last executing test programs:

9.039111791s ago: executing program 1 (id=606):
syz_init_net_socket$rose(0xb, 0x5, 0x0)
syz_open_dev$vcsn(&(0x7f0000000000), 0xfffffffffffffffe, 0x109001)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x2}}, 0x2e)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r6, {0x2, 0xfffc}, 0x2, 0x4}}, 0x26)
r7 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x9, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r7, 0x2, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0xde2, r8, 0x4}, 0x38)
ioctl$PPPIOCGL2TPSTATS(r6, 0x8004745a, 0x0)
r9 = dup(0xffffffffffffffff)
write$UHID_INPUT(r9, &(0x7f0000000000)={0xc, {"a2e3ad2109c752f91b5a470987f70e06d038e7ff7fc6e5539b3245078b089b3208336d060890e0878f0e1ac6e70a9b3368959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b38070d095d0936cd3b78130daa61f8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6cb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
read$msr(r9, 0x0, 0x0)
r10 = syz_init_net_socket$ax25(0x3, 0x5, 0x7)
setsockopt$ax25_SO_BINDTODEVICE(r10, 0x101, 0x19, &(0x7f0000000040)=@bpq0, 0x10)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000000201050000001594453a01fe9a143b00"], 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
socket$nl_generic(0x10, 0x3, 0x10)

7.385451023s ago: executing program 2 (id=615):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001000010700350000000100000a0000000600010017"], 0x1c}}, 0x0)

7.109423766s ago: executing program 1 (id=616):
creat(0x0, 0xecf86c37d53049cc)
syz_open_dev$vim2m(0x0, 0x1, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x8882, 0x0)
write$binfmt_script(r3, 0x0, 0x0)

7.018446297s ago: executing program 4 (id=617):
r0 = epoll_create1(0x80000)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@empty, 0x5, 0x2, 0x0, 0x7, 0x0, 0x401}, 0x20)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000007, 0x13, r2, 0x42401000)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000000000)={0x41424344, <r4=>0x41424344}, 0x1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x14, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @mcast1, {[], {{0xfffe, 0x4e22, 0x41424344, r4, 0x0, 0x0, 0x5, 0x2, 0x7}}}}}}}, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000100)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x1c, 0x6, 0x0, @private1, @local, {[], {{0xfffe, 0x4001, r4, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x8, 0xf989, "74f65fae"}]}}}}}}}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f00000000c0)={0xe000001a})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r3, &(0x7f0000000000))

6.995892955s ago: executing program 4 (id=619):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$alg(0x26, 0x5, 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='omfs\x00', 0x208000, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0xc000)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)}, 0x12060)

6.833303945s ago: executing program 2 (id=620):
r0 = syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x0)
ioctl$IOC_PR_PREEMPT(r0, 0x805c6103, &(0x7f0000000040)={0xf0, 0x40000})

6.658417715s ago: executing program 2 (id=622):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00', <r0=>0x0})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x42, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd607f00ef000c2c0000000000000000000000ffe0000002ff02000000000000000000000000000100000000000c907801000000", @ANYRESHEX=r1, @ANYRES16=r0], 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040))
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x0, 0x5}}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000f000000000000000000000004b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r5, 0x4b41, &(0x7f0000000f80))
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
write$FUSE_INIT(r6, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0xffffffff80002000, 0x2f, 0x0, 0x4, 0x5, 0x0, 0x0, 0x1}}, 0x50)
sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="01160700000000000025020000000800010003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40005}, 0x8000)
syz_open_dev$video4linux(&(0x7f0000000300), 0xac, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)

5.744031194s ago: executing program 2 (id=623):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f0, 0x0, 0x940c, 0x3002, 0x210, 0x2c0, 0x320, 0x3d8, 0x3d8, 0x320, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1c8, 0x210, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}, @common=@inet=@ecn={{0x28}, {0x10, 0x2, 0x7, 0x3}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x41, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x450)
syz_usb_connect(0x0, 0x24, &(0x7f0000001140)=ANY=[@ANYBLOB="12010000c5aa6d08cd0c380003990102030109021200010000c7000904"], 0x0)

5.683401691s ago: executing program 4 (id=624):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_create1(0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010000000004000000008100000008000300", @ANYRES32=r3, @ANYBLOB="3a08ba9b3c34b86b533efa67b46a5dce2ddec0cd9bd09b1c74b1"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)

5.509938737s ago: executing program 4 (id=625):
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r0 = syz_io_uring_setup(0x495, &(0x7f0000000200)={0x0, 0x3661, 0x0, 0x1, 0x29}, &(0x7f0000000340)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
syz_usbip_server_init(0x3)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

5.50924501s ago: executing program 1 (id=626):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getcwd(&(0x7f0000000140)=""/115, 0x73)
setsockopt(r1, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
listen(r1, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0xc2354000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
getcwd(&(0x7f0000000340)=""/168, 0xa8)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000040), 0x200201, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r5, 0x4b66, &(0x7f0000000000)={0x12f, &(0x7f0000000080)=[{}, {}, {}]})

3.816760497s ago: executing program 4 (id=628):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x2}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
mincore(&(0x7f0000184000/0x2000)=nil, 0x2000, 0x0)
socket$inet6_sctp(0xa, 0x4, 0x84)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[], 0x17)

3.486528183s ago: executing program 4 (id=629):
socket$inet6_udp(0xa, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
syz_open_dev$video4linux(&(0x7f0000000080), 0xe97, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0c00000004000000040000000700000000000000", @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000140)={r1, 0x58, &(0x7f00000000c0)}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getitimer(0x2, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000080))
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000040)=0xdfe5)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000500)={0xa00, 0x18, 0xfa00, {0x100000000000000, 0x0}}, 0xfc36)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

3.284171526s ago: executing program 1 (id=630):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/clear_refs\x00', 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
kexec_load(0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000001540)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020816c2500000000e12020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000006fd6850000002d000000850000002300000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000580)='ext4_writepages_result\x00', r1}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r2 = gettid()
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0)
read(r3, &(0x7f0000000200)=""/202, 0xca)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, {0x3}})
tkill(r2, 0x7)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r4)
sendmsg$IEEE802154_ADD_IFACE(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000220000000a0001007770616e3000000005002000000004000500200000000000050020000000000009001f"], 0x44}}, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x38, r7, 0x1, 0x0, 0x0, {0x5}, [@NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_SOCKETS={0x4, 0x7, 0x0, 0x1, [{0x8}]}]}, 0x38}}, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(r4, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x78, r7, 0x805, 0x70bd2a, 0x25dfdbfd, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x2}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x3}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1fc3}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x2d}, @NBD_ATTR_BACKEND_IDENTIFIER={0x5, 0xa, '\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r3, 0xc08c5336, &(0x7f0000000000)={0x1, 0x2, 0x0, 'queue0\x00', 0x3})
set_robust_list(&(0x7f00000001c0)={0x0, 0x3}, 0x18)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
write$sysctl(r0, &(0x7f0000000180)='4\x00', 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
rt_sigprocmask(0x5, &(0x7f0000000040), 0x0, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

2.958530152s ago: executing program 2 (id=633):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b0000"], 0x50)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000001c0)={'gretap0\x00', 0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000d5030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
timerfd_create(0x5, 0x80000)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000040)={0x0, 0x2c, 0x0, 0x6, 0x0, 0xa9, 0x3, 0x2, 0x1})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000340)={{0x12, 0x1, 0x0, 0xa0, 0x6a, 0x80, 0x10, 0x54c, 0x6c3, 0x8b57, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xd7, 0x78, 0x6c, 0x0, [], [{{0x9, 0x5, 0xd}}]}}]}}]}}, 0x0)

1.719636378s ago: executing program 1 (id=636):
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000068e04d206f0e2c586831010203010902240001000000000904000002ff47d000090509e700008000040905", @ANYRES64], 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)

1.466476826s ago: executing program 3 (id=638):
r0 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x2}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(authenc(rmd160-generic,cbc-camellia-aesni-avx2),sha1-avx)\x00'}, 0x58)
listen(r3, 0x2)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x6, 0x10, r1, 0xbd542000)
close(r3)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000002c0)={r2, 0x0, 0x0}, 0x20)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r5, @ANYBLOB="0c00bd0000740000050800a0009e090000080026005e994a6c6aa516800900e54abe0008009f0003000000"], 0x40}}, 0x20000000)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r4, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x30}, 0x4048000)

1.427183717s ago: executing program 3 (id=639):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x20, 0xe, @in={0x2, 0x4e22, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x40804)

1.315502135s ago: executing program 0 (id=640):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00))
sendmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000280)="e1b0", 0x2}], 0x1}}], 0x1, 0x24041005)

1.182479068s ago: executing program 0 (id=641):
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
close(0xffffffffffffffff)
write$tun(r0, &(0x7f0000000080)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local, {[@ra={0x94, 0x4, 0x1}]}}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0x42)

1.023219722s ago: executing program 0 (id=642):
socketpair(0x22, 0xa, 0x1ff, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="30000000190001000000000000"], 0x30}}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0xed27c9fa5277b9b7}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_LIMIT={0x8, 0x1, 0x9}]}}]}, 0x3c}}, 0x20008000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}}], {0x14, 0x10}}, 0x5c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)

998.51304ms ago: executing program 2 (id=643):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = socket(0x40000000015, 0x5, 0x0)
recvfrom$inet6(r1, 0x0, 0x0, 0x102, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

834.567906ms ago: executing program 3 (id=644):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x121, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x2, 0xa}, {0x1, 0xfff1}, {0x7, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x4041080)

667.325455ms ago: executing program 0 (id=645):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000040))
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0xff, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
syz_emit_ethernet(0x87, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd604000000051060100000000000000000000000000000000fe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5007000000fd000f4b2e92ec8c72e65d07acc0eb9292dc6cb50ef8e2179318192cc3c5"], 0x0)

471.339181ms ago: executing program 3 (id=646):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_PMKSA(r3, &(0x7f0000001c80)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000001c00)={0x3c, r1, 0x1, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_PMKID={0x14, 0x55, "156bdad0ef82bf33ff49951c6e7f34b3"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000084}, 0x20000000)

358.461108ms ago: executing program 0 (id=647):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002940)={0x2c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0xcb}]}, 0x2c}}, 0x0)

242.093093ms ago: executing program 3 (id=648):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e21, 0x1, @mcast2, 0x4}}, 0x0, 0x0, 0x11, 0x0, "2b20a9a47cddc63b223be606d7fa19f22a369ae751de81ca4d11e10450d766feb63b382d54ba4bb57a219cad5ddfc1e4fe760a1ce2ca64196953e92a07b3937730a33b6deca160d8c2fbff48eb964283"}, 0xd8)

114.075135ms ago: executing program 0 (id=649):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
syz_genetlink_get_family_id$devlink(0x0, r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000700)={0x34, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random='n'}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x3}]}, 0x34}}, 0x4800)

55.621867ms ago: executing program 1 (id=650):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
socket$nl_generic(0x10, 0x3, 0x10)
write$tun(r0, &(0x7f0000001240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x0, 0x14}, @ipv4=@udp={{0x6, 0x4, 0x3, 0x1b, 0xfc0, 0x66, 0x0, 0x40, 0x11, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1a}, {[@timestamp={0x44, 0x4, 0x1c, 0x0, 0x6}]}}, {0x4a20, 0x4e21, 0xf9f, 0x0, @wg=@data={0x4, 0x2, 0x8, "e8771ac366586e56f446dcd22ec94c672f1cd650516a2fbeddd0cb5cffc4ef63a1c2be9551171e48bb8559ac9077c099289048d76df434e4ec536c04816b127eb525176f5737b934b37a9d109ea3aa64d0fb30013becb29f6a39d4cbdbc4e2540996ed75b90498301c99df853d4baac4654e6f1a06cf03a87aa2d2d74199bcafa0dc84a8ea112fba51687b8727bb905c7b42a0c9b26559b4ecc397c6a33731df0fca1aee35968435e8129f8e6d52a0754fcaa693706c4557af6be8821983e702fdd3dac90b6cbe00b1fe59f5bcd890dbb87c0d8d80ba8727e4ff6b89af3ecda43705a9dc113396c950947e85193eabe1364909509babcad37d21392d071480ff4f69dc5db442263d4608ff94e5157c65bb35c3f4a7af6bfb562a317cf13292abdbd5ac3f31d47da6fe5e8be324c78b37e2f351955bbf5f18f86a0cd98d68dca14aea59917ce05e0dc0e3a2033d22a506109db846c49f8c7d575c02349736311e40bc497c9a7da1fe4f94d8e601a5cff4cbd63ed730a01c7f07dd74d603b951557b93e551b0e028232412d568dadc29c2c9e01ca85b83d779cd3b918f9c73ba471ee9079fc42b511b45c3d4f80a46f8e9ad22a05ef5422348ff415b2131e2b2ae0ef5fab9f678bc5ef02d611655d6264e0755e176ade135a971851bd22666ae753ff5135bf14a005cea45a8b163706ea52af786f2b48362ec8619f8f728ab9fee21bcc9e000d1c470a51cec5a510f06de4dc52fc82e0be10fe0ac55f09e086cdb7f5d5f935033e4925a6ca1b1ea42f511dafd63a3cc32bcfe20aca26adb6eded22fc956b96cf2b70b5e78dbf4c2da06438c9be342f44f1dbc9bc4e453bad09f8e7d2b611e9f33f681c4342e31fee49d613b170d9ae6c93c7ece1bf0d8aaf00870b6896b8fee4ee9d705608a044ec3537ae6c46b5345e4c41576911757d4ed5bdee8e14f73df14b88af36b4c303346d88b424fea428c77cabc55198fafbcec9b027f9a9759638d733fe2dec7996ddba717fd7e0f0188f9213701c304a2b01186c72a8cfdcb87dd9c8711ec0c438eb7c229b8dfbec5c14bfeec20810b4be8944f7d6f44e5bb8839b84afe25a8654ac821efb9c850394d452873db8e9f05de381103b1278f3b34ec0b920d3aa111c82fe424588debe04dd75ac991c5f650f0b8e72c1783d975d663fc0d939f32bca98650141b381af26436c6352d98a6e30843d956ad68f998851b8c64c49a59ca6937355ac4412009cd0a2e4cacf5b02063908f7937e7563e6f63703adc5aff159f3628eb64071fc74e4e66e142113a176c2a649d653f55e833a3f184f91995547a79f46c7ca02813136c920fe6f69fe466656518478ccb84c02d751a502dff90558ce066d9be71c8fa800d7a1d56b5ca52be3122aae2cfbfe1b11d454ad72bdf7fd9d450a74734594f5e566ac2a37ca8b648fee012bf7f83f1126743b0f4791592e17dfca010a3dafeac81b88c5a47d948fc772fe4b48146b10aa319a13ca4f4dc05861859929d3c1d69967d18290cc87777a4231a6ce8dc2a4e34450e3a7659c05e5e12239d768ef8394f82278b975a68497571d1e5191ac329a66b5219f3f7f20f21261cdc3028a3662b6c10198bf7d3d513b5b823d4703cb29d89b84da69a6358a269769a8b23712c6291e77fc4da837e0857b4bbc08bba0659c55a1e06fdf1736df13948824a37515f8c49de6d502519077197debfc74709ed564315279ec804c7a0305526b14efcab44364105aa805efd97f0444d6016e35712dba75b038ea63917e6163614a3a6c694d7612e00cddab8bd31f6ba146d08e949d50ed3b0ef8fd3412ffd020bfabbcfbc5c3fa436022de3fd973869066871ec639653f3b4b5f01374adf3b60940d241a5dda6df550662ccb1a4575e2419baf1a76a246c9b7f39a05c03d832aa28293a54c619865fed0fdccd570859ffc7b1844ea8cff1e12389382e39211e665fec9d82faf11fd2300412d24dab176515aff938a6b12b5427b7fa6b42a3042248977b2f4eae9d96534a85b9ed500f62866d39f5301a3b6e60d392248fcfad25c2803c875e00010f40caca1a5932e00765c3b52427a2a8d6875a73ccb3b8e78dd27555994bf4358b2e577efe8886939515be37889e3656a5e0a949619f0f0b9cae7dc59a2415bec72df3439e563cfe69b7952abfad6cb6a979c146355e590ace810017d04075f23a1554a81bcdfb82c2396fd61fe95cd0f9c2e394bdbb0900648675ec09b94b1d4672e613be577cb398bb5d188b7c09865e2edbb273f8d9b0ae836f24b34ae6cd22e37e1ab31c835c23bd8f6deb49402f19406b0c7cddfbe357ab496910a8efa939dd9ab91de3ba67d07103063fbf9ee6fbd7b61c6b65ebe735cfab2c1162b379a3cbcbdb14d82b7f2e707ddd896ac5085ef5b15da85663df079bd5ef6180c775a4b7d645630aa9ea704f69ec8ea052f8f41e62f0e6f78a5a846e9130c53eb29a7bab9b102bf08729243f6ffe0ee6f28e98e4d0c1f49813aa04c2774f1f076310d923e900fe1c609bc5a308421fb82a12b03b9be47ce6d88635bb1722739d1abcdbc28133de131d2151d76f565be56813bb3edcf4d870f4acd0bfe5b30d60ef065158bf7b8401096a1647de88c7b0144eacecabfdf9d48d91573e82f2efecab095339e799e36ab3ee1eb66db9f9c21d96bcb2b7bf4ab01e8e56df8c4bca2bed7732472468a3b447024bc997adff639ba35e2af10f661199c4a8a2b2a8e3e59ff4ed5da468c1c2c41001efc0529636ce4ef9dd6b28deed0ad5a758abd2a3a3f024f56dd17fb4b1af62a6b91f24973071a9982df0047f85280f4a5decece67fc02428f830343e910fef6f3467c9d7776a06c133a50752cff4aa72bcbb9e4dbd8489e2e3698aae45a8753071fb6d803943d171adb60e8fcec9865e46df8fa120b939537a05b63daec7e0ecf9713c491646f04435364de697fbabf3c72d08a24f1bf34212bcdb7d5e038ac28ff76d5243b695e7faa1211a940da618930d79acdc6fdc7c9f2f4a5435d3f748ec68429f5ca2548315801cf73d74816f1ece3dfa6fb557ac105ad28d4532e1c8c6b5ab3526fbe73916dbe123acb4ac89c1b5a0664b81e216453db066e3c4318006ba3e25ed6cfe22c80f17619b7372947013749c7d04f13277f81f4461492d9237c5961be4d30965607a4d5db095070df02230cc87d9ab8633e60de83aedf8814e632bac8566bbfcdf159c9a2a7944be1a61792b8af10dd28d0ebadf7e4f231af099450813c5e27f934112e11124b01106615cee48aee88947f31a1839b83ad5c8326e30f318ae57b56becaec7094c4e7d2a377bfcb0c29ce046623e6ec120ea63c53cef94deb3d813d4b1749009084c3ade1675b55490b9d1faa03d7a2fd34921d62c31d7ef1f181883ac312dbb08b2600edce0ba197d1704485e2f155ec659de742a22628270968905324381f203a1ad7ac30b252d4c3ff9915fe32c16cbf4684a7c517b9a2ecec2433685f4741b6f02f8aa2bd0f6bf370962f38214899129012a0d36ba14c0a3e93742d063f09f0c1e838fc1095b065089c91d02a4b2e1d0a49d2294682a38d578424d1e81ff959b33f746114b795319a047d65f5e3b7a347e6cf8b0fad9eaea3db5eca7e953f77bc6c23de8f938bb505013f5c39173cb69312af98d5ff14715794c729f41490297c2b418eef11841a788eaaa7ebdb77880b64701aee50371f542e79831321833dda60213fa741ec197419d83f61c06397a47a75f50b986c53e6fdf8a6e07008e1a29b1774ceb11429a1ecec05bf80da802239c58f226ab5eb34d522ff62bc0528d87e716793e56c48352648291470bb592981acc06c2ba1547e11babf3f1d22f5e01e1f759c05816cdfe0c986c58ebbd08d8449807cd2579d5b7265930f696f8aff73e247cec12c0d1fdbcc4880245b866c2cab8b6bdf0951c2c6beccab7513ba28545036d164b407e1228a831e3b37f9c56721c347d499c1c29b8a972d2d1cfeb47f20975b4eb0b62e25dfa4ef116e62e415cde22bc039d1ccb9e70a5599881bb8b61f680670b787afc8734ac8c39ca50fbed619e54ac1421bc2584d4f7027593e12f738ba0f2d5fe03fcc7168056332477eb0b26c0579d54d8537f941acc183fdca495a7ffa10f0d3189f8c32742d5564c97e26b659969f7060a7c8864445c252c5b1755a3e8473ef9b0909eb74cabb553c3d6ab58f12ed75703d9139a4f57ef71af90815a5273e64282582623c41c51352d12ce48e0712f50ab3dc528619e1e16b52452204b3c7e1e16556e8fbdf0d623216186ff5ca84ad730ff457b06e766e085d5dee40a308fae8b4e19e18245a3ed02967f07441903c149ae9da5fe238194009ded2a3d80a67e1c3abdfb63fad0155529c48a748ef499252d5d3e912304b1d11ee77dc25427e5e9a115583a692558aef65faba0e1f0bc4aa6b6ac21d4fe4741feac17a7c6b5699384e30f7236f400d9df6d658add13b4f0a4b16a77d1f9e6b4d3045f7ba7ee68ce171008e635496ad631f59846b7895aa329390d2ad9980b6586d383a740f1e1b0883a3fddc4126c2d09fd5815dd892692e1c3b7eb2951b766bd4bca19896f75dbfaf51ad4ca9f97d00049082091e3c6cdf16026b1de4603ac7afde08a7a8ffd110636d3d063c2bb6fa84bfd7fff8ad04d0c812fe14a77bd3a9b9fdcc3e0fbaf5ac2475130987f81ac8c9898f95112aa597f40ec11e04684e45b56d81e11180f59b606886306fbc62c076a12a41238ccd74d3154f312f10f3ad215d64a468cb15eae30a3f7f7e5cf6a87dbd813df8093d2b3586693ddee6a5c1b0caaec1ef419657b89692bbd2a7064767cf5b4c3ef6d120557b4df5e7ee6094f935870edc070ae3e96c850a61356c5d79008fc98728dd87470a98aa1c1ab6056990110c0b3108e50b573d77ad4856c03da8098c8fd176685803db471a642dfb9a9ef2d14e186eea96219ea0fa03cc28d7ea2686e61c3f46f15c23213a6432d77ffea182ec26dbf9118a2fc082bdee517e0974982819a7a996b7a30f5901dd3c44b3344bdf93a61ecc4cddb969d3b94e6f4910a9b38ff886d5c96a820092f112ee6eb0ce094940280a2040862157497b3a3374a4d62c34d1fdf6826811db1ea7f28b64f22304e2246dcee44ca361370c0d1727f951dbdb1a329368a5dd76ba4486ce508a28d0ce2eb95daab36caf101dc2351c4efdf3ec70221888dad522b0d51a0b9765a410ca8cf00baaeb074d310cdd908e76586e59d0c7c27eb5557e474ac54525c237d5b2eedccab12b0f96fa2c00239e2017dfeb645fdd748d5c21684181b81464d32909b4995f274a9717f224c1e34cd41c8d12b9f13daeae3f65510c6ecf94956d630db0478fbf87c7d7c75221046a1a1886696f89e427b94139164b99b88d83b633122b5d9483f4261be27d01d6011cee48b1c24a3aff62c4d04f9dfb00e1a7a1013f97e87306147b7da305a36077cf0a7618563a754e34e65c2ee95932eb2da4b73ca83f3afcce93d8d59357ca7b5d9f37e5ba475be39bb8870af109d95527b44777ff8f55ace0adf84f73ce065371a4ce78b22d7a6bbf1bbae4c57b44262ddff39f4ce8b858f89737f33786445cbaf271959da24"}}}}, 0xfce)
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x10)

