780)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x81, 0xf7, 0x2, 0x7, 0x2, 0x3, 0x1, 0x129, 0x38, 0x2a3, 0x1, 0xfffb, 0x20, 0x1, 0x7, 0xfffc, 0x7ff}, [{0x1, 0x1, 0x6, 0x4, 0x5, 0xf, 0x9}]}, 0x58)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x2, 0x56d, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001f80), 0xfffffffb, r2}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000340), 0x1000, r2}, 0x38)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'gre0\x00', &(0x7f0000000280)={'syztnl0\x00', <r3=>0x0, 0x20, 0x700, 0x401, 0xfffffff8, {{0xb, 0x4, 0x3, 0x1e, 0x2c, 0x67, 0x0, 0x6, 0x0, 0x0, @broadcast, @loopback, {[@timestamp={0x44, 0x18, 0x78, 0x0, 0x7, [0x0, 0x2, 0x4, 0x5, 0x4895]}]}}}}})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000800)={r0, 0x20, &(0x7f0000000740)={&(0x7f0000000580)=""/138, 0x8a, <r4=>0x0, &(0x7f0000000680)=""/150, 0x96}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x15, 0x20, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_idx={0x18, 0x9, 0x5, 0x0, 0x3}, @map_val={0x18, 0x6, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x3ff, 0xda, &(0x7f0000000480)=""/218, 0x41000, 0x14, '\x00', r3, @sk_reuseport=0x28, r0, 0x8, &(0x7f0000000200)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000300)={0x4, 0x2, 0x10000, 0x7}, 0x10, r4, r0, 0x7, 0x0, &(0x7f0000000840)=[{0x3, 0x2, 0x5}, {0x1, 0x5, 0x7, 0xa}, {0x1, 0x4, 0x10, 0xb}, {0x3, 0x3, 0x3, 0x8}, {0x2, 0x3, 0xe, 0xa}, {0x1, 0x1, 0x10, 0x7}, {0x5, 0x5, 0xd, 0x6}], 0x10, 0xd, @void, @value}, 0x94)

7.192041297s ago: executing program 1 (id=1313):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x5, 0x5, &(0x7f0000000580)=ANY=[@ANYRES8=r0], 0x0, 0x5b4230ff, 0x0, 0x0, 0x41100, 0x2a, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xf739, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0xc7ec}, 0x1c)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d8000000", @ANYRES16, @ANYBLOB="04002dbd7000f2dbdf254f0000000c00839ced540000680000004c007a8008000400000000181c000200134ecc4d908540c3c8630b918a29360800040004005111335ced5fd94e0800040009000000080004000300000048007a801400010003d869f47d8c428eaa74b31794b4b314b5000400000000000c0003004180081ee4f88f1a080004000c0000000c0003007858754e3c504054080004000800000004007a8020007a800800040005000000140002002929590c"], 0xd8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

7.047599546s ago: executing program 1 (id=1314):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x5, 0x5, &(0x7f0000000580)=ANY=[@ANYRES8=r0], 0x0, 0x5b4230ff, 0x0, 0x0, 0x41100, 0x2a, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xf739, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0xc7ec}, 0x1c)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d8000000", @ANYRES16, @ANYBLOB="04002dbd7000f2dbdf254f0000000c00839ced540000680000004c007a8008000400000000181c000200134ecc4d908540c3c8630b918a29360800040004005111335ced5fd94e0800040009000000080004000300000048007a801400010003d869f47d8c428eaa74b31794b4b314b5000400000000000c0003004180081ee4f88f1a080004000c0000000c0003007858754e3c504054080004000800000004007a8020007a800800040005000000140002002929590c"], 0xd8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) (fail_nth: 1)

6.992224021s ago: executing program 2 (id=1315):
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=ANY=[@ANYBLOB="90c4adf27cf774e19fcc000000", @ANYRES16, @ANYBLOB="010025bd7000fedbdf250e0000000c00038008000100fd0000003400098008000200050000000800020001000000080002000300000008000200000040000800010012d5ffff08000200fd6affff3c00038008000100f7ffffff08000200080000000800020002000000080002003a000000080002000900000008000300060000000800010003000000"], 0x90}, 0x1, 0x0, 0x0, 0x20040800}, 0x24040000)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, &(0x7f00000007c0)={0x52})
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r3, 0x8)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x881, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r4, 0xc0045009, &(0x7f0000001080)=0x2)
ioctl$SNDCTL_DSP_SUBDIVIDE(r4, 0xc0045009, &(0x7f0000001100)=0xfffffffc)
r5 = accept4(r3, 0x0, 0x0, 0x800)
sendto$inet(r5, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
sendto$inet6(r5, &(0x7f0000000040)="7bd634", 0x3, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x4}, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r1, &(0x7f0000000600)="001a000000000000", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x1}}, 0x3c)

5.928017654s ago: executing program 1 (id=1316):
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=ANY=[@ANYBLOB="90c4adf27cf774e19fcc000000", @ANYRES16, @ANYBLOB="010025bd7000fedbdf250e0000000c00038008000100fd0000003400098008000200050000000800020001000000080002000300000008000200000040000800010012d5ffff08000200fd6affff3c00038008000100f7ffffff08000200080000000800020002000000080002003a000000080002000900000008000300060000000800010003000000"], 0x90}, 0x1, 0x0, 0x0, 0x20040800}, 0x24040000)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, &(0x7f00000007c0)={0x52})
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r3, 0x8)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x881, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r4, 0xc0045009, &(0x7f0000001080)=0x2)
ioctl$SNDCTL_DSP_SUBDIVIDE(r4, 0xc0045009, &(0x7f0000001100)=0xfffffffc)
r5 = accept4(r3, 0x0, 0x0, 0x800)
sendto$inet(r5, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
sendto$inet6(r5, &(0x7f0000000040)="7bd634", 0x3, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x4}, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r1, &(0x7f0000000600)="001a000000000000", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x1}}, 0x3c)

5.920452956s ago: executing program 4 (id=1317):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
connect$ax25(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x55779000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, 0x0, 0x0)
accept(r4, 0x0, 0x0) (fail_nth: 1)

4.112001266s ago: executing program 0 (id=1319):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet6(r1, &(0x7f0000000280)={0xa, 0x4e24, 0x82, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xcb}, 0x1c)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000140)="19feda6944828134acfb5e756e64709a23cc1a69b19c2d6c334857a4ee161f2eacbf3cd8306f468633c5e2474138e254e8e4100af84e6dec3c968a845d013ddcfbe1422888093d4a9b5b83f035b9cd7f6c77cf66a7f90536d24e196447f3b2cd47994267c6c983bd2cdfb2959490e2895a0e46de526ff3eed08ce511bf6407777c6c49f6f33a3a8475a8bbe52f5f4be88933dc60b4c66b830c1932a2154a0600000000000000785151211e82c79b7afd1233e774931cd55566a35093e9", 0xbd}, {&(0x7f00000002c0)="55a6efc8a2d1822ea91b79d555633464e9c986109ac48721ec54a158621131efec0994d1f7fe77dfaed31532d60905dbc59b99718dc242890ef0111d8cdf9d0ff327803db9380606abfc73d091907e895dc45e4936527300058962cfc8a616da445762591685040ef18a27c2bf748050bd54632d142d219ea52df4892f2b13ff12e85dad315a8eb696761ef48db2ea5b156bdf279c690d5b2f7430ecabf97cf2ff7c0898fe690d062b12c5bcf018f6d7622c85fc4e6c12f66ffaf15d3bcbfb46ec43c17c4350f2bd411c9f9d64c10bafa0ba7a0091470e951afb670a7a95056a7fd1046b54e953b99c66dc791df466a406a4f162785b70186c16cc002912b0ef559b1639e80848d6fa4e06faf46e806f6e0e032f3fdb22349fe34a3c4dcc350ab9eb4a849724281318e5b392d3a50f5a3b411143af6030501c629b1f002aa7bd8935e2af6dc4a1ea02ea95f44000d9af315061c8e788199d46b12569569989348262dfdde23bb347699c647a096ae6c73a7d6eab875c03febb56731ebc1d5ddbd2607e7eb1e1e9d6e253df7ceffe8b590a353c1214a982f3eeba209fe8a55b3038f150985e8b270abee28d2ec7153dff74342803f673d87277c53691d65aca9304cf60ce53f35a29159ea6b19a14fc6b8d7377875e8a922aa0950584ae6fba591d8df6108b16a410d2f6f7494ca31d0ea8c96d60ef441e0c871bd35449849c60a93c773f7cdda263ca3a5e654390d97a7313c8f5ec7d9dd9de72cb7344ea61baa9f384abea250b817f886c7e19ae81fb763df863b6393972a566687a2d4ea3228e23b5a46084b597f36cf6844a01cac8d272d6c447ecbe251f40f1243357912f562119039a69b6c2b8c0867bcd8bfe72fd097379a1695c9f9b0bf5c78c3b59d3d1ce4e66aaff3cb2d2d0894a28c1f922766cd20c41f46bf7c6f3706b5b8d0e7f808b73f64b1ab02df0618ab12f662eb8f4973a86ead28c2d9321b155d5def08156d68d3f89fb82c9fd9e88f60656aa87e868fc75fb7491ff570927d6ddad140e53ea20a8e1ed4129a1be8a923798cbcfc5fdb492799971d48502e3a342c9961c8bb0626bc9fd4b491f4cd8c46c405bfe8c2f38c6ac8ed3125ebc989a313fd7c6be358f0c46df3bdff67e0f3034509a027424f316f3f9ba257de793e7131e1801cd7aa94c4c0af3d6d882e0856f94f2a9c77f852effd09c22aebf6d1f97fbf11f63e8abbecd90c2b974263be592b4c7003e595059dfbc9d56a603fdd4480395b85e488d0b9dc97d75854f9ec86d9c969514e211fec6db4f59156df08a74cf7e8257591b3fd1e2de6ee15ce7b16c353d40d0e1545a7e65b8f7df15cbe14bb99ab01bd4741dc19e19f6c9f89bbac0bca62affc582159b8dfa3d2070bd441363327de767e6ad56e54a7453368617d468061f4490fc355264e030e3c15e733892c904c11595121ea1a32fb61231abb87fc80a50b4b458dea26fc20f55deae1e36d45fceedfe8bb906b8e8b0056e32af2daa643a36bdee96d80adb75fb02be9feeaab78f6a347f2c980a8d1c7430e08b312dc1ca3bdb99916b167af2acd62a0a0bf49ce63ebf010ba234675d0c25b1b0707564322cde983c6a69a02b3f997fd0f46e71f3c2043b7feb3d1ddf12811682c9ff0cf557ab4445d73c22dbedcacb1610be24b8ca8772827c7242c60bf13a8b3f9750f42d1d632b9008fdaed3801b09fe649361e9e5eec4352870b76590996c492b98ba8f4d15861e3db502bec028f61a8f77f84e2c2c14d840cc0da9bbe5050c85a9eab97428a1c2dc1167c4a2e2a5e3e887aab887484f0391d0926e738ed9664bbd9bfc9c80e4aace375068680789a9011fe1def33d54606b6c61984be405c8bebcc8ca62fa004b060ff2d8db4bdfc33cfe4e5bdf9fdbd801ab9a008e39576bbe70b544fdae199e6c8f90001873a9214eb9712da6a496dcb536c7ca70426a660a81cc1f046b90dfb49224f5a756f18737349ac2382478774a5f1f3b6fced06bf6e395e7d9f8353911bb0472fa95359bcbcd869ea3f84e38ad15a5bc733a5f09ba85a43ef987421f9f2002342b88357c5efb39a0ecebf3ee497d23eab913d0d0fea3ecb243c5aa628cce74b439d99c02018ae0479aebdf0493c204a0872dc48cb0a45a0a4cf20863315539fd3430b5848fdd0206f9450b8030be6d4f750f17e223b868fe1305ad08fa71e65d4fbe48741767920f195d1efea19730ec2329c42fd301e563f38fcb4f9e8cdd1edc5e483846a624af78b9df4bbf594678efb0b4e6e2818f4b903103bb08e56df973c6cc206f7f854a571b4fbcce23a2c2abd0f2722c9f6d25868547059fc48ba5798e793fc6d86ecaabbd7248c86597922756849bec716a57b0cffd8252bf5b21f90fbc7a22864eca67069040c72d30355285c6625c95086238356465b3a0c17be67d4554a5a1c4643f05297687fc2d28e6dbf9abe19127173928555d8e75bdbd6a89073e42f266f1eec2b0e8806be1f6cbbca29c0ef7e18c8ce0c21c276fb0ce6c9d3e83b1686fe27ccf6f7ba6f8612b38bf6f4cd5830b206924d5147ddf91ed6b7e0d7c7685a14eecd73bd679b1d677f6bb07730cd1f6df259f7c5cb4a356f015194354a7cc4f119007670b1bac369803e26bcde1306098d71a7bbb5c271de85a94939c6d8d391694e034958b9a53e0874d2d18de0b7b22ca3cc61df41f8b0bc9357af4920d7d6163dae6b272005cd78a7f5737fc8ea3d1c4ab087857ba3d72de061ac19a3bcd49f68ba7ff2eedbfe95b517a7bead8ca4b7880a4fcd0572e48a8fca6141ccec3ae06ce11199b7a6a31bd51e350d571c0c8d0d0e4de08acf1d47fd76331df7c54603cb1a0a0bcaeb02d8b3af5fe22d7d93fe924fcc2a385dddb8b00576d6995968585da197031cc2b2308cca6f90955a66869bfee0e9ba92c8cb46e3cce480e24f70b5c121f91a1c94a003b4f0c1f6338e514973ac7a4ed66105093be09feed1991ca04a4101eb843dd1ed9a5f4f801d79c04996b996055aa6ac8b967faabe43759dde29aac7aca7693f77277b754d68b4c1c42e82f0671f8a39ecfc1457f701a947fe93a67b5240cae348e654df5777170f12e29843e4f1f3936d2b79ede203d1c8ba4f7c8d29e332d2292edfc4229875d7bfa46b0e59be633b02771eafb70222166c73c73207219d9199b6fd2b38af349344ed4b1de2620e4c03791a929443c6b864219ac44a03e182a047350a249d4042f3934f26017cfaa3c48b4178470a140457964c3efd4ba30605163b40371f7cebae940cc10f24712a04e204c9acdb9e66d9235760ac9d11268ad1a1d5f70265d2061b9a1944f5f33d4087a91fe855527a8c57fba3385e331ccf22fcc00df79a5728d20cb7fce87af7b5c5d565c67e3546b73141192c280e22937053c7eb604a07eb3f7188b0cb7e21205eeed3df6257724571861e1dce8ef5fa643ce1775504034fc45ee0a0c1421c878e20c1a458902785839453174e8231ca1a098cf3eb81436066054efef868ec2b62f5a897c401b3db08fd24b397b6d80dd3f4ff57792ed5d2ce53192ac7de30f939001e030eb57231b0046b23bfeaa63176f8d37cc1600178fbb716781131d1f44c50d8b6f92cb8fd73962e020012bfbb7c39ef04fbb1ac0ea76351b1d1c632c07667f82c620fe9ccc03db477b240564849ff6bd5b968ab751713e22fb9d51eacbdef999b3d0620fc002764f447cea6dc9079c68d8c53f4ba487233f10616f31246098619765fe808bfe5297abf2907b215666ac03d04c135981b0bbbe4e345165064e4ba2ae10fd90d289ba5456b81d61110e5076dc390f5e1fbd4f47ed39831daf42bc30071b45d80c64a74eea32fb6e6cda0ef1e18d9be3f29a9bdbdfb1dc839b4b7c069795f7d1b2da1e66837e00396e843015c85c5e26df954443dc193d4222bfc0100c12d698949b559f5bb27174e0867951a1dc854da03f96d175347c1ab54dad75e8a1a50e578d0f9aaf36b00c41083712cd0ec5d6871efec653b2536da1bf0f127022e1fd5d97a735f735ff9bda1909760f544c707de202675fe43df52dc83bf9c61cccd0feb5de6114c8555d1b81436db8ff9c43b3628e1fefb83221e18c0d0a190ab9b06777f7f940c1c195d8640a58651fe8c0570f45dfbe92df9c6df03366ea3ddf48d08b798cd1b6e26b8365be71ffce72b73266d819872bc198f21094a69d84fe8e1852423379ba2cb2e9b02135d679a865a48c332ffe658f58c5c942f1454c01b0f5845c1cbd08e9e1c01a0181a61549efe93ee6d6489583ef26ab7a568dedb47688c0722d323bc081103a341050400e1b869ea86ac1232a5380fbcb02541935bf93d1b47ff491d51db2848c66891fa80562467d962971ecdf67cb84772e0bbe54a8d2577934d39093bd9636a1ffce4ec72ef043251807c88f9cba4af5ce33704db72f1e0011c2fcac82659551fadeac87416537f27e330d1b6ba7f1d63847d6d5a69382904aeb6ff6c0d1dbc924daf52fe58395145d6dc927145b2b2a5602ebeb9c9f8a69e522167f922b4cc9f0a28f5187f28717debc82c1651c198ed40f8e742d82ab5404f4f5c9355be859e5e92885b25863a3a2abdf8c4b4b4787345704a6b83c3725bf7a87e5be71cc123e58a68260b043ab510f6eef300bbcaf92a4a61b78a4923d8e66f695fe7721568f9c4bd333d7085f66b55870c3cd6a3b2b95191b7f2eed929cbc91962e8eecad90f0fd28592eac9330d01471682f8a24fc81f05adf81ac00142aaa5b6398e14dd48c329de9ec1634937115b3527da642b3d666e26384909ed78a7ba916150cecd15381108c4d0093348eddb1fa30da7df29fed03145100e6282f404f23a2b9bfe4fd1e5ef4a459d5429e5810b5d0e44ceb06d853c78db88c495c08a3411dd23b7fa37269ce9e06ea4e22174447cd2512e6bd728d0665549be033199e43a98ad28d705242d6bca29a0c3716d755426602649e9a90fcaa52a4656340b7f156a3ada61c185cb6fd1cf6b89f16f5d6f2d7b74f1ea1760eda3d1561337bf255ee7dbc7e045bd98150bd1a6950fee9a5921ebfda8e2b6426760a811a92684220e50241b5d4fbbea7b35decf82c15565f718032fa91a0f2acb64a6a9c1ab2d48b6ab1313a4570da98c657f595981ad106deee6e3a8803ba5e5c1a496f53f326ed868ef683c2f1ec810bee51c101defca4e2186106071315e141cdf4250aab90368696649d9aa4504991e72957140ea81aa819e8caa352c7314c1e8da8d33116a7ec71e41a3ace06440ab3d19412eca55e8c12a06feff02a98ec9f18ad4acf9aaadc1f1ff19244b4f23d57d3cfee4e8445347fc31a6446f9d5584cec857c2ed7a8310b8adc59ce7f1391beaf122e8a54131c80faaf9208b4fb40670118cf1ea92123bcc859df6f286996f21bd1e4f5e00f6f7c51cb0c79895b2da4c20e5e1933458eec03a80314ddbc8a1aad2cf91fb48d686c3698b97bb3fadfd81c677f12d4c82c83bf8aa01401a3f0619b790b09e2e0481943d6e060e97e2b04e55b8c2d184928357e0a865c379166bc80ffc8c3b6f358c2ba8b9ddd711b6f9e8b0d53980d8b918fa851032f6d438ed5fdc53a7c14bfc1aa92e68df584d1f692fb5301707240fcf5ed74fc403bb44780b1ffbe8683934e2e25ba801d318bd4a98a5b10bc02bb6b78e4f4f0ff7d789980d4a68afcc9ca845a11bede955906f2238002103d7226fff364c038c23b9d2f2e8f8bde8de4a78d7df791b4ac950dcb1e070b1ad2cb71e558009d22fcd652012ab523301365774635a2", 0x1000}, {&(0x7f00000012c0)="768ebd32d24eea82388999410ac21e4e5045fdc7b1f925366f76ab9050a1429311870e2f80106cb1100a31151353b01631b017d590bb7d75e9c6a0e4d3de2c1722dbe105c3cff4fd5ed15d04984831bae2393c456d365a75d2ab67e8100c36ea83ad9ce7d612680be49cf699778e875b8524785c96b723aaf87e0cc38939f1f6dc238ef87117770e077e71f3e4d757688e4a28eb27936dd376512f6a307677b69e97ce90f005f3e573092245b2e8ac6d9f3d79256a8c3a0c61e4d3cc7feb0705e1be458ea5de521a335061e9f7ac632edfebed1c7b9510b8581a40e7be0712fff387bcbcd762bcf434d0197198315fbbf1a0c09cb31af8c030578485c7ef8e4c94c3f21ad800f3cabe4296652735ca815eb3e69001c09d6fc76c095c5b6f081724a992ea4d2e27fddfa082366ca970c2a7a245bd41af9ac1c42d8b2cc4a55b6511721818ed5fda27960c82683eb24d5481b9cdfcd6a7c4d50cce4eafcfa4c2bb150fdefe54cc4f8eba61976a91132014a60dc84913cf311c984c082d3231093a5664fd94c315caf7722502cb4e2a4df29acc852a727d215aef5098b5c9c53740e7b94e0e46b3c1861c9f86ad75b6d2ae4805534e90b9c9aad8cbccdcd14fc61d880edb0533be254798f2737b1d821b74496f934353df5a67daf4fbf3cf85a1e700d67de9707c0583f954102e5cbb484eb33b076dbc95e83f8883ff3f2c194e9146c5494bf8c3d6fa7b9bd06879b7ef0bc52e43c6c162fdbc95429da82405cb238751d7669212fe0f96c7606d1d943243b553d721752bbb0ba56c1e79c7215605d072c14dc95c816633aa858bcae6a132b8139dcd3c1e73409fdc4225ed0a1fc3e23eeba04bc12afd5fa60f5871eef3120113d78ff87a02bf0466f1e70cd4a6319bb43d485980814227ca621b80e3473aeb6d398d50418ab3be1209d6a97a4270ce7bd248fa677a802b4c5430fefb7f1a7924ffbc44a0299431838896b9aba0555ce5ec2a61f8c4ad46cf65446a58ab4b42006a71bc56681dc6a4b6fdb40f79f798d868055acbee62e54ce8e0cb26ee303228c1a57ddd4f7bd428be40a4d472e7e682cbf873af7a5c49aac8b127d887edcfc0eab4d833d037de4e684f5481bdd1ca0abce9a4137d300df72c95548834ab0f746e52fba3cb5629d6af1f75309325cb7110ae84311ff0dbbedeb6ab27dc47a5910f7568c11cb2beb7304c7b583336f6aa2d75ce2fe931833541695bb78b7e77c8cfed61e830f26968026bc87a0618bc93fe24bd1f77e15f879c5e917c974dd4e1727ff8f441466fb2f626c1dc4858ad038627ed2a6820c0407a4789f7cfc3299c78a8f0bf3c874e79fc24d5c0b6952957225388942ee4f5c8ee19a9dabf4763252e00fa92155dfa4efc9875749201af3f952d87874eda42c9700528020214c41e02da837c25ddb27e01b1a60366d5e9813708593e636c1b5bd634f67783baec3ad05cb13c59532815869901eef610fcaac51e72fd7a682a52c985d26ff607405e4d10c9ff7b572508eafb1af57034818d5ddecf0027c4ab3a050bdabd7f4760d2dfcc446c71a773dbfe0acff9b9230deedd08383ebb974e8f20a9046b63f8653970eed7cbec7e7420dd666f27db13cf4e2f62ff60f8c6b9cad520fffabdbb6b93b57450792a1c4d7d006480e88267c0962f3cdb795b74f0f43ec00d630e016c4ad1c245606b07fc02666852a8bbb202153dc36a1abc9c2d5ed16d12c9d3b8a901e71acd8b53334ae7affbed500c5bfca06d88817bd53c275c6a7c7cbdaf7e6fe8cde66f113a0ced4c9f197f6a72d08f9667fd42fdfc502a07afffad251de0f9e93e7ba983d295f0a3f190df97ccdf9fd964325475ea9f228e59f1f1ac393811671c8274db1b410ce04f7e944c678edfa964a8dcb76261a40de9b6220826a25d4333dbbb1f7cfced697aaadf4ca465c92cca537cbfc9ba523b8d26e256e788e4f7a2b53b08769ae6b6df752bc13c2e022223150254fbf975a0b532eea3d2eb873ea12a06cab6229d68e94a519220882d7c4239a6706906db2b33ab8b5c3027f9d00b97fdf72c1a2c2041ba18409904ab9abf9ff22e92ee3d3e6cc220de26337bd1029eac9b0c260430c99ae718e18f4ba725a53a456cb3bae6454077849ee13d6e1f667dc3c144ef1d832b58c5165c81f50fba11d732fb4d689428114f2d9c6c073f57bc7f854bc9272b84c063bb47381c3cc710d867c75ddebd9b6a9fdf3004ced95ec469d2e5ee1e26cf6683aee878a695a309c2b65e0a7de6778096602bade283e724019515dfa5bf8fb989de0f24944b8c191f8b9757c39e7121630790a09a897c90d612f1cfd9d48e14d867e332a91615b3b671a1ecaf3bb1e521c87d8c5032ec157dac2102609cd0285ed85479e51c702a2d8f615ca274c408d0da805b0d4986a61718dde1da3503a544803d16d6d843d6b98f7aaa4cca45257c39fe3e1b89966bdead060e1ba5dbe9fcf1f681aa3402fea461c6f1da50c894a5d44d23011b761e6562ba30bb4ac529f9ec5e776caafbdfd837b1392dde918e67c682a653b8551b7cdf2ffdb3d0e6d1cd0130b1a9cba972791bb2a99b943d4e941b64481f370a52640bb1ae0cdaaaeb77fbdbd072575bd99aa5f942599ba38c15021ed1468d04b544cea3aaa99765e2f367f0c214dfc6e52151c01c8ea56cb5d769d7f96210f40febb47b3b49537d09ee42a76904ccddf17b76358029cbc63b4d11784a4e2c8af0cef77e823c2ed0fe4cb0a726f0f90ea477de502eeb16bfd94e013597acc1d88fa62a7ccbd74d5411ac36a4ad2661c54670d16a186e00185a8ccd6435b88b134c4c53753089c2f50662ab3c2061308beb67d823a7c44d937fbbe7793423d43accb5c7ff2edb25a25bb42e02c9653bc1e6876b3ee66467d6225921e52e8204a8f30cf364d27be8f7d2286c711c65f2aa83ad6a1c6e6a75f1c4f7007d02b44877447e9f1fe272357c562f24670c6ec47150be17c698f44d512f8a58384af0d8d41e9adf9517c685f368a2728314e0019edbe73f1c0b3fd2a8b5108fd3f8016b9c456a6c1be7481366d0701ea1f3362920cd77b3125af8e4bd1de81e477643639147c3606554a7f9314aea358a1edff2354da62d01fb68b3ae675e785d8aaad81e10398dbef6ed7ad048b75d26c9e239daf71a3e813f69486eb7183dd63f36a2f19c5861a144edfd15f0c170ff0e4bce3fc9bdee3f256c3aa716cfe0378c534e45099888db84439475f2580f615f5093ff685b1723a2a39f2d7236358a1012ece1d9fe644d181c680c1ba39637bb07c6da6183869db09cc00e730b27aa8da5fc5e8931b4793813465fedb6ee812736b6471ca64590f9333bca212a7d476928e4e2d6b2794882e3ba774b1be8cfa4f4ecb8ad564c19c3f558145b2f2518d6cc361c1bbb173dcfdc26a375b740417dc3abdd15601c16b67c8661faecd566c12b407c85d829621e34a3d03418c3efbacd9f3c2cedbda3beef4a85474c0806d0ace4a7791c49d8ab92ce96a1ce4f3a716970bd3f62faaa4d9c592fa7b28e5788d9d749c6ac967acb92e7515dfac0a7db0c14946d128ee2ca0fb438620139bb4e3ad6be0ec13b707b533d38f3c67707288562f2bde8e9b6c69b026dc3f48da60d202823a692d8e2faeff7b0d9a9dbe3b171d83251aa697dbb1934c299e807cbf0471a1327b5f8b7267292c7711e47480cbd31e7c561545b3d85a7c51ad52f23a5fc7183fde3a5736b1fd5977f502d47ada4eaca6a42f05fade9badcd06c011752a99ddfc5a0ba1f94abec2a3cc7a0417ec977b9ca86d886a745ceea9b753442f5c63bef5cb580ff89ecf8dc911e53e1d4859c913a9d9fc2576c86d25b8d500de093a1bdd70b82d56943e2b328b9cf1de7d14ac08fb93855177e3a83a631a2473bdc06b627ac7de1f261022aa0c554828db2faa4c079bef172b050043a7b4236ea3e9e5b58cd77e289c440fe23988b589b407023653bc236d82f02a4976b2401b100a4722b4ba7dfa4416b4b25211a578946fa203ee414174c435daec917801a1a5363748bb34bad6bb92e24840ae81617be87e4d115f51e246119a9975156d49b5a033b804d3dd89fd2fa9a1d2a368f7339fcd9de140747160b4c48cdb4da3d5a9a86c3c9cf8f097b15f6d58067a4bd1f1983ff624b3e6bbc55b9603664722de77a2700eb7eff1099eda4bca189f75b79ab0e5896a1457a32c4b619070f66bd0ab9687343b3e621a511e3d2ee445cf502cc4c4e13242445cbc1583ee24dd2a6e91dee667ba6f608323d21b03ae772200be6ba1b1644c2345d79c3fd16752c15aecd2e807de9dcdd261581851dfe6afd03897bca48167135d1d34a884a2c9f5c047fe8ea40af136ec8a6c6a372e6a5956b22bee4d426f5f47bfe7112fdb478a2316190c0cdd45fdfa93395baa989be5b262ee8d087199516bc1ff19026bdc53751ed7d95a50c867172619a0d700e587f5afe4dc12369040373a240bd8eabd144af9c5ca26cb6f702370ebb26f1a8988bae32ccd86d324d4b22afd890bd883394043a2cabb45b0365dd4e1c2a7f7eac7eeb1962ec623fda3d9541b3bf91d1ac9c58ea2e0b3c3c15b199075b356934561362f483d3b53412930a5feeb43eef5caf9e9fab11efcd43b8f1b8ec9505828f516f61d7b8ec532c9e4d0028bd256f2968e646d616d196434b205555551c6a57019b4a5f691e1cab334aace8dc126d0c4b90a54752d5caebda79b48672411a49872d4f3f77a378042bec032a6dd5152ee17171d8e6905207e8567e2812d8513705552c06503a8bc6d18ff938cf36ebc0a899c48a409efefb1edafd1e1529b2166177c111e2d168435ea17406327994100a7ffe71790ccb49a945dfed65dea8025a8baabd9a8780ce434595bd853d71c3b2df11a7588cb9dfb90451d45c9aa59e4a538c1efdc1aa7928c7f7f8b47cd65248d9ef54e33a9f187a0f90dcd1e9c86020d554c40d2043842cbce54f29ea4472b0aee8b74ca2443e8ea901356e1be2ac7bc8229f0d5d2e38ff0dab1922f977b077cb9762c237eb64c68cf2bcc9461dcba214f59e6cb816107610d76f5d64822762ba04bea21d043e51442d7ed6206e630e17ddf45a77f910b79cd1f268c014c033a51cb5bb1e9a8137690eb36454483539c72b8def2a53866561197b3e880567e5d384ac843a1769ece7117e55cda1e8c432148fd2560f34cdf225856841c80f1be060ab5191e5d70c04671879191e297b2d3ee2469f01bfc5a8b7f2eb19574b34bc1b6b8a6fe6607777da4f660ffbcceae0c7e22e7222cf9bd9f6e2fb1a60ddef37d021c40a471beb8a610568c2d555ad4626b1784c3fa38c1c504e6a7dba0d0fbd32f730c41745bb3a780b41d282cf21e27bc1257ef090613d8191f2f64e77b1b5f5ce53696193164e2ad699a1a6f69c902e84c4021229fa083fb14e9af3ba238d4300daa9cdc8aa7e6c0dd992ba9689563ed773d7309848b132e2bdc67c1d01aec3eee428bab2016f8866f7eb506530947cd5a20e4b38cf3891cbd9d47db01c7f9e425e866e9fa7bbb76f98a8e006022f32edcba1e64ab399cfed91c3d9ec79697a67649d42eaad817997c7828a4f3d6a20d84eca9610c30f2fd4ed8e47009bed06247398a6ea1643d0c9cb3c505ca160c36ba51635b8f071b0aa8651cfa466af6a07802c6e41aa99f70b0bae30c155b049b3f22d4ea5bc6090947efdd3e0d5acb79fbd4396e8e96b09b52c13801598b97bcc7eb1935b8b50f7fd49b39534af338ad34dde5ea994b212de2b989498ca", 0x1000}], 0x3)

