last executing test programs:

17.052330958s ago: executing program 0 (id=1616):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d00000904010102020d0000090582020004000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000bc0)={0x44, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0x20, 0x80, 0x1c, {0x0, 0x9, 0xe49, 0x2, 0x3, 0x3865, 0x4, 0xc, 0x1, 0x0, 0x4, 0x81}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

16.939420369s ago: executing program 1 (id=1617):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000440))
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, &(0x7f0000000400)=0x2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f0000000480)={0x1d, r2}, 0x10)
close(r1)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000190c0)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000019080)='./file0\x00', 0x0, 0x23010, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cgroup.stat\x00', 0x275a, 0x0)
statx(r3, 0x0, 0x48e0cdf8471afff4, 0x54663aafb2d54055, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_clone3(&(0x7f0000000140)={0x80, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r6, &(0x7f0000000080)="b3019c28", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
recvmmsg(r6, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x10162, 0x0)

16.249618922s ago: executing program 1 (id=1619):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r0, 0x0)
r1 = open_tree(0xffffffffffffffff, 0x0, 0x88000)
getdents(r1, &(0x7f0000000300)=""/4096, 0x1000)
syz_open_dev$swradio(0x0, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
timer_create(0x1, 0x0, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

11.42690136s ago: executing program 0 (id=1631):
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'/28], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800009600000000000000000000080000000000c3281cce2feca949f7e6d55100844bf316795bf6944d2e78ed1e53df41bd3e8de5fa7bba18df4b3ec8bfee7d944f9528583d115ab8946c6f3f32cc53e3a55863297740b5eda69a7e5788f3c888af5a5037c252cf1f82f02e3492d91116a5fa2306a150b2cf4866298646c797bcebdb73703fcb80cfa7a7e6d66a4a7a1204563c6a05016b373a8c3fc3d0938ac8149d67337d2857ec86b215fa774d5c59971dbf6d3ac84cfe9a261cb37dfe9058d0730693ef95ecf9000da852861cecafcc26055a593f287d82fd79e635f4a46dc03bb0b7ddd7f6ff563c00b8c29e711c958731eb46adaa31bbc20899803bfa391cb63076e0350a79c6b9de62c6d1", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
capset(0x0, 0x0)

11.355308964s ago: executing program 1 (id=1632):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d00000904010102020d0000090582020004000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000bc0)={0x44, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0x20, 0x80, 0x1c, {0x0, 0x9, 0xe49, 0x2, 0x3, 0x3865, 0x4, 0xc, 0x1, 0x0, 0x4, 0x81}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

9.886516291s ago: executing program 2 (id=1636):
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000100)={0xf0f005, 0x2})
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x6}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xb, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_load={'load ', 'ecryptfs', 0x20, 'user:', 'trusted:', 0x20, 0x40}, 0x32, 0xfffffffffffffffc)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0x20002078)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x14, r6, 0xe7d02281b1d40d47, 0x0, 0xfffffffe, {0x81}}, 0x14}}, 0x0)

8.871136731s ago: executing program 2 (id=1639):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x5)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x88402)
r3 = socket(0x2000000000000021, 0x2, 0x2)
getpeername$packet(r3, 0x0, &(0x7f0000000680))

7.70710101s ago: executing program 1 (id=1640):
syz_open_dev$vim2m(&(0x7f0000000340), 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r3, 0x0)
ftruncate(r3, 0x72a)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0xffffffffffffffff, r0, 0x1, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="1e", 0x1}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r4)
shutdown(r4, 0x1)
r5 = syz_open_dev$MSR(&(0x7f0000000000), 0x1de9, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102379, 0x1903b)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

7.690121305s ago: executing program 2 (id=1641):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d00000904010102020d0000090582020004000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000bc0)={0x44, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0x20, 0x80, 0x1c, {0x0, 0x9, 0xe49, 0x2, 0x3, 0x3865, 0x4, 0xc, 0x1, 0x0, 0x4, 0x81}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

6.686491002s ago: executing program 1 (id=1644):
syz_usb_connect(0x17aff7a88c855ce9, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102376, 0x18fe8)
r1 = syz_io_uring_setup(0x10e, &(0x7f0000000200)={0x0, 0x3, 0x700, 0x0, 0x40000000}, &(0x7f0000000280)=<r2=>0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x28, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, 0xffffffffffffffff}}]}, 0x60}, 0x1, 0x0, 0x0, 0x30004020}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, 0x0, 0x0, 0x4)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5}}, './file0\x00'})
r6 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x4000)
fcntl$addseals(r6, 0x409, 0x7)
r7 = ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f0000000100)={r6, 0x0, 0x0, 0x1000000})
syz_io_uring_submit(r2, 0x0, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r7, 0x0, 0x0, 0x0, {0x414}, 0x1})
io_uring_enter(r1, 0x3f72, 0x74f1, 0x0, 0x0, 0x39)
add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000002c0)=""/4095}, 0x20)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d8, 0x170, 0x150, 0x150, 0x170, 0x0, 0x260, 0x238, 0x206, 0x260, 0x238, 0x7fffffe, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1_to_team\x00', 'xfrm0\x00', {}, {}, 0x6}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@inet=@ecn={{0x28}, {0x11}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x338)
socket$nl_netfilter(0x10, 0x3, 0xc)

6.142735633s ago: executing program 0 (id=1645):
memfd_secret(0x80000)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r0=>0x0, 0x0})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
add_key(0x0, &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
syz_open_dev$dri(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44804)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000400)={0x1, 0x0, 0x16, 0x0, 0xe54}, 0xc)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40004)
sendmsg$NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x14, r3, 0x101, 0x70bd2c, 0x25dfdbfe, {}, ["", "", "", "", "", "", "", ""]}, 0x14}}, 0x8000)
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x4b, 0x41, 0x46, 0x8, 0x1660, 0x932, 0x80ea, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x5, 0x10, 0xf}}]}}]}}, 0x0)
r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r5, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40})
ioctl$I2C_RDWR(r4, 0x707, &(0x7f0000000040)={&(0x7f0000001800)=[{0x8, 0x2800, 0x4f, &(0x7f0000000180)="6a76c1b175920a71f6191f9737343e385b6d1ff480e12dd63c7ed3fa0f835bcc00bab83ec0ba50c32ab216d8fe44aa662fb97e72db483d1e5e62d03cb5ec22a28b6d388c5d70e05a8c58c38ab960e0"}, {0xfff3, 0x24f972aeb8675bb2, 0x0, 0x0}], 0x2})

6.054340505s ago: executing program 4 (id=1646):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x5)
r3 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x88402)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85512, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x800, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc]})

5.021575438s ago: executing program 4 (id=1647):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYRES32=r0], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b800000019000100000000f7ffffff00e0000002"], 0xb8}}, 0x4004)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x11}, 0x80)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00', @ANYBLOB="010000000000000000004400000008000300", @ANYRES32], 0x4c}}, 0x4000804)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412b", 0xf}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

4.836913906s ago: executing program 2 (id=1648):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004"], 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000240)={@ifindex, 0xffffffffffffffff, 0x2f, 0x2032, 0xffffffffffffffff, @void, @void, @value}, 0x20)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xb8}, 0x1, 0x0, 0x0, 0x4000881}, 0x4001841)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x11}, 0x80)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c0002800500010000000900240002"], 0xa8}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

4.786905003s ago: executing program 4 (id=1649):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x82)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1, {0x7, 0x27, 0x1, 0x801001a, 0x66d, 0x0, 0x0, 0x400, 0x0, 0x0, 0x40, 0x9}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783f13cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db234687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a5aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e500", 0x2000, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x90, 0x0, 0x0, {0x6, 0x0, 0x0, 0x100000000, 0xf, 0x0, {0x0, 0xf}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
rename(&(0x7f0000000280)='./file0/../file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00')

4.718759674s ago: executing program 2 (id=1650):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000000)="120000001200e7ef007b00000000000000a1", 0x12, 0x20000098, 0x0, 0x1)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_ERSPAN_DIR={0x5}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x48}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x3a})
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)={0x2, 0x3, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev}}, @sadb_sa={0x2}]}, 0x38}, 0x1, 0x7}, 0x0)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
ioperm(0x0, 0x8, 0x8000000000004)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(0x0, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300002095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='percpu_alloc_percpu\x00', r5}, 0x10)
syz_io_uring_setup(0x3665, &(0x7f0000000100)={0x0, 0x0, 0x2, 0xfe, 0xfffffffd}, 0x0, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, 0x0, 0x0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x1)

4.655049459s ago: executing program 3 (id=1651):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x5)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x88402)
r3 = socket(0x2000000000000021, 0x2, 0x2)
getpeername$packet(r3, 0x0, &(0x7f0000000680))

4.317804737s ago: executing program 4 (id=1652):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$nci(r0, &(0x7f0000000100)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x3, {0x1, 0x10, 0x2, 0x4}}, 0x7)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x2, 0x8007, 0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}, 0xd8)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040e04000f08"], 0x7)
socket$nl_route(0x10, 0x3, 0x0)

4.152547203s ago: executing program 1 (id=1653):
r0 = io_uring_setup(0x2471, &(0x7f0000000280)={0x0, 0x4170, 0x1000, 0x0, 0x2e6})
io_uring_setup(0x2a5a, &(0x7f0000000600)={0x0, 0x52c4, 0x4000, 0xffffffff, 0x51})
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000080)={0x980914, 0xffffff7c})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000040))
msgrcv(0x0, 0x0, 0x0, 0x3, 0x3000)
sendfile(r0, 0xffffffffffffffff, 0x0, 0xb)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x28, 0x3, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_UNACK={0x8, 0xb, 0x1, 0x0, 0x4}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x28}}, 0x0)

3.458708691s ago: executing program 4 (id=1654):
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000d40)={0x48, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x44, &(0x7f0000000100)="0000000000000000000051229dc9", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r6, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
syz_80211_inject_frame(0x0, &(0x7f0000000340)=@mgmt_frame=@reassoc_resp={{{0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, {0x1}, @broadcast, @device_b, @from_mac=@broadcast, {0x9, 0x3}}, 0x8, 0x22, @random, @void, @void, [{0xdd, 0x60, "d0be83cafbae48cfc332213ea70d3158464bc9b59e441ce1fdf4c80ada0ed04002597917345a8d5a63aa5f9b80539c4542b63d1a1d0581bd276dd75c7c6f40036c2c7048fd2c452b276c65b9a17e9247cef3e870e12f3808fcd3e604cfe25043"}]}, 0x80)
r7 = syz_init_net_socket$ax25(0x3, 0x2, 0xcd)
setsockopt$ax25_SO_BINDTODEVICE(r7, 0x101, 0x19, &(0x7f0000000040)=@bpq0, 0x10)
r8 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
pread64(r8, &(0x7f0000000140)=""/15, 0xf, 0x4)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731f"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r9, r10, 0x4, 0x0, @void}, 0x10)

3.361409673s ago: executing program 3 (id=1655):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000000)="120000001200e7ef007b00000000000000a1", 0x12, 0x20000098, 0x0, 0x1)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_ERSPAN_DIR={0x5}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x48}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x3a})
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)={0x2, 0x3, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev}}, @sadb_sa={0x2}]}, 0x38}, 0x1, 0x7}, 0x0)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
ioperm(0x0, 0x8, 0x8000000000004)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(0x0, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f0000000040)='timerslack_ns\x00')
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300002095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='percpu_alloc_percpu\x00', r4}, 0x10)
syz_io_uring_setup(0x3665, &(0x7f0000000100)={0x0, 0x0, 0x2, 0xfe, 0xfffffffd}, 0x0, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, 0x0, 0x0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x1)

2.703577713s ago: executing program 0 (id=1656):
syz_open_dev$vim2m(&(0x7f0000000340), 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r3, 0x0)
ftruncate(r3, 0x72a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0xffffffffffffffff, r0, 0x1, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="1e", 0x1}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r4)
shutdown(r4, 0x1)
r5 = syz_open_dev$MSR(&(0x7f0000000000), 0x1de9, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102379, 0x1903b)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)

2.156005176s ago: executing program 2 (id=1657):
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r0=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r0, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(0xffffffffffffffff, 0x3ba0, &(0x7f0000000280)={0x48, 0x12, r1})
r2 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
syz_usb_disconnect(r2)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
syz_emit_vhci(0x0, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={0x0, 0xffffffffffffffff, 0x0, 0x3}}, 0x20)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_S_MODE(r4, 0x40046109, 0x0)
userfaultfd(0x80001)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000340)={0x4, 0xfe})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800"/16], 0x0, 0x96, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000300), 0x6)
r5 = syz_open_dev$video(&(0x7f0000000000), 0x3, 0x1340)
ioctl$VIDIOC_TRY_FMT(r5, 0xc0d05640, 0x0)
clock_settime(0x0, &(0x7f0000000040)={0x77359400})
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x4a243)

2.069009642s ago: executing program 3 (id=1658):
syz_open_dev$vim2m(&(0x7f0000000340), 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r3, 0x0)
ftruncate(r3, 0x72a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0xffffffffffffffff, r0, 0x1, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="1e", 0x1}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r4)
shutdown(r4, 0x1)
r5 = syz_open_dev$MSR(&(0x7f0000000000), 0x1de9, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102379, 0x1903b)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)

1.45204539s ago: executing program 4 (id=1659):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d00000904010102020d0000090582020004000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000bc0)={0x44, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0x20, 0x80, 0x1c, {0x0, 0x9, 0xe49, 0x2, 0x3, 0x3865, 0x4, 0xc, 0x1, 0x0, 0x4, 0x81}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

912.115178ms ago: executing program 0 (id=1660):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004"], 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000240)={@ifindex, 0xffffffffffffffff, 0x2f, 0x2032, 0xffffffffffffffff, @void, @void, @value}, 0x20)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xb8}, 0x1, 0x0, 0x0, 0x4000881}, 0x4001841)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x11}, 0x80)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c0002800500010000000900240002"], 0xa8}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

414.940717ms ago: executing program 0 (id=1661):
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
socket$inet(0x2, 0x1, 0x100)

290.515117ms ago: executing program 3 (id=1662):
gettid()
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newlink={0x30, 0x10, 0x801, 0xfffffffe, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@IFLA_GROUP={0x8}, @IFLA_MTU={0x8, 0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x8010)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
kexec_load(0xff0f, 0x0, &(0x7f0000000480), 0x0)

56.561936ms ago: executing program 3 (id=1663):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x82)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1, {0x7, 0x27, 0x1, 0x801001a, 0x66d, 0x0, 0x0, 0x400, 0x0, 0x0, 0x40, 0x9}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783f13cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db234687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a5aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e500", 0x2000, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x90, 0x0, 0x0, {0x6, 0x0, 0x0, 0x100000000, 0xf, 0x0, {0x0, 0xf}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
rename(&(0x7f0000000280)='./file0/../file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00')

0s ago: executing program 3 (id=1664):
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000140)="fd", 0x1}], 0x1)
r0 = syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x8, 0x4d9, 0xa067, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x20, [{{0x9, 0x4, 0x0, 0x6, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x8}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0xfe, 0x9}}}}}]}}]}}, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000500)={0x401, "d0d42d091d4826d701564a55911d61767a1d5411cae0d9b077305d92ec793e9d"})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
clock_nanosleep(0x1, 0x1, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000003c0)={0x20007f, "a77558bf507b288f8c2c5b27bc88e60012e9a7dae41f369823f04e6eff9e4fe0"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000080)={0x1, "00a138aa9318d5dd70770000e08eb1d10d552900", <r3=>0xffffffffffffffff})
poll(&(0x7f0000000040)=[{r3, 0x10}], 0x1, 0x10001)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x7a, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\a\x00\x00'}]}, 0x18}], 0x1}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$SW_SYNC_IOC_INC(r2, 0x40045701, &(0x7f0000000140)=0x816)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\"\b\x00\x00\x00'], 0x0}, 0x0)

kernel console output (not intermixed with test programs):