0s ago: executing program 3 (id=651):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x240040d0}, 0x0)

kernel console output (not intermixed with test programs):

] usb 4-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  126.569141][   T10] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  126.589056][   T10] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  126.598461][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  126.606584][   T10] usb 4-1: SerialNumber: syz
[  126.970709][   T10] cdc_acm 4-1:1.0: Zero length descriptor references
[  127.038988][   T10] cdc_acm 4-1:1.0: probe with driver cdc_acm failed with error -22
[  127.373755][ T6711] netlink: 252 bytes leftover after parsing attributes in process `syz.1.191'.
[  127.387957][ T6710] FAULT_INJECTION: forcing a failure.
[  127.387957][ T6710] name failslab, interval 1, probability 0, space 0, times 0
[  127.408244][ T6710] CPU: 1 UID: 0 PID: 6710 Comm: syz.2.192 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  127.408267][ T6710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.408277][ T6710] Call Trace:
[  127.408282][ T6710]  <TASK>
[  127.408289][ T6710]  dump_stack_lvl+0x16c/0x1f0
[  127.408317][ T6710]  should_fail_ex+0x512/0x640
[  127.408339][ T6710]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  127.408365][ T6710]  should_failslab+0xc2/0x120
[  127.408390][ T6710]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  127.408412][ T6710]  ? __alloc_skb+0x2b2/0x380
[  127.408437][ T6710]  __alloc_skb+0x2b2/0x380
[  127.408457][ T6710]  ? __pfx___alloc_skb+0x10/0x10
[  127.408487][ T6710]  netlink_ack+0x15d/0xb80
[  127.408503][ T6710]  ? avc_has_perm_noaudit+0x149/0x3b0
[  127.408527][ T6710]  netlink_rcv_skb+0x332/0x420
[  127.408542][ T6710]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  127.408564][ T6710]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  127.408598][ T6710]  ? ns_capable+0xd7/0x110
[  127.408622][ T6710]  nfnetlink_rcv+0x1b3/0x430
[  127.408641][ T6710]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  127.408659][ T6710]  ? netlink_deliver_tap+0x1ae/0xd30
[  127.408690][ T6710]  netlink_unicast+0x58d/0x850
[  127.408709][ T6710]  ? __pfx_netlink_unicast+0x10/0x10
[  127.408733][ T6710]  netlink_sendmsg+0x8d1/0xdd0
[  127.408753][ T6710]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.408779][ T6710]  ____sys_sendmsg+0xa98/0xc70
[  127.408796][ T6710]  ? copy_msghdr_from_user+0x10a/0x160
[  127.408818][ T6710]  ? __pfx_____sys_sendmsg+0x10/0x10
[  127.408846][ T6710]  ___sys_sendmsg+0x134/0x1d0
[  127.408871][ T6710]  ? __pfx____sys_sendmsg+0x10/0x10
[  127.408891][ T6710]  ? __lock_acquire+0x622/0x1c90
[  127.408937][ T6710]  __sys_sendmsg+0x16d/0x220
[  127.408960][ T6710]  ? __pfx___sys_sendmsg+0x10/0x10
[  127.408999][ T6710]  do_syscall_64+0xcd/0x4c0
[  127.409024][ T6710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.409041][ T6710] RIP: 0033:0x7f41ded8e929
[  127.409055][ T6710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.409070][ T6710] RSP: 002b:00007f41dfb85038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.409085][ T6710] RAX: ffffffffffffffda RBX: 00007f41defb5fa0 RCX: 00007f41ded8e929
[  127.409096][ T6710] RDX: 0000000014008850 RSI: 00002000000001c0 RDI: 0000000000000003
[  127.409105][ T6710] RBP: 00007f41dfb85090 R08: 0000000000000000 R09: 0000000000000000
[  127.409115][ T6710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.409124][ T6710] R13: 0000000000000000 R14: 00007f41defb5fa0 R15: 00007ffd3680d9e8
[  127.409146][ T6710]  </TASK>
[  127.703664][   T30] kauditd_printk_skb: 37 callbacks suppressed
[  127.703679][   T30] audit: type=1400 audit(1752297060.479:399): avc:  denied  { create } for  pid=6712 comm="syz.4.193" name="#19" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  127.730175][   T30] audit: type=1400 audit(1752297060.479:400): avc:  denied  { link } for  pid=6712 comm="syz.4.193" name="#19" dev="tmpfs" ino=218 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  127.753016][   T30] audit: type=1400 audit(1752297060.479:401): avc:  denied  { rename } for  pid=6712 comm="syz.4.193" name="#1a" dev="tmpfs" ino=218 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  127.775112][   T30] audit: type=1400 audit(1752297060.549:402): avc:  denied  { read write } for  pid=6712 comm="syz.4.193" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  127.798282][   T30] audit: type=1400 audit(1752297060.549:403): avc:  denied  { open } for  pid=6712 comm="syz.4.193" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  127.822173][   T30] audit: type=1400 audit(1752297060.549:404): avc:  denied  { create } for  pid=6712 comm="syz.4.193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  127.841430][   T30] audit: type=1400 audit(1752297060.549:405): avc:  denied  { write } for  pid=6712 comm="syz.4.193" path="socket:[10907]" dev="sockfs" ino=10907 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  127.865465][   T30] audit: type=1400 audit(1752297060.549:406): avc:  denied  { ioctl } for  pid=6712 comm="syz.4.193" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  127.894565][   T30] audit: type=1400 audit(1752297060.689:407): avc:  denied  { read write } for  pid=6716 comm="syz.2.195" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  127.918472][   T30] audit: type=1400 audit(1752297060.689:408): avc:  denied  { open } for  pid=6716 comm="syz.2.195" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  128.035403][ T6720] coredump: 120(syz.4.193): Core dump to core aborted: cannot preserve file permissions
[  128.982907][ T6732] netlink: 'syz.1.198': attribute type 1 has an invalid length.
[  129.012815][ T6732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.198'.
[  129.036298][ T6732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.198'.
[  129.047248][ T6736] netlink: 'syz.4.197': attribute type 6 has an invalid length.
[  129.056431][ T6736] netlink: 8 bytes leftover after parsing attributes in process `syz.4.197'.
[  129.091109][ T6733] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=16384 sclass=netlink_route_socket pid=6733 comm=syz.1.198
[  129.110856][  T916] usb 4-1: USB disconnect, device number 8
[  129.458986][ T6741] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  129.467948][ T6741] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  129.477841][ T6741] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  129.488424][ T6741] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  129.513907][ T6742] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  130.560393][ T5895] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  130.700249][ T5895] usb 1-1: device descriptor read/64, error -71
[  131.031569][ T6769] netlink: 8 bytes leftover after parsing attributes in process `syz.2.207'.
[  131.040787][ T6769] netlink: 4 bytes leftover after parsing attributes in process `syz.2.207'.
[  131.170398][ T5895] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  131.441782][ T5895] usb 1-1: device descriptor read/64, error -71
[  131.550689][ T5895] usb usb1-port1: attempt power cycle
[  131.861132][ T5837] Bluetooth: Unexpected start frame (len 18)
[  131.940209][ T5895] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  131.974346][ T5895] usb 1-1: device descriptor read/8, error -71
[  132.166147][ T6788] syz.3.212: attempt to access beyond end of device
[  132.166147][ T6788] nbd3: rw=0, sector=64, nr_sectors = 1 limit=0
[  132.179462][ T6788] syz.3.212: attempt to access beyond end of device
[  132.179462][ T6788] nbd3: rw=0, sector=256, nr_sectors = 1 limit=0
[  132.192338][ T6788] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  132.202121][ T6788] syz.3.212: attempt to access beyond end of device
[  132.202121][ T6788] nbd3: rw=0, sector=512, nr_sectors = 1 limit=0
[  132.215786][ T6788] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  132.226270][ T6788] syz.3.212: attempt to access beyond end of device
[  132.226270][ T6788] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0
[  132.239069][ T6788] syz.3.212: attempt to access beyond end of device
[  132.239069][ T6788] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0
[  132.252687][ T6788] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  132.262720][ T6788] syz.3.212: attempt to access beyond end of device
[  132.262720][ T6788] nbd3: rw=0, sector=1024, nr_sectors = 2 limit=0
[  132.275748][ T6788] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  132.287035][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  132.287074][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  132.300166][ T6788] syz.3.212: attempt to access beyond end of device
[  132.300166][ T6788] nbd3: rw=0, sector=64, nr_sectors = 4 limit=0
[  132.313129][ T6788] syz.3.212: attempt to access beyond end of device
[  132.313129][ T6788] nbd3: rw=0, sector=1024, nr_sectors = 4 limit=0
[  132.326021][ T6788] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  132.335592][ T6788] syz.3.212: attempt to access beyond end of device
[  132.335592][ T6788] nbd3: rw=0, sector=2048, nr_sectors = 4 limit=0
[  132.348465][ T6788] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  132.358362][ T6788] syz.3.212: attempt to access beyond end of device
[  132.358362][ T6788] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  132.371392][ T6788] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  132.381067][ T6788] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  132.390518][ T6788] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1)
[  132.461229][ T5895] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  132.500668][ T5895] usb 1-1: device descriptor read/8, error -71
[  132.880322][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  132.880339][   T30] audit: type=1400 audit(1752297065.649:436): avc:  denied  { bind } for  pid=6783 comm="syz.4.210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  132.925408][ T5895] usb usb1-port1: unable to enumerate USB device
[  132.977238][   T30] audit: type=1400 audit(1752297065.649:437): avc:  denied  { node_bind } for  pid=6783 comm="syz.4.210" saddr=224.0.0.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  133.050843][   T30] audit: type=1400 audit(1752297065.649:438): avc:  denied  { connect } for  pid=6783 comm="syz.4.210" laddr=224.0.0.1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  133.078599][   T30] audit: type=1400 audit(1752297065.709:439): avc:  denied  { read } for  pid=6783 comm="syz.4.210" path="socket:[11340]" dev="sockfs" ino=11340 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  133.342100][ T6801] netlink: 8 bytes leftover after parsing attributes in process `syz.3.215'.
[  133.351325][ T6801] netlink: 4 bytes leftover after parsing attributes in process `syz.3.215'.
[  133.452172][   T30] audit: type=1400 audit(1752297066.249:440): avc:  denied  { getopt } for  pid=6805 comm="syz.0.217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  134.163703][ T6815] netlink: 'syz.2.218': attribute type 10 has an invalid length.
[  134.184236][ T6815] team0: Device ipvlan1 failed to register rx_handler
[  134.300399][  T916] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  134.457790][   T36] nci: nci_rx_work: unknown MT 0x1
[  134.499617][   T30] audit: type=1400 audit(1752297067.279:441): avc:  denied  { read } for  pid=6817 comm="syz.1.219" name="card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  134.531213][   T30] audit: type=1400 audit(1752297067.279:442): avc:  denied  { open } for  pid=6817 comm="syz.1.219" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  134.560168][   T30] audit: type=1400 audit(1752297067.279:443): avc:  denied  { ioctl } for  pid=6817 comm="syz.1.219" path="/dev/dri/card0" dev="devtmpfs" ino=627 ioctlcmd=0x6402 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  134.662930][  T916] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  134.720115][  T916] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  134.733069][ T6822] dummy0: entered promiscuous mode
[  134.750337][  T916] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  134.773308][ T6825] capability: warning: `syz.1.220' uses 32-bit capabilities (legacy support in use)
[  134.786790][ T6822] dummy0: entered allmulticast mode
[  134.794495][  T916] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  134.794522][   T30] audit: type=1400 audit(1752297067.559:444): avc:  denied  { map } for  pid=6819 comm="syz.1.220" path="socket:[11387]" dev="sockfs" ino=11387 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  134.816893][  T916] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  134.848334][  T916] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.858441][  T916] usb 1-1: Product: syz
[  134.872875][  T916] usb 1-1: Manufacturer: syz
[  134.877811][  T916] usb 1-1: SerialNumber: syz
[  135.074553][  T916] usb 1-1: config 0 descriptor??
[  135.233720][  T916] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input8
[  135.258332][   T30] audit: type=1400 audit(1752297068.049:445): avc:  denied  { read } for  pid=5186 comm="acpid" name="mouse1" dev="devtmpfs" ino=2877 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  135.428376][   T10] usb 1-1: USB disconnect, device number 11
[  135.434575][ T5915] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  135.604735][ T5915] usb 3-1: Using ep0 maxpacket: 32
[  135.673400][ T5915] usb 3-1: config 9 has an invalid interface number: 131 but max is 0
[  135.795002][ T5915] usb 3-1: config 9 has no interface number 0
[  135.812302][ T5915] usb 3-1: config 9 interface 131 has no altsetting 0
[  135.851616][ T5915] usb 3-1: New USB device found, idVendor=17cc, idProduct=4711, bcdDevice=c8.ec
[  135.871055][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.896436][ T5915] usb 3-1: Product: syz
[  135.904166][ T5915] usb 3-1: Manufacturer: syz
[  135.908840][ T5915] usb 3-1: SerialNumber: syz
[  136.014369][ T6845] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  136.140545][   T24] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  136.186906][ T5915] snd-usb-caiaq 3-1:9.131: can't set alt interface.
[  136.193883][ T5915] usb 3-1: unable to init card! (ret=-5)
[  136.470441][   T24] usb 4-1: Using ep0 maxpacket: 32
[  136.472460][ T5915] snd-usb-caiaq 3-1:9.131: probe with driver snd-usb-caiaq failed with error -5
[  136.477212][   T24] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  136.490511][ T6856] usb usb8: usbfs: process 6856 (syz.4.230) did not claim interface 0 before use
[  136.746022][ T5895] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  136.759146][   T24] usb 4-1: config 0 has no interface number 0
[  136.784206][   T24] usb 4-1: config 0 interface 85 has no altsetting 0
[  136.790466][ T5915] usb 3-1: USB disconnect, device number 9
[  136.806222][   T24] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  136.816983][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.829095][   T24] usb 4-1: Product: syz
[  136.833511][   T24] usb 4-1: Manufacturer: syz
[  136.838300][   T24] usb 4-1: SerialNumber: syz
[  136.870955][   T24] usb 4-1: config 0 descriptor??
[  136.911184][ T5895] usb 2-1: Using ep0 maxpacket: 16
[  136.937962][ T5895] usb 2-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  136.949152][ T5895] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  136.988185][ T5895] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 11
[  137.019661][ T5895] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 59391, setting to 1024
[  137.040175][ T5895] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  137.125375][ T5895] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  137.138027][ T5895] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  137.174011][ T5895] usb 2-1: Manufacturer: syz
[  137.205192][ T5895] usb 2-1: config 0 descriptor??
[  137.507280][   T24] appletouch 4-1:0.85: Geyser mode initialized.
[  137.554254][   T24] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.85/input/input9
[  137.632647][ T6866] netlink: 8 bytes leftover after parsing attributes in process `syz.0.233'.
[  137.780183][ T6866] netlink: 4 bytes leftover after parsing attributes in process `syz.0.233'.
[  137.785587][   T24] usb 4-1: USB disconnect, device number 9
[  137.837757][ T5895] rc_core: IR keymap rc-hauppauge not found
[  138.004867][ T5895] Registered IR keymap rc-empty
[  138.101093][   T24] appletouch 4-1:0.85: input: appletouch disconnected
[  138.123489][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.211938][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.271462][ T5895] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  138.326401][ T5895] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input10