4.091252086s ago: executing program 4 (id=1320):
socket(0x10, 0x3, 0x0)
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
setsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00'})
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
lsm_get_self_attr(0x64, 0xffffffffffffffff, &(0x7f0000000040)=0xfffffffffffffdb1, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001c40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad67060000020000006a0200000ee60000bf250000000000003d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56601a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8d4fee81e3cdd5daf2cdad3d1a74a2f078aa6402483856a6e494408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae060959c9639564f000fc3cdd05a1575c91cf5ba8b2db403681ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f8000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcba6ec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0d642986f8bbc7340bc6393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d6812467c1a4186edd036f15bf847c50f79e1a0ad3d2b5080ecb0148e2b86177869884ae62420c9f1b534e969fce97ffff070000000000dbbfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a0c3e28f359608ea326c77a1aa17318f392a0ec6c188916f452533d4327feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8668f076c659f56d6c7f97a96d6cdf45cfe88b30c170000000001000000effbf33bd1becb0de0a080931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f2be09295e4a8da03d23b48bb38b31a14ffcddd92c38f6b6d86a0e5ed47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f130000000000000000000000000000000000000000002a37163e8d7ef2f3c58d045f0700000094029acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x43)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x4, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x28000010)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", '8\x00', "bc3a20b10f4ad11e"}, 0x38)
sendto$inet6(r2, &(0x7f0000000080)='S', 0x1, 0x8000, 0x0, 0x0)
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x2, 0x2d, &(0x7f0000004c00)=ANY=[], &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})
setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x101, 0x5, 0x1, 0x9}, 0x14)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

4.081629203s ago: executing program 2 (id=1321):
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_connect$printer(0x3, 0x0, 0x0, &(0x7f0000000a80)={0x0, 0x0, 0x13c, &(0x7f0000000140)={0x5, 0xf, 0x13c, 0x3, [@generic={0xdf, 0x10, 0xa, "b6b53d430dc983ba2115f910916f2cf7ad406bd923ac54ea44dd7f2e19205dfce1ab7c0e7074f248a2187e4d3283b0126784008f7d21758a28a8b0f2bdf2ecb9b18ad01db593109c0418c6723af7d76c9a53170556001160a3a01868d92306cc35c232c258ac6ac43161b649b3a104601e59f2dc48836869f96e0c3c51a490a71a409504bcd4f82f07442bf5142ef64a3cbc596c4e403134d47c3d6ab4c9f7a9fb87920d0ebf1954cd8c567a67a32682415a3a75f7b777ce811a31d0dc80066d09d2f412d55961431bd54111da473e5b63e2371e7840547f9fa19a3b"}, @generic={0x4e, 0x10, 0xb, "f310f8c5b989843bf002eea85763e653daf4ab6736db074e4737c86bf9f7f80398450d48b409ccb526e15b25bbb6ca7ee3979be459a6dfd0d88b7c21b68d9293bb8ce9d3d54f96b3b93bf8"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x6, 0x7, 0x4, 0x800}]}})
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x0, 0x0)
write$char_usb(r0, &(0x7f0000001300)="92", 0x2)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(r0, 0x0, 0x0)
syz_usb_connect(0x6, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc8, 0x6a, 0xe4, 0xff, 0x830, 0x3, 0x3528, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x53, 0x0, 0x0, 0xcf, 0x44, 0xe, 0x40}}]}}]}}, 0x0)

3.921586288s ago: executing program 1 (id=1323):
socket(0x10, 0x3, 0x0)
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
setsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00'})
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
lsm_get_self_attr(0x68, 0xffffffffffffffff, &(0x7f0000000040), 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001c40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad67060000020000006a0200000ee60000bf250000000000003d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56601a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8d4fee81e3cdd5daf2cdad3d1a74a2f078aa6402483856a6e494408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae060959c9639564f000fc3cdd05a1575c91cf5ba8b2db403681ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f8000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcba6ec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0d642986f8bbc7340bc6393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d6812467c1a4186edd036f15bf847c50f79e1a0ad3d2b5080ecb0148e2b86177869884ae62420c9f1b534e969fce97ffff070000000000dbbfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a0c3e28f359608ea326c77a1aa17318f392a0ec6c188916f452533d4327feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8668f076c659f56d6c7f97a96d6cdf45cfe88b30c170000000001000000effbf33bd1becb0de0a080931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f2be09295e4a8da03d23b48bb38b31a14ffcddd92c38f6b6d86a0e5ed47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f130000000000000000000000000000000000000000002a37163e8d7ef2f3c58d045f0700000094029acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x43)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x4, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x28000010)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", '8\x00', "a2ee19cd0c17c2c3"}, 0x38)
sendto$inet6(r2, &(0x7f0000000080)='S', 0x1, 0x8000, 0x0, 0x0)
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x2, 0x2d, &(0x7f0000004c00)=ANY=[], &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})
setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x101, 0x5, 0x1, 0x9}, 0x14)
mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xa}], 0x1, 0x2)

3.633130592s ago: executing program 0 (id=1325):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r1=>0x0}, &(0x7f0000000080)=0x8)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000003140)={r1, @in={{0x2, 0x4e22, @empty}}, 0x9, 0x4eb}, &(0x7f00000028c0)=0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000180)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x6, 0x7fffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)

3.144106205s ago: executing program 0 (id=1327):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r1 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c24020000000000000800000524050000082407000000009e0c240700000000a3e82f07070d240701060000fd80000000e80924030000000001"], 0x0)
syz_usb_control_io(r1, &(0x7f0000000140)={0x2c, 0x0, &(0x7f00000001c0)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r1, &(0x7f0000001840)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000c40)={0x84, &(0x7f0000000180)={0x0, 0x3, 0x2, 'H\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, 0x0, &(0x7f00000002c0)={0x84, &(0x7f0000001180)={0x20, 0x0, 0x2, '\x00\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, 0x0, &(0x7f0000000b40)={0x84, &(0x7f0000000380)={0x20, 0x13, 0x2, "69c0"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, 0x0, &(0x7f00000004c0)={0x84, &(0x7f0000000200)={0x20, 0x14, 0x2, "b005"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f0000000180)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @map_val, @exit]}, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x1, 0x0, 0x1}, 0xffffffffffffff39, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r2, 0x127f, &(0x7f0000000080)={0x478, 0x1c00000000000})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x15, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0x18, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7f}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xc5)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000380)=[{{&(0x7f0000000340)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x34, 0x0, 0x7, {[@timestamp={0x44, 0xc, 0xc4, 0x0, 0x2, [0x1, 0x3]}, @noop, @timestamp_addr={0x44, 0x14, 0x34, 0x1, 0x1, [{@remote, 0x5}, {@multicast1, 0x20001000}]}]}}}], 0x38}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001440)="85dff603fa879b39113a08a1093289f99c717206c5b08001186e16ce44c5f0035bd9ce957b1dd95fc8051b0eecbf286caace45ad8b80e26b0aeef1468c687004c682e047c32850343ba97bc52120e7a895233204edd323a11b0461072c5cdebeba138897b9c1a071f0bfc15f1b024944a81542a345bdb75f259312460217e7ffb19ade0cc2c6c137799bded0b8bd7e2805bfc8d99974c302d959144667b78d8d3f9867441f3bfc9742b3641cb654d12b7a799c24caa7e772b2332d9d98461853feb6fd8a2b8ecf17f283850162afcc144fdb94f2bf8d3c689daea7ff2e29afe53223eb9598a1bf2074722d3aaa808b89f4197b6686b22dbf0a32b121bcb042d6ef95bddf07ef700bf9443365b7eab80d23d4ec13449fd3e4aa5605bfd49dbdbde9fe2b026d1fc9b45cae6c83a1f464ecf3f08476c2b18d37cf6cfdb44bce777961be324bc5f8e91289a8687102143370c2cb2d6aeb033c895545cfee34020367a1208b1c17012554d458d20f658132c6555555de2d0ae93812639206970bec37fe4cff65e2fd118c550b7c34bdd0a9a406aca14670701778ea28e8a49fc95ed1581bb2df7f6ce07f00d2abfa3c5ce9402c7fc3f2f00d2c1e0d654681a9410a84689258db56f9cc6b635950b0a939dca6c40f5d9bc46b21a722761762cc849b1a062d246c8170b44475bb33e08799c32627c3286396da3300dc83890faffbfbdf14a90e196fa78b95f2fed313f9ebc4d0e807d5abdb4c8e3481e22eec9cfd249549b2f05f11691aa0faf617220bf0cc47d9647236ce2843f94d25a785718b2929a0c272b07ffb3ea1f01fb46dc990404ebc2aed4c282a9457be7728f6c82756b850b9cf27f1863d4dc35de6d921bdfc9fd8142750cd97023dc3ea2717d456848d9f24ebd1fb0669b23d2d727fc5c078960644fa8ae6c5691c7a4651089c2dd57027e7f4646fc0a4532266ed09c58771f4f58b1f9fb2a20efb8462d9d7561b1ba354b4167db3917f1ddecec56283f285b299ab359e990d58f1fe75a053c891388e40a21b206285a29a430046cf204baca1d9cf07bee044738d9e8a029b97142603bf8e08489e937176b3409f3f6381277558b0cdd8c0561a3dc8209c6b59113ec387e5920039ab6480b807e3909b69127370dea4afed4ed2b84fa1f6464cbbd5fe6bc5fa0ad78e49b86c7b5f5205fc141e431c28f862adba49d4a241711e0c6630e3790af53c99368e9cf1dcdfe180347a8d3dcd14c6c56be8a3c81dbb76de7be69e0416956f974c5eec306ec90b3942777d239aad82883e391e3be2be4d3c39da55388fc083d0d7f2c4e3b8541dd09e973c5451df68ab49f998f155210cc8ef131480a736a0d7f7e25357713f5889e170f8aa9344879cc9918171d45c6e6f2a84ff9910189cab9aaefc7ba95d2371353e3be2e98b917afe8dc22ba5e6997e1d05bc8cae862bc0c4736049843ff7805552828280f855cbb27edcfac248816d069008b18c23d28dc27d9719d145a536b803d2e481576b5a5387f6cf69b014378418a1954a261fa192487482817de010e2fcc2932891e40b8f253bf58a0f4d01db28c7513597a0ed42ad48a7b63a5ce2dd4e38b824e641caceb870cadd79dc05157e2c7d9ddf7ee16665dfbbeb29ab4326554b103ae5bdb3909a8493b5df543563e239efd41aa8c1292f59d3a8ac4e8e8af6044285b8eb1828956aedd9807b7389ef510b7b4366a6f80d577fcb76df0868c8283cd074cea315bacd7a6e4695dc168194e47b8e4af14f07bef4f09a1ce70630c8fa24f7dd05c714f44e84468af8e15d252f47584c35cd21f4b0356b6e0b721290dc2c602839bb49d53920db5a1224a90799ff348ad4e8904da15d453b0620a03b3e4f26312a7ec1f3376c99d7ddc4f9a6ed05e3dc0ef496883d9f89fbc1d95ee7a8532b6b922f31d2761d19910613a18bcadbc72455824366db35ee91757634d9942af6eebb2b0bcde4120f4c9ba66434cbb95d91a64a86bf535b79e2ee79865dd12d8a2d509ab506d50238e48141911a451a1273066bfc16e4e6bbdb6953a6fe62e836c8630afdd19a44c7b8b5be6e6f0f37c25121a6c48746ccba01b0ee172d1f1f4208d18e9cd6743b42555aef06cc3ed1400b1a0101eb3b447a80d85394a52f91fe16892a6d42a0b23dd756c15b6958bba8c7b5f88cf7ada2a11629901db1770eaf03962f661249d241335d1e87923712cc38201b0fa0477979643c831d539add86d154656a0122fdcbb5658a20394c56ecd1cbd97b3c9c94900b0d1cffdb9078965ddb9cb7c22e24380818c696ea962e7eeb2f058f7b56b6159ae65995230bc33192d6d45e3d2823b65c97057ee666b8fc83b039c2259e2ab746049e7849b52225b8e42d415628036fb066071a1ca7f74c2cc0980e388852e248c67e042542d6ff1e022ca7f2a1f434bcb7921af834fa89240b1152a588d4a0a99503f72794f5798d20d9168f65c0a8c0172e1b95cafe9e246f366d57c19ee7857bb03a1707238ef49cb58695a01a98afe3ba8d84794a3abf40b88340eb4c01cb624cc69eef10a6c0f04a6279d12d1e15a019e2292dba7556fca386e6debfb14a9c2646c363ace16f4edbe88a0e8e0e557abe1801cf292877205b245ef1bc1ab3bc96531a5e4334f199e0cdc9c1e21f89ec6a422f22e8c5cc2bfc9067f89992437b2a567216f757b8a779dbc99b321028be90612e23404d057b6721ff9a6e5ebd7d3840bd358dea2702722cf9913801950afd45654f99ff33ad7bb67ff5b2ff318ac4eec270d362de5bf16a8556a2e4e95b6809ce0009fb55a0469282288f85a933eb6caf232ae8445016df36b798213b4ffa38c2e0f28620d7a6996aeadea297399d8becc2552beebe253d435afa8369c60cca7f321997956099cb6b7b5cf502028ab9ef6cb0129ec93e8a1d84b205b68ad0bcd6d6b162c766b4d2a9468c2fce03b746024970c346e49879fb2220150c39a2f28595a4b7fc714fc623ce880ee6a90f634892cd40b1a28e9dc5102f93707518ffabd6060beaea25d77b6c62f9491a0a1bb93dd2ec5bfb920fd93939ccf06203bd8e85e32f77d4b619224215964dabdbe3fc0caa11a16ae56843fc6624c4489d728d14215eb6007dafc88d21430eb20ad8d5dee5f7dad0643ee4a32ebb17f720af85f1efbe92e4eb6cc13b6b3cca43f08c1592319cd129fe83baa6deec1dafb2d1d26720ad997d123b7d606fde25dac843eee405aa6a4e19fdc26e5a8f089e53ba33e30e81eb87cd5dc6953d424ae7cb310d5631379ac1078b6c5fb018ac941d83ede9f5d51eaf1ce312f2255c9bba82f751cb503e83a17d443769ee4c46fd1e4c1100e794327c52f03b9a09a590bc73b9f9a8239854b1f8e5673d6638f2a13793dd92cd8c816925cf881111fbf6bd3bb6efbc7cc6fb354d9fa8a98b789962fc344974b228e9fe8279ee99eb836816a9c7203a66537e52bc4128b0506a110bc4ddb325342232fd8f435a001719e05a9bb8d0d04913f896ce4770abadab3079f539fabea3b223d760cc367d357136424e93c57c48a7660bbfb408f44c94fb5ba51faf55e03717394afd1e28059b6955f06f075f5147af0ba90bcdb56204e922202e9287e33957e60498f3746d8b19cd8d162a0746eddcddf252b36879279db2f09a32175186d8e0538ab4fce4594b9800cca618d23a25358e529baa1461ac95f244d8435170162a3ae82e150c8685e4890b0e662cd65357ba964b351d726c9c87f3ec1340b8f8ed7d6361c333693a7d5a27008da56b56c0f343543b17c885c679128ca11f432db007f7e534d8597b50a8ff7db937f90c82787e9b0eaef8bc0b082e5cc5f262c5cd18e00fb0bf3714206f0c6f8065e6c4c09b54548993888ef85a478ed6dc33fe1e6e4ab4d2a4f6c53a95af77cdabfeaeb5e73a056f4a25d339ffdc18a9acc07b1d25e1f61d8b9940d73ea12b5a6782a1fda18efa854ccae307c77d8329be08482dba7299eff971b7f4fbf50c787ebe09bc24e93c213085833a7c120819c6d9d1c74ab48d1fa5446a8e3e062c64b323b0d6630e3192e90208fe6ad333c6c66bb738700cb30a88393c74d9e029ddeebcbe3027fc5689a51524d99ebdef1ce7185d20b4802b8877675937ce94491d4ada7a0079eac311dbdffd57004811f563c41b72a306367997b28208becbdddce0a2e5abf53e61d4811e569a9cb9ff654e69755f72b318a5b43fb430c502d7805d4614beb3801e76e8b2d94bb44c9f", 0xbc1}], 0x1}}], 0x2, 0x40080c0)