][ T5814] libceph: connect (1)[c::]:6789 error -101
[  454.885801][   T10] usb 5-1: selecting invalid altsetting 1
[  454.903301][ T5814] libceph: mon0 (1)[c::]:6789 connect error
[  454.922633][   T10] flexcop_usb: set interface failed.
[  455.014518][   T10] b2c2_flexcop_usb 5-1:0.0: probe with driver b2c2_flexcop_usb failed with error -22
[  455.176508][T10009] ceph: No mds server is up or the cluster is laggy
[  457.491728][T10044] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  457.534542][T10044] team0: Device ipvlan2 is already an upper device of the team interface
[  457.554716][ T5920] usb 5-1: USB disconnect, device number 10
[  458.586504][ T5920] usb 1-1: new low-speed USB device number 13 using dummy_hcd
[  458.782510][T10064] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1208'.
[  458.851603][ T5920] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  458.959442][ T5920] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  458.973821][ T5920] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  459.261456][ T5920] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  459.308014][ T5920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.492855][T10056] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  459.546645][ T5920] hub 1-1:1.0: bad descriptor, ignoring hub
[  459.553099][ T5920] hub 1-1:1.0: probe with driver hub failed with error -5
[  459.628459][ T5920] cdc_wdm 1-1:1.0: skipping garbage
[  459.648694][ T5920] cdc_wdm 1-1:1.0: skipping garbage
[  459.705612][ T5920] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  459.759811][ T5920] cdc_wdm 1-1:1.0: Unknown control protocol
[  461.052817][   T30] audit: type=1400 audit(1748600472.832:409): avc:  denied  { name_connect } for  pid=10101 comm="syz.2.1221" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  461.102546][   T30] audit: type=1400 audit(1748600472.902:410): avc:  denied  { listen } for  pid=10101 comm="syz.2.1221" lport=40581 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  461.192591][   T10] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  461.226039][   T30] audit: type=1400 audit(1748600473.022:411): avc:  denied  { accept } for  pid=10101 comm="syz.2.1221" lport=40581 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  461.246607][    C1] vkms_vblank_simulate: vblank timer overrun
[  461.367467][   T10] usb 4-1: Using ep0 maxpacket: 8
[  461.377827][   T10] usb 4-1: too many configurations: 249, using maximum allowed: 8
[  461.415872][   T10] usb 4-1: New USB device found, idVendor=055f, idProduct=a800, bcdDevice=b3.ff
[  461.502059][T10103] hugetlbfs: syz.2.1221 (10103): Using mlock ulimits for SHM_HUGETLB is obsolete
[  461.549590][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=2
[  461.569853][   T10] usb 4-1: Product: syz
[  461.599843][   T10] usb 4-1: Manufacturer: syz
[  461.618834][   T10] usb 4-1: SerialNumber: syz
[  461.640092][   T10] usb 4-1: config 0 descriptor??
[  461.676746][ T5902] usb 1-1: USB disconnect, device number 13
[  462.165554][   T30] audit: type=1400 audit(1748600473.962:412): avc:  denied  { create } for  pid=10097 comm="syz.3.1220" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  462.192722][   T10] mdc800 4-1:0.0: probe fails -> wrong Number of Configuration
[  462.406145][   T10] usb 4-1: USB disconnect, device number 15
[  463.284075][T10127] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  463.479705][   T30] audit: type=1400 audit(1748600475.282:413): avc:  denied  { bind } for  pid=10142 comm="syz.4.1228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  463.716433][ T5866] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  464.166420][   T30] audit: type=1400 audit(1748600475.852:414): avc:  denied  { ioctl } for  pid=10142 comm="syz.4.1228" path="socket:[27102]" dev="sockfs" ino=27102 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  464.202246][ T5866] usb 3-1: Using ep0 maxpacket: 8
[  464.240281][ T5866] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  464.290184][   T30] audit: type=1400 audit(1748600475.862:415): avc:  denied  { connect } for  pid=10142 comm="syz.4.1228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  464.296191][ T5866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.051441][ T5866] usb 3-1: Product: syz
[  465.068844][ T5866] usb 3-1: Manufacturer: syz
[  465.080427][ T5866] usb 3-1: SerialNumber: syz
[  465.095262][ T5866] usb 3-1: config 0 descriptor??
[  465.136791][ T5866] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  465.181372][ T5866] usb 3-1: setting power ON
[  465.198590][ T5866] dvb-usb: bulk message failed: -22 (2/0)
[  465.327468][T10145] FAULT_INJECTION: forcing a failure.
[  465.327468][T10145] name failslab, interval 1, probability 0, space 0, times 0
[  465.366220][   T30] audit: type=1400 audit(1748600477.162:416): avc:  denied  { read write } for  pid=10164 comm="syz.3.1233" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  465.425354][ T5866] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  465.454430][ T5866] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  465.465223][ T5866] usb 3-1: media controller created
[  465.483091][T10145] CPU: 1 UID: 0 PID: 10145 Comm: syz.2.1227 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  465.483156][T10145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  465.483166][T10145] Call Trace:
[  465.483172][T10145]  <TASK>
[  465.483180][T10145]  dump_stack_lvl+0x16c/0x1f0
[  465.483207][T10145]  should_fail_ex+0x512/0x640
[  465.483231][T10145]  ? fs_reclaim_acquire+0xae/0x150
[  465.483258][T10145]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  465.483282][T10145]  should_failslab+0xc2/0x120
[  465.483303][T10145]  __kmalloc_noprof+0xd2/0x510
[  465.483329][T10145]  tomoyo_realpath_from_path+0xc2/0x6e0
[  465.483355][T10145]  ? tomoyo_profile+0x47/0x60
[  465.483383][T10145]  tomoyo_path_number_perm+0x245/0x580
[  465.483403][T10145]  ? tomoyo_path_number_perm+0x237/0x580
[  465.483426][T10145]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  465.483447][T10145]  ? find_held_lock+0x2b/0x80
[  465.483504][T10145]  ? find_held_lock+0x2b/0x80
[  465.483529][T10145]  ? hook_file_ioctl_common+0x145/0x410
[  465.483564][T10145]  ? __fget_files+0x20e/0x3c0
[  465.483588][T10145]  security_file_ioctl+0x9b/0x240
[  465.483614][T10145]  __x64_sys_ioctl+0xb7/0x210
[  465.483642][T10145]  do_syscall_64+0xcd/0x4c0
[  465.483665][T10145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.483682][T10145] RIP: 0033:0x7fb590b8e969
[  465.483697][T10145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  465.483714][T10145] RSP: 002b:00007fb591965038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  465.483731][T10145] RAX: ffffffffffffffda RBX: 00007fb590db5fa0 RCX: 00007fb590b8e969
[  465.483743][T10145] RDX: 0000200000000040 RSI: 0000000000000707 RDI: 0000000000000004
[  465.483753][T10145] RBP: 00007fb591965090 R08: 0000000000000000 R09: 0000000000000000
[  465.483763][T10145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  465.483772][T10145] R13: 0000000000000000 R14: 00007fb590db5fa0 R15: 00007ffe96174ee8
[  465.483799][T10145]  </TASK>
[  465.483814][T10145] ERROR: Out of memory at tomoyo_realpath_from_path.
[  466.173375][T10167] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  466.493609][   T30] audit: type=1400 audit(1748600477.202:417): avc:  denied  { open } for  pid=10164 comm="syz.3.1233" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  466.517611][   T30] audit: type=1400 audit(1748600478.032:418): avc:  denied  { mount } for  pid=10164 comm="syz.3.1233" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  466.539371][ T5866] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  466.557244][T10145] dvb-usb: bulk message failed: -22 (3/0)
[  466.570668][T10145] cxusb: i2c wr: len=79 is too big!
[  466.570668][T10145] 
[  467.136480][ T5866] usb 3-1: selecting invalid altsetting 6
[  467.142625][ T5866] usb 3-1: digital interface selection failed (-22)
[  467.966491][ T5866] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  468.000596][ T5866] usb 3-1: setting power OFF
[  468.590572][ T5866] dvb-usb: bulk message failed: -22 (2/0)
[  468.597121][ T5866] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  468.608034][ T5866] (NULL device *): no alternate interface
[  468.806194][ T5814] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  468.834949][ T5866] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  469.048906][ T5814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  469.055387][ T5866] usb 3-1: USB disconnect, device number 9
[  469.136054][ T5814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  469.208560][T10218] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  469.468003][ T5814] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  469.508896][ T5814] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.555165][ T5814] usb 2-1: config 0 descriptor??
[  469.756873][T10223] FAULT_INJECTION: forcing a failure.
[  469.756873][T10223] name failslab, interval 1, probability 0, space 0, times 0
[  469.769960][T10223] CPU: 0 UID: 0 PID: 10223 Comm: syz.3.1246 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  469.769977][T10223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.769984][T10223] Call Trace:
[  469.769990][T10223]  <TASK>
[  469.769996][T10223]  dump_stack_lvl+0x16c/0x1f0
[  469.770014][T10223]  should_fail_ex+0x512/0x640
[  469.770032][T10223]  should_failslab+0xc2/0x120
[  469.770048][T10223]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  469.770060][T10223]  ? __alloc_skb+0x2b2/0x380
[  469.770081][T10223]  __alloc_skb+0x2b2/0x380
[  469.770091][T10223]  ? __pfx___alloc_skb+0x10/0x10
[  469.770101][T10223]  ? find_held_lock+0x2b/0x80
[  469.770121][T10223]  ? net_generic+0xea/0x2a0
[  469.770142][T10223]  tipc_buf_acquire+0x26/0xe0
[  469.770158][T10223]  tipc_msg_create+0x39/0x1d0
[  469.770175][T10223]  __tipc_shutdown+0xb9d/0xee0
[  469.770194][T10223]  ? __pfx___tipc_shutdown+0x10/0x10
[  469.770207][T10223]  ? do_raw_spin_lock+0x12c/0x2b0
[  469.770223][T10223]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  469.770238][T10223]  ? __pfx_woken_wake_function+0x10/0x10
[  469.770256][T10223]  ? tipc_sk_filtering+0x420/0x520
[  469.770271][T10223]  tipc_release+0xe2/0x1640
[  469.770285][T10223]  ? down_write+0x14d/0x200
[  469.770298][T10223]  ? __pfx_down_write+0x10/0x10
[  469.770311][T10223]  ? __pfx_locks_remove_file+0x10/0x10
[  469.770330][T10223]  __sock_release+0xb3/0x270
[  469.770344][T10223]  ? __pfx_sock_close+0x10/0x10
[  469.770354][T10223]  sock_close+0x1c/0x30
[  469.770428][T10223]  __fput+0x402/0xb70
[  469.770445][T10223]  fput_close_sync+0x118/0x260
[  469.770460][T10223]  ? __pfx_fput_close_sync+0x10/0x10
[  469.770473][T10223]  ? dnotify_flush+0x79/0x4c0
[  469.770489][T10223]  __x64_sys_close+0x8b/0x120
[  469.770504][T10223]  do_syscall_64+0xcd/0x4c0
[  469.770519][T10223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.770531][T10223] RIP: 0033:0x7fc778b8e969
[  469.770542][T10223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.770553][T10223] RSP: 002b:00007fc77997b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  469.770564][T10223] RAX: ffffffffffffffda RBX: 00007fc778db5fa0 RCX: 00007fc778b8e969
[  469.770571][T10223] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  469.770577][T10223] RBP: 00007fc77997b090 R08: 0000000000000000 R09: 0000000000000000
[  469.770583][T10223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.770589][T10223] R13: 0000000000000000 R14: 00007fc778db5fa0 R15: 00007ffd3ea28b58
[  469.770603][T10223]  </TASK>
[  470.535976][   T30] audit: type=1400 audit(1748600482.292:419): avc:  denied  { write } for  pid=10239 comm="syz.3.1250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  470.692036][T10250] loop6: detected capacity change from 0 to 63
[  470.710852][T10250] buffer_io_error: 10 callbacks suppressed
[  470.710883][T10250] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  470.726966][   T30] audit: type=1400 audit(1748600482.482:420): avc:  denied  { append } for  pid=10243 comm="syz.0.1251" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  470.751785][ T5833] Buffer I/O error on dev loop6, logical block 4, lost async page write
[  470.760645][ T5833] Buffer I/O error on dev loop6, logical block 5, lost async page write
[  470.775243][ T5833] Buffer I/O error on dev loop6, logical block 6, lost async page write
[  470.789281][T10250] Buffer I/O error on dev loop6, logical block 1, lost async page write
[  470.819808][T10250] Buffer I/O error on dev loop6, logical block 2, lost async page write
[  470.852578][T10250] Buffer I/O error on dev loop6, logical block 3, lost async page write
[  470.879980][ T5833] Buffer I/O error on dev loop6, logical block 0, async page read
[  470.921835][ T5833] Buffer I/O error on dev loop6, logical block 0, async page read
[  470.990385][ T5833] Buffer I/O error on dev loop6, logical block 0, async page read
[  472.191500][ T5814] usbhid 2-1:0.0: can't add hid device: -71
[  472.198894][ T5814] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  472.251964][T10275] netlink: 'syz.3.1254': attribute type 1 has an invalid length.
[  472.270429][ T5814] usb 2-1: USB disconnect, device number 14
[  472.286494][T10275] netlink: 232 bytes leftover after parsing attributes in process `syz.3.1254'.
[  472.337958][   T30] audit: type=1326 audit(1748600484.142:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10270 comm="syz.3.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc778b8e969 code=0x7ffc0000
[  472.975351][   T30] audit: type=1326 audit(1748600484.172:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10270 comm="syz.3.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fc778b8e969 code=0x7ffc0000
[  472.992064][T10275] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1254'.
[  473.098957][   T30] audit: type=1326 audit(1748600484.172:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10270 comm="syz.3.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc778b8e969 code=0x7ffc0000
[  473.271921][   T30] audit: type=1326 audit(1748600484.172:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10270 comm="syz.3.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7fc778b8e969 code=0x7ffc0000
[  473.473825][T10291] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1259'.
[  473.482001][  T912] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  473.536945][   T30] audit: type=1326 audit(1748600484.172:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10270 comm="syz.3.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc778b8e969 code=0x7ffc0000
[  473.744915][   T30] audit: type=1326 audit(1748600484.172:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10270 comm="syz.3.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc778b8d2d0 code=0x7ffc0000
[  473.792311][  T912] usb 5-1: Using ep0 maxpacket: 16
[  473.801715][   T30] audit: type=1326 audit(1748600484.182:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10270 comm="syz.3.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc778b8e969 code=0x7ffc0000
[  473.803902][  T912] usb 5-1: config 255 has too many interfaces: 228, using maximum allowed: 32
[  473.840339][   T30] audit: type=1326 audit(1748600484.182:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10270 comm="syz.3.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fc778b8e969 code=0x7ffc0000
[  474.204752][   T30] audit: type=1326 audit(1748600484.182:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10270 comm="syz.3.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc778b8e969 code=0x7ffc0000
[  474.234164][  T912] usb 5-1: config 255 has 1 interface, different from the descriptor's value: 228
[  474.289167][  T912] usb 5-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  474.296237][   T30] audit: type=1326 audit(1748600484.182:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10270 comm="syz.3.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc778b8e969 code=0x7ffc0000
[  474.597508][  T912] usb 5-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0
[  474.607045][  T912] usb 5-1: Manufacturer: syz
[  475.238630][T10287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  475.256621][T10287] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  475.286614][  T912] usbhid 5-1:255.0: can't add hid device: -71
[  475.292855][  T912] usbhid 5-1:255.0: probe with driver usbhid failed with error -71
[  475.401662][T10319] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  475.411733][ T5814] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  475.653688][  T912] usb 5-1: USB disconnect, device number 11
[  475.757071][ T5814] usb 4-1: Using ep0 maxpacket: 8
[  475.766044][ T5814] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  475.778428][ T5814] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.822089][ T5814] usb 4-1: Product: syz
[  475.839876][T10326] loop6: detected capacity change from 0 to 63
[  475.849681][ T5814] usb 4-1: Manufacturer: syz
[  475.888514][ T5814] usb 4-1: SerialNumber: syz
[  475.890040][ T5833] buffer_io_error: 4 callbacks suppressed
[  475.890055][ T5833] Buffer I/O error on dev loop6, logical block 0, async page read