[  138.360254][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  138.360268][   T30] audit: type=1400 audit(1752297071.149:460): avc:  denied  { ioctl } for  pid=6872 comm="syz.4.235" path="socket:[11256]" dev="sockfs" ino=11256 ioctlcmd=0x6615 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  138.394188][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.580127][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.600666][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.652798][   T30] audit: type=1400 audit(1752297071.449:461): avc:  denied  { read } for  pid=6877 comm="syz.4.237" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  138.675244][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.715074][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.771306][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.810404][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.820048][ T6885] netlink: 'syz.0.239': attribute type 6 has an invalid length.
[  138.857261][ T6885] netlink: 8 bytes leftover after parsing attributes in process `syz.0.239'.
[  138.870387][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.912391][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  138.960549][ T5895] mceusb 2-1:0.0: Error: mce write urb status = -71
[  139.014611][ T5895] mceusb 2-1:0.0: Registered  with mce emulator interface version 1
[  139.064556][ T5895] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  139.116890][ T5895] usb 2-1: USB disconnect, device number 3
[  139.167679][ T6890] netlink: 8 bytes leftover after parsing attributes in process `syz.0.240'.
[  139.463862][ T6895] trusted_key: encrypted_key: key trusted:‘8s‰X not found
[  139.472399][ T6886] mmap: syz.3.238 (6886) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  139.710319][ T5838] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  139.922018][ T6903] netlink: zone id is out of range
[  139.940615][ T6903] netlink: del zone limit has 4 unknown bytes
[  139.950136][ T5838] usb 3-1: Using ep0 maxpacket: 32
[  139.975127][ T5838] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  139.995299][ T5838] usb 3-1: config 0 has no interface number 0
[  140.020201][ T5838] usb 3-1: config 0 interface 85 has no altsetting 0
[  140.130484][ T5838] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  140.150220][ T5838] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.160901][ T6907] netlink: 'syz.3.247': attribute type 10 has an invalid length.
[  140.179189][ T5838] usb 3-1: Product: syz
[  140.184798][   T10] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  140.187379][ T5838] usb 3-1: Manufacturer: syz
[  140.209643][ T6907] 8021q: adding VLAN 0 to HW filter on device team0
[  140.216588][ T5838] usb 3-1: SerialNumber: syz
[  140.226057][ T6907] bond0: (slave team0): Enslaving as an active interface with an up link
[  140.238866][ T5838] usb 3-1: config 0 descriptor??
[  140.360399][   T10] usb 1-1: Using ep0 maxpacket: 32
[  140.746166][   T30] audit: type=1400 audit(1752297073.058:462): avc:  denied  { write } for  pid=6906 comm="syz.3.247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  140.780751][   T10] usb 1-1: config 9 has an invalid interface number: 131 but max is 0
[  140.795688][   T10] usb 1-1: config 9 has no interface number 0
[  140.810813][   T30] audit: type=1326 audit(1752297073.098:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6904 comm="syz.4.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcd098e929 code=0x7ffc0000
[  140.833609][   T10] usb 1-1: config 9 interface 131 has no altsetting 0
[  140.838496][   T30] audit: type=1326 audit(1752297073.098:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6904 comm="syz.4.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcd098e929 code=0x7ffc0000
[  140.866906][   T30] audit: type=1326 audit(1752297073.108:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6904 comm="syz.4.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdcd098e929 code=0x7ffc0000
[  140.938253][   T30] audit: type=1326 audit(1752297073.108:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6904 comm="syz.4.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcd098e929 code=0x7ffc0000
[  140.971916][   T30] audit: type=1326 audit(1752297073.108:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6904 comm="syz.4.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcd098e929 code=0x7ffc0000
[  140.996468][   T10] usb 1-1: New USB device found, idVendor=17cc, idProduct=4711, bcdDevice=c8.ec
[  141.010351][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.038013][   T10] usb 1-1: Product: syz
[  141.050382][   T10] usb 1-1: Manufacturer: syz
[  141.063053][   T10] usb 1-1: SerialNumber: syz
[  141.064654][   T30] audit: type=1326 audit(1752297073.108:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6904 comm="syz.4.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fdcd098e929 code=0x7ffc0000
[  141.122026][   T30] audit: type=1400 audit(1752297073.108:469): avc:  denied  { kexec_image_load } for  pid=6904 comm="syz.4.246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  141.196931][ T5838] appletouch 3-1:0.85: Geyser mode initialized.
[  141.207649][ T5838] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input11
[  141.557571][ T5838] usb 3-1: USB disconnect, device number 10
[  141.559719][   T10] snd-usb-caiaq 1-1:9.131: can't set alt interface.
[  141.589727][ T5838] appletouch 3-1:0.85: input: appletouch disconnected
[  141.615601][   T10] usb 1-1: unable to init card! (ret=-5)
[  141.637536][   T10] snd-usb-caiaq 1-1:9.131: probe with driver snd-usb-caiaq failed with error -5
[  141.684679][   T10] usb 1-1: USB disconnect, device number 12
[  142.274434][   T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  142.347411][ T6938] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.256'.
[  142.440428][   T10] usb 5-1: Using ep0 maxpacket: 16
[  142.454414][   T10] usb 5-1: config 1 has an invalid interface number: 105 but max is 0
[  142.475989][ T6944] netlink: zone id is out of range
[  142.483935][ T6944] netlink: del zone limit has 4 unknown bytes
[  143.302810][   T24] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  143.332619][   T10] usb 5-1: config 1 has no interface number 0
[  143.338772][   T10] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  143.342917][ T6950] netlink: zone id is out of range
[  143.353399][   T10] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  143.364944][   T10] usb 5-1: config 1 interface 105 has no altsetting 0
[  143.381972][   T10] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  143.392457][ T6950] netlink: del zone limit has 4 unknown bytes
[  143.400305][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.408337][   T10] usb 5-1: Product: syz
[  143.420132][   T10] usb 5-1: Manufacturer: syz
[  143.424740][   T10] usb 5-1: SerialNumber: syz
[  143.449118][   T30] kauditd_printk_skb: 29 callbacks suppressed
[  143.449134][   T30] audit: type=1400 audit(1752297076.239:499): avc:  denied  { create } for  pid=6953 comm="syz.0.261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  143.491777][ T6926] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  143.499030][ T6926] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  143.530179][   T24] usb 4-1: Using ep0 maxpacket: 32
[  143.544707][   T24] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  143.557608][   T24] usb 4-1: config 0 has no interface number 0
[  143.570605][   T24] usb 4-1: config 0 interface 85 has no altsetting 0
[  143.598505][   T24] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  143.619765][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.634097][   T24] usb 4-1: Product: syz
[  143.780645][   T24] usb 4-1: Manufacturer: syz
[  143.785749][   T24] usb 4-1: SerialNumber: syz
[  143.792402][   T24] usb 4-1: config 0 descriptor??
[  143.978344][ T6926] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  144.004906][ T6926] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  144.480336][   T30] audit: type=1400 audit(1752297077.239:500): avc:  denied  { create } for  pid=6955 comm="syz.0.262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  144.505054][   T24] appletouch 4-1:0.85: Failed to read mode from device.
[  144.538382][   T24] appletouch 4-1:0.85: probe with driver appletouch failed with error -5
[  144.572796][   T24] usb 4-1: USB disconnect, device number 10
[  144.610490][ T6968] kernel profiling enabled (shift: 7)
[  144.690173][    T9] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  144.759176][   T10] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[  144.870166][    T9] usb 1-1: Using ep0 maxpacket: 32
[  144.881243][    T9] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  144.890427][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.912835][    T9] usb 1-1: config 0 descriptor??
[  145.207986][   T10] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  145.276496][   T10] aqc111 5-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.4-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 20:fc:94:45:3a:41
[  145.299327][   T10] usb 5-1: USB disconnect, device number 5
[  145.312068][   T10] aqc111 5-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.4-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  145.423957][   T10] aqc111 5-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  145.442266][   T10] aqc111 5-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  145.460339][   T10] aqc111 5-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  145.513760][   T30] audit: type=1400 audit(1752297078.309:501): avc:  denied  { read } for  pid=5496 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  145.548761][    T9] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  145.563645][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  145.574063][   T30] audit: type=1400 audit(1752297078.339:502): avc:  denied  { bind } for  pid=6977 comm="syz.1.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  145.593475][   T24] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  145.601771][    T9] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  145.609407][    T9] usb 1-1: media controller created
[  145.636699][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  145.695099][ T6981] netlink: 12 bytes leftover after parsing attributes in process `syz.1.269'.
[  145.705416][ T6981] netlink: 31 bytes leftover after parsing attributes in process `syz.1.269'.
[  145.715454][ T6981] netlink: 'syz.1.269': attribute type 3 has an invalid length.
[  145.723700][ T6981] netlink: 'syz.1.269': attribute type 2 has an invalid length.
[  145.731695][ T6981] netlink: 31 bytes leftover after parsing attributes in process `syz.1.269'.
[  145.861484][   T24] usb 3-1: Using ep0 maxpacket: 32
[  145.885997][   T24] usb 3-1: config 9 has an invalid interface number: 131 but max is 0
[  146.094363][   T24] usb 3-1: config 9 has no interface number 0
[  146.103468][   T24] usb 3-1: config 9 interface 131 has no altsetting 0
[  146.132749][   T24] usb 3-1: New USB device found, idVendor=17cc, idProduct=4711, bcdDevice=c8.ec
[  146.143436][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.154098][   T24] usb 3-1: Product: syz
[  146.158703][   T24] usb 3-1: Manufacturer: syz
[  146.164658][   T24] usb 3-1: SerialNumber: syz
[  146.301345][   T30] audit: type=1400 audit(1752297079.099:503): avc:  denied  { write } for  pid=6987 comm="syz.4.271" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  146.377547][   T30] audit: type=1400 audit(1752297079.159:504): avc:  denied  { mount } for  pid=6987 comm="syz.4.271" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  146.438044][   T24] snd-usb-caiaq 3-1:9.131: can't set alt interface.
[  146.585849][   T24] usb 3-1: unable to init card! (ret=-5)
[  146.607459][   T24] snd-usb-caiaq 3-1:9.131: probe with driver snd-usb-caiaq failed with error -5
[  147.194247][   T24] usb 3-1: USB disconnect, device number 11
[  147.339942][    T9] az6027: usb out operation failed. (-71)
[  147.364047][    T9] az6027: usb out operation failed. (-71)
[  147.392050][    T9] stb0899_attach: Driver disabled by Kconfig
[  147.407420][    T9] az6027: no front-end attached
[  147.407420][    T9] 
[  147.441502][    T9] az6027: usb out operation failed. (-71)
[  147.471359][    T9] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  147.502889][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input13
[  147.542783][ T5838] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  147.561693][    T9] dvb-usb: schedule remote query interval to 400 msecs.
[  147.578826][    T9] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  148.030690][    T9] usb 1-1: USB disconnect, device number 13
[  148.054721][ T5838] usb 5-1: Using ep0 maxpacket: 8
[  148.071578][ T5838] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  148.079417][   T30] audit: type=1400 audit(1752297080.869:505): avc:  denied  { execute } for  pid=7001 comm="syz.2.276" path="/52/cpu.stat" dev="tmpfs" ino=326 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  148.082665][ T5838] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  148.358044][    T9] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  148.421731][ T7007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.278'.
[  148.431768][ T7007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.278'.
[  148.490197][ T5838] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  148.519404][ T5838] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  148.530828][ T7006] netlink: 132 bytes leftover after parsing attributes in process `syz.2.278'.
[  148.545882][ T5838] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  148.555430][ T5838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.602719][   T30] audit: type=1400 audit(1752297081.389:506): avc:  denied  { ioctl } for  pid=7012 comm="syz.1.279" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  148.708279][   T30] audit: type=1400 audit(1752297081.389:507): avc:  denied  { set_context_mgr } for  pid=7012 comm="syz.1.279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  148.931377][ T5838] usb 5-1: usb_control_msg returned -32
[  149.088199][ T5838] usbtmc 5-1:16.0: can't read capabilities
[  149.099917][   T30] audit: type=1400 audit(1752297081.659:508): avc:  denied  { name_bind } for  pid=7012 comm="syz.1.279" src=128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket permissive=1
[  149.488199][ T7021] process 'syz.2.282' launched './file2' with NULL argv: empty string added
[  149.518125][   T30] audit: type=1400 audit(1752297082.299:509): avc:  denied  { execute_no_trans } for  pid=7017 comm="syz.2.282" path="/54/file2" dev="tmpfs" ino=337 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  150.165660][ T7025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  150.176420][ T7025] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  150.181018][   T30] audit: type=1400 audit(1752297082.349:510): avc:  denied  { read write } for  pid=7017 comm="syz.2.282" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  150.214871][   T30] audit: type=1400 audit(1752297082.349:511): avc:  denied  { open } for  pid=7017 comm="syz.2.282" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  150.239264][   T30] audit: type=1400 audit(1752297082.359:512): avc:  denied  { create } for  pid=7017 comm="syz.2.282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  150.259041][   T30] audit: type=1400 audit(1752297082.359:513): avc:  denied  { connect } for  pid=7017 comm="syz.2.282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  150.495418][   T30] audit: type=1400 audit(1752297082.369:514): avc:  denied  { ioctl } for  pid=7017 comm="syz.2.282" path="socket:[12551]" dev="sockfs" ino=12551 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  150.829797][ T5915] usb 5-1: USB disconnect, device number 6
[  150.858061][   T30] audit: type=1400 audit(1752297083.649:515): avc:  denied  { create } for  pid=7028 comm="syz.2.284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  152.288449][ T7041] netlink: 12 bytes leftover after parsing attributes in process `syz.3.287'.
[  152.314841][ T7041] netlink: 'syz.3.287': attribute type 6 has an invalid length.
[  152.344757][ T7043] comedi comedi3: pcl818: I/O port conflict (0x2f00,16)
[  152.354208][ T7041] netlink: 8 bytes leftover after parsing attributes in process `syz.3.287'.
[  152.377974][ T7043] netlink: 'syz.0.288': attribute type 10 has an invalid length.
[  152.403237][ T7043] team0: Device ipvlan1 failed to register rx_handler
[  154.242376][ T7069] netlink: 'syz.4.295': attribute type 3 has an invalid length.
[  154.326062][ T7072] FAULT_INJECTION: forcing a failure.
[  154.326062][ T7072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.369438][ T7072] CPU: 1 UID: 0 PID: 7072 Comm: syz.3.296 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  154.369455][ T7072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  154.369461][ T7072] Call Trace:
