last executing test programs:

3m0.977304927s ago: executing program 2 (id=3050):
r0 = socket(0x22, 0xa, 0x4000000)
getsockopt$bt_hci(r0, 0x0, 0x3, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="02010000000000142bbd70000200000005000a004e221c244cf400dbd78b03600000000000000000010400000000000000030006000400000100000000e000000100080000eae8d288eccd9ea0e9da5be0a1c290bcf87d37220959b3429247ee4ad8943b41d81f7ffe7cd1105d5e4196e473c0dc6a4088e68042c192e44b0de353bd72fe9fdd02607aff42451e281969db9cabc6d3778364e1598afd841db7ec8e9c9af8c5ad08e70caa932807c3dda36823355d553e39e00cdc617aac7c95114edf593cef2e6fb77652c85ec0e0782897426c8c0d665e81319e5e6931eed98d"], 0x50}}, 0x0)
r3 = getpid()
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
ptrace$ARCH_FORCE_TAGGED_SVA(0x1e, r3, 0x0, 0x4004)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'geneve1\x00'})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0), 0x0, 0x1, 0x0, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
ptrace$ARCH_GET_UNTAG_MASK(0x1e, r3, &(0x7f0000000180), 0x4001)
setsockopt$inet_tcp_int(r4, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
sendmmsg$inet(r4, &(0x7f0000002f00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20004000)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r5, 0x29, 0x1a, &(0x7f0000000100)=0x6, 0x4)
r6 = syz_usb_connect(0x3, 0x73, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000396d0940fd101315ce7e0102030109026100010000000009040001"], 0x0)
syz_usb_connect(0x2, 0x9a2, 0x0, 0x0)
r7 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
preadv(r7, &(0x7f0000000540)=[{&(0x7f0000000080)=""/166, 0xa6}], 0x1, 0x6, 0x4)
syz_usb_control_io$printer(r6, 0x0, 0x0)
syz_usb_control_io$printer(r6, 0x0, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), r0)
sendmsg$WG_CMD_GET_DEVICE(r8, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000002c0)={0x0, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x1)

2m56.010918836s ago: executing program 2 (id=3063):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r2)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r3 = gettid()
syz_open_procfs(r3, &(0x7f0000000040)='timerslack_ns\x00')
ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5393, &(0x7f0000000000))
syz_open_dev$usbfs(&(0x7f0000000100), 0xffff, 0x41)
ioctl$sock_rose_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0xa, 0x4c831, 0xffffffffffffffff, 0x0)
read$msr(r0, &(0x7f0000000300)=""/11, 0xb)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))

2m54.768907529s ago: executing program 2 (id=3066):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00'}, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x84)
bind$inet6(r5, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
shutdown(r5, 0x0)
setsockopt$sock_linger(r5, 0x1, 0xd, 0x0, 0x0)
sendto$inet6(r5, &(0x7f0000000100)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c)
close(r5)
listen(r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000001100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000300)}}], 0x2, 0x0)

2m53.786772972s ago: executing program 2 (id=3068):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x300, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @counter={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x1}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x101}]}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0xa, 0x84}}}, 0xb0}, 0x1, 0x0, 0x0, 0xc800}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$bind(&(0x7f0000000340)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0xa1c08, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0)
mount$9p_unix(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x12d5498, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0x2, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
read$FUSE(r2, &(0x7f0000000540)={0x2020}, 0x2020)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000240)=0x5c2dc4ab, 0x4)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x11c0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r5 = socket$inet_icmp(0x2, 0x2, 0x1)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000040), 0x1000084, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1c0000001e007f109e", 0x2a}, {&(0x7f0000000140)="78cafb73fc02010700000000ef02258f2e440ab8f9e6aaeb1ae2f6e8bcb5ee52dc06b6c9ad11cb5dbc249798093c5102a1bca0b6050000004f6e6b788b3219c233e60ddc36024a99a63e7238fe9f9b06f96137c8af12b6", 0x98}], 0x2}, 0x4000000)

2m52.607617216s ago: executing program 2 (id=3070):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000007580)={0x0, 0x0, 0x0}, 0x48040)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
unshare(0x2c020400)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885, 0x800, 0x2, 0xffeffc03}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_MKDIRAT={0x25, 0x8, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)='./file0\x00', 0x104, 0x0, 0x1})
io_uring_enter(r2, 0x351e, 0x483, 0x0, 0x0, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000000)={@my=0x0})
socket$unix(0x1, 0x5, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x80044940, &(0x7f0000001fc0))

2m51.979802204s ago: executing program 2 (id=3073):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff})
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c020000", @ANYRES16, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f4010880700000804800098028a25880060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000008000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a004e200000040100000000000000000000ffffac14142a06000000240001000000000000000000000000000000000000000000000000000000000000000000d400", @ANYRES16=r2], 0x21c}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0xc, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @printk={@x}]}, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = socket$alg(0x26, 0x5, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, &(0x7f0000000300)=0x5, 0x4)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}}, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b0000000800", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2m51.265524984s ago: executing program 32 (id=3073):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff})
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c020000", @ANYRES16, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f4010880700000804800098028a25880060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000008000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a004e200000040100000000000000000000ffffac14142a06000000240001000000000000000000000000000000000000000000000000000000000000000000d400", @ANYRES16=r2], 0x21c}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0xc, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @printk={@x}]}, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = socket$alg(0x26, 0x5, 0x0)
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x67, &(0x7f0000000300)=0x5, 0x4)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}}, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b0000000800", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

12.442776792s ago: executing program 1 (id=3574):
socket$kcm(0x10, 0x2, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'xfrm0\x00', <r3=>0x0})
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000000)=0x5, 0x4)
sendto$packet(r1, &(0x7f0000000080)="33031600", 0x4, 0x40008c1, &(0x7f00000000c0)={0x11, 0x86dd, r3, 0x1, 0x62}, 0x14)

11.847822735s ago: executing program 1 (id=3578):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x94173000)
socket(0x10, 0x2, 0x0)
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x80)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101040)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x100000000000106)
socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001dc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad0e0e2b45d14ee446b840edaa1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c50ce6a8e9f65de13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87915ed063f608dddb03a95b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000c3d51d9a161446b4373e06a9e07f8a000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b2844869"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r2 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r2, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
shutdown(r2, 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
inotify_init1(0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000801000000000000004000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_GET_MP_STATE(r6, 0x8004ae98, &(0x7f0000000140))
r7 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000280), 0x18b000, 0x0)
ioctl$PTP_PIN_SETFUNC2(r7, 0x40603d10, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x80)

8.760663577s ago: executing program 0 (id=3588):
r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000006e80), 0x8a500)
fcntl$setstatus(r0, 0x4, 0x8800)

8.567110903s ago: executing program 1 (id=3589):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, 0x0, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007", @ANYBLOB, @ANYRES32=0x0], 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
acct(0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r5, 0x8982, &(0x7f0000000080))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001640)=@newtaction={0xf0, 0x30, 0x1, 0x2, 0x25dfdbfc, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x2, 0x0, 0x446, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, 0xfffffffd}}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x0, 0x401, 0x1, 0x0, {0x0, 0x0, 0x0, 0x401}}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x8010}, 0x2000000)
fchownat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x8, 0x3, 0x2e8, 0x150, 0x11, 0x148, 0x150, 0x10, 0x250, 0x2a8, 0x2a8, 0x250, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @remote, 0xffffff00, 0xffffff00, 'nicvf0\x00', 'bridge_slave_1\x00', {0xff}, {}, 0x84, 0x3, 0x18}, 0x10, 0xe8, 0x150, 0x1c, {}, [@inet=@rpfilter={{0x28}, {0x7}}, @common=@osf={{0x50}, {'syz1\x00', 0x0, 0x8, 0x1}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0xa, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ip={@loopback, @rand_addr=0x10, 0x0, 0x0, 'syzkaller0\x00', 'dvmrp0\x00', {}, {}, 0x0, 0x1}, 0x0, 0xc0, 0x100, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00', 0x0, 0x1, 0x2}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x8, 0xa, "602c4e1da4b651d69f61fd40e9985933ad459f3d59ccf16f0d0ef758ba42"}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x348)
r9 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r11, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x1, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
r12 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0xd0f, 0x70bd2a, 0x0, {0x60, 0x0, 0x0, r11, {0x0, 0xf}, {0xfff2, 0xa}, {0x7}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7, 0x8, 0x400004, 0x0, 0x7}, 0xf0, 0x0, 0x31a, 0x3, 0x88a, 0x0, 0x8e, 0x1f, 0x5, 0xff, {0x6696, 0x2, 0x800, 0x5, 0x0, 0x5}}}}]}, 0x78}}, 0x4000)

8.443153458s ago: executing program 0 (id=3592):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = getpid()
syz_pidfd_open(r0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x4, &(0x7f000022c000/0x3000)=nil)
r3 = socket(0x2b, 0x80801, 0x1)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r5=>0xffffffffffffffff}, 0x2, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f00000002c0)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e21, 0x0, @mcast2, 0x1739d2b3}, {0xa, 0x0, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}}, r5, 0x3}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000480)={0x3, 0x40, 0xfa00, {{0xa, 0xfffc, 0x0, @dev={0xfe, 0x80, '\x00', 0x11}, 0x5}, {0xa, 0x0, 0x0, @loopback}, r5}}, 0x48)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f00000000c0)=[{0x2, 0x0, [0x1, 0x5, 0x0, 0xe76, 0xffff, 0xfffffffe, 0xc491, 0x9, 0x3, 0x9, 0x9, 0x4, 0x30000, 0x9, 0x7cb, 0x44]}], r5, 0x1, 0x1, 0x48}}, 0x20)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d0, 0x0, 0x5c, 0x160, 0x0, 0x3e0, 0x228, 0x228, 0x25a, 0x228, 0x228, 0x4, 0x0, {[{{@uncond, 0x5002, 0xa8, 0xf0, 0x52020000, {0x0, 0x6802000000000000}}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x7fff, 0x9, 0x7, 'syz0\x00', {0x719}}}}, {{@ipv6={@private0, @private2, [0xffffff00, 0x0, 0xffffff00, 0xff], [0xff, 0xffffff00, 0xffffff00, 0xffffff00], 'tunl0\x00', 'pimreg0\x00', {0xff}, {0xff}, 0x33, 0x4, 0x9456fff08070a538, 0x70}, 0x0, 0xa8, 0x110, 0x0, {}, [@inet]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x82b, 0x0, 0x0, 'syz0\x00', 'syz0\x00', {0x8000800000000000}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x36d)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40080, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x58, 0x0, 0x9, 0x201, 0x0, 0x0, {0x5, 0x0, 0x2}, [@NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_PRIV_DATA_LEN={0x24, 0x5, 0x1, 0x0, 0x3}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8}}, @NFCTH_TUPLE={0x24, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010102}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0xc000)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f0000000080))
ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000000000000000000050000000000000000000000030000000000f100ffffffff"])
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)

7.566611106s ago: executing program 1 (id=3594):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = getpid()
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002240)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0020000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc3600040543a34b195c6a8fc054282cd41b264906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af41000000000000007f5ab0d534b8d63e4ca3be71f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733097f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee24250d6d9cf19878dd62c53062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b017d23c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b9ee4a0a0b9636bef4c23788494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74587100e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f26c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada4764320889000000000000000000000000000000a790af4fc17872b55b10db99e212d18193235659df45627da300959eafc8bfb44f70d250f8f2e86532700254c9a8b14999f59c8b9034c4bb2448eaeff5db21d4a7f3d974790d4c3cba7c402f50585b9289d86400679e5c2bcacb2841ca074d51fdb4a29e84d72b6c996cfbee06aa52cd632e82ba068e8e1572ef2eb414ba5fccfc3c03e64df6a9cc3936c604aa2c0e2ec7b777475023f29b146af003472ce146a5ff997ba53c51026c0096154f9280a34bbf21d66f57a250b5397766122fc86950ce5252e96868cd04df54764cf2082153d6cedd8aaf9700c734aa4a1cb33a2e0a13c5687be4de327511bff9816d13c3219dac1c1535f10243db6f96960ea6a621f5e1b7babbedf0a6bf0cf74123d2e78d01be2b048883a2459eec630fb0293d28d9799fd3a792caff693fd9f002f14c43fb5a1051cc686b7f114d7927eed559bdf2e8ddea3e61d5d942b63fe90230b2e1948fc563ef94d437281671d2fe5032d2a091fa842b0af2e116ba"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040), 0x10}, 0x94)
r5 = getpgid(r3)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x1, @ANYBLOB="5bd000"/20, @ANYRES32, @ANYRES32, @ANYBLOB="020000000400000100000000000000000000ebffffffffffffff0000"], 0x50)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFLAGS(r7, 0x80086601, &(0x7f0000001040))
kcmp$KCMP_EPOLL_TFD(r3, r5, 0x7, r6, &(0x7f0000000280)={r7, r4, 0xf319})
r8 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000840), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r8, 0x2f00020b, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xae5b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r9 = syz_open_dev$vcsn(&(0x7f0000000000), 0x80000001, 0x2000)
ioctl$VHOST_NET_SET_BACKEND(r9, 0x4008af30, &(0x7f0000000240)={0x2})
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r2, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/4082, 0xff2}], 0x1}, 0x5}], 0x40000000000000d, 0x2000, 0x0)

5.436529189s ago: executing program 0 (id=3598):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000140)={0xbf48ce7, "1803c809800000000800000000000000000000000000d63175876b4c69a600"})
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000000)={0x2, "fa02c80a3a1e9d4b9aaf000000008d674fe69b5b7638dd031dd7504fe5809639"})
prlimit64(0x0, 0x7, &(0x7f00000003c0)={0x4, 0xd7}, 0x0)
fcntl$getflags(r0, 0x0)

5.048268653s ago: executing program 5 (id=3600):
r0 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3d, &(0x7f0000000340), 0x4) (fail_nth: 2)

4.986160971s ago: executing program 5 (id=3602):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0100"/14, @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000080000000000000000000001811"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (fail_nth: 2)

4.977304041s ago: executing program 0 (id=3603):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400001000000300"/19, @ANYRES32=0x0, @ANYBLOB="312000002cd202000c002b80080003000200000008001b0000000000"], 0x34}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
r4 = dup2(r2, r2)
write$tun(r4, 0x0, 0x46)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@bloom_filter={0x1e, 0x4, 0x168, 0xffff322f, 0x11107, r4, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x2, 0x1}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
unshare(0x22020600)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r5}, &(0x7f0000000000)=0x7d8, &(0x7f0000000180)='%ps    \x00'}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(0x0, 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000000)='./file1\x00', &(0x7f0000000180), 0x0, 0x0, 0x3)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="640000000206010800000000000000000000000914000780080011400000000005001500227facd5050005000a000000050001000700000005000400000000000900020073797a320000000015000300686173683a69702c706f72742c6e6574"], 0x64}}, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000240)={0x0, 0x7fffffff})

4.875866116s ago: executing program 5 (id=3604):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113140000000000bf1000000000000025000200091b00003d030000000000008701000000000000bc26000000000000bf67000000000000340300000ee600f0670200001400000016030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000000500000095"], &(0x7f0000000f80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x18)
timer_create(0x2, 0x0, &(0x7f0000000040)=<r3=>0x0)
timer_gettime(r3, &(0x7f0000000180))
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
pipe(&(0x7f0000002200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$inet6_tcp_TLS_TX(r4, 0x6, 0x1, &(0x7f0000002240)=@gcm_256={{0x304}, "927df76d0c03d331", "cf31dd77a47abf43a60f0afd07ec00a49bc7f971479c6ccf6559de57ac3e28cc", "e56909fa", "35f3c07e9b21216e"}, 0x38)
ioctl$PPPIOCSFLAGS1(r1, 0x40047457, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x2}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x14, 0x18, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
syz_open_procfs(0x0, &(0x7f00000000c0)='net/dev\x00')
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})

4.763962292s ago: executing program 5 (id=3605):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
lseek(r0, 0xa, 0x4)

4.23554367s ago: executing program 3 (id=3606):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'wlan0\x00'})
epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0xa0000004})

3.737632161s ago: executing program 0 (id=3607):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000800)=@bpf_tracing={0x1a, 0x1a, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffb}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @snprintf, @tail_call, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0x5}]}, &(0x7f0000000040)='GPL\x00', 0x4, 0x30, &(0x7f0000000180)=""/48, 0x41100, 0x11, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x1002d, 0xffffffffffffffff, 0x4, &(0x7f0000000740)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f00000007c0)=[{0x3, 0x1, 0xc, 0x2}, {0x4, 0x1, 0xe, 0xc}, {0x4, 0x3, 0xd, 0x6}, {0x0, 0x2, 0x4, 0x5}], 0x10, 0xae}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$alg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'das16m1\x00', [0x4f27, 0x9, 0x10000, 0x4, 0x5, 0x5, 0x8, 0x7, 0xa, 0xfd, 0x2, 0x1, 0x201, 0x1, 0x6, 0x101, 0x8, 0x7f, 0x3, 0x40000003, 0x89, 0xcaa3, 0x0, 0x20001e58, 0xb, 0xe66, 0x3, 0x8, 0x4085, 0x0, 0xfffffff8]})
r3 = gettid()
r4 = eventfd(0x0)
kcmp$KCMP_EPOLL_TFD(r3, r3, 0x7, r4, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(r3, 0x0)
sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2400c040}, 0x8)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)={0x14, 0x3, 0x6, 0xc03}, 0x14}, 0x1, 0x0, 0x0, 0x10000000}, 0xc081)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e900232b8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000200)="c67f0d7df9", 0x4b}], 0x2)
r7 = syz_pidfd_open(r0, 0x0)
setns(r7, 0x24020000)
syz_clone(0xfdba2180, 0x0, 0x0, 0x0, 0x0, 0x0)

3.464816462s ago: executing program 1 (id=3608):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x3, 0x10004, 0x5}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)
personality(0x500006)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="290000002000190f00003fffffffda0602000028", 0x14}], 0x1)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r4, &(0x7f0000000000), 0xfffffecc)
splice(r3, 0x0, r5, 0x0, 0x4ffe6, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000000c0), 0x0, 0x20084010)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x2c020400)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000000000000030000000700000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd4, 0x0, 0x2e)
socket$inet6_tcp(0xa, 0x1, 0x0)

3.462755869s ago: executing program 3 (id=3609):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000002300)='./file0\x00')
r0 = open$dir(&(0x7f0000000080)='./file1\x00', 0x20880, 0x3e)
execveat(r0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000380), &(0x7f00000004c0)={[&(0x7f0000000440)='\xb8\xc8\x88\b', &(0x7f0000000240)='j\x9bMF', &(0x7f0000000280)='\xc9\xb0K', &(0x7f0000000200)='mL\x91\xf3', &(0x7f0000000000)='afs\x00\r\xac58;#K\x17\'\xd0 O\xe8\xe8=k{\xafu\x91px{', &(0x7f0000000340)='\x00', &(0x7f00000003c0)='+}u+\\-$)\xe6\x00', &(0x7f0000000400)='\x00\x00\x00\x10\x00', &(0x7f0000000140)='@)\x1c\x00', &(0x7f0000000300)='\x01\xd8\x99\x1ce\x02\xdb\x91\btj\b\xcd\xc7D\xa5\xe2\x00\x00\x00\x00']}, 0x1000)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x201, 0x4800003e, r1, 0x0)

3.191616889s ago: executing program 5 (id=3610):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x28002)
write$binfmt_aout(r0, 0x0, 0xc8)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)=<r1=>0x0)
getpgrp(0x0)
prlimit64(r1, 0xd, &(0x7f0000000140)={0x4, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2d2440, 0x0)
r6 = syz_kvm_add_vcpu$x86(0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f000004e000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$inet(r7, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getrlimit(0x3, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
setreuid(0xffffffffffffffff, 0xee00)
setsockopt$sock_int(r7, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r7, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r7, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)

3.138164857s ago: executing program 3 (id=3611):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$sg(0x0, 0x0, 0x8002)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r2)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r3 = gettid()
r4 = syz_open_procfs(r3, &(0x7f0000000040)='timerslack_ns\x00')
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x0, 0x0, 0x600}}, 0x30)
ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5393, &(0x7f0000000000))
syz_open_dev$usbfs(&(0x7f0000000100), 0xffff, 0x41)
ioctl$sock_rose_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0xa, 0x4c831, 0xffffffffffffffff, 0x0)
read$msr(r0, &(0x7f0000000300)=""/11, 0xb)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))

2.27597674s ago: executing program 4 (id=3613):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
copy_file_range(r1, 0x0, r1, &(0x7f00000004c0)=0xdc, 0xfffffffffffffff8, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, 0x1, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008884}, 0x4880)

2.226008079s ago: executing program 1 (id=3614):
r0 = socket(0x22, 0xa, 0x4000000)
getsockopt$bt_hci(r0, 0x0, 0x3, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="02010000000000142bbd70000200000005000a004e221c244cf400dbd78b03600000000000000000010400000000000000030006000400000100000000e000000100080000eae8d288eccd9ea0e9da5be0a1c290bcf87d37220959b3429247ee4ad8943b41d81f7ffe7cd1105d5e4196e473c0dc6a4088e68042c192e44b0de353bd72fe9fdd02607aff42451e281969db9cabc6d3778364e1598afd841db7ec8e9c9af8c5ad08e70caa932807c3dda36823355d553e39e00cdc617aac7c95114edf593cef2e6fb77652c85ec0e0782897426c8c0d665e81319e5e6931eed98d"], 0x50}}, 0x0)
r3 = getpid()
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
ptrace$ARCH_FORCE_TAGGED_SVA(0x1e, r3, 0x0, 0x4004)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'geneve1\x00'})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0), 0x0, 0x1, 0x0, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
ptrace$ARCH_GET_UNTAG_MASK(0x1e, r3, &(0x7f0000000180), 0x4001)
setsockopt$inet_tcp_int(r4, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
sendmmsg$inet(r4, &(0x7f0000002f00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20004000)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r5, 0x29, 0x1a, &(0x7f0000000100)=0x6, 0x4)
r6 = syz_usb_connect(0x3, 0x73, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000396d0940fd101315ce7e0102030109026100010000000009040001"], 0x0)
syz_usb_connect(0x2, 0x9a2, 0x0, 0x0)
r7 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
preadv(r7, &(0x7f0000000540)=[{&(0x7f0000000080)=""/166, 0xa6}], 0x1, 0x6, 0x4)
syz_usb_control_io$printer(r6, 0x0, 0x0)
syz_usb_control_io$printer(r6, 0x0, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), r0)
sendmsg$WG_CMD_GET_DEVICE(r8, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYBLOB="10002dbd7000fcdbdf2500000000060006004e2000000400088008000500010000001400020077673100000000000000000000f2a4ad0000000800070002000100080007006d07000008000700a5"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x1)