[  475.909433][ T5833] Buffer I/O error on dev loop6, logical block 0, async page read
[  475.919290][ T5833] Buffer I/O error on dev loop6, logical block 0, async page read
[  475.930005][ T5833] Buffer I/O error on dev loop6, logical block 0, async page read
[  475.941837][ T5833] Buffer I/O error on dev loop6, logical block 0, async page read
[  475.953206][ T5833] Buffer I/O error on dev loop6, logical block 0, async page read
[  475.961952][ T5833] Buffer I/O error on dev loop6, logical block 3, async page read
[  475.977981][T10326] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  476.005247][T10326] Buffer I/O error on dev loop6, logical block 1, lost async page write
[  476.042813][T10326] Buffer I/O error on dev loop6, logical block 2, lost async page write
[  476.053209][ T5814] usb 4-1: config 0 descriptor??
[  476.077960][ T5814] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  476.120012][ T5814] usb 4-1: setting power ON
[  476.442742][ T5814] dvb-usb: bulk message failed: -22 (2/0)
[  476.469266][ T5814] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  477.125106][ T5814] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  477.142331][ T5814] usb 4-1: media controller created
[  477.358756][T10310] @: renamed from vlan0 (while UP)
[  477.391792][T10310] dvb-usb: bulk message failed: -22 (3/0)
[  477.399504][T10310] cxusb: i2c wr: len=79 is too big!
[  477.399504][T10310] 
[  477.413541][ T5814] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  477.429347][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  477.429362][   T30] audit: type=1400 audit(1748600489.152:437): avc:  denied  { create } for  pid=10307 comm="syz.3.1264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  477.490742][   T30] audit: type=1400 audit(1748600489.162:438): avc:  denied  { ioctl } for  pid=10307 comm="syz.3.1264" path="socket:[27846]" dev="sockfs" ino=27846 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  477.516766][    C1] vkms_vblank_simulate: vblank timer overrun
[  477.554197][ T5814] usb 4-1: selecting invalid altsetting 6
[  477.603987][ T5814] usb 4-1: digital interface selection failed (-22)
[  477.653746][ T5814] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  477.675103][T10344] 9pnet_fd: Insufficient options for proto=fd
[  477.698704][ T5814] usb 4-1: setting power OFF
[  477.698981][   T30] audit: type=1400 audit(1748600489.492:439): avc:  denied  { bind } for  pid=10343 comm="syz.2.1271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  477.704066][ T5814] dvb-usb: bulk message failed: -22 (2/0)
[  477.738512][T10344] vlan2: entered allmulticast mode
[  477.815008][ T5814] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  477.842353][ T5814] (NULL device *): no alternate interface
[  477.983274][T10356] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1274'.
[  478.203205][ T5814] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  478.270737][ T5814] usb 4-1: USB disconnect, device number 16
[  478.966795][T10370] FAULT_INJECTION: forcing a failure.
[  478.966795][T10370] name failslab, interval 1, probability 0, space 0, times 0
[  479.020910][T10370] CPU: 1 UID: 0 PID: 10370 Comm: syz.1.1277 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  479.020946][T10370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  479.020958][T10370] Call Trace:
[  479.020964][T10370]  <TASK>
[  479.020971][T10370]  dump_stack_lvl+0x16c/0x1f0
[  479.020999][T10370]  should_fail_ex+0x512/0x640
[  479.021023][T10370]  ? fs_reclaim_acquire+0xae/0x150
[  479.021050][T10370]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  479.021078][T10370]  should_failslab+0xc2/0x120
[  479.021100][T10370]  __kmalloc_noprof+0xd2/0x510
[  479.021125][T10370]  tomoyo_realpath_from_path+0xc2/0x6e0
[  479.021151][T10370]  ? tomoyo_profile+0x47/0x60
[  479.021181][T10370]  tomoyo_path_number_perm+0x245/0x580
[  479.021200][T10370]  ? tomoyo_path_number_perm+0x237/0x580
[  479.021223][T10370]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  479.021244][T10370]  ? find_held_lock+0x2b/0x80
[  479.021302][T10370]  ? find_held_lock+0x2b/0x80
[  479.021328][T10370]  ? hook_file_ioctl_common+0x145/0x410
[  479.021360][T10370]  ? __fget_files+0x20e/0x3c0
[  479.021383][T10370]  security_file_ioctl+0x9b/0x240
[  479.021408][T10370]  __x64_sys_ioctl+0xb7/0x210
[  479.021435][T10370]  do_syscall_64+0xcd/0x4c0
[  479.021458][T10370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.021476][T10370] RIP: 0033:0x7fde5398e969
[  479.021491][T10370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.021509][T10370] RSP: 002b:00007fde547c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  479.021528][T10370] RAX: ffffffffffffffda RBX: 00007fde53bb6160 RCX: 00007fde5398e969
[  479.021539][T10370] RDX: 0000200000000080 RSI: 0000000040045612 RDI: 0000000000000003
[  479.021550][T10370] RBP: 00007fde547c7090 R08: 0000000000000000 R09: 0000000000000000
[  479.021560][T10370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  479.021570][T10370] R13: 0000000000000001 R14: 00007fde53bb6160 R15: 00007ffe10f19928
[  479.021594][T10370]  </TASK>
[  479.021602][T10370] ERROR: Out of memory at tomoyo_realpath_from_path.
[  479.257989][T10360] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  479.426971][T10377] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1279'.
[  482.922954][T10426] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  484.038464][T10438] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  485.081863][T10441] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  487.208938][T10473] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  487.222286][T10473] team0: Device ipvlan2 is already an upper device of the team interface
[  487.420003][T10483] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  487.871617][T10490] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  488.466229][ T5867] usb 2-1: new low-speed USB device number 15 using dummy_hcd
[  488.549877][T10496] fuse: Bad value for 'fd'
[  488.626281][T10497] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  488.751457][ T5867] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  488.965200][ T5867] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  488.982954][ T5867] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  489.192784][ T5867] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  489.203409][ T5867] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.217288][T10485] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  489.240899][ T5867] hub 2-1:1.0: bad descriptor, ignoring hub
[  489.613004][ T5867] hub 2-1:1.0: probe with driver hub failed with error -5
[  489.621224][ T5867] cdc_wdm 2-1:1.0: skipping garbage
[  489.626597][ T5867] cdc_wdm 2-1:1.0: skipping garbage
[  489.681797][T10510] FAULT_INJECTION: forcing a failure.
[  489.681797][T10510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  489.802887][ T5867] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  489.816161][ T5867] cdc_wdm 2-1:1.0: Unknown control protocol
[  490.196273][T10510] CPU: 1 UID: 0 PID: 10510 Comm: syz.3.1315 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  490.196304][T10510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  490.196315][T10510] Call Trace:
[  490.196322][T10510]  <TASK>
[  490.196329][T10510]  dump_stack_lvl+0x16c/0x1f0
[  490.196359][T10510]  should_fail_ex+0x512/0x640
[  490.196391][T10510]  _copy_to_user+0x32/0xd0
[  490.196420][T10510]  simple_read_from_buffer+0xcb/0x170
[  490.196453][T10510]  proc_fail_nth_read+0x197/0x270
[  490.196485][T10510]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  490.196516][T10510]  ? rw_verify_area+0xcf/0x680
[  490.196544][T10510]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  490.196573][T10510]  vfs_read+0x1e4/0xc60
[  490.196605][T10510]  ? __pfx___mutex_lock+0x10/0x10
[  490.196626][T10510]  ? __pfx_vfs_read+0x10/0x10
[  490.196663][T10510]  ? __fget_files+0x20e/0x3c0
[  490.196692][T10510]  ksys_read+0x12a/0x250
[  490.196707][T10510]  ? __pfx_ksys_read+0x10/0x10
[  490.196723][T10510]  ? _raw_read_unlock+0x28/0x50
[  490.196739][T10510]  ? ptrace_check_attach+0xa1/0x3f0
[  490.196764][T10510]  do_syscall_64+0xcd/0x4c0
[  490.196787][T10510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.196806][T10510] RIP: 0033:0x7fc778b8d37c
[  490.196822][T10510] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  490.196839][T10510] RSP: 002b:00007fc77997b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  490.196857][T10510] RAX: ffffffffffffffda RBX: 00007fc778db5fa0 RCX: 00007fc778b8d37c
[  490.196870][T10510] RDX: 000000000000000f RSI: 00007fc77997b0a0 RDI: 0000000000000003
[  490.196881][T10510] RBP: 00007fc77997b090 R08: 0000000000000000 R09: 0000000000000000
[  490.196891][T10510] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  490.196902][T10510] R13: 0000000000000000 R14: 00007fc778db5fa0 R15: 00007ffd3ea28b58
[  490.196925][T10510]  </TASK>
[  490.388050][    C1] vkms_vblank_simulate: vblank timer overrun
[  491.134237][T10550] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  491.433490][  T912] usb 2-1: USB disconnect, device number 15
[  492.086205][T10563] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  493.178257][T10580] FAULT_INJECTION: forcing a failure.
[  493.178257][T10580] name failslab, interval 1, probability 0, space 0, times 0
[  493.196318][T10580] CPU: 0 UID: 0 PID: 10580 Comm: syz.4.1325 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  493.196347][T10580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  493.196358][T10580] Call Trace:
[  493.196364][T10580]  <TASK>
[  493.196371][T10580]  dump_stack_lvl+0x16c/0x1f0
[  493.196396][T10580]  should_fail_ex+0x512/0x640
[  493.196418][T10580]  ? __kmalloc_noprof+0xbf/0x510
[  493.196438][T10580]  ? kernfs_fop_write_iter+0x237/0x510
[  493.196461][T10580]  should_failslab+0xc2/0x120
[  493.196481][T10580]  __kmalloc_noprof+0xd2/0x510
[  493.196503][T10580]  kernfs_fop_write_iter+0x237/0x510
[  493.196530][T10580]  vfs_write+0x6c4/0x1150
[  493.196546][T10580]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  493.196573][T10580]  ? __pfx___mutex_lock+0x10/0x10
[  493.196592][T10580]  ? __pfx_vfs_write+0x10/0x10
[  493.196621][T10580]  ksys_write+0x12a/0x250
[  493.196637][T10580]  ? __pfx_ksys_write+0x10/0x10
[  493.196659][T10580]  do_syscall_64+0xcd/0x4c0
[  493.196679][T10580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.196696][T10580] RIP: 0033:0x7fd12e98e969
[  493.196710][T10580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.196726][T10580] RSP: 002b:00007fd12f7c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  493.196743][T10580] RAX: ffffffffffffffda RBX: 00007fd12ebb6080 RCX: 00007fd12e98e969
[  493.196753][T10580] RDX: 0000000000000012 RSI: 0000200000000380 RDI: 000000000000000b
[  493.196763][T10580] RBP: 00007fd12f7c0090 R08: 0000000000000000 R09: 0000000000000000
[  493.196773][T10580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.196782][T10580] R13: 0000000000000000 R14: 00007fd12ebb6080 R15: 00007ffc52767ba8
[  493.196806][T10580]  </TASK>
[  493.202600][T10584] netlink: 'syz.1.1326': attribute type 1 has an invalid length.
[  493.526282][T10584] netlink: 212 bytes leftover after parsing attributes in process `syz.1.1326'.
[  494.047411][T10584] netlink: 'syz.1.1326': attribute type 1 has an invalid length.
[  495.211179][   T30] audit: type=1400 audit(1748600506.972:440): avc:  denied  { mount } for  pid=10603 comm="syz.4.1331" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  495.416262][ T5814] usb 4-1: new low-speed USB device number 17 using dummy_hcd
[  495.446343][ T5866] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  495.639444][ T5866] usb 5-1: Using ep0 maxpacket: 16
[  495.658777][ T5866] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  495.667720][ T5814] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  495.680217][ T5866] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  496.151351][ T5814] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  496.161244][ T5814] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  496.172550][ T5814] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  496.182255][ T5814] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.206570][ T5866] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 65535, setting to 1024
[  496.218388][ T5866] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[  496.221263][T10607] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  496.250764][ T5814] hub 4-1:1.0: bad descriptor, ignoring hub
[  496.288379][ T5866] usb 5-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  496.288946][ T5814] hub 4-1:1.0: probe with driver hub failed with error -5
[  496.305375][ T5902] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  496.316713][ T5866] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.324971][ T5866] usb 5-1: Product: syz
[  496.334859][ T5866] usb 5-1: Manufacturer: syz
[  496.340005][ T5866] usb 5-1: SerialNumber: syz
[  496.340987][ T5814] cdc_wdm 4-1:1.0: skipping garbage
[  496.351813][ T5866] usb 5-1: config 0 descriptor??
[  496.356491][ T5814] cdc_wdm 4-1:1.0: skipping garbage
[  496.419428][ T5814] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  496.426894][ T5814] cdc_wdm 4-1:1.0: Unknown control protocol
[  496.437894][T10604] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  496.577486][ T5902] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  496.590051][ T5902] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  496.606584][ T5902] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  496.612290][ T5866] mcba_usb 5-1:0.0 can0: failed tx_urb -90
[  496.616128][ T5902] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.631286][ T5902] usb 1-1: Product: syz
[  496.635524][ T5902] usb 1-1: Manufacturer: syz
[  496.641143][   T30] audit: type=1400 audit(1748600508.432:441): avc:  denied  { setopt } for  pid=10625 comm="syz.1.1337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  496.661093][ T5902] usb 1-1: SerialNumber: syz
[  496.672798][ T5902] cdc_mbim 1-1:1.0: skipping garbage
[  496.681571][ T5866] mcba_usb 5-1:0.0 can0: Failed to send cmd (169)
[  496.813842][ T5866] mcba_usb 5-1:0.0 can0: failed tx_urb -90
[  496.841771][ T5866] mcba_usb 5-1:0.0 can0: Failed to send cmd (169)
[  496.857270][ T5866] mcba_usb 5-1:0.0: Microchip CAN BUS Analyzer connected
[  496.890871][T10621] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  497.068540][ T5866] usb 5-1: USB disconnect, device number 12
[  497.103920][ T5866] mcba_usb 5-1:0.0 can0: device disconnected
[  497.898121][T10621] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  497.948769][ T5902] cdc_mbim 1-1:1.0: setting tx_max = 184
[  497.956715][ T5902] cdc_mbim 1-1:1.0: cdc-wdm1: USB WDM device
[  497.967700][ T5902] wwan wwan0: port wwan0mbim0 attached
[  498.478866][T10640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.491817][ T5902] cdc_mbim 1-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.0-1, CDC MBIM, 02:2c:db:2a:12:3e
[  498.531013][T10640] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.642237][ T5867] usb 4-1: USB disconnect, device number 17
[  498.688218][T10635] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  498.719367][ T5902] usb 1-1: USB disconnect, device number 14
[  498.729376][ T5902] cdc_mbim 1-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.0-1, CDC MBIM
[  499.612478][ T5902] wwan wwan0: port wwan0mbim0 disconnected
[  500.717212][   T30] audit: type=1400 audit(1748600512.502:442): avc:  denied  { write } for  pid=10663 comm="syz.0.1347" name="sg0" dev="devtmpfs" ino=764 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  501.111937][ T5866] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  501.488364][T10664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  501.517059][T10664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  501.593082][ T5866] usb 1-1: unable to get BOS descriptor or descriptor too short
[  501.624932][ T5866] usb 1-1: unable to read config index 0 descriptor/start: -71
[  501.636863][ T5866] usb 1-1: can't read configurations, error -71
[  501.919080][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  501.925459][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  502.195754][  T912] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  502.223494][T10693] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1357'.
[  502.361797][  T912] usb 5-1: Using ep0 maxpacket: 16
[  502.458998][  T912] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  502.486066][  T912] usb 5-1: config 0 has no interface number 0
[  502.534522][  T912] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  502.550108][  T912] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  502.672389][  T912] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  502.682046][  T912] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  502.690762][  T912] usb 5-1: Product: syz
[  502.695124][  T912] usb 5-1: SerialNumber: syz
[  502.703783][  T912] usb 5-1: config 0 descriptor??
[  502.715395][  T912] cm109 5-1:0.8: invalid payload size 0, expected 4