2.78749603s ago: executing program 2 (id=1328):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x4048aec9, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x14)
syz_emit_ethernet(0xda, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd602a1c990007880000000000000000000000000000000000ff020000000000000000000000000001000004000000000000000000009c90780100000000000000b0575c7b4df2bddabab59df4a56afe54ba6a5d5d0d170fca692c77733846860829accf2af44c0e1aaaaf532417a91cadd9e6bb82310f80cf64f46c761191fda0a250498ce1b5c603debf9e05d8de03dc3d73abde0da6c68c8d2dab5346224f905b3b904310b3bd00975f0a9f6cde9c5018586db672628c1415233979ba3df3d8a8490bce9cafc2ab6acde477"], 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000200)=0x9)

2.593011942s ago: executing program 2 (id=1329):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
syz_io_uring_setup(0x49c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r1, 0x40383d0c, &(0x7f0000000040)={{0x0, 0x400}, {0x0, 0x7}, 0x6, 0x6})
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r2 = syz_io_uring_setup(0x499, &(0x7f0000000200)={0x0, 0x4661, 0x8, 0x3, 0x288}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000380)=<r4=>0x0)
io_setup(0x8, &(0x7f0000004200)=<r5=>0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r5, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0})
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe)
io_uring_enter(r2, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
r7 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$alg(0x26, 0x5, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendfile(r8, r8, 0x0, 0x40008)

1.294350216s ago: executing program 3 (id=1331):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f000001b700)=""/102400, 0x19000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f00000001c0)={@initdev={0xfe, 0x88, '\x00', 0x8, 0x0}, 0x5, r3})
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, @void, @value}, 0x94)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r4, &(0x7f0000004b80), 0x0, 0x4000c000)
sendto$inet6(r4, 0x0, 0x0, 0x20000884, 0x0, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

1.257258576s ago: executing program 3 (id=1332):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @local}, "00186371ae9b1c03"}}}}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="640000000206050000000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a30000000000500040000400000050005000a000000050001000600000014000780080006400000000008001340"], 0x64}}, 0x24002800)
fchdir(r0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x240)
write$cgroup_int(r2, &(0x7f0000000000)=0xfe8e, 0x12)

1.228574529s ago: executing program 3 (id=1333):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f000001b700)=""/102400, 0x19000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f00000001c0)={@initdev={0xfe, 0x88, '\x00', 0x8, 0x0}, 0x5, r3})
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, @void, @value}, 0x94)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r4, &(0x7f0000004b80), 0x0, 0x4000c000)
sendto$inet6(r4, 0x0, 0x0, 0x20000884, 0x0, 0x0) (fail_nth: 1)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

1.156047097s ago: executing program 3 (id=1334):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f000001b700)=""/102400, 0x19000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000100)=""/7, 0x7}, {&(0x7f0000000140)=""/31, 0x1f}], 0x2}, 0x7}], 0x1, 0x10020, 0x0)
sendmsg$NFT_MSG_GETSET(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000800}, 0xc, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="300000000a0a01010000000000000000050000010c000b40000000000000000b100016800c0001006e6f747261636b0070f0d3860570fb2a096ad0bf70088d835a9418025fe63af451607edfe6e04f8074cdae5814aaaf65490200000000000000bc3e3e1f14df2f44ce8b658ec1bfdf83f207c681391918d752"], 0x30}, 0x1, 0x0, 0x0, 0x400c050}, 0x880)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r6=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f00000001c0)={@initdev={0xfe, 0x88, '\x00', 0x8, 0x0}, 0x7, r6})
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r7, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r7, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x4, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="c6bf9cc53f3edfc748147c33f2d412e598fe68be4424352ee1610d6a2fec6b3794f6f54ac6ffa2130fd2da889b22ac82a859fee05557b5c7b81a82605d7b94bf009048e6417a57d6a3d194cb8d11d1d33f1ae76a8d56b5a056d12b154a8dc0cca2808b7a903dcf73d1df7fe1c3524eb9bb88468c4b1e1182239dcf81e3c95b787fabdfc75b2582fd3d852a1af1a4f0dfb86aac238496348716bc3da56459b7653f2a7515d59decc006a497b954a6410ae4be080d26e376295a"], &(0x7f0000000200)='GPL\x00', 0x80000001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, @void, @value}, 0x94)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r7, &(0x7f0000004b80), 0x0, 0x4000c000)
sendto$inet6(r7, 0x0, 0x0, 0x20000884, 0x0, 0x0)
sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x38, 0xc, 0x6, 0x801, 0x0, 0x0, {0x7, 0x0, 0x8}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x4040084)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

1.101718885s ago: executing program 3 (id=1335):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1300000000000000000000f3ffffffff01000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="13000000100000000200"/20, @ANYRES32, @ANYBLOB="000000000000000000000000e5de871435fc9900", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB="000000000000000018100000", @ANYRES32=r1, @ANYRESHEX=r1], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x0, 0x2001, 0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x80000001)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
semget$private(0x0, 0x6, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x2, 0x80805, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r7, 0x8010aebc, &(0x7f0000000040))
r8 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040f0200f80d20"], 0x7)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@ipv6_newnexthop={0x2c, 0x68, 0x100, 0x0, 0x25dfdbff, {}, [@NHA_GROUP={0x14, 0x2, [{0x1, 0x4}, {0x0, 0x3}]}]}, 0x2c}}, 0x0)

944.72071ms ago: executing program 4 (id=1336):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x55779000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
madvise(&(0x7f0000304000/0x3000)=nil, 0x3000, 0x9)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r6 = accept(r3, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0xc000}, 0x10)
recvfrom(r5, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)

287.977042ms ago: executing program 0 (id=1337):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000001080)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000ac0)={r2}, &(0x7f0000000b00)=0x8)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000280)={r2, 0x4, 0x5, 0x10000, 0x24fdaf0b, 0x343}, 0x14)
r3 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000540)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4b3, 0x3103, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x30, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x7f, 0x1, {0x22, 0x9}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000001200)={0x2c, &(0x7f00000010c0)=ANY=[@ANYBLOB="00040b0500000b0a000000000000000250"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x101000)
ioctl$HIDIOCGSTRING(r4, 0x81044804, &(0x7f00000000c0)={0xad, "25bf9b2a5dbe51feef49a0bf0ff35a2ae1510fc34339dfbd8faf28eb8c65b14c72a28275b75252c1294bf530d3790fe5756dd7eae13d7bd33d8c647bc474c02f2eb1442ddd69df78ecdb0ecbe97f833e1d32d447252c1fdc438f6027f3b3cdf577b24887b076b566bb3062adafef48f426bafb5c67b063ccd9d6c74e8ef26d9e85f7cac96cc43250942392e43c6b19a0bf2f291f3fddc3e8795063c56338d1a49a7244ca03e558bad57d14ea63"})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
io_setup(0x2007, &(0x7f0000000200)=<r6=>0x0)
r7 = eventfd2(0x0, 0x1)
io_submit(r6, 0x2, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x1, r7}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, r7, &(0x7f00000001c0)="5f18ab32505b5506", 0x8}])
shutdown(r5, 0x0)

287.441269ms ago: executing program 1 (id=1338):
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_connect$printer(0x3, 0x0, 0x0, &(0x7f0000000a80)={0x0, 0x0, 0x150, &(0x7f0000000140)={0x5, 0xf, 0x150, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0x1, "65694c4ae77491a9be538019baf44b10"}, @generic={0xdf, 0x10, 0xa, "b6b53d430dc983ba2115f910916f2cf7ad406bd923ac54ea44dd7f2e19205dfce1ab7c0e7074f248a2187e4d3283b0126784008f7d21758a28a8b0f2bdf2ecb9b18ad01db593109c0418c6723af7d76c9a53170556001160a3a01868d92306cc35c232c258ac6ac43161b649b3a104601e59f2dc48836869f96e0c3c51a490a71a409504bcd4f82f07442bf5142ef64a3cbc596c4e403134d47c3d6ab4c9f7a9fb87920d0ebf1954cd8c567a67a32682415a3a75f7b777ce811a31d0dc80066d09d2f412d55961431bd54111da473e5b63e2371e7840547f9fa19a3b"}, @generic={0x4e, 0x10, 0xb, "f310f8c5b989843bf002eea85763e653daf4ab6736db074e4737c86bf9f7f80398450d48b409ccb526e15b25bbb6ca7ee3979be459a6dfd0d88b7c21b68d9293bb8ce9d3d54f96b3b93bf8"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x6, 0x7, 0x4, 0x800}]}})
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x0, 0x0)
write$char_usb(r0, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
read$char_usb(r0, 0x0, 0x0)
syz_usb_connect(0x6, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc8, 0x6a, 0xe4, 0xff, 0x830, 0x3, 0x3528, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x53, 0x0, 0x0, 0xcf, 0x44, 0xe, 0x40}}]}}]}}, 0x0)

192.345401ms ago: executing program 3 (id=1339):
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x14, 0x0, 0xb03, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x20040880)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r3, 0x0, 0x0)
openat$cgroup_subtree(r5, 0x0, 0x2, 0x0)
r6 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(r6, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f90d, 0x9, '\x00', @p_u8=&(0x7f0000000040)}}) (fail_nth: 1)

0s ago: executing program 4 (id=1340):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r2, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000040)=0xc) (fail_nth: 1)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="1400000017000b63d25a80648c2594f90ba3c92b", 0x14}], 0x1}, 0x0)
unshare(0x2040400)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB="18001d801400008006000500c0000000050007009e000000"], 0x34}}, 0x0)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8923, &(0x7f0000000100)={'vlan0\x00', 0x40})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00'})
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f00000001c0)=0x7)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
openat$cgroup_subtree(r4, &(0x7f0000000040), 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)

kernel console output (not intermixed with test programs):