2.171160862s ago: executing program 4 (id=3615):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113140000000000bf1000000000000025000200091b00003d030000000000008701000000000000bc26000000000000bf67000000000000340300000ee600f0670200001400000016030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000000500000095"], &(0x7f0000000f80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x18)
timer_create(0x2, 0x0, &(0x7f0000000040)=<r3=>0x0)
timer_gettime(r3, &(0x7f0000000180))
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
pipe(&(0x7f0000002200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$inet6_tcp_TLS_TX(r4, 0x6, 0x1, &(0x7f0000002240)=@gcm_256={{0x304}, "927df76d0c03d331", "cf31dd77a47abf43a60f0afd07ec00a49bc7f971479c6ccf6559de57ac3e28cc", "e56909fa", "35f3c07e9b21216e"}, 0x38)
ioctl$PPPIOCSFLAGS1(r1, 0x40047457, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x2}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x14, 0x18, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
syz_open_procfs(0x0, &(0x7f00000000c0)='net/dev\x00')
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})

2.104843919s ago: executing program 3 (id=3616):
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a98", 0x3, 0xfffffffffffffffe)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x14, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}}], {0x14}}, 0x3c}}, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0xd90, 0x0, 0x6}]})
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2.002610294s ago: executing program 4 (id=3617):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001680)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001640)={&(0x7f00000016c0)=ANY=[@ANYBLOB="60120000130004002dbd7000fcdbdf250a00000008005300", @ANYRES32=r0, @ANYBLOB="08001700ffffffff0c00f300070000000000000040051108800189cbeca8ed21c4d4f7e86a6d3fbea3aa0c7ce42bd9412a33732a7508bc242078e2143e7f741b4dc4012ff72b20c8585a44a35f81483b80d757ec599ee0a1be21689d848bbf48a360a213c6af8d47d873cecdffb07ac151479671972eef5ae98cabddaf3fdfddeda941f73eb36dd012be341d8d595dfd43607fe2dd1422f44e9a3624b2dc034524c696c57e057676b6730188f592ed4ef1d62d99a42ef677f9b0badf233c17aedae83086a6f4e149fbfe3d4c7e737a5792e7dd0940186c616fdb7825b1dc7af097391d4c261dd68f254638caf93404c42665f107325cef9c7c05173172115dafbe0dc3ea347e18c952da1dbaf7e95847fa4c41e2474db5154549b0718929f94db89fede2fd77798daf31a4c662ce421b482a0908b40e2492a946154c816d6603c39402368547e25fe83afaac1b307dfe911314bccc5313990d83e0592c593d65afa2b9ddb150af8fa6341f5bb3ceea166eb4076265ebc56609a317dfbbf2096b22e4e9ec03e89e6c282a7676c56f5d6281127d1dacf802912d6743c4752398b63207964862415623ebd22eb3aabc374ddab6ef550874695d7e57daa29da1940c4ea2ba704f1e00875b705baa6de04bf8833c27f8a679d49d51ecdb71ee1c8ff973c1f6b5c8ff442d786c0de81278645fe2592d5f9369165cebacc5b6f9c9027554172175d07b4d4f03cd3c1c647156657d772e2467bbad2d280efb6fbdb71c9584e1285af0a40925d9d03bd5c2041aef06213d17c76a270200576b7ddfdcfce5116e1637f7b0cc7172926766ee6f14ef6e35eb86f072643111f81cfeec48a75da6be831bbcdba3419b4daaf96ab8a39bd4e68d7fdbb2d97b7c4f22401f88c5d280dbf3c60510f8414a357c580aee6633e02aa00e0c7ccab2aba89f92c389718d59ad324576073ca5f0afb07e444d7a8510d1e8370684a9f3a7769176570b5e4b138a43362d7c43365c2ed29bf4e43706a37d921559dcc9de379a5038981721433637c4f70a65aef12bab49d8b44e9c71d787e4eb04623568df556f530dd80f2adee8d0a315066a9e517d9a14a8d0f69c19820e986f81362c7340e4eaf74ca1dd0c7159782066f9faab9b885201a59426d69c4e89c9cc1d2ed7b54b2c6cfc22661623f7cc3c0ea3f1030a5c30a345cd04176e5eb2b4fcc8fde483f01624fc32fe23ed4eb4d8cb901f29fa5164f9398a89a4f422410572f0e98b4bbf332263065b3ac1c88bf6544089ac2015850f62a40efd8ae4a7d429a2a1886082fec671f129c8e2602555efdcb3eca654bac3418802a06e6afe9889a04929d009ddd881b22a27c9af9987b6135028c6d245454121cdff1beca922f3e24cd9740e8d8dfd5059ea8c6996fdf748f208ad1016a8f579a355b35471f00cf6dc596e6fbefc4c05ce796ecf472d5a85213a0d081a0f4425eae1ce3dd8187e64e9f62b2038b53cdc453fd4f25db76f08919dceeb52cb434425193369fff1f4044ae6860d776f919e08e8cd5216880df9959be49e5da5d15c04c043828a36526a8e9ec8c156f9a6ba221b39e32e2e024bcbca20a054887b62b0755112b67086f8b82e246a0e1b15cf0f6acd4e13e50e97c9b9c72181373d520c7c78d990f61d5e16e0189df4610c47b57d13c1dc58a09b1434efc7716ddb60605eb3695198ba21edac09a441036a9e2fc0248926d93ccb3b97d3c973967b1d8710b5498a4b61318f9f4b07f1cd0a14a1a9f2e1f2b91a352d8256cd187cf33130838a9b7612c8aaf49aa740d49f1982d35087f9cb782cb2e68b0aedb40b77d215a061a5d6cbd74e2d98cc8360256d8f397524056b555bb4c118c8c7141cec4280c2d1e94c39804d3f2bed078369ec867a5cdd2b74659fe62ff5305fc1c50c027690cdb95679be76d8eb0b37ac35b4fc3aec90e69891a1f1bb0c38dd6926f042d3a429d153af642ebe0baf0b97a02a596e21cfc9321c6980a454b6776bb3b03ca6acb85618df023d6e7f04f38d7d59a468307444159e9a0f61213d48413a2f105f23dbc676d8209e7f982406eb6da0d9834ead68411d28d94ae8fd6d9d7b8ef34323e3658e99c92557875606ecd69cd65749d94040de8beaddafb5d016547119112c8d9ab51b5cbcbd8d045494896d1cf913e4b0f065ee7b979aef620315281c2341bb8692541976dbb694e8c535bea1f9df4ffa2d8cde2777f36b11c8a1463a8f5461ce275e37a78e36265654126d462c0c2c67e644827356ed3c03b078e38fdc2eb14e1c805b7c409e64ee5b0ecbdb7ce55f15e6b1ffe0b1e5f42547f05a9fdd082969fe16f58ae8e72c7092a5023581a8968789c3b8f5cc8df701d6dae55072a28bcfbb2720b3672a622ee7fd52b92573fecfdf26d898d8531e61985fd95e64abb3ff7b680929ad2ae29341e7f4512c98070af47824eb68a038788f67d0504fd56063d8c815e1076f520c89b34a9d5e1072f64b9d3093de1ea8d83e2a28a953d0226a365e3da2cbf54daa31239c279624ee69f256b671f0ad5475c26feacd7bad7c3648aa87dc27a13f30666db357dd47cae160ce20550dae80087e415345b2ae28d9468ebd6ec7c2fa5ddfd3b5e8e3823553884293642ae5033fd248449dc9b7a8a27aafef760dfd2d10a3cafbb6e064287cc7483342074b8c19fad2e0e07bdd8a36e0bd002c797d69544bb4809314020d94be5acbb7a2b0ae418d7fe882f75391e3c10a10f821b9957a6bc3615fac50ceff345b0d50a9978923f3f3ffc949f32d55499e9cb083e48bca974c5b144af4924b901c59c435e6074bb9312ac8f5556a5bba58a6e3f718abd019b9c03e721e9f93804148b936bee7bec03af0f14917678bd54dda9f13e311365698ce91d9c8153709d06d9fc3083e8ee46033fc4b72eb644213f5360914b440e363496e1c2815be537183d1c5250fddacf561f77bc0ad597a2af477dc64b56cde1b18ab8e8cef68b8d1799b1e7d9311b151edc715711ceb6fe5fe51f22e3a98c940653db1ae689808682b8611fc603026cbe61ef89beabbd1e0be0ef99c33524eb974d9bfcad8b8c2bfe47720e48f32f692ef0fe875d035f3f5015aedc9070354fac5158f23bb7827447d67e65dbd45f34e533d8e5e9fea8090d74eef0e86e532bfcf7baea8081306497e4e96780ad2baf1ec381c745d916186a741ab62569af1bc67ab708cddf31e724e7370ef1982aafe0932e1fded5abaa0f5afe498eccebb12f3166548e746b1aee6b3f23144a99530f6323c8dc790a012f91bc9a59c7f75d9b15f95537cdfdc66ff5dd6428d43a7b3b399437c8cee8669538b4117319891f792c007eeb6f8f6abbdd295843cf39607c46c7bb0f625c6f57345916b27c4344d7884ec03db0f422656eefe47a3fc08b30ee0ea2de4b1428f455228502dc79eda23c466c37d4b8af235ccbd79a4b293a2fe2688e8a31e47802dac3a1b416f06ac7ad3921ec95977865a2c3ff109d94b98988fcc37c6352716ba8a64136e6110ee0534a1b7db6633b3d2df997b2781b8139f4a5939dfe9d00776f8cb00cc55873b85003a2a081beb2d3d49f25aa4e419da3f5eff026f9efe2f6b6f2c066984460c5eb683b0fd22b6c8f19e466ebce0c2bbdc3c0a929d30e54e5e6a977efbdcf6f1444127cfd858acf9d72f02d1f156b19fa1a7b5ffae3637834af7768113a6fd68f125b8e3100c30ce22894928d6f1d282e8dcd76e798c46d14ad0b6a7bb928c65989e3490e800f63494374ecff90c256849c4f6d7671e22375c6002b287865f51222a0900eb3722c6610a77372dd9bc00d19f84141cf8757e69123072e683ceac4d8db277505cf0c11c4b29cd2cf3c0f3738f45ae0a383e75d74c5a7989d21ab0d6493d34d0ce9e529dcc87c544942df70dfdd08c72ad46f2c1cc7ccdce763a2ced5f1531f2a2a8b57e96dd5b32c3e7764b6e760b5ffc11ed872a13fa5df9dfdeefcf82ba7a97e27b9651ccea4c5cd39949ed15229a7db28d16e1accd54ef9f9212e023466b05ea4f73553e79f62903378be513a5a479649cf5e2a250b6cde22961b585603adf533b8391596ce313184b123493f3cca985f6bbe68f04bda5079bd322a63dcaad257e072236f79204c6984d25beb52a3a2c853d02fb5151c28297d52bfc208812f0505eddea4e6ee5d6c8de1772b64484219532a290f62f3913eb65a796ef71a07551a222a9d0bed14ec0d88d3b0d13a33251ff976d667d8a9218c83ea99d17526406adb65192614039785f9220be4d5f9564d694fe7691862891c17722e5125de3a5c51cb48ce36e51bb74c04dd7fc9f7cbe7f452080611839537548b9503922d562b9b21eca396f624add8c3f65d6826b19c61b1cd4a891776ebc0748efa2ae9d05fa653a4c5c4bd8ceeba4f088ce30856db05cd34e0c023fdc91c5c4fc75abf05c67f6aff7d7f253e3648bbea04c671c9d2edd363d85bd52774b14a431f1fb14f523c14f144bca03bd1e831fc8f4939ec4c575df16ba4de002a3dfc2ef9b7899961dbcfdd7474207c4bfa40355cd82e91f5230cf40000e867e7edec5a9eec7cf190bb4b537f4982b38a349b7a21f40c3ff9bcbf99aa340b92b984706c853e4ee0307a752fff2e223314c5826a9944be69b547cb05db7ca8afd6e36fa3ee184bbf567891c85d6e3a8529ac2625a08d9beee1dfc498e48e43ff04088dd454c7b088eeff12ca44e0d65c606ed991540fa3f218b86df118b2de2f18f8c9778a44c5ab87340a5efee5968c1abf1d7168ef54b698cc0aace7a5358d59e77169dcfc0f251e97d2a498839ef9ef1c2b766a42b298639c32972df4e3dc25970eabab239ee47b1283a2f1c64ad22f9058f3b146c9166c10e0dace7e513f0d3401e9d7b81a97f7092c9ceb64c856ce7b6856669ff158f79bf0cb3a52a6c687944053e3420be6db1ab9cb253185a99b211d2915274be8aff9bb973dcfb33ff5b4987824f45becb21d1c38b9e69d9075057fd3102806a2c0502f8a3c2757af85c4978afbc849c45783ecb1f428d926914e1ec3ec3031aed98f77f4cbfe9ce0ef930b1d4fb7e2b6111c6cc085f97a5177d7b95f0e97fcc08255c58aa2ee0262d04b08ab067a400ecd8dc184052c4a54284af4be4d739b0304c72b6367516ea2a38cdd7ea74719b1186414d8e3dcb0ecc96eb4f133d4b7f72970afd8c61c28d64e7ab12f1897a8de338588d62e241981b4e99d5c13d1e52b563cdfce3c194d26a2942f532eab2728cccfc5a69f7c0b3ff95c3c9ecce00ee59dc44e0d6d0f5291631acb3fa11595c7d8528b7e4a5f80ed0f338e551a551beec4ae7e92170a690a5ad5643c48d6769e14b4eaf043ee0b951827b127b15ee09844100e87ed97f6b7de7134698a99c1787e803d93fe5c93a399d609e4532a6a4ee75477fcc2dc90c1048da8adb06921c26a24e2f73e4ea227157b1d3d014be7dc62c0a616f4919c33d5f8444e9d5d783d3af775c4b8c511272852b5a1efc4e405569883acf0addc214787fee2c69932e18ba69f78c1a1d6985ec9b28e0c33260b80ed0d095727cbb4e5573319c8e46da6e64c3ae4b9ac688935180c053ebc89b186a186a188fc53327a7e612790e97d6c6f608bdea3d2a557e5b01598328351cff4d77cbd4bd50955177ab6198acc151d8d7078e6910bf941bd9e91257263be09540ae9b9633e3bb6741def3978a94996f14851705861ec889aa3d9257311fcd2bf059fb97e951d18c92a1188dfcbf6e7a160bce9ecb5eeb53336c79af97be2b9046f5b77e6a5232b47ea29ed266f013559911fad2e48762be221b6cdc4fc41d1bc15bc20b6f17ea7dbbde332315d38a9f98f096ffd9232114945cb5466a3f0389d5a71b1ec1074a6ebbfedb16a39893b89335a77c5d9d47d7f565beb22f8380c60f3ab5b676e82b62b69d6f235eef94717fdad9302d179439caea641a1c5a4effcbbc6ddc2cc0f38d44dc3028f7ecb473f58258bddd3507b8d7f3caeab2bfc82339ac3f320028548d4c33eccdf5c347a2409a0508a0cb1d2c3dc6bf9ee32c33e8e2d494ef2b9d237bc6ecda9bd2b31e19eecd107dd8cbff0a0117a030b6dd4afc3d1069d8995988f2cca0707c0aa3ab99274ac2f2579c5166505b8de78deb184bbef7e19f93f4751dffe6678b08f33cb0b9fdda5d77782226ec63f4442425dc5e3d82336b79742d101565dff943b9a668040066800000000e0019002f6465762f76626923000000ec8dafe701e8fb41e7cf5a430ebd478709001301d5466aae90b18041c5454caa23143eae99a1985a83138a6e84e2dcb5c17ce04a2249f155f3be0ed439f29f2efe772708fa2e3e3379b99efb2d7637421efc2f52639a9f498037c61f337de1d7828d3039595069ad40297413af00557c5573113078845c1a72a06f624de4bd9a97ac90202eb6b43175fb863fc6646dcc883158e6a0420bf3a6f01491aec88ca44005fafaa602efd7e4f4252398b226a3f810f31f8043edeec812b1f33aa8dfc4f0524c61f15e06113e8dc6e9897c5e54930d4032e06405dffb7fd8bd95f1e35588ba8942fed84ea8bd101811e496c165084952beb5fc0e115b560880996fd76f1f3ace6b97d475a18b8b1e0e120de1442d51531b000000"], 0x1260}, 0x1, 0x0, 0x0, 0x20}, 0x4004000)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x10, 0x80, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x2}}, 0xb8}}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x188}}, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f00000003c0)={0x1, @pix_mp={0x5, 0x6, 0x4c47504a, 0x1, 0x2, [{0x7, 0x2}, {0x1, 0x9}, {0x1, 0x7}, {0x1, 0x7}, {0x0, 0x9}, {0x1, 0x7}, {0x0, 0x3ff}, {0x0, 0x7}], 0xf, 0x7, 0x2, 0x2, 0x2}})
r4 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0x8af, 0x640, 0x0, 0x2, 0xd59f83, 0x19f2, 0x42, 0xf2, 0x3, 0x40003, 0x2803, 0x2800, 0x2, 0xba2, 0xd, 0x3, {0x8, 0xffffffff}, 0xd0, 0x9}})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000180)=0x15)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x88}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r8 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r8, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000200)={0x0, 0x0})
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xd2}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x6}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x5c}}, 0x0)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r5, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x0, 0x3681201271e72b69, 0x70bd2c, 0x25dfdbfe, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008804}, 0x8001)

1.967146688s ago: executing program 0 (id=3618):
syz_usb_connect(0x1, 0x2d, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES64, @ANYBLOB="c655130e15379836bc8e50591ab7883b00fb54b37a43df47943de1a3f02aa1fba1af379841f9989c613a757963ba67f5df4f051412a13df0", @ANYRES32], 0x0)

793.626388ms ago: executing program 4 (id=3619):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000080)={[0x8, 0x9123, 0xe, 0x875, 0x1, 0x1, 0x0, 0x7, 0x9, 0x83, 0x80000000, 0xfffffffffffffd92, 0x3, 0x9, 0xffffffff, 0x5], 0xf000})
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f00000000c0)=ANY=[])
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 2)

499.488488ms ago: executing program 3 (id=3620):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x48, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x6}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x48}}, 0x0)

480.792265ms ago: executing program 5 (id=3621):
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r1 = syz_open_dev$vcsu(&(0x7f0000000140), 0x1, 0x10000)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e24, @loopback}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1, 0x10122, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000180), 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(r3, &(0x7f0000006380)={0x2020}, 0x2020)

456.740252ms ago: executing program 4 (id=3622):
socket$kcm(0x10, 0x2, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'xfrm0\x00', <r3=>0x0})
sendto$packet(r1, &(0x7f0000000080)="33031600", 0x4, 0x40008c1, &(0x7f00000000c0)={0x11, 0x86dd, r3, 0x1, 0x62}, 0x14)

422.214589ms ago: executing program 3 (id=3623):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000001540)={'tunl0\x00', {0x2, 0x4e23, @local}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r3, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000800020100c0"])
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x1f4, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)
socket$nl_route(0x10, 0x3, 0x0)