[  154.369465][ T7072]  <TASK>
[  154.369469][ T7072]  dump_stack_lvl+0x16c/0x1f0
[  154.369488][ T7072]  should_fail_ex+0x512/0x640
[  154.369504][ T7072]  _copy_from_user+0x2e/0xd0
[  154.369519][ T7072]  copy_msghdr_from_user+0x98/0x160
[  154.369534][ T7072]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  154.369549][ T7072]  ? kfree+0x24f/0x4d0
[  154.369561][ T7072]  ? __lock_acquire+0x622/0x1c90
[  154.369573][ T7072]  ___sys_recvmsg+0xdb/0x1a0
[  154.369587][ T7072]  ? __pfx____sys_recvmsg+0x10/0x10
[  154.369608][ T7072]  ? __pfx___might_resched+0x10/0x10
[  154.369625][ T7072]  do_recvmmsg+0x2fe/0x750
[  154.369640][ T7072]  ? __pfx_do_recvmmsg+0x10/0x10
[  154.369656][ T7072]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  154.369675][ T7072]  ? __fget_files+0x20e/0x3c0
[  154.369692][ T7072]  __x64_sys_recvmmsg+0x22a/0x280
[  154.369708][ T7072]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  154.369726][ T7072]  do_syscall_64+0xcd/0x4c0
[  154.369741][ T7072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.369752][ T7072] RIP: 0033:0x7f461f98e929
[  154.369760][ T7072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.369770][ T7072] RSP: 002b:00007f4620817038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  154.369780][ T7072] RAX: ffffffffffffffda RBX: 00007f461fbb5fa0 RCX: 00007f461f98e929
[  154.369787][ T7072] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  154.369793][ T7072] RBP: 00007f4620817090 R08: 0000000000000000 R09: 0000000000000000
[  154.369799][ T7072] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  154.369804][ T7072] R13: 0000000000000000 R14: 00007f461fbb5fa0 R15: 00007ffc7a7f4628
[  154.369817][ T7072]  </TASK>
[  154.562036][    C1] vkms_vblank_simulate: vblank timer overrun
[  154.599747][ T7074] FAULT_INJECTION: forcing a failure.
[  154.599747][ T7074] name failslab, interval 1, probability 0, space 0, times 0
[  154.613688][ T7074] CPU: 1 UID: 0 PID: 7074 Comm: syz.3.297 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  154.613703][ T7074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  154.613710][ T7074] Call Trace:
[  154.613713][ T7074]  <TASK>
[  154.613717][ T7074]  dump_stack_lvl+0x16c/0x1f0
[  154.613735][ T7074]  should_fail_ex+0x512/0x640
[  154.613749][ T7074]  ? __kmalloc_noprof+0xbf/0x510
[  154.613764][ T7074]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  154.613777][ T7074]  should_failslab+0xc2/0x120
[  154.613792][ T7074]  __kmalloc_noprof+0xd2/0x510
[  154.613808][ T7074]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  154.613824][ T7074]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  154.613836][ T7074]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  154.613852][ T7074]  ? bpf_lsm_capable+0x9/0x10
[  154.613863][ T7074]  ? security_capable+0x7e/0x260
[  154.613875][ T7074]  ? ns_capable+0xd7/0x110
[  154.613889][ T7074]  genl_rcv_msg+0x55c/0x800
[  154.613902][ T7074]  ? __pfx_genl_rcv_msg+0x10/0x10
[  154.613917][ T7074]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  154.613931][ T7074]  ? __pfx_nl80211_start_ap+0x10/0x10
[  154.613945][ T7074]  ? __pfx_nl80211_post_doit+0x10/0x10
[  154.613963][ T7074]  netlink_rcv_skb+0x155/0x420
[  154.613973][ T7074]  ? __pfx_genl_rcv_msg+0x10/0x10
[  154.613985][ T7074]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  154.614000][ T7074]  ? netlink_deliver_tap+0x1ae/0xd30
[  154.614019][ T7074]  genl_rcv+0x28/0x40
[  154.614028][ T7074]  netlink_unicast+0x58d/0x850
[  154.614040][ T7074]  ? __pfx_netlink_unicast+0x10/0x10
[  154.614053][ T7074]  netlink_sendmsg+0x8d1/0xdd0
[  154.614065][ T7074]  ? __pfx_netlink_sendmsg+0x10/0x10
[  154.614080][ T7074]  ____sys_sendmsg+0xa98/0xc70
[  154.614091][ T7074]  ? copy_msghdr_from_user+0x10a/0x160
[  154.614105][ T7074]  ? __pfx_____sys_sendmsg+0x10/0x10
[  154.614121][ T7074]  ___sys_sendmsg+0x134/0x1d0
[  154.614139][ T7074]  ? __pfx____sys_sendmsg+0x10/0x10
[  154.614151][ T7074]  ? __lock_acquire+0x622/0x1c90
[  154.614177][ T7074]  __sys_sendmsg+0x16d/0x220
[  154.614191][ T7074]  ? __pfx___sys_sendmsg+0x10/0x10
[  154.614213][ T7074]  do_syscall_64+0xcd/0x4c0
[  154.614229][ T7074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.614239][ T7074] RIP: 0033:0x7f461f98e929
[  154.614248][ T7074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.614258][ T7074] RSP: 002b:00007f4620817038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  154.614268][ T7074] RAX: ffffffffffffffda RBX: 00007f461fbb5fa0 RCX: 00007f461f98e929
[  154.614274][ T7074] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  154.614280][ T7074] RBP: 00007f4620817090 R08: 0000000000000000 R09: 0000000000000000
[  154.614286][ T7074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.614291][ T7074] R13: 0000000000000000 R14: 00007f461fbb5fa0 R15: 00007ffc7a7f4628
[  154.614304][ T7074]  </TASK>
[  154.906012][    C1] vkms_vblank_simulate: vblank timer overrun
[  155.100249][   T24] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  155.280151][   T24] usb 5-1: Using ep0 maxpacket: 16
[  155.285930][   T24] usb 5-1: too many configurations: 60, using maximum allowed: 8
[  155.307087][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  155.307097][   T30] audit: type=1400 audit(1752297088.099:523): avc:  denied  { write } for  pid=7078 comm="syz.0.299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  155.401155][   T24] usb 5-1: New USB device found, idVendor=0471, idProduct=032c, bcdDevice=ba.e9
[  155.414020][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=204
[  155.435828][   T24] usb 5-1: Product: syz
[  155.441957][   T24] usb 5-1: Manufacturer: syz
[  155.443117][   T30] audit: type=1400 audit(1752297088.239:524): avc:  denied  { write } for  pid=7066 comm="syz.2.294" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  155.450209][   T24] usb 5-1: SerialNumber: syz
[  155.626849][   T24] usb 5-1: config 0 descriptor??
[  155.633788][   T24] pwc: Philips SPC 880NC USB webcam detected.
[  155.910920][ T7088] 9pnet: Unknown protocol version 9
[  156.008031][   T24] pwc: Warning: more than 1 configuration available.
[  156.020273][   T24] pwc: Failed to set LED on/off time (-71)
[  156.030147][   T24] pwc: send_video_command error -71
[  156.035354][   T24] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  156.050911][   T24] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71
[  156.095668][   T24] usb 5-1: USB disconnect, device number 7
[  156.326436][   T30] audit: type=1400 audit(1752297089.109:525): avc:  denied  { create } for  pid=7093 comm="syz.0.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  156.818675][ T7105] =======================================================
[  156.818675][ T7105] WARNING: The mand mount option has been deprecated and
[  156.818675][ T7105]          and is ignored by this kernel. Remove the mand
[  156.818675][ T7105]          option from the mount to silence this warning.
[  156.818675][ T7105] =======================================================
[  157.189926][ T7111] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.202777][   T30] audit: type=1400 audit(1752297089.989:526): avc:  denied  { ioctl } for  pid=7109 comm="syz.0.307" path="socket:[12811]" dev="sockfs" ino=12811 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  157.563961][ T7117] netlink: 28 bytes leftover after parsing attributes in process `syz.2.308'.
[  157.943110][   T30] audit: type=1400 audit(1752297090.739:527): avc:  denied  { create } for  pid=7118 comm="syz.0.310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  158.005102][   T30] audit: type=1400 audit(1752297090.759:528): avc:  denied  { connect } for  pid=7118 comm="syz.0.310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  158.290161][   T30] audit: type=1400 audit(1752297090.759:529): avc:  denied  { bind } for  pid=7118 comm="syz.0.310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  158.332650][   T30] audit: type=1400 audit(1752297090.759:530): avc:  denied  { write } for  pid=7118 comm="syz.0.310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  158.356678][   T30] audit: type=1400 audit(1752297090.759:531): avc:  denied  { create } for  pid=7119 comm="syz.1.311" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  158.716937][ T7124] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  159.098335][   T30] audit: type=1400 audit(1752297090.759:532): avc:  denied  { write } for  pid=7119 comm="syz.1.311" name="file0" dev="tmpfs" ino=409 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  159.198290][ T7131] FAULT_INJECTION: forcing a failure.
[  159.198290][ T7131] name failslab, interval 1, probability 0, space 0, times 0
[  159.211042][ T7131] CPU: 0 UID: 0 PID: 7131 Comm: syz.2.313 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  159.211064][ T7131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  159.211074][ T7131] Call Trace:
[  159.211080][ T7131]  <TASK>
[  159.211085][ T7131]  dump_stack_lvl+0x16c/0x1f0
[  159.211103][ T7131]  should_fail_ex+0x512/0x640
[  159.211121][ T7131]  ? fs_reclaim_acquire+0xae/0x150
[  159.211133][ T7131]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  159.211148][ T7131]  should_failslab+0xc2/0x120
[  159.211163][ T7131]  __kmalloc_noprof+0xd2/0x510
[  159.211180][ T7131]  tomoyo_realpath_from_path+0xc2/0x6e0
[  159.211198][ T7131]  tomoyo_check_open_permission+0x2ab/0x3c0
[  159.211211][ T7131]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  159.211229][ T7131]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[  159.211251][ T7131]  ? do_raw_spin_lock+0x12c/0x2b0
[  159.211266][ T7131]  tomoyo_file_open+0x6b/0x90
[  159.211277][ T7131]  security_file_open+0x84/0x1e0
[  159.211292][ T7131]  do_dentry_open+0x596/0x1c10
[  159.211310][ T7131]  vfs_open+0x82/0x3f0
[  159.211321][ T7131]  path_openat+0x1de4/0x2cb0
[  159.211339][ T7131]  ? __pfx_path_openat+0x10/0x10
[  159.211357][ T7131]  do_filp_open+0x20b/0x470
[  159.211371][ T7131]  ? __pfx_do_filp_open+0x10/0x10
[  159.211395][ T7131]  ? alloc_fd+0x471/0x7d0
[  159.211413][ T7131]  do_sys_openat2+0x11b/0x1d0
[  159.211423][ T7131]  ? __pfx_do_sys_openat2+0x10/0x10
[  159.211435][ T7131]  ? __pfx___schedule+0x10/0x10
[  159.211450][ T7131]  __x64_sys_openat+0x174/0x210
[  159.211460][ T7131]  ? __pfx___x64_sys_openat+0x10/0x10
[  159.211475][ T7131]  do_syscall_64+0xcd/0x4c0
[  159.211491][ T7131]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.211502][ T7131] RIP: 0033:0x7f41ded8e929
[  159.211511][ T7131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.211521][ T7131] RSP: 002b:00007f41dfb64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  159.211531][ T7131] RAX: ffffffffffffffda RBX: 00007f41defb6080 RCX: 00007f41ded8e929
[  159.211537][ T7131] RDX: 0000000000000002 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  159.211543][ T7131] RBP: 00007f41dfb64090 R08: 0000000000000000 R09: 0000000000000000
[  159.211549][ T7131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.211555][ T7131] R13: 0000000000000001 R14: 00007f41defb6080 R15: 00007ffd3680d9e8
[  159.211568][ T7131]  </TASK>
[  159.211587][ T7131] ERROR: Out of memory at tomoyo_realpath_from_path.
[  160.438181][ T7146] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  161.068795][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  161.068811][   T30] audit: type=1400 audit(1752297093.819:537): avc:  denied  { getopt } for  pid=7118 comm="syz.0.310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  162.040740][   T30] audit: type=1400 audit(1752297094.829:538): avc:  denied  { append } for  pid=7162 comm="syz.0.321" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  162.262520][   T30] audit: type=1400 audit(1752297094.909:539): avc:  denied  { setopt } for  pid=7162 comm="syz.0.321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  162.417938][ T7172] netlink: 'syz.0.321': attribute type 4 has an invalid length.
[  162.425770][ T7172] netlink: 17 bytes leftover after parsing attributes in process `syz.0.321'.
[  162.554268][ T7171] netlink: 48 bytes leftover after parsing attributes in process `syz.2.322'.
[  162.735282][ T7171] netlink: 12 bytes leftover after parsing attributes in process `syz.2.322'.
[  162.752132][   T30] audit: type=1400 audit(1752297095.489:540): avc:  denied  { shutdown } for  pid=7161 comm="syz.2.322" lport=44206 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  162.804053][ T7179] netlink: 8 bytes leftover after parsing attributes in process `syz.3.323'.
[  162.830566][ T7179] netlink: 4 bytes leftover after parsing attributes in process `syz.3.323'.
[  162.839429][ T7179] netlink: 'syz.3.323': attribute type 6 has an invalid length.
[  163.014128][ T7179] netlink: 8 bytes leftover after parsing attributes in process `syz.3.323'.
[  163.341693][ T5837] Bluetooth: Unexpected start frame (len 18)
[  163.477834][ T7188] netlink: 24 bytes leftover after parsing attributes in process `syz.4.326'.
[  163.558275][ T7190] FAULT_INJECTION: forcing a failure.
[  163.558275][ T7190] name failslab, interval 1, probability 0, space 0, times 0
[  163.570970][ T7190] CPU: 1 UID: 0 PID: 7190 Comm: syz.0.325 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  163.570993][ T7190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.571003][ T7190] Call Trace:
[  163.571008][ T7190]  <TASK>
[  163.571015][ T7190]  dump_stack_lvl+0x16c/0x1f0
[  163.571043][ T7190]  should_fail_ex+0x512/0x640
[  163.571065][ T7190]  ? __kmalloc_node_noprof+0xc5/0x500
[  163.571090][ T7190]  should_failslab+0xc2/0x120
[  163.571120][ T7190]  __kmalloc_node_noprof+0xd8/0x500
[  163.571142][ T7190]  ? load_msg+0x43/0x4a0
[  163.571171][ T7190]  load_msg+0x43/0x4a0
[  163.571199][ T7190]  do_mq_timedsend+0x3d7/0xc40
[  163.571220][ T7190]  ? __pfx_do_mq_timedsend+0x10/0x10
[  163.571248][ T7190]  ? __fget_files+0x20e/0x3c0
[  163.571277][ T7190]  __x64_sys_mq_timedsend+0x1cd/0x260
[  163.571296][ T7190]  ? ksys_write+0x1ac/0x250
[  163.571317][ T7190]  ? __pfx___x64_sys_mq_timedsend+0x10/0x10
[  163.571344][ T7190]  do_syscall_64+0xcd/0x4c0
[  163.571369][ T7190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.571386][ T7190] RIP: 0033:0x7f87ed98e929
[  163.571400][ T7190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.571417][ T7190] RSP: 002b:00007f87eb7f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2
[  163.571433][ T7190] RAX: ffffffffffffffda RBX: 00007f87edbb6160 RCX: 00007f87ed98e929
[  163.571444][ T7190] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009
[  163.571453][ T7190] RBP: 00007f87eb7f6090 R08: 0000000000000000 R09: 0000000000000000
[  163.571463][ T7190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.571472][ T7190] R13: 0000000000000000 R14: 00007f87edbb6160 R15: 00007ffd07fe9728
[  163.571495][ T7190]  </TASK>
[  163.756610][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.064230][ T7197] netlink: 'syz.1.327': attribute type 10 has an invalid length.
[  164.119050][ T7198] binder: 7192:7198 ioctl c05c6104 200000000280 returned -22
[  164.413813][   T30] audit: type=1400 audit(1752297097.209:541): avc:  denied  { bind } for  pid=7200 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  164.482138][   T30] audit: type=1400 audit(1752297097.229:542): avc:  denied  { listen } for  pid=7200 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  164.522837][   T30] audit: type=1400 audit(1752297097.239:543): avc:  denied  { bind } for  pid=7200 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  164.545478][   T30] audit: type=1400 audit(1752297097.239:544): avc:  denied  { setopt } for  pid=7200 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  164.577273][   T30] audit: type=1400 audit(1752297097.239:545): avc:  denied  { accept } for  pid=7200 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  164.579512][ T7210] netlink: 'syz.0.333': attribute type 39 has an invalid length.
[  164.618971][   T30] audit: type=1400 audit(1752297097.409:546): avc:  denied  { write } for  pid=7207 comm="syz.3.332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  164.800190][ T7210] veth0_macvtap: left promiscuous mode
[  166.089973][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  166.089987][   T30] audit: type=1400 audit(1752297098.879:550): avc:  denied  { search } for  pid=5496 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  166.132648][   T30] audit: type=1400 audit(1752297098.879:551): avc:  denied  { search } for  pid=5496 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  166.155546][   T30] audit: type=1400 audit(1752297098.879:552): avc:  denied  { search } for  pid=5496 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  166.177097][    C1] vkms_vblank_simulate: vblank timer overrun