t(2000000151.220:745): avc:  denied  { listen } for  pid=9342 comm="syz.2.911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  323.590919][   T30] audit: type=1400 audit(2000000151.760:746): avc:  denied  { connect } for  pid=9344 comm="syz.3.910" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  324.377113][   T30] audit: type=1400 audit(2000000152.520:747): avc:  denied  { name_connect } for  pid=9354 comm="syz.2.912" dest=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  326.301610][ T9386] netlink: 104 bytes leftover after parsing attributes in process `syz.3.918'.
[  326.759082][ T9404] FAULT_INJECTION: forcing a failure.
[  326.759082][ T9404] name failslab, interval 1, probability 0, space 0, times 0
[  326.774136][ T9404] CPU: 0 UID: 0 PID: 9404 Comm: syz.0.923 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  326.774163][ T9404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  326.774173][ T9404] Call Trace:
[  326.774178][ T9404]  <TASK>
[  326.774185][ T9404]  dump_stack_lvl+0x16c/0x1f0
[  326.774215][ T9404]  should_fail_ex+0x512/0x640
[  326.774236][ T9404]  ? fs_reclaim_acquire+0xae/0x150
[  326.774255][ T9404]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  326.774278][ T9404]  should_failslab+0xc2/0x120
[  326.774303][ T9404]  __kmalloc_noprof+0xd2/0x510
[  326.774330][ T9404]  tomoyo_realpath_from_path+0xc2/0x6e0
[  326.774355][ T9404]  ? tomoyo_profile+0x47/0x60
[  326.774382][ T9404]  tomoyo_path_number_perm+0x245/0x580
[  326.774400][ T9404]  ? tomoyo_path_number_perm+0x237/0x580
[  326.774420][ T9404]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  326.774441][ T9404]  ? find_held_lock+0x2b/0x80
[  326.774484][ T9404]  ? find_held_lock+0x2b/0x80
[  326.774502][ T9404]  ? hook_file_ioctl_common+0x145/0x410
[  326.774547][ T9404]  ? __fget_files+0x20e/0x3c0
[  326.774575][ T9404]  security_file_ioctl+0x9b/0x240
[  326.774599][ T9404]  __x64_sys_ioctl+0xb7/0x210
[  326.774622][ T9404]  do_syscall_64+0xcd/0x4c0
[  326.774649][ T9404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.774666][ T9404] RIP: 0033:0x7f8126b8e929
[  326.774681][ T9404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.774697][ T9404] RSP: 002b:00007f81279b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  326.774714][ T9404] RAX: ffffffffffffffda RBX: 00007f8126db5fa0 RCX: 00007f8126b8e929
[  326.774724][ T9404] RDX: 0000200000000480 RSI: 00000000c0d05640 RDI: 0000000000000003
[  326.774734][ T9404] RBP: 00007f81279b8090 R08: 0000000000000000 R09: 0000000000000000
[  326.774749][ T9404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.774759][ T9404] R13: 0000000000000000 R14: 00007f8126db5fa0 R15: 00007fff6f090dc8
[  326.774785][ T9404]  </TASK>
[  326.775050][ T9404] ERROR: Out of memory at tomoyo_realpath_from_path.
[  328.364246][ T9427] FAULT_INJECTION: forcing a failure.
[  328.364246][ T9427] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.412580][ T9427] CPU: 0 UID: 0 PID: 9427 Comm: syz.0.931 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  328.412612][ T9427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  328.412623][ T9427] Call Trace:
[  328.412629][ T9427]  <TASK>
[  328.412642][ T9427]  dump_stack_lvl+0x16c/0x1f0
[  328.412674][ T9427]  should_fail_ex+0x512/0x640
[  328.412702][ T9427]  _copy_from_user+0x2e/0xd0
[  328.412730][ T9427]  copy_msghdr_from_user+0x98/0x160
[  328.412757][ T9427]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  328.412799][ T9427]  ___sys_sendmsg+0xfe/0x1d0
[  328.412826][ T9427]  ? __pfx____sys_sendmsg+0x10/0x10
[  328.412850][ T9427]  ? __lock_acquire+0x622/0x1c90
[  328.412918][ T9427]  __sys_sendmsg+0x16d/0x220
[  328.412945][ T9427]  ? __pfx___sys_sendmsg+0x10/0x10
[  328.412993][ T9427]  do_syscall_64+0xcd/0x4c0
[  328.413023][ T9427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.413042][ T9427] RIP: 0033:0x7f8126b8e929
[  328.413057][ T9427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.413074][ T9427] RSP: 002b:00007f81279b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  328.413092][ T9427] RAX: ffffffffffffffda RBX: 00007f8126db5fa0 RCX: 00007f8126b8e929
[  328.413104][ T9427] RDX: 0000000000008894 RSI: 0000200000000180 RDI: 0000000000000003
[  328.413114][ T9427] RBP: 00007f81279b8090 R08: 0000000000000000 R09: 0000000000000000
[  328.413124][ T9427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.413134][ T9427] R13: 0000000000000000 R14: 00007f8126db5fa0 R15: 00007fff6f090dc8
[  328.413161][ T9427]  </TASK>
[  328.595109][ T9425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  328.603977][ T9425] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  329.090135][ T9435] netlink: 8 bytes leftover after parsing attributes in process `syz.4.925'.
[  329.146707][ T9435] netlink: 4 bytes leftover after parsing attributes in process `syz.4.925'.
[  330.785742][ T5919] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  330.838300][ T9480] 9p: Unknown access argument c: -22
[  330.884253][ T5927] usb 2-1: new low-speed USB device number 29 using dummy_hcd
[  330.968459][   T30] audit: type=1400 audit(2000000159.160:748): avc:  denied  { bind } for  pid=9450 comm="syz.3.936" lport=3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  330.988517][ T5919] usb 1-1: Using ep0 maxpacket: 8
[  331.004703][ T5919] usb 1-1: config 67 has an invalid descriptor of length 25, skipping remainder of the config
[  331.016859][   T30] audit: type=1400 audit(2000000159.160:749): avc:  denied  { name_bind } for  pid=9450 comm="syz.3.936" src=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  331.037606][ T5919] usb 1-1: config 67 has 0 interfaces, different from the descriptor's value: 1
[  331.044541][ T5927] usb 2-1: device descriptor read/64, error -71
[  331.053311][   T30] audit: type=1400 audit(2000000159.160:750): avc:  denied  { node_bind } for  pid=9450 comm="syz.3.936" src=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  331.126256][ T5919] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  331.137714][ T5919] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.146320][   T30] audit: type=1400 audit(2000000159.170:751): avc:  denied  { name_bind } for  pid=9484 comm="syz.4.942" src=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  331.169425][ T5919] usb 1-1: Product: syz
[  331.174760][ T5919] usb 1-1: Manufacturer: syz
[  331.179514][ T5919] usb 1-1: SerialNumber: syz
[  331.399857][ T5927] usb 2-1: new low-speed USB device number 30 using dummy_hcd
[  331.432127][ T5919] usb 1-1: USB disconnect, device number 22
[  331.562995][ T5927] usb 2-1: device descriptor read/64, error -71
[  331.673106][ T5927] usb usb2-port1: attempt power cycle
[  332.880617][   T30] audit: type=1400 audit(2000000160.330:752): avc:  denied  { write } for  pid=9492 comm="syz.2.944" lport=51971 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  332.922160][   T30] audit: type=1400 audit(2000000160.330:753): avc:  denied  { setopt } for  pid=9492 comm="syz.2.944" lport=51971 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  332.946870][ T5927] usb 2-1: new low-speed USB device number 31 using dummy_hcd
[  332.971246][ T5927] usb 2-1: device descriptor read/8, error -71
[  333.250622][ T5927] usb 2-1: new low-speed USB device number 32 using dummy_hcd
[  333.260781][   T30] audit: type=1400 audit(2000000161.450:754): avc:  denied  { append } for  pid=9497 comm="syz.4.945" name="video9" dev="devtmpfs" ino=957 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  333.312003][ T9502] Cannot find add_set index 0 as target
[  333.657439][ T5927] usb 2-1: device descriptor read/8, error -71
[  333.798383][ T5927] usb usb2-port1: unable to enumerate USB device
[  333.901193][ T9520] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  333.914579][ T9520] Error validating options; rc = [-22]
[  333.922296][ T9520] overlayfs: failed to clone lowerpath
[  333.928035][ T5881] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[  333.936428][   T30] audit: type=1400 audit(2000000162.100:755): avc:  denied  { view } for  pid=9512 comm="syz.3.950" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  333.980966][ T9514] netlink: 'syz.0.949': attribute type 4 has an invalid length.
[  334.172674][ T5881] usb 5-1: config 0 has an invalid interface number: 96 but max is 0
[  334.181690][ T5881] usb 5-1: config 0 has no interface number 0
[  334.191824][ T5881] usb 5-1: New USB device found, idVendor=0734, idProduct=043b, bcdDevice=b1.ff
[  334.206241][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.218153][ T5881] usb 5-1: Product: syz
[  334.222694][ T5881] usb 5-1: Manufacturer: syz
[  334.227361][ T5881] usb 5-1: SerialNumber: syz
[  334.235846][ T5881] usb 5-1: config 0 descriptor??
[  334.251875][ T5881] gspca_main: spca506-2.14.0 probing 0734:043b
[  334.370664][ T5927] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  334.561264][ T5927] usb 1-1: Using ep0 maxpacket: 8
[  334.570295][ T5927] usb 1-1: config 0 has an invalid interface number: 92 but max is 0
[  334.581666][ T5927] usb 1-1: config 0 has no interface number 0
[  334.595903][ T5927] usb 1-1: New USB device found, idVendor=0a12, idProduct=5d10, bcdDevice=81.44
[  334.637439][ T9530] FAULT_INJECTION: forcing a failure.
[  334.637439][ T9530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.648911][ T5927] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.651851][ T9530] CPU: 0 UID: 0 PID: 9530 Comm: syz.1.953 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  334.651873][ T9530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  334.651882][ T9530] Call Trace:
[  334.651887][ T9530]  <TASK>
[  334.651893][ T9530]  dump_stack_lvl+0x16c/0x1f0
[  334.651919][ T9530]  should_fail_ex+0x512/0x640
[  334.651941][ T9530]  _copy_from_user+0x2e/0xd0
[  334.651962][ T9530]  copy_msghdr_from_user+0x98/0x160
[  334.651984][ T9530]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  334.652009][ T9530]  ? __lock_acquire+0x622/0x1c90
[  334.652035][ T9530]  ___sys_recvmsg+0xdb/0x1a0
[  334.652055][ T9530]  ? __pfx____sys_recvmsg+0x10/0x10
[  334.652077][ T9530]  ? find_held_lock+0x2b/0x80
[  334.652107][ T9530]  do_recvmmsg+0x2fe/0x750
[  334.652130][ T9530]  ? __pfx_do_recvmmsg+0x10/0x10
[  334.652154][ T9530]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  334.652182][ T9530]  ? __fget_files+0x20e/0x3c0
[  334.652207][ T9530]  __x64_sys_recvmmsg+0x22a/0x280
[  334.652228][ T9530]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  334.652255][ T9530]  do_syscall_64+0xcd/0x4c0
[  334.652278][ T9530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.652292][ T9530] RIP: 0033:0x7f24cb78e929
[  334.652305][ T9530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.652318][ T9530] RSP: 002b:00007f24cc520038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  334.652332][ T9530] RAX: ffffffffffffffda RBX: 00007f24cb9b5fa0 RCX: 00007f24cb78e929
[  334.652342][ T9530] RDX: 040000000000026c RSI: 00002000000005c0 RDI: 0000000000000003
[  334.652351][ T9530] RBP: 00007f24cc520090 R08: 0000000000000000 R09: 0000000000000000
[  334.652359][ T9530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.652367][ T9530] R13: 0000000000000000 R14: 00007f24cb9b5fa0 R15: 00007fffe9a3fa68
[  334.652387][ T9530]  </TASK>
[  334.849536][ T5927] usb 1-1: Product: syz
[  334.854275][ T5927] usb 1-1: Manufacturer: syz
[  334.859121][ T5927] usb 1-1: SerialNumber: syz
[  334.868735][ T5927] usb 1-1: config 0 descriptor??
[  335.340778][   T30] audit: type=1400 audit(2000000163.520:756): avc:  denied  { kexec_image_load } for  pid=9536 comm="syz.3.955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  336.325460][    C1] raw-gadget.1 gadget.4: ignoring, device is not running
[  336.345661][    C1] raw-gadget.1 gadget.4: ignoring, device is not running
[  336.354378][    C1] raw-gadget.1 gadget.4: ignoring, device is not running
[  336.370853][    C1] raw-gadget.1 gadget.4: ignoring, device is not running
[  336.379334][    C1] raw-gadget.1 gadget.4: ignoring, device is not running
[  336.392792][    C1] raw-gadget.1 gadget.4: ignoring, device is not running
[  336.400333][    C1] raw-gadget.1 gadget.4: ignoring, device is not running
[  336.435242][ T9545] FAULT_INJECTION: forcing a failure.
[  336.435242][ T9545] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.524775][ T9545] CPU: 1 UID: 0 PID: 9545 Comm: syz.2.957 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  336.524802][ T9545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  336.524812][ T9545] Call Trace:
[  336.524823][ T9545]  <TASK>
[  336.524831][ T9545]  dump_stack_lvl+0x16c/0x1f0
[  336.524861][ T9545]  should_fail_ex+0x512/0x640
[  336.524886][ T9545]  _copy_to_user+0x32/0xd0
[  336.524912][ T9545]  simple_read_from_buffer+0xcb/0x170
[  336.524937][ T9545]  proc_fail_nth_read+0x197/0x270
[  336.524960][ T9545]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  336.524983][ T9545]  ? rw_verify_area+0xcf/0x680
[  336.525001][ T9545]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  336.525021][ T9545]  vfs_read+0x1e4/0xc60
[  336.525045][ T9545]  ? __pfx___mutex_lock+0x10/0x10
[  336.525070][ T9545]  ? __pfx_vfs_read+0x10/0x10
[  336.525097][ T9545]  ? __fget_files+0x20e/0x3c0
[  336.525125][ T9545]  ksys_read+0x12a/0x250
[  336.525144][ T9545]  ? __pfx_ksys_read+0x10/0x10
[  336.525165][ T9545]  ? fdget+0x187/0x210
[  336.525189][ T9545]  do_syscall_64+0xcd/0x4c0
[  336.525213][ T9545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.525228][ T9545] RIP: 0033:0x7fc202b8d33c
[  336.525242][ T9545] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  336.525258][ T9545] RSP: 002b:00007fc2039ed030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  336.525273][ T9545] RAX: ffffffffffffffda RBX: 00007fc202db6080 RCX: 00007fc202b8d33c
[  336.525283][ T9545] RDX: 000000000000000f RSI: 00007fc2039ed0a0 RDI: 0000000000000003
[  336.525293][ T9545] RBP: 00007fc2039ed090 R08: 0000000000000000 R09: 0000000000000000
[  336.525302][ T9545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.525312][ T9545] R13: 0000000000000001 R14: 00007fc202db6080 R15: 00007fff775b5cd8
[  336.525335][ T9545]  </TASK>
[  336.918580][ T5881] usb 5-1: USB disconnect, device number 26
[  337.082955][   T30] audit: type=1400 audit(2000000165.270:757): avc:  denied  { bind } for  pid=9551 comm="syz.2.960" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  337.252873][ T5944] usb 1-1: USB disconnect, device number 23
[  337.373691][ T5881] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  337.784568][ T5881] usb 5-1: Using ep0 maxpacket: 32
[  337.887074][ T5881] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  337.972363][ T5881] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  338.018674][ T5881] usb 5-1: config 0 has no interface number 0
[  338.044475][ T5881] usb 5-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=59.84
[  338.073345][ T5881] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.195390][ T5881] usb 5-1: config 0 descriptor??
[  338.383956][ T5881] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  339.237627][ T9576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  339.327111][ T9576] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  339.352414][ T5881] snd-usb-audio 5-1:0.1: probe with driver snd-usb-audio failed with error -2
[  339.421025][ T5881] usb 5-1: USB disconnect, device number 27
[  339.884874][   T30] audit: type=1400 audit(2000000168.080:758): avc:  denied  { write } for  pid=9579 comm="syz.1.970" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  340.106836][   T30] audit: type=1400 audit(2000000168.310:759): avc:  denied  { lock } for  pid=9584 comm="syz.4.971" path="/dev/uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  340.283301][   T30] audit: type=1400 audit(2000000168.490:760): avc:  denied  { watch } for  pid=9594 comm="syz.3.976" path="/229/file0" dev="tmpfs" ino=1256 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  340.462788][ T9599] netlink: 763 bytes leftover after parsing attributes in process `syz.0.977'.
[  340.492320][   T30] audit: type=1400 audit(2000000168.700:761): avc:  denied  { create } for  pid=9600 comm="syz.1.978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  340.732734][   T30] audit: type=1400 audit(2000000168.940:762): avc:  denied  { ioctl } for  pid=9606 comm="syz.4.979" path="socket:[21174]" dev="sockfs" ino=21174 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  341.333705][ T9618] netlink: 'syz.0.981': attribute type 29 has an invalid length.
[  341.342611][ T9618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.981'.
[  342.029977][ T9628] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  342.040750][ T9628] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  342.051002][ T9628] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  342.064838][ T9628] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  342.075607][ T9628] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  342.085963][ T9628] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  342.096347][ T9628] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  342.106981][ T9628] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  342.117626][ T9628] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  342.127987][ T9628] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  342.250770][ T5826] Bluetooth: hci5: command 0x1003 tx timeout
[  342.257934][ T5135] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  342.598502][ T9635] vcan0: tx drop: invalid sa for name 0xfffffffffefffffe
[  343.402105][ T9649] netlink: 592 bytes leftover after parsing attributes in process `syz.3.989'.
[  344.380631][ T5866] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  344.545322][ T9682] FAULT_INJECTION: forcing a failure.
[  344.545322][ T9682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  344.565905][ T9682] CPU: 0 UID: 0 PID: 9682 Comm: syz.0.994 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  344.565931][ T9682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  344.565941][ T9682] Call Trace:
[  344.565946][ T9682]  <TASK>
[  344.565953][ T9682]  dump_stack_lvl+0x16c/0x1f0
[  344.565980][ T9682]  should_fail_ex+0x512/0x640
[  344.566001][ T9682]  _copy_from_user+0x2e/0xd0
[  344.566022][ T9682]  copy_msghdr_from_user+0x98/0x160
[  344.566043][ T9682]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  344.566065][ T9682]  ? __pfx__kstrtoull+0x10/0x10
[  344.566084][ T9682]  ___sys_sendmsg+0xfe/0x1d0
[  344.566104][ T9682]  ? __pfx____sys_sendmsg+0x10/0x10
[  344.566135][ T9682]  ? find_held_lock+0x2b/0x80
[  344.566167][ T9682]  __sys_sendmmsg+0x200/0x420
[  344.566189][ T9682]  ? __pfx___sys_sendmmsg+0x10/0x10
[  344.566216][ T9682]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  344.566246][ T9682]  ? fput+0x70/0xf0
[  344.566266][ T9682]  ? ksys_write+0x1ac/0x250
[  344.566282][ T9682]  ? __pfx_ksys_write+0x10/0x10
[  344.566305][ T9682]  __x64_sys_sendmmsg+0x9c/0x100
[  344.566326][ T9682]  ? lockdep_hardirqs_on+0x7c/0x110
[  344.566347][ T9682]  do_syscall_64+0xcd/0x4c0
[  344.566372][ T9682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.566388][ T9682] RIP: 0033:0x7f8126b8e929
[  344.566400][ T9682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.566415][ T9682] RSP: 002b:00007f8127997038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  344.566432][ T9682] RAX: ffffffffffffffda RBX: 00007f8126db6080 RCX: 00007f8126b8e929
[  344.566443][ T9682] RDX: 0000000000000300 RSI: 0000200000004d00 RDI: 0000000000000003
[  344.566453][ T9682] RBP: 00007f8127997090 R08: 0000000000000000 R09: 0000000000000000
[  344.566462][ T9682] R10: 0000000000000f00 R11: 0000000000000246 R12: 0000000000000001
[  344.566472][ T9682] R13: 0000000000000000 R14: 00007f8126db6080 R15: 00007fff6f090dc8
[  344.566498][ T9682]  </TASK>
[  344.570383][ T5866] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  344.848718][ T5866] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.862044][ T5866] usb 5-1: config 0 descriptor??
[  345.007923][ T9663] Invalid ELF header magic: != ELF
[  345.013345][   T30] audit: type=1400 audit(2000000173.210:763): avc:  denied  { module_load } for  pid=9660 comm="syz.1.991" path="/sys/kernel/notes" dev="sysfs" ino=1401 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  345.034284][ T9693] netlink: 8 bytes leftover after parsing attributes in process `syz.3.998'.
[  345.036911][    C1] vkms_vblank_simulate: vblank timer overrun
[  345.064836][ T9693] netlink: 28 bytes leftover after parsing attributes in process `syz.3.998'.
[  345.076732][ T5866] ath6kl: Failed to submit usb control message: -71
[  345.084121][ T5866] ath6kl: unable to send the bmi data to the device: -71
[  345.091337][ T5866] ath6kl: Unable to send get target info: -71
[  345.108885][ T5866] ath6kl: Failed to init ath6kl core: -71
[  345.117270][ T5866] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71
[  345.158453][   T30] audit: type=1326 audit(2000000173.360:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9695 comm="syz.2.999" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc202b8e929 code=0x0
[  345.163079][ T5866] usb 5-1: USB disconnect, device number 28
[  345.321136][ T9701] netlink: 340 bytes leftover after parsing attributes in process `syz.1.1001'.
[  345.332615][ T9701] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1001'.
[  345.590862][  T975] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  345.702748][   T30] audit: type=1326 audit(2000000173.900:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9704 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2cf98e929 code=0x7ffc0000
[  345.728540][   T30] audit: type=1326 audit(2000000173.900:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9704 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=218 compat=0 ip=0x7fc2cf98e929 code=0x7ffc0000
[  345.757387][   T30] audit: type=1326 audit(2000000173.900:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9704 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2cf98e929 code=0x7ffc0000
[  345.805751][  T975] usb 2-1: Using ep0 maxpacket: 8
[  345.811250][   T30] audit: type=1326 audit(2000000173.900:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9704 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fc2cf98e929 code=0x7ffc0000
[  345.836593][   T30] audit: type=1326 audit(2000000173.900:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9704 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2cf98e929 code=0x7ffc0000
[  345.869524][   T30] audit: type=1326 audit(2000000173.900:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9704 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fc2cf98e929 code=0x7ffc0000
[  345.895082][  T975] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  345.975549][ T9706] netlink: 'syz.3.1003': attribute type 8 has an invalid length.
[  345.992474][  T975] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  346.045956][   T30] audit: type=1326 audit(2000000173.900:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9704 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2cf98e929 code=0x7ffc0000
[  346.069661][  T975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.124193][  T975] usb 2-1: config 0 descriptor??
[  346.195837][  T975] gspca_main: vc032x-2.14.0 probing 046d:0892
[  346.238201][   T30] audit: type=1326 audit(2000000173.900:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9704 comm="syz.3.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2cf98e929 code=0x7ffc0000
[  346.681217][  T975] gspca_vc032x: reg_r err -71
[  346.686010][  T975] vc032x 2-1:0.0: probe with driver vc032x failed with error -71
[  346.716982][  T975] usb 2-1: USB disconnect, device number 33
[  347.586617][ T9740] FAULT_INJECTION: forcing a failure.
[  347.586617][ T9740] name failslab, interval 1, probability 0, space 0, times 0
[  347.599379][ T9740] CPU: 1 UID: 0 PID: 9740 Comm: syz.2.1011 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  347.599404][ T9740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  347.599415][ T9740] Call Trace:
[  347.599421][ T9740]  <TASK>
[  347.599428][ T9740]  dump_stack_lvl+0x16c/0x1f0
[  347.599458][ T9740]  should_fail_ex+0x512/0x640
[  347.599486][ T9740]  ? fs_reclaim_acquire+0xae/0x150
[  347.599506][ T9740]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  347.599529][ T9740]  should_failslab+0xc2/0x120
[  347.599553][ T9740]  __kmalloc_noprof+0xd2/0x510
[  347.599582][ T9740]  tomoyo_realpath_from_path+0xc2/0x6e0
[  347.599609][ T9740]  ? tomoyo_profile+0x47/0x60
[  347.599637][ T9740]  tomoyo_path_number_perm+0x245/0x580
[  347.599656][ T9740]  ? tomoyo_path_number_perm+0x237/0x580
[  347.599676][ T9740]  ? finish_task_switch.isra.0+0x174/0xc10
[  347.599699][ T9740]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  347.599717][ T9740]  ? rcu_is_watching+0x12/0xc0
[  347.599739][ T9740]  ? lockdep_hardirqs_on+0x7c/0x110
[  347.599793][ T9740]  ? find_held_lock+0x2b/0x80
[  347.599813][ T9740]  ? hook_file_ioctl_common+0x145/0x410
[  347.599847][ T9740]  ? __fget_files+0x20e/0x3c0
[  347.599876][ T9740]  security_file_ioctl+0x9b/0x240
[  347.599902][ T9740]  __x64_sys_ioctl+0xb7/0x210
[  347.599923][ T9740]  do_syscall_64+0xcd/0x4c0
[  347.599950][ T9740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.599967][ T9740] RIP: 0033:0x7fc202b8e929
[  347.599982][ T9740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.599998][ T9740] RSP: 002b:00007fc2039cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  347.600013][ T9740] RAX: ffffffffffffffda RBX: 00007fc202db6160 RCX: 00007fc202b8e929
[  347.600024][ T9740] RDX: 0000200000000200 RSI: 00000000c05064a7 RDI: 0000000000000007
[  347.600034][ T9740] RBP: 00007fc2039cc090 R08: 0000000000000000 R09: 0000000000000000
[  347.600044][ T9740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.600054][ T9740] R13: 0000000000000000 R14: 00007fc202db6160 R15: 00007fff775b5cd8
[  347.600081][ T9740]  </TASK>
[  347.600106][ T9740] ERROR: Out of memory at tomoyo_realpath_from_path.
[  348.035377][ T9742] FAULT_INJECTION: forcing a failure.
[  348.035377][ T9742] name failslab, interval 1, probability 0, space 0, times 0
[  348.063587][ T9742] CPU: 0 UID: 0 PID: 9742 Comm: syz.4.1015 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  348.063615][ T9742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  348.063623][ T9742] Call Trace:
[  348.063628][ T9742]  <TASK>
[  348.063635][ T9742]  dump_stack_lvl+0x16c/0x1f0
[  348.063662][ T9742]  should_fail_ex+0x512/0x640
[  348.063683][ T9742]  ? fs_reclaim_acquire+0xae/0x150
[  348.063700][ T9742]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  348.063731][ T9742]  should_failslab+0xc2/0x120