0s ago: executing program 4 (id=3624):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
close(r0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x30004081)
recvmsg(r0, &(0x7f0000000dc0)={0x0, 0x0, 0x0}, 0x102) (fail_nth: 2)

kernel console output (not intermixed with test programs):

dit: type=1400 audit(1752825116.386:3144): avc:  denied  { watch } for  pid=21162 comm="syz.1.3231" path="/43" dev="tmpfs" ino=239 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1278.836596][T17980] aqc111 4-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 1279.025790][   T30] audit: type=1400 audit(1752825116.386:3145): avc:  denied  { watch_sb } for  pid=21162 comm="syz.1.3231" path="/43" dev="tmpfs" ino=239 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1279.042981][T17980] aqc111 4-1:1.105 eth5: register 'aqc111' at usb-dummy_hcd.3-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 20:fc:94:45:3a:41
[ 1279.114507][   T30] audit: type=1400 audit(1752825116.686:3146): avc:  denied  { read } for  pid=21162 comm="syz.1.3231" laddr=172.20.20.170 lport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1279.187491][T17980] usb 4-1: USB disconnect, device number 81
[ 1279.218160][T17980] aqc111 4-1:1.105 eth5: unregister 'aqc111' usb-dummy_hcd.3-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[ 1279.343617][T17980] aqc111 4-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1279.366542][T17980] aqc111 4-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1279.386234][T17980] aqc111 4-1:1.105 eth5 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[ 1280.109945][T21194] fuse: Bad value for 'rootmode'
[ 1282.691520][   T30] audit: type=1400 audit(1752825120.086:3147): avc:  denied  { append } for  pid=21232 comm="syz.4.3245" name="comedi3" dev="devtmpfs" ino=1279 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1283.544974][   T30] audit: type=1326 audit(1752825120.496:3148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21241 comm="syz.3.3246" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1541f8e929 code=0x0
[ 1283.823937][   T30] audit: type=1400 audit(1752825121.346:3149): avc:  denied  { create } for  pid=21232 comm="syz.4.3245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[ 1284.221215][   T30] audit: type=1400 audit(1752825121.346:3150): avc:  denied  { sys_admin } for  pid=21232 comm="syz.4.3245" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[ 1285.874810][T21281] bridge_slave_0: invalid flags given to default FDB implementation
[ 1286.539181][   T30] audit: type=1400 audit(1752825123.956:3151): avc:  denied  { create } for  pid=21298 comm="syz.1.3258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1286.568766][   T30] audit: type=1400 audit(1752825124.016:3152): avc:  denied  { bind } for  pid=21298 comm="syz.1.3258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1286.764217][T21304] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3259'.
[ 1286.878711][   T30] audit: type=1400 audit(1752825124.446:3153): avc:  denied  { create } for  pid=21306 comm="syz.0.3260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1287.080181][   T30] audit: type=1400 audit(1752825124.446:3154): avc:  denied  { read } for  pid=21306 comm="syz.0.3260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1287.386301][T21323] FAULT_INJECTION: forcing a failure.
[ 1287.386301][T21323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1287.420992][T21323] CPU: 1 UID: 0 PID: 21323 Comm: syz.1.3262 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1287.421022][T21323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1287.421033][T21323] Call Trace:
[ 1287.421040][T21323]  <TASK>
[ 1287.421047][T21323]  dump_stack_lvl+0x16c/0x1f0
[ 1287.421080][T21323]  should_fail_ex+0x512/0x640
[ 1287.421111][T21323]  _copy_from_user+0x2e/0xd0
[ 1287.421130][T21323]  copy_msghdr_from_user+0x98/0x160
[ 1287.421165][T21323]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1287.421204][T21323]  ___sys_sendmsg+0xfe/0x1d0
[ 1287.421233][T21323]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1287.421259][T21323]  ? __lock_acquire+0x622/0x1c90
[ 1287.421306][T21323]  __sys_sendmsg+0x16d/0x220
[ 1287.421334][T21323]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1287.421376][T21323]  do_syscall_64+0xcd/0x4c0
[ 1287.421396][T21323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1287.421415][T21323] RIP: 0033:0x7fa69398e929
[ 1287.421430][T21323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1287.421448][T21323] RSP: 002b:00007fa6917f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1287.421466][T21323] RAX: ffffffffffffffda RBX: 00007fa693bb6160 RCX: 00007fa69398e929
[ 1287.421478][T21323] RDX: 000000000000c094 RSI: 0000200000000200 RDI: 0000000000000005
[ 1287.421490][T21323] RBP: 00007fa6917f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1287.421501][T21323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1287.421512][T21323] R13: 0000000000000000 R14: 00007fa693bb6160 R15: 00007ffe5d43af98
[ 1287.421535][T21323]  </TASK>
[ 1288.530859][T21348] netlink: 348 bytes leftover after parsing attributes in process `syz.5.3269'.
[ 1288.547379][T21351] netlink: 348 bytes leftover after parsing attributes in process `syz.5.3269'.
[ 1288.689329][T21358] FAULT_INJECTION: forcing a failure.
[ 1288.689329][T21358] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1288.731210][ T1170] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[ 1288.844664][T21362] fuse: Unknown parameter '�'
[ 1288.885305][T21358] CPU: 0 UID: 0 PID: 21358 Comm: syz.0.3270 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1288.885332][T21358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1288.885342][T21358] Call Trace:
[ 1288.885349][T21358]  <TASK>
[ 1288.885356][T21358]  dump_stack_lvl+0x16c/0x1f0
[ 1288.885387][T21358]  should_fail_ex+0x512/0x640
[ 1288.885424][T21358]  _copy_from_user+0x2e/0xd0
[ 1288.885442][T21358]  core_sys_select+0x2c8/0xc10
[ 1288.885476][T21358]  ? __pfx_core_sys_select+0x10/0x10
[ 1288.885529][T21358]  ? set_user_sigmask+0x21b/0x2b0
[ 1288.885551][T21358]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1288.885577][T21358]  do_pselect.constprop.0+0x19f/0x1e0
[ 1288.885605][T21358]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[ 1288.885642][T21358]  __x64_sys_pselect6+0x182/0x240
[ 1288.885670][T21358]  ? __pfx___x64_sys_pselect6+0x10/0x10
[ 1288.885705][T21358]  do_syscall_64+0xcd/0x4c0
[ 1288.885726][T21358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1288.885745][T21358] RIP: 0033:0x7f34ad58e929
[ 1288.885760][T21358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1288.885777][T21358] RSP: 002b:00007f34ae48f038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1288.885795][T21358] RAX: ffffffffffffffda RBX: 00007f34ad7b6080 RCX: 00007f34ad58e929
[ 1288.885808][T21358] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 1288.885819][T21358] RBP: 00007f34ae48f090 R08: 0000000000000000 R09: 0000000000000000
[ 1288.885830][T21358] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[ 1288.885841][T21358] R13: 0000000000000001 R14: 00007f34ad7b6080 R15: 00007ffebc0c8d78
[ 1288.885865][T21358]  </TASK>
[ 1288.947654][ T1170] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1289.197524][ T1170] usb 4-1: config 0 has no interface number 0
[ 1289.205660][ T1170] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1289.217543][ T1170] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1289.225864][ T1170] usb 4-1: Product: syz
[ 1289.230127][ T1170] usb 4-1: Manufacturer: syz
[ 1289.237139][ T1170] usb 4-1: SerialNumber: syz
[ 1289.246596][ T1170] usb 4-1: config 0 descriptor??
[ 1289.555583][ T1170] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 1289.655055][   T30] audit: type=1326 audit(1752825127.216:3155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21376 comm="syz.1.3274" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa69398e929 code=0x0
[ 1290.021195][ T1170] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1290.069903][   T30] audit: type=1400 audit(1752825127.496:3156): avc:  denied  { bind } for  pid=21380 comm="syz.4.3275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1290.197683][ T1170] dvb_usb_ec168 4-1:0.1: probe with driver dvb_usb_ec168 failed with error -23
[ 1290.313327][ T1170] usb 4-1: USB disconnect, device number 82
[ 1290.319311][   T30] audit: type=1400 audit(1752825127.816:3157): avc:  denied  { append } for  pid=21391 comm="syz.0.3277" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1290.478586][   T30] audit: type=1400 audit(1752825127.846:3158): avc:  denied  { create } for  pid=21391 comm="syz.0.3277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1290.614876][T21408] FAULT_INJECTION: forcing a failure.
[ 1290.614876][T21408] name failslab, interval 1, probability 0, space 0, times 0
[ 1291.330931][T21408] CPU: 1 UID: 0 PID: 21408 Comm: syz.0.3281 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1291.330959][T21408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1291.330971][T21408] Call Trace:
[ 1291.330977][T21408]  <TASK>
[ 1291.330984][T21408]  dump_stack_lvl+0x16c/0x1f0
[ 1291.331021][T21408]  should_fail_ex+0x512/0x640
[ 1291.331047][T21408]  ? fs_reclaim_acquire+0xae/0x150
[ 1291.331071][T21408]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1291.331089][T21408]  should_failslab+0xc2/0x120
[ 1291.331108][T21408]  __kmalloc_noprof+0xd2/0x510
[ 1291.331140][T21408]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1291.331160][T21408]  ? tomoyo_profile+0x47/0x60
[ 1291.331182][T21408]  tomoyo_path_number_perm+0x245/0x580
[ 1291.331211][T21408]  ? tomoyo_path_number_perm+0x237/0x580
[ 1291.331238][T21408]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1291.331264][T21408]  ? find_held_lock+0x2b/0x80
[ 1291.331311][T21408]  ? find_held_lock+0x2b/0x80
[ 1291.331332][T21408]  ? hook_file_ioctl_common+0x145/0x410
[ 1291.331360][T21408]  ? __fget_files+0x20e/0x3c0
[ 1291.331382][T21408]  security_file_ioctl+0x9b/0x240
[ 1291.331411][T21408]  __x64_sys_ioctl+0xb7/0x210
[ 1291.331437][T21408]  do_syscall_64+0xcd/0x4c0
[ 1291.331456][T21408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1291.331473][T21408] RIP: 0033:0x7f34ad58e929
[ 1291.331490][T21408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1291.331506][T21408] RSP: 002b:00007f34ae4b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1291.331525][T21408] RAX: ffffffffffffffda RBX: 00007f34ad7b5fa0 RCX: 00007f34ad58e929
[ 1291.331537][T21408] RDX: 0000200000000000 RSI: 00000000c0386106 RDI: 0000000000000003
[ 1291.331548][T21408] RBP: 00007f34ae4b0090 R08: 0000000000000000 R09: 0000000000000000
[ 1291.331560][T21408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1291.331570][T21408] R13: 0000000000000000 R14: 00007f34ad7b5fa0 R15: 00007ffebc0c8d78
[ 1291.331595][T21408]  </TASK>
[ 1291.757233][T21408] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1291.915688][T21421] FAULT_INJECTION: forcing a failure.
[ 1291.915688][T21421] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1292.061315][T21421] CPU: 0 UID: 0 PID: 21421 Comm: syz.1.3284 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1292.061342][T21421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1292.061351][T21421] Call Trace:
[ 1292.061357][T21421]  <TASK>
[ 1292.061364][T21421]  dump_stack_lvl+0x16c/0x1f0
[ 1292.061395][T21421]  should_fail_ex+0x512/0x640
[ 1292.061424][T21421]  _copy_to_user+0x32/0xd0
[ 1292.061442][T21421]  simple_read_from_buffer+0xcb/0x170
[ 1292.061469][T21421]  proc_fail_nth_read+0x197/0x270
[ 1292.061495][T21421]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1292.061520][T21421]  ? rw_verify_area+0xcf/0x680
[ 1292.061543][T21421]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1292.061566][T21421]  vfs_read+0x1e1/0xc60
[ 1292.061594][T21421]  ? __pfx___mutex_lock+0x10/0x10
[ 1292.061615][T21421]  ? __pfx_vfs_read+0x10/0x10
[ 1292.061645][T21421]  ? __fget_files+0x20e/0x3c0
[ 1292.061666][T21421]  ksys_read+0x12a/0x250
[ 1292.061691][T21421]  ? __pfx_ksys_read+0x10/0x10
[ 1292.061715][T21421]  ? fdget+0x187/0x210
[ 1292.061734][T21421]  do_syscall_64+0xcd/0x4c0
[ 1292.061752][T21421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1292.061768][T21421] RIP: 0033:0x7fa69398d33c
[ 1292.061782][T21421] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1292.061799][T21421] RSP: 002b:00007fa6917f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1292.061815][T21421] RAX: ffffffffffffffda RBX: 00007fa693bb6160 RCX: 00007fa69398d33c
[ 1292.061827][T21421] RDX: 000000000000000f RSI: 00007fa6917f60a0 RDI: 0000000000000006
[ 1292.061838][T21421] RBP: 00007fa6917f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1292.061848][T21421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1292.061859][T21421] R13: 0000000000000000 R14: 00007fa693bb6160 R15: 00007ffe5d43af98
[ 1292.061883][T21421]  </TASK>
[ 1292.407528][ T5963] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1292.829977][ T5963] usb 6-1: Using ep0 maxpacket: 16
[ 1292.919884][ T5963] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1293.049336][ T5963] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1293.086148][ T5963] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1293.116846][ T5963] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1293.175800][ T5963] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1293.190203][T21445] FAULT_INJECTION: forcing a failure.
[ 1293.190203][T21445] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1293.228441][ T5963] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1293.238132][ T5963] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1293.249652][T21445] CPU: 1 UID: 0 PID: 21445 Comm: syz.4.3290 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1293.249678][T21445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1293.249689][T21445] Call Trace:
[ 1293.249696][T21445]  <TASK>
[ 1293.249703][T21445]  dump_stack_lvl+0x16c/0x1f0
[ 1293.249737][T21445]  should_fail_ex+0x512/0x640
[ 1293.249768][T21445]  _copy_from_user+0x2e/0xd0
[ 1293.249788][T21445]  copy_msghdr_from_user+0x98/0x160
[ 1293.249817][T21445]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1293.249856][T21445]  ___sys_sendmsg+0xfe/0x1d0
[ 1293.249885][T21445]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1293.249910][T21445]  ? __lock_acquire+0x622/0x1c90
[ 1293.249961][T21445]  __sys_sendmsg+0x16d/0x220
[ 1293.249989][T21445]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1293.250033][T21445]  do_syscall_64+0xcd/0x4c0
[ 1293.250053][T21445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1293.250072][T21445] RIP: 0033:0x7f0207b8e929
[ 1293.250087][T21445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1293.250104][T21445] RSP: 002b:00007f0208aa2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1293.250122][T21445] RAX: ffffffffffffffda RBX: 00007f0207db5fa0 RCX: 00007f0207b8e929
[ 1293.250134][T21445] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000010
[ 1293.250146][T21445] RBP: 00007f0208aa2090 R08: 0000000000000000 R09: 0000000000000000
[ 1293.250157][T21445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1293.250168][T21445] R13: 0000000000000000 R14: 00007f0207db5fa0 R15: 00007ffdbd8ea5d8
[ 1293.250192][T21445]  </TASK>
[ 1293.416182][ T5963] usb 6-1: Manufacturer: syz
[ 1293.466124][ T5963] usb 6-1: config 0 descriptor??
[ 1293.791087][ T5963] rc_core: IR keymap rc-hauppauge not found
[ 1293.797052][ T5963] Registered IR keymap rc-empty
[ 1293.805587][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1293.948504][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1294.004052][ T5963] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[ 1294.015949][ T1170] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[ 1294.211368][ T1170] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1294.299324][ T1170] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1294.307609][ T5963] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input62
[ 1294.370400][ T1170] usb 5-1: config 0 descriptor??
[ 1294.398126][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1294.406943][    C1] mceusb 6-1:0.0: long-range (0x1) receiver active
[ 1294.421070][ T1170] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1294.446250][T21465] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3295'.
[ 1294.662214][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1294.827105][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1294.865873][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1294.911218][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1294.951152][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1295.053286][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1295.344021][T21476] block nbd0: shutting down sockets
[ 1295.353812][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1295.378258][T21479] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3298'.
[ 1295.409979][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1295.483406][ T5963] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1295.533374][ T5963] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1295.608251][ T5963] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x1 active)
[ 1295.736623][   T30] audit: type=1400 audit(1752825133.306:3159): avc:  denied  { bind } for  pid=21480 comm="syz.1.3299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1296.857077][T21493] FAULT_INJECTION: forcing a failure.
[ 1296.857077][T21493] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1296.870239][T21493] CPU: 1 UID: 0 PID: 21493 Comm: syz.0.3300 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1296.870263][T21493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1296.870274][T21493] Call Trace:
[ 1296.870281][T21493]  <TASK>
[ 1296.870288][T21493]  dump_stack_lvl+0x16c/0x1f0
[ 1296.870323][T21493]  should_fail_ex+0x512/0x640
[ 1296.870353][T21493]  _copy_from_user+0x2e/0xd0
[ 1296.870372][T21493]  copy_msghdr_from_user+0x98/0x160
[ 1296.870405][T21493]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1296.870437][T21493]  ? __pfx__kstrtoull+0x10/0x10
[ 1296.870465][T21493]  ___sys_sendmsg+0xfe/0x1d0
[ 1296.870493][T21493]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1296.870532][T21493]  ? find_held_lock+0x2b/0x80
[ 1296.870570][T21493]  __sys_sendmmsg+0x200/0x420
[ 1296.870599][T21493]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1296.870645][T21493]  ? fput+0x70/0xf0
[ 1296.870665][T21493]  ? ksys_write+0x1ac/0x250
[ 1296.870697][T21493]  __x64_sys_sendmmsg+0x9c/0x100
[ 1296.870714][T21493]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1296.870740][T21493]  do_syscall_64+0xcd/0x4c0
[ 1296.870760][T21493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1296.870778][T21493] RIP: 0033:0x7f34ad58e929
[ 1296.870793][T21493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1296.870810][T21493] RSP: 002b:00007f34ae46e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1296.870828][T21493] RAX: ffffffffffffffda RBX: 00007f34ad7b6160 RCX: 00007f34ad58e929
[ 1296.870840][T21493] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000005
[ 1296.870852][T21493] RBP: 00007f34ae46e090 R08: 0000000000000000 R09: 0000000000000000
[ 1296.870864][T21493] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[ 1296.870875][T21493] R13: 0000000000000000 R14: 00007f34ad7b6160 R15: 00007ffebc0c8d78
[ 1296.870899][T21493]  </TASK>
[ 1297.116427][T21481] delete_channel: no stack
[ 1297.132011][ T1170] gspca_stv06xx: I2C: Read error writing address: -71
[ 1297.142731][ T1170] usb 5-1: USB disconnect, device number 56
[ 1297.450256][ T1170] usb 6-1: USB disconnect, device number 3
[ 1298.830760][   T30] audit: type=1400 audit(1752825136.396:3160): avc:  denied  { setopt } for  pid=21508 comm="syz.5.3304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1299.276548][T21516] FAULT_INJECTION: forcing a failure.
[ 1299.276548][T21516] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1299.306502][T21516] CPU: 0 UID: 0 PID: 21516 Comm: syz.4.3305 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1299.306523][T21516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1299.306530][T21516] Call Trace:
[ 1299.306535][T21516]  <TASK>
[ 1299.306540][T21516]  dump_stack_lvl+0x16c/0x1f0
[ 1299.306561][T21516]  should_fail_ex+0x512/0x640
[ 1299.306581][T21516]  _copy_from_user+0x2e/0xd0
[ 1299.306600][T21516]  copy_msghdr_from_user+0x98/0x160
[ 1299.306627][T21516]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1299.306647][T21516]  ? __pfx__kstrtoull+0x10/0x10
[ 1299.306664][T21516]  ___sys_sendmsg+0xfe/0x1d0
[ 1299.306682][T21516]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1299.306705][T21516]  ? find_held_lock+0x2b/0x80
[ 1299.306729][T21516]  __sys_sendmmsg+0x200/0x420
[ 1299.306748][T21516]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1299.306770][T21516]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1299.306787][T21516]  ? fput+0x70/0xf0
[ 1299.306800][T21516]  ? ksys_write+0x1ac/0x250
[ 1299.306815][T21516]  ? __pfx_ksys_write+0x10/0x10
[ 1299.306834][T21516]  __x64_sys_sendmmsg+0x9c/0x100
[ 1299.306844][T21516]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1299.306861][T21516]  do_syscall_64+0xcd/0x4c0
[ 1299.306873][T21516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1299.306886][T21516] RIP: 0033:0x7f0207b8e929
[ 1299.306895][T21516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1299.306907][T21516] RSP: 002b:00007f0208aa2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1299.306918][T21516] RAX: ffffffffffffffda RBX: 00007f0207db5fa0 RCX: 00007f0207b8e929
[ 1299.306926][T21516] RDX: 0000000000000001 RSI: 0000200000006f40 RDI: 0000000000000003
[ 1299.306933][T21516] RBP: 00007f0208aa2090 R08: 0000000000000000 R09: 0000000000000000