[  502.730163][  T912] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input7
[  502.941846][T10678] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1353'.
[  502.959832][T10678] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  502.968873][T10678] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  503.002393][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  503.012018][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  503.019395][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  503.026525][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  503.033648][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  503.040691][  T912] usb 5-1: USB disconnect, device number 13
[  503.046804][    C1] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  503.046823][    C1] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  503.098289][  T912] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  503.126693][ T5866] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  504.365694][ T5866] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  504.365738][ T5866] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  504.458504][ T5866] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  504.458536][ T5866] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  504.458554][ T5866] usb 1-1: Product: syz
[  504.458566][ T5866] usb 1-1: Manufacturer: syz
[  504.458579][ T5866] usb 1-1: SerialNumber: syz
[  505.657335][ T5866] cdc_mbim 1-1:1.0: skipping garbage
[  505.658337][T10696] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  505.709270][T10718] FAULT_INJECTION: forcing a failure.
[  505.709270][T10718] name failslab, interval 1, probability 0, space 0, times 0
[  505.709322][T10718] CPU: 0 UID: 0 PID: 10718 Comm: syz.4.1366 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  505.709345][T10718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  505.709357][T10718] Call Trace:
[  505.709363][T10718]  <TASK>
[  505.709370][T10718]  dump_stack_lvl+0x16c/0x1f0
[  505.709398][T10718]  should_fail_ex+0x512/0x640
[  505.709423][T10718]  ? fs_reclaim_acquire+0xae/0x150
[  505.709451][T10718]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  505.709476][T10718]  should_failslab+0xc2/0x120
[  505.709497][T10718]  __kmalloc_noprof+0xd2/0x510
[  505.709520][T10718]  tomoyo_realpath_from_path+0xc2/0x6e0
[  505.709546][T10718]  ? tomoyo_profile+0x47/0x60
[  505.709574][T10718]  tomoyo_path_number_perm+0x245/0x580
[  505.709593][T10718]  ? tomoyo_path_number_perm+0x237/0x580
[  505.709616][T10718]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  505.709638][T10718]  ? find_held_lock+0x2b/0x80
[  505.709688][T10718]  ? find_held_lock+0x2b/0x80
[  505.709715][T10718]  ? hook_file_ioctl_common+0x145/0x410
[  505.709747][T10718]  ? __fget_files+0x20e/0x3c0
[  505.709769][T10718]  security_file_ioctl+0x9b/0x240
[  505.709793][T10718]  __x64_sys_ioctl+0xb7/0x210
[  505.709820][T10718]  do_syscall_64+0xcd/0x4c0
[  505.709848][T10718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.709866][T10718] RIP: 0033:0x7fd12e98e969
[  505.709880][T10718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.709898][T10718] RSP: 002b:00007fd12f7e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  505.709919][T10718] RAX: ffffffffffffffda RBX: 00007fd12ebb5fa0 RCX: 00007fd12e98e969
[  505.709930][T10718] RDX: 0000200000000240 RSI: 00000000c0945662 RDI: 0000000000000003
[  505.709941][T10718] RBP: 00007fd12f7e1090 R08: 0000000000000000 R09: 0000000000000000
[  505.709950][T10718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  505.709961][T10718] R13: 0000000000000000 R14: 00007fd12ebb5fa0 R15: 00007ffc52767ba8
[  505.709986][T10718]  </TASK>
[  505.710010][T10718] ERROR: Out of memory at tomoyo_realpath_from_path.
[  506.082266][T10696] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  506.191851][ T5866] cdc_mbim 1-1:1.0: setting tx_max = 184
[  506.217469][ T5866] cdc_mbim 1-1:1.0: cdc-wdm0: USB WDM device
[  506.219673][ T5866] wwan wwan0: port wwan0mbim0 attached
[  506.234465][ T5866] cdc_mbim 1-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.0-1, CDC MBIM, 7e:4c:21:3f:d8:cc
[  506.327232][T10733] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1371'.
[  506.745591][T10696] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  506.745972][T10696] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  506.761539][ T5814] usb 1-1: USB disconnect, device number 17
[  506.762568][ T5814] cdc_mbim 1-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.0-1, CDC MBIM
[  506.828251][ T5814] wwan wwan0: port wwan0mbim0 disconnected
[  507.427552][ T5814] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  507.515484][T10703] tty tty25: ldisc open failed (-12), clearing slot 24
[  507.619832][ T5814] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  507.651070][T10747] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  507.877691][ T5814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  507.934954][ T5814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  507.975230][ T5814] usb 2-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  507.985165][ T5814] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.001706][ T5814] usb 2-1: Product: syz
[  508.018773][ T5814] usb 2-1: Manufacturer: syz
[  508.032375][ T5814] usb 2-1: SerialNumber: syz
[  508.187793][ T5814] usb 2-1: config 0 descriptor??
[  508.533285][   T30] audit: type=1400 audit(1748600520.322:443): avc:  denied  { nlmsg_read } for  pid=10734 comm="syz.1.1373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  508.674381][T10737] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1373'.
[  508.966173][   T30] audit: type=1400 audit(1748600520.762:444): avc:  denied  { create } for  pid=10762 comm="syz.4.1383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  509.027339][   T30] audit: type=1400 audit(1748600520.762:445): avc:  denied  { getopt } for  pid=10762 comm="syz.4.1383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  510.568235][T10786] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1388'.
[  510.832083][T10789] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  511.606672][ T5920] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  511.854945][T10804] FAULT_INJECTION: forcing a failure.
[  511.854945][T10804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  511.871100][T10804] CPU: 1 UID: 0 PID: 10804 Comm: syz.4.1397 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  511.871129][T10804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  511.871138][T10804] Call Trace:
[  511.871144][T10804]  <TASK>
[  511.871150][T10804]  dump_stack_lvl+0x16c/0x1f0
[  511.871175][T10804]  should_fail_ex+0x512/0x640
[  511.871199][T10804]  _copy_from_user+0x2e/0xd0
[  511.871226][T10804]  copy_msghdr_from_user+0x98/0x160
[  511.871248][T10804]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  511.871277][T10804]  ___sys_sendmsg+0xfe/0x1d0
[  511.871297][T10804]  ? __pfx____sys_sendmsg+0x10/0x10
[  511.871313][T10804]  ? __lock_acquire+0x622/0x1c90
[  511.871366][T10804]  __sys_sendmsg+0x16d/0x220
[  511.871385][T10804]  ? __pfx___sys_sendmsg+0x10/0x10
[  511.871402][T10804]  ? rcu_is_watching+0x12/0xc0
[  511.871428][T10804]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  511.871459][T10804]  do_syscall_64+0xcd/0x4c0
[  511.871480][T10804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.871496][T10804] RIP: 0033:0x7fd12e98e969
[  511.871510][T10804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.871525][T10804] RSP: 002b:00007fd12f7e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  511.871542][T10804] RAX: ffffffffffffffda RBX: 00007fd12ebb5fa0 RCX: 00007fd12e98e969
[  511.871554][T10804] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  511.871564][T10804] RBP: 00007fd12f7e1090 R08: 0000000000000000 R09: 0000000000000000
[  511.871575][T10804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  511.871584][T10804] R13: 0000000000000000 R14: 00007fd12ebb5fa0 R15: 00007ffc52767ba8
[  511.871606][T10804]  </TASK>
[  512.081061][   T30] audit: type=1400 audit(1748600523.852:446): avc:  denied  { read } for  pid=10803 comm="syz.3.1396" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  512.164203][ T5920] usb 1-1: Using ep0 maxpacket: 8
[  512.263015][ T5920] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 106
[  512.293715][ T5920] usb 1-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  512.304944][ T5920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=15
[  512.326450][ T5920] usb 1-1: Product: syz
[  512.330743][ T5920] usb 1-1: Manufacturer: syz
[  512.335366][ T5920] usb 1-1: SerialNumber: syz
[  512.373699][ T5920] usb 1-1: config 0 descriptor??
[  512.597576][   T10] usb 3-1: new low-speed USB device number 10 using dummy_hcd
[  512.758535][   T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  512.880485][T10824] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  513.022232][   T10] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  513.260230][   T10] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  513.282374][T10798] netlink: 'syz.0.1392': attribute type 2 has an invalid length.
[  513.284509][   T10] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  513.313249][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  513.354897][T10798] netlink: 'syz.0.1392': attribute type 2 has an invalid length.
[  513.431173][T10811] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  513.545223][   T10] hub 3-1:1.0: bad descriptor, ignoring hub
[  513.552232][   T10] hub 3-1:1.0: probe with driver hub failed with error -5
[  513.567160][   T10] cdc_wdm 3-1:1.0: skipping garbage
[  513.572581][   T10] cdc_wdm 3-1:1.0: skipping garbage
[  513.605414][   T10] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  513.649555][   T10] cdc_wdm 3-1:1.0: Unknown control protocol
[  513.670974][ T5920] usb 1-1: USB disconnect, device number 18
[  514.333722][T10843] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1410'.
[  515.583019][   T10] usb 3-1: USB disconnect, device number 10
[  515.846509][ T5865] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  516.404161][ T5865] usb 1-1: Using ep0 maxpacket: 8
[  516.417662][ T5865] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  516.435778][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  516.445608][ T5865] usb 1-1: Product: syz
[  516.450136][ T5865] usb 1-1: Manufacturer: syz
[  516.457051][ T5865] usb 1-1: SerialNumber: syz
[  516.467051][ T5865] usb 1-1: config 0 descriptor??
[  516.479993][ T5865] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  516.506047][ T5865] usb 1-1: setting power ON
[  516.512488][ T5865] dvb-usb: bulk message failed: -22 (2/0)
[  516.525892][ T5865] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  516.537487][ T5865] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  516.550790][ T5865] usb 1-1: media controller created
[  516.579900][ T5865] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  516.651431][ T5865] usb 1-1: selecting invalid altsetting 6
[  516.657709][ T5865] usb 1-1: digital interface selection failed (-22)
[  516.664859][ T5865] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  516.686419][ T5865] usb 1-1: setting power OFF
[  516.691328][ T5865] dvb-usb: bulk message failed: -22 (2/0)
[  516.697353][ T5865] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  516.707997][ T5865] (NULL device *): no alternate interface
[  516.748162][T10851] @: renamed from vlan0
[  516.787190][T10870] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  517.185383][ T5865] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  517.859390][ T5865] usb 1-1: USB disconnect, device number 19
[  517.913210][T10871] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  518.945596][T10890] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1422'.
[  519.238763][T10886] mmap: syz.0.1423 (10886): VmData 37597184 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  520.720327][ T5865] usb 1-1: new low-speed USB device number 20 using dummy_hcd
[  520.992960][T10907] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  521.208717][ T5865] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  521.436164][ T5865] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  521.466595][   T24] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  521.537469][ T5865] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  521.564383][ T5865] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  521.573364][T10913] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  521.582036][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  521.583331][T10913] team0: Device ipvlan2 is already an upper device of the team interface
[  521.868685][T10892] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  521.898557][ T5865] hub 1-1:1.0: bad descriptor, ignoring hub
[  521.906868][ T5865] hub 1-1:1.0: probe with driver hub failed with error -5
[  521.936598][   T24] usb 3-1: Using ep0 maxpacket: 8
[  521.936890][ T5865] cdc_wdm 1-1:1.0: skipping garbage
[  521.967783][ T5865] cdc_wdm 1-1:1.0: skipping garbage
[  521.970627][   T24] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  521.978508][ T5865] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  521.989497][ T5865] cdc_wdm 1-1:1.0: Unknown control protocol
[  522.017230][T10919] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  522.131826][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.139977][   T24] usb 3-1: Product: syz
[  522.144175][   T24] usb 3-1: Manufacturer: syz
[  522.152022][   T24] usb 3-1: SerialNumber: syz
[  522.161184][   T24] usb 3-1: config 0 descriptor??
[  523.081611][   T24] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  523.116245][   T24] usb 3-1: setting power ON
[  523.144690][   T24] dvb-usb: bulk message failed: -22 (2/0)
[  523.156431][T10919] team0: Device ipvlan2 is already an upper device of the team interface
[  523.179812][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  523.211459][   T24] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  523.241855][T10932] 9pnet_fd: Insufficient options for proto=fd
[  523.250108][   T24] usb 3-1: media controller created
[  523.270002][   T30] audit: type=1400 audit(1748600535.082:447): avc:  denied  { module_request } for  pid=10928 comm="syz.4.1437" kmod="netdev-syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  523.362911][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  523.414390][   T24] usb 3-1: selecting invalid altsetting 6
[  523.423077][T10943] overlayfs: unescaped trailing colons in lowerdir mount option.
[  523.433509][T10910] @: renamed from vlan0 (while UP)
[  523.461414][   T24] usb 3-1: digital interface selection failed (-22)
[  523.547378][   T24] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  523.563105][   T24] usb 3-1: setting power OFF
[  523.569578][   T24] dvb-usb: bulk message failed: -22 (2/0)
[  523.575737][   T24] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  523.593788][   T24] (NULL device *): no alternate interface
[  523.647955][ T5920] usb 1-1: USB disconnect, device number 20
[  524.017280][T10947] FAULT_INJECTION: forcing a failure.
[  524.017280][T10947] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  524.051717][T10947] CPU: 0 UID: 0 PID: 10947 Comm: syz.0.1440 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  524.051751][T10947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  524.051761][T10947] Call Trace:
[  524.051834][T10947]  <TASK>
[  524.051843][T10947]  dump_stack_lvl+0x16c/0x1f0
[  524.051937][T10947]  should_fail_ex+0x512/0x640
[  524.051965][T10947]  _copy_from_user+0x2e/0xd0
[  524.051991][T10947]  copy_msghdr_from_user+0x98/0x160
[  524.052015][T10947]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  524.052038][T10947]  ? __pfx__kstrtoull+0x10/0x10
[  524.052064][T10947]  ___sys_sendmsg+0xfe/0x1d0
[  524.052088][T10947]  ? __pfx____sys_sendmsg+0x10/0x10
[  524.052122][T10947]  ? find_held_lock+0x2b/0x80
[  524.052171][T10947]  __sys_sendmmsg+0x200/0x420
[  524.052196][T10947]  ? __pfx___sys_sendmmsg+0x10/0x10
[  524.052224][T10947]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  524.052258][T10947]  ? fput+0x70/0xf0
[  524.052283][T10947]  ? ksys_write+0x1ac/0x250
[  524.052301][T10947]  ? __pfx_ksys_write+0x10/0x10
[  524.052324][T10947]  __x64_sys_sendmmsg+0x9c/0x100
[  524.052347][T10947]  ? lockdep_hardirqs_on+0x7c/0x110
[  524.052371][T10947]  do_syscall_64+0xcd/0x4c0
[  524.052398][T10947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.052418][T10947] RIP: 0033:0x7f3605f8e969
[  524.052437][T10947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  524.052457][T10947] RSP: 002b:00007f3606d84038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  524.052479][T10947] RAX: ffffffffffffffda RBX: 00007f36061b5fa0 RCX: 00007f3605f8e969
[  524.052493][T10947] RDX: 0000000000000001 RSI: 0000200000000600 RDI: 0000000000000003
[  524.052507][T10947] RBP: 00007f3606d84090 R08: 0000000000000000 R09: 0000000000000000
[  524.052520][T10947] R10: 0000000000040805 R11: 0000000000000246 R12: 0000000000000001
[  524.052534][T10947] R13: 0000000000000000 R14: 00007f36061b5fa0 R15: 00007ffcb925b928
[  524.052560][T10947]  </TASK>