[  166.187057][   T30] audit: type=1400 audit(1752297098.879:553): avc:  denied  { read } for  pid=5496 comm="dhcpcd" name="n102" dev="tmpfs" ino=3490 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  166.208668][    C1] vkms_vblank_simulate: vblank timer overrun
[  166.218647][ T7238] ALSA: mixer_oss: invalid OSS volume 'uq['q¨rbP[‘~sÊŠô&2'
[  166.230553][   T30] audit: type=1400 audit(1752297098.919:554): avc:  denied  { open } for  pid=5496 comm="dhcpcd" path="/run/udev/data/n102" dev="tmpfs" ino=3490 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  166.255794][   T30] audit: type=1400 audit(1752297098.919:555): avc:  denied  { getattr } for  pid=5496 comm="dhcpcd" path="/run/udev/data/n102" dev="tmpfs" ino=3490 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  166.279425][    C1] vkms_vblank_simulate: vblank timer overrun
[  166.333989][   T30] audit: type=1400 audit(1752297099.129:556): avc:  denied  { read open } for  pid=7241 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1844 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  166.359370][    C1] vkms_vblank_simulate: vblank timer overrun
[  166.392557][   T30] audit: type=1400 audit(1752297099.129:557): avc:  denied  { getattr } for  pid=7241 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1844 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  166.912956][ T7256] bad cache= option: no%e
[  166.912956][ T7256] 
[  166.919765][ T7256] CIFS: VFS: bad cache= option: no%e
[  166.940093][   T30] audit: type=1400 audit(1752297099.709:558): avc:  denied  { mounton } for  pid=7248 comm="syz.4.342" path="/67/file0" dev="tmpfs" ino=395 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  166.962436][    C1] vkms_vblank_simulate: vblank timer overrun
[  168.005754][   T30] audit: type=1400 audit(1752297100.799:559): avc:  denied  { audit_write } for  pid=7262 comm="syz.4.346" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  168.030715][ T7263] overlayfs: missing 'workdir'
[  169.250902][  T916] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  169.470186][  T916] usb 5-1: Using ep0 maxpacket: 8
[  169.542667][  T916] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  169.589405][  T916] usb 5-1: New USB device found, idVendor=09da, idProduct=000a, bcdDevice= 0.00
[  169.645499][  T916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.718872][  T916] usb 5-1: config 0 descriptor??
[  170.004614][ T7320] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  170.031787][ T7320] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  170.106948][ T7325] netlink: 'syz.1.360': attribute type 1 has an invalid length.
[  170.126658][ T7325] netlink: 224 bytes leftover after parsing attributes in process `syz.1.360'.
[  170.168145][  T916] a4tech 0003:09DA:000A.0002: item fetching failed at offset 0/11
[  170.207362][  T916] a4tech 0003:09DA:000A.0002: parse failed
[  170.240255][  T916] a4tech 0003:09DA:000A.0002: probe with driver a4tech failed with error -22
[  170.621981][  T916] usb 5-1: USB disconnect, device number 8
[  171.370143][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  171.370175][   T30] audit: type=1400 audit(1752297104.089:572): avc:  denied  { execute } for  pid=7345 comm="syz.1.366" path="/dev/dsp" dev="devtmpfs" ino=1290 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  171.400274][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.777337][ T7352] binder: 7351:7352 ioctl c0306201 200000000380 returned -11
[  172.870110][   T24] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  172.972733][   T30] audit: type=1400 audit(1752297105.759:573): avc:  denied  { create } for  pid=7369 comm="syz.0.372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  173.725679][   T30] audit: type=1400 audit(1752297105.759:574): avc:  denied  { execute } for  pid=7369 comm="syz.0.372" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=13423 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  173.760305][   T24] usb 5-1: Using ep0 maxpacket: 32
[  173.795455][   T24] usb 5-1: config 9 has an invalid interface number: 131 but max is 0
[  173.831629][   T24] usb 5-1: config 9 has no interface number 0
[  173.960443][   T24] usb 5-1: config 9 interface 131 has no altsetting 0
[  173.978277][   T24] usb 5-1: New USB device found, idVendor=17cc, idProduct=4711, bcdDevice=c8.ec
[  173.991984][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.467565][   T24] usb 5-1: Product: syz
[  174.472625][   T24] usb 5-1: Manufacturer: syz
[  174.477290][   T24] usb 5-1: SerialNumber: syz
[  174.765148][   T24] snd-usb-caiaq 5-1:9.131: can't set alt interface.
[  174.786448][   T24] usb 5-1: unable to init card! (ret=-5)
[  174.801937][   T24] snd-usb-caiaq 5-1:9.131: probe with driver snd-usb-caiaq failed with error -5
[  174.823195][   T24] usb 5-1: USB disconnect, device number 9
[  176.600173][   T30] audit: type=1326 audit(1752297109.389:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7392 comm="syz.2.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41ded8e929 code=0x7fc00000
[  176.827340][ T7401] evm: overlay not supported
[  177.253562][   T30] audit: type=1326 audit(1752297110.039:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7392 comm="syz.2.378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f41ded2ab19 code=0x7fc00000
[  178.601956][   T30] audit: type=1326 audit(1752297111.389:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f461f98e929 code=0x7ffc0000
[  178.691219][   T30] audit: type=1326 audit(1752297111.389:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f461f98e929 code=0x7ffc0000
[  178.809405][   T30] audit: type=1326 audit(1752297111.389:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f461f98e929 code=0x7ffc0000
[  178.891781][   T30] audit: type=1326 audit(1752297111.419:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f461f98e929 code=0x7ffc0000
[  178.976462][   T30] audit: type=1326 audit(1752297111.419:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f461f98e929 code=0x7ffc0000
[  179.050916][   T30] audit: type=1326 audit(1752297111.419:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f461f98e929 code=0x7ffc0000
[  179.056646][ T7424] netlink: 8 bytes leftover after parsing attributes in process `syz.4.386'.
[  179.107737][ T7424] netlink: 4 bytes leftover after parsing attributes in process `syz.4.386'.
[  179.145426][ T7419] netlink: 8 bytes leftover after parsing attributes in process `syz.0.383'.
[  179.154693][ T7419] netlink: 4 bytes leftover after parsing attributes in process `syz.0.383'.
[  179.253355][   T30] audit: type=1326 audit(1752297111.419:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f461f98e929 code=0x7ffc0000
[  179.280618][   T30] audit: type=1326 audit(1752297111.419:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7420 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f461f98e929 code=0x7ffc0000
[  179.598797][ T7436] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  179.607609][ T7436] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  179.616286][ T7436] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  179.624953][ T7436] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  180.520165][   T24] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  180.745675][ T7450] netlink: 'syz.2.395': attribute type 3 has an invalid length.
[  180.753350][   T24] usb 5-1: Using ep0 maxpacket: 8
[  180.756357][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.765653][ T7450] netlink: 'syz.2.395': attribute type 3 has an invalid length.
[  181.226823][   T24] usb 5-1: New USB device found, idVendor=09da, idProduct=000a, bcdDevice= 0.00
[  181.236012][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.246434][   T24] usb 5-1: config 0 descriptor??
[  181.701970][   T24] a4tech 0003:09DA:000A.0003: item fetching failed at offset 0/11
[  181.717220][ T7469] FAULT_INJECTION: forcing a failure.
[  181.717220][ T7469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.767428][   T24] a4tech 0003:09DA:000A.0003: parse failed
[  181.795886][   T24] a4tech 0003:09DA:000A.0003: probe with driver a4tech failed with error -22
[  181.877393][ T7469] CPU: 1 UID: 0 PID: 7469 Comm: syz.0.400 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  181.877416][ T7469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  181.877425][ T7469] Call Trace:
[  181.877431][ T7469]  <TASK>
[  181.877437][ T7469]  dump_stack_lvl+0x16c/0x1f0
[  181.877466][ T7469]  should_fail_ex+0x512/0x640
[  181.877491][ T7469]  _copy_from_user+0x2e/0xd0
[  181.877514][ T7469]  kstrtouint_from_user+0xd6/0x1d0
[  181.877531][ T7469]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  181.877547][ T7469]  ? __lock_acquire+0xb8a/0x1c90
[  181.877576][ T7469]  proc_fail_nth_write+0x83/0x250
[  181.877598][ T7469]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  181.877627][ T7469]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  181.877647][ T7469]  vfs_write+0x29d/0x1150
[  181.877673][ T7469]  ? __pfx___mutex_lock+0x10/0x10
[  181.877697][ T7469]  ? __pfx_vfs_write+0x10/0x10
[  181.877724][ T7469]  ? __fget_files+0x20e/0x3c0
[  181.877755][ T7469]  ksys_write+0x12a/0x250
[  181.877775][ T7469]  ? __pfx_ksys_write+0x10/0x10
[  181.877797][ T7469]  ? fdget+0x187/0x210
[  181.877824][ T7469]  do_syscall_64+0xcd/0x4c0
[  181.877850][ T7469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.877867][ T7469] RIP: 0033:0x7f87ed98d3df
[  181.877881][ T7469] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  181.877897][ T7469] RSP: 002b:00007f87ee711030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  181.877913][ T7469] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f87ed98d3df
[  181.877924][ T7469] RDX: 0000000000000001 RSI: 00007f87ee7110a0 RDI: 0000000000000005
[  181.877933][ T7469] RBP: 00007f87ee711090 R08: 0000000000000000 R09: 0000000000000000
[  181.877943][ T7469] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  181.877952][ T7469] R13: 0000000000000000 R14: 00007f87edbb6080 R15: 00007ffd07fe9728
[  181.877991][ T7469]  </TASK>
[  182.201875][ T5895] usb 5-1: USB disconnect, device number 10
[  182.313604][ T7475] netlink: 48 bytes leftover after parsing attributes in process `syz.1.401'.
[  182.434175][ T7475] netlink: 12 bytes leftover after parsing attributes in process `syz.1.401'.
[  182.921820][   T30] kauditd_printk_skb: 29 callbacks suppressed
[  182.921834][   T30] audit: type=1326 audit(1752297115.719:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7488 comm="syz.4.408" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdcd098e929 code=0x0
[  183.337298][   T30] audit: type=1400 audit(1752297116.029:615): avc:  denied  { create } for  pid=7488 comm="syz.4.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  183.446570][   T30] audit: type=1400 audit(1752297116.039:616): avc:  denied  { connect } for  pid=7488 comm="syz.4.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  184.436344][ T7502] netlink: 140 bytes leftover after parsing attributes in process `syz.4.408'.
[  184.555540][   T30] audit: type=1400 audit(1752297117.349:617): avc:  denied  { ioctl } for  pid=7503 comm="syz.0.412" path="socket:[14359]" dev="sockfs" ino=14359 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  184.579932][    C0] vkms_vblank_simulate: vblank timer overrun
[  184.704913][   T30] audit: type=1400 audit(1752297117.499:618): avc:  denied  { create } for  pid=7509 comm="syz.4.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  184.724638][    C0] vkms_vblank_simulate: vblank timer overrun
[  184.817552][   T30] audit: type=1400 audit(1752297117.589:619): avc:  denied  { bind } for  pid=7509 comm="syz.4.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  185.020700][   T30] audit: type=1400 audit(1752297117.789:620): avc:  denied  { write } for  pid=7521 comm="syz.3.417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  185.344658][   T24] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  185.890085][   T24] usb 3-1: Using ep0 maxpacket: 8
[  185.900713][   T24] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  185.919748][   T24] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  185.970102][   T24] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  185.979844][   T24] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  186.010075][   T24] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  186.081040][   T24] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  186.105814][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.409162][   T24] usb 3-1: usb_control_msg returned -32
[  186.418069][   T24] usbtmc 3-1:16.0: can't read capabilities
[  186.534519][   T30] audit: type=1400 audit(1752297119.329:621): avc:  denied  { map } for  pid=7549 comm="syz.1.426" path="socket:[13782]" dev="sockfs" ino=13782 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  186.558418][    C0] vkms_vblank_simulate: vblank timer overrun
[  186.687492][   T30] audit: type=1400 audit(1752297119.329:622): avc:  denied  { accept } for  pid=7549 comm="syz.1.426" path="socket:[13782]" dev="sockfs" ino=13782 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  186.711665][    C0] vkms_vblank_simulate: vblank timer overrun
[  187.078540][   T30] audit: type=1400 audit(1752297119.329:623): avc:  denied  { setattr } for  pid=7549 comm="syz.1.426" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  188.049520][ T7569] netlink: 48 bytes leftover after parsing attributes in process `syz.1.431'.
[  188.095486][ T5838] usb 3-1: USB disconnect, device number 12
[  188.529445][ T7569] netlink: 12 bytes leftover after parsing attributes in process `syz.1.431'.
[  189.485916][ T7586] netlink: 8 bytes leftover after parsing attributes in process `syz.4.437'.
[  189.502550][ T7586] netlink: 4 bytes leftover after parsing attributes in process `syz.4.437'.
[  190.058784][ T7595] netlink: zone id is out of range
[  190.075447][ T7595] netlink: del zone limit has 4 unknown bytes
[  190.682570][ T5835] Bluetooth: hci2: command 0x0406 tx timeout
[  190.682602][ T5845] Bluetooth: hci3: command 0x0406 tx timeout
[  190.688607][ T5835] Bluetooth: hci1: command 0x0406 tx timeout
[  190.688649][ T5835] Bluetooth: hci4: command 0x0406 tx timeout
[  191.534908][ T7598] netlink: 8 bytes leftover after parsing attributes in process `syz.4.443'.
[  191.543704][ T7598] netlink: 4 bytes leftover after parsing attributes in process `syz.4.443'.
[  192.125549][ T7605] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  192.132142][ T7605] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  192.139854][ T7605] vhci_hcd vhci_hcd.0: Device attached
[  192.202056][ T7614] vhci_hcd: connection closed
[  192.209753][   T13] vhci_hcd: stop threads
[  192.233811][   T13] vhci_hcd: release socket
[  192.244337][   T13] vhci_hcd: disconnect device
[  192.602546][   T30] audit: type=1400 audit(1752297125.369:624): avc:  denied  { ioctl } for  pid=7620 comm="syz.1.448" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x941b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  192.824579][ T7621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.446'.
[  192.840556][ T7629] netlink: zone id is out of range
[  192.842540][ T7621] netlink: 4 bytes leftover after parsing attributes in process `syz.0.446'.
[  192.851077][ T7629] netlink: del zone limit has 4 unknown bytes
[  193.015937][ T7635] FAULT_INJECTION: forcing a failure.
[  193.015937][ T7635] name failslab, interval 1, probability 0, space 0, times 0
[  193.028887][ T7635] CPU: 0 UID: 0 PID: 7635 Comm: syz.4.453 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  193.028910][ T7635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  193.028920][ T7635] Call Trace:
[  193.028926][ T7635]  <TASK>
[  193.028933][ T7635]  dump_stack_lvl+0x16c/0x1f0
[  193.028962][ T7635]  should_fail_ex+0x512/0x640
[  193.028984][ T7635]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  193.029007][ T7635]  should_failslab+0xc2/0x120
[  193.029034][ T7635]  __kmalloc_cache_noprof+0x6a/0x3e0
[  193.029052][ T7635]  ? lockdep_hardirqs_on+0x7c/0x110
[  193.029075][ T7635]  ? alloc_fs_context+0x57/0x9c0
[  193.029105][ T7635]  alloc_fs_context+0x57/0x9c0
[  193.029134][ T7635]  __x64_sys_fsopen+0xeb/0x240
[  193.029161][ T7635]  do_syscall_64+0xcd/0x4c0
[  193.029188][ T7635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.029206][ T7635] RIP: 0033:0x7fdcd098e929
[  193.029220][ T7635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.029237][ T7635] RSP: 002b:00007fdcd17c0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  193.029254][ T7635] RAX: ffffffffffffffda RBX: 00007fdcd0bb5fa0 RCX: 00007fdcd098e929
[  193.029266][ T7635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  193.029276][ T7635] RBP: 00007fdcd17c0090 R08: 0000000000000000 R09: 0000000000000000
[  193.029286][ T7635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.029296][ T7635] R13: 0000000000000001 R14: 00007fdcd0bb5fa0 R15: 00007ffe62540288