[ 1299.306939][T21516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1299.306946][T21516] R13: 0000000000000000 R14: 00007f0207db5fa0 R15: 00007ffdbd8ea5d8
[ 1299.306959][T21516]  </TASK>
[ 1299.728823][T21525] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3308'.
[ 1299.784430][   T30] audit: type=1400 audit(1752825137.356:3161): avc:  denied  { listen } for  pid=21521 comm="syz.3.3309" lport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1299.808301][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1299.814823][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1299.815474][T21527] Cannot find add_set index 1 as target
[ 1299.821199][ T1170] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1300.005375][   T30] audit: type=1400 audit(1752825137.576:3162): avc:  denied  { write } for  pid=21533 comm="syz.0.3311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1300.061987][T21535] FAULT_INJECTION: forcing a failure.
[ 1300.061987][T21535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1300.100666][T21535] CPU: 0 UID: 0 PID: 21535 Comm: syz.0.3311 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1300.100688][T21535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1300.100695][T21535] Call Trace:
[ 1300.100699][T21535]  <TASK>
[ 1300.100704][T21535]  dump_stack_lvl+0x16c/0x1f0
[ 1300.100726][T21535]  should_fail_ex+0x512/0x640
[ 1300.100746][T21535]  _copy_from_user+0x2e/0xd0
[ 1300.100758][T21535]  copy_msghdr_from_user+0x98/0x160
[ 1300.100779][T21535]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1300.100800][T21535]  ? __pfx__kstrtoull+0x10/0x10
[ 1300.100817][T21535]  ___sys_sendmsg+0xfe/0x1d0
[ 1300.100834][T21535]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1300.100858][T21535]  ? find_held_lock+0x2b/0x80
[ 1300.100882][T21535]  __sys_sendmmsg+0x200/0x420
[ 1300.100901][T21535]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1300.100923][T21535]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1300.100941][T21535]  ? fput+0x70/0xf0
[ 1300.100953][T21535]  ? ksys_write+0x1ac/0x250
[ 1300.100970][T21535]  ? __pfx_ksys_write+0x10/0x10
[ 1300.100989][T21535]  __x64_sys_sendmmsg+0x9c/0x100
[ 1300.100999][T21535]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1300.101019][T21535]  do_syscall_64+0xcd/0x4c0
[ 1300.101037][T21535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1300.101054][T21535] RIP: 0033:0x7f34ad58e929
[ 1300.101069][T21535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1300.101086][T21535] RSP: 002b:00007f34ae48f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1300.101103][T21535] RAX: ffffffffffffffda RBX: 00007f34ad7b6080 RCX: 00007f34ad58e929
[ 1300.101115][T21535] RDX: 0000000000000007 RSI: 0000200000008800 RDI: 0000000000000003
[ 1300.101125][T21535] RBP: 00007f34ae48f090 R08: 0000000000000000 R09: 0000000000000000
[ 1300.101136][T21535] R10: 0000000020004095 R11: 0000000000000246 R12: 0000000000000001
[ 1300.101147][T21535] R13: 0000000000000000 R14: 00007f34ad7b6080 R15: 00007ffebc0c8d78
[ 1300.101169][T21535]  </TASK>
[ 1300.302673][ T1170] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1300.329905][ T1170] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1300.349623][ T1170] usb 6-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00
[ 1300.371268][ T1170] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1300.404734][ T1170] usb 6-1: config 0 descriptor??
[ 1300.559508][   T30] audit: type=1400 audit(1752825138.116:3163): avc:  denied  { connect } for  pid=21536 comm="syz.1.3312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1300.594420][   T30] audit: type=1400 audit(1752825138.126:3164): avc:  denied  { write } for  pid=21536 comm="syz.1.3312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1301.595021][   T30] audit: type=1400 audit(1752825138.626:3165): avc:  denied  { create } for  pid=21542 comm="syz.1.3314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1301.894839][   T30] audit: type=1400 audit(1752825138.636:3166): avc:  denied  { bind } for  pid=21542 comm="syz.1.3314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1301.899120][ T1170] hid_mf 0003:0079:1846.0011: item fetching failed at offset 10/11
[ 1301.963444][ T1170] hid_mf 0003:0079:1846.0011: HID parse failed.
[ 1301.985105][ T1170] hid_mf 0003:0079:1846.0011: probe with driver hid_mf failed with error -22
[ 1302.021199][ T5963] usb 4-1: new full-speed USB device number 83 using dummy_hcd
[ 1302.069840][ T1170] usb 6-1: USB disconnect, device number 4
[ 1302.185664][ T5963] usb 4-1: device descriptor read/64, error -71
[ 1302.251278][ T5943] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[ 1302.321301][   T30] audit: type=1400 audit(1752825139.866:3167): avc:  denied  { module_request } for  pid=21552 comm="syz.0.3317" kmod="net-pf-10-proto-5-type-5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 1302.571218][ T5963] usb 4-1: new full-speed USB device number 84 using dummy_hcd
[ 1302.591167][ T5943] usb 2-1: Using ep0 maxpacket: 32
[ 1302.622514][ T5943] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1302.679477][ T5943] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1302.690414][ T5943] usb 2-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 1302.703529][ T5963] usb 4-1: device descriptor read/64, error -71
[ 1302.709831][ T5943] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1302.716749][ T5943] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[ 1302.725969][ T5943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1302.818171][T21562] netlink: 'syz.4.3318': attribute type 4 has an invalid length.
[ 1303.186496][ T5963] usb usb4-port1: attempt power cycle
[ 1303.210319][ T5943] usb 2-1: config 0 descriptor??
[ 1303.290435][T21564] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3320'.
[ 1303.367517][T21568] FAULT_INJECTION: forcing a failure.
[ 1303.367517][T21568] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1303.380854][T21568] CPU: 1 UID: 0 PID: 21568 Comm: syz.5.3321 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1303.380884][T21568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1303.380895][T21568] Call Trace:
[ 1303.380901][T21568]  <TASK>
[ 1303.380908][T21568]  dump_stack_lvl+0x16c/0x1f0
[ 1303.380942][T21568]  should_fail_ex+0x512/0x640
[ 1303.380973][T21568]  _copy_from_user+0x2e/0xd0
[ 1303.380993][T21568]  copy_msghdr_from_user+0x98/0x160
[ 1303.381020][T21568]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1303.381058][T21568]  ___sys_sendmsg+0xfe/0x1d0
[ 1303.381093][T21568]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1303.381119][T21568]  ? __lock_acquire+0x622/0x1c90
[ 1303.381166][T21568]  __sys_sendmsg+0x16d/0x220
[ 1303.381194][T21568]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1303.381237][T21568]  do_syscall_64+0xcd/0x4c0
[ 1303.381257][T21568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1303.381277][T21568] RIP: 0033:0x7f29be58e929
[ 1303.381291][T21568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1303.381309][T21568] RSP: 002b:00007f29bf333038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1303.381326][T21568] RAX: ffffffffffffffda RBX: 00007f29be7b5fa0 RCX: 00007f29be58e929
[ 1303.381338][T21568] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[ 1303.381350][T21568] RBP: 00007f29bf333090 R08: 0000000000000000 R09: 0000000000000000
[ 1303.381361][T21568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1303.381372][T21568] R13: 0000000000000000 R14: 00007f29be7b5fa0 R15: 00007ffc5cc516c8
[ 1303.381396][T21568]  </TASK>
[ 1303.573023][T21562] syz.4.3318 (21562) used greatest stack depth: 21304 bytes left
[ 1303.710789][T21570] netlink: 'syz.0.3319': attribute type 4 has an invalid length.
[ 1304.332409][   T30] audit: type=1400 audit(1752825141.896:3168): avc:  denied  { write } for  pid=21571 comm="syz.4.3323" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1305.484078][ T5943] usbhid 2-1:0.0: can't add hid device: -71
[ 1305.494721][ T5943] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1305.532864][ T5943] usb 2-1: USB disconnect, device number 73
[ 1306.688467][T21610] =======================================================
[ 1306.688467][T21610] WARNING: The mand mount option has been deprecated and
[ 1306.688467][T21610]          and is ignored by this kernel. Remove the mand
[ 1306.688467][T21610]          option from the mount to silence this warning.
[ 1306.688467][T21610] =======================================================
[ 1306.756281][T21608] netlink: 'syz.0.3329': attribute type 4 has an invalid length.
[ 1306.759812][T21610] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1307.487765][   T30] audit: type=1400 audit(1752825145.016:3169): avc:  denied  { mount } for  pid=21586 comm="syz.5.3326" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1307.957170][   T30] audit: type=1400 audit(1752825145.526:3170): avc:  denied  { unmount } for  pid=19884 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1308.047603][T21629] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3336'.
[ 1308.062848][T21628] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3335'.
[ 1308.200980][   T30] audit: type=1400 audit(1752825145.756:3171): avc:  denied  { getopt } for  pid=21626 comm="syz.1.3335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1308.243622][   T30] audit: type=1400 audit(1752825145.756:3172): avc:  denied  { getopt } for  pid=21626 comm="syz.1.3335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1308.397876][   T30] audit: type=1400 audit(1752825145.966:3173): avc:  denied  { unmount } for  pid=20265 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1308.422690][   T30] audit: type=1400 audit(1752825145.996:3174): avc:  denied  { bind } for  pid=21633 comm="syz.0.3338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1308.523761][   T30] audit: type=1400 audit(1752825146.086:3175): avc:  denied  { read } for  pid=21633 comm="syz.0.3338" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 1308.550017][T21635] block device autoloading is deprecated and will be removed.
[ 1308.585126][   T30] audit: type=1400 audit(1752825146.086:3176): avc:  denied  { open } for  pid=21633 comm="syz.0.3338" path="/58/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 1308.620162][   T30] audit: type=1400 audit(1752825146.136:3177): avc:  denied  { ioctl } for  pid=21633 comm="syz.0.3338" path="/58/file0/file0" dev="fuse" ino=64 ioctlcmd=0x930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 1308.816239][T21643] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3342'.
[ 1308.851853][   T30] audit: type=1400 audit(1752825146.426:3178): avc:  denied  { getopt } for  pid=21644 comm="syz.0.3341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1310.581832][T21656] netdevsim netdevsim5 ������: renamed from netdevsim0 (while UP)
[ 1312.281201][T17608] Bluetooth: hci5: command 0x0406 tx timeout
[ 1312.749564][T21692] overlayfs: upper fs does not support file handles, falling back to index=off.
[ 1312.783110][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1312.783125][   T30] audit: type=1400 audit(1752825150.356:3180): avc:  denied  { mounton } for  pid=21688 comm="syz.5.3352" path="/syzcgroup/net/syz5/devices.allow" dev="cgroup" ino=312 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[ 1312.817516][T21692] SELinux: security_context_str_to_sid (root) failed with errno=-22
[ 1312.914792][   T30] audit: type=1326 audit(1752825150.486:3181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21696 comm="syz.3.3356" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1541f8e929 code=0x0
[ 1312.943012][T21699] 9p: Unknown Cache mode or invalid value fscach|
[ 1313.176550][T21704] FAULT_INJECTION: forcing a failure.
[ 1313.176550][T21704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1313.189771][T21704] CPU: 1 UID: 0 PID: 21704 Comm: syz.5.3357 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1313.189796][T21704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1313.189807][T21704] Call Trace:
[ 1313.189814][T21704]  <TASK>
[ 1313.189822][T21704]  dump_stack_lvl+0x16c/0x1f0
[ 1313.189854][T21704]  should_fail_ex+0x512/0x640
[ 1313.189884][T21704]  _copy_from_user+0x2e/0xd0
[ 1313.189903][T21704]  copy_msghdr_from_user+0x98/0x160
[ 1313.189931][T21704]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1313.189962][T21704]  ? __lock_acquire+0xb8a/0x1c90
[ 1313.189987][T21704]  ___sys_sendmsg+0xfe/0x1d0
[ 1313.190015][T21704]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1313.190039][T21704]  ? __lock_acquire+0x622/0x1c90
[ 1313.190087][T21704]  __sys_sendmsg+0x16d/0x220
[ 1313.190115][T21704]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1313.190158][T21704]  do_syscall_64+0xcd/0x4c0
[ 1313.190177][T21704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1313.190197][T21704] RIP: 0033:0x7f29be58e929
[ 1313.190211][T21704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1313.190234][T21704] RSP: 002b:00007f29bc3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1313.190251][T21704] RAX: ffffffffffffffda RBX: 00007f29be7b6160 RCX: 00007f29be58e929
[ 1313.190263][T21704] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000007
[ 1313.190274][T21704] RBP: 00007f29bc3f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1313.190285][T21704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1313.190295][T21704] R13: 0000000000000000 R14: 00007f29be7b6160 R15: 00007ffc5cc516c8
[ 1313.190319][T21704]  </TASK>
[ 1313.519458][T21708] FAULT_INJECTION: forcing a failure.
[ 1313.519458][T21708] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1313.535089][T21708] CPU: 1 UID: 0 PID: 21708 Comm: syz.1.3359 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1313.535114][T21708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1313.535124][T21708] Call Trace:
[ 1313.535129][T21708]  <TASK>
[ 1313.535136][T21708]  dump_stack_lvl+0x16c/0x1f0
[ 1313.535168][T21708]  should_fail_ex+0x512/0x640
[ 1313.535203][T21708]  _copy_from_user+0x2e/0xd0
[ 1313.535222][T21708]  copy_msghdr_from_user+0x98/0x160
[ 1313.535252][T21708]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1313.535292][T21708]  ___sys_sendmsg+0xfe/0x1d0
[ 1313.535320][T21708]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1313.535346][T21708]  ? __lock_acquire+0x622/0x1c90
[ 1313.535394][T21708]  __sys_sendmsg+0x16d/0x220
[ 1313.535422][T21708]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1313.535465][T21708]  do_syscall_64+0xcd/0x4c0
[ 1313.535484][T21708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1313.535502][T21708] RIP: 0033:0x7fa69398e929
[ 1313.535517][T21708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1313.535533][T21708] RSP: 002b:00007fa694735038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1313.535550][T21708] RAX: ffffffffffffffda RBX: 00007fa693bb5fa0 RCX: 00007fa69398e929
[ 1313.535562][T21708] RDX: 0000000044004094 RSI: 0000200000000a40 RDI: 0000000000000005
[ 1313.535573][T21708] RBP: 00007fa694735090 R08: 0000000000000000 R09: 0000000000000000
[ 1313.535587][T21708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1313.535598][T21708] R13: 0000000000000000 R14: 00007fa693bb5fa0 R15: 00007ffe5d43af98
[ 1313.535622][T21708]  </TASK>
[ 1313.544720][T21710] 9pnet_fd: Insufficient options for proto=fd
[ 1313.851103][ T5943] usb 2-1: new full-speed USB device number 74 using dummy_hcd
[ 1313.891204][ T5963] usb 5-1: new full-speed USB device number 57 using dummy_hcd
[ 1314.777383][   T30] audit: type=1326 audit(1752825151.536:3182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21718 comm="syz.3.3363" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1541f8e929 code=0x0
[ 1314.858007][ T5963] usb 5-1: config 0 has an invalid interface number: 112 but max is 0
[ 1314.866953][ T5963] usb 5-1: config 0 has no interface number 0
[ 1314.875831][ T5963] usb 5-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=fb.16
[ 1314.901076][ T5943] usb 2-1: not running at top speed; connect to a high speed hub
[ 1314.912414][ T5943] usb 2-1: config 6 has an invalid interface number: 14 but max is 0
[ 1314.921568][ T5963] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1314.929634][ T5963] usb 5-1: Product: syz
[ 1314.947690][ T5943] usb 2-1: config 6 contains an unexpected descriptor of type 0x2, skipping
[ 1315.277997][ T5963] usb 5-1: Manufacturer: syz
[ 1315.291534][ T5943] usb 2-1: config 6 contains an unexpected descriptor of type 0x1, skipping
[ 1315.306756][ T5963] usb 5-1: SerialNumber: syz
[ 1315.331855][ T5943] usb 2-1: config 6 has no interface number 0
[ 1315.339425][ T5963] usb 5-1: config 0 descriptor??
[ 1315.354858][ T5943] usb 2-1: config 6 interface 14 altsetting 2 endpoint 0xF has an invalid bInterval 55, changing to 4
[ 1315.386191][ T5963] mvusb_mdio 5-1:0.112: probe with driver mvusb_mdio failed with error -5
[ 1315.397067][ T5943] usb 2-1: config 6 interface 14 altsetting 2 endpoint 0xF has invalid maxpacket 1024, setting to 1023
[ 1315.419968][ T5943] usb 2-1: config 6 interface 14 altsetting 2 endpoint 0xB has invalid maxpacket 1023, setting to 64
[ 1315.432314][ T5943] usb 2-1: config 6 interface 14 altsetting 2 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[ 1315.540153][ T5943] usb 2-1: config 6 interface 14 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[ 1315.598746][ T5943] usb 2-1: config 6 interface 14 altsetting 2 has a duplicate endpoint with address 0xD, skipping
[ 1315.631166][ T5943] usb 2-1: config 6 interface 14 has no altsetting 0
[ 1315.640605][ T5943] usb 2-1: New USB device found, idVendor=0409, idProduct=00d6, bcdDevice=59.80
[ 1315.647972][T17980] usb 5-1: USB disconnect, device number 57
[ 1315.650351][ T5943] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1315.674418][ T5943] usb 2-1: Product: ﳿ
[ 1315.679353][ T5943] usb 2-1: Manufacturer: 㔀偢知㭆乕ꬶ偍⅀찛骛佖嫤ࣨⷴ㦰熼ﶁ揖ꫵԠ킵螿媠㿛腝㍯ꈦ贝蛄̰悩螻೑롑ᘠ困ᨓ覀鎺⯊風ಉ
[ 1315.697474][ T5943] usb 2-1: SerialNumber: Ѕ
[ 1315.816068][T21712] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1316.332986][ T5943] usb 2-1: USB disconnect, device number 74
[ 1316.358454][   T30] audit: type=1400 audit(1752825153.926:3183): avc:  denied  { map } for  pid=21747 comm="syz.5.3371" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[ 1316.387097][T21750] ipip0: entered promiscuous mode
[ 1316.450309][   T30] audit: type=1400 audit(1752825153.926:3184): avc:  denied  { execute } for  pid=21747 comm="syz.5.3371" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[ 1316.859358][   T30] audit: type=1326 audit(1752825154.426:3185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21754 comm="syz.5.3373" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f29be58e929 code=0x0
[ 1316.882262][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1316.901879][T21760] 9p: Unknown Cache mode or invalid value fscach|
[ 1317.848391][   T30] audit: type=1326 audit(1752825154.656:3186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21762 comm="syz.0.3375" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f34ad58e929 code=0x0
[ 1318.114648][   T30] audit: type=1400 audit(1752825155.676:3187): avc:  denied  { bind } for  pid=21769 comm="syz.5.3377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1318.140949][T21771] FAULT_INJECTION: forcing a failure.
[ 1318.140949][T21771] name failslab, interval 1, probability 0, space 0, times 0
[ 1318.205211][T21771] CPU: 1 UID: 0 PID: 21771 Comm: syz.5.3377 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1318.205239][T21771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1318.205250][T21771] Call Trace:
[ 1318.205257][T21771]  <TASK>
[ 1318.205264][T21771]  dump_stack_lvl+0x16c/0x1f0
[ 1318.205297][T21771]  should_fail_ex+0x512/0x640
[ 1318.205324][T21771]  ? fs_reclaim_acquire+0xae/0x150
[ 1318.205349][T21771]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1318.205368][T21771]  should_failslab+0xc2/0x120
[ 1318.205387][T21771]  __kmalloc_noprof+0xd2/0x510
[ 1318.205421][T21771]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1318.205441][T21771]  ? tomoyo_profile+0x47/0x60
[ 1318.205464][T21771]  tomoyo_path_number_perm+0x245/0x580
[ 1318.205487][T21771]  ? tomoyo_path_number_perm+0x237/0x580
[ 1318.205515][T21771]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1318.205542][T21771]  ? find_held_lock+0x2b/0x80
[ 1318.205592][T21771]  ? find_held_lock+0x2b/0x80
[ 1318.205614][T21771]  ? hook_file_ioctl_common+0x145/0x410
[ 1318.205641][T21771]  ? __fget_files+0x20e/0x3c0
[ 1318.205662][T21771]  security_file_ioctl+0x9b/0x240
[ 1318.205691][T21771]  __x64_sys_ioctl+0xb7/0x210
[ 1318.205717][T21771]  do_syscall_64+0xcd/0x4c0
[ 1318.205736][T21771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1318.205755][T21771] RIP: 0033:0x7f29be58e929
[ 1318.205770][T21771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1318.205787][T21771] RSP: 002b:00007f29bf333038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1318.205805][T21771] RAX: ffffffffffffffda RBX: 00007f29be7b5fa0 RCX: 00007f29be58e929
[ 1318.205817][T21771] RDX: 0000200000000080 RSI: 00000000400448e7 RDI: 0000000000000004
[ 1318.205829][T21771] RBP: 00007f29bf333090 R08: 0000000000000000 R09: 0000000000000000
[ 1318.205840][T21771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1318.205850][T21771] R13: 0000000000000000 R14: 00007f29be7b5fa0 R15: 00007ffc5cc516c8
[ 1318.205874][T21771]  </TASK>
[ 1318.205900][T21771] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1318.631450][   T30] audit: type=1400 audit(1752825156.126:3188): avc:  denied  { sqpoll } for  pid=21776 comm="syz.4.3381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1319.241336][T20119] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[ 1319.941977][T21792] syz.1.3382 (21792) used greatest stack depth: 19256 bytes left