[  524.372976][   T24] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  524.412443][   T24] usb 3-1: USB disconnect, device number 11
[  524.715648][T10958] FAULT_INJECTION: forcing a failure.
[  524.715648][T10958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  524.732315][T10958] CPU: 0 UID: 0 PID: 10958 Comm: syz.4.1443 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  524.732345][T10958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  524.732354][T10958] Call Trace:
[  524.732360][T10958]  <TASK>
[  524.732367][T10958]  dump_stack_lvl+0x16c/0x1f0
[  524.732394][T10958]  should_fail_ex+0x512/0x640
[  524.732420][T10958]  _copy_from_user+0x2e/0xd0
[  524.732445][T10958]  copy_msghdr_from_user+0x98/0x160
[  524.732468][T10958]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  524.732492][T10958]  ___sys_sendmsg+0xfe/0x1d0
[  524.732507][T10958]  ? __pfx____sys_sendmsg+0x10/0x10
[  524.732521][T10958]  ? __lock_acquire+0x622/0x1c90
[  524.732563][T10958]  __sys_sendmsg+0x16d/0x220
[  524.732579][T10958]  ? __pfx___sys_sendmsg+0x10/0x10
[  524.732609][T10958]  do_syscall_64+0xcd/0x4c0
[  524.732629][T10958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.732646][T10958] RIP: 0033:0x7fd12e98e969
[  524.732661][T10958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  524.732677][T10958] RSP: 002b:00007fd12f7e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  524.732694][T10958] RAX: ffffffffffffffda RBX: 00007fd12ebb5fa0 RCX: 00007fd12e98e969
[  524.732706][T10958] RDX: 0000000024040800 RSI: 0000200000000180 RDI: 0000000000000003
[  524.732716][T10958] RBP: 00007fd12f7e1090 R08: 0000000000000000 R09: 0000000000000000
[  524.732726][T10958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.732735][T10958] R13: 0000000000000000 R14: 00007fd12ebb5fa0 R15: 00007ffc52767ba8
[  524.732755][T10958]  </TASK>
[  525.655939][T10966] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  526.258702][T10980] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1447'.
[  526.386062][T10978] FAULT_INJECTION: forcing a failure.
[  526.386062][T10978] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  526.516272][T10978] CPU: 0 UID: 0 PID: 10978 Comm: syz.1.1449 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  526.516302][T10978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  526.516313][T10978] Call Trace:
[  526.516319][T10978]  <TASK>
[  526.516326][T10978]  dump_stack_lvl+0x16c/0x1f0
[  526.516353][T10978]  should_fail_ex+0x512/0x640
[  526.516383][T10978]  _copy_from_user+0x2e/0xd0
[  526.516411][T10978]  move_addr_to_kernel+0x65/0x170
[  526.516438][T10978]  __sys_sendto+0x1be/0x520
[  526.516458][T10978]  ? __pfx___sys_sendto+0x10/0x10
[  526.516501][T10978]  __x64_sys_sendto+0xe0/0x1c0
[  526.516518][T10978]  ? do_syscall_64+0x91/0x4c0
[  526.516539][T10978]  ? lockdep_hardirqs_on+0x7c/0x110
[  526.516558][T10978]  do_syscall_64+0xcd/0x4c0
[  526.516580][T10978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.516597][T10978] RIP: 0033:0x7fde5398e969
[  526.516613][T10978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  526.516631][T10978] RSP: 002b:00007fde54809038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  526.516649][T10978] RAX: ffffffffffffffda RBX: 00007fde53bb5fa0 RCX: 00007fde5398e969
[  526.516661][T10978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  526.516671][T10978] RBP: 00007fde54809090 R08: 0000200000000000 R09: 0000000000000010
[  526.516682][T10978] R10: 0000000024000001 R11: 0000000000000246 R12: 0000000000000001
[  526.516692][T10978] R13: 0000000000000000 R14: 00007fde53bb5fa0 R15: 00007ffe10f19928
[  526.516715][T10978]  </TASK>
[  528.796344][ T5814] iguanair 2-1:0.0: failed to get version
[  529.009061][ T5814] iguanair 2-1:0.0: probe with driver iguanair failed with error -110
[  529.036661][ T5814] usb 2-1: USB disconnect, device number 16
[  529.336455][T11008] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1454'.
[  529.487943][T11011] overlayfs: unescaped trailing colons in lowerdir mount option.
[  530.655268][T11023] fuse: Bad value for 'fd'
[  531.830700][ T5865] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  532.114901][ T5865] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.223206][ T5865] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  532.250861][ T5865] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.264187][ T5865] usb 3-1: config 0 descriptor??
[  532.273461][ T5865] pwc: Askey VC010 type 2 USB webcam detected.
[  532.445633][T11050] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  532.477751][T11050] veth0_vlan: entered allmulticast mode
[  532.679243][ T5865] pwc: recv_control_msg error -32 req 02 val 2b00
[  532.687728][ T5865] pwc: recv_control_msg error -32 req 02 val 2700
[  532.707723][ T5865] pwc: recv_control_msg error -32 req 02 val 2c00
[  532.720965][ T5865] pwc: recv_control_msg error -32 req 04 val 1000
[  532.728534][ T5865] pwc: recv_control_msg error -32 req 04 val 1300
[  532.735809][ T5865] pwc: recv_control_msg error -32 req 04 val 1400
[  532.744608][T11058] fuse: Bad value for 'fd'
[  532.766200][   T24] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  532.961336][T11055] veth0_vlan: left promiscuous mode
[  532.972310][T11055] veth0_vlan: entered promiscuous mode
[  532.987986][   T24] usb 1-1: New USB device found, idVendor=0471, idProduct=0329, bcdDevice=db.da
[  533.006618][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  533.071701][   T24] usb 1-1: config 0 descriptor??
[  533.162135][ T5865] pwc: recv_control_msg error -71 req 02 val 2100
[  533.169305][ T5865] pwc: recv_control_msg error -71 req 04 val 1500
[  533.176520][ T5865] pwc: recv_control_msg error -71 req 02 val 2500
[  533.189565][ T5865] pwc: recv_control_msg error -71 req 02 val 2400
[  533.199076][   T24] pwc: Philips SPC 900NC USB webcam detected.
[  533.218602][ T5865] pwc: recv_control_msg error -71 req 02 val 2600
[  533.693723][ T5865] pwc: recv_control_msg error -71 req 02 val 2900
[  533.702613][ T5865] pwc: recv_control_msg error -71 req 02 val 2800
[  533.769264][T11052] 9pnet_fd: Insufficient options for proto=fd
[  534.006971][ T5865] pwc: recv_control_msg error -71 req 04 val 1100
[  534.027135][ T5865] pwc: recv_control_msg error -71 req 04 val 1200
[  534.236650][ T5865] pwc: Registered as video103.
[  534.243405][ T5865] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input9
[  534.336847][ T5865] usb 3-1: USB disconnect, device number 12
[  534.343722][   T24] pwc: Failed to set LED on/off time (-71)
[  534.381257][   T30] audit: type=1400 audit(1748600546.172:448): avc:  denied  { setopt } for  pid=11073 comm="syz.1.1474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  534.389545][   T24] pwc: send_video_command error -71
[  534.451093][   T30] audit: type=1400 audit(1748600546.252:449): avc:  denied  { getopt } for  pid=11079 comm="syz.4.1477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  534.456347][   T24] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  534.576506][   T24] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  534.720856][   T24] usb 1-1: USB disconnect, device number 21
[  534.756890][T11084] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  534.796621][ T5814] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  535.409084][T11081] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  535.422965][ T5814] usb 5-1: Using ep0 maxpacket: 32
[  535.508346][ T5814] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  535.568106][ T5814] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  535.612650][ T5814] usb 5-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0
[  535.629145][ T5814] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.644002][ T5814] usb 5-1: Product: syz
[  535.669770][ T5814] usb 5-1: Manufacturer: syz
[  535.688886][ T5814] usb 5-1: SerialNumber: syz
[  535.790320][ T5814] usb 5-1: config 0 descriptor??
[  536.844466][ T5814] qmi_wwan 5-1:0.0: probe with driver qmi_wwan failed with error -22
[  536.865451][ T5814] usb 5-1: USB disconnect, device number 14
[  537.666191][ T5866] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  537.815671][T11112] FAULT_INJECTION: forcing a failure.
[  537.815671][T11112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  537.832011][T11112] CPU: 1 UID: 0 PID: 11112 Comm: syz.4.1487 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  537.832044][T11112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  537.832055][T11112] Call Trace:
[  537.832063][T11112]  <TASK>
[  537.832071][T11112]  dump_stack_lvl+0x16c/0x1f0
[  537.832103][T11112]  should_fail_ex+0x512/0x640
[  537.832142][T11112]  _copy_from_user+0x2e/0xd0
[  537.832169][T11112]  __x64_sys_epoll_ctl+0x131/0x1e0
[  537.832189][T11112]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  537.832214][T11112]  do_syscall_64+0xcd/0x4c0
[  537.832238][T11112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.832258][T11112] RIP: 0033:0x7fd12e98e969
[  537.832273][T11112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  537.832289][T11112] RSP: 002b:00007fd12f7e1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  537.832307][T11112] RAX: ffffffffffffffda RBX: 00007fd12ebb5fa0 RCX: 00007fd12e98e969
[  537.832318][T11112] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[  537.832328][T11112] RBP: 00007fd12f7e1090 R08: 0000000000000000 R09: 0000000000000000
[  537.832338][T11112] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  537.832348][T11112] R13: 0000000000000000 R14: 00007fd12ebb5fa0 R15: 00007ffc52767ba8
[  537.832371][T11112]  </TASK>
[  538.002797][ T5866] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  538.060778][ T5866] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  538.083340][ T5866] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  538.093120][ T5866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  538.103662][ T5866] usb 4-1: Product: syz
[  538.117781][ T5866] usb 4-1: Manufacturer: syz
[  538.122519][ T5866] usb 4-1: SerialNumber: syz
[  538.270693][ T5866] cdc_mbim 4-1:1.0: skipping garbage
[  538.372450][T11103] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  538.642139][ T5865] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  539.322375][ T5865] usb 5-1: Using ep0 maxpacket: 32
[  539.331415][T11128] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  539.567394][ T5866] cdc_mbim 4-1:1.0: bind() failure
[  539.573740][ T5865] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  539.584047][ T5865] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  539.587826][ T5866] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  539.606924][ T5865] usb 5-1: config 0 descriptor??
[  539.624327][ T5865] gspca_main: nw80x-2.14.0 probing 055f:d001
[  539.652581][ T5866] cdc_ncm 4-1:1.1: bind() failure
[  539.670026][ T5866] usb 4-1: USB disconnect, device number 18
[  539.827773][T11117] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  539.847597][T11117] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  539.996660][T11138] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  540.093954][ T5865] gspca_nw80x: reg_r err -32
[  540.106506][ T5865] nw80x 5-1:0.0: probe with driver nw80x failed with error -32
[  540.816288][ T5865] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  540.976380][ T5865] usb 3-1: Using ep0 maxpacket: 8
[  540.999596][ T5865] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  541.019130][ T5865] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.041641][ T5865] usb 3-1: Product: syz
[  541.220547][ T5865] usb 3-1: Manufacturer: syz
[  541.225423][ T5865] usb 3-1: SerialNumber: syz
[  541.234105][ T5865] usb 3-1: config 0 descriptor??
[  541.254340][  T912] usb 5-1: USB disconnect, device number 15
[  542.881225][ T5865] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  542.898263][ T5865] usb 3-1: setting power ON
[  542.902913][ T5865] dvb-usb: bulk message failed: -22 (2/0)
[  542.920675][ T5865] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  542.940030][T11166] FAULT_INJECTION: forcing a failure.
[  542.940030][T11166] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  542.946957][ T5865] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  542.963805][ T5865] usb 3-1: media controller created
[  542.978902][T11166] CPU: 0 UID: 0 PID: 11166 Comm: syz.4.1501 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  542.978927][T11166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  542.978936][T11166] Call Trace:
[  542.978942][T11166]  <TASK>
[  542.978946][T11166]  dump_stack_lvl+0x16c/0x1f0
[  542.978963][T11166]  should_fail_ex+0x512/0x640
[  542.978981][T11166]  _copy_from_user+0x2e/0xd0
[  542.978996][T11166]  io_submit_one+0xbb/0x1df0
[  542.979010][T11166]  ? __lock_acquire+0xb8a/0x1c90
[  542.979026][T11166]  ? __pfx_io_submit_one+0x10/0x10
[  542.979040][T11166]  ? __might_fault+0xe3/0x190
[  542.979050][T11166]  ? __might_fault+0x13b/0x190
[  542.979062][T11166]  ? __x64_sys_io_submit+0x1a9/0x350
[  542.979072][T11166]  __x64_sys_io_submit+0x1a9/0x350
[  542.979084][T11166]  ? __pfx___x64_sys_io_submit+0x10/0x10
[  542.979094][T11166]  ? fput+0x70/0xf0
[  542.979112][T11166]  do_syscall_64+0xcd/0x4c0
[  542.979126][T11166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.979136][T11166] RIP: 0033:0x7fd12e98e969
[  542.979145][T11166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.979156][T11166] RSP: 002b:00007fd12f7bd038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  542.979166][T11166] RAX: ffffffffffffffda RBX: 00007fd12ebb6080 RCX: 00007fd12e98e969
[  542.979172][T11166] RDX: 0000200000000440 RSI: 0000000000000001 RDI: 00007fd12f7be000
[  542.979178][T11166] RBP: 00007fd12f7bd090 R08: 0000000000000000 R09: 0000000000000000
[  542.979184][T11166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  542.979190][T11166] R13: 0000000000000001 R14: 00007fd12ebb6080 R15: 00007ffc52767ba8
[  542.979203][T11166]  </TASK>
[  543.186428][T11169] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  543.194168][T11169] team0: Device ipvlan2 is already an upper device of the team interface
[  543.231338][T11141] dvb-usb: bulk message failed: -22 (3/0)
[  543.237406][T11141] cxusb: i2c wr: len=79 is too big!
[  543.237406][T11141] 
[  543.354302][ T5865] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  543.374504][ T5865] usb 3-1: selecting invalid altsetting 6
[  543.380450][ T5865] usb 3-1: digital interface selection failed (-22)
[  543.387572][ T5865] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  543.406892][ T5865] usb 3-1: setting power OFF
[  543.423094][ T5865] dvb-usb: bulk message failed: -22 (2/0)
[  543.435602][ T5865] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  543.593927][ T5865] (NULL device *): no alternate interface
[  543.776789][ T5865] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  544.303764][ T5865] usb 3-1: USB disconnect, device number 13
[  544.927642][   T30] audit: type=1400 audit(1748600556.702:450): avc:  denied  { write } for  pid=11182 comm="syz.4.1507" path="socket:[30747]" dev="sockfs" ino=30747 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  544.951191][    C0] vkms_vblank_simulate: vblank timer overrun
[  545.210891][T11192] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=11192 comm=syz.2.1510
[  546.673554][T11201] openvswitch: netlink: Duplicate or invalid key (type 0).
[  546.680993][T11201] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  546.771239][T11217] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  546.788073][   T30] audit: type=1400 audit(1748600558.592:451): avc:  denied  { write } for  pid=11219 comm="syz.0.1518" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  546.895387][T11217] team0: Device ipvlan2 is already an upper device of the team interface
[  547.944007][T11236] overlayfs: unescaped trailing colons in lowerdir mount option.
[  548.126631][  T912] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  548.184841][T11237] overlayfs: unescaped trailing colons in lowerdir mount option.
[  548.366280][  T912] usb 3-1: Using ep0 maxpacket: 16
[  548.381409][  T912] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  548.399336][  T912] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 80
[  548.484302][  T912] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[  548.960757][  T912] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  548.980580][  T912] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.046035][  T912] usb 3-1: Product: syz
[  549.082624][  T912] usb 3-1: Manufacturer: 犗㷇杠캙ꀇ㤿ͺ⥘䘑숤ॸ苹ᤎ禭忏뭛ﰧ᭜霭萾Ȭ珕崖䨹≈朔퓍䦤ᅻ鑋䎀瀒ﱟ敪볐㨔礚륎㠐郢刏犲ᐧ౎紞蔁덷⩿
[  549.122733][  T912] usb 3-1: SerialNumber: syz
[  549.529364][  T912] cdc_ncm 3-1:1.0: bind() failure
[  549.538383][  T912] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  549.545681][  T912] cdc_ncm 3-1:1.1: bind() failure
[  549.558336][  T912] usb 3-1: USB disconnect, device number 14
[  550.350438][T11265] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1529'.