[  193.029319][ T7635]  </TASK>
[  193.187921][    C0] vkms_vblank_simulate: vblank timer overrun
[  193.445306][   T30] audit: type=1400 audit(1752297126.219:625): avc:  denied  { getopt } for  pid=7637 comm="syz.4.454" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  193.464866][    C0] vkms_vblank_simulate: vblank timer overrun
[  193.753060][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  193.759320][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  194.534612][ T7646] vivid-007: =================  START STATUS  =================
[  194.542459][ T7646] vivid-007: Enable Output Cropping: true
[  194.548919][ T7646] vivid-007: Enable Output Composing: true
[  194.554964][ T7646] vivid-007: Enable Output Scaler: true
[  194.560667][ T7646] vivid-007: Tx RGB Quantization Range: Automatic
[  194.567194][ T7646] vivid-007: Transmit Mode: HDMI
[  194.572747][ T7646] vivid-007: Hotplug Present: 0x00000000
[  194.578447][ T7646] vivid-007: RxSense Present: 0x00000000
[  194.591026][ T7649] netlink: 4 bytes leftover after parsing attributes in process `syz.2.455'.
[  194.690106][ T7646] vivid-007: EDID Present: 0x00000000
[  194.695545][ T7646] vivid-007: ==================  END STATUS  ==================
[  195.405177][ T7653] ubi31: attaching mtd0
[  195.445364][ T7653] ubi31: scanning is finished
[  195.472970][ T7653] ubi31: empty MTD device detected
[  195.540753][ T7660] vivid-007: =================  START STATUS  =================
[  195.548378][ T7660] vivid-007: Enable Output Cropping: true
[  195.554231][ T7660] vivid-007: Enable Output Composing: true
[  195.560213][ T7660] vivid-007: Enable Output Scaler: true
[  195.565868][ T7660] vivid-007: Tx RGB Quantization Range: Automatic
[  195.572428][ T7660] vivid-007: Transmit Mode: HDMI
[  195.577403][ T7660] vivid-007: Hotplug Present: 0x00000000
[  195.583257][ T7660] vivid-007: RxSense Present: 0x00000000
[  195.588990][ T7660] vivid-007: EDID Present: 0x00000000
[  195.594547][ T7660] vivid-007: ==================  END STATUS  ==================
[  195.763659][ T7662] FAULT_INJECTION: forcing a failure.
[  195.763659][ T7662] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.917468][ T7662] CPU: 0 UID: 0 PID: 7662 Comm: syz.1.459 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  195.917492][ T7662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.917504][ T7662] Call Trace:
[  195.917509][ T7662]  <TASK>
[  195.917515][ T7662]  dump_stack_lvl+0x16c/0x1f0
[  195.917543][ T7662]  should_fail_ex+0x512/0x640
[  195.917569][ T7662]  _copy_from_iter+0x29f/0x16f0
[  195.917595][ T7662]  ? __alloc_skb+0x200/0x380
[  195.917617][ T7662]  ? __pfx__copy_from_iter+0x10/0x10
[  195.917643][ T7662]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  195.917677][ T7662]  netlink_sendmsg+0x829/0xdd0
[  195.917698][ T7662]  ? __pfx_netlink_sendmsg+0x10/0x10
[  195.917724][ T7662]  ____sys_sendmsg+0xa98/0xc70
[  195.917742][ T7662]  ? copy_msghdr_from_user+0x10a/0x160
[  195.917764][ T7662]  ? __pfx_____sys_sendmsg+0x10/0x10
[  195.917793][ T7662]  ___sys_sendmsg+0x134/0x1d0
[  195.917817][ T7662]  ? __pfx____sys_sendmsg+0x10/0x10
[  195.917838][ T7662]  ? __lock_acquire+0x622/0x1c90
[  195.917886][ T7662]  __sys_sendmsg+0x16d/0x220
[  195.917907][ T7662]  ? __pfx___sys_sendmsg+0x10/0x10
[  195.917946][ T7662]  do_syscall_64+0xcd/0x4c0
[  195.917971][ T7662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.917989][ T7662] RIP: 0033:0x7fae6d98e929
[  195.918003][ T7662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.918019][ T7662] RSP: 002b:00007fae6e88a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.918036][ T7662] RAX: ffffffffffffffda RBX: 00007fae6dbb5fa0 RCX: 00007fae6d98e929
[  195.918046][ T7662] RDX: 0000000000000880 RSI: 0000200000000140 RDI: 0000000000000003
[  195.918056][ T7662] RBP: 00007fae6e88a090 R08: 0000000000000000 R09: 0000000000000000
[  195.918066][ T7662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.918076][ T7662] R13: 0000000000000000 R14: 00007fae6dbb5fa0 R15: 00007ffe00a99778
[  195.918100][ T7662]  </TASK>
[  196.242272][ T7667] netlink: 'syz.3.461': attribute type 4 has an invalid length.
[  196.250058][ T7667] netlink: 17 bytes leftover after parsing attributes in process `syz.3.461'.
[  196.738602][ T7664] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  196.752492][   T30] audit: type=1400 audit(1752297128.709:626): avc:  denied  { name_bind } for  pid=7652 comm="syz.2.460" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  196.957342][   T30] audit: type=1400 audit(1752297128.709:627): avc:  denied  { getopt } for  pid=7652 comm="syz.2.460" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  197.446666][ T7670] netlink: 24 bytes leftover after parsing attributes in process `syz.3.462'.
[  197.474494][ T7653] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  197.839625][ T7676] netlink: 'syz.0.463': attribute type 4 has an invalid length.
[  197.847344][ T7676] netlink: 17 bytes leftover after parsing attributes in process `syz.0.463'.
[  199.190610][ T7681] netlink: 8 bytes leftover after parsing attributes in process `syz.1.464'.
[  199.204803][ T7681] ip6erspan0: entered promiscuous mode
[  199.741385][   T30] audit: type=1400 audit(1752297132.539:628): avc:  denied  { read } for  pid=7693 comm="syz.2.467" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  199.764310][    C0] vkms_vblank_simulate: vblank timer overrun
[  199.872883][ T7703] xt_TPROXY: Can be used only with -p tcp or -p udp
[  199.889935][   T30] audit: type=1400 audit(1752297132.539:629): avc:  denied  { open } for  pid=7693 comm="syz.2.467" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  199.932824][   T30] audit: type=1400 audit(1752297132.539:630): avc:  denied  { ioctl } for  pid=7693 comm="syz.2.467" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  200.096907][   T30] audit: type=1400 audit(1752297132.889:631): avc:  denied  { map } for  pid=7705 comm="syz.4.470" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  200.181571][   T30] audit: type=1400 audit(1752297132.889:632): avc:  denied  { execute } for  pid=7705 comm="syz.4.470" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  200.205823][   T30] audit: type=1400 audit(1752297132.929:633): avc:  denied  { setopt } for  pid=7705 comm="syz.4.470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  200.225368][   T30] audit: type=1400 audit(1752297132.929:634): avc:  denied  { wake_alarm } for  pid=7705 comm="syz.4.470" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  200.246669][   T30] audit: type=1400 audit(1752297132.929:635): avc:  denied  { bind } for  pid=7705 comm="syz.4.470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  200.284842][   T30] audit: type=1400 audit(1752297133.079:636): avc:  denied  { associate } for  pid=7705 comm="syz.4.470" name="memory.events" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  200.610823][ T7716] netlink: 'syz.3.472': attribute type 4 has an invalid length.
[  200.618514][ T7716] netlink: 17 bytes leftover after parsing attributes in process `syz.3.472'.
[  200.760842][   T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  200.980508][   T10] usb 2-1: Using ep0 maxpacket: 16
[  201.044710][   T10] usb 2-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  201.071312][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.094226][   T10] usb 2-1: config 0 descriptor??
[  201.105906][   T10] gspca_main: sonixj-2.14.0 probing 0471:0327
[  201.840179][ T7734] FAULT_INJECTION: forcing a failure.
[  201.840179][ T7734] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  201.873568][ T7734] CPU: 0 UID: 0 PID: 7734 Comm: syz.4.479 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  201.873593][ T7734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  201.873602][ T7734] Call Trace:
[  201.873607][ T7734]  <TASK>
[  201.873613][ T7734]  dump_stack_lvl+0x16c/0x1f0
[  201.873641][ T7734]  should_fail_ex+0x512/0x640
[  201.873670][ T7734]  _copy_from_user+0x2e/0xd0
[  201.873694][ T7734]  input_event_from_user+0x133/0x3b0
[  201.873718][ T7734]  ? __pfx_input_event_from_user+0x10/0x10
[  201.873741][ T7734]  ? __pfx___might_resched+0x10/0x10
[  201.873762][ T7734]  ? input_inject_event+0x1a5/0x390
[  201.873787][ T7734]  evdev_write+0x37b/0x750
[  201.873812][ T7734]  ? __pfx_evdev_write+0x10/0x10
[  201.873843][ T7734]  ? __pfx_evdev_write+0x10/0x10
[  201.873869][ T7734]  vfs_write+0x29d/0x1150
[  201.873896][ T7734]  ? __pfx_vfs_write+0x10/0x10
[  201.873914][ T7734]  ? find_held_lock+0x2b/0x80
[  201.873936][ T7734]  ? __fget_files+0x204/0x3c0
[  201.873962][ T7734]  ? __fget_files+0x20e/0x3c0
[  201.873992][ T7734]  ksys_write+0x1f8/0x250
[  201.874012][ T7734]  ? __pfx_ksys_write+0x10/0x10
[  201.874040][ T7734]  do_syscall_64+0xcd/0x4c0
[  201.874065][ T7734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.874081][ T7734] RIP: 0033:0x7fdcd098e929
[  201.874095][ T7734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.874108][ T7734] RSP: 002b:00007fdcd179f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  201.874123][ T7734] RAX: ffffffffffffffda RBX: 00007fdcd0bb6080 RCX: 00007fdcd098e929
[  201.874134][ T7734] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000003
[  201.874144][ T7734] RBP: 00007fdcd179f090 R08: 0000000000000000 R09: 0000000000000000
[  201.874153][ T7734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.874163][ T7734] R13: 0000000000000001 R14: 00007fdcd0bb6080 R15: 00007ffe62540288
[  201.874185][ T7734]  </TASK>
[  202.075117][    C0] vkms_vblank_simulate: vblank timer overrun
[  202.225179][   T30] audit: type=1400 audit(1752297134.979:637): avc:  denied  { create } for  pid=7736 comm="syz.2.480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  202.245259][    C0] vkms_vblank_simulate: vblank timer overrun
[  202.618894][ T7747] random: crng reseeded on system resumption
[  203.214498][ T7755] geneve3: entered promiscuous mode
[  203.220828][ T7755] geneve3: entered allmulticast mode
[  203.474882][ T7763] netlink: 'syz.3.484': attribute type 4 has an invalid length.
[  203.482688][ T7763] netlink: 17 bytes leftover after parsing attributes in process `syz.3.484'.
[  204.820163][   T10] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  205.074356][  T916] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  205.250093][  T916] usb 3-1: Using ep0 maxpacket: 8
[  205.250100][   T10] usb 5-1: Using ep0 maxpacket: 32
[  205.264760][   T10] usb 5-1: config 9 has an invalid interface number: 131 but max is 0
[  205.265284][  T916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.273912][   T10] usb 5-1: config 9 has no interface number 0
[  205.286644][  T916] usb 3-1: New USB device found, idVendor=09da, idProduct=000a, bcdDevice= 0.00
[  205.298575][  T916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.306728][   T10] usb 5-1: config 9 interface 131 has no altsetting 0
[  205.440703][   T10] usb 5-1: New USB device found, idVendor=17cc, idProduct=4711, bcdDevice=c8.ec
[  205.441823][  T916] usb 3-1: config 0 descriptor??
[  205.451135][ T5895] usb 2-1: USB disconnect, device number 4
[  205.483946][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.559598][   T10] usb 5-1: Product: syz
[  205.672685][   T10] usb 5-1: Manufacturer: syz
[  205.751054][   T10] usb 5-1: SerialNumber: syz
[  206.040872][  T916] a4tech 0003:09DA:000A.0004: item fetching failed at offset 0/11
[  206.049578][  T916] a4tech 0003:09DA:000A.0004: parse failed
[  206.060286][  T916] a4tech 0003:09DA:000A.0004: probe with driver a4tech failed with error -22
[  206.274314][   T10] snd-usb-caiaq 5-1:9.131: can't set alt interface.
[  206.304041][   T10] usb 5-1: unable to init card! (ret=-5)
[  206.318712][   T10] snd-usb-caiaq 5-1:9.131: probe with driver snd-usb-caiaq failed with error -5
[  206.723727][ T7796] netlink: 48 bytes leftover after parsing attributes in process `syz.0.494'.
[  206.767432][  T916] usb 3-1: USB disconnect, device number 13
[  206.769442][   T10] usb 5-1: USB disconnect, device number 11
[  206.839336][ T7796] netlink: 12 bytes leftover after parsing attributes in process `syz.0.494'.
[  207.081953][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  207.081968][   T30] audit: type=1400 audit(1752297139.879:643): avc:  denied  { read write } for  pid=7804 comm="syz.1.498" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  207.351810][   T30] audit: type=1400 audit(1752297139.879:644): avc:  denied  { open } for  pid=7804 comm="syz.1.498" path="/dev/uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  207.440572][   T10] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  207.448449][   T30] audit: type=1400 audit(1752297139.879:645): avc:  denied  { ioctl } for  pid=7804 comm="syz.1.498" path="/dev/uinput" dev="devtmpfs" ino=920 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  207.475518][   T30] audit: type=1400 audit(1752297139.879:646): avc:  denied  { read write } for  pid=7804 comm="syz.1.498" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  207.499938][   T30] audit: type=1400 audit(1752297139.879:647): avc:  denied  { open } for  pid=7804 comm="syz.1.498" path="/dev/raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  207.541331][   T30] audit: type=1400 audit(1752297139.879:648): avc:  denied  { ioctl } for  pid=7804 comm="syz.1.498" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  207.568085][   T30] audit: type=1400 audit(1752297140.149:649): avc:  denied  { read write } for  pid=5841 comm="syz-executor" name="loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  207.612840][   T10] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  207.628187][   T30] audit: type=1400 audit(1752297140.149:650): avc:  denied  { open } for  pid=5841 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  207.628272][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  207.694768][   T30] audit: type=1400 audit(1752297140.149:651): avc:  denied  { ioctl } for  pid=5841 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=651 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  207.729690][   T30] audit: type=1400 audit(1752297140.189:652): avc:  denied  { create } for  pid=7808 comm="syz.3.499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  207.755856][   T10] usb 2-1: SerialNumber: syz
[  207.765195][   T10] usb 2-1: config 0 descriptor??
[  207.828307][ T7826] netlink: 48 bytes leftover after parsing attributes in process `syz.2.502'.
[  208.203088][ T7806] input: syz0 as /devices/virtual/input/input14
[  208.255486][ T7826] netlink: 12 bytes leftover after parsing attributes in process `syz.2.502'.
[  208.267374][   T10] usb-storage 2-1:0.0: USB Mass Storage device detected
[  208.485042][   T10] usb 2-1: USB disconnect, device number 5
[  209.276104][ T7840] macsec0: entered promiscuous mode
[  210.660199][   T10] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  210.794942][  T916] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  210.810170][   T10] usb 2-1: Using ep0 maxpacket: 32
[  210.822012][   T10] usb 2-1: config 0 has an invalid interface number: 140 but max is 0
[  210.830758][   T10] usb 2-1: config 0 has no interface number 0
[  210.838907][   T10] usb 2-1: New USB device found, idVendor=03f0, idProduct=1e1d, bcdDevice=1c.db
[  210.848369][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.856789][   T10] usb 2-1: Product: syz
[  210.861191][   T10] usb 2-1: Manufacturer: syz
[  210.865825][   T10] usb 2-1: SerialNumber: syz
[  210.880205][   T10] usb 2-1: config 0 descriptor??
[  210.897011][   T10] sierra 2-1:0.140: Sierra USB modem converter detected
[  210.960174][  T916] usb 5-1: Using ep0 maxpacket: 32
[  210.969556][  T916] usb 5-1: config 0 has an invalid interface number: 140 but max is 0
[  211.079536][  T916] usb 5-1: config 0 has no interface number 0
[  211.107494][  T916] usb 5-1: New USB device found, idVendor=03f0, idProduct=1e1d, bcdDevice=1c.db
[  211.146046][  T916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.164743][   T10] usb 2-1: Sierra USB modem converter now attached to ttyUSB0
[  211.180066][  T916] usb 5-1: Product: syz
[  211.194820][   T10] usb 2-1: USB disconnect, device number 6
[  211.200073][  T916] usb 5-1: Manufacturer: syz
[  211.207557][   T10] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  211.210092][ T5838] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  211.218893][   T10] sierra 2-1:0.140: device disconnected
[  211.234096][  T916] usb 5-1: SerialNumber: syz
[  211.261334][  T916] usb 5-1: config 0 descriptor??
[  211.283316][  T916] sierra 5-1:0.140: Sierra USB modem converter detected
[  211.400328][ T5838] usb 3-1: Using ep0 maxpacket: 8
[  211.407617][ T5838] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.419237][ T5838] usb 3-1: New USB device found, idVendor=09da, idProduct=000a, bcdDevice= 0.00