[ 1320.943508][T20119] usb 4-1: config 0 has no interfaces?
[ 1320.986714][T21806] 9p: Unknown Cache mode or invalid value fscach|
[ 1321.581146][   T30] audit: type=1326 audit(1752825159.136:3189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21810 comm="syz.4.3388" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0207b8e929 code=0x0
[ 1322.430795][T20119] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1322.439937][T20119] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1322.457603][T20119] usb 4-1: Product: syz
[ 1322.490533][T20119] usb 4-1: config 0 descriptor??
[ 1322.495071][T21821] SELinux: selinux_ima_measure_state_locked: failed to read policy -12.
[ 1322.591084][   T30] audit: type=1400 audit(1752825160.056:3190): avc:  denied  { read write } for  pid=19884 comm="syz-executor" name="loop1" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1322.641628][T20119] usb 4-1: can't set config #0, error -71
[ 1322.648118][T21824] macvlan2: entered allmulticast mode
[ 1322.668897][T20119] usb 4-1: USB disconnect, device number 86
[ 1322.673774][T21824] veth1_vlan: entered allmulticast mode
[ 1322.690411][T21824] veth1_vlan: left allmulticast mode
[ 1322.707096][   T30] audit: type=1400 audit(1752825160.056:3191): avc:  denied  { open } for  pid=19884 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1323.362975][   T30] audit: type=1400 audit(1752825160.056:3192): avc:  denied  { ioctl } for  pid=19884 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=648 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1323.571677][   T30] audit: type=1400 audit(1752825160.056:3193): avc:  denied  { write } for  pid=21823 comm="syz.5.3389" laddr=fe80::16 lport=32855 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1323.596603][   T30] audit: type=1400 audit(1752825160.166:3194): avc:  denied  { create } for  pid=21823 comm="syz.5.3389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1323.703727][   T30] audit: type=1400 audit(1752825160.166:3195): avc:  denied  { write } for  pid=21823 comm="syz.5.3389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1323.758926][   T30] audit: type=1400 audit(1752825160.166:3196): avc:  denied  { map_create } for  pid=21823 comm="syz.5.3389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1323.791236][   T30] audit: type=1400 audit(1752825160.166:3197): avc:  denied  { map_read map_write } for  pid=21823 comm="syz.5.3389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1324.293522][   T30] audit: type=1400 audit(1752825160.196:3198): avc:  denied  { perfmon } for  pid=21823 comm="syz.5.3389" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1324.754145][   T30] audit: type=1400 audit(1752825160.196:3199): avc:  denied  { prog_load } for  pid=21823 comm="syz.5.3389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1324.782722][   T30] audit: type=1400 audit(1752825160.196:3200): avc:  denied  { bpf } for  pid=21823 comm="syz.5.3389" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1324.847607][T21852] 9p: Unknown Cache mode or invalid value fscach|
[ 1324.855277][   T30] audit: type=1400 audit(1752825160.206:3201): avc:  denied  { ioctl } for  pid=21823 comm="syz.5.3389" path="socket:[85764]" dev="sockfs" ino=85764 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1324.882238][T11946] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1325.381205][T11946] usb 6-1: Using ep0 maxpacket: 16
[ 1325.469785][T11946] usb 6-1: New USB device found, idVendor=0582, idProduct=00e6, bcdDevice=4e.06
[ 1325.600041][T11946] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1325.623283][T11946] usb 6-1: Product: syz
[ 1325.627471][T11946] usb 6-1: Manufacturer: syz
[ 1325.655111][T11946] usb 6-1: SerialNumber: syz
[ 1325.909518][T11946] usb 6-1: config 0 descriptor??
[ 1327.219092][T11946] usb 6-1: USB disconnect, device number 5
[ 1327.238908][ T7285] udevd[7285]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1327.321849][T21871] FAULT_INJECTION: forcing a failure.
[ 1327.321849][T21871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1327.397663][T21871] CPU: 1 UID: 0 PID: 21871 Comm: syz.0.3402 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1327.397692][T21871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1327.397703][T21871] Call Trace:
[ 1327.397710][T21871]  <TASK>
[ 1327.397718][T21871]  dump_stack_lvl+0x16c/0x1f0
[ 1327.397750][T21871]  should_fail_ex+0x512/0x640
[ 1327.397780][T21871]  _copy_from_user+0x2e/0xd0
[ 1327.397799][T21871]  copy_msghdr_from_user+0x98/0x160
[ 1327.397827][T21871]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1327.397865][T21871]  ___sys_sendmsg+0xfe/0x1d0
[ 1327.397893][T21871]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1327.397923][T21871]  ? __lock_acquire+0x622/0x1c90
[ 1327.397970][T21871]  __sys_sendmsg+0x16d/0x220
[ 1327.397997][T21871]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1327.398039][T21871]  do_syscall_64+0xcd/0x4c0
[ 1327.398059][T21871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1327.398077][T21871] RIP: 0033:0x7f34ad58e929
[ 1327.398091][T21871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1327.398108][T21871] RSP: 002b:00007f34ae4b0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1327.398126][T21871] RAX: ffffffffffffffda RBX: 00007f34ad7b5fa0 RCX: 00007f34ad58e929
[ 1327.398137][T21871] RDX: 0000000000000040 RSI: 0000200000000180 RDI: 0000000000000003
[ 1327.398147][T21871] RBP: 00007f34ae4b0090 R08: 0000000000000000 R09: 0000000000000000
[ 1327.398157][T21871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1327.398167][T21871] R13: 0000000000000000 R14: 00007f34ad7b5fa0 R15: 00007ffebc0c8d78
[ 1327.398188][T21871]  </TASK>
[ 1327.563814][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1327.879588][T21879] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1328.161442][T20119] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[ 1328.571413][   T30] kauditd_printk_skb: 64 callbacks suppressed
[ 1328.571429][   T30] audit: type=1400 audit(1752825165.926:3266): avc:  denied  { create } for  pid=21882 comm="syz.5.3405" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[ 1328.600712][   T30] audit: type=1400 audit(1752825166.166:3267): avc:  denied  { ioctl } for  pid=21884 comm="syz.1.3406" path="/dev/sg0" dev="devtmpfs" ino=764 ioctlcmd=0x5393 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 1328.722451][T20119] usb 1-1: config 0 has no interfaces?
[ 1328.768478][T21892] 9pnet_fd: Insufficient options for proto=fd
[ 1328.840212][T20119] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1328.852934][   T30] audit: type=1400 audit(1752825166.236:3268): avc:  denied  { write } for  pid=21884 comm="syz.1.3406" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1328.877153][T20119] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1328.897829][T20119] usb 1-1: Product: syz
[ 1328.897857][   T30] audit: type=1400 audit(1752825174.386:3269): avc:  denied  { mounton } for  pid=21888 comm="syz.3.3408" path="/41" dev="tmpfs" ino=230 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1328.936016][   T30] audit: type=1400 audit(1752825174.436:3270): avc:  denied  { read } for  pid=21888 comm="syz.3.3408" name="video8" dev="devtmpfs" ino=951 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 1328.968295][   T30] audit: type=1400 audit(1752825174.436:3271): avc:  denied  { open } for  pid=21888 comm="syz.3.3408" path="/dev/video8" dev="devtmpfs" ino=951 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 1329.008809][T20119] usb 1-1: Manufacturer: syz
[ 1329.023945][T20119] usb 1-1: SerialNumber: syz
[ 1329.108665][T20119] usb 1-1: config 0 descriptor??
[ 1329.261196][ T5916] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 1329.901584][ T5916] usb 5-1: device descriptor read/64, error -71
[ 1330.035376][   T30] audit: type=1400 audit(1752825175.646:3272): avc:  denied  { ioctl } for  pid=21874 comm="syz.0.3403" path="/dev/usbmon0" dev="devtmpfs" ino=716 ioctlcmd=0x9203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1330.114133][T21880] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1330.131545][T21880] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1330.180022][   T30] audit: type=1400 audit(1752825175.676:3273): avc:  denied  { map } for  pid=21874 comm="syz.0.3403" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1330.225517][   T30] audit: type=1400 audit(1752825175.676:3274): avc:  denied  { execute } for  pid=21874 comm="syz.0.3403" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1330.257942][   T30] audit: type=1326 audit(1752825175.716:3275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21874 comm="syz.0.3403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34ad58e929 code=0x7ffc0000
[ 1330.337201][ T5916] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 1330.358833][T21910] FAULT_INJECTION: forcing a failure.
[ 1330.358833][T21910] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1330.377110][T21910] CPU: 0 UID: 0 PID: 21910 Comm: syz.3.3412 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1330.377137][T21910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1330.377149][T21910] Call Trace:
[ 1330.377155][T21910]  <TASK>
[ 1330.377163][T21910]  dump_stack_lvl+0x16c/0x1f0
[ 1330.377197][T21910]  should_fail_ex+0x512/0x640
[ 1330.377227][T21910]  _copy_from_iter+0x29f/0x16f0
[ 1330.377252][T21910]  ? __pfx__copy_from_iter+0x10/0x10
[ 1330.377271][T21910]  ? _kstrtoull+0x145/0x200
[ 1330.377293][T21910]  ? __pfx__kstrtoull+0x10/0x10
[ 1330.377320][T21910]  tun_get_user+0x240/0x3b80
[ 1330.377350][T21910]  ? __pfx_tun_get_user+0x10/0x10
[ 1330.377368][T21910]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1330.377404][T21910]  ? find_held_lock+0x2b/0x80
[ 1330.377428][T21910]  ? tun_get+0x191/0x370
[ 1330.377450][T21910]  tun_chr_write_iter+0xdc/0x210
[ 1330.377471][T21910]  vfs_write+0x6c4/0x1150
[ 1330.377498][T21910]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1330.377519][T21910]  ? __pfx_vfs_write+0x10/0x10
[ 1330.377542][T21910]  ? find_held_lock+0x2b/0x80
[ 1330.377579][T21910]  ksys_write+0x12a/0x250
[ 1330.377603][T21910]  ? __pfx_ksys_write+0x10/0x10
[ 1330.377636][T21910]  do_syscall_64+0xcd/0x4c0
[ 1330.377655][T21910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1330.377673][T21910] RIP: 0033:0x7f1541f8e929
[ 1330.377687][T21910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1330.377705][T21910] RSP: 002b:00007f1542e1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1330.377722][T21910] RAX: ffffffffffffffda RBX: 00007f15421b5fa0 RCX: 00007f1541f8e929
[ 1330.377734][T21910] RDX: 0000000000000072 RSI: 0000200000000100 RDI: 0000000000000003
[ 1330.377745][T21910] RBP: 00007f1542e1f090 R08: 0000000000000000 R09: 0000000000000000
[ 1330.377756][T21910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1330.377766][T21910] R13: 0000000000000000 R14: 00007f15421b5fa0 R15: 00007ffd1195ca68
[ 1330.377790][T21910]  </TASK>
[ 1330.674764][ T5916] usb 5-1: device descriptor read/64, error -71
[ 1330.872726][ T5916] usb usb5-port1: attempt power cycle
[ 1331.313114][T11946] usb 1-1: USB disconnect, device number 85
[ 1331.369097][T21918] FAULT_INJECTION: forcing a failure.
[ 1331.369097][T21918] name failslab, interval 1, probability 0, space 0, times 0
[ 1331.387736][T21918] CPU: 0 UID: 0 PID: 21918 Comm: syz.0.3415 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1331.387754][T21918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1331.387761][T21918] Call Trace:
[ 1331.387765][T21918]  <TASK>
[ 1331.387770][T21918]  dump_stack_lvl+0x16c/0x1f0
[ 1331.387791][T21918]  should_fail_ex+0x512/0x640
[ 1331.387811][T21918]  ? fs_reclaim_acquire+0xae/0x150
[ 1331.387826][T21918]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1331.387837][T21918]  should_failslab+0xc2/0x120
[ 1331.387849][T21918]  __kmalloc_noprof+0xd2/0x510
[ 1331.387869][T21918]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1331.387881][T21918]  ? tomoyo_profile+0x47/0x60
[ 1331.387895][T21918]  tomoyo_path_number_perm+0x245/0x580
[ 1331.387910][T21918]  ? tomoyo_path_number_perm+0x237/0x580
[ 1331.387927][T21918]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1331.387943][T21918]  ? find_held_lock+0x2b/0x80
[ 1331.387969][T21918]  ? find_held_lock+0x2b/0x80
[ 1331.387982][T21918]  ? hook_file_ioctl_common+0x145/0x410
[ 1331.387998][T21918]  ? __fget_files+0x20e/0x3c0
[ 1331.388011][T21918]  security_file_ioctl+0x9b/0x240
[ 1331.388030][T21918]  __x64_sys_ioctl+0xb7/0x210
[ 1331.388046][T21918]  do_syscall_64+0xcd/0x4c0
[ 1331.388065][T21918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1331.388076][T21918] RIP: 0033:0x7f34ad58e929
[ 1331.388086][T21918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1331.388097][T21918] RSP: 002b:00007f34ae4b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1331.388108][T21918] RAX: ffffffffffffffda RBX: 00007f34ad7b5fa0 RCX: 00007f34ad58e929
[ 1331.388116][T21918] RDX: 0000000000000000 RSI: 00000000c0386106 RDI: 0000000000000003
[ 1331.388122][T21918] RBP: 00007f34ae4b0090 R08: 0000000000000000 R09: 0000000000000000
[ 1331.388128][T21918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1331.388135][T21918] R13: 0000000000000000 R14: 00007f34ad7b5fa0 R15: 00007ffebc0c8d78
[ 1331.388148][T21918]  </TASK>
[ 1331.388153][T21918] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1331.661100][ T5916] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[ 1331.705964][ T5916] usb 5-1: device descriptor read/8, error -71
[ 1333.131227][ T5916] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[ 1333.155514][T21933] ucma_write: process 256 (syz.0.3416) changed security contexts after opening file descriptor, this is not allowed.
[ 1333.239555][T21942] FAULT_INJECTION: forcing a failure.
[ 1333.239555][T21942] name failslab, interval 1, probability 0, space 0, times 0
[ 1333.252985][T21942] CPU: 1 UID: 0 PID: 21942 Comm: syz.4.3420 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1333.253014][T21942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1333.253027][T21942] Call Trace:
[ 1333.253035][T21942]  <TASK>
[ 1333.253042][T21942]  dump_stack_lvl+0x16c/0x1f0
[ 1333.253087][T21942]  should_fail_ex+0x512/0x640
[ 1333.253115][T21942]  ? __kvmalloc_node_noprof+0x124/0x620
[ 1333.253148][T21942]  should_failslab+0xc2/0x120
[ 1333.253167][T21942]  __kvmalloc_node_noprof+0x137/0x620
[ 1333.253195][T21942]  ? seq_read_iter+0x826/0x12c0
[ 1333.253221][T21942]  ? __lock_acquire+0xb8a/0x1c90
[ 1333.253244][T21942]  ? seq_read_iter+0x826/0x12c0
[ 1333.253267][T21942]  seq_read_iter+0x826/0x12c0
[ 1333.253294][T21942]  ? __mutex_trylock_common+0xe9/0x250
[ 1333.253323][T21942]  kernfs_fop_read_iter+0x40f/0x5a0
[ 1333.253348][T21942]  ? rw_verify_area+0xcf/0x680
[ 1333.253376][T21942]  vfs_read+0x8bc/0xc60
[ 1333.253405][T21942]  ? __pfx___mutex_lock+0x10/0x10
[ 1333.253424][T21942]  ? __pfx_vfs_read+0x10/0x10
[ 1333.253466][T21942]  ksys_read+0x12a/0x250
[ 1333.253492][T21942]  ? __pfx_ksys_read+0x10/0x10
[ 1333.253525][T21942]  do_syscall_64+0xcd/0x4c0
[ 1333.253545][T21942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1333.253565][T21942] RIP: 0033:0x7f0207b8e929
[ 1333.253584][T21942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1333.253603][T21942] RSP: 002b:00007f0208a81038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1333.253622][T21942] RAX: ffffffffffffffda RBX: 00007f0207db6080 RCX: 00007f0207b8e929
[ 1333.253635][T21942] RDX: 0000000000002020 RSI: 00002000000034c0 RDI: 0000000000000007
[ 1333.253646][T21942] RBP: 00007f0208a81090 R08: 0000000000000000 R09: 0000000000000000
[ 1333.253658][T21942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1333.253669][T21942] R13: 0000000000000000 R14: 00007f0207db6080 R15: 00007ffdbd8ea5d8
[ 1333.253694][T21942]  </TASK>
[ 1333.361138][ T5916] usb 5-1: device not accepting address 61, error -71
[ 1333.618535][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1333.618552][   T30] audit: type=1400 audit(1752825179.226:3292): avc:  denied  { write } for  pid=21940 comm="syz.1.3421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1334.122557][   T30] audit: type=1400 audit(1752825179.226:3293): avc:  denied  { nlmsg_write } for  pid=21940 comm="syz.1.3421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1334.311788][   T30] audit: type=1400 audit(1752825179.236:3294): avc:  denied  { write } for  pid=21940 comm="syz.1.3421" name="video7" dev="devtmpfs" ino=949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 1334.341127][   T30] audit: type=1400 audit(1752825179.246:3295): avc:  denied  { ioctl } for  pid=21940 comm="syz.1.3421" path="/dev/video7" dev="devtmpfs" ino=949 ioctlcmd=0x5605 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 1334.571579][T21955] netlink: 'syz.3.3419': attribute type 4 has an invalid length.
[ 1335.336276][   T30] audit: type=1400 audit(1752825179.286:3296): avc:  denied  { create } for  pid=21940 comm="syz.1.3421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1335.356662][   T30] audit: type=1400 audit(1752825179.296:3297): avc:  denied  { setopt } for  pid=21940 comm="syz.1.3421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1335.363394][ T5916] usb usb5-port1: unable to enumerate USB device
[ 1335.376852][   T30] audit: type=1326 audit(1752825179.356:3298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21940 comm="syz.1.3421" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa69398e929 code=0x0
[ 1336.682325][T21970] FAULT_INJECTION: forcing a failure.
[ 1336.682325][T21970] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1336.695925][T21970] CPU: 0 UID: 0 PID: 21970 Comm: syz.3.3427 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1336.695943][T21970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1336.695950][T21970] Call Trace:
[ 1336.695955][T21970]  <TASK>
[ 1336.695960][T21970]  dump_stack_lvl+0x16c/0x1f0
[ 1336.695984][T21970]  should_fail_ex+0x512/0x640
[ 1336.696007][T21970]  should_fail_alloc_page+0xe7/0x130
[ 1336.696022][T21970]  prepare_alloc_pages+0x3c2/0x610
[ 1336.696037][T21970]  ? __pfx_stack_trace_save+0x10/0x10
[ 1336.696056][T21970]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1336.696077][T21970]  ? register_lock_class+0x41/0x4c0
[ 1336.696088][T21970]  ? find_held_lock+0x2b/0x80
[ 1336.696103][T21970]  ? ima_match_policy+0x7ed/0x22d0
[ 1336.696118][T21970]  ? __kasan_check_byte+0x13/0x50
[ 1336.696130][T21970]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1336.696147][T21970]  ? unwind_next_frame+0x3f4/0x20a0
[ 1336.696161][T21970]  ? __kasan_check_byte+0x13/0x50
[ 1336.696174][T21970]  ? lock_release+0x201/0x2f0
[ 1336.696183][T21970]  ? bpf_ksym_find+0x127/0x1c0
[ 1336.696200][T21970]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1336.696216][T21970]  ? is_bpf_text_address+0x94/0x1a0
[ 1336.696230][T21970]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1336.696245][T21970]  ? policy_nodemask+0xea/0x4e0
[ 1336.696258][T21970]  alloc_pages_mpol+0x1fb/0x550
[ 1336.696270][T21970]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1336.696282][T21970]  ? stack_trace_save+0x8e/0xc0
[ 1336.696299][T21970]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1336.696314][T21970]  vma_alloc_folio_noprof+0xed/0x1e0
[ 1336.696327][T21970]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1336.696341][T21970]  ? rcu_read_unlock+0x2d/0xb0
[ 1336.696361][T21970]  do_wp_page+0x1136/0x4f20
[ 1336.696378][T21970]  ? __pfx_do_wp_page+0x10/0x10
[ 1336.696392][T21970]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1336.696409][T21970]  __handle_mm_fault+0x2223/0x5490
[ 1336.696429][T21970]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1336.696443][T21970]  ? __pfx_mt_find+0x10/0x10
[ 1336.696463][T21970]  ? find_vma+0xbf/0x140
[ 1336.696475][T21970]  ? __pfx_find_vma+0x10/0x10
[ 1336.696488][T21970]  handle_mm_fault+0x589/0xd10
[ 1336.696504][T21970]  ? __pkru_allows_pkey+0x51/0xb0
[ 1336.696521][T21970]  do_user_addr_fault+0x7a6/0x1370
[ 1336.696540][T21970]  ? rcu_is_watching+0x12/0xc0
[ 1336.696557][T21970]  exc_page_fault+0x5c/0xb0
[ 1336.696579][T21970]  asm_exc_page_fault+0x26/0x30
[ 1336.696597][T21970] RIP: 0010:filldir+0x1d3/0x600
[ 1336.696615][T21970] Code: 53 eb 82 ff 48 89 ee 4c 89 ff e8 f8 e5 82 ff 48 83 7c 24 28 00 0f 85 45 02 00 00 e8 37 eb 82 ff 0f 01 cb 0f ae e8 48 8b 04 24 <49> 89 47 08 e8 24 eb 82 ff 4c 8b 7c 24 30 48 8b 44 24 08 49 89 07
[ 1336.696628][T21970] RSP: 0018:ffffc9000c127d18 EFLAGS: 00050293
[ 1336.696638][T21970] RAX: 0000000000000000 RBX: ffffc9000c127e80 RCX: ffffffff8238fdb8
[ 1336.696645][T21970] RDX: ffff88807c9f8000 RSI: ffffffff8238fdc9 RDI: 0000000000000006
[ 1336.696652][T21970] RBP: 0000200000001018 R08: 0000000000000006 R09: 0000200000001000
[ 1336.696659][T21970] R10: 0000200000001018 R11: 0000000000000001 R12: 0000000000000018
[ 1336.696666][T21970] R13: ffffffff8bc25020 R14: ffffc9000c127ea4 R15: 0000200000001000
[ 1336.696677][T21970]  ? filldir+0x1b8/0x600
[ 1336.696691][T21970]  ? filldir+0x1c9/0x600
[ 1336.696706][T21970]  ? filldir+0x1c9/0x600
[ 1336.696725][T21970]  ? __pfx_filldir+0x10/0x10
[ 1336.696738][T21970]  proc_pident_readdir+0x33b/0x560
[ 1336.696758][T21970]  iterate_dir+0x293/0xb40
[ 1336.696775][T21970]  __x64_sys_getdents+0x13c/0x2b0
[ 1336.696791][T21970]  ? __pfx___x64_sys_getdents+0x10/0x10
[ 1336.696806][T21970]  ? fput+0x70/0xf0
[ 1336.696818][T21970]  ? __pfx_filldir+0x10/0x10
[ 1336.696838][T21970]  do_syscall_64+0xcd/0x4c0
[ 1336.696850][T21970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1336.696861][T21970] RIP: 0033:0x7f1541f8e929
[ 1336.696871][T21970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1336.696882][T21970] RSP: 002b:00007f1542e1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[ 1336.696892][T21970] RAX: ffffffffffffffda RBX: 00007f15421b5fa0 RCX: 00007f1541f8e929