[  348.063753][ T9742]  __kmalloc_noprof+0xd2/0x510
[  348.063777][ T9742]  tomoyo_realpath_from_path+0xc2/0x6e0
[  348.063801][ T9742]  ? tomoyo_profile+0x47/0x60
[  348.063826][ T9742]  tomoyo_path_number_perm+0x245/0x580
[  348.063843][ T9742]  ? tomoyo_path_number_perm+0x237/0x580
[  348.063864][ T9742]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  348.063885][ T9742]  ? find_held_lock+0x2b/0x80
[  348.063925][ T9742]  ? find_held_lock+0x2b/0x80
[  348.063945][ T9742]  ? hook_file_ioctl_common+0x145/0x410
[  348.063977][ T9742]  ? __fget_files+0x20e/0x3c0
[  348.064005][ T9742]  security_file_ioctl+0x9b/0x240
[  348.064029][ T9742]  __x64_sys_ioctl+0xb7/0x210
[  348.064050][ T9742]  do_syscall_64+0xcd/0x4c0
[  348.064075][ T9742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.064092][ T9742] RIP: 0033:0x7fa9cbf8e929
[  348.064106][ T9742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.064122][ T9742] RSP: 002b:00007fa9ccd1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  348.064139][ T9742] RAX: ffffffffffffffda RBX: 00007fa9cc1b5fa0 RCX: 00007fa9cbf8e929
[  348.064149][ T9742] RDX: 0000200000000000 RSI: 00000000c008ae67 RDI: 0000000000000004
[  348.064159][ T9742] RBP: 00007fa9ccd1e090 R08: 0000000000000000 R09: 0000000000000000
[  348.064168][ T9742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.064177][ T9742] R13: 0000000000000000 R14: 00007fa9cc1b5fa0 R15: 00007ffeb33bb038
[  348.064200][ T9742]  </TASK>
[  348.065168][ T9742] ERROR: Out of memory at tomoyo_realpath_from_path.
[  348.072462][ T9748] bridge0: port 1(bridge_slave_0) entered disabled state
[  348.167187][ T9747] FAULT_INJECTION: forcing a failure.
[  348.167187][ T9747] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.310652][ T9747] CPU: 1 UID: 0 PID: 9747 Comm: syz.1.1013 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  348.310681][ T9747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  348.310691][ T9747] Call Trace:
[  348.310697][ T9747]  <TASK>
[  348.310704][ T9747]  dump_stack_lvl+0x16c/0x1f0
[  348.310747][ T9747]  should_fail_ex+0x512/0x640
[  348.310779][ T9747]  _copy_from_user+0x2e/0xd0
[  348.310814][ T9747]  __vb2_perform_fileio+0xad4/0x1660
[  348.310846][ T9747]  ? __pfx___vb2_perform_fileio+0x10/0x10
[  348.310863][ T9747]  ? get_pid_task+0xfc/0x250
[  348.310904][ T9747]  vb2_fop_write+0x207/0x3f0
[  348.310939][ T9747]  v4l2_write+0x229/0x360
[  348.310962][ T9747]  ? __pfx_v4l2_write+0x10/0x10
[  348.310981][ T9747]  vfs_write+0x29d/0x1150
[  348.311011][ T9747]  ? __pfx_vfs_write+0x10/0x10
[  348.311030][ T9747]  ? find_held_lock+0x2b/0x80
[  348.311052][ T9747]  ? __fget_files+0x204/0x3c0
[  348.311081][ T9747]  ? __fget_files+0x20e/0x3c0
[  348.311113][ T9747]  ksys_write+0x12a/0x250
[  348.311134][ T9747]  ? __pfx_ksys_write+0x10/0x10
[  348.311166][ T9747]  do_syscall_64+0xcd/0x4c0
[  348.311194][ T9747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.311212][ T9747] RIP: 0033:0x7f24cb78e929
[  348.311227][ T9747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.311244][ T9747] RSP: 002b:00007f24cc520038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  348.311261][ T9747] RAX: ffffffffffffffda RBX: 00007f24cb9b5fa0 RCX: 00007f24cb78e929
[  348.311273][ T9747] RDX: 000000000000ca80 RSI: 0000200000000000 RDI: 0000000000000004
[  348.311283][ T9747] RBP: 00007f24cc520090 R08: 0000000000000000 R09: 0000000000000000
[  348.311293][ T9747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.311303][ T9747] R13: 0000000000000000 R14: 00007f24cb9b5fa0 R15: 00007fffe9a3fa68
[  348.311331][ T9747]  </TASK>
[  348.509407][    C1] vkms_vblank_simulate: vblank timer overrun
[  350.369113][ T9759] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1019'.
[  350.541125][ T9774] sg_read: process 778 (syz.2.1024) changed security contexts after opening file descriptor, this is not allowed.
[  350.718336][ T9781] netlink: 'syz.2.1026': attribute type 322 has an invalid length.
[  350.800597][  T975] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[  350.972380][  T975] usb 5-1: too many endpoints for config 1 interface 0 altsetting 103: 101, using maximum allowed: 30
[  350.983633][  T975] usb 5-1: config 1 interface 0 altsetting 103 has 0 endpoint descriptors, different from the interface descriptor's value: 101
[  350.997429][  T975] usb 5-1: config 1 interface 0 has no altsetting 0
[  351.006598][  T975] usb 5-1: New USB device found, idVendor=15f4, idProduct=0015, bcdDevice=fd.bf
[  351.016134][  T975] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.024410][  T975] usb 5-1: Product: syz
[  351.028742][  T975] usb 5-1: Manufacturer: syz
[  351.033755][  T975] usb 5-1: SerialNumber: syz
[  351.613525][  T975] dvb-usb: found a 'Hanftek UMT-010 DVB-T USB2.0' in warm state.
[  351.643306][  T975] dvb-usb: bulk message failed: -22 (3/0)
[  351.689564][  T975] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  351.738550][  T975] dvb-usb: Hanftek UMT-010 DVB-T USB2.0 error while loading driver (-19)
[  351.756802][  T975] dvb_usb_umt_010 5-1:1.0: probe with driver dvb_usb_umt_010 failed with error -22
[  351.779825][  T975] usb 5-1: USB disconnect, device number 29
[  351.925904][ T9792] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2579 sclass=netlink_route_socket pid=9792 comm=syz.1.1030
[  351.999904][   T30] kauditd_printk_skb: 16 callbacks suppressed
[  352.039529][   T30] audit: type=1400 audit(2000000180.200:789): avc:  denied  { write } for  pid=9804 comm="syz.3.1034" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  352.509961][ T9816] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1037'.
[  353.286630][ T9823] netlink: 'syz.0.1039': attribute type 1 has an invalid length.
[  353.326249][ T9828] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1043'.
[  353.384294][   T30] audit: type=1400 audit(2000000181.580:790): avc:  denied  { map } for  pid=9830 comm="syz.3.1044" path="socket:[22718]" dev="sockfs" ino=22718 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  353.429323][ T9823] 8021q: adding VLAN 0 to HW filter on device bond2
[  353.462142][ T9828] SELinux: failed to load policy
[  353.474480][ T9831] bond2: (slave geneve2): making interface the new active one
[  353.503203][   T30] audit: type=1400 audit(2000000181.670:791): avc:  denied  { load_policy } for  pid=9826 comm="syz.1.1043" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  353.513792][ T9831] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  353.605116][   T30] audit: type=1400 audit(2000000181.680:792): avc:  denied  { getopt } for  pid=9834 comm="syz.3.1045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  353.640465][ T9836] veth3: entered promiscuous mode
[  353.996033][ T9836] bond2: (slave veth3): Enslaving as an active interface with a down link
[  354.258001][ T9849] FAULT_INJECTION: forcing a failure.
[  354.258001][ T9849] name failslab, interval 1, probability 0, space 0, times 0
[  354.270970][ T9849] CPU: 0 UID: 0 PID: 9849 Comm: syz.4.1049 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  354.270992][ T9849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  354.270998][ T9849] Call Trace:
[  354.271004][ T9849]  <TASK>
[  354.271009][ T9849]  dump_stack_lvl+0x16c/0x1f0
[  354.271029][ T9849]  should_fail_ex+0x512/0x640
[  354.271042][ T9849]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  354.271058][ T9849]  should_failslab+0xc2/0x120
[  354.271073][ T9849]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  354.271087][ T9849]  ? __alloc_skb+0x2b2/0x380
[  354.271103][ T9849]  __alloc_skb+0x2b2/0x380
[  354.271116][ T9849]  ? __pfx___alloc_skb+0x10/0x10
[  354.271131][ T9849]  ? find_held_lock+0x2b/0x80
[  354.271146][ T9849]  tcp_stream_alloc_skb+0x34/0x570
[  354.271161][ T9849]  tcp_sendmsg_locked+0x130f/0x4300
[  354.271178][ T9849]  ? __lock_acquire+0xb8a/0x1c90
[  354.271193][ T9849]  ? nf_conncount_count+0x71a/0x10a0
[  354.271208][ T9849]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  354.271222][ T9849]  ? do_raw_spin_lock+0x12c/0x2b0
[  354.271233][ T9849]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  354.271246][ T9849]  ? __local_bh_enable_ip+0xa4/0x120
[  354.271261][ T9849]  tcp_sendmsg+0x2e/0x50
[  354.271273][ T9849]  ? __pfx_tcp_sendmsg+0x10/0x10
[  354.271285][ T9849]  inet_sendmsg+0xb9/0x140
[  354.271300][ T9849]  __sys_sendto+0x43c/0x520
[  354.271313][ T9849]  ? __pfx___sys_sendto+0x10/0x10
[  354.271338][ T9849]  ? ksys_write+0x1ac/0x250
[  354.271351][ T9849]  ? __pfx_ksys_write+0x10/0x10
[  354.271365][ T9849]  __x64_sys_sendto+0xe0/0x1c0
[  354.271376][ T9849]  ? do_syscall_64+0x91/0x4c0
[  354.271390][ T9849]  ? lockdep_hardirqs_on+0x7c/0x110
[  354.271416][ T9849]  do_syscall_64+0xcd/0x4c0
[  354.271431][ T9849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.271442][ T9849] RIP: 0033:0x7fa9cbf8e929
[  354.271451][ T9849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.271460][ T9849] RSP: 002b:00007fa9c9dd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  354.271470][ T9849] RAX: ffffffffffffffda RBX: 00007fa9cc1b6160 RCX: 00007fa9cbf8e929
[  354.271476][ T9849] RDX: ffffffffffffff94 RSI: 0000200000000000 RDI: 0000000000000007
[  354.271482][ T9849] RBP: 00007fa9c9dd5090 R08: 0000000000000000 R09: 000000000000ff88
[  354.271488][ T9849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.271493][ T9849] R13: 0000000000000000 R14: 00007fa9cc1b6160 R15: 00007ffeb33bb038
[  354.271507][ T9849]  </TASK>
[  354.938365][   T30] audit: type=1400 audit(2000000183.130:793): avc:  denied  { ioctl } for  pid=9853 comm="syz.0.1050" path="socket:[22810]" dev="sockfs" ino=22810 ioctlcmd=0xf515 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  354.985234][   T30] audit: type=1400 audit(2000000183.140:794): avc:  denied  { setopt } for  pid=9853 comm="syz.0.1050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  355.039392][   T30] audit: type=1400 audit(2000000183.240:795): avc:  denied  { create } for  pid=9846 comm="syz.3.1048" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  355.087284][ T9843] team0: Port device bond0 removed
[  355.103214][ T9843] bridge_slave_0: left allmulticast mode
[  355.121105][ T9843] bridge_slave_0: left promiscuous mode
[  355.137734][ T9843] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.157533][   T30] audit: type=1400 audit(2000000183.240:796): avc:  denied  { write } for  pid=9846 comm="syz.3.1048" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  355.200433][ T9843] bridge_slave_1: left promiscuous mode
[  355.211940][ T9843] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.275720][ T9843] bond0: (slave bond_slave_0): Releasing backup interface
[  355.353790][ T9843] bond0: (slave bond_slave_1): Releasing backup interface
[  355.370079][ T9843] team0: Port device team_slave_0 removed
[  355.380585][ T5927] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  355.408446][ T9843] team0: Port device team_slave_1 removed
[  355.421636][ T9843] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  355.521533][ T9843] batman_adv: batadv0: Removing interface: batadv_slave_0
[  355.537485][ T9843] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  355.546747][ T9843] batman_adv: batadv0: Removing interface: batadv_slave_1
[  355.590707][ T5927] usb 5-1: Using ep0 maxpacket: 8
[  355.600380][ T5927] usb 5-1: config 67 has an invalid descriptor of length 25, skipping remainder of the config
[  355.612402][ T5927] usb 5-1: config 67 has 0 interfaces, different from the descriptor's value: 1
[  355.650068][ T5927] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  355.659825][ T5927] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  355.670632][ T5927] usb 5-1: Product: syz
[  355.680593][ T5927] usb 5-1: Manufacturer: syz
[  355.685369][ T5927] usb 5-1: SerialNumber: syz
[  355.907795][ T5927] usb 5-1: USB disconnect, device number 30
[  356.318352][   T30] audit: type=1400 audit(2000000184.520:797): avc:  denied  { mount } for  pid=9877 comm="syz.2.1055" name="/" dev="ramfs" ino=22853 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  357.049464][ T9901] FAULT_INJECTION: forcing a failure.
[  357.049464][ T9901] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  357.063788][ T9901] CPU: 1 UID: 0 PID: 9901 Comm: syz.0.1061 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  357.063811][ T9901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  357.063821][ T9901] Call Trace:
[  357.063827][ T9901]  <TASK>
[  357.063833][ T9901]  dump_stack_lvl+0x16c/0x1f0
[  357.063863][ T9901]  should_fail_ex+0x512/0x640
[  357.063889][ T9901]  _copy_from_user+0x2e/0xd0
[  357.063914][ T9901]  core_sys_select+0x2c8/0xc10
[  357.063943][ T9901]  ? __pfx_core_sys_select+0x10/0x10
[  357.063995][ T9901]  ? set_user_sigmask+0x21b/0x2b0
[  357.064014][ T9901]  ? __pfx_set_user_sigmask+0x10/0x10
[  357.064038][ T9901]  do_pselect.constprop.0+0x19f/0x1e0
[  357.064062][ T9901]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  357.064094][ T9901]  __x64_sys_pselect6+0x182/0x240
[  357.064118][ T9901]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  357.064148][ T9901]  do_syscall_64+0xcd/0x4c0
[  357.064175][ T9901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.064192][ T9901] RIP: 0033:0x7f8126b8e929
[  357.064206][ T9901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.064223][ T9901] RSP: 002b:00007f8127997038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  357.064240][ T9901] RAX: ffffffffffffffda RBX: 00007f8126db6080 RCX: 00007f8126b8e929
[  357.064251][ T9901] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  357.064262][ T9901] RBP: 00007f8127997090 R08: 0000000000000000 R09: 0000000000000000
[  357.064272][ T9901] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  357.064282][ T9901] R13: 0000000000000001 R14: 00007f8126db6080 R15: 00007fff6f090dc8
[  357.064306][ T9901]  </TASK>
[  358.689270][ T9917] FAULT_INJECTION: forcing a failure.
[  358.689270][ T9917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  358.710557][   T30] audit: type=1400 audit(2000000186.890:798): avc:  denied  { read } for  pid=9914 comm="syz.3.1065" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  358.750632][ T9917] CPU: 0 UID: 0 PID: 9917 Comm: syz.0.1064 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  358.750659][ T9917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  358.750670][ T9917] Call Trace:
[  358.750676][ T9917]  <TASK>
[  358.750682][ T9917]  dump_stack_lvl+0x16c/0x1f0
[  358.750713][ T9917]  should_fail_ex+0x512/0x640
[  358.750740][ T9917]  _copy_to_user+0x32/0xd0
[  358.750765][ T9917]  simple_read_from_buffer+0xcb/0x170
[  358.750789][ T9917]  proc_fail_nth_read+0x197/0x270
[  358.750811][ T9917]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  358.750834][ T9917]  ? rw_verify_area+0xcf/0x680
[  358.750853][ T9917]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  358.750873][ T9917]  vfs_read+0x1e4/0xc60
[  358.750901][ T9917]  ? __pfx_vfs_read+0x10/0x10
[  358.750921][ T9917]  ? do_sys_openat2+0x157/0x1d0
[  358.750940][ T9917]  ? __pfx_do_sys_openat2+0x10/0x10
[  358.750958][ T9917]  ? ksys_unshare+0x687/0xa40
[  358.750984][ T9917]  ? do_ftruncate+0x22c/0x970
[  358.751012][ T9917]  ksys_read+0x12a/0x250
[  358.751031][ T9917]  ? __pfx_ksys_read+0x10/0x10
[  358.751060][ T9917]  do_syscall_64+0xcd/0x4c0
[  358.751086][ T9917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.751099][ T9917] RIP: 0033:0x7f8126b8d33c
[  358.751108][ T9917] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  358.751119][ T9917] RSP: 002b:00007f81279b8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  358.751129][ T9917] RAX: ffffffffffffffda RBX: 00007f8126db5fa0 RCX: 00007f8126b8d33c
[  358.751135][ T9917] RDX: 000000000000000f RSI: 00007f81279b80a0 RDI: 0000000000000004
[  358.751141][ T9917] RBP: 00007f81279b8090 R08: 0000000000000000 R09: 0000000000000000
[  358.751147][ T9917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  358.751152][ T9917] R13: 0000000000000000 R14: 00007f8126db5fa0 R15: 00007fff6f090dc8
[  358.751164][ T9917]  </TASK>
[  359.452417][   T30] audit: type=1400 audit(2000000187.660:799): avc:  denied  { accept } for  pid=9924 comm="syz.0.1068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  359.674845][ T9932] FAULT_INJECTION: forcing a failure.
[  359.674845][ T9932] name failslab, interval 1, probability 0, space 0, times 0
[  359.706222][   T30] audit: type=1326 audit(2000000187.910:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9927 comm="syz.3.1069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2cf98e929 code=0x7fc00000
[  359.753772][ T9932] CPU: 1 UID: 0 PID: 9932 Comm: syz.2.1071 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  359.753790][ T9932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  359.753796][ T9932] Call Trace:
[  359.753800][ T9932]  <TASK>
[  359.753804][ T9932]  dump_stack_lvl+0x16c/0x1f0
[  359.753823][ T9932]  should_fail_ex+0x512/0x640
[  359.753837][ T9932]  ? fs_reclaim_acquire+0xae/0x150
[  359.753849][ T9932]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  359.753864][ T9932]  should_failslab+0xc2/0x120
[  359.753879][ T9932]  __kmalloc_noprof+0xd2/0x510
[  359.753895][ T9932]  tomoyo_realpath_from_path+0xc2/0x6e0
[  359.753910][ T9932]  ? tomoyo_profile+0x47/0x60
[  359.753927][ T9932]  tomoyo_path_number_perm+0x245/0x580
[  359.753939][ T9932]  ? tomoyo_path_number_perm+0x237/0x580
[  359.753951][ T9932]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  359.753964][ T9932]  ? find_held_lock+0x2b/0x80
[  359.753988][ T9932]  ? find_held_lock+0x2b/0x80
[  359.753999][ T9932]  ? hook_file_ioctl_common+0x145/0x410
[  359.754018][ T9932]  ? __fget_files+0x20e/0x3c0
[  359.754033][ T9932]  security_file_ioctl+0x9b/0x240
[  359.754048][ T9932]  __x64_sys_ioctl+0xb7/0x210
[  359.754061][ T9932]  do_syscall_64+0xcd/0x4c0
[  359.754077][ T9932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.754088][ T9932] RIP: 0033:0x7fc202b8e929
[  359.754096][ T9932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.754106][ T9932] RSP: 002b:00007fc203a0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  359.754116][ T9932] RAX: ffffffffffffffda RBX: 00007fc202db5fa0 RCX: 00007fc202b8e929
[  359.754123][ T9932] RDX: 0000000000000000 RSI: 0000000080487436 RDI: 0000000000000003
[  359.754128][ T9932] RBP: 00007fc203a0e090 R08: 0000000000000000 R09: 0000000000000000
[  359.754134][ T9932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  359.754139][ T9932] R13: 0000000000000000 R14: 00007fc202db5fa0 R15: 00007fff775b5cd8
[  359.754152][ T9932]  </TASK>
[  359.754156][ T9932] ERROR: Out of memory at tomoyo_realpath_from_path.
[  359.975753][   T30] audit: type=1326 audit(2000000187.950:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9927 comm="syz.3.1069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc2cf98e929 code=0x7fc00000
[  360.000258][ T9937] FAULT_INJECTION: forcing a failure.
[  360.000258][ T9937] name failslab, interval 1, probability 0, space 0, times 0
[  360.025544][ T9937] CPU: 0 UID: 0 PID: 9937 Comm: syz.4.1073 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  360.025561][ T9937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  360.025567][ T9937] Call Trace:
[  360.025571][ T9937]  <TASK>
[  360.025576][ T9937]  dump_stack_lvl+0x16c/0x1f0
[  360.025596][ T9937]  should_fail_ex+0x512/0x640
[  360.025609][ T9937]  ? fs_reclaim_acquire+0xae/0x150
[  360.025621][ T9937]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  360.025635][ T9937]  should_failslab+0xc2/0x120
[  360.025650][ T9937]  __kmalloc_noprof+0xd2/0x510
[  360.025666][ T9937]  tomoyo_realpath_from_path+0xc2/0x6e0
[  360.025681][ T9937]  ? tomoyo_profile+0x47/0x60
[  360.025698][ T9937]  tomoyo_path_number_perm+0x245/0x580
[  360.025709][ T9937]  ? tomoyo_path_number_perm+0x237/0x580
[  360.025722][ T9937]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  360.025734][ T9937]  ? find_held_lock+0x2b/0x80
[  360.025758][ T9937]  ? find_held_lock+0x2b/0x80
[  360.025770][ T9937]  ? hook_file_ioctl_common+0x145/0x410
[  360.025789][ T9937]  ? __fget_files+0x20e/0x3c0
[  360.025805][ T9937]  security_file_ioctl+0x9b/0x240
[  360.025820][ T9937]  __x64_sys_ioctl+0xb7/0x210
[  360.025832][ T9937]  do_syscall_64+0xcd/0x4c0
[  360.025848][ T9937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.025858][ T9937] RIP: 0033:0x7fa9cbf8e929
[  360.025867][ T9937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.025877][ T9937] RSP: 002b:00007fa9ccd1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  360.025887][ T9937] RAX: ffffffffffffffda RBX: 00007fa9cc1b5fa0 RCX: 00007fa9cbf8e929
[  360.025894][ T9937] RDX: 0000200000000140 RSI: 0000000000008936 RDI: 0000000000000003
[  360.025899][ T9937] RBP: 00007fa9ccd1e090 R08: 0000000000000000 R09: 0000000000000000
[  360.025905][ T9937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  360.025911][ T9937] R13: 0000000000000000 R14: 00007fa9cc1b5fa0 R15: 00007ffeb33bb038
[  360.025923][ T9937]  </TASK>
[  360.025927][ T9937] ERROR: Out of memory at tomoyo_realpath_from_path.
[  360.288068][ T9939] FAULT_INJECTION: forcing a failure.
[  360.288068][ T9939] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  360.303581][ T9939] CPU: 1 UID: 0 PID: 9939 Comm: syz.2.1074 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  360.303604][ T9939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  360.303614][ T9939] Call Trace:
[  360.303619][ T9939]  <TASK>
[  360.303626][ T9939]  dump_stack_lvl+0x16c/0x1f0
[  360.303654][ T9939]  should_fail_ex+0x512/0x640
[  360.303680][ T9939]  _copy_from_user+0x2e/0xd0
[  360.303702][ T9939]  copy_from_sockptr_offset.constprop.0+0x136/0x170
[  360.303731][ T9939]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  360.303760][ T9939]  ? bpf_lsm_capable+0x9/0x10
[  360.303777][ T9939]  ? security_capable+0x7e/0x260
[  360.303799][ T9939]  ip_mroute_setsockopt+0x6c6/0x1040
[  360.303823][ T9939]  ? __pfx_ip_mroute_setsockopt+0x10/0x10
[  360.303858][ T9939]  do_ip_setsockopt+0x2ae/0x3240
[  360.303884][ T9939]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  360.303909][ T9939]  ? sock_has_perm+0x259/0x2f0
[  360.303928][ T9939]  ? __pfx_sock_has_perm+0x10/0x10
[  360.303946][ T9939]  ? selinux_netlbl_socket_setsockopt+0x183/0x470
[  360.303972][ T9939]  ip_setsockopt+0x59/0xf0
[  360.303995][ T9939]  raw_setsockopt+0xb7/0x2a0
[  360.304018][ T9939]  ? __pfx_raw_setsockopt+0x10/0x10
[  360.304041][ T9939]  ? selinux_socket_setsockopt+0x6a/0x80
[  360.304059][ T9939]  ? sock_common_setsockopt+0x2e/0xf0
[  360.304078][ T9939]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  360.304094][ T9939]  do_sock_setsockopt+0x224/0x470
[  360.304111][ T9939]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  360.304141][ T9939]  __sys_setsockopt+0x1a0/0x230
[  360.304168][ T9939]  __x64_sys_setsockopt+0xbd/0x160
[  360.304189][ T9939]  ? do_syscall_64+0x91/0x4c0
[  360.304212][ T9939]  ? lockdep_hardirqs_on+0x7c/0x110
[  360.304236][ T9939]  do_syscall_64+0xcd/0x4c0
[  360.304261][ T9939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.304277][ T9939] RIP: 0033:0x7fc202b8e929
[  360.304292][ T9939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.304308][ T9939] RSP: 002b:00007fc203a0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  360.304325][ T9939] RAX: ffffffffffffffda RBX: 00007fc202db5fa0 RCX: 00007fc202b8e929
[  360.304335][ T9939] RDX: 00000000000000d4 RSI: 0000000000000000 RDI: 0000000000000003
[  360.304345][ T9939] RBP: 00007fc203a0e090 R08: 0000000000000004 R09: 0000000000000000
[  360.304354][ T9939] R10: 00002000000003c0 R11: 0000000000000246 R12: 0000000000000001
[  360.304363][ T9939] R13: 0000000000000000 R14: 00007fc202db5fa0 R15: 00007fff775b5cd8
[  360.304393][ T9939]  </TASK>
[  360.311290][ T5919] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  360.960733][ T9947] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1075'.
[  360.969781][ T9947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1075'.
[  361.217323][ T5919] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.502945][ T5919] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  361.705945][ T5919] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  361.730055][ T5919] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.746238][ T5919] usb 1-1: config 0 descriptor??
[  361.947290][ T9967] FAULT_INJECTION: forcing a failure.
[  361.947290][ T9967] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  362.012220][ T9967] CPU: 0 UID: 0 PID: 9967 Comm: syz.4.1083 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  362.012247][ T9967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  362.012256][ T9967] Call Trace:
[  362.012265][ T9967]  <TASK>
[  362.012272][ T9967]  dump_stack_lvl+0x16c/0x1f0
[  362.012301][ T9967]  should_fail_ex+0x512/0x640
[  362.012327][ T9967]  _copy_from_user+0x2e/0xd0
[  362.012351][ T9967]  copy_from_sockptr_offset.constprop.0+0x136/0x170
[  362.012373][ T9967]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  362.012401][ T9967]  sk_setsockopt+0x170/0x3e40
[  362.012430][ T9967]  ? __pfx_sk_setsockopt+0x10/0x10
[  362.012454][ T9967]  ? selinux_netlbl_socket_setsockopt+0x183/0x470
[  362.012479][ T9967]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  362.012501][ T9967]  ? proc_fail_nth_write+0x9f/0x250
[  362.012534][ T9967]  ? selinux_socket_setsockopt+0x6a/0x80
[  362.012558][ T9967]  do_sock_setsockopt+0x3f2/0x470
[  362.012574][ T9967]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  362.012606][ T9967]  __sys_setsockopt+0x1a0/0x230
[  362.012632][ T9967]  __x64_sys_setsockopt+0xbd/0x160
[  362.012653][ T9967]  ? do_syscall_64+0x91/0x4c0
[  362.012683][ T9967]  ? lockdep_hardirqs_on+0x7c/0x110
[  362.012706][ T9967]  do_syscall_64+0xcd/0x4c0
[  362.012733][ T9967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.012750][ T9967] RIP: 0033:0x7fa9cbf8e929
[  362.012764][ T9967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.012780][ T9967] RSP: 002b:00007fa9ccd1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  362.012796][ T9967] RAX: ffffffffffffffda RBX: 00007fa9cc1b5fa0 RCX: 00007fa9cbf8e929
[  362.012807][ T9967] RDX: 000000000000004a RSI: 0000000000000001 RDI: 0000000000000003
[  362.012817][ T9967] RBP: 00007fa9ccd1e090 R08: 0000000000000004 R09: 0000000000000000
[  362.012827][ T9967] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.012837][ T9967] R13: 0000000000000000 R14: 00007fa9cc1b5fa0 R15: 00007ffeb33bb038
[  362.012863][ T9967]  </TASK>
[  362.013949][ T9970] ubi31: attaching mtd0
[  362.226222][ T9970] ubi31: scanning is finished
[  362.230922][ T9970] ubi31: empty MTD device detected
[  362.245147][ T5919] pyra 0003:1E7D:2CF6.0005: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0