[  211.429541][ T5838] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.440986][ T5838] usb 3-1: config 0 descriptor??
[  211.491703][  T916] usb 5-1: Sierra USB modem converter now attached to ttyUSB0
[  211.503133][  T916] usb 5-1: USB disconnect, device number 12
[  211.515885][  T916] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  211.531561][  T916] sierra 5-1:0.140: device disconnected
[  212.363102][ T5838] a4tech 0003:09DA:000A.0005: item fetching failed at offset 0/11
[  212.374989][ T5838] a4tech 0003:09DA:000A.0005: parse failed
[  212.381523][ T5838] a4tech 0003:09DA:000A.0005: probe with driver a4tech failed with error -22
[  212.405818][   T30] kauditd_printk_skb: 78 callbacks suppressed
[  212.415178][   T30] audit: type=1400 audit(1752297145.189:731): avc:  denied  { name_bind } for  pid=7882 comm="syz.0.517" src=128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket permissive=1
[  212.717839][ T5895] usb 3-1: USB disconnect, device number 14
[  212.862806][   T30] audit: type=1400 audit(1752297145.659:732): avc:  denied  { read } for  pid=7897 comm="syz.0.522" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  212.931530][ T7899] netlink: 48 bytes leftover after parsing attributes in process `syz.3.521'.
[  212.960354][   T30] audit: type=1400 audit(1752297145.679:733): avc:  denied  { open } for  pid=7897 comm="syz.0.522" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  212.983882][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.420746][   T30] audit: type=1400 audit(1752297145.679:734): avc:  denied  { read } for  pid=7897 comm="syz.0.522" dev="nsfs" ino=4026532802 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  213.545778][   T30] audit: type=1400 audit(1752297145.679:735): avc:  denied  { open } for  pid=7897 comm="syz.0.522" path="net:[4026532802]" dev="nsfs" ino=4026532802 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  213.568814][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.647322][   T30] audit: type=1400 audit(1752297145.829:736): avc:  denied  { create } for  pid=7889 comm="syz.1.519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  213.729717][   T30] audit: type=1400 audit(1752297145.829:737): avc:  denied  { mounton } for  pid=7889 comm="syz.1.519" path="/syzcgroup/unified/syz1" dev="cgroup2" ino=96 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  213.799315][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.932655][   T30] audit: type=1400 audit(1752297146.699:738): avc:  denied  { write } for  pid=7896 comm="syz.4.523" name="netstat" dev="proc" ino=4026533163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  214.045867][ T7899] netlink: 12 bytes leftover after parsing attributes in process `syz.3.521'.
[  214.080412][   T30] audit: type=1400 audit(1752297146.849:739): avc:  denied  { create } for  pid=7897 comm="syz.0.522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  214.099595][    C1] vkms_vblank_simulate: vblank timer overrun
[  214.157446][   T30] audit: type=1400 audit(1752297146.849:740): avc:  denied  { ioctl } for  pid=7897 comm="syz.0.522" path="socket:[15382]" dev="sockfs" ino=15382 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  214.549162][ T7915] tipc: Started in network mode
[  214.554744][ T7915] tipc: Node identity 7edccbe34f5a, cluster identity 4711
[  214.565957][ T7915] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  214.727966][ T7912] tipc: Disabling bearer <eth:syzkaller0>
[  214.928321][ T7914] netlink: 8 bytes leftover after parsing attributes in process `syz.1.526'.
[  214.937167][ T7914] netlink: 4 bytes leftover after parsing attributes in process `syz.1.526'.
[  215.077142][ T7924] netlink: 48 bytes leftover after parsing attributes in process `syz.4.528'.
[  215.249448][ T7924] netlink: 12 bytes leftover after parsing attributes in process `syz.4.528'.
[  216.720138][ T5915] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  216.778720][ T7962] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  216.970498][ T5915] usb 2-1: Using ep0 maxpacket: 8
[  217.086425][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  217.125686][ T5915] usb 2-1: New USB device found, idVendor=09da, idProduct=000a, bcdDevice= 0.00
[  217.351884][ T7974] netlink: 'syz.0.543': attribute type 2 has an invalid length.
[  217.360534][ T7974] netlink: 'syz.0.543': attribute type 1 has an invalid length.
[  217.362961][ T5915] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.387782][ T7974] netlink: 1164 bytes leftover after parsing attributes in process `syz.0.543'.
[  217.472578][ T5915] usb 2-1: config 0 descriptor??
[  217.718989][ T5838] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  217.883068][ T5915] a4tech 0003:09DA:000A.0006: item fetching failed at offset 0/11
[  217.891294][ T5915] a4tech 0003:09DA:000A.0006: parse failed
[  217.922856][ T5838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  217.923691][ T5915] a4tech 0003:09DA:000A.0006: probe with driver a4tech failed with error -22
[  217.956462][ T5838] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  218.042703][ T5838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  218.143561][ T5915] usb 2-1: USB disconnect, device number 7
[  218.540101][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  218.540115][   T30] audit: type=1400 audit(1752297151.329:755): avc:  denied  { create } for  pid=7979 comm="syz.2.545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  218.542475][ T5838] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  218.546914][ T7982] FAULT_INJECTION: forcing a failure.
[  218.546914][ T7982] name failslab, interval 1, probability 0, space 0, times 0
[  218.565456][    C1] vkms_vblank_simulate: vblank timer overrun
[  218.603627][ T7982] CPU: 0 UID: 0 PID: 7982 Comm: syz.2.545 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  218.603650][ T7982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  218.603659][ T7982] Call Trace:
[  218.603665][ T7982]  <TASK>
[  218.603672][ T7982]  dump_stack_lvl+0x16c/0x1f0
[  218.603699][ T7982]  should_fail_ex+0x512/0x640
[  218.603720][ T7982]  ? fs_reclaim_acquire+0xae/0x150
[  218.603739][ T7982]  should_failslab+0xc2/0x120
[  218.603763][ T7982]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  218.603784][ T7982]  ? security_inode_alloc+0x3b/0x2b0
[  218.603808][ T7982]  security_inode_alloc+0x3b/0x2b0
[  218.603828][ T7982]  inode_init_always_gfp+0xce4/0x1030
[  218.603855][ T7982]  alloc_inode+0x86/0x240
[  218.603874][ T7982]  sock_alloc+0x40/0x280
[  218.603899][ T7982]  do_accept+0xf7/0x530
[  218.603916][ T7982]  ? do_raw_spin_lock+0x12c/0x2b0
[  218.603935][ T7982]  ? __pfx_do_accept+0x10/0x10
[  218.603958][ T7982]  __sys_accept4+0x100/0x1c0
[  218.603969][ T7982]  ? __pfx___sys_accept4+0x10/0x10
[  218.603981][ T7982]  ? __pfx_ksys_write+0x10/0x10
[  218.603997][ T7982]  __x64_sys_accept4+0x96/0x100
[  218.604008][ T7982]  ? lockdep_hardirqs_on+0x7c/0x110
[  218.604023][ T7982]  do_syscall_64+0xcd/0x4c0
[  218.604038][ T7982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.604049][ T7982] RIP: 0033:0x7f41ded8e929
[  218.604058][ T7982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.604073][ T7982] RSP: 002b:00007f41dfb85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  218.604083][ T7982] RAX: ffffffffffffffda RBX: 00007f41defb5fa0 RCX: 00007f41ded8e929
[  218.604089][ T7982] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  218.604095][ T7982] RBP: 00007f41dfb85090 R08: 0000000000000000 R09: 0000000000000000
[  218.604101][ T7982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.604107][ T7982] R13: 0000000000000000 R14: 00007f41defb5fa0 R15: 00007ffd3680d9e8
[  218.604120][ T7982]  </TASK>
[  218.620041][ T5838] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.821554][ T5838] usb 1-1: Product: syz
[  218.825923][ T5838] usb 1-1: Manufacturer: syz
[  218.830567][ T5838] usb 1-1: SerialNumber: syz
[  218.845424][ T5838] usb 1-1: config 0 descriptor??
[  218.856815][ T7974] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  218.864261][ T7974] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  218.872302][ T5838] usb 1-1: ucan: probing device on interface #0
[  219.082299][ T5838] usb 1-1: ucan: could not read protocol version, ret=128
[  219.360089][ T5838] usb 1-1: ucan: probe failed; try to update the device firmware
[  219.516323][   T30] audit: type=1400 audit(1752297152.309:756): avc:  denied  { bind } for  pid=7994 comm="syz.3.550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  219.914505][ T5915] usb 1-1: USB disconnect, device number 14
[  220.604279][   T30] audit: type=1400 audit(1752297153.039:757): avc:  denied  { accept } for  pid=8004 comm="syz.3.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  221.317134][ T8016] netlink: 14 bytes leftover after parsing attributes in process `syz.3.555'.
[  221.368345][   T30] audit: type=1400 audit(1752297154.159:758): avc:  denied  { create } for  pid=8017 comm="syz.0.556" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  221.560202][ T5838] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  221.633458][ T8021] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  221.640075][ T8021] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  221.648117][ T8021] vhci_hcd vhci_hcd.0: Device attached
[  221.773359][ T8022] vhci_hcd: connection closed
[  221.799528][   T36] vhci_hcd: stop threads
[  221.865241][   T36] vhci_hcd: release socket
[  221.900355][   T36] vhci_hcd: disconnect device
[  221.924487][   T30] audit: type=1400 audit(1752297154.609:759): avc:  denied  { write } for  pid=8017 comm="syz.0.556" path="socket:[15488]" dev="sockfs" ino=15488 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  221.954977][ T5895] usb 33-1: new high-speed USB device number 2 using vhci_hcd
[  222.012266][ T5895] usb 33-1: enqueue for inactive port 0
[  222.188761][ T5895] vhci_hcd: vhci_device speed not set
[  222.355382][ T8016] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  222.719039][ T8016] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  222.849540][ T8016] bond0 (unregistering): (slave team0): Releasing backup interface
[  222.980485][ T5838] usb 3-1: Using ep0 maxpacket: 32
[  223.006848][ T5838] usb 3-1: config 9 has an invalid interface number: 131 but max is 0
[  223.018904][ T5838] usb 3-1: config 9 has no interface number 0
[  223.146167][   T30] audit: type=1400 audit(1752297155.939:760): avc:  denied  { associate } for  pid=8028 comm="syz.1.559" name="file0" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  224.202288][ T8016] bond0 (unregistering): Released all slaves
[  224.208815][ T5838] usb 3-1: config 9 interface 131 has no altsetting 0
[  224.252575][ T8034] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13)
[  224.259169][ T8034] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  224.267034][ T5838] usb 3-1: string descriptor 0 read error: -71
[  224.277076][ T5151] Bluetooth: Unexpected start frame (len 18)
[  224.284409][   T30] audit: type=1400 audit(1752297157.069:761): avc:  denied  { write } for  pid=8037 comm="syz.2.560" path="/dev/vhci" dev="devtmpfs" ino=1268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  224.300231][ T8034] vhci_hcd vhci_hcd.0: Device attached
[  224.308110][ T5838] usb 3-1: New USB device found, idVendor=17cc, idProduct=4711, bcdDevice=c8.ec
[  224.323563][ T5838] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.336983][ T8036] vhci_hcd: connection closed
[  224.345038][ T5838] usb 3-1: can't set config #9, error -71
[  224.405500][   T12] vhci_hcd: stop threads
[  224.409763][   T12] vhci_hcd: release socket
[  224.412589][ T5838] usb 3-1: USB disconnect, device number 15
[  224.448088][   T12] vhci_hcd: disconnect device
[  224.458137][ T8044] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  224.620299][ T5895] vhci_hcd: vhci_device speed not set
[  225.696467][ T8075] netlink: 8 bytes leftover after parsing attributes in process `syz.0.566'.
[  225.705369][ T8075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.566'.
[  226.162643][   T30] audit: type=1400 audit(1752297158.959:762): avc:  denied  { create } for  pid=8084 comm="syz.3.571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  226.613925][   T30] audit: type=1400 audit(1752297159.409:763): avc:  denied  { bind } for  pid=8088 comm="syz.0.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  226.860243][ T5895] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  226.990104][ T5895] usb 1-1: device descriptor read/64, error -71
[  227.132497][   T30] audit: type=1400 audit(1752297159.919:764): avc:  denied  { create } for  pid=8108 comm="syz.3.579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  227.184377][   T30] audit: type=1400 audit(1752297159.919:765): avc:  denied  { map } for  pid=8108 comm="syz.3.579" path="socket:[16532]" dev="sockfs" ino=16532 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  227.334119][ T5895] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  227.939773][ T5895] usb 1-1: device descriptor read/64, error -71
[  228.070514][ T5895] usb usb1-port1: attempt power cycle
[  228.500106][ T5895] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  228.694995][ T8135] comedi comedi0: Minor 14 could not be opened
[  228.881814][ T5895] usb 1-1: device descriptor read/8, error -71
[  229.160250][ T5895] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  229.207102][   T30] audit: type=1400 audit(1752297161.999:766): avc:  denied  { ioctl } for  pid=8139 comm="syz.4.587" path="socket:[16580]" dev="sockfs" ino=16580 ioctlcmd=0x8904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  229.440130][ T5895] usb 1-1: device not accepting address 18, error -71
[  229.450258][ T5895] usb usb1-port1: unable to enumerate USB device
[  229.466550][ T8147] netlink: 4 bytes leftover after parsing attributes in process `syz.3.590'.
[  229.917788][ T8151] FAULT_INJECTION: forcing a failure.
[  229.917788][ T8151] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.930347][   T30] audit: type=1400 audit(1752297162.709:767): avc:  denied  { read } for  pid=8148 comm="syz.0.591" name="vhost-net" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  229.940971][ T8151] CPU: 0 UID: 0 PID: 8151 Comm: syz.1.589 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  229.940993][ T8151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.941002][ T8151] Call Trace:
[  229.941007][ T8151]  <TASK>
[  229.941012][ T8151]  dump_stack_lvl+0x16c/0x1f0
[  229.941037][ T8151]  should_fail_ex+0x512/0x640
[  229.941059][ T8151]  _copy_from_iter+0x29f/0x16f0
[  229.941083][ T8151]  ? __alloc_skb+0x200/0x380
[  229.941103][ T8151]  ? __pfx__copy_from_iter+0x10/0x10
[  229.941125][ T8151]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  229.941155][ T8151]  netlink_sendmsg+0x829/0xdd0
[  229.941172][ T8151]  ? __pfx_netlink_sendmsg+0x10/0x10
[  229.941195][ T8151]  ____sys_sendmsg+0xa98/0xc70
[  229.941211][ T8151]  ? copy_msghdr_from_user+0x10a/0x160
[  229.941230][ T8151]  ? __pfx_____sys_sendmsg+0x10/0x10
[  229.941254][ T8151]  ___sys_sendmsg+0x134/0x1d0
[  229.941275][ T8151]  ? __pfx____sys_sendmsg+0x10/0x10
[  229.941292][ T8151]  ? __lock_acquire+0x622/0x1c90
[  229.941336][ T8151]  __sys_sendmsg+0x16d/0x220
[  229.941356][ T8151]  ? __pfx___sys_sendmsg+0x10/0x10
[  229.941389][ T8151]  do_syscall_64+0xcd/0x4c0
[  229.941410][ T8151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.941425][ T8151] RIP: 0033:0x7fae6d98e929
[  229.941437][ T8151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.941451][ T8151] RSP: 002b:00007fae6e88a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  229.941466][ T8151] RAX: ffffffffffffffda RBX: 00007fae6dbb5fa0 RCX: 00007fae6d98e929
[  229.941475][ T8151] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  229.941483][ T8151] RBP: 00007fae6e88a090 R08: 0000000000000000 R09: 0000000000000000
[  229.941492][ T8151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.941500][ T8151] R13: 0000000000000000 R14: 00007fae6dbb5fa0 R15: 00007ffe00a99778
[  229.941520][ T8151]  </TASK>