[ 1336.696899][T21970] RDX: 0000000000000ff5 RSI: 0000200000001000 RDI: 0000000000000004
[ 1336.696906][T21970] RBP: 00007f1542e1f090 R08: 0000000000000000 R09: 0000000000000000
[ 1336.696913][T21970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1336.696920][T21970] R13: 0000000000000000 R14: 00007f15421b5fa0 R15: 00007ffd1195ca68
[ 1336.696933][T21970]  </TASK>
[ 1337.721112][T17608] Bluetooth: hci0: command 0x0406 tx timeout
[ 1338.786904][T21972] FAULT_INJECTION: forcing a failure.
[ 1338.786904][T21972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1338.802011][T21972] CPU: 1 UID: 0 PID: 21972 Comm: syz.3.3429 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1338.802038][T21972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1338.802048][T21972] Call Trace:
[ 1338.802055][T21972]  <TASK>
[ 1338.802069][T21972]  dump_stack_lvl+0x16c/0x1f0
[ 1338.802104][T21972]  should_fail_ex+0x512/0x640
[ 1338.802134][T21972]  _copy_from_user+0x2e/0xd0
[ 1338.802153][T21972]  __sys_bpf+0x21d/0x4ea0
[ 1338.802182][T21972]  ? __pfx___sys_bpf+0x10/0x10
[ 1338.802207][T21972]  ? ksys_write+0x190/0x250
[ 1338.802238][T21972]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1338.802269][T21972]  ? fput+0x70/0xf0
[ 1338.802289][T21972]  ? ksys_write+0x1ac/0x250
[ 1338.802313][T21972]  ? __pfx_ksys_write+0x10/0x10
[ 1338.802343][T21972]  __x64_sys_bpf+0x78/0xc0
[ 1338.802367][T21972]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1338.802394][T21972]  do_syscall_64+0xcd/0x4c0
[ 1338.802410][T21972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1338.802427][T21972] RIP: 0033:0x7f1541f8e929
[ 1338.802441][T21972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1338.802457][T21972] RSP: 002b:00007f1542e1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1338.802475][T21972] RAX: ffffffffffffffda RBX: 00007f15421b5fa0 RCX: 00007f1541f8e929
[ 1338.802487][T21972] RDX: 0000000000000024 RSI: 0000200000000640 RDI: 000000000000000a
[ 1338.802498][T21972] RBP: 00007f1542e1f090 R08: 0000000000000000 R09: 0000000000000000
[ 1338.802508][T21972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1338.802519][T21972] R13: 0000000000000000 R14: 00007f15421b5fa0 R15: 00007ffd1195ca68
[ 1338.802543][T21972]  </TASK>
[ 1339.544388][T21999] FAULT_INJECTION: forcing a failure.
[ 1339.544388][T21999] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1339.557943][T21999] CPU: 1 UID: 0 PID: 21999 Comm: syz.4.3434 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1339.557967][T21999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1339.557975][T21999] Call Trace:
[ 1339.557979][T21999]  <TASK>
[ 1339.557992][T21999]  dump_stack_lvl+0x16c/0x1f0
[ 1339.558016][T21999]  should_fail_ex+0x512/0x640
[ 1339.558036][T21999]  _copy_from_user+0x2e/0xd0
[ 1339.558048][T21999]  copy_msghdr_from_user+0x98/0x160
[ 1339.558067][T21999]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1339.558087][T21999]  ? __pfx__kstrtoull+0x10/0x10
[ 1339.558104][T21999]  ___sys_sendmsg+0xfe/0x1d0
[ 1339.558122][T21999]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1339.558146][T21999]  ? find_held_lock+0x2b/0x80
[ 1339.558170][T21999]  __sys_sendmmsg+0x200/0x420
[ 1339.558188][T21999]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1339.558210][T21999]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1339.558228][T21999]  ? fput+0x70/0xf0
[ 1339.558240][T21999]  ? ksys_write+0x1ac/0x250
[ 1339.558256][T21999]  ? __pfx_ksys_write+0x10/0x10
[ 1339.558275][T21999]  __x64_sys_sendmmsg+0x9c/0x100
[ 1339.558285][T21999]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1339.558302][T21999]  do_syscall_64+0xcd/0x4c0
[ 1339.558314][T21999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1339.558326][T21999] RIP: 0033:0x7f0207b8e929
[ 1339.558336][T21999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1339.558347][T21999] RSP: 002b:00007f0208a81038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1339.558359][T21999] RAX: ffffffffffffffda RBX: 00007f0207db6080 RCX: 00007f0207b8e929
[ 1339.558366][T21999] RDX: 0400000000000174 RSI: 0000200000008380 RDI: 0000000000000005
[ 1339.558373][T21999] RBP: 00007f0208a81090 R08: 0000000000000000 R09: 0000000000000000
[ 1339.558380][T21999] R10: 0000000004008890 R11: 0000000000000246 R12: 0000000000000001
[ 1339.558387][T21999] R13: 0000000000000000 R14: 00007f0207db6080 R15: 00007ffdbd8ea5d8
[ 1339.558400][T21999]  </TASK>
[ 1339.560787][   T30] audit: type=1400 audit(1752825185.156:3299): avc:  denied  { connect } for  pid=21993 comm="syz.4.3434" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1341.367230][T22006] netlink: 'syz.3.3435': attribute type 4 has an invalid length.
[ 1341.743561][T22018] FAULT_INJECTION: forcing a failure.
[ 1341.743561][T22018] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1341.758035][   T30] audit: type=1326 audit(1752825187.366:3300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22011 comm="syz.3.3438" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1541f8e929 code=0x0
[ 1341.786690][T22018] CPU: 0 UID: 0 PID: 22018 Comm: syz.0.3439 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1341.786716][T22018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1341.786727][T22018] Call Trace:
[ 1341.786733][T22018]  <TASK>
[ 1341.786740][T22018]  dump_stack_lvl+0x16c/0x1f0
[ 1341.786770][T22018]  should_fail_ex+0x512/0x640
[ 1341.786806][T22018]  _copy_from_user+0x2e/0xd0
[ 1341.786823][T22018]  copy_msghdr_from_user+0x98/0x160
[ 1341.786849][T22018]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1341.786887][T22018]  ___sys_sendmsg+0xfe/0x1d0
[ 1341.786914][T22018]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1341.786938][T22018]  ? __lock_acquire+0x622/0x1c90
[ 1341.786983][T22018]  __sys_sendmsg+0x16d/0x220
[ 1341.787010][T22018]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1341.787050][T22018]  do_syscall_64+0xcd/0x4c0
[ 1341.787069][T22018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1341.787088][T22018] RIP: 0033:0x7f34ad58e929
[ 1341.787102][T22018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1341.787118][T22018] RSP: 002b:00007f34ae4b0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1341.787135][T22018] RAX: ffffffffffffffda RBX: 00007f34ad7b5fa0 RCX: 00007f34ad58e929
[ 1341.787147][T22018] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1341.787158][T22018] RBP: 00007f34ae4b0090 R08: 0000000000000000 R09: 0000000000000000
[ 1341.787169][T22018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1341.787180][T22018] R13: 0000000000000000 R14: 00007f34ad7b5fa0 R15: 00007ffebc0c8d78
[ 1341.787203][T22018]  </TASK>
[ 1342.455295][   T30] audit: type=1400 audit(1752825188.066:3301): avc:  denied  { read } for  pid=22015 comm="syz.4.3440" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1342.483433][   T30] audit: type=1400 audit(1752825188.096:3302): avc:  denied  { open } for  pid=22015 comm="syz.4.3440" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1342.542783][T22027] 9p: Unknown Cache mode or invalid value fscach|
[ 1342.869573][   T30] audit: type=1326 audit(1752825188.426:3303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22035 comm="syz.3.3444" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1541f8e929 code=0x0
[ 1343.053802][   T30] audit: type=1400 audit(1752825188.476:3304): avc:  denied  { create } for  pid=22035 comm="syz.3.3444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1344.398500][   T30] audit: type=1400 audit(1752825188.476:3305): avc:  denied  { write } for  pid=22035 comm="syz.3.3444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1344.523154][T22051] random: crng reseeded on system resumption
[ 1344.578069][T22052] netlink: 'syz.0.3448': attribute type 1 has an invalid length.
[ 1344.593018][T22052] overlay: Unknown parameter 'obj_role'
[ 1345.320338][T11946] kernel write not supported for file /278/loginuid (pid: 11946 comm: kworker/0:1)
[ 1345.332927][   T30] audit: type=1400 audit(1752825190.136:3306): avc:  denied  { append } for  pid=22049 comm="syz.0.3448" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 1345.411554][   T30] audit: type=1400 audit(1752825190.136:3307): avc:  denied  { open } for  pid=22049 comm="syz.0.3448" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 1345.775519][   T30] audit: type=1400 audit(1752825190.986:3308): avc:  denied  { firmware_load } for  pid=992 comm="kworker/u8:5" path="/lib/firmware/regulatory.db.p7s" dev="sda1" ino=449 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[ 1345.905198][   T30] audit: type=1400 audit(1752825191.486:3309): avc:  denied  { create } for  pid=22057 comm="syz.3.3449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1346.023945][   T30] audit: type=1400 audit(1752825191.546:3310): avc:  denied  { connect } for  pid=22061 comm="syz.5.3451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1346.045471][   T30] audit: type=1400 audit(1752825191.546:3311): avc:  denied  { bind } for  pid=22061 comm="syz.5.3451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1346.066560][   T30] audit: type=1400 audit(1752825191.546:3312): avc:  denied  { listen } for  pid=22061 comm="syz.5.3451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1346.074323][ T5846] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 1346.096740][ T5846] CPU: 1 UID: 0 PID: 5846 Comm: kworker/u9:7 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1346.096766][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1346.096780][ T5846] Workqueue: hci1 hci_rx_work
[ 1346.096804][ T5846] Call Trace:
[ 1346.096811][ T5846]  <TASK>
[ 1346.096819][ T5846]  dump_stack_lvl+0x16c/0x1f0
[ 1346.096851][ T5846]  sysfs_warn_dup+0x7f/0xa0
[ 1346.096890][ T5846]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1346.096906][ T5846]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1346.096929][ T5846]  ? find_held_lock+0x2b/0x80
[ 1346.096955][ T5846]  ? do_raw_spin_unlock+0x172/0x230
[ 1346.096975][ T5846]  kobject_add_internal+0x2c4/0x9b0
[ 1346.097007][ T5846]  kobject_add+0x16e/0x240
[ 1346.097025][ T5846]  ? __pfx_kobject_add+0x10/0x10
[ 1346.097044][ T5846]  ? do_raw_spin_unlock+0x172/0x230
[ 1346.097065][ T5846]  ? kobject_put+0xab/0x5a0
[ 1346.097089][ T5846]  device_add+0x288/0x1a70
[ 1346.097110][ T5846]  ? __pfx_dev_set_name+0x10/0x10
[ 1346.097132][ T5846]  ? __pfx_device_add+0x10/0x10
[ 1346.097151][ T5846]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1346.097181][ T5846]  hci_conn_add_sysfs+0x17e/0x230
[ 1346.097201][ T5846]  le_conn_complete_evt+0x1075/0x1d70
[ 1346.097235][ T5846]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1346.097260][ T5846]  ? hci_event_packet+0x459/0x11c0
[ 1346.097291][ T5846]  hci_le_conn_complete_evt+0x23c/0x370
[ 1346.097324][ T5846]  hci_le_meta_evt+0x357/0x5e0
[ 1346.097342][ T5846]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1346.097374][ T5846]  hci_event_packet+0x685/0x11c0
[ 1346.097402][ T5846]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1346.097423][ T5846]  ? __pfx_hci_event_packet+0x10/0x10
[ 1346.097455][ T5846]  ? kcov_remote_start+0x3c9/0x6d0
[ 1346.097476][ T5846]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1346.097511][ T5846]  hci_rx_work+0x2c5/0x16b0
[ 1346.097531][ T5846]  ? rcu_is_watching+0x12/0xc0
[ 1346.097564][ T5846]  process_one_work+0x9cf/0x1b70
[ 1346.097596][ T5846]  ? __pfx_process_one_work+0x10/0x10
[ 1346.097625][ T5846]  ? assign_work+0x1a0/0x250
[ 1346.097647][ T5846]  worker_thread+0x6c8/0xf10
[ 1346.097681][ T5846]  ? __pfx_worker_thread+0x10/0x10
[ 1346.097703][ T5846]  kthread+0x3c5/0x780
[ 1346.097724][ T5846]  ? __pfx_kthread+0x10/0x10
[ 1346.097746][ T5846]  ? rcu_is_watching+0x12/0xc0
[ 1346.097769][ T5846]  ? __pfx_kthread+0x10/0x10
[ 1346.097789][ T5846]  ret_from_fork+0x5d7/0x6f0
[ 1346.097816][ T5846]  ? __pfx_kthread+0x10/0x10
[ 1346.097835][ T5846]  ret_from_fork_asm+0x1a/0x30
[ 1346.097870][ T5846]  </TASK>
[ 1346.097920][ T5846] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1346.362794][ T5846] Bluetooth: hci1: failed to register connection device
[ 1346.871206][   T30] audit: type=1400 audit(1752825191.546:3313): avc:  denied  { write } for  pid=22061 comm="syz.5.3451" path="/dev/vhci" dev="devtmpfs" ino=1268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1346.974624][T22062] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1346.980792][T22062] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1346.992518][   T30] audit: type=1400 audit(1752825191.546:3314): avc:  denied  { read } for  pid=22061 comm="syz.5.3451" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 1347.016380][   T30] audit: type=1400 audit(1752825191.726:3315): avc:  denied  { read write } for  pid=22057 comm="syz.3.3449" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1347.064649][T22062] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1347.072271][T22062] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1347.090021][T22062] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1347.096239][T22062] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1347.128537][T22062] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1347.216279][T22062] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1347.264412][T22062] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1347.267201][T22077] netlink: 'syz.1.3454': attribute type 6 has an invalid length.
[ 1347.358099][T22062] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1347.419855][T22062] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1347.457527][T22062] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1347.520226][T22062] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1348.271684][T22097] netlink: 'syz.1.3460': attribute type 6 has an invalid length.
[ 1348.426128][T22101] netlink: 'syz.5.3458': attribute type 4 has an invalid length.
[ 1349.003420][ T5908] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[ 1349.022373][T17608] Bluetooth: hci4: command 0x0406 tx timeout
[ 1349.141471][T17608] Bluetooth: hci5: command 0x0406 tx timeout
[ 1349.162539][T17608] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1349.169323][T17608] Bluetooth: hci0: command 0x0406 tx timeout
[ 1349.175653][ T5908] usb 1-1: Using ep0 maxpacket: 8
[ 1349.306577][ T5908] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1349.469137][ T5908] usb 1-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[ 1349.481566][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1349.492755][T22111] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3465'.
[ 1349.500175][ T5908] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1349.502002][T22111] netlink: 'syz.4.3465': attribute type 14 has an invalid length.
[ 1349.516261][ T5908] usb 1-1: config 0 descriptor??
[ 1349.525013][ T5908] usb 1-1: bad CDC descriptors
[ 1349.527000][T22111] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1349.538962][T22111] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1349.548518][T22111] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1349.557276][T22111] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1349.567357][T22111] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3465'.
[ 1349.576349][T22111] netlink: 'syz.4.3465': attribute type 14 has an invalid length.
[ 1349.815530][T20119] usb 1-1: USB disconnect, device number 86
[ 1350.349809][   T30] kauditd_printk_skb: 10 callbacks suppressed
[ 1350.349829][   T30] audit: type=1400 audit(1752825195.936:3326): avc:  denied  { ioctl } for  pid=22116 comm="syz.4.3468" path="/dev/rtc0" dev="devtmpfs" ino=921 ioctlcmd=0x7007 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1350.445960][T22130] 9p: Unknown Cache mode or invalid value fscach|
[ 1350.640718][T22136] FAULT_INJECTION: forcing a failure.
[ 1350.640718][T22136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1350.656609][T22136] CPU: 1 UID: 0 PID: 22136 Comm: syz.0.3471 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1350.656634][T22136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1350.656647][T22136] Call Trace:
[ 1350.656654][T22136]  <TASK>
[ 1350.656662][T22136]  dump_stack_lvl+0x16c/0x1f0
[ 1350.656692][T22136]  should_fail_ex+0x512/0x640
[ 1350.656722][T22136]  _copy_from_user+0x2e/0xd0
[ 1350.656739][T22136]  copy_msghdr_from_user+0x98/0x160
[ 1350.656766][T22136]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1350.656800][T22136]  ? __lock_acquire+0x622/0x1c90
[ 1350.656823][T22136]  ___sys_recvmsg+0xdb/0x1a0
[ 1350.656850][T22136]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1350.656879][T22136]  ? find_held_lock+0x2b/0x80
[ 1350.656924][T22136]  do_recvmmsg+0x2fe/0x750
[ 1350.656955][T22136]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1350.656988][T22136]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1350.657014][T22136]  ? __fget_files+0x20e/0x3c0
[ 1350.657039][T22136]  __x64_sys_recvmmsg+0x22a/0x280
[ 1350.657058][T22136]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1350.657085][T22136]  do_syscall_64+0xcd/0x4c0
[ 1350.657104][T22136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1350.657123][T22136] RIP: 0033:0x7f34ad58e929
[ 1350.657139][T22136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1350.657155][T22136] RSP: 002b:00007f34ae48f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1350.657174][T22136] RAX: ffffffffffffffda RBX: 00007f34ad7b6080 RCX: 00007f34ad58e929
[ 1350.657186][T22136] RDX: 0000000000000001 RSI: 0000200000001480 RDI: 0000000000000003
[ 1350.657197][T22136] RBP: 00007f34ae48f090 R08: 0000000000000000 R09: 0000000000000000
[ 1350.657208][T22136] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001
[ 1350.657218][T22136] R13: 0000000000000001 R14: 00007f34ad7b6080 R15: 00007ffebc0c8d78
[ 1350.657242][T22136]  </TASK>
[ 1351.101431][ T5846] Bluetooth: hci4: command 0x0406 tx timeout
[ 1351.171334][ T5846] Bluetooth: hci5: command 0x0406 tx timeout
[ 1351.241164][ T5846] Bluetooth: hci0: command 0x0406 tx timeout
[ 1351.247219][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1351.435629][T22141] capability: warning: `syz.0.3474' uses 32-bit capabilities (legacy support in use)
[ 1351.561307][T17608] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1351.623553][   T30] audit: type=1400 audit(1752825197.196:3327): avc:  denied  { read } for  pid=22139 comm="syz.0.3474" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1351.781186][   T30] audit: type=1400 audit(1752825197.196:3328): avc:  denied  { open } for  pid=22139 comm="syz.0.3474" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1351.863250][   T30] audit: type=1400 audit(1752825197.206:3329): avc:  denied  { bind } for  pid=22139 comm="syz.0.3474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 1352.041294][   T30] audit: type=1400 audit(1752825197.206:3330): avc:  denied  { accept } for  pid=22139 comm="syz.0.3474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 1352.069407][   T30] audit: type=1400 audit(1752825197.206:3331): avc:  denied  { write } for  pid=22139 comm="syz.0.3474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 1352.420607][   T30] audit: type=1400 audit(1752825197.466:3332): avc:  denied  { ioctl } for  pid=22139 comm="syz.0.3474" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1352.528822][   T30] audit: type=1400 audit(1752825197.506:3333): avc:  denied  { append } for  pid=22144 comm="syz.3.3475" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1352.624307][   T30] audit: type=1400 audit(1752825197.536:3334): avc:  denied  { create } for  pid=22144 comm="syz.3.3475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1352.671057][   T30] audit: type=1400 audit(1752825197.536:3335): avc:  denied  { accept } for  pid=22144 comm="syz.3.3475" path=00001F4E0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 1352.781186][T20119] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[ 1353.001086][T20119] usb 2-1: Using ep0 maxpacket: 32
[ 1353.086247][T20119] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1353.659953][T17608] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1353.666587][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1353.721822][T20119] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1353.740609][T20119] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1353.762858][T20119] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1353.773140][T20119] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1353.829326][T20119] usb 2-1: config 0 descriptor??
[ 1354.064589][T22150] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1354.073542][T20119] hub 2-1:0.0: USB hub found
[ 1354.160792][T22165] FAULT_INJECTION: forcing a failure.
[ 1354.160792][T22165] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1354.287104][T22165] CPU: 1 UID: 0 PID: 22165 Comm: syz.0.3481 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1354.287132][T22165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1354.287143][T22165] Call Trace:
[ 1354.287149][T22165]  <TASK>
[ 1354.287156][T22165]  dump_stack_lvl+0x16c/0x1f0
[ 1354.287187][T22165]  should_fail_ex+0x512/0x640
[ 1354.287218][T22165]  _copy_from_user+0x2e/0xd0
[ 1354.287238][T22165]  copy_msghdr_from_user+0x98/0x160
[ 1354.287264][T22165]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1354.287304][T22165]  ___sys_sendmsg+0xfe/0x1d0
[ 1354.287330][T22165]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1354.287353][T22165]  ? __lock_acquire+0x622/0x1c90
[ 1354.287399][T22165]  __sys_sendmsg+0x16d/0x220
[ 1354.287425][T22165]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1354.287464][T22165]  do_syscall_64+0xcd/0x4c0
[ 1354.287482][T22165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1354.287498][T22165] RIP: 0033:0x7f34ad58e929