[  362.288785][ T9969] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1084'.
[  362.334735][ T9970] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  362.353888][ T9974] FAULT_INJECTION: forcing a failure.
[  362.353888][ T9974] name failslab, interval 1, probability 0, space 0, times 0
[  362.388097][ T9974] CPU: 0 UID: 0 PID: 9974 Comm: syz.2.1084 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  362.388116][ T9974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  362.388122][ T9974] Call Trace:
[  362.388126][ T9974]  <TASK>
[  362.388130][ T9974]  dump_stack_lvl+0x16c/0x1f0
[  362.388149][ T9974]  should_fail_ex+0x512/0x640
[  362.388166][ T9974]  should_failslab+0xc2/0x120
[  362.388181][ T9974]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  362.388199][ T9974]  ? dst_alloc+0x99/0x1a0
[  362.388213][ T9974]  ? __pfx_ip6_dst_gc+0x10/0x10
[  362.388227][ T9974]  dst_alloc+0x99/0x1a0
[  362.388240][ T9974]  ip6_rt_cache_alloc+0x1f6/0x8c0
[  362.388253][ T9974]  ? __pfx_ip6_rt_cache_alloc+0x10/0x10
[  362.388268][ T9974]  ip6_pol_route+0xd7b/0x1230
[  362.388281][ T9974]  ? __pfx_ip6_pol_route+0x10/0x10
[  362.388293][ T9974]  ? __pfx_stack_trace_save+0x10/0x10
[  362.388306][ T9974]  ? stack_depot_save_flags+0x28/0xa40
[  362.388323][ T9974]  ? register_lock_class+0x41/0x4c0
[  362.388342][ T9974]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  362.388353][ T9974]  fib6_rule_lookup+0x24c/0x720
[  362.388365][ T9974]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  362.388382][ T9974]  ? dev_get_by_index_rcu+0x102/0x140
[  362.388397][ T9974]  ip6_route_output_flags+0x1d0/0x640
[  362.388408][ T9974]  ip6_dst_lookup_tail.constprop.0+0x115a/0x2140
[  362.388424][ T9974]  ? up_write+0x1b2/0x520
[  362.388436][ T9974]  ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10
[  362.388451][ T9974]  ? __lock_acquire+0x622/0x1c90
[  362.388471][ T9974]  ip6_dst_lookup_flow+0x99/0x1d0
[  362.388483][ T9974]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  362.388493][ T9974]  ? find_held_lock+0x2b/0x80
[  362.388505][ T9974]  ? rawv6_sendmsg+0xb73/0x47a0
[  362.388517][ T9974]  rawv6_sendmsg+0xe8a/0x47a0
[  362.388533][ T9974]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  362.388543][ T9974]  ? avc_has_perm_noaudit+0x149/0x3b0
[  362.388561][ T9974]  ? avc_has_perm+0x11a/0x1c0
[  362.388577][ T9974]  ? __pfx_avc_has_perm+0x10/0x10
[  362.388605][ T9974]  ? inode_has_perm+0x16f/0x1d0
[  362.388615][ T9974]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  362.388626][ T9974]  ? inet_sendmsg+0x119/0x140
[  362.388639][ T9974]  inet_sendmsg+0x119/0x140
[  362.388652][ T9974]  sock_write_iter+0x4aa/0x5b0
[  362.388664][ T9974]  ? __pfx_sock_write_iter+0x10/0x10
[  362.388684][ T9974]  ? bpf_lsm_file_permission+0x9/0x10
[  362.388699][ T9974]  ? security_file_permission+0x71/0x210
[  362.388714][ T9974]  ? rw_verify_area+0xcf/0x680
[  362.388727][ T9974]  vfs_write+0x6c7/0x1150
[  362.388739][ T9974]  ? __pfx_sock_write_iter+0x10/0x10
[  362.388751][ T9974]  ? __pfx_vfs_write+0x10/0x10
[  362.388762][ T9974]  ? find_held_lock+0x2b/0x80
[  362.388783][ T9974]  ksys_write+0x1f8/0x250
[  362.388795][ T9974]  ? __pfx_ksys_write+0x10/0x10
[  362.388811][ T9974]  do_syscall_64+0xcd/0x4c0
[  362.388827][ T9974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.388838][ T9974] RIP: 0033:0x7fc202b8e929
[  362.388847][ T9974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.388857][ T9974] RSP: 002b:00007fc2039ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  362.388866][ T9974] RAX: ffffffffffffffda RBX: 00007fc202db6080 RCX: 00007fc202b8e929
[  362.388873][ T9974] RDX: 0000000000000043 RSI: 00002000000003c0 RDI: 0000000000000003
[  362.388878][ T9974] RBP: 00007fc2039ed090 R08: 0000000000000000 R09: 0000000000000000
[  362.388884][ T9974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.388889][ T9974] R13: 0000000000000000 R14: 00007fc202db6080 R15: 00007fff775b5cd8
[  362.388902][ T9974]  </TASK>
[  362.772862][   T30] audit: type=1326 audit(2000000190.970:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9927 comm="syz.3.1069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2cf98e929 code=0x7fc00000
[  362.857317][ T5919] pyra 0003:1E7D:2CF6.0005: couldn't init struct pyra_device
[  362.867116][ T9981] FAULT_INJECTION: forcing a failure.
[  362.867116][ T9981] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  362.867146][ T9981] CPU: 1 UID: 0 PID: 9981 Comm: syz.1.1086 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  362.867168][ T9981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  362.867177][ T9981] Call Trace:
[  362.867183][ T9981]  <TASK>
[  362.867189][ T9981]  dump_stack_lvl+0x16c/0x1f0
[  362.867218][ T9981]  should_fail_ex+0x512/0x640
[  362.867245][ T9981]  _copy_from_user+0x2e/0xd0
[  362.867269][ T9981]  copy_msghdr_from_user+0x98/0x160
[  362.867294][ T9981]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  362.867330][ T9981]  ___sys_sendmsg+0xfe/0x1d0
[  362.867354][ T9981]  ? __pfx____sys_sendmsg+0x10/0x10
[  362.867374][ T9981]  ? __lock_acquire+0x622/0x1c90
[  362.867431][ T9981]  __sys_sendmsg+0x16d/0x220
[  362.867455][ T9981]  ? __pfx___sys_sendmsg+0x10/0x10
[  362.867494][ T9981]  do_syscall_64+0xcd/0x4c0
[  362.867520][ T9981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.867538][ T9981] RIP: 0033:0x7f24cb78e929
[  362.867551][ T9981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.867567][ T9981] RSP: 002b:00007f24cc520038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  362.867583][ T9981] RAX: ffffffffffffffda RBX: 00007f24cb9b5fa0 RCX: 00007f24cb78e929
[  362.867594][ T9981] RDX: 0000000000044000 RSI: 0000200000000080 RDI: 0000000000000003
[  362.867610][ T9981] RBP: 00007f24cc520090 R08: 0000000000000000 R09: 0000000000000000
[  362.867619][ T9981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.867628][ T9981] R13: 0000000000000000 R14: 00007f24cb9b5fa0 R15: 00007fffe9a3fa68
[  362.867655][ T9981]  </TASK>
[  363.054375][ T5919] pyra 0003:1E7D:2CF6.0005: couldn't install mouse
[  363.068106][ T5919] pyra 0003:1E7D:2CF6.0005: probe with driver pyra failed with error -32
[  363.082278][ T5919] usb 1-1: USB disconnect, device number 24
[  365.220837][    T9] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  365.520580][    T9] usb 2-1: Using ep0 maxpacket: 32
[  365.532384][    T9] usb 2-1: config 4 has an invalid interface number: 128 but max is 0
[  365.542340][    T9] usb 2-1: config 4 has no interface number 0
[  365.730651][ T5919] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  365.761054][    T9] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  365.780805][  T975] IPVS: starting estimator thread 0...
[  365.800901][    T9] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  365.809142][T10007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  365.810968][   T30] audit: type=1400 audit(2000000194.010:803): avc:  denied  { accept } for  pid=10006 comm="syz.2.1095" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  365.819580][T10007] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  365.839175][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  365.857191][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.892808][    T9] hub 2-1:4.128: USB hub found
[  365.930899][T10013] IPVS: using max 46 ests per chain, 110400 per kthread
[  365.931740][ T5919] usb 5-1: Using ep0 maxpacket: 32
[  365.945460][ T5919] usb 5-1: unable to get BOS descriptor or descriptor too short
[  365.954127][ T5919] usb 5-1: config 7 has an invalid interface number: 187 but max is 0
[  365.962547][ T5919] usb 5-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  365.973208][ T5919] usb 5-1: config 7 has no interface number 0
[  365.979281][ T5919] usb 5-1: config 7 interface 187 altsetting 6 endpoint 0x4 has invalid wMaxPacketSize 0
[  365.996579][ T5919] usb 5-1: config 7 interface 187 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  366.010016][ T5919] usb 5-1: config 7 interface 187 has no altsetting 0
[  366.018900][ T5919] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  366.028611][ T5919] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.044312][ T5919] usb 5-1: Product: syz
[  366.048830][ T5919] usb 5-1: Manufacturer: syz
[  366.058742][ T5919] usb 5-1: SerialNumber: syz
[  366.091129][    T9] hub 2-1:4.128: 2 ports detected
[  366.100737][    T9] hub 2-1:4.128: Using single TT (err -22)
[  366.293090][T10005] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  366.305086][    T9] hub 2-1:4.128: hub_hub_status failed (err = -71)
[  366.316991][    T9] hub 2-1:4.128: config failed, can't get hub status (err -71)
[  366.331582][T10005] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  366.361804][T10019] netlink: 55631 bytes leftover after parsing attributes in process `syz.0.1098'.
[  366.364119][ T5919] usb 5-1: Unknown endpoint type found, address 0x04
[  366.378698][    T9] usb 2-1: USB disconnect, device number 34
[  366.387067][ T5919] usb 5-1: Not enough endpoints found in device, aborting!
[  366.481706][   T30] audit: type=1400 audit(2000000194.690:804): avc:  denied  { execute } for  pid=10020 comm="syz.3.1099" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=23075 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  366.514404][   T30] audit: type=1400 audit(2000000194.720:805): avc:  denied  { bind } for  pid=10022 comm="syz.0.1100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  367.016572][T10030] binder: Unknown parameter 'audit'
[  367.024489][   T30] audit: type=1400 audit(2000000195.220:806): avc:  denied  { mounton } for  pid=10022 comm="syz.0.1100" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  367.217584][T10025] could not allocate digest TFM handle rmd128-generic
[  367.811010][ T5919] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  367.886329][   T30] audit: type=1400 audit(2000000196.090:807): avc:  denied  { setopt } for  pid=10046 comm="syz.3.1104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  367.999221][ T5919] usb 2-1: device descriptor read/64, error -71
[  368.129491][T10052] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1107'.
[  368.297259][    T9] usb 5-1: USB disconnect, device number 31
[  368.310582][ T5919] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  368.393885][T10059] FAULT_INJECTION: forcing a failure.
[  368.393885][T10059] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.408854][T10059] CPU: 0 UID: 0 PID: 10059 Comm: syz.4.1111 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  368.408872][T10059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  368.408879][T10059] Call Trace:
[  368.408883][T10059]  <TASK>
[  368.408888][T10059]  dump_stack_lvl+0x16c/0x1f0
[  368.408908][T10059]  should_fail_ex+0x512/0x640
[  368.408924][T10059]  _copy_from_user+0x2e/0xd0
[  368.408939][T10059]  copy_msghdr_from_user+0x98/0x160
[  368.408954][T10059]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  368.408974][T10059]  ___sys_sendmsg+0xfe/0x1d0
[  368.408989][T10059]  ? __pfx____sys_sendmsg+0x10/0x10
[  368.409001][T10059]  ? __lock_acquire+0x622/0x1c90
[  368.409033][T10059]  __sys_sendmsg+0x16d/0x220
[  368.409047][T10059]  ? __pfx___sys_sendmsg+0x10/0x10
[  368.409069][T10059]  do_syscall_64+0xcd/0x4c0
[  368.409085][T10059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.409095][T10059] RIP: 0033:0x7fa9cbf8e929
[  368.409105][T10059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.409114][T10059] RSP: 002b:00007fa9ccd1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  368.409125][T10059] RAX: ffffffffffffffda RBX: 00007fa9cc1b5fa0 RCX: 00007fa9cbf8e929
[  368.409131][T10059] RDX: 0000000000000020 RSI: 0000200000000000 RDI: 0000000000000005
[  368.409136][T10059] RBP: 00007fa9ccd1e090 R08: 0000000000000000 R09: 0000000000000000
[  368.409142][T10059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.409147][T10059] R13: 0000000000000000 R14: 00007fa9cc1b5fa0 R15: 00007ffeb33bb038
[  368.409160][T10059]  </TASK>
[  368.762245][   T30] audit: type=1400 audit(2000000196.920:808): avc:  denied  { setopt } for  pid=10058 comm="syz.0.1109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  368.800654][ T5919] usb 2-1: device descriptor read/64, error -71
[  368.926193][ T5919] usb usb2-port1: attempt power cycle
[  369.232205][T10075] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1116'.
[  369.241301][T10075] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1116'.
[  369.688046][T10070] overlay: Unknown parameter 'pcr'
[  369.800684][ T5919] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  369.861591][ T5919] usb 2-1: device descriptor read/8, error -71
[  370.194654][  T975] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  370.330634][ T5927] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  370.359715][T10089] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  370.373455][T10089] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  370.393005][  T975] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  370.411356][  T975] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  370.422664][  T975] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  370.433320][  T975] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  370.447473][  T975] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  370.456762][  T975] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.467929][  T975] usb 1-1: config 0 descriptor??
[  370.482063][ T5927] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  370.508100][ T5927] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  370.530899][ T5927] usb 5-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  370.539997][ T5927] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.586380][ T5927] usb 5-1: config 0 descriptor??
[  370.766712][T10094] syzkaller1: entered promiscuous mode
[  370.772626][T10094] syzkaller1: entered allmulticast mode
[  371.013566][  T975] plantronics 0003:047F:FFFF.0006: ignoring exceeding usage max
[  371.194516][ T5927] playstation 0003:054C:0DF2.0007: unknown main item tag 0x0
[  371.194572][  T975] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  371.244313][ T5927] playstation 0003:054C:0DF2.0007: unknown main item tag 0x0
[  371.256836][  T975] plantronics 0003:047F:FFFF.0006: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  371.268988][ T5927] playstation 0003:054C:0DF2.0007: unknown main item tag 0x0
[  371.278988][ T5927] playstation 0003:054C:0DF2.0007: unknown main item tag 0x0
[  371.314032][ T5927] playstation 0003:054C:0DF2.0007: unknown main item tag 0x0
[  371.354965][ T5927] playstation 0003:054C:0DF2.0007: hidraw1: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.4-1/input0
[  371.627140][ T5927] playstation 0003:054C:0DF2.0007: Failed to retrieve feature with reportID 9: -32
[  371.670683][T10102] netlink: 'syz.2.1124': attribute type 9 has an invalid length.
[  371.681613][T10106] input: syz1 as /devices/virtual/input/input18
[  371.934979][T10106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  371.946650][T10106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  374.557735][ T5927] playstation 0003:054C:0DF2.0007: Failed to retrieve DualSense pairing info: -32
[  374.800997][ T5927] playstation 0003:054C:0DF2.0007: Failed to get MAC address from DualSense
[  374.893930][ T5927] playstation 0003:054C:0DF2.0007: Failed to create dualsense.
[  374.935101][ T5944] usb 1-1: USB disconnect, device number 25
[  374.943124][T10103] syzkaller1: entered promiscuous mode
[  374.948591][T10103] syzkaller1: entered allmulticast mode
[  374.964703][ T5927] playstation 0003:054C:0DF2.0007: probe with driver playstation failed with error -32
[  375.039035][ T5927] usb 5-1: USB disconnect, device number 32
[  375.526611][T10122] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1125'.
[  375.575439][T10122] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1125'.
[  375.601847][   T30] audit: type=1400 audit(2000000203.790:809): avc:  denied  { getopt } for  pid=10119 comm="syz.1.1130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  376.827690][T10135] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  376.884313][T10135] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  376.924072][T10135] FAULT_INJECTION: forcing a failure.
[  376.924072][T10135] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.983039][T10135] CPU: 0 UID: 0 PID: 10135 Comm: syz.2.1134 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  376.983070][T10135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  376.983081][T10135] Call Trace:
[  376.983087][T10135]  <TASK>
[  376.983094][T10135]  dump_stack_lvl+0x16c/0x1f0
[  376.983127][T10135]  should_fail_ex+0x512/0x640
[  376.983156][T10135]  _copy_to_user+0x32/0xd0
[  376.983183][T10135]  simple_read_from_buffer+0xcb/0x170
[  376.983210][T10135]  proc_fail_nth_read+0x197/0x270
[  376.983234][T10135]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  376.983257][T10135]  ? rw_verify_area+0xcf/0x680
[  376.983277][T10135]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  376.983299][T10135]  vfs_read+0x1e4/0xc60
[  376.983326][T10135]  ? __pfx___mutex_lock+0x10/0x10
[  376.983352][T10135]  ? __pfx_vfs_read+0x10/0x10
[  376.983382][T10135]  ? __fget_files+0x20e/0x3c0
[  376.983415][T10135]  ksys_read+0x12a/0x250
[  376.983436][T10135]  ? __pfx_ksys_read+0x10/0x10
[  376.983458][T10135]  ? fdget+0x187/0x210
[  376.983491][T10135]  do_syscall_64+0xcd/0x4c0
[  376.983520][T10135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.983538][T10135] RIP: 0033:0x7fc202b8d33c
[  376.983552][T10135] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  376.983569][T10135] RSP: 002b:00007fc203a0e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  376.983586][T10135] RAX: ffffffffffffffda RBX: 00007fc202db5fa0 RCX: 00007fc202b8d33c
[  376.983597][T10135] RDX: 000000000000000f RSI: 00007fc203a0e0a0 RDI: 0000000000000004
[  376.983607][T10135] RBP: 00007fc203a0e090 R08: 0000000000000000 R09: 0000000000000000
[  376.983617][T10135] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  376.983628][T10135] R13: 0000000000000000 R14: 00007fc202db5fa0 R15: 00007fff775b5cd8
[  376.983653][T10135]  </TASK>
[  377.117506][T10140] FAULT_INJECTION: forcing a failure.
[  377.117506][T10140] name failslab, interval 1, probability 0, space 0, times 0
[  377.117549][T10140] CPU: 0 UID: 0 PID: 10140 Comm: syz.0.1136 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  377.117571][T10140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  377.117580][T10140] Call Trace:
[  377.117585][T10140]  <TASK>
[  377.117591][T10140]  dump_stack_lvl+0x16c/0x1f0
[  377.117614][T10140]  should_fail_ex+0x512/0x640
[  377.117628][T10140]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  377.117644][T10140]  should_failslab+0xc2/0x120
[  377.117660][T10140]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  377.117673][T10140]  ? getname_flags.part.0+0x4c/0x550
[  377.117687][T10140]  getname_flags.part.0+0x4c/0x550
[  377.117696][T10140]  ? find_held_lock+0x2b/0x80
[  377.117712][T10140]  getname_flags+0x93/0xf0
[  377.117725][T10140]  do_sys_openat2+0xb8/0x1d0
[  377.117735][T10140]  ? __pfx_do_sys_openat2+0x10/0x10
[  377.117743][T10140]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  377.117760][T10140]  ? kvm_sched_clock_read+0x11/0x20
[  377.117773][T10140]  ? sched_clock+0x38/0x60
[  377.117788][T10140]  __x64_sys_openat+0x174/0x210
[  377.117799][T10140]  ? __pfx___x64_sys_openat+0x10/0x10
[  377.117810][T10140]  ? __pfx___rdmsr_safe_on_cpu+0x10/0x10
[  377.117828][T10140]  do_syscall_64+0xcd/0x4c0
[  377.117845][T10140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.117856][T10140] RIP: 0033:0x7f8126b8d290
[  377.117865][T10140] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  377.117876][T10140] RSP: 002b:00007f8127996f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  377.117887][T10140] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f8126b8d290
[  377.117893][T10140] RDX: 0000000000000002 RSI: 00007f8127996fa0 RDI: 00000000ffffff9c
[  377.117900][T10140] RBP: 00007f8127996fa0 R08: 0000000000000000 R09: 0000000000000000
[  377.117906][T10140] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  377.117911][T10140] R13: 0000000000000001 R14: 00007f8126db6080 R15: 00007fff6f090dc8
[  377.117925][T10140]  </TASK>
[  377.559293][T10147] overlayfs: overlapping lowerdir path
[  377.646250][   T30] audit: type=1400 audit(2000000205.850:810): avc:  denied  { read append } for  pid=10136 comm="syz.4.1135" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  377.646293][   T30] audit: type=1400 audit(2000000205.850:811): avc:  denied  { open } for  pid=10136 comm="syz.4.1135" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  377.646315][   T30] audit: type=1400 audit(2000000205.850:812): avc:  denied  { map } for  pid=10136 comm="syz.4.1135" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  377.646336][   T30] audit: type=1400 audit(2000000205.850:813): avc:  denied  { ioctl } for  pid=10136 comm="syz.4.1135" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4620 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  378.183886][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  378.183936][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  378.377992][T10120] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  378.378036][T10120] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  378.378051][T10120] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  378.378066][T10120] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  378.856818][T10137] tty tty29: ldisc open failed (-12), clearing slot 28
[  378.865175][T10140] tty tty1: ldisc open failed (-12), clearing slot 0
[  379.067588][T10171] FAULT_INJECTION: forcing a failure.
[  379.067588][T10171] name failslab, interval 1, probability 0, space 0, times 0
[  379.113286][T10171] CPU: 1 UID: 0 PID: 10171 Comm: syz.4.1143 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  379.113305][T10171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  379.113311][T10171] Call Trace:
[  379.113315][T10171]  <TASK>
[  379.113320][T10171]  dump_stack_lvl+0x16c/0x1f0
[  379.113339][T10171]  should_fail_ex+0x512/0x640
[  379.113354][T10171]  ? fs_reclaim_acquire+0xae/0x150
[  379.113366][T10171]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  379.113382][T10171]  should_failslab+0xc2/0x120
[  379.113398][T10171]  __kmalloc_noprof+0xd2/0x510
[  379.113415][T10171]  tomoyo_realpath_from_path+0xc2/0x6e0
[  379.113430][T10171]  ? tomoyo_profile+0x47/0x60
[  379.113447][T10171]  tomoyo_path_number_perm+0x245/0x580
[  379.113458][T10171]  ? tomoyo_path_number_perm+0x237/0x580
[  379.113472][T10171]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  379.113485][T10171]  ? find_held_lock+0x2b/0x80
[  379.113514][T10171]  ? find_held_lock+0x2b/0x80
[  379.113526][T10171]  ? hook_file_ioctl_common+0x145/0x410
[  379.113548][T10171]  ? __fget_files+0x20e/0x3c0
[  379.113565][T10171]  security_file_ioctl+0x9b/0x240
[  379.113581][T10171]  __x64_sys_ioctl+0xb7/0x210
[  379.113594][T10171]  do_syscall_64+0xcd/0x4c0
[  379.113611][T10171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.113622][T10171] RIP: 0033:0x7fa9cbf8e929
[  379.113632][T10171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  379.113642][T10171] RSP: 002b:00007fa9ccd1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  379.113653][T10171] RAX: ffffffffffffffda RBX: 00007fa9cc1b5fa0 RCX: 00007fa9cbf8e929
[  379.113659][T10171] RDX: 0000200000000180 RSI: 0000000080184132 RDI: 0000000000000005
[  379.113665][T10171] RBP: 00007fa9ccd1e090 R08: 0000000000000000 R09: 0000000000000000
[  379.113671][T10171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  379.113676][T10171] R13: 0000000000000000 R14: 00007fa9cc1b5fa0 R15: 00007ffeb33bb038
[  379.113689][T10171]  </TASK>
[  379.114807][T10171] ERROR: Out of memory at tomoyo_realpath_from_path.
[  380.055876][T10183] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1145'.
[  380.065004][T10183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1145'.
[  381.103547][T10195] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1149'.
[  381.521622][T10198] bond1: (slave gretap2): Enslaving as an active interface with an up link
[  381.563197][T10195] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1149'.
[  381.574113][T10204] mkiss: ax0: crc mode is auto.
[  381.956883][T10194] netlink: 'syz.2.1148': attribute type 9 has an invalid length.
[  381.967689][T10194] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  382.073239][T10207] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.082116][T10207] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.216681][T10207] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  382.282271][T10219] FAULT_INJECTION: forcing a failure.
[  382.282271][T10219] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  382.295589][T10219] CPU: 1 UID: 0 PID: 10219 Comm: syz.2.1154 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  382.295614][T10219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  382.295624][T10219] Call Trace:
[  382.295631][T10219]  <TASK>
[  382.295638][T10219]  dump_stack_lvl+0x16c/0x1f0
[  382.295668][T10219]  should_fail_ex+0x512/0x640
[  382.295694][T10219]  should_fail_alloc_page+0xe7/0x130
[  382.295722][T10219]  prepare_alloc_pages+0x3c2/0x610
[  382.295745][T10219]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  382.295769][T10219]  ? rcu_preempt_deferred_qs_irqrestore+0x4f5/0xbc0
[  382.295805][T10219]  ? lock_acquire+0x179/0x350
[  382.295830][T10219]  ? find_held_lock+0x2b/0x80
[  382.295853][T10219]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  382.295875][T10219]  ? rcu_is_watching+0x12/0xc0
[  382.295896][T10219]  ? finish_task_switch.isra.0+0x221/0xc10
[  382.295918][T10219]  ? lockdep_hardirqs_on+0x7c/0x110
[  382.295942][T10219]  ? finish_task_switch.isra.0+0x221/0xc10
[  382.295967][T10219]  ? trace_sched_exit_tp+0xde/0x130
[  382.295990][T10219]  ? __schedule+0x1181/0x5de0
[  382.296012][T10219]  ? ksys_write+0x190/0x250
[  382.296035][T10219]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  382.296058][T10219]  ? policy_nodemask+0xea/0x4e0
[  382.296085][T10219]  alloc_pages_mpol+0x1fb/0x550
[  382.296110][T10219]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  382.296132][T10219]  ? __fget_files+0x20e/0x3c0
[  382.296164][T10219]  alloc_pages_noprof+0x131/0x390
[  382.296190][T10219]  get_free_pages_noprof+0x10/0xb0
[  382.296215][T10219]  __do_sys_mincore+0xf6/0x620
[  382.296238][T10219]  ? rcu_is_watching+0x12/0xc0
[  382.296266][T10219]  do_syscall_64+0xcd/0x4c0