[  550.671613][T11268] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  552.339351][ T5865] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  552.777671][ T5865] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  552.809311][ T5865] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  553.298275][ T5865] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  553.308173][ T5865] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  553.323982][ T5865] usb 5-1: Product: syz
[  553.330154][   T30] audit: type=1400 audit(1748600565.132:452): avc:  denied  { read } for  pid=11278 comm="syz.2.1534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  553.376684][ T5865] usb 5-1: Manufacturer: syz
[  553.394439][ T5865] usb 5-1: SerialNumber: syz
[  553.423435][ T5865] cdc_mbim 5-1:1.0: skipping garbage
[  553.888867][T11281] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  554.419642][ T5814] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  554.441214][ T5865] cdc_mbim 5-1:1.0: failed GET_NTB_PARAMETERS
[  554.453127][ T5865] cdc_mbim 5-1:1.0: bind() failure
[  554.473354][ T5865] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  554.506655][ T5865] cdc_ncm 5-1:1.1: bind() failure
[  554.530003][ T5865] usb 5-1: USB disconnect, device number 16
[  554.601738][ T5814] usb 2-1: Using ep0 maxpacket: 8
[  554.913151][ T5814] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  554.922658][ T5814] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.931301][ T5814] usb 2-1: Product: syz
[  554.936307][ T5814] usb 2-1: Manufacturer: syz
[  554.945771][ T5814] usb 2-1: SerialNumber: syz
[  554.969660][ T5814] usb 2-1: config 0 descriptor??
[  555.004309][ T5814] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  555.035395][ T5814] usb 2-1: setting power ON
[  555.040565][ T5814] dvb-usb: bulk message failed: -22 (2/0)
[  555.052124][ T5814] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  555.062759][ T5814] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  555.072776][ T5814] usb 2-1: media controller created
[  555.093553][ T5814] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  555.114077][ T5814] usb 2-1: selecting invalid altsetting 6
[  555.120127][ T5814] usb 2-1: digital interface selection failed (-22)
[  555.127080][ T5814] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  555.147840][ T5814] usb 2-1: setting power OFF
[  555.152544][ T5814] dvb-usb: bulk message failed: -22 (2/0)
[  555.172469][ T5814] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  555.199844][T11293] dvb-usb: bulk message failed: -22 (3/0)
[  555.206105][T11293] cxusb: i2c wr: len=79 is too big!
[  555.206105][T11293] 
[  555.222684][ T5814] (NULL device *): no alternate interface
[  555.253514][ T5814] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  555.277189][ T5867] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  555.335878][ T5814] usb 2-1: USB disconnect, device number 17
[  555.444787][T11319] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  555.476557][ T5867] usb 4-1: Using ep0 maxpacket: 8
[  555.727364][ T5867] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  555.747171][ T5867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.758450][ T5867] usb 4-1: Product: syz
[  555.764638][ T5867] usb 4-1: Manufacturer: syz
[  555.772106][ T5867] usb 4-1: SerialNumber: syz
[  555.787633][ T5867] usb 4-1: config 0 descriptor??
[  555.839882][ T5867] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  555.881724][ T5867] usb 4-1: setting power ON
[  555.945619][ T5867] dvb-usb: bulk message failed: -22 (2/0)
[  556.116889][ T5867] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  556.147280][T11310] dvb-usb: bulk message failed: -22 (3/0)
[  556.153038][T11310] cxusb: i2c wr: len=79 is too big!
[  556.153038][T11310] 
[  556.176873][ T5867] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  556.196709][ T5867] usb 4-1: media controller created
[  556.242228][ T5867] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  556.368337][ T5814] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  556.603826][ T5867] usb 4-1: selecting invalid altsetting 6
[  556.647635][ T5814] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.658979][ T5814] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  556.673790][ T5867] usb 4-1: digital interface selection failed (-22)
[  556.675973][ T5814] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  556.710206][ T5867] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  556.710220][ T5814] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.710244][ T5814] usb 5-1: Product: syz
[  556.752908][ T5867] usb 4-1: setting power OFF
[  556.762139][ T5814] usb 5-1: Manufacturer: syz
[  556.768530][ T5867] dvb-usb: bulk message failed: -22 (2/0)
[  556.772230][ T5814] usb 5-1: SerialNumber: syz
[  556.774261][ T5867] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  556.774277][ T5867] (NULL device *): no alternate interface
[  556.793888][ T5814] cdc_mbim 5-1:1.0: skipping garbage
[  556.883006][ T5867] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  556.947710][ T5867] usb 4-1: USB disconnect, device number 19
[  556.996770][T11323] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  557.135140][T11331] [U] .
[  557.722831][T11345] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1554'.
[  557.915372][ T5814] cdc_mbim 5-1:1.0: bind() failure
[  557.922949][ T5814] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  557.937055][ T5814] cdc_ncm 5-1:1.1: bind() failure
[  557.950020][ T5814] usb 5-1: USB disconnect, device number 17
[  558.146180][   T10] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  558.176019][T11355] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  558.331224][   T10] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  558.343070][   T10] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  558.376967][   T10] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  558.387213][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  558.404109][   T10] usb 2-1: Product: syz
[  558.411126][   T10] usb 2-1: Manufacturer: syz
[  558.422582][   T10] usb 2-1: SerialNumber: syz
[  558.542770][   T10] cdc_mbim 2-1:1.0: skipping garbage
[  558.623922][T11361] overlayfs: unescaped trailing colons in lowerdir mount option.
[  559.388589][   T30] audit: type=1400 audit(1748600571.192:453): avc:  denied  { module_request } for  pid=11358 comm="syz.4.1560" kmod="net-pf-10-proto-132" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  559.620863][T11350] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  559.634455][   T30] audit: type=1400 audit(1748600571.322:454): avc:  denied  { prog_load } for  pid=11357 comm="syz.3.1559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  559.669267][   T30] audit: type=1400 audit(1748600571.332:455): avc:  denied  { bpf } for  pid=11357 comm="syz.3.1559" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  559.858085][   T30] audit: type=1400 audit(1748600571.332:456): avc:  denied  { perfmon } for  pid=11357 comm="syz.3.1559" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  559.892160][   T30] audit: type=1400 audit(1748600571.352:457): avc:  denied  { prog_run } for  pid=11357 comm="syz.3.1559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  559.951420][   T30] audit: type=1400 audit(1748600571.392:458): avc:  denied  { allowed } for  pid=11357 comm="syz.3.1559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  560.355563][   T30] audit: type=1400 audit(1748600571.402:459): avc:  denied  { sqpoll } for  pid=11357 comm="syz.3.1559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  560.402844][   T30] audit: type=1400 audit(1748600571.402:460): avc:  denied  { create } for  pid=11357 comm="syz.3.1559" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  560.434927][   T30] audit: type=1400 audit(1748600571.412:461): avc:  denied  { map } for  pid=11357 comm="syz.3.1559" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=30970 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  560.498734][T11350] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  560.506780][   T10] cdc_mbim 2-1:1.0: setting tx_max = 184
[  560.547153][   T30] audit: type=1400 audit(1748600571.412:462): avc:  denied  { read write } for  pid=11357 comm="syz.3.1559" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=30970 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  560.637249][   T10] cdc_mbim 2-1:1.0: cdc-wdm0: USB WDM device
[  560.746655][  T912] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  560.858939][   T10] wwan wwan0: port wwan0mbim0 attached
[  560.901825][   T10] cdc_mbim 2-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.1-1, CDC MBIM, 2a:91:4e:56:61:f2
[  560.979760][   T10] usb 2-1: USB disconnect, device number 18
[  560.992676][   T10] cdc_mbim 2-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.1-1, CDC MBIM
[  561.086261][  T912] usb 5-1: Using ep0 maxpacket: 8
[  561.092120][   T10] wwan wwan0: port wwan0mbim0 disconnected
[  561.232422][  T912] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  561.244028][  T912] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.256634][  T912] usb 5-1: Product: syz
[  561.276221][  T912] usb 5-1: Manufacturer: syz
[  561.293094][  T912] usb 5-1: SerialNumber: syz
[  561.309114][  T912] usb 5-1: config 0 descriptor??
[  561.376393][  T912] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  561.384583][  T912] usb 5-1: setting power ON
[  561.526853][  T912] dvb-usb: bulk message failed: -22 (2/0)
[  561.558961][  T912] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  561.577058][T11373] dvb-usb: bulk message failed: -22 (3/0)
[  561.582824][T11373] cxusb: i2c wr: len=79 is too big!
[  561.582824][T11373] 
[  561.629844][  T912] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  561.667895][  T912] usb 5-1: media controller created
[  561.691460][T11396] overlayfs: unescaped trailing colons in lowerdir mount option.
[  561.718568][  T912] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  561.750855][  T912] usb 5-1: selecting invalid altsetting 6
[  561.772084][  T912] usb 5-1: digital interface selection failed (-22)
[  561.808197][  T912] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  561.830956][  T912] usb 5-1: setting power OFF
[  561.835610][  T912] dvb-usb: bulk message failed: -22 (2/0)
[  562.112074][  T912] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  562.122285][  T912] (NULL device *): no alternate interface
[  562.148917][  T912] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  562.437122][  T912] usb 5-1: USB disconnect, device number 18
[  563.291778][T11415] Cannot find add_set index 1 as target
[  563.409991][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  563.416959][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  563.518234][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1571'.
[  563.528114][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1571'.
[  563.537265][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1571'.
[  563.546322][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1571'.
[  563.555391][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1571'.
[  563.565040][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1571'.
[  563.574163][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1571'.
[  563.583406][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1571'.
[  563.593180][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1571'.
[  563.602448][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1571'.
[  564.421291][   T30] kauditd_printk_skb: 47 callbacks suppressed
[  564.421313][   T30] audit: type=1400 audit(1748600575.722:510): avc:  denied  { create } for  pid=11414 comm="syz.3.1571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  564.505446][   T30] audit: type=1400 audit(1748600575.722:511): avc:  denied  { ioctl } for  pid=11414 comm="syz.3.1571" path="socket:[31034]" dev="sockfs" ino=31034 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  564.648569][T11421] syz.3.1571 (11421): drop_caches: 2
[  564.809858][T11424] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  564.899970][   T30] audit: type=1400 audit(1748600576.282:512): avc:  denied  { create } for  pid=11389 comm="syz.1.1565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  565.197280][   T30] audit: type=1400 audit(1748600576.482:513): avc:  denied  { name_bind } for  pid=11419 comm="syz.4.1572" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  565.262590][   T30] audit: type=1400 audit(1748600576.482:514): avc:  denied  { node_bind } for  pid=11419 comm="syz.4.1572" saddr=172.20.20.170 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  565.466731][  T912] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  565.566309][   T30] audit: type=1400 audit(1748600577.292:515): avc:  denied  { name_bind } for  pid=11436 comm="syz.3.1575" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  565.810118][  T912] usb 1-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  565.824380][  T912] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.833041][  T912] usb 1-1: Product: syz
[  565.843140][  T912] usb 1-1: Manufacturer: syz
[  565.854914][  T912] usb 1-1: SerialNumber: syz
[  565.880305][  T912] usb 1-1: config 0 descriptor??
[  566.209917][   T30] audit: type=1400 audit(1748600578.002:516): avc:  denied  { create } for  pid=11429 comm="syz.0.1573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  566.237096][ T5866] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  566.261933][  T912] usb 1-1: f81604_read: reg: 105 failed: -EPIPE
[  566.284070][  T912] f81604 1-1:0.0: Setting termination of CH#0 failed: -EPIPE
[  566.304513][   T30] audit: type=1400 audit(1748600578.012:517): avc:  denied  { getopt } for  pid=11429 comm="syz.0.1573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  566.317151][  T912] f81604 1-1:0.0: probe with driver f81604 failed with error -32
[  566.922416][  T912] usb 1-1: USB disconnect, device number 22
[  566.936226][   T30] audit: type=1400 audit(1748600578.662:518): avc:  denied  { read write } for  pid=11456 comm="syz.4.1578" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  566.965218][ T5866] usb 3-1: config 0 has no interfaces?
[  566.977491][ T5866] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  567.033309][ T5866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.066161][   T10] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  567.077484][ T5866] usb 3-1: config 0 descriptor??
[  567.403480][   T24] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  567.412194][  T912] usb 1-1: new low-speed USB device number 23 using dummy_hcd
[  567.427279][   T30] audit: type=1400 audit(1748600578.662:519): avc:  denied  { open } for  pid=11456 comm="syz.4.1578" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  567.587914][  T912] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  567.603310][  T912] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  567.637743][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  567.668002][  T912] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  567.681690][   T24] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  567.763539][  T912] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  567.810036][   T24] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  567.848320][  T912] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.886534][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  567.900717][   T24] usb 5-1: Product: syz
[  567.910456][T11466] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  567.925758][   T24] usb 5-1: Manufacturer: syz
[  567.932811][  T912] hub 1-1:1.0: bad descriptor, ignoring hub
[  567.959181][T11473] kernel read not supported for file /z� (pid: 11473 comm: syz.1.1582)
[  567.960308][   T24] usb 5-1: SerialNumber: syz
[  567.976552][  T912] hub 1-1:1.0: probe with driver hub failed with error -5
[  567.993199][  T912] cdc_wdm 1-1:1.0: skipping garbage
[  568.005990][   T24] cdc_mbim 5-1:1.0: skipping garbage
[  568.013909][  T912] cdc_wdm 1-1:1.0: skipping garbage
[  568.025331][  T912] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  568.036744][   T10] usb 4-1: Using ep0 maxpacket: 8
[  568.042094][  T912] cdc_wdm 1-1:1.0: Unknown control protocol
[  568.060327][   T10] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  568.082944][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  568.102153][   T10] usb 4-1: Product: syz
[  568.108777][   T10] usb 4-1: Manufacturer: syz
[  568.123868][   T10] usb 4-1: SerialNumber: syz
[  568.139019][   T10] usb 4-1: config 0 descriptor??
[  568.151129][   T10] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  568.163673][   T10] usb 4-1: setting power ON
[  568.168603][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  568.182783][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  568.195818][   T10] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  568.205391][   T10] usb 4-1: media controller created
[  568.396419][T11468] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[  568.419698][T11477] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  568.432581][T11455] dvb-usb: bulk message failed: -22 (3/0)
[  568.439384][T11455] cxusb: i2c wr: len=79 is too big!
[  568.439384][T11455] 
[  568.474081][  T912] usb 1-1: USB disconnect, device number 23