[ 1354.287512][T22165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1354.287529][T22165] RSP: 002b:00007f34ae4b0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1354.287547][T22165] RAX: ffffffffffffffda RBX: 00007f34ad7b5fa0 RCX: 00007f34ad58e929
[ 1354.287560][T22165] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000004
[ 1354.287571][T22165] RBP: 00007f34ae4b0090 R08: 0000000000000000 R09: 0000000000000000
[ 1354.287582][T22165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1354.287593][T22165] R13: 0000000000000000 R14: 00007f34ad7b5fa0 R15: 00007ffebc0c8d78
[ 1354.287625][T22165]  </TASK>
[ 1354.962832][T22177] 9pnet_fd: Insufficient options for proto=fd
[ 1355.080028][T22179] FAULT_INJECTION: forcing a failure.
[ 1355.080028][T22179] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1355.097967][T22179] CPU: 0 UID: 0 PID: 22179 Comm: syz.0.3486 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1355.097995][T22179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1355.098005][T22179] Call Trace:
[ 1355.098012][T22179]  <TASK>
[ 1355.098019][T22179]  dump_stack_lvl+0x16c/0x1f0
[ 1355.098051][T22179]  should_fail_ex+0x512/0x640
[ 1355.098079][T22179]  _copy_from_user+0x2e/0xd0
[ 1355.098096][T22179]  copy_msghdr_from_user+0x98/0x160
[ 1355.098115][T22179]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1355.098135][T22179]  ? __pfx__kstrtoull+0x10/0x10
[ 1355.098152][T22179]  ___sys_sendmsg+0xfe/0x1d0
[ 1355.098179][T22179]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1355.098215][T22179]  ? find_held_lock+0x2b/0x80
[ 1355.098247][T22179]  __sys_sendmmsg+0x200/0x420
[ 1355.098266][T22179]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1355.098288][T22179]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1355.098308][T22179]  ? fput+0x70/0xf0
[ 1355.098327][T22179]  ? ksys_write+0x1ac/0x250
[ 1355.098350][T22179]  ? __pfx_ksys_write+0x10/0x10
[ 1355.098377][T22179]  __x64_sys_sendmmsg+0x9c/0x100
[ 1355.098390][T22179]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1355.098408][T22179]  do_syscall_64+0xcd/0x4c0
[ 1355.098419][T22179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1355.098431][T22179] RIP: 0033:0x7f34ad58e929
[ 1355.098441][T22179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1355.098457][T22179] RSP: 002b:00007f34ae48f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1355.098475][T22179] RAX: ffffffffffffffda RBX: 00007f34ad7b6080 RCX: 00007f34ad58e929
[ 1355.098486][T22179] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000004
[ 1355.098497][T22179] RBP: 00007f34ae48f090 R08: 0000000000000000 R09: 0000000000000000
[ 1355.098507][T22179] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[ 1355.098517][T22179] R13: 0000000000000000 R14: 00007f34ad7b6080 R15: 00007ffebc0c8d78
[ 1355.098535][T22179]  </TASK>
[ 1355.322244][T22181] syz_tun: entered allmulticast mode
[ 1355.731187][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1356.083594][T22193] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3491'.
[ 1356.111583][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1356.111607][   T30] audit: type=1400 audit(1752825201.726:3341): avc:  denied  { create } for  pid=22190 comm="syz.4.3490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1356.186352][T20119] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[ 1356.222014][   T30] audit: type=1400 audit(1752825201.766:3342): avc:  denied  { write } for  pid=22190 comm="syz.4.3490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1356.235985][T20119] usbhid 2-1:0.0: can't add hid device: -71
[ 1356.255686][T20119] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1356.939471][T22189] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1356.952968][T22189] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 1356.963620][T20119] usb 2-1: USB disconnect, device number 75
[ 1357.300719][   T30] audit: type=1400 audit(1752825202.906:3343): avc:  denied  { unmount } for  pid=19884 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 1357.372902][T22189] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1357.378854][T22189] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1357.980226][T22189] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1358.020473][T22189] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1358.047284][T22189] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1358.071032][T22189] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1358.129926][   T30] audit: type=1400 audit(1752825203.736:3344): avc:  denied  { module_load } for  pid=22208 comm="syz.4.3495" path="/sys/power/wakeup_count" dev="sysfs" ino=1408 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[ 1358.221184][ T5916] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[ 1358.306359][T22189] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1358.329756][T22189] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1358.455804][ T5916] usb 2-1: config 0 has no interfaces?
[ 1359.600213][ T5916] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1359.619529][ T5916] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1359.637916][ T5916] usb 2-1: Product: syz
[ 1359.642539][ T5916] usb 2-1: Manufacturer: syz
[ 1359.647186][ T5916] usb 2-1: SerialNumber: syz
[ 1359.654890][ T5916] usb 2-1: config 0 descriptor??
[ 1359.999829][   T30] audit: type=1326 audit(1752825205.606:3345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22204 comm="syz.1.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69398e929 code=0x7ffc0000
[ 1360.027007][T22206] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1360.077689][   T30] audit: type=1326 audit(1752825205.606:3346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22204 comm="syz.1.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69398e929 code=0x7ffc0000
[ 1360.107301][T22206] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1360.140909][   T30] audit: type=1326 audit(1752825205.636:3347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22204 comm="syz.1.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa69398e929 code=0x7ffc0000
[ 1360.179556][   T30] audit: type=1326 audit(1752825205.636:3348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22204 comm="syz.1.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69398e929 code=0x7ffc0000
[ 1360.208216][   T30] audit: type=1326 audit(1752825205.636:3349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22204 comm="syz.1.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa69398e929 code=0x7ffc0000
[ 1360.233765][   T30] audit: type=1326 audit(1752825205.636:3350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22204 comm="syz.1.3494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7fa69398e929 code=0x7ffc0000
[ 1360.795796][T22259] netlink: 'syz.5.3510': attribute type 4 has an invalid length.
[ 1360.803572][T22259] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3510'.
[ 1360.815283][T22259] : renamed from bond0 (while UP)
[ 1361.247427][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.253856][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.882714][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1361.882730][   T30] audit: type=1326 audit(1752825207.486:3368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22260 comm="syz.3.3511" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1541f8e929 code=0x0
[ 1361.946387][T20119] usb 2-1: USB disconnect, device number 76
[ 1361.978691][T22250] ceph: No mds server is up or the cluster is laggy
[ 1362.216890][   T30] audit: type=1400 audit(1752825207.826:3369): avc:  denied  { read } for  pid=22275 comm="syz.0.3516" name="vhost-net" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1362.403337][   T30] audit: type=1400 audit(1752825207.906:3370): avc:  denied  { open } for  pid=22275 comm="syz.0.3516" path="/dev/vhost-net" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1362.501228][   T30] audit: type=1400 audit(1752825208.066:3371): avc:  denied  { ioctl } for  pid=22275 comm="syz.0.3516" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1363.279148][ T5916] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 1363.511237][ T5916] usb 5-1: config 0 has no interfaces?
[ 1363.519664][ T5916] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1363.554997][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1363.628243][ T5916] usb 5-1: Product: syz
[ 1363.669205][ T5916] usb 5-1: Manufacturer: syz
[ 1363.675324][   T30] audit: type=1400 audit(1752825209.276:3372): avc:  denied  { read } for  pid=22299 comm="syz.3.3524" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1363.681041][ T5916] usb 5-1: SerialNumber: syz
[ 1363.718824][   T30] audit: type=1400 audit(1752825209.316:3373): avc:  denied  { open } for  pid=22299 comm="syz.3.3524" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1363.880667][   T30] audit: type=1400 audit(1752825209.486:3374): avc:  denied  { name_bind } for  pid=22299 comm="syz.3.3524" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1363.938704][ T5916] usb 5-1: config 0 descriptor??
[ 1364.132284][T22313] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3527'.
[ 1364.723203][   T30] audit: type=1400 audit(1752825210.016:3375): avc:  denied  { read } for  pid=22309 comm="syz.5.3526" path="socket:[87960]" dev="sockfs" ino=87960 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1364.781083][T22313] 8021q: VLANs not supported on gre0
[ 1364.807261][T22291] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1364.816507][   T30] audit: type=1326 audit(1752825210.416:3376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22288 comm="syz.4.3521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0207b8e929 code=0x7ffc0000
[ 1364.821359][T22291] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1365.792929][   T30] audit: type=1326 audit(1752825210.416:3377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22288 comm="syz.4.3521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0207b8e929 code=0x7ffc0000
[ 1366.236064][T11946] usb 5-1: USB disconnect, device number 62
[ 1366.901059][   T30] kauditd_printk_skb: 21 callbacks suppressed
[ 1366.901074][   T30] audit: type=1400 audit(1752825212.496:3399): avc:  denied  { write } for  pid=22338 comm="syz.1.3536" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1366.936275][T22335] trusted_key: encrypted_key: insufficient parameters specified
[ 1367.012659][T22341] netlink: 164 bytes leftover after parsing attributes in process `syz.0.3538'.
[ 1367.079286][   T30] audit: type=1400 audit(1752825212.496:3400): avc:  denied  { open } for  pid=22338 comm="syz.1.3536" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1367.156598][   T30] audit: type=1400 audit(1752825212.616:3401): avc:  denied  { nlmsg_read } for  pid=22340 comm="syz.0.3538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1367.231113][   T30] audit: type=1400 audit(1752825212.636:3402): avc:  denied  { ioctl } for  pid=22338 comm="syz.1.3536" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1368.140248][   T30] audit: type=1400 audit(1752825212.666:3403): avc:  denied  { write } for  pid=22338 comm="syz.1.3536" name="dev" dev="proc" ino=4026532978 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[ 1368.481386][   T30] audit: type=1400 audit(1752825213.986:3404): avc:  denied  { mount } for  pid=22346 comm="syz.5.3535" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 1368.514830][   T30] audit: type=1400 audit(1752825213.996:3405): avc:  denied  { create } for  pid=22366 comm="syz.3.3543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 1368.541213][   T30] audit: type=1400 audit(1752825213.996:3406): avc:  denied  { setopt } for  pid=22366 comm="syz.3.3543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 1368.731194][ T5908] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[ 1369.777208][ T5908] usb 4-1: Using ep0 maxpacket: 32
[ 1369.792142][ T5908] usb 4-1: config 14 has an invalid interface number: 137 but max is 3
[ 1369.819022][ T5908] usb 4-1: config 14 has an invalid descriptor of length 0, skipping remainder of the config
[ 1369.852018][ T5908] usb 4-1: config 14 has 2 interfaces, different from the descriptor's value: 4
[ 1369.888692][ T5908] usb 4-1: config 14 has no interface number 1
[ 1369.909241][ T5908] usb 4-1: config 14 interface 0 altsetting 8 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1370.140606][ T5908] usb 4-1: config 14 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1370.304944][ T5908] usb 4-1: config 14 interface 137 has no altsetting 0
[ 1370.321400][ T5908] usb 4-1: config 14 interface 0 has no altsetting 0
[ 1370.374328][ T5908] usb 4-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=2a.8a
[ 1370.386727][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1370.469345][ T5908] usb 4-1: Product: syz
[ 1370.476969][ T5908] usb 4-1: Manufacturer: syz
[ 1370.484723][ T5908] usb 4-1: SerialNumber: syz
[ 1370.641245][T14789] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 1370.692385][   T30] audit: type=1400 audit(1752825216.266:3407): avc:  denied  { setattr } for  pid=22399 comm="syz.1.3551" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1370.834219][   T30] audit: type=1400 audit(1752825216.366:3408): avc:  denied  { ioctl } for  pid=22366 comm="syz.3.3543" path="socket:[88574]" dev="sockfs" ino=88574 ioctlcmd=0x9434 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1370.952858][T14789] usb 5-1: config 1 interface 0 altsetting 7 bulk endpoint 0x82 has invalid maxpacket 64
[ 1370.962986][T14789] usb 5-1: config 1 interface 0 altsetting 7 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1371.017297][T14789] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1371.116290][T14789] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1371.140288][T14789] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1371.170383][T14789] usb 5-1: Product: syz
[ 1371.182735][T14789] usb 5-1: Manufacturer: 〉
[ 1371.196228][T14789] usb 5-1: SerialNumber: syz
[ 1371.219989][T22395] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1371.251216][T22395] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1371.473348][T22395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1371.488167][T22395] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1371.673371][T20119] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[ 1371.702530][T14789] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[ 1371.727806][T14789] usb 5-1: USB disconnect, device number 63
[ 1371.841172][T20119] usb 2-1: device descriptor read/64, error -71
[ 1371.868773][ T5908] ati_remote2 4-1:14.0: ati_remote2_probe(): need 2 interfaces, found 2
[ 1371.910968][ T5908] usb 4-1: USB disconnect, device number 87
[ 1372.212313][T20119] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[ 1372.490915][T22436] netlink: 'syz.3.3562': attribute type 4 has an invalid length.
[ 1372.507504][T20119] usb 2-1: device descriptor read/64, error -71
[ 1372.627845][T20119] usb usb2-port1: attempt power cycle
[ 1373.061141][ T5908] usb 1-1: new high-speed USB device number 87 using dummy_hcd
[ 1373.082872][T20119] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[ 1373.116066][T20119] usb 2-1: device descriptor read/8, error -71
[ 1373.391256][T20119] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[ 1374.042840][T20119] usb 2-1: device descriptor read/8, error -71
[ 1374.142443][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1374.142481][   T30] audit: type=1400 audit(1752825219.736:3414): avc:  denied  { create } for  pid=22443 comm="syz.5.3565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1374.211147][ T5908] usb 1-1: Using ep0 maxpacket: 16
[ 1374.355255][T20119] usb usb2-port1: unable to enumerate USB device
[ 1374.368249][   T30] audit: type=1400 audit(1752825219.746:3415): avc:  denied  { connect } for  pid=22443 comm="syz.5.3565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1374.496485][   T30] audit: type=1400 audit(1752825220.106:3416): avc:  denied  { append } for  pid=22448 comm="syz.3.3567" name="comedi2" dev="devtmpfs" ino=1278 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1374.499063][ T5908] usb 1-1: config index 0 descriptor too short (expected 65, got 36)
[ 1374.534442][ T5908] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1374.851981][ T5908] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1374.895790][ T5908] usb 1-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[ 1374.921425][ T5908] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1374.945178][ T5908] usb 1-1: config 0 descriptor??
[ 1374.955447][ T5908] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input63
[ 1374.986519][   T30] audit: type=1400 audit(1752825220.596:3417): avc:  denied  { read } for  pid=5186 comm="acpid" name="js0" dev="devtmpfs" ino=3797 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1375.052800][ T5908] usb 1-1: USB disconnect, device number 87
[ 1375.169759][   T30] audit: type=1400 audit(1752825220.596:3418): avc:  denied  { open } for  pid=5186 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=3797 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1375.613564][   T30] audit: type=1400 audit(1752825220.596:3419): avc:  denied  { ioctl } for  pid=5186 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=3797 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1377.773066][   T30] audit: type=1400 audit(1752825223.306:3420): avc:  denied  { create } for  pid=22497 comm="syz.0.3582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1377.807612][T22502] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1377.835454][   T30] audit: type=1400 audit(1752825223.306:3421): avc:  denied  { bind } for  pid=22497 comm="syz.0.3582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1377.865009][   T30] audit: type=1400 audit(1752825223.306:3422): avc:  denied  { write } for  pid=22497 comm="syz.0.3582" path="socket:[88902]" dev="sockfs" ino=88902 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1378.921045][   T30] audit: type=1400 audit(1752825224.526:3423): avc:  denied  { append } for  pid=22518 comm="syz.0.3588" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1379.202025][T22529] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[ 1379.211300][T20315] bond0: (slave bond_slave_0): interface is now down
[ 1379.220625][T20315] bond0: (slave bond_slave_1): interface is now down
[ 1379.227496][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1379.227507][   T30] audit: type=1400 audit(1752825224.806:3425): avc:  denied  { create } for  pid=22525 comm="syz.3.3591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1379.277064][  T992] bond0: (slave bond_slave_0): interface is now down
[ 1379.289843][  T992] bond0: (slave bond_slave_1): interface is now down
[ 1379.525787][T22534] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1379.566792][T22534] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[ 1379.809989][  T992] bond0: (slave bond_slave_0): interface is now down
[ 1379.852922][T22536] netlink: 'syz.0.3592': attribute type 5 has an invalid length.
[ 1379.860855][T22536] netlink: 'syz.0.3592': attribute type 1 has an invalid length.
[ 1379.891127][  T992] bond0: (slave bond_slave_1): interface is now down
[ 1379.972213][   T36] bond0: (slave bond_slave_0): interface is now down
[ 1380.001036][   T36] bond0: (slave bond_slave_1): interface is now down
[ 1380.052588][   T36] bond0: now running without any active interface!
[ 1380.598859][   T30] audit: type=1400 audit(1752825226.206:3426): avc:  denied  { bind } for  pid=22516 comm="syz.5.3587" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1380.636006][T22545] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3596'.
[ 1380.647913][T22545] erspan0: entered promiscuous mode
[ 1380.671067][T22545] erspan0: entered allmulticast mode
[ 1380.728075][   T30] audit: type=1400 audit(1752825226.336:3427): avc:  denied  { execute } for  pid=22546 comm="syz.4.3595" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=89549 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1381.167451][   T30] audit: type=1400 audit(1752825226.336:3428): avc:  denied  { create } for  pid=22546 comm="syz.4.3595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1381.326131][   T30] audit: type=1400 audit(1752825226.396:3429): avc:  denied  { create } for  pid=22544 comm="syz.3.3596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1381.436239][T22550] can: request_module (can-proto-0) failed.
[ 1381.696467][   T30] audit: type=1400 audit(1752825227.296:3430): avc:  denied  { bind } for  pid=22556 comm="syz.3.3597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1382.790419][   T30] audit: type=1400 audit(1752825228.396:3431): avc:  denied  { setopt } for  pid=22566 comm="syz.3.3601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1384.045078][   T30] audit: type=1400 audit(1752825229.636:3432): avc:  denied  { create } for  pid=22583 comm="syz.0.3607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[ 1384.268638][   T30] audit: type=1400 audit(1752825229.696:3433): avc:  denied  { sys_admin } for  pid=22583 comm="syz.0.3607" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[ 1384.347000][   T30] audit: type=1400 audit(1752825229.956:3434): avc:  denied  { mount } for  pid=22587 comm="syz.3.3609" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[ 1384.403275][   T30] audit: type=1400 audit(1752825230.016:3435): avc:  denied  { unmount } for  pid=20629 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[ 1384.477230][   T30] audit: type=1400 audit(1752825230.086:3436): avc:  denied  { create } for  pid=22591 comm="syz.1.3608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1384.528006][T22597] netlink: 13 bytes leftover after parsing attributes in process `syz.1.3608'.