[  382.296294][T10219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.296311][T10219] RIP: 0033:0x7fc202b8e929
[  382.296325][T10219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.296341][T10219] RSP: 002b:00007fc2039cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000001b
[  382.296356][T10219] RAX: ffffffffffffffda RBX: 00007fc202db6160 RCX: 00007fc202b8e929
[  382.296367][T10219] RDX: 0000200000000200 RSI: 0000000000400000 RDI: 0000200000bfe000
[  382.296378][T10219] RBP: 00007fc2039cc090 R08: 0000000000000000 R09: 0000000000000000
[  382.296387][T10219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.296397][T10219] R13: 0000000000000000 R14: 00007fc202db6160 R15: 00007fff775b5cd8
[  382.296419][T10219]  </TASK>
[  382.544383][T10154] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  382.557144][T10207] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  382.623845][T10207] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  382.634054][T10207] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  382.643253][T10207] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  382.658873][T10195] 8021q: adding VLAN 0 to HW filter on device bond1
[  382.700676][T10154] usb 5-1: Using ep0 maxpacket: 8
[  382.713070][T10154] usb 5-1: config index 0 descriptor too short (expected 6427, got 27)
[  382.793559][T10225] netlink: 'syz.3.1158': attribute type 12 has an invalid length.
[  382.799688][T10154] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  382.814967][T10225] netlink: 'syz.3.1158': attribute type 29 has an invalid length.
[  382.823008][T10225] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1158'.
[  382.853775][T10154] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  382.875648][T10154] usb 5-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0
[  382.893501][T10154] usb 5-1: Product: syz
[  382.905492][T10154] usb 5-1: Manufacturer: syz
[  382.930320][T10154] usb 5-1: config 0 descriptor??
[  383.023956][   T30] audit: type=1400 audit(2000000211.230:814): avc:  denied  { ioctl } for  pid=10228 comm="syz.0.1156" path="socket:[23467]" dev="sockfs" ino=23467 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  383.131678][ T5866] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  383.144120][T10154] usb 5-1: USB disconnect, device number 33
[  383.234929][T10236] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1160'.
[  383.244108][T10236] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1160'.
[  383.623232][ T5866] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  383.652771][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  383.679800][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  383.718742][ T5866] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  383.760151][ T5866] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  383.775698][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.215579][ T5866] usb 2-1: config 0 descriptor??
[  384.447437][T10245] overlayfs: failed to clone lowerpath
[  385.174855][ T5866] plantronics 0003:047F:FFFF.0008: ignoring exceeding usage max
[  385.345038][ T5866] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  385.379410][ T5866] plantronics 0003:047F:FFFF.0008: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  385.416570][ T5866] usb 2-1: USB disconnect, device number 39
[  385.425486][T10275] overlayfs: failed to clone lowerpath
[  385.498581][T10277] FAULT_INJECTION: forcing a failure.
[  385.498581][T10277] name failslab, interval 1, probability 0, space 0, times 0
[  385.525956][T10276] fido_id[10276]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  385.546960][T10277] CPU: 1 UID: 0 PID: 10277 Comm: syz.2.1172 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  385.546989][T10277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  385.547000][T10277] Call Trace:
[  385.547006][T10277]  <TASK>
[  385.547013][T10277]  dump_stack_lvl+0x16c/0x1f0
[  385.547045][T10277]  should_fail_ex+0x512/0x640
[  385.547069][T10277]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  385.547095][T10277]  should_failslab+0xc2/0x120
[  385.547121][T10277]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  385.547144][T10277]  ? getname_flags.part.0+0x4c/0x550
[  385.547168][T10277]  getname_flags.part.0+0x4c/0x550
[  385.547189][T10277]  getname_flags+0x93/0xf0
[  385.547213][T10277]  do_sys_openat2+0xb8/0x1d0
[  385.547229][T10277]  ? __pfx_do_sys_openat2+0x10/0x10
[  385.547248][T10277]  ? __fget_files+0x20e/0x3c0
[  385.547277][T10277]  __x64_sys_open+0x153/0x1e0
[  385.547295][T10277]  ? __pfx___x64_sys_open+0x10/0x10
[  385.547317][T10277]  ? rcu_is_watching+0x12/0xc0
[  385.547342][T10277]  do_syscall_64+0xcd/0x4c0
[  385.547372][T10277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.547390][T10277] RIP: 0033:0x7fc202b8e929
[  385.547405][T10277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.547423][T10277] RSP: 002b:00007fc2039ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  385.547440][T10277] RAX: ffffffffffffffda RBX: 00007fc202db6080 RCX: 00007fc202b8e929
[  385.547452][T10277] RDX: 00000000000001e8 RSI: 0000000000101000 RDI: 0000200000000000
[  385.547462][T10277] RBP: 00007fc2039ed090 R08: 0000000000000000 R09: 0000000000000000
[  385.547479][T10277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  385.547489][T10277] R13: 0000000000000001 R14: 00007fc202db6080 R15: 00007fff775b5cd8
[  385.547517][T10277]  </TASK>
[  388.878795][T10328] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1189'.
[  388.892917][T10327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  388.922090][T10327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  389.100594][  T117] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  390.067334][T10325] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  390.087878][T10325] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  390.121653][  T117] usb 2-1: unable to get BOS descriptor or descriptor too short
[  390.151693][  T117] usb 2-1: unable to read config index 0 descriptor/start: -71
[  390.159405][  T117] usb 2-1: can't read configurations, error -71
[  390.767491][T10352] syzkaller1: entered promiscuous mode
[  390.773132][T10352] syzkaller1: entered allmulticast mode
[  391.501542][T10364] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1200'.
[  391.553994][   T30] audit: type=1400 audit(2000000219.760:815): avc:  denied  { execute } for  pid=10358 comm="syz.3.1198" name="file0" dev="ramfs" ino=24772 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  391.610844][ T5944] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  391.628820][   T30] audit: type=1400 audit(2000000219.790:816): avc:  denied  { execute_no_trans } for  pid=10358 comm="syz.3.1198" path="/file0" dev="ramfs" ino=24772 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  391.806187][ T5944] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  391.826182][ T5944] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  391.846672][ T5944] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  391.872529][ T5944] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.901069][T10362] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  392.255041][ T5944] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  392.351013][ T5866] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  393.191378][ T5866] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  393.231159][ T5944] usb 2-1: USB disconnect, device number 42
[  393.261519][ T5866] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  393.295378][ T5866] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  393.308272][ T5866] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  393.330796][T10371] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  393.348043][ T5866] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  393.414719][T10385] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1206'.
[  393.476050][T10385] vlan0: entered allmulticast mode
[  393.484281][T10385] veth1: entered allmulticast mode
[  393.490036][T10385] bridge2: port 1(vlan0) entered blocking state
[  393.504101][T10385] bridge2: port 1(vlan0) entered disabled state
[  393.512846][T10385] vlan0: entered promiscuous mode
[  393.517983][T10385] veth1: entered promiscuous mode
[  393.552306][ T5944] usb 5-1: USB disconnect, device number 34
[  393.581192][   T24] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  393.601012][   T30] audit: type=1400 audit(2000000221.810:817): avc:  denied  { ioctl } for  pid=10386 comm="syz.2.1207" path="socket:[24807]" dev="sockfs" ino=24807 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  393.625665][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.668778][T10390] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  393.678767][T10390] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  393.769991][   T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  393.784177][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  393.799119][   T24] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  393.809171][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  393.819531][   T24] usb 1-1: config 0 descriptor??
[  393.827531][   T24] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  393.856608][T10394] overlayfs: failed to clone lowerpath
[  393.976950][T10401] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1212'.
[  396.442872][T10154] usb 1-1: USB disconnect, device number 26
[  396.897930][   T30] audit: type=1400 audit(2000000225.080:818): avc:  denied  { watch watch_reads } for  pid=10437 comm="syz.4.1221" path="/proc/720/task" dev="proc" ino=24850 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  398.403403][T10155] libceph: connect (1)[c::]:6789 error -101
[  398.409440][T10155] libceph: mon0 (1)[c::]:6789 connect error
[  398.571711][T10455] ceph: No mds server is up or the cluster is laggy
[  399.387913][ T5944] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  399.946650][ T5944] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  400.046067][T10477] syz.0.1230: attempt to access beyond end of device
[  400.046067][T10477] nbd0: rw=0, sector=2, nr_sectors = 1 limit=0
[  400.059356][T10477] hfs: can't find a HFS filesystem on dev nbd0
[  400.397311][ T5944] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  400.411413][ T5944] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  400.465649][ T5944] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  400.529992][ T5944] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  400.565629][T10481] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1232'.
[  400.576839][ T5944] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.584121][T10481] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1232'.
[  400.699481][ T5944] usb 5-1: config 0 descriptor??
[  400.947539][T10488] FAULT_INJECTION: forcing a failure.
[  400.947539][T10488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  400.960927][T10488] CPU: 0 UID: 0 PID: 10488 Comm: syz.2.1234 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  400.960950][T10488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  400.960963][T10488] Call Trace:
[  400.960969][T10488]  <TASK>
[  400.960976][T10488]  dump_stack_lvl+0x16c/0x1f0
[  400.961006][T10488]  should_fail_ex+0x512/0x640
[  400.961038][T10488]  _copy_from_user+0x2e/0xd0
[  400.961064][T10488]  move_addr_to_kernel+0x65/0x170
[  400.961085][T10488]  __sys_sendto+0x1be/0x520
[  400.961107][T10488]  ? __pfx___sys_sendto+0x10/0x10
[  400.961154][T10488]  ? ksys_write+0x1ac/0x250
[  400.961184][T10488]  __x64_sys_sendto+0xe0/0x1c0
[  400.961204][T10488]  ? syscall_trace_enter+0x89/0x260
[  400.961224][T10488]  do_syscall_64+0xcd/0x4c0
[  400.961251][T10488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.961267][T10488] RIP: 0033:0x7fc202b8e929
[  400.961282][T10488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.961297][T10488] RSP: 002b:00007fc2039ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  400.961313][T10488] RAX: ffffffffffffffda RBX: 00007fc202db6080 RCX: 00007fc202b8e929
[  400.961324][T10488] RDX: 000000000000e90c RSI: 00002000000000c0 RDI: 0000000000000006
[  400.961334][T10488] RBP: 00007fc2039ed090 R08: 0000200000000540 R09: 0000000000000014
[  400.961344][T10488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.961355][T10488] R13: 0000000000000000 R14: 00007fc202db6080 R15: 00007fff775b5cd8
[  400.961380][T10488]  </TASK>
[  402.056923][ T5944] usbhid 5-1:0.0: can't add hid device: -71
[  402.090570][ T5944] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  402.126583][T10494] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1235'.
[  402.139206][   T30] audit: type=1400 audit(2000000230.330:819): avc:  denied  { mount } for  pid=10492 comm="syz.3.1235" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  402.281348][ T5944] usb 5-1: USB disconnect, device number 35
[  402.458639][T10501] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10501 comm=syz.2.1237
[  402.710628][ T5944] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  402.891489][ T5944] usb 5-1: Using ep0 maxpacket: 32
[  403.675057][ T5944] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  403.684474][ T5944] usb 5-1: config 0 has no interface number 0
[  403.697315][ T5944] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  403.707880][ T5944] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.716455][ T5944] usb 5-1: Product: syz
[  403.785032][ T5944] usb 5-1: Manufacturer: syz
[  404.057888][ T5944] usb 5-1: SerialNumber: syz
[  404.079585][   T30] audit: type=1400 audit(2000000232.280:820): avc:  denied  { accept } for  pid=10517 comm="syz.3.1243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  404.133557][ T5944] usb 5-1: config 0 descriptor??
[  404.166271][ T5944] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  404.787804][ T5944] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  404.835643][ T5944] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  405.080688][T10533] overlayfs: failed to clone upperpath
[  405.203011][T10535] overlayfs: failed to resolve './file1': -2
[  406.275193][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  406.296313][ T5944] usb 5-1: USB disconnect, device number 36
[  406.326364][ T5944] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  406.364385][ T5944] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  406.381381][ T5944] quatech2 5-1:0.51: device disconnected
[  407.977720][   T30] audit: type=1400 audit(2000000236.180:821): avc:  denied  { nlmsg_write } for  pid=10559 comm="syz.4.1254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  408.450578][T10154] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  408.664907][T10154] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  408.678356][T10154] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.908057][T10154] usb 5-1: Product: syz
[  409.050596][T10154] usb 5-1: Manufacturer: syz
[  409.074254][T10154] usb 5-1: SerialNumber: syz
[  409.084101][T10154] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  409.100921][ T5866] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  410.318353][ T5866] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  410.335048][ T5866] ath9k_htc: Failed to initialize the device
[  410.371548][ T5866] usb 5-1: ath9k_htc: USB layer deinitialized
[  410.537279][T10588] team0: Device gtp0 is of different type
[  410.579359][T10589] 9pnet_fd: Insufficient options for proto=fd
[  410.586834][   T30] audit: type=1400 audit(2000000238.780:822): avc:  denied  { map } for  pid=10585 comm="syz.1.1262" path="socket:[24203]" dev="sockfs" ino=24203 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  410.653822][  T117] usb 5-1: USB disconnect, device number 37
[  410.690170][   T30] audit: type=1400 audit(2000000238.890:823): avc:  denied  { audit_write } for  pid=10590 comm="syz.0.1264" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  411.900120][T10607] nfs4: Unknown parameter ''
[  412.278384][T10606] netlink: 'syz.3.1266': attribute type 12 has an invalid length.
[  412.318440][T10606] netlink: 'syz.3.1266': attribute type 29 has an invalid length.
[  412.376458][T10606] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1266'.
[  412.640134][T10618] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1270'.
[  414.594131][T10618] netlink: 'syz.2.1270': attribute type 5 has an invalid length.
[  414.716565][   T30] audit: type=1400 audit(2000000241.640:824): avc:  denied  { write } for  pid=10616 comm="syz.1.1272" path="socket:[25138]" dev="sockfs" ino=25138 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  414.824687][T10618] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  414.833881][T10618] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  414.842838][T10618] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  414.851599][T10618] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  414.863845][T10618] vxlan0: entered promiscuous mode
[  415.191471][  T117] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  415.370563][  T117] usb 2-1: Using ep0 maxpacket: 16
[  415.383537][  T117] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  415.392908][  T117] usb 2-1: config 0 has no interface number 0
[  415.599419][  T117] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  415.930853][  T117] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  415.938910][  T117] usb 2-1: Product: syz
[  415.945994][  T117] usb 2-1: Manufacturer: syz
[  415.961386][  T117] usb 2-1: SerialNumber: syz
[  415.977436][  T117] usb 2-1: config 0 descriptor??
[  415.992331][  T117] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  416.610406][   T30] audit: type=1400 audit(2000000244.730:825): avc:  denied  { relabelfrom } for  pid=10641 comm="syz.0.1278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  416.907811][   T30] audit: type=1400 audit(2000000244.810:826): avc:  denied  { relabelto } for  pid=10641 comm="syz.0.1278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  417.423339][T10154] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  418.100553][T10154] usb 5-1: Using ep0 maxpacket: 32
[  418.306204][T10154] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  418.320545][T10154] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  418.331949][T10154] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 123, changing to 10
[  418.350550][T10154] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 57771, setting to 1024
[  418.362200][T10154] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  418.442783][  T117] gspca_spca1528: reg_w err -110
[  418.447791][  T117] spca1528 2-1:0.1: probe with driver spca1528 failed with error -110
[  418.473496][  T117] usb 2-1: USB disconnect, device number 43
[  418.520116][T10154] usb 5-1: config 0 interface 0 has no altsetting 0
[  418.563976][T10154] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  418.578381][T10154] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  418.619911][T10154] usb 5-1: Product: syz
[  418.633178][T10154] usb 5-1: Manufacturer: syz
[  418.645186][T10677] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  418.917836][T10154] usb 5-1: SerialNumber: syz
[  418.939043][T10154] usb 5-1: config 0 descriptor??
[  418.949875][T10154] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  418.970418][T10154] ldusb 5-1:0.0: LD USB Device #1 now attached to major 180 minor 1
[  419.191386][T10661] cdc_wdm 3-1:1.0: Error submitting int urb - -90
[  419.242992][ T5927] usb 5-1: USB disconnect, device number 38
[  419.307791][T10694] FAULT_INJECTION: forcing a failure.
[  419.307791][T10694] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  419.321049][T10694] CPU: 0 UID: 0 PID: 10694 Comm: syz.1.1289 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  419.321074][T10694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  419.321083][T10694] Call Trace:
[  419.321088][T10694]  <TASK>
[  419.321094][T10694]  dump_stack_lvl+0x16c/0x1f0
[  419.321124][T10694]  should_fail_ex+0x512/0x640
[  419.321150][T10694]  _copy_to_user+0x32/0xd0
[  419.321175][T10694]  simple_read_from_buffer+0xcb/0x170
[  419.321200][T10694]  proc_fail_nth_read+0x197/0x270
[  419.321222][T10694]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  419.321245][T10694]  ? rw_verify_area+0xcf/0x680
[  419.321264][T10694]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  419.321285][T10694]  vfs_read+0x1e4/0xc60
[  419.321309][T10694]  ? __pfx___mutex_lock+0x10/0x10
[  419.321334][T10694]  ? __pfx_vfs_read+0x10/0x10
[  419.321362][T10694]  ? __fget_files+0x20e/0x3c0
[  419.321392][T10694]  ksys_read+0x12a/0x250
[  419.321412][T10694]  ? __pfx_ksys_read+0x10/0x10
[  419.321440][T10694]  do_syscall_64+0xcd/0x4c0
[  419.321468][T10694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.321484][T10694] RIP: 0033:0x7f24cb78d33c
[  419.321498][T10694] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  419.321513][T10694] RSP: 002b:00007f24c95d5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  419.321529][T10694] RAX: ffffffffffffffda RBX: 00007f24cb9b6160 RCX: 00007f24cb78d33c
[  419.321540][T10694] RDX: 000000000000000f RSI: 00007f24c95d50a0 RDI: 0000000000000009
[  419.321550][T10694] RBP: 00007f24c95d5090 R08: 0000000000000000 R09: 0000000000000000
[  419.321560][T10694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.321570][T10694] R13: 0000000000000000 R14: 00007f24cb9b6160 R15: 00007fffe9a3fa68
[  419.321594][T10694]  </TASK>
[  419.511591][    C0] vkms_vblank_simulate: vblank timer overrun
[  419.523152][   T30] audit: type=1400 audit(2000000247.530:827): avc:  denied  { watch } for  pid=10691 comm="syz.2.1290" path="/281/bus" dev="tmpfs" ino=1511 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  419.564870][T10695] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  419.568994][ T5927] ldusb 5-1:0.0: LD USB Device #1 now disconnected
[  419.575440][   T30] audit: type=1400 audit(2000000247.780:828): avc:  denied  { watch_sb watch_reads } for  pid=10691 comm="syz.2.1290" path="/281/bus" dev="tmpfs" ino=1511 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  419.630170][  T117] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  419.980755][  T117] usb 1-1: Using ep0 maxpacket: 8
[  420.067042][T10706] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1293'.
[  420.068485][  T117] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  420.106442][  T117] usb 1-1: config 0 has no interface number 0
[  420.113826][  T117] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  420.310629][   T30] audit: type=1400 audit(2000000248.430:829): avc:  denied  { lock } for  pid=10705 comm="syz.2.1293" path="socket:[25274]" dev="sockfs" ino=25274 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  420.351076][  T117] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  420.381174][  T117] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.441611][  T117] usb 1-1: config 0 descriptor??
[  420.476019][  T117] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1
[  420.666181][T10710] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1295'.
[  420.792983][T10688] cdc_wdm 3-1:1.0: Error submitting int urb - -90
[  420.952362][T10155] usb 1-1: USB disconnect, device number 27
[  421.274482][T10721] netlink: 5980 bytes leftover after parsing attributes in process `syz.4.1295'.
[  421.334132][T10721] openvswitch: netlink: Flow key attr not present in new flow.
[  421.399726][T10723] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  421.435602][T10723] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  421.692269][T10155] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  421.884291][   T30] audit: type=1400 audit(2000000250.040:830): avc:  denied  { read write } for  pid=10728 comm="syz.0.1299" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  421.907900][    C0] vkms_vblank_simulate: vblank timer overrun
[  421.951548][T10155] usb 2-1: New USB device found, idVendor=0fc5, idProduct=1227, bcdDevice=da.8e
[  421.980252][T10155] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.018902][   T30] audit: type=1400 audit(2000000250.040:831): avc:  denied  { open } for  pid=10728 comm="syz.0.1299" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  422.042414][    C0] vkms_vblank_simulate: vblank timer overrun
[  422.050965][T10155] usb 2-1: Product: syz
[  422.069619][T10155] usb 2-1: Manufacturer: syz
[  422.106125][T10155] usb 2-1: SerialNumber: syz
[  422.495504][T10155] usb 2-1: config 0 descriptor??
[  422.731009][T10155] usbsevseg 2-1:0.0: USB 7 Segment device now attached
[  422.817544][T10725] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  422.852477][T10725] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  422.946973][ T5944] usb 2-1: USB disconnect, device number 44
[  422.956256][ T5944] usbsevseg 2-1:0.0: USB 7 Segment now disconnected
[  424.182040][T10749] FAULT_INJECTION: forcing a failure.
[  424.182040][T10749] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  424.204705][T10749] CPU: 1 UID: 0 PID: 10749 Comm: syz.1.1304 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  424.204731][T10749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  424.204741][T10749] Call Trace:
[  424.204747][T10749]  <TASK>
[  424.204754][T10749]  dump_stack_lvl+0x16c/0x1f0
[  424.204785][T10749]  should_fail_ex+0x512/0x640
[  424.204812][T10749]  _copy_to_user+0x32/0xd0
[  424.204835][T10749]  simple_read_from_buffer+0xcb/0x170
[  424.204865][T10749]  proc_fail_nth_read+0x197/0x270
[  424.204887][T10749]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  424.204912][T10749]  ? rw_verify_area+0xcf/0x680
[  424.204931][T10749]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  424.204952][T10749]  vfs_read+0x1e4/0xc60
[  424.204978][T10749]  ? __pfx___mutex_lock+0x10/0x10
[  424.205003][T10749]  ? __pfx_vfs_read+0x10/0x10
[  424.205033][T10749]  ? __fget_files+0x20e/0x3c0
[  424.205065][T10749]  ksys_read+0x12a/0x250
[  424.205086][T10749]  ? __pfx_ksys_read+0x10/0x10
[  424.205115][T10749]  do_syscall_64+0xcd/0x4c0
[  424.205144][T10749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.205162][T10749] RIP: 0033:0x7f24cb78d33c
[  424.205177][T10749] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  424.205194][T10749] RSP: 002b:00007f24cc520030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  424.205210][T10749] RAX: ffffffffffffffda RBX: 00007f24cb9b5fa0 RCX: 00007f24cb78d33c
[  424.205221][T10749] RDX: 000000000000000f RSI: 00007f24cc5200a0 RDI: 0000000000000008
[  424.205231][T10749] RBP: 00007f24cc520090 R08: 0000000000000000 R09: 0000000000000000
[  424.205241][T10749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  424.205250][T10749] R13: 0000000000000000 R14: 00007f24cb9b5fa0 R15: 00007fffe9a3fa68