[  568.474100][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  568.519373][   T10] usb 4-1: selecting invalid altsetting 6
[  568.525975][   T10] usb 4-1: digital interface selection failed (-22)
[  568.535097][   T10] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  568.547249][   T10] usb 4-1: setting power OFF
[  568.552022][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  568.560138][   T10] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  568.571852][   T10] (NULL device *): no alternate interface
[  568.598219][   T10] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  568.624554][   T10] usb 4-1: USB disconnect, device number 20
[  568.822637][   T24] cdc_mbim 5-1:1.0: failed GET_NTB_PARAMETERS
[  568.832982][   T24] cdc_mbim 5-1:1.0: bind() failure
[  568.855821][   T24] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  568.918893][   T24] cdc_ncm 5-1:1.1: bind() failure
[  568.961991][   T24] usb 5-1: USB disconnect, device number 19
[  569.828838][   T10] usb 3-1: USB disconnect, device number 15
[  570.216226][   T24] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  570.387115][T11491] __nla_validate_parse: 43 callbacks suppressed
[  570.387149][T11491] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1587'.
[  570.597786][   T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  570.627094][T11488] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  570.648503][   T24] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  570.678182][   T24] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  570.691066][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  570.699477][   T24] usb 1-1: Product: syz
[  570.703800][   T24] usb 1-1: Manufacturer: syz
[  570.709943][   T24] usb 1-1: SerialNumber: syz
[  570.723898][   T24] cdc_mbim 1-1:1.0: skipping garbage
[  570.877242][T11494] FAULT_INJECTION: forcing a failure.
[  570.877242][T11494] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  570.890520][T11494] CPU: 1 UID: 0 PID: 11494 Comm: syz.4.1588 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  570.890540][T11494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  570.890547][T11494] Call Trace:
[  570.890551][T11494]  <TASK>
[  570.890556][T11494]  dump_stack_lvl+0x16c/0x1f0
[  570.890575][T11494]  should_fail_ex+0x512/0x640
[  570.890593][T11494]  _copy_from_user+0x2e/0xd0
[  570.890610][T11494]  __sys_bpf+0x21d/0x4d80
[  570.890626][T11494]  ? __pfx___sys_bpf+0x10/0x10
[  570.890639][T11494]  ? ksys_write+0x190/0x250
[  570.890652][T11494]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  570.890673][T11494]  ? fput+0x70/0xf0
[  570.890686][T11494]  ? ksys_write+0x1ac/0x250
[  570.890695][T11494]  ? __pfx_ksys_write+0x10/0x10
[  570.890706][T11494]  __x64_sys_bpf+0x78/0xc0
[  570.890718][T11494]  ? lockdep_hardirqs_on+0x7c/0x110
[  570.890729][T11494]  do_syscall_64+0xcd/0x4c0
[  570.890742][T11494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.890753][T11494] RIP: 0033:0x7fd12e98e969
[  570.890763][T11494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  570.890773][T11494] RSP: 002b:00007fd12f7e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  570.890784][T11494] RAX: ffffffffffffffda RBX: 00007fd12ebb5fa0 RCX: 00007fd12e98e969
[  570.890790][T11494] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  570.890796][T11494] RBP: 00007fd12f7e1090 R08: 0000000000000000 R09: 0000000000000000
[  570.890802][T11494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.890808][T11494] R13: 0000000000000000 R14: 00007fd12ebb5fa0 R15: 00007ffc52767ba8
[  570.890820][T11494]  </TASK>
[  571.520039][T11486] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  571.591708][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  571.591725][   T30] audit: type=1400 audit(1748600583.392:526): avc:  denied  { create } for  pid=11483 comm="syz.3.1585" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  571.701632][   T30] audit: type=1400 audit(1748600583.472:527): avc:  denied  { bind } for  pid=11483 comm="syz.3.1585" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  571.735828][T11501] overlayfs: unescaped trailing colons in lowerdir mount option.
[  572.085519][T11506] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  572.103096][   T30] audit: type=1400 audit(1748600583.472:528): avc:  denied  { listen } for  pid=11483 comm="syz.3.1585" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  572.265848][   T24] cdc_mbim 1-1:1.0: bind() failure
[  572.274592][   T24] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  572.307442][   T24] cdc_ncm 1-1:1.1: bind() failure
[  572.786959][   T30] audit: type=1400 audit(1748600584.592:529): avc:  denied  { create } for  pid=11510 comm="syz.1.1593" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  572.815461][   T24] usb 1-1: USB disconnect, device number 24
[  572.837256][ T5833] udevd[5833]: setting owner of /dev/bus/usb/001/024 to uid=0, gid=0 failed: No such file or directory
[  572.880424][   T30] audit: type=1400 audit(1748600584.612:530): avc:  denied  { read write } for  pid=11510 comm="syz.1.1593" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  572.939672][   T30] audit: type=1400 audit(1748600584.612:531): avc:  denied  { open } for  pid=11510 comm="syz.1.1593" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  573.029920][T11515] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1594'.
[  573.081870][   T30] audit: type=1400 audit(1748600584.612:532): avc:  denied  { mounton } for  pid=11510 comm="syz.1.1593" path="/325/file0" dev="tmpfs" ino=1693 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  573.113771][   T30] audit: type=1400 audit(1748600584.612:533): avc:  denied  { mount } for  pid=11510 comm="syz.1.1593" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  573.158492][   T30] audit: type=1400 audit(1748600584.692:534): avc:  denied  { unmount } for  pid=5810 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  573.486637][   T30] audit: type=1400 audit(1748600584.722:535): avc:  denied  { unlink } for  pid=5810 comm="syz-executor" name="file0" dev="tmpfs" ino=1693 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  573.496734][T11521] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  573.659108][T11527] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1596'.
[  573.853290][T11529] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  573.982596][T11531] overlayfs: unescaped trailing colons in lowerdir mount option.
[  576.147047][  T912] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  576.236347][T11551] overlayfs: unescaped trailing colons in lowerdir mount option.
[  576.306564][ T5866] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[  576.574419][  T912] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  576.632311][  T912] usb 1-1: config 0 has no interfaces?
[  576.660994][  T912] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  576.691517][  T912] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  576.720635][ T5866] usb 2-1: not running at top speed; connect to a high speed hub
[  576.763544][ T5866] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  576.808651][  T912] usb 1-1: config 0 descriptor??
[  576.860409][ T5866] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  576.988832][ T5866] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  577.014745][ T5866] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  577.516276][ T5866] usb 2-1: Product: Ѕ
[  577.528164][ T5866] usb 2-1: Manufacturer: ᠊
[  577.546203][   T10] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  577.548671][ T5866] usb 2-1: SerialNumber: ᰁ
[  577.770172][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  577.795216][   T10] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  577.887396][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  577.887412][   T30] audit: type=1400 audit(1748600589.692:543): avc:  denied  { read } for  pid=11548 comm="syz.1.1604" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  577.888023][   T10] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  577.893735][   T30] audit: type=1400 audit(1748600589.692:544): avc:  denied  { open } for  pid=11548 comm="syz.1.1604" path="/dev/dri/card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  578.055608][T11563] capability: warning: `syz.1.1604' uses deprecated v2 capabilities in a way that may be insecure
[  578.166668][   T30] audit: type=1400 audit(1748600589.762:545): avc:  denied  { ioctl } for  pid=11548 comm="syz.1.1604" path="/dev/dri/card1" dev="devtmpfs" ino=628 ioctlcmd=0x64ae scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  578.193018][   T30] audit: type=1400 audit(1748600589.952:546): avc:  denied  { mount } for  pid=11548 comm="syz.1.1604" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  578.757370][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.787687][   T24] usb 1-1: USB disconnect, device number 25
[  578.789344][   T10] usb 4-1: Product: syz
[  578.905585][T11572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1610'.
[  579.164057][   T10] usb 4-1: Manufacturer: syz
[  579.173682][ T5866] usb 2-1: 0:2 : does not exist
[  579.178695][   T10] usb 4-1: SerialNumber: syz
[  579.191777][T11566] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1609'.
[  579.208214][   T10] cdc_mbim 4-1:1.0: skipping garbage
[  579.221943][ T5866] usb 2-1: USB disconnect, device number 19
[  579.275765][   T30] audit: type=1400 audit(1748600591.072:547): avc:  denied  { ioctl } for  pid=11573 comm="syz.0.1611" path="/dev/video7" dev="devtmpfs" ino=951 ioctlcmd=0x561c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  579.311626][ T5833] udevd[5833]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  579.454275][T11556] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  579.903027][   T30] audit: type=1800 audit(1748600591.462:548): pid=11575 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.1611" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  579.948474][   T30] audit: type=1400 audit(1748600591.482:549): avc:  denied  { create } for  pid=11573 comm="syz.0.1611" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  579.972301][   T30] audit: type=1400 audit(1748600591.492:550): avc:  denied  { write } for  pid=11573 comm="syz.0.1611" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  579.999333][   T30] audit: type=1400 audit(1748600591.492:551): avc:  denied  { nlmsg_write } for  pid=11573 comm="syz.0.1611" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  580.060694][   T30] audit: type=1400 audit(1748600591.502:552): avc:  denied  { bind } for  pid=11573 comm="syz.0.1611" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  580.138976][   T10] cdc_mbim 4-1:1.0: failed GET_NTB_PARAMETERS
[  580.156365][   T10] cdc_mbim 4-1:1.0: bind() failure
[  580.197834][   T10] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  580.255079][   T10] cdc_ncm 4-1:1.1: bind() failure
[  580.280826][   T10] usb 4-1: USB disconnect, device number 21
[  582.346197][ T5866] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  583.084531][   T30] kauditd_printk_skb: 24 callbacks suppressed
[  583.084548][   T30] audit: type=1400 audit(1748600594.882:577): avc:  denied  { setopt } for  pid=11613 comm="syz.4.1622" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  583.123741][ T5866] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  583.246193][ T5866] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  583.307865][ T5866] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  583.323906][ T5866] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  583.346789][T11617] FAULT_INJECTION: forcing a failure.
[  583.346789][T11617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  583.350219][ T5866] usb 1-1: Product: syz
[  583.400328][   T30] audit: type=1400 audit(1748600595.192:578): avc:  denied  { create } for  pid=11618 comm="syz.2.1624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  583.419837][    C0] vkms_vblank_simulate: vblank timer overrun
[  583.447363][T11617] CPU: 1 UID: 0 PID: 11617 Comm: syz.4.1623 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  583.447382][T11617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  583.447388][T11617] Call Trace:
[  583.447393][T11617]  <TASK>
[  583.447398][T11617]  dump_stack_lvl+0x16c/0x1f0
[  583.447415][T11617]  should_fail_ex+0x512/0x640
[  583.447432][T11617]  _copy_from_user+0x2e/0xd0
[  583.447447][T11617]  copy_msghdr_from_user+0x98/0x160
[  583.447461][T11617]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  583.447484][T11617]  ___sys_sendmsg+0xfe/0x1d0
[  583.447496][T11617]  ? __pfx____sys_sendmsg+0x10/0x10
[  583.447505][T11617]  ? __lock_acquire+0x622/0x1c90
[  583.447536][T11617]  __sys_sendmsg+0x16d/0x220
[  583.447548][T11617]  ? __pfx___sys_sendmsg+0x10/0x10
[  583.447568][T11617]  do_syscall_64+0xcd/0x4c0
[  583.447581][T11617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.447592][T11617] RIP: 0033:0x7fd12e98e969
[  583.447602][T11617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.447613][T11617] RSP: 002b:00007fd12f7e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  583.447623][T11617] RAX: ffffffffffffffda RBX: 00007fd12ebb5fa0 RCX: 00007fd12e98e969
[  583.447630][T11617] RDX: 0000000000044806 RSI: 0000200000000100 RDI: 0000000000000003
[  583.447636][T11617] RBP: 00007fd12f7e1090 R08: 0000000000000000 R09: 0000000000000000
[  583.447641][T11617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  583.447647][T11617] R13: 0000000000000000 R14: 00007fd12ebb5fa0 R15: 00007ffc52767ba8
[  583.447660][T11617]  </TASK>
[  583.455297][ T5866] usb 1-1: Manufacturer: syz
[  583.698988][   T30] audit: type=1400 audit(1748600595.192:579): avc:  denied  { bind } for  pid=11618 comm="syz.2.1624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  583.718639][    C0] vkms_vblank_simulate: vblank timer overrun
[  583.956858][   T30] audit: type=1400 audit(1748600595.192:580): avc:  denied  { setopt } for  pid=11618 comm="syz.2.1624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  584.459352][   T30] audit: type=1400 audit(1748600595.192:581): avc:  denied  { accept } for  pid=11618 comm="syz.2.1624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  584.479635][   T30] audit: type=1400 audit(1748600595.252:582): avc:  denied  { write } for  pid=11618 comm="syz.2.1624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  584.499132][   T30] audit: type=1400 audit(1748600595.252:583): avc:  denied  { read } for  pid=11618 comm="syz.2.1624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  584.570757][   T30] audit: type=1400 audit(1748600595.452:584): avc:  denied  { ioctl } for  pid=11618 comm="syz.2.1624" path="socket:[31933]" dev="sockfs" ino=31933 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  584.735947][ T5866] usb 1-1: SerialNumber: syz
[  584.779158][   T30] audit: type=1400 audit(1748600596.512:585): avc:  denied  { read write } for  pid=11626 comm="syz.3.1628" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  585.374532][   T30] audit: type=1400 audit(1748600596.522:586): avc:  denied  { open } for  pid=11626 comm="syz.3.1628" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  586.771480][ T5866] usb 1-1: can't set config #1, error -71
[  586.797442][ T5866] usb 1-1: USB disconnect, device number 26
[  587.108614][T11647] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1633'.
[  587.426580][ T5814] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  587.698322][T11652] FAULT_INJECTION: forcing a failure.
[  587.698322][T11652] name failslab, interval 1, probability 0, space 0, times 0
[  587.717972][T11652] CPU: 0 UID: 0 PID: 11652 Comm: syz.4.1629 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  587.718001][T11652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  587.718013][T11652] Call Trace:
[  587.718021][T11652]  <TASK>
[  587.718028][T11652]  dump_stack_lvl+0x16c/0x1f0
[  587.718057][T11652]  should_fail_ex+0x512/0x640
[  587.718080][T11652]  ? fs_reclaim_acquire+0xae/0x150
[  587.718108][T11652]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  587.718133][T11652]  should_failslab+0xc2/0x120
[  587.718154][T11652]  __kmalloc_noprof+0xd2/0x510
[  587.718184][T11652]  tomoyo_realpath_from_path+0xc2/0x6e0
[  587.718210][T11652]  ? tomoyo_profile+0x47/0x60
[  587.718240][T11652]  tomoyo_path_number_perm+0x245/0x580
[  587.718259][T11652]  ? tomoyo_path_number_perm+0x237/0x580
[  587.718281][T11652]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  587.718302][T11652]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  587.718356][T11652]  ? find_held_lock+0x2b/0x80
[  587.718386][T11652]  ? hook_file_ioctl_common+0x145/0x410
[  587.718417][T11652]  ? __fget_files+0x20e/0x3c0
[  587.718440][T11652]  security_file_ioctl+0x9b/0x240
[  587.718466][T11652]  __x64_sys_ioctl+0xb7/0x210
[  587.718494][T11652]  do_syscall_64+0xcd/0x4c0
[  587.718515][T11652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.718533][T11652] RIP: 0033:0x7fd12e98e969
[  587.718550][T11652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  587.718567][T11652] RSP: 002b:00007fd12f79f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  587.718585][T11652] RAX: ffffffffffffffda RBX: 00007fd12ebb6160 RCX: 00007fd12e98e969