[ 1385.104343][   T30] audit: type=1400 audit(1752825230.716:3437): avc:  denied  { create } for  pid=22604 comm="syz.4.3612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1385.143381][   T30] audit: type=1400 audit(1752825230.756:3438): avc:  denied  { bind } for  pid=22604 comm="syz.4.3612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1385.167824][   T30] audit: type=1400 audit(1752825230.756:3439): avc:  denied  { connect } for  pid=22604 comm="syz.4.3612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1385.445264][   T30] audit: type=1400 audit(1752825231.046:3440): avc:  denied  { write } for  pid=22608 comm="syz.1.3614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1385.765293][T14789] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 1385.866699][   T30] audit: type=1326 audit(1752825231.476:3441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22618 comm="syz.4.3617" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0207b8e929 code=0x0
[ 1385.993498][T14789] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1386.083869][T14789] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1386.155899][T14789] usb 2-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[ 1386.214061][T14789] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1386.302028][T14789] usb 2-1: Product: syz
[ 1386.331945][T14789] usb 2-1: Manufacturer: syz
[ 1386.355524][T14789] usb 2-1: SerialNumber: syz
[ 1386.411135][T20119] usb 1-1: new low-speed USB device number 88 using dummy_hcd
[ 1386.498513][T14789] usb 2-1: config 0 descriptor??
[ 1386.590505][T14789] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[ 1386.608719][T20119] usb 1-1: device descriptor read/64, error -71
[ 1386.714649][T14789] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1386.785467][T22625] FAULT_INJECTION: forcing a failure.
[ 1386.785467][T22625] name failslab, interval 1, probability 0, space 0, times 0
[ 1386.798521][T22625] CPU: 0 UID: 0 PID: 22625 Comm: syz.4.3619 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1386.798546][T22625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1386.798556][T22625] Call Trace:
[ 1386.798563][T22625]  <TASK>
[ 1386.798570][T22625]  dump_stack_lvl+0x16c/0x1f0
[ 1386.798602][T22625]  should_fail_ex+0x512/0x640
[ 1386.798634][T22625]  ? fs_reclaim_acquire+0xae/0x150
[ 1386.798657][T22625]  ? tomoyo_encode2+0x100/0x3e0
[ 1386.798673][T22625]  should_failslab+0xc2/0x120
[ 1386.798692][T22625]  __kmalloc_noprof+0xd2/0x510
[ 1386.798725][T22625]  tomoyo_encode2+0x100/0x3e0
[ 1386.798745][T22625]  tomoyo_encode+0x29/0x50
[ 1386.798760][T22625]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1386.798781][T22625]  ? tomoyo_profile+0x47/0x60
[ 1386.798803][T22625]  tomoyo_path_number_perm+0x245/0x580
[ 1386.798825][T22625]  ? tomoyo_path_number_perm+0x237/0x580
[ 1386.798852][T22625]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1386.798878][T22625]  ? find_held_lock+0x2b/0x80
[ 1386.798924][T22625]  ? find_held_lock+0x2b/0x80
[ 1386.798946][T22625]  ? hook_file_ioctl_common+0x145/0x410
[ 1386.798972][T22625]  ? __fget_files+0x20e/0x3c0
[ 1386.798994][T22625]  security_file_ioctl+0x9b/0x240
[ 1386.799023][T22625]  __x64_sys_ioctl+0xb7/0x210
[ 1386.799049][T22625]  do_syscall_64+0xcd/0x4c0
[ 1386.799068][T22625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1386.799086][T22625] RIP: 0033:0x7f0207b8e929
[ 1386.799101][T22625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1386.799118][T22625] RSP: 002b:00007f0208aa2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1386.799137][T22625] RAX: ffffffffffffffda RBX: 00007f0207db5fa0 RCX: 00007f0207b8e929
[ 1386.799149][T22625] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1386.799160][T22625] RBP: 00007f0208aa2090 R08: 0000000000000000 R09: 0000000000000000
[ 1386.799172][T22625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1386.799182][T22625] R13: 0000000000000000 R14: 00007f0207db5fa0 R15: 00007ffdbd8ea5d8
[ 1386.799207][T22625]  </TASK>
[ 1386.799223][T22625] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1386.824344][T14789] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 error while loading driver (-23)
[ 1387.082040][T20119] usb 1-1: new low-speed USB device number 89 using dummy_hcd
[ 1387.465754][T20119] usb 1-1: device descriptor read/64, error -71
[ 1387.563323][T22643] FAULT_INJECTION: forcing a failure.
[ 1387.563323][T22643] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1387.564648][T22643] 
[ 1387.564654][T22643] ======================================================
[ 1387.564660][T22643] WARNING: possible circular locking dependency detected
[ 1387.564666][T22643] 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 Not tainted
[ 1387.564674][T22643] ------------------------------------------------------
[ 1387.564679][T22643] syz.4.3624/22643 is trying to acquire lock:
[ 1387.564686][T22643] ffffffff8e4d2380 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x9f/0xd0
[ 1387.564723][T22643] 
[ 1387.564723][T22643] but task is already holding lock:
[ 1387.564727][T22643] ffff8880b843a2d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[ 1387.564758][T22643] 
[ 1387.564758][T22643] which lock already depends on the new lock.
[ 1387.564758][T22643] 
[ 1387.564762][T22643] 
[ 1387.564762][T22643] the existing dependency chain (in reverse order) is:
[ 1387.564767][T22643] 
[ 1387.564767][T22643] -> #4 (&rq->__lock){-.-.}-{2:2}:
[ 1387.564783][T22643]        _raw_spin_lock_nested+0x31/0x40
[ 1387.564804][T22643]        raw_spin_rq_lock_nested+0x29/0x130
[ 1387.564822][T22643]        task_rq_lock+0xcf/0x490
[ 1387.564840][T22643]        cgroup_move_task+0x81/0x2a0
[ 1387.564857][T22643]        css_set_move_task+0x288/0x5f0
[ 1387.564867][T22643]        cgroup_post_fork+0x201/0x9e0
[ 1387.564880][T22643]        copy_process+0x5c82/0x7650
[ 1387.564894][T22643]        kernel_clone+0xfc/0x960
[ 1387.564907][T22643]        user_mode_thread+0xc7/0x110
[ 1387.564920][T22643]        rest_init+0x23/0x2b0
[ 1387.564931][T22643]        start_kernel+0x3ee/0x4d0
[ 1387.564947][T22643]        x86_64_start_reservations+0x18/0x30
[ 1387.564962][T22643]        x86_64_start_kernel+0x130/0x190
[ 1387.564977][T22643]        common_startup_64+0x13e/0x148
[ 1387.564988][T22643] 
[ 1387.564988][T22643] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[ 1387.565001][T22643]        _raw_spin_lock_irqsave+0x3a/0x60
[ 1387.565016][T22643]        try_to_wake_up+0xb2/0x1680
[ 1387.565028][T22643]        __wake_up_common+0x135/0x1f0
[ 1387.565038][T22643]        __wake_up+0x31/0x60
[ 1387.565051][T22643]        tty_port_default_wakeup+0x2a/0x40
[ 1387.565063][T22643]        serial8250_tx_chars+0x68e/0x860
[ 1387.565075][T22643]        serial8250_handle_irq+0x761/0xcb0
[ 1387.565086][T22643]        serial8250_default_handle_irq+0x9a/0x210
[ 1387.565099][T22643]        serial8250_interrupt+0x103/0x210
[ 1387.565112][T22643]        __handle_irq_event_percpu+0x229/0x7d0
[ 1387.565125][T22643]        handle_irq_event+0xab/0x1e0
[ 1387.565137][T22643]        handle_edge_irq+0x28e/0xab0
[ 1387.565149][T22643]        __common_interrupt+0xe2/0x250
[ 1387.565162][T22643]        common_interrupt+0xba/0xe0
[ 1387.565174][T22643]        asm_common_interrupt+0x26/0x40
[ 1387.565184][T22643]        pv_native_safe_halt+0xf/0x20
[ 1387.565199][T22643]        default_idle+0x13/0x20
[ 1387.565209][T22643]        default_idle_call+0x6d/0xb0
[ 1387.565219][T22643]        do_idle+0x391/0x510
[ 1387.565231][T22643]        cpu_startup_entry+0x4f/0x60
[ 1387.565244][T22643]        start_secondary+0x21d/0x2b0
[ 1387.565258][T22643]        common_startup_64+0x13e/0x148
[ 1387.565267][T22643] 
[ 1387.565267][T22643] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[ 1387.565280][T22643]        _raw_spin_lock_irqsave+0x3a/0x60
[ 1387.565294][T22643]        __wake_up+0x1c/0x60
[ 1387.565308][T22643]        tty_port_default_wakeup+0x2a/0x40
[ 1387.565318][T22643]        serial8250_tx_chars+0x68e/0x860
[ 1387.565329][T22643]        serial8250_handle_irq+0x761/0xcb0
[ 1387.565340][T22643]        serial8250_default_handle_irq+0x9a/0x210
[ 1387.565353][T22643]        serial8250_interrupt+0x103/0x210
[ 1387.565369][T22643]        __handle_irq_event_percpu+0x229/0x7d0
[ 1387.565383][T22643]        handle_irq_event+0xab/0x1e0
[ 1387.565395][T22643]        handle_edge_irq+0x28e/0xab0
[ 1387.565406][T22643]        __common_interrupt+0xe2/0x250
[ 1387.565419][T22643]        common_interrupt+0xba/0xe0
[ 1387.565430][T22643]        asm_common_interrupt+0x26/0x40
[ 1387.565439][T22643]        pv_native_safe_halt+0xf/0x20
[ 1387.565454][T22643]        default_idle+0x13/0x20
[ 1387.565464][T22643]        default_idle_call+0x6d/0xb0
[ 1387.565474][T22643]        do_idle+0x391/0x510
[ 1387.565486][T22643]        cpu_startup_entry+0x4f/0x60
[ 1387.565498][T22643]        start_secondary+0x21d/0x2b0
[ 1387.565512][T22643]        common_startup_64+0x13e/0x148
[ 1387.565521][T22643] 
[ 1387.565521][T22643] -> #1 (&port_lock_key){-.-.}-{3:3}:
[ 1387.565535][T22643]        _raw_spin_lock_irqsave+0x3a/0x60
[ 1387.565549][T22643]        serial8250_console_write+0x181/0x1890
[ 1387.565561][T22643]        console_flush_all+0x801/0xc60
[ 1387.565573][T22643]        console_unlock+0xd8/0x210
[ 1387.565585][T22643]        vprintk_emit+0x418/0x6d0
[ 1387.565597][T22643]        _printk+0xc7/0x100
[ 1387.565606][T22643]        register_console+0xc2d/0x11b0
[ 1387.565621][T22643]        univ8250_console_init+0x5f/0x90
[ 1387.565637][T22643]        console_init+0x14f/0x680
[ 1387.565652][T22643]        start_kernel+0x29f/0x4d0
[ 1387.565666][T22643]        x86_64_start_reservations+0x18/0x30
[ 1387.565682][T22643]        x86_64_start_kernel+0x130/0x190
[ 1387.565697][T22643]        common_startup_64+0x13e/0x148
[ 1387.565706][T22643] 
[ 1387.565706][T22643] -> #0 (console_owner){-.-.}-{0:0}:
[ 1387.565719][T22643]        __lock_acquire+0x126f/0x1c90
[ 1387.565729][T22643]        lock_acquire+0x179/0x350
[ 1387.565738][T22643]        console_lock_spinning_enable+0xb0/0xd0
[ 1387.565750][T22643]        console_flush_all+0x7aa/0xc60
[ 1387.565762][T22643]        console_unlock+0xd8/0x210
[ 1387.565774][T22643]        vprintk_emit+0x418/0x6d0
[ 1387.565786][T22643]        _printk+0xc7/0x100
[ 1387.565795][T22643]        should_fail_ex+0x4e7/0x640
[ 1387.565810][T22643]        strncpy_from_user+0x3b/0x2e0
[ 1387.565824][T22643]        strncpy_from_user_nofault+0x7f/0x180
[ 1387.565835][T22643]        bpf_probe_read_user_str+0x26/0x70
[ 1387.565850][T22643]        bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[ 1387.565859][T22643]        bpf_trace_run4+0x249/0x5a0
[ 1387.565869][T22643]        __bpf_trace_sched_switch+0x145/0x190
[ 1387.565882][T22643]        __traceiter_sched_switch+0x6c/0xc0
[ 1387.565893][T22643]        __schedule+0x1bee/0x5de0
[ 1387.565907][T22643]        schedule+0xe7/0x3a0
[ 1387.565920][T22643]        schedule_timeout+0x257/0x290
[ 1387.565932][T22643]        wait_woken+0x197/0x1e0
[ 1387.565943][T22643]        sk_wait_data+0x408/0x510
[ 1387.565953][T22643]        tcp_recvmsg_locked+0x829/0x2880
[ 1387.565968][T22643]        tcp_recvmsg+0x12f/0x680
[ 1387.565982][T22643]        inet_recvmsg+0x12a/0x6a0
[ 1387.565996][T22643]        sock_recvmsg+0x1b2/0x250
[ 1387.566007][T22643]        ____sys_recvmsg+0x218/0x6b0
[ 1387.566018][T22643]        ___sys_recvmsg+0x114/0x1a0
[ 1387.566033][T22643]        __sys_recvmsg+0x16a/0x220
[ 1387.566042][T22643]        do_syscall_64+0xcd/0x4c0
[ 1387.566050][T22643]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1387.566060][T22643] 
[ 1387.566060][T22643] other info that might help us debug this:
[ 1387.566060][T22643] 
[ 1387.566064][T22643] Chain exists of:
[ 1387.566064][T22643]   console_owner --> &p->pi_lock --> &rq->__lock
[ 1387.566064][T22643] 
[ 1387.566078][T22643]  Possible unsafe locking scenario:
[ 1387.566078][T22643] 
[ 1387.566082][T22643]        CPU0                    CPU1
[ 1387.566084][T22643]        ----                    ----
[ 1387.566087][T22643]   lock(&rq->__lock);
[ 1387.566094][T22643]                                lock(&p->pi_lock);
[ 1387.566101][T22643]                                lock(&rq->__lock);
[ 1387.566108][T22643]   lock(console_owner);
[ 1387.566114][T22643] 
[ 1387.566114][T22643]  *** DEADLOCK ***
[ 1387.566114][T22643] 
[ 1387.566117][T22643] 4 locks held by syz.4.3624/22643:
[ 1387.566123][T22643]  #0: ffff8880b843a2d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[ 1387.566150][T22643]  #1: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x1cf/0x5a0
[ 1387.566174][T22643]  #2: ffffffff8e5b27c0 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100
[ 1387.566196][T22643]  #3: ffffffff8e5b2830 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60
[ 1387.566221][T22643] 
[ 1387.566221][T22643] stack backtrace:
[ 1387.566227][T22643] CPU: 0 UID: 0 PID: 22643 Comm: syz.4.3624 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1387.566240][T22643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1387.566247][T22643] Call Trace:
[ 1387.566251][T22643]  <TASK>
[ 1387.566255][T22643]  dump_stack_lvl+0x116/0x1f0
[ 1387.566273][T22643]  print_circular_bug+0x275/0x350
[ 1387.566290][T22643]  check_noncircular+0x14c/0x170
[ 1387.566308][T22643]  __lock_acquire+0x126f/0x1c90
[ 1387.566320][T22643]  lock_acquire+0x179/0x350
[ 1387.566330][T22643]  ? console_lock_spinning_enable+0x9f/0xd0
[ 1387.566344][T22643]  ? console_lock_spinning_enable+0x88/0xd0
[ 1387.566361][T22643]  console_lock_spinning_enable+0xb0/0xd0
[ 1387.566375][T22643]  ? console_lock_spinning_enable+0x9f/0xd0
[ 1387.566388][T22643]  console_flush_all+0x7aa/0xc60
[ 1387.566402][T22643]  ? __pfx_console_flush_all+0x10/0x10
[ 1387.566418][T22643]  ? is_printk_cpu_sync_owner+0x32/0x40
[ 1387.566434][T22643]  console_unlock+0xd8/0x210
[ 1387.566447][T22643]  ? __pfx_console_unlock+0x10/0x10
[ 1387.566460][T22643]  ? do_raw_spin_unlock+0xb0/0x230
[ 1387.566473][T22643]  ? _printk+0xc7/0x100
[ 1387.566482][T22643]  ? __down_trylock_console_sem+0xb0/0x140
[ 1387.566494][T22643]  vprintk_emit+0x418/0x6d0
[ 1387.566508][T22643]  ? __pfx_vprintk_emit+0x10/0x10
[ 1387.566524][T22643]  _printk+0xc7/0x100
[ 1387.566534][T22643]  ? __pfx__printk+0x10/0x10
[ 1387.566545][T22643]  ? __pfx____ratelimit+0x10/0x10
[ 1387.566560][T22643]  ? __lock_acquire+0x622/0x1c90
[ 1387.566571][T22643]  should_fail_ex+0x4e7/0x640
[ 1387.566588][T22643]  strncpy_from_user+0x3b/0x2e0
[ 1387.566602][T22643]  ? lock_acquire+0x179/0x350
[ 1387.566612][T22643]  strncpy_from_user_nofault+0x7f/0x180
[ 1387.566623][T22643]  bpf_probe_read_user_str+0x26/0x70
[ 1387.566640][T22643]  bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[ 1387.566648][T22643]  bpf_trace_run4+0x249/0x5a0
[ 1387.566659][T22643]  ? __pfx_bpf_trace_run4+0x10/0x10
[ 1387.566672][T22643]  ? sched_clock_cpu+0x6c/0x530
[ 1387.566688][T22643]  ? lock_acquire+0x179/0x350
[ 1387.566698][T22643]  __bpf_trace_sched_switch+0x145/0x190
[ 1387.566712][T22643]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[ 1387.566728][T22643]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[ 1387.566743][T22643]  __traceiter_sched_switch+0x6c/0xc0
[ 1387.566755][T22643]  __schedule+0x1bee/0x5de0
[ 1387.566772][T22643]  ? __lock_acquire+0x622/0x1c90
[ 1387.566783][T22643]  ? __pfx___schedule+0x10/0x10
[ 1387.566799][T22643]  ? find_held_lock+0x2b/0x80
[ 1387.566812][T22643]  ? schedule+0x2d7/0x3a0
[ 1387.566828][T22643]  schedule+0xe7/0x3a0
[ 1387.566842][T22643]  schedule_timeout+0x257/0x290
[ 1387.566856][T22643]  ? __pfx_schedule_timeout+0x10/0x10
[ 1387.566871][T22643]  ? find_held_lock+0x2b/0x80
[ 1387.566885][T22643]  ? wait_woken+0x48/0x1e0
[ 1387.566897][T22643]  wait_woken+0x197/0x1e0
[ 1387.566909][T22643]  sk_wait_data+0x408/0x510
[ 1387.566920][T22643]  ? __pfx_sk_wait_data+0x10/0x10
[ 1387.566929][T22643]  ? __lock_acquire+0x622/0x1c90
[ 1387.566939][T22643]  ? __pfx_woken_wake_function+0x10/0x10
[ 1387.566954][T22643]  tcp_recvmsg_locked+0x829/0x2880
[ 1387.566973][T22643]  ? __pfx_tcp_recvmsg_locked+0x10/0x10
[ 1387.566990][T22643]  ? __local_bh_enable_ip+0xa4/0x120
[ 1387.567005][T22643]  tcp_recvmsg+0x12f/0x680
[ 1387.567020][T22643]  ? __pfx_tcp_recvmsg+0x10/0x10
[ 1387.567036][T22643]  ? sock_has_perm+0x259/0x2f0
[ 1387.567053][T22643]  ? __pfx_tcp_recvmsg+0x10/0x10
[ 1387.567069][T22643]  inet_recvmsg+0x12a/0x6a0
[ 1387.567084][T22643]  ? __pfx_inet_recvmsg+0x10/0x10
[ 1387.567101][T22643]  sock_recvmsg+0x1b2/0x250
[ 1387.567113][T22643]  ____sys_recvmsg+0x218/0x6b0
[ 1387.567127][T22643]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1387.567142][T22643]  ? __lock_acquire+0x622/0x1c90
[ 1387.567152][T22643]  ___sys_recvmsg+0x114/0x1a0
[ 1387.567169][T22643]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1387.567191][T22643]  __sys_recvmsg+0x16a/0x220
[ 1387.567201][T22643]  ? __pfx___sys_recvmsg+0x10/0x10
[ 1387.567215][T22643]  do_syscall_64+0xcd/0x4c0
[ 1387.567225][T22643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1387.567236][T22643] RIP: 0033:0x7f0207b8e929
[ 1387.567244][T22643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1387.567255][T22643] RSP: 002b:00007f0208a81038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1387.567265][T22643] RAX: ffffffffffffffda RBX: 00007f0207db6080 RCX: 00007f0207b8e929
[ 1387.567272][T22643] RDX: 0000000000000102 RSI: 0000200000000dc0 RDI: 0000000000000003
[ 1387.567279][T22643] RBP: 00007f0208a81090 R08: 0000000000000000 R09: 0000000000000000
[ 1387.567285][T22643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1387.567292][T22643] R13: 0000000000000001 R14: 00007f0207db6080 R15: 00007ffdbd8ea5d8
[ 1387.567301][T22643]  </TASK>
[ 1388.796480][T22643] CPU: 0 UID: 0 PID: 22643 Comm: syz.4.3624 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[ 1388.796496][T22643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1388.796503][T22643] Call Trace:
[ 1388.796509][T22643]  <TASK>
[ 1388.796514][T22643]  dump_stack_lvl+0x116/0x1f0
[ 1388.796535][T22643]  should_fail_ex+0x512/0x640
[ 1388.796553][T22643]  strncpy_from_user+0x3b/0x2e0
[ 1388.796568][T22643]  ? lock_acquire+0x179/0x350
[ 1388.796580][T22643]  strncpy_from_user_nofault+0x7f/0x180
[ 1388.796592][T22643]  bpf_probe_read_user_str+0x26/0x70
[ 1388.796610][T22643]  bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[ 1388.796619][T22643]  bpf_trace_run4+0x249/0x5a0
[ 1388.796631][T22643]  ? __pfx_bpf_trace_run4+0x10/0x10
[ 1388.796643][T22643]  ? sched_clock_cpu+0x6c/0x530
[ 1388.796660][T22643]  ? lock_acquire+0x179/0x350
[ 1388.796670][T22643]  __bpf_trace_sched_switch+0x145/0x190
[ 1388.796685][T22643]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[ 1388.796701][T22643]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[ 1388.796715][T22643]  __traceiter_sched_switch+0x6c/0xc0
[ 1388.796728][T22643]  __schedule+0x1bee/0x5de0
[ 1388.796747][T22643]  ? __lock_acquire+0x622/0x1c90
[ 1388.796758][T22643]  ? __pfx___schedule+0x10/0x10
[ 1388.796775][T22643]  ? find_held_lock+0x2b/0x80
[ 1388.796788][T22643]  ? schedule+0x2d7/0x3a0
[ 1388.796803][T22643]  schedule+0xe7/0x3a0
[ 1388.796818][T22643]  schedule_timeout+0x257/0x290
[ 1388.796832][T22643]  ? __pfx_schedule_timeout+0x10/0x10
[ 1388.796848][T22643]  ? find_held_lock+0x2b/0x80
[ 1388.796862][T22643]  ? wait_woken+0x48/0x1e0
[ 1388.796874][T22643]  wait_woken+0x197/0x1e0
[ 1388.796886][T22643]  sk_wait_data+0x408/0x510
[ 1388.796898][T22643]  ? __pfx_sk_wait_data+0x10/0x10
[ 1388.796908][T22643]  ? __lock_acquire+0x622/0x1c90
[ 1388.796917][T22643]  ? __pfx_woken_wake_function+0x10/0x10
[ 1388.796933][T22643]  tcp_recvmsg_locked+0x829/0x2880
[ 1388.796952][T22643]  ? __pfx_tcp_recvmsg_locked+0x10/0x10
[ 1388.796969][T22643]  ? __local_bh_enable_ip+0xa4/0x120
[ 1388.796985][T22643]  tcp_recvmsg+0x12f/0x680
[ 1388.797001][T22643]  ? __pfx_tcp_recvmsg+0x10/0x10
[ 1388.797016][T22643]  ? sock_has_perm+0x259/0x2f0
[ 1388.797034][T22643]  ? __pfx_tcp_recvmsg+0x10/0x10
[ 1388.797049][T22643]  inet_recvmsg+0x12a/0x6a0
[ 1388.797065][T22643]  ? __pfx_inet_recvmsg+0x10/0x10
[ 1388.797082][T22643]  sock_recvmsg+0x1b2/0x250
[ 1388.797095][T22643]  ____sys_recvmsg+0x218/0x6b0
[ 1388.797108][T22643]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1388.797124][T22643]  ? __lock_acquire+0x622/0x1c90
[ 1388.797134][T22643]  ___sys_recvmsg+0x114/0x1a0
[ 1388.797152][T22643]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1388.797174][T22643]  __sys_recvmsg+0x16a/0x220
[ 1388.797184][T22643]  ? __pfx___sys_recvmsg+0x10/0x10
[ 1388.797198][T22643]  do_syscall_64+0xcd/0x4c0
[ 1388.797209][T22643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1388.797220][T22643] RIP: 0033:0x7f0207b8e929
[ 1388.797230][T22643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1388.797241][T22643] RSP: 002b:00007f0208a81038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 1388.797252][T22643] RAX: ffffffffffffffda RBX: 00007f0207db6080 RCX: 00007f0207b8e929
[ 1388.797259][T22643] RDX: 0000000000000102 RSI: 0000200000000dc0 RDI: 0000000000000003
[ 1388.797266][T22643] RBP: 00007f0208a81090 R08: 0000000000000000 R09: 0000000000000000
[ 1388.797272][T22643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1388.797279][T22643] R13: 0000000000000001 R14: 00007f0207db6080 R15: 00007ffdbd8ea5d8
[ 1388.797289][T22643]  </TASK>
[ 1388.797475][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1389.149870][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1389.156412][    C1] hrtimer: interrupt took 1592189080 ns
[ 1389.170670][T20119] usb usb1-port1: attempt power cycle
[ 1389.191416][ T5943] usb 2-1: USB disconnect, device number 81
[ 1389.254992][   T30] audit: type=1400 audit(1752825234.846:3442): avc:  denied  { bind } for  pid=22638 comm="syz.3.3623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1