[  424.205274][T10749]  </TASK>
[  424.739505][T10761] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  424.749711][T10761] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  424.760734][T10761] cdc_wdm 3-1:1.0: Error submitting int urb - -90
[  425.010683][T10764] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1310'.
[  425.350420][T10774] veth3: entered promiscuous mode
[  425.373333][T10774] veth3: entered allmulticast mode
[  426.044224][T10789] FAULT_INJECTION: forcing a failure.
[  426.044224][T10789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.110268][T10789] CPU: 0 UID: 0 PID: 10789 Comm: syz.1.1314 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  426.110297][T10789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  426.110308][T10789] Call Trace:
[  426.110314][T10789]  <TASK>
[  426.110320][T10789]  dump_stack_lvl+0x16c/0x1f0
[  426.110351][T10789]  should_fail_ex+0x512/0x640
[  426.110377][T10789]  _copy_from_user+0x2e/0xd0
[  426.110401][T10789]  copy_msghdr_from_user+0x98/0x160
[  426.110426][T10789]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  426.110461][T10789]  ___sys_sendmsg+0xfe/0x1d0
[  426.110487][T10789]  ? __pfx____sys_sendmsg+0x10/0x10
[  426.110506][T10789]  ? __lock_acquire+0x622/0x1c90
[  426.110559][T10789]  __sys_sendmsg+0x16d/0x220
[  426.110582][T10789]  ? __pfx___sys_sendmsg+0x10/0x10
[  426.110621][T10789]  do_syscall_64+0xcd/0x4c0
[  426.110645][T10789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.110662][T10789] RIP: 0033:0x7f24cb78e929
[  426.110676][T10789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  426.110692][T10789] RSP: 002b:00007f24c95f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  426.110709][T10789] RAX: ffffffffffffffda RBX: 00007f24cb9b6080 RCX: 00007f24cb78e929
[  426.110720][T10789] RDX: 0000000000044004 RSI: 00002000000000c0 RDI: 0000000000000006
[  426.110730][T10789] RBP: 00007f24c95f6090 R08: 0000000000000000 R09: 0000000000000000
[  426.110739][T10789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  426.110749][T10789] R13: 0000000000000000 R14: 00007f24cb9b6080 R15: 00007fffe9a3fa68
[  426.110772][T10789]  </TASK>
[  428.224766][T10801] FAULT_INJECTION: forcing a failure.
[  428.224766][T10801] name failslab, interval 1, probability 0, space 0, times 0
[  428.237448][T10801] CPU: 0 UID: 0 PID: 10801 Comm: syz.4.1317 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  428.237471][T10801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  428.237481][T10801] Call Trace:
[  428.237487][T10801]  <TASK>
[  428.237494][T10801]  dump_stack_lvl+0x16c/0x1f0
[  428.237523][T10801]  should_fail_ex+0x512/0x640
[  428.237545][T10801]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  428.237571][T10801]  should_failslab+0xc2/0x120
[  428.237595][T10801]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  428.237618][T10801]  ? sock_alloc_inode+0x25/0x1c0
[  428.237638][T10801]  ? __pfx_sock_alloc_inode+0x10/0x10
[  428.237653][T10801]  sock_alloc_inode+0x25/0x1c0
[  428.237668][T10801]  alloc_inode+0x64/0x240
[  428.237686][T10801]  sock_alloc+0x40/0x280
[  428.237714][T10801]  do_accept+0xf7/0x530
[  428.237733][T10801]  ? do_raw_spin_lock+0x12c/0x2b0
[  428.237751][T10801]  ? __pfx_do_accept+0x10/0x10
[  428.237787][T10801]  __sys_accept4+0x100/0x1c0
[  428.237808][T10801]  ? __pfx___sys_accept4+0x10/0x10
[  428.237825][T10801]  ? ksys_write+0x1ac/0x250
[  428.237846][T10801]  ? __pfx_ksys_write+0x10/0x10
[  428.237872][T10801]  __x64_sys_accept+0x74/0xb0
[  428.237890][T10801]  ? lockdep_hardirqs_on+0x7c/0x110
[  428.237915][T10801]  do_syscall_64+0xcd/0x4c0
[  428.237941][T10801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.237958][T10801] RIP: 0033:0x7fa9cbf8e929
[  428.237973][T10801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.237990][T10801] RSP: 002b:00007fa9c9dd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[  428.238011][T10801] RAX: ffffffffffffffda RBX: 00007fa9cc1b6160 RCX: 00007fa9cbf8e929
[  428.238022][T10801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  428.238031][T10801] RBP: 00007fa9c9dd5090 R08: 0000000000000000 R09: 0000000000000000
[  428.238040][T10801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  428.238050][T10801] R13: 0000000000000000 R14: 00007fa9cc1b6160 R15: 00007ffeb33bb038
[  428.238076][T10801]  </TASK>
[  428.897614][   T30] audit: type=1400 audit(2000000257.100:832): avc:  denied  { connect } for  pid=10803 comm="syz.0.1319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  428.922065][T10804] SELinux:  policydb magic number 0x69dafe19 does not match expected magic number 0xf97cff8c
[  429.072155][T10804] SELinux: failed to load policy
[  429.101881][T10808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  429.170977][T10808] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  429.409396][T10808] cdc_wdm 3-1:1.0: Error submitting int urb - -90
[  429.784280][T10823] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1326'.
[  429.870705][T10155] usb 5-1: new full-speed USB device number 39 using dummy_hcd
[  429.980583][T10154] usb 2-1: new full-speed USB device number 45 using dummy_hcd
[  430.000585][T10155] usb 5-1: device descriptor read/64, error -71
[  430.050923][ T5866] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  430.110661][T10154] usb 2-1: device descriptor read/64, error -71
[  430.228559][ T5866] usb 1-1: Using ep0 maxpacket: 16
[  430.244766][ T5866] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  430.254428][T10155] usb 5-1: new full-speed USB device number 40 using dummy_hcd
[  430.264977][ T5866] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  430.275787][ T5866] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  430.316518][ T5866] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  430.331639][ T5866] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  430.339942][ T5866] usb 1-1: Product: syz
[  430.347714][ T5866] usb 1-1: Manufacturer: syz
[  430.354840][ T5866] usb 1-1: SerialNumber: syz
[  430.360693][T10154] usb 2-1: new full-speed USB device number 46 using dummy_hcd
[  430.400940][T10155] usb 5-1: device descriptor read/64, error -71
[  430.510959][T10154] usb 2-1: device descriptor read/64, error -71
[  430.523951][T10155] usb usb5-port1: attempt power cycle
[  430.641680][T10154] usb usb2-port1: attempt power cycle
[  430.777247][ T5866] usb 1-1: 0:2 : does not exist
[  430.884557][T10155] usb 5-1: new full-speed USB device number 41 using dummy_hcd
[  430.925531][T10155] usb 5-1: device descriptor read/8, error -71
[  430.980893][T10154] usb 2-1: new full-speed USB device number 47 using dummy_hcd
[  431.013682][T10154] usb 2-1: device descriptor read/8, error -71
[  431.170618][T10155] usb 5-1: new full-speed USB device number 42 using dummy_hcd
[  431.191441][T10155] usb 5-1: device descriptor read/8, error -71
[  431.250667][T10154] usb 2-1: new full-speed USB device number 48 using dummy_hcd
[  431.271066][T10154] usb 2-1: device descriptor read/8, error -71
[  431.300990][T10155] usb usb5-port1: unable to enumerate USB device
[  431.380787][T10154] usb usb2-port1: unable to enumerate USB device
[  431.801052][ T5866] usb 1-1: 1:0: failed to get current value for ch 0 (-22)
[  431.836669][ T5866] usb 1-1: USB disconnect, device number 28
[  433.167283][T10154] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  433.179669][T10890] FAULT_INJECTION: forcing a failure.
[  433.179669][T10890] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  433.180909][T10890] 
[  433.180916][T10890] ======================================================
[  433.180919][T10890] WARNING: possible circular locking dependency detected
[  433.180924][T10890] 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 Not tainted
[  433.180930][T10890] ------------------------------------------------------
[  433.180933][T10890] syz.4.1340/10890 is trying to acquire lock:
[  433.180938][T10890] ffffffff8e4d1e00 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x9f/0xd0
[  433.180972][T10890] 
[  433.180972][T10890] but task is already holding lock:
[  433.180975][T10890] ffff8880b843a2d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  433.180997][T10890] 
[  433.180997][T10890] which lock already depends on the new lock.
[  433.180997][T10890] 
[  433.181000][T10890] 
[  433.181000][T10890] the existing dependency chain (in reverse order) is:
[  433.181003][T10890] 
[  433.181003][T10890] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  433.181015][T10890]        _raw_spin_lock_nested+0x31/0x40
[  433.181028][T10890]        raw_spin_rq_lock_nested+0x29/0x130
[  433.181039][T10890]        task_rq_lock+0xcf/0x490
[  433.181055][T10890]        cgroup_move_task+0x81/0x2a0
[  433.181067][T10890]        css_set_move_task+0x288/0x5f0
[  433.181076][T10890]        cgroup_post_fork+0x201/0x9e0
[  433.181086][T10890]        copy_process+0x5cfc/0x76a0
[  433.181098][T10890]        kernel_clone+0xfc/0x960
[  433.181109][T10890]        user_mode_thread+0xc7/0x110
[  433.181120][T10890]        rest_init+0x23/0x2b0
[  433.181128][T10890]        start_kernel+0x3ee/0x4d0
[  433.181141][T10890]        x86_64_start_reservations+0x18/0x30
[  433.181152][T10890]        x86_64_start_kernel+0x130/0x190
[  433.181164][T10890]        common_startup_64+0x13e/0x148
[  433.181173][T10890] 
[  433.181173][T10890] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  433.181184][T10890]        _raw_spin_lock_irqsave+0x3a/0x60
[  433.181195][T10890]        try_to_wake_up+0xb2/0x1680
[  433.181206][T10890]        __wake_up_common+0x135/0x1f0
[  433.181220][T10890]        __wake_up+0x31/0x60
[  433.181231][T10890]        tty_port_default_wakeup+0x2a/0x40
[  433.181246][T10890]        serial8250_tx_chars+0x68e/0x860
[  433.181262][T10890]        serial8250_handle_irq+0x761/0xcb0
[  433.181276][T10890]        serial8250_default_handle_irq+0x9a/0x210
[  433.181291][T10890]        serial8250_interrupt+0x103/0x210
[  433.181300][T10890]        __handle_irq_event_percpu+0x229/0x7d0
[  433.181311][T10890]        handle_irq_event+0xab/0x1e0
[  433.181321][T10890]        handle_edge_irq+0x28e/0xab0
[  433.181331][T10890]        __common_interrupt+0xdf/0x250
[  433.181341][T10890]        common_interrupt+0x61/0xe0
[  433.181351][T10890]        asm_common_interrupt+0x26/0x40
[  433.181361][T10890]        handle_softirqs+0x1dd/0x8e0
[  433.181370][T10890]        __irq_exit_rcu+0x109/0x170
[  433.181380][T10890]        irq_exit_rcu+0x9/0x30
[  433.181390][T10890]        sysvec_apic_timer_interrupt+0xa4/0xc0
[  433.181402][T10890]        asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  433.181411][T10890]        do_user_addr_fault+0x198/0x1370
[  433.181424][T10890]        exc_page_fault+0x5c/0xb0
[  433.181435][T10890]        asm_exc_page_fault+0x26/0x30
[  433.181444][T10890] 
[  433.181444][T10890] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[  433.181456][T10890]        _raw_spin_lock_irqsave+0x3a/0x60
[  433.181467][T10890]        __wake_up+0x1c/0x60
[  433.181477][T10890]        tty_port_default_wakeup+0x2a/0x40
[  433.181491][T10890]        serial8250_tx_chars+0x68e/0x860
[  433.181504][T10890]        serial8250_handle_irq+0x761/0xcb0
[  433.181518][T10890]        serial8250_default_handle_irq+0x9a/0x210
[  433.181533][T10890]        serial8250_interrupt+0x103/0x210
[  433.181541][T10890]        __handle_irq_event_percpu+0x229/0x7d0
[  433.181552][T10890]        handle_irq_event+0xab/0x1e0
[  433.181562][T10890]        handle_edge_irq+0x28e/0xab0
[  433.181571][T10890]        __common_interrupt+0xdf/0x250
[  433.181581][T10890]        common_interrupt+0xba/0xe0
[  433.181590][T10890]        asm_common_interrupt+0x26/0x40
[  433.181598][T10890]        _raw_spin_unlock_irqrestore+0x31/0x80
[  433.181609][T10890]        uart_write+0x2a4/0xb30
[  433.181621][T10890]        n_tty_write+0x40f/0x1160
[  433.181629][T10890]        file_tty_write.constprop.0+0x504/0x9b0
[  433.181642][T10890]        redirected_tty_write+0xd4/0x150
[  433.181654][T10890]        vfs_write+0x6c7/0x1150
[  433.181665][T10890]        ksys_write+0x12a/0x250
[  433.181675][T10890]        do_syscall_64+0xcd/0x4c0
[  433.181689][T10890]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.181697][T10890] 
[  433.181697][T10890] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  433.181709][T10890]        _raw_spin_lock_irqsave+0x3a/0x60
[  433.181720][T10890]        serial8250_console_write+0x181/0x1890
[  433.181729][T10890]        console_flush_all+0x801/0xc60
[  433.181738][T10890]        console_unlock+0xd8/0x210
[  433.181748][T10890]        vprintk_emit+0x418/0x6d0
[  433.181758][T10890]        _printk+0xc7/0x100
[  433.181765][T10890]        register_console+0xc2d/0x11b0
[  433.181775][T10890]        univ8250_console_init+0x5f/0x90
[  433.181788][T10890]        console_init+0x14f/0x680
[  433.181799][T10890]        start_kernel+0x29f/0x4d0
[  433.181810][T10890]        x86_64_start_reservations+0x18/0x30
[  433.181821][T10890]        x86_64_start_kernel+0x130/0x190
[  433.181832][T10890]        common_startup_64+0x13e/0x148
[  433.181840][T10890] 
[  433.181840][T10890] -> #0 (console_owner){-.-.}-{0:0}:
[  433.181851][T10890]        __lock_acquire+0x126f/0x1c90
[  433.181864][T10890]        lock_acquire+0x179/0x350
[  433.181877][T10890]        console_lock_spinning_enable+0xb0/0xd0
[  433.181887][T10890]        console_flush_all+0x7aa/0xc60
[  433.181897][T10890]        console_unlock+0xd8/0x210
[  433.181906][T10890]        vprintk_emit+0x418/0x6d0
[  433.181917][T10890]        _printk+0xc7/0x100
[  433.181923][T10890]        should_fail_ex+0x4e7/0x640
[  433.181935][T10890]        strncpy_from_user+0x3b/0x2e0
[  433.181945][T10890]        strncpy_from_user_nofault+0x7f/0x180
[  433.181958][T10890]        bpf_probe_read_user_str+0x26/0x70
[  433.181973][T10890]        bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[  433.181980][T10890]        bpf_trace_run4+0x24c/0x5a0
[  433.181988][T10890]        __bpf_trace_sched_switch+0x145/0x190
[  433.181999][T10890]        __traceiter_sched_switch+0x6f/0xc0
[  433.182008][T10890]        __schedule+0x1bee/0x5de0
[  433.182020][T10890]        preempt_schedule_irq+0x51/0x90
[  433.182032][T10890]        irqentry_exit+0x36/0x90
[  433.182048][T10890]        asm_sysvec_reschedule_ipi+0x1a/0x20
[  433.182057][T10890]        lock_acquire+0x62/0x350
[  433.182070][T10890]        __fget_files+0x45/0x3c0
[  433.182081][T10890]        fdget+0x1a9/0x210
[  433.182093][T10890]        __sys_getsockopt+0x33/0x260
[  433.182105][T10890]        __x64_sys_getsockopt+0xbd/0x160
[  433.182117][T10890]        do_syscall_64+0xcd/0x4c0
[  433.182129][T10890]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.182138][T10890] 
[  433.182138][T10890] other info that might help us debug this:
[  433.182138][T10890] 
[  433.182141][T10890] Chain exists of:
[  433.182141][T10890]   console_owner --> &p->pi_lock --> &rq->__lock
[  433.182141][T10890] 
[  433.182154][T10890]  Possible unsafe locking scenario:
[  433.182154][T10890] 
[  433.182157][T10890]        CPU0                    CPU1
[  433.182159][T10890]        ----                    ----
[  433.182161][T10890]   lock(&rq->__lock);
[  433.182167][T10890]                                lock(&p->pi_lock);
[  433.182173][T10890]                                lock(&rq->__lock);
[  433.182179][T10890]   lock(console_owner);
[  433.182184][T10890] 
[  433.182184][T10890]  *** DEADLOCK ***
[  433.182184][T10890] 
[  433.182186][T10890] 5 locks held by syz.4.1340/10890:
[  433.182192][T10890]  #0: ffffffff8e5c4880 (rcu_read_lock){....}-{1:3}, at: __fget_files+0x34/0x3c0
[  433.182215][T10890]  #1: ffff8880b843a2d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  433.182238][T10890]  #2: ffffffff8e5c4880 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x1cf/0x5a0
[  433.182259][T10890]  #3: ffffffff8e5b2240 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100
[  433.182277][T10890]  #4: ffffffff8e5b22b0 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60
[  433.182300][T10890] 
[  433.182300][T10890] stack backtrace:
[  433.182305][T10890] CPU: 1 UID: 0 PID: 10890 Comm: syz.4.1340 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  433.182317][T10890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  433.182323][T10890] Call Trace:
[  433.182326][T10890]  <TASK>
[  433.182330][T10890]  dump_stack_lvl+0x116/0x1f0
[  433.182344][T10890]  print_circular_bug+0x275/0x350
[  433.182358][T10890]  check_noncircular+0x14c/0x170
[  433.182374][T10890]  __lock_acquire+0x126f/0x1c90
[  433.182390][T10890]  lock_acquire+0x179/0x350
[  433.182404][T10890]  ? console_lock_spinning_enable+0x9f/0xd0
[  433.182415][T10890]  ? console_lock_spinning_enable+0x88/0xd0
[  433.182427][T10890]  console_lock_spinning_enable+0xb0/0xd0
[  433.182438][T10890]  ? console_lock_spinning_enable+0x9f/0xd0
[  433.182448][T10890]  console_flush_all+0x7aa/0xc60
[  433.182460][T10890]  ? __pfx_console_flush_all+0x10/0x10
[  433.182473][T10890]  ? is_printk_cpu_sync_owner+0x32/0x40
[  433.182486][T10890]  console_unlock+0xd8/0x210
[  433.182497][T10890]  ? __pfx_console_unlock+0x10/0x10
[  433.182507][T10890]  ? do_raw_spin_unlock+0x120/0x230
[  433.182518][T10890]  ? _printk+0xc7/0x100
[  433.182525][T10890]  ? __down_trylock_console_sem+0xb0/0x140
[  433.182535][T10890]  vprintk_emit+0x418/0x6d0
[  433.182546][T10890]  ? __pfx_vprintk_emit+0x10/0x10
[  433.182558][T10890]  ? lock_acquire+0x179/0x350
[  433.182573][T10890]  _printk+0xc7/0x100
[  433.182580][T10890]  ? __pfx__printk+0x10/0x10
[  433.182589][T10890]  ? __pfx____ratelimit+0x10/0x10
[  433.182602][T10890]  ? __lock_acquire+0x622/0x1c90
[  433.182617][T10890]  should_fail_ex+0x4e7/0x640
[  433.182629][T10890]  strncpy_from_user+0x3b/0x2e0
[  433.182639][T10890]  ? lock_acquire+0x179/0x350
[  433.182654][T10890]  strncpy_from_user_nofault+0x7f/0x180
[  433.182668][T10890]  bpf_probe_read_user_str+0x26/0x70
[  433.182682][T10890]  bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[  433.182689][T10890]  bpf_trace_run4+0x24c/0x5a0
[  433.182699][T10890]  ? __pfx_bpf_trace_run4+0x10/0x10
[  433.182708][T10890]  ? __lock_acquire+0xb8a/0x1c90
[  433.182725][T10890]  __bpf_trace_sched_switch+0x145/0x190
[  433.182736][T10890]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  433.182748][T10890]  ? update_load_avg+0x23f/0x1fc0
[  433.182763][T10890]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  433.182775][T10890]  __traceiter_sched_switch+0x6f/0xc0
[  433.182786][T10890]  __schedule+0x1bee/0x5de0
[  433.182801][T10890]  ? __pfx___schedule+0x10/0x10
[  433.182812][T10890]  ? find_held_lock+0x2b/0x80
[  433.182825][T10890]  ? get_pid_task+0x106/0x250
[  433.182840][T10890]  preempt_schedule_irq+0x51/0x90
[  433.182853][T10890]  irqentry_exit+0x36/0x90
[  433.182866][T10890]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  433.182876][T10890] RIP: 0010:lock_acquire+0x62/0x350
[  433.182891][T10890] Code: 53 34 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 62 92 0f 0f 0f 82 74 02 00 00 8b 35 4a c4 0f 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 f9 52 34 12 0f 85 c7 02 00 00 48 83 c4
[  433.182900][T10890] RSP: 0018:ffffc90003effda8 EFLAGS: 00000206
[  433.182907][T10890] RAX: 0000000000000046 RBX: ffffffff8e5c4880 RCX: 00000000ef9d33e4
[  433.182913][T10890] RDX: 0000000000000000 RSI: ffffffff8ddf4833 RDI: ffffffff8c1578a0
[  433.182919][T10890] RBP: 0000000000000002 R08: 0ac0d5affe09d4ff R09: 0000000000000000
[  433.182925][T10890] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  433.182930][T10890] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  433.182940][T10890]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  433.182955][T10890]  __fget_files+0x45/0x3c0
[  433.182967][T10890]  ? __fget_files+0x34/0x3c0
[  433.182980][T10890]  fdget+0x1a9/0x210
[  433.182992][T10890]  __sys_getsockopt+0x33/0x260
[  433.183005][T10890]  __x64_sys_getsockopt+0xbd/0x160
[  433.183017][T10890]  ? do_syscall_64+0x91/0x4c0
[  433.183030][T10890]  ? lockdep_hardirqs_on+0x7c/0x110
[  433.183047][T10890]  do_syscall_64+0xcd/0x4c0
[  433.183061][T10890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.183070][T10890] RIP: 0033:0x7fa9cbf8e929
[  433.183078][T10890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.183086][T10890] RSP: 002b:00007fa9c9dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  433.183095][T10890] RAX: ffffffffffffffda RBX: 00007fa9cc1b6160 RCX: 00007fa9cbf8e929
[  433.183101][T10890] RDX: 0000000000000486 RSI: 0000000000000000 RDI: 0000000000000005
[  433.183106][T10890] RBP: 00007fa9c9dd5090 R08: 0000200000000040 R09: 0000000000000000
[  433.183112][T10890] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  433.183118][T10890] R13: 0000000000000000 R14: 00007fa9cc1b6160 R15: 00007ffeb33bb038
[  433.183126][T10890]  </TASK>
[  434.423196][T10890] CPU: 1 UID: 0 PID: 10890 Comm: syz.4.1340 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(full) 
[  434.423213][T10890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  434.423220][T10890] Call Trace:
[  434.423226][T10890]  <TASK>
[  434.423231][T10890]  dump_stack_lvl+0x116/0x1f0
[  434.423251][T10890]  should_fail_ex+0x512/0x640
[  434.423267][T10890]  strncpy_from_user+0x3b/0x2e0
[  434.423279][T10890]  ? lock_acquire+0x179/0x350
[  434.423295][T10890]  strncpy_from_user_nofault+0x7f/0x180
[  434.423311][T10890]  bpf_probe_read_user_str+0x26/0x70
[  434.423326][T10890]  bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[  434.423335][T10890]  bpf_trace_run4+0x24c/0x5a0
[  434.423346][T10890]  ? __pfx_bpf_trace_run4+0x10/0x10
[  434.423356][T10890]  ? __lock_acquire+0xb8a/0x1c90
[  434.423373][T10890]  __bpf_trace_sched_switch+0x145/0x190
[  434.423385][T10890]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  434.423397][T10890]  ? update_load_avg+0x23f/0x1fc0
[  434.423414][T10890]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  434.423427][T10890]  __traceiter_sched_switch+0x6f/0xc0
[  434.423439][T10890]  __schedule+0x1bee/0x5de0
[  434.423455][T10890]  ? __pfx___schedule+0x10/0x10
[  434.423467][T10890]  ? find_held_lock+0x2b/0x80
[  434.423480][T10890]  ? get_pid_task+0x106/0x250
[  434.423495][T10890]  preempt_schedule_irq+0x51/0x90
[  434.423509][T10890]  irqentry_exit+0x36/0x90
[  434.423522][T10890]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  434.423533][T10890] RIP: 0010:lock_acquire+0x62/0x350
[  434.423548][T10890] Code: 53 34 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 62 92 0f 0f 0f 82 74 02 00 00 8b 35 4a c4 0f 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 f9 52 34 12 0f 85 c7 02 00 00 48 83 c4
[  434.423558][T10890] RSP: 0018:ffffc90003effda8 EFLAGS: 00000206
[  434.423567][T10890] RAX: 0000000000000046 RBX: ffffffff8e5c4880 RCX: 00000000ef9d33e4
[  434.423573][T10890] RDX: 0000000000000000 RSI: ffffffff8ddf4833 RDI: ffffffff8c1578a0
[  434.423579][T10890] RBP: 0000000000000002 R08: 0ac0d5affe09d4ff R09: 0000000000000000
[  434.423585][T10890] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  434.423590][T10890] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  434.423600][T10890]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  434.423616][T10890]  __fget_files+0x45/0x3c0
[  434.423629][T10890]  ? __fget_files+0x34/0x3c0
[  434.423642][T10890]  fdget+0x1a9/0x210
[  434.423655][T10890]  __sys_getsockopt+0x33/0x260
[  434.423670][T10890]  __x64_sys_getsockopt+0xbd/0x160
[  434.423682][T10890]  ? do_syscall_64+0x91/0x4c0
[  434.423696][T10890]  ? lockdep_hardirqs_on+0x7c/0x110
[  434.423709][T10890]  do_syscall_64+0xcd/0x4c0
[  434.423724][T10890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.423734][T10890] RIP: 0033:0x7fa9cbf8e929
[  434.423747][T10890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.423756][T10890] RSP: 002b:00007fa9c9dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  434.423765][T10890] RAX: ffffffffffffffda RBX: 00007fa9cc1b6160 RCX: 00007fa9cbf8e929
[  434.423771][T10890] RDX: 0000000000000486 RSI: 0000000000000000 RDI: 0000000000000005
[  434.423777][T10890] RBP: 00007fa9c9dd5090 R08: 0000200000000040 R09: 0000000000000000
[  434.423783][T10890] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.423788][T10890] R13: 0000000000000000 R14: 00007fa9cc1b6160 R15: 00007ffeb33bb038
[  434.423797][T10890]  </TASK>
[  435.038895][T10155] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  435.060550][T10154] usb 1-1: Using ep0 maxpacket: 8
[  435.066792][T10154] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  435.078127][T10154] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  435.091102][T10154] usb 1-1: New USB device found, idVendor=04b3, idProduct=3103, bcdDevice= 0.00
[  435.100134][T10154] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.112865][T10154] usb 1-1: config 0 descriptor??
[  435.191009][T10155] usb 2-1: Using ep0 maxpacket: 8
[  435.197113][T10155] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  435.205301][T10155] usb 2-1: config 0 has no interface number 0
[  435.212154][T10155] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  435.223092][T10155] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  435.232213][T10155] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.241191][T10155] usb 2-1: config 0 descriptor??
[  435.254459][T10155] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1
[  435.270616][ T5944] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  435.421755][ T5944] usb 5-1: config 0 has no interfaces?
[  435.429038][ T5944] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  435.438362][ T5944] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.446385][ T5944] usb 5-1: Product: syz
[  435.450580][ T5944] usb 5-1: Manufacturer: syz
[  435.455181][ T5944] usb 5-1: SerialNumber: syz
[  435.459578][T10882] cdc_wdm 3-1:1.0: Error submitting int urb - -90
[  435.460848][ T5944] usb 5-1: config 0 descriptor??
[  435.469139][T10155] usb 2-1: USB disconnect, device number 49
[  435.524025][T10154] lenovo 0003:04B3:3103.0009: unknown main item tag 0x0
[  435.531182][T10154] lenovo 0003:04B3:3103.0009: unknown main item tag 0x0
[  435.538139][T10154] lenovo 0003:04B3:3103.0009: unknown main item tag 0x0
[  435.545128][T10154] lenovo 0003:04B3:3103.0009: unknown main item tag 0x0
[  435.552895][T10154] lenovo 0003:04B3:3103.0009: hidraw0: USB HID v0.00 Device [HID 04b3:3103] on usb-dummy_hcd.0-1/input0
[  435.794853][ T5944] usb 1-1: USB disconnect, device number 29
[  436.703504][T10154] usb 5-1: USB disconnect, device number 43
[  439.611715][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  439.618007][ T1295] ieee802154 phy1 wpan1: encryption failed: -22