[  587.718597][T11652] RDX: ffffffffffffffb6 RSI: 0000000000004c80 RDI: 0000000000000004
[  587.718607][T11652] RBP: 00007fd12f79f090 R08: 0000000000000000 R09: 0000000000000000
[  587.718616][T11652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  587.718626][T11652] R13: 0000000000000000 R14: 00007fd12ebb6160 R15: 00007ffc52767ba8
[  587.718650][T11652]  </TASK>
[  587.919804][T11652] ERROR: Out of memory at tomoyo_realpath_from_path.
[  587.945752][ T5814] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  587.956927][ T5814] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  587.971977][ T5814] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  587.981151][ T5814] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  587.989447][ T5814] usb 2-1: Product: syz
[  587.993620][ T5814] usb 2-1: Manufacturer: syz
[  587.998246][ T5814] usb 2-1: SerialNumber: syz
[  588.008875][ T5814] cdc_mbim 2-1:1.0: skipping garbage
[  588.256491][T11639] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  588.788283][T11664] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[  588.820556][T11664] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  589.006347][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  589.006386][   T30] audit: type=1400 audit(1748600600.612:593): avc:  denied  { mount } for  pid=11657 comm="syz.2.1636" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  589.037479][T11639] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  589.212553][ T5814] cdc_mbim 2-1:1.0: setting tx_max = 184
[  589.246286][ T5814] cdc_mbim 2-1:1.0: cdc-wdm0: USB WDM device
[  589.259693][   T30] audit: type=1400 audit(1748600600.642:594): avc:  denied  { mount } for  pid=11657 comm="syz.2.1636" name="/" dev="overlay" ino=1714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  589.285449][ T5814] wwan wwan0: port wwan0mbim0 attached
[  589.349342][ T5866] usb 4-1: new low-speed USB device number 22 using dummy_hcd
[  589.424920][   T30] audit: type=1400 audit(1748600601.222:595): avc:  denied  { unmount } for  pid=5824 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  589.427926][ T5814] cdc_mbim 2-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.1-1, CDC MBIM, aa:ef:68:60:73:95
[  589.505272][ T5814] usb 2-1: USB disconnect, device number 20
[  589.528819][ T5814] cdc_mbim 2-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.1-1, CDC MBIM
[  589.549569][ T5866] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  589.576626][   T30] audit: type=1400 audit(1748600601.342:596): avc:  denied  { unmount } for  pid=5824 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  589.606659][ T5866] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  589.664687][ T5866] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  589.704177][ T5866] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  589.726444][ T5814] wwan wwan0: port wwan0mbim0 disconnected
[  589.728626][ T5866] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  589.840470][T11663] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  589.895519][ T5866] hub 4-1:1.0: bad descriptor, ignoring hub
[  590.372519][ T5866] hub 4-1:1.0: probe with driver hub failed with error -5
[  590.380791][ T5866] cdc_wdm 4-1:1.0: skipping garbage
[  590.386042][ T5866] cdc_wdm 4-1:1.0: skipping garbage
[  590.398959][ T5866] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  590.509165][ T5866] cdc_wdm 4-1:1.0: Unknown control protocol
[  590.936469][   T10] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  590.990446][T11681] FAULT_INJECTION: forcing a failure.
[  590.990446][T11681] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  591.036716][T11681] CPU: 0 UID: 0 PID: 11681 Comm: syz.4.1642 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  591.036745][T11681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  591.036755][T11681] Call Trace:
[  591.036761][T11681]  <TASK>
[  591.036767][T11681]  dump_stack_lvl+0x16c/0x1f0
[  591.036795][T11681]  should_fail_ex+0x512/0x640
[  591.036823][T11681]  _copy_from_user+0x2e/0xd0
[  591.036849][T11681]  copy_msghdr_from_user+0x98/0x160
[  591.036870][T11681]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  591.036904][T11681]  ___sys_sendmsg+0xfe/0x1d0
[  591.036921][T11681]  ? __pfx____sys_sendmsg+0x10/0x10
[  591.036936][T11681]  ? __lock_acquire+0x622/0x1c90
[  591.036987][T11681]  __sys_sendmsg+0x16d/0x220
[  591.037007][T11681]  ? __pfx___sys_sendmsg+0x10/0x10
[  591.037042][T11681]  do_syscall_64+0xcd/0x4c0
[  591.037064][T11681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  591.037081][T11681] RIP: 0033:0x7fd12e98e969
[  591.037096][T11681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  591.037113][T11681] RSP: 002b:00007fd12f7e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  591.037130][T11681] RAX: ffffffffffffffda RBX: 00007fd12ebb5fa0 RCX: 00007fd12e98e969
[  591.037141][T11681] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  591.037150][T11681] RBP: 00007fd12f7e1090 R08: 0000000000000000 R09: 0000000000000000
[  591.037160][T11681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  591.037169][T11681] R13: 0000000000000000 R14: 00007fd12ebb5fa0 R15: 00007ffc52767ba8
[  591.037192][T11681]  </TASK>
[  591.387987][   T10] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  591.399342][   T10] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  591.411556][   T10] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  591.422244][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  591.431155][   T10] usb 3-1: Product: syz
[  591.436391][   T10] usb 3-1: Manufacturer: syz
[  591.441125][   T10] usb 3-1: SerialNumber: syz
[  591.699864][   T10] cdc_mbim 3-1:1.0: skipping garbage
[  591.849528][T11688] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1644'.
[  592.047316][T11674] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  592.643369][   T10] cdc_mbim 3-1:1.0: failed GET_NTB_PARAMETERS
[  592.656156][   T10] cdc_mbim 3-1:1.0: bind() failure
[  593.312430][   T10] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  593.321422][   T10] cdc_ncm 3-1:1.1: bind() failure
[  593.372724][   T10] usb 3-1: USB disconnect, device number 16
[  593.620884][T11705] overlayfs: unescaped trailing colons in lowerdir mount option.
[  593.676319][ T5814] usb 4-1: USB disconnect, device number 22
[  594.036828][   T24] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  594.714777][ T5822] Bluetooth: hci2: unexpected event for opcode 0x080f
[  594.745689][   T30] audit: type=1400 audit(1748600606.502:597): avc:  denied  { write } for  pid=11710 comm="syz.4.1652" path="/dev/vhci" dev="devtmpfs" ino=1268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  594.816272][   T24] usb 1-1: Using ep0 maxpacket: 8
[  594.900371][   T24] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  594.949678][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  594.975271][   T30] audit: type=1400 audit(1748600606.772:598): avc:  denied  { ioctl } for  pid=11717 comm="syz.1.1653" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=31602 ioctlcmd=0x9363 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  595.011681][   T24] usb 1-1: Product: syz
[  595.018614][T11722] overlayfs: unescaped trailing colons in lowerdir mount option.
[  595.028529][   T24] usb 1-1: Manufacturer: syz
[  595.033238][   T24] usb 1-1: SerialNumber: syz
[  595.062499][   T24] usb 1-1: config 0 descriptor??
[  595.446964][   T24] usb 1-1: can't set config #0, error -71
[  596.061314][   T24] usb 1-1: USB disconnect, device number 27
[  596.077322][   T30] audit: type=1400 audit(1748600607.442:599): avc:  denied  { create } for  pid=11719 comm="syz.4.1654" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  596.169026][   T30] audit: type=1400 audit(1748600607.452:600): avc:  denied  { setopt } for  pid=11719 comm="syz.4.1654" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  596.238725][T11719] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  596.989743][ T5814] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  597.728603][ T5814] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  597.751338][ T5814] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  597.779623][ T5814] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  597.789401][ T5814] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.820358][T11730] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  597.846498][   T10] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  597.881826][ T5814] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  598.037789][   T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  598.059744][   T10] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  598.088528][   T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  598.099849][ T5814] usb 3-1: USB disconnect, device number 17
[  598.121527][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.147807][   T10] usb 5-1: Product: syz
[  598.152219][   T10] usb 5-1: Manufacturer: syz
[  598.172400][   T10] usb 5-1: SerialNumber: syz
[  598.201397][   T10] cdc_mbim 5-1:1.0: skipping garbage
[  598.236838][   T24] usb 1-1: new low-speed USB device number 28 using dummy_hcd
[  598.417821][T11740] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  752.796721][    C1] ------------[ cut here ]------------
[  752.803450][    C1] WARNING: CPU: 1 PID: 0 at kernel/rcu/tree_stall.h:989 rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  752.814241][    C1] Modules linked in:
[  752.818669][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  752.829963][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  752.840022][    C1] RIP: 0010:rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  752.846971][    C1] Code: 88 61 01 00 00 be 04 00 00 00 48 c7 c7 40 c0 da 9a e8 70 c5 80 00 b8 01 00 00 00 87 05 75 01 39 19 85 c0 0f 85 3d 01 00 00 90 <0f> 0b 90 48 c7 c3 44 b9 a7 90 48 81 fd c0 f5 5c 8e 74 5a 48 b8 00
[  752.866931][    C1] RSP: 0018:ffffc90000a08df0 EFLAGS: 00010046
[  752.872998][    C1] RAX: 0000000000000000 RBX: 0000000000002904 RCX: ffffffff81a1bec0
[  752.880974][    C1] RDX: fffffbfff35b5808 RSI: 0000000000000004 RDI: ffffffff9adac040
[  752.888943][    C1] RBP: ffffffff8e5cf5c0 R08: 0000000000000001 R09: fffffbfff35b5808
[  752.896912][    C1] R10: 0000000000000003 R11: 0000000000000001 R12: 1ffffffff1c42240
[  752.904894][    C1] R13: 0000000000000246 R14: ffffffff8e5cf5c0 R15: ffff8880b853cd12
[  752.912900][    C1] FS:  0000000000000000(0000) GS:ffff88812486e000(0000) knlGS:0000000000000000
[  752.921844][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  752.928434][    C1] CR2: 0000001b2f0d8ff8 CR3: 00000000227ff000 CR4: 00000000003526f0
[  752.936409][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  752.944514][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  752.952511][    C1] Call Trace:
[  752.955884][    C1]  <IRQ>
[  752.958741][    C1]  rcu_core+0x4cf/0x14e0
[  752.963040][    C1]  ? tmigr_handle_remote+0x132/0x380
[  752.968361][    C1]  ? __pfx_tmigr_handle_remote+0x10/0x10
[  752.974007][    C1]  ? __pfx_rcu_core+0x10/0x10
[  752.978703][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  752.983902][    C1]  ? run_timer_base+0x121/0x190
[  752.988756][    C1]  ? __pfx_run_timer_base+0x10/0x10
[  752.993964][    C1]  handle_softirqs+0x219/0x8e0
[  752.998746][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  753.004135][    C1]  __irq_exit_rcu+0x109/0x170
[  753.008828][    C1]  irq_exit_rcu+0x9/0x30
[  753.013073][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  753.018879][    C1]  </IRQ>
[  753.021804][    C1]  <TASK>
[  753.024732][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  753.030909][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  753.036543][    C1] Code: f3 74 02 e9 53 fb 02 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d b3 a0 2d 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  753.056155][    C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c6
[  753.062225][    C1] RAX: 00000000048a72f7 RBX: 0000000000000001 RCX: ffffffff8b7c6449
[  753.070195][    C1] RDX: 0000000000000000 RSI: ffffffff8de06e7d RDI: ffffffff8c153200
[  753.078170][    C1] RBP: ffffed1003d53488 R08: 0000000000000001 R09: ffffed10170a663d
[  753.086143][    C1] R10: ffff8880b85331eb R11: 0000000000000001 R12: 0000000000000001
[  753.094119][    C1] R13: ffff88801ea9a440 R14: ffffffff90a78750 R15: 0000000000000000
[  753.102098][    C1]  ? ct_kernel_exit+0x139/0x190
[  753.106959][    C1]  default_idle+0x13/0x20
[  753.111294][    C1]  default_idle_call+0x6d/0xb0
[  753.116063][    C1]  do_idle+0x391/0x510
[  753.120135][    C1]  ? __pfx_do_idle+0x10/0x10
[  753.124726][    C1]  ? trace_sched_exit_tp+0x31/0x130
[  753.130103][    C1]  ? do_idle+0x2e8/0x510
[  753.134443][    C1]  cpu_startup_entry+0x4f/0x60
[  753.139239][    C1]  start_secondary+0x21d/0x2b0
[  753.144022][    C1]  ? __pfx_start_secondary+0x10/0x10
[  753.149326][    C1]  common_startup_64+0x13e/0x148
[  753.154285][    C1]  </TASK>
[  753.157311][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  753.164591][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[  753.175958][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  753.186014][    C1] Call Trace:
[  753.189313][    C1]  <IRQ>
[  753.192174][    C1]  dump_stack_lvl+0x3d/0x1f0
[  753.196792][    C1]  panic+0x71c/0x800
[  753.200702][    C1]  ? __pfx_panic+0x10/0x10
[  753.205148][    C1]  ? show_trace_log_lvl+0x29b/0x3e0
[  753.210397][    C1]  ? check_panic_on_warn+0x1f/0xb0
[  753.215573][    C1]  ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  753.221939][    C1]  check_panic_on_warn+0xab/0xb0
[  753.226906][    C1]  __warn+0xf6/0x3c0
[  753.230811][    C1]  ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  753.237150][    C1]  report_bug+0x3c3/0x580
[  753.241484][    C1]  ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  753.247842][    C1]  handle_bug+0x184/0x210
[  753.252225][    C1]  exc_invalid_op+0x17/0x50
[  753.256766][    C1]  asm_exc_invalid_op+0x1a/0x20
[  753.261621][    C1] RIP: 0010:rcu_check_gp_start_stall.part.0+0x1c4/0x4b0
[  753.268653][    C1] Code: 88 61 01 00 00 be 04 00 00 00 48 c7 c7 40 c0 da 9a e8 70 c5 80 00 b8 01 00 00 00 87 05 75 01 39 19 85 c0 0f 85 3d 01 00 00 90 <0f> 0b 90 48 c7 c3 44 b9 a7 90 48 81 fd c0 f5 5c 8e 74 5a 48 b8 00
[  753.288295][    C1] RSP: 0018:ffffc90000a08df0 EFLAGS: 00010046
[  753.294425][    C1] RAX: 0000000000000000 RBX: 0000000000002904 RCX: ffffffff81a1bec0
[  753.302412][    C1] RDX: fffffbfff35b5808 RSI: 0000000000000004 RDI: ffffffff9adac040
[  753.310384][    C1] RBP: ffffffff8e5cf5c0 R08: 0000000000000001 R09: fffffbfff35b5808
[  753.318799][    C1] R10: 0000000000000003 R11: 0000000000000001 R12: 1ffffffff1c42240
[  753.326796][    C1] R13: 0000000000000246 R14: ffffffff8e5cf5c0 R15: ffff8880b853cd12
[  753.334816][    C1]  ? rcu_check_gp_start_stall.part.0+0x1b0/0x4b0
[  753.341177][    C1]  rcu_core+0x4cf/0x14e0
[  753.345431][    C1]  ? tmigr_handle_remote+0x132/0x380
[  753.350737][    C1]  ? __pfx_tmigr_handle_remote+0x10/0x10
[  753.356380][    C1]  ? __pfx_rcu_core+0x10/0x10
[  753.361067][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  753.366267][    C1]  ? run_timer_base+0x121/0x190
[  753.371129][    C1]  ? __pfx_run_timer_base+0x10/0x10
[  753.376337][    C1]  handle_softirqs+0x219/0x8e0
[  753.381117][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  753.386424][    C1]  __irq_exit_rcu+0x109/0x170
[  753.391112][    C1]  irq_exit_rcu+0x9/0x30
[  753.395355][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  753.400991][    C1]  </IRQ>
[  753.403923][    C1]  <TASK>
[  753.406850][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  753.412838][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  753.418561][    C1] Code: f3 74 02 e9 53 fb 02 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d b3 a0 2d 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  753.438169][    C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c6
[  753.444327][    C1] RAX: 00000000048a72f7 RBX: 0000000000000001 RCX: ffffffff8b7c6449
[  753.452296][    C1] RDX: 0000000000000000 RSI: ffffffff8de06e7d RDI: ffffffff8c153200
[  753.460265][    C1] RBP: ffffed1003d53488 R08: 0000000000000001 R09: ffffed10170a663d
[  753.468234][    C1] R10: ffff8880b85331eb R11: 0000000000000001 R12: 0000000000000001
[  753.476211][    C1] R13: ffff88801ea9a440 R14: ffffffff90a78750 R15: 0000000000000000
[  753.484275][    C1]  ? ct_kernel_exit+0x139/0x190
[  753.489138][    C1]  default_idle+0x13/0x20
[  753.493472][    C1]  default_idle_call+0x6d/0xb0
[  753.498244][    C1]  do_idle+0x391/0x510
[  753.502317][    C1]  ? __pfx_do_idle+0x10/0x10
[  753.506913][    C1]  ? trace_sched_exit_tp+0x31/0x130
[  753.512114][    C1]  ? do_idle+0x2e8/0x510
[  753.516367][    C1]  cpu_startup_entry+0x4f/0x60
[  753.521130][    C1]  start_secondary+0x21d/0x2b0
[  753.525914][    C1]  ? __pfx_start_secondary+0x10/0x10
[  753.531210][    C1]  common_startup_64+0x13e/0x148
[  753.536167][    C1]  </TASK>
[  754.644157][    C1] Shutting down cpus with NMI
[  754.649159][    C1] Kernel Offset: disabled
[  754.653474][    C1] Rebooting in 86400 seconds..