[  230.234157][   T30] audit: type=1400 audit(1752297162.709:768): avc:  denied  { open } for  pid=8148 comm="syz.0.591" path="/dev/vhost-net" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  230.278990][   T30] audit: type=1400 audit(1752297162.729:769): avc:  denied  { ioctl } for  pid=8148 comm="syz.0.591" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  230.364340][   T30] audit: type=1400 audit(1752297162.729:770): avc:  denied  { block_suspend } for  pid=8148 comm="syz.0.591" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  230.527201][   T30] audit: type=1400 audit(1752297163.299:771): avc:  denied  { create } for  pid=8164 comm="syz.4.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  230.562573][   T30] audit: type=1400 audit(1752297163.299:772): avc:  denied  { connect } for  pid=8164 comm="syz.4.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  230.629897][   T30] audit: type=1400 audit(1752297163.299:773): avc:  denied  { setopt } for  pid=8164 comm="syz.4.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  230.655309][   T30] audit: type=1400 audit(1752297163.299:774): avc:  denied  { append } for  pid=8164 comm="syz.4.597" name="ubi_ctrl" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  230.684740][   T30] audit: type=1400 audit(1752297163.359:775): avc:  denied  { create } for  pid=8164 comm="syz.4.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  230.716540][   T30] audit: type=1400 audit(1752297163.389:776): avc:  denied  { open } for  pid=8170 comm="syz.1.599" path="/dev/ptyq7" dev="devtmpfs" ino=126 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  230.745960][ T8147] team0 (unregistering): Port device team_slave_0 removed
[  230.852925][ T8147] team0 (unregistering): Port device team_slave_1 removed
[  233.071911][ T8221] FAULT_INJECTION: forcing a failure.
[  233.071911][ T8221] name failslab, interval 1, probability 0, space 0, times 0
[  233.290208][ T8221] CPU: 0 UID: 0 PID: 8221 Comm: syz.4.614 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  233.290232][ T8221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  233.290242][ T8221] Call Trace:
[  233.290247][ T8221]  <TASK>
[  233.290253][ T8221]  dump_stack_lvl+0x16c/0x1f0
[  233.290288][ T8221]  should_fail_ex+0x512/0x640
[  233.290309][ T8221]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  233.290331][ T8221]  should_failslab+0xc2/0x120
[  233.290353][ T8221]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  233.290374][ T8221]  ? d_instantiate+0x77/0x90
[  233.290386][ T8221]  ? alloc_empty_file+0x55/0x1e0
[  233.290405][ T8221]  alloc_empty_file+0x55/0x1e0
[  233.290420][ T8221]  alloc_file_pseudo+0x13a/0x230
[  233.290438][ T8221]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  233.290456][ T8221]  ? hugetlbfs_get_inode+0x31f/0x730
[  233.290479][ T8221]  hugetlb_file_setup+0x4cd/0x620
[  233.290503][ T8221]  ksys_mmap_pgoff+0x189/0x5c0
[  233.290533][ T8221]  __x64_sys_mmap+0x125/0x190
[  233.290571][ T8221]  do_syscall_64+0xcd/0x4c0
[  233.290595][ T8221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.290612][ T8221] RIP: 0033:0x7fdcd098e929
[  233.290627][ T8221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.290642][ T8221] RSP: 002b:00007fdcd17c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  233.290657][ T8221] RAX: ffffffffffffffda RBX: 00007fdcd0bb5fa0 RCX: 00007fdcd098e929
[  233.290667][ T8221] RDX: 0000000002800001 RSI: 0000000000400000 RDI: 0000200000000000
[  233.290677][ T8221] RBP: 00007fdcd17c0090 R08: ffffffffffffffff R09: 0000000000000000
[  233.290685][ T8221] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001
[  233.290694][ T8221] R13: 0000000000000000 R14: 00007fdcd0bb5fa0 R15: 00007ffe62540288
[  233.290717][ T8221]  </TASK>
[  234.079277][ T5838] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  234.660061][ T5838] usb 1-1: Using ep0 maxpacket: 32
[  234.681119][ T5838] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  234.689344][ T5838] usb 1-1: config 0 has no interface number 0
[  234.695643][ T5838] usb 1-1: config 0 interface 12 has no altsetting 0
[  234.704045][ T5838] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  234.713262][ T5838] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.729378][ T5838] usb 1-1: Product: syz
[  234.738148][ T5838] usb 1-1: Manufacturer: syz
[  234.752060][ T5838] usb 1-1: SerialNumber: syz
[  234.770357][ T5838] usb 1-1: config 0 descriptor??
[  235.280212][ T5974] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  236.685851][ T8260] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  236.692473][ T8260] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  236.703963][ T8261] vhci_hcd: connection closed
[  236.704724][ T8260] vhci_hcd vhci_hcd.0: Device attached
[  236.752356][ T5974] usb 3-1: Using ep0 maxpacket: 8
[  236.762800][ T5974] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=99.03
[  236.775155][   T12] vhci_hcd: stop threads
[  236.779446][   T12] vhci_hcd: release socket
[  236.784028][ T5974] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.792100][   T12] vhci_hcd: disconnect device
[  236.792223][ T5974] usb 3-1: Product: syz
[  236.800974][ T5974] usb 3-1: Manufacturer: syz
[  236.806548][ T5974] usb 3-1: SerialNumber: syz
[  236.815650][ T5974] usb 3-1: config 0 descriptor??
[  236.826505][ T5974] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state.
[  236.865217][ T5974] dvb-usb: bulk message failed: -22 (2/0)
[  236.888692][ T5974] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  236.921156][ T5974] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver)
[  236.949562][ T5974] usb 3-1: media controller created
[  237.001377][ T5974] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  237.063222][ T5974] dvb-usb: bulk message failed: -22 (1/0)
[  237.069943][ T5974] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver'
[  237.085553][ T5974] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input15
[  237.102177][ T5974] dvb-usb: schedule remote query interval to 50 msecs.
[  237.118100][ T5974] dvb-usb: bulk message failed: -22 (2/0)
[  237.125891][ T5974] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected.
[  237.166246][ T5974] usb 3-1: USB disconnect, device number 16
[  237.176190][  T916] dvb-usb: bulk message failed: -22 (1/0)
[  237.303996][ T5838] f81534 1-1:0.12: f81534_get_register: reg: 1003 failed: -32
[  237.317929][  T916] dvb-usb: error while querying for an remote control event.
[  237.332768][ T5838] f81534 1-1:0.12: f81534_find_config_idx: read failed: -32
[  237.357133][ T5838] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -32
[  237.372324][ T5838] f81534 1-1:0.12: probe with driver f81534 failed with error -32
[  237.403296][ T5974] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected.
[  237.446183][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  237.446198][   T30] audit: type=1400 audit(1752297170.239:799): avc:  denied  { kexec_image_load } for  pid=8282 comm="syz.1.630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  237.538020][ T8285] overlayfs: failed to clone upperpath
[  237.550303][   T30] audit: type=1400 audit(1752297170.339:800): avc:  denied  { create } for  pid=8284 comm="syz.3.631" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  237.574788][   T30] audit: type=1400 audit(1752297170.369:801): avc:  denied  { link } for  pid=8284 comm="syz.3.631" name="file1" dev="tmpfs" ino=792 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  237.616798][   T30] audit: type=1400 audit(1752297170.409:802): avc:  denied  { unlink } for  pid=5825 comm="syz-executor" name="file0" dev="tmpfs" ino=792 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  237.696092][ T5895] usb 1-1: USB disconnect, device number 19
[  237.750324][   T30] audit: type=1400 audit(1752297170.539:803): avc:  denied  { read } for  pid=8289 comm="syz.2.633" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  237.804552][ T8294] block nbd1: not configured, cannot reconfigure
[  238.017690][   T30] audit: type=1400 audit(1752297170.539:804): avc:  denied  { open } for  pid=8289 comm="syz.2.633" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  238.180205][   T30] audit: type=1400 audit(1752297170.579:805): avc:  denied  { ioctl } for  pid=8289 comm="syz.2.633" path="/dev/rtc0" dev="devtmpfs" ino=921 ioctlcmd=0x700a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  238.320118][ T5974] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  238.624958][ T5974] usb 3-1: Using ep0 maxpacket: 16
[  238.666321][ T5974] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  238.767271][ T5974] usb 3-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=8b.57
[  238.784622][ T5974] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.805034][ T8304] netlink: 8 bytes leftover after parsing attributes in process `syz.0.635'.
[  238.813952][ T8304] netlink: 4 bytes leftover after parsing attributes in process `syz.0.635'.
[  238.844268][ T5974] usb 3-1: Product: syz
[  238.870120][ T5974] usb 3-1: Manufacturer: syz
[  238.880112][ T5974] usb 3-1: SerialNumber: syz
[  238.888174][ T5974] usb 3-1: config 0 descriptor??
[  238.907578][ T5974] port100 3-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  239.116833][ T5838] usb 3-1: USB disconnect, device number 17
[  239.228083][   T30] audit: type=1400 audit(1752297172.019:806): avc:  denied  { listen } for  pid=8312 comm="syz.3.638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  239.262150][ T5974] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  239.413675][   T30] audit: type=1400 audit(1752297172.209:807): avc:  denied  { write } for  pid=8324 comm="syz.0.640" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  239.420540][ T5974] usb 2-1: Using ep0 maxpacket: 32
[  239.453784][ T5974] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[  239.473271][ T5974] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  239.503071][ T5974] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  239.503986][ T8328] syzkaller1: entered promiscuous mode
[  239.522870][ T8328] syzkaller1: entered allmulticast mode
[  239.527722][ T5974] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  239.542822][ T5974] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  239.556298][ T5974] usb 2-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  239.566261][ T5974] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.579953][ T5974] usb 2-1: Product: syz
[  239.584498][ T5974] usb 2-1: Manufacturer: syz
[  239.589446][ T5974] usb 2-1: SerialNumber: syz
[  239.609774][ T5974] usb 2-1: config 0 descriptor??
[  239.616059][ T8309] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  239.641901][ T5974] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input16
[  239.698916][ T5186] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  239.767042][ T6196] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  239.805751][ T5186] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  239.834628][ T8335] netlink: 4 bytes leftover after parsing attributes in process `syz.0.642'.
[  239.851679][ T5186] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  239.867797][   T30] audit: type=1400 audit(1752297172.659:808): avc:  denied  { read } for  pid=8336 comm="syz.2.643" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  239.946177][ T5186] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  239.947467][ T5838] usb 2-1: USB disconnect, device number 8
[  239.956113][    C0] xpad 2-1:0.0: xpad_irq_in - usb_submit_urb failed with result -19
[  240.532465][ T6225] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[  240.652674][   T36] ------------[ cut here ]------------
[  240.658345][   T36] WARNING: CPU: 0 PID: 36 at net/wireless/ibss.c:37 __cfg80211_ibss_joined+0x4d5/0x580
[  240.668100][   T36] Modules linked in:
[  240.670489][ T8362] syzkaller1: entered promiscuous mode
[  240.672200][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  240.681258][ T8362] syzkaller1: entered allmulticast mode
[  240.689988][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  240.705805][   T36] Workqueue: cfg80211 cfg80211_event_work
[  240.712038][   T36] RIP: 0010:__cfg80211_ibss_joined+0x4d5/0x580
[  240.718180][   T36] Code: ff ff e8 9e 9e d5 f6 90 0f 0b 90 e9 58 fe ff ff e8 30 7a 3c f7 e9 22 fc ff ff e8 c6 79 3c f7 e9 66 fc ff ff e8 7c 9e d5 f6 90 <0f> 0b 90 e9 6f fc ff ff e8 6e 9e d5 f6 90 0f 0b e8 36 7a 3c f7 e9
[  240.737871][   T36] RSP: 0018:ffffc90000ac7af0 EFLAGS: 00010293
[  240.744204][   T36] RAX: 0000000000000000 RBX: ffff888056224d90 RCX: 0000000000000006
[  240.752377][   T36] RDX: ffff888142eea440 RSI: ffffffff8ae65894 RDI: ffffffff8c158f60
[  240.760557][   T36] RBP: ffffc90000ac7ba0 R08: 0000000000000001 R09: 0000000000000001
[  240.768531][   T36] R10: ffffffff90a98357 R11: 0000000000000001 R12: ffff888056224000
[  240.776699][   T36] R13: 1ffff92000158f62 R14: 0000000000000000 R15: ffffc90000ac7b30
[  240.784886][   T36] FS:  0000000000000000(0000) GS:ffff888124715000(0000) knlGS:0000000000000000
[  240.794091][   T36] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  240.800835][   T36] CR2: 000055558742b588 CR3: 00000000226e7000 CR4: 00000000003526f0
[  240.809186][   T36] Call Trace:
[  240.812938][   T36]  <TASK>
[  240.815866][   T36]  ? do_raw_spin_lock+0x12c/0x2b0
[  240.820910][   T36]  ? __pfx___cfg80211_ibss_joined+0x10/0x10
[  240.826801][   T36]  ? mark_held_locks+0x49/0x80
[  240.831589][   T36]  ? cfg80211_process_wdev_events+0x3dd/0x5c0
[  240.837660][   T36]  cfg80211_process_wdev_events+0x3dd/0x5c0
[  240.843605][   T36]  cfg80211_process_rdev_events+0x9f/0x130
[  240.849418][   T36]  cfg80211_event_work+0x2e/0x50
[  240.854383][   T36]  process_one_work+0x9cf/0x1b70
[  240.859332][   T36]  ? __pfx_linkwatch_event+0x10/0x10
[  240.864645][   T36]  ? __pfx_process_one_work+0x10/0x10
[  240.870046][   T36]  ? assign_work+0x1a0/0x250
[  240.874635][   T36]  worker_thread+0x6c8/0xf10
[  240.879208][   T36]  ? __pfx_worker_thread+0x10/0x10
[  240.884352][   T36]  kthread+0x3c5/0x780
[  240.888432][   T36]  ? __pfx_kthread+0x10/0x10
[  240.893036][   T36]  ? rcu_is_watching+0x12/0xc0
[  240.897796][   T36]  ? __pfx_kthread+0x10/0x10
[  240.902657][   T36]  ret_from_fork+0x5d7/0x6f0
[  240.907239][   T36]  ? __pfx_kthread+0x10/0x10
[  240.912222][   T36]  ret_from_fork_asm+0x1a/0x30
[  240.916994][   T36]  </TASK>
[  240.920106][   T36] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  240.927376][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc5-syzkaller-00193-g40f92e79b0aa #0 PREEMPT(full) 
[  240.939324][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  240.949355][   T36] Workqueue: cfg80211 cfg80211_event_work
[  240.955060][   T36] Call Trace:
[  240.958315][   T36]  <TASK>
[  240.961222][   T36]  dump_stack_lvl+0x3d/0x1f0
[  240.965793][   T36]  panic+0x71c/0x800
[  240.969674][   T36]  ? __pfx_panic+0x10/0x10
[  240.974073][   T36]  ? show_trace_log_lvl+0x29b/0x3e0
[  240.979253][   T36]  ? check_panic_on_warn+0x1f/0xb0
[  240.984347][   T36]  ? __cfg80211_ibss_joined+0x4d5/0x580
[  240.989870][   T36]  check_panic_on_warn+0xab/0xb0
[  240.994793][   T36]  __warn+0xf6/0x3c0
[  240.998664][   T36]  ? __cfg80211_ibss_joined+0x4d5/0x580
[  241.004196][   T36]  report_bug+0x3c3/0x580
[  241.008520][   T36]  ? __cfg80211_ibss_joined+0x4d5/0x580
[  241.014045][   T36]  handle_bug+0x184/0x210
[  241.018357][   T36]  exc_invalid_op+0x17/0x50
[  241.022839][   T36]  asm_exc_invalid_op+0x1a/0x20
[  241.027673][   T36] RIP: 0010:__cfg80211_ibss_joined+0x4d5/0x580
[  241.033811][   T36] Code: ff ff e8 9e 9e d5 f6 90 0f 0b 90 e9 58 fe ff ff e8 30 7a 3c f7 e9 22 fc ff ff e8 c6 79 3c f7 e9 66 fc ff ff e8 7c 9e d5 f6 90 <0f> 0b 90 e9 6f fc ff ff e8 6e 9e d5 f6 90 0f 0b e8 36 7a 3c f7 e9
[  241.053399][   T36] RSP: 0018:ffffc90000ac7af0 EFLAGS: 00010293
[  241.059446][   T36] RAX: 0000000000000000 RBX: ffff888056224d90 RCX: 0000000000000006
[  241.067396][   T36] RDX: ffff888142eea440 RSI: ffffffff8ae65894 RDI: ffffffff8c158f60
[  241.075348][   T36] RBP: ffffc90000ac7ba0 R08: 0000000000000001 R09: 0000000000000001
[  241.083300][   T36] R10: ffffffff90a98357 R11: 0000000000000001 R12: ffff888056224000
[  241.091253][   T36] R13: 1ffff92000158f62 R14: 0000000000000000 R15: ffffc90000ac7b30
[  241.099212][   T36]  ? __cfg80211_ibss_joined+0x4d4/0x580
[  241.104746][   T36]  ? do_raw_spin_lock+0x12c/0x2b0
[  241.109756][   T36]  ? __pfx___cfg80211_ibss_joined+0x10/0x10
[  241.115643][   T36]  ? mark_held_locks+0x49/0x80
[  241.120398][   T36]  ? cfg80211_process_wdev_events+0x3dd/0x5c0
[  241.126449][   T36]  cfg80211_process_wdev_events+0x3dd/0x5c0
[  241.132337][   T36]  cfg80211_process_rdev_events+0x9f/0x130
[  241.138128][   T36]  cfg80211_event_work+0x2e/0x50
[  241.143054][   T36]  process_one_work+0x9cf/0x1b70
[  241.147980][   T36]  ? __pfx_linkwatch_event+0x10/0x10
[  241.153255][   T36]  ? __pfx_process_one_work+0x10/0x10
[  241.158614][   T36]  ? assign_work+0x1a0/0x250
[  241.163193][   T36]  worker_thread+0x6c8/0xf10
[  241.167772][   T36]  ? __pfx_worker_thread+0x10/0x10
[  241.172869][   T36]  kthread+0x3c5/0x780
[  241.176920][   T36]  ? __pfx_kthread+0x10/0x10
[  241.181492][   T36]  ? rcu_is_watching+0x12/0xc0
[  241.186240][   T36]  ? __pfx_kthread+0x10/0x10
[  241.190811][   T36]  ret_from_fork+0x5d7/0x6f0
[  241.195390][   T36]  ? __pfx_kthread+0x10/0x10
[  241.199958][   T36]  ret_from_fork_asm+0x1a/0x30
[  241.204715][   T36]  </TASK>
[  241.207992][   T36] Kernel Offset: disabled
[  241.212318][   T36] Rebooting in 86400 seconds..