last executing test programs:

6.005218982s ago: executing program 2 (id=649):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x44, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x30, 0x1, [@m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0x9, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000180)=@gcm_128={{0x7}, "923133a03d2801d4", "e3d4750cfd9e66a6c5e1bc226b1f0b34", "d1aafd9d", "22367581994089bc"}, 0x28)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r4 = eventfd2(0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
close_range(r4, 0xffffffffffffffff, 0x100000000000000)
r6 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r6, 0x40045532, &(0x7f0000000100))
r7 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r7, 0x80045017, 0x0)
r8 = syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0xa2465)
ioctl$SNDRV_PCM_IOCTL_REWIND(r8, 0x80184132, &(0x7f0000000000)=0x3)

5.703199726s ago: executing program 2 (id=653):
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f01020301090212000800f8ff000904000000a058b700"], 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000500)=""/97, 0x61}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000000})

5.088956644s ago: executing program 2 (id=659):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB="0200000004000000080000000100"], 0x48)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x19, 0x64, 0xd4, 0x8, 0x1a86, 0xe092, 0x533f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x2, 0x0, 0x10, 0x3, [{{0x9, 0x4, 0x1f, 0x2, 0x0, 0xe9, 0x17, 0xf3}}]}}]}}, 0x0)
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f00000008c0)=ANY=[@ANYRES64, @ANYBLOB, @ANYRES32, @ANYRES32=r0, @ANYBLOB="cda52d8fd0acf8f148fd53e912cbe77b666a92f1c3319631e82e939e9ba18d2fd7d0603ed5007908c4a0160edba8c784cfe1a6b2e8b603262d4c2cfb7ed054d26f73f3d1a3b2747a3584501ede8b02e4ca842985a1276262d4a6849bc1cef6f4e9d6057a30f97a228a59b4f15f7aeaa89885eeb274d48160ed2a9c88943b9cc67f7c6493bb16cbcacfa23e1e82a1c3bbfcc22e5846fad20dfca3c3999055e2303e4a6fb39a78894ae38c0bab2f1712dcfc19adcb6785708c5f3e1b788a7beeaf54927d50b64d59dbfbb08eb0b5e04b2983a1ce712cf504d15006b2194862775ec0f58a7b2f346db13d66ad81c07f22e6651cdc2ef4ac86c6ab93d86ac10d2b6db119494d9c35b059f2ca87afaa61cbea03484eb2f7b2fb66c067f72266bdbb30d2f112d31aeac02763e43934e22017bd61537aebc1784a05a2ac65652052f4cec295e0b0c6aa3729d59d7f336353b32290604512ec74b98cc1225e6309a119987408adda9b99f2434e2c33c1caaaaed963ee09b3646914ace8c774c4acf8d6485001f7cac501db5d4fd41669ef9ecc89551c6a15ea7ba769acdd18edbb523e6f17ded1b71be5ad500f809093b993d8cadb2422b846b1dbaae4ed59413e32453386c21b5f59baab1aac6c7f764444b44d2fbc13fc24ab43389c7950d8a7e039686a0aa372ce029c4da3667b4e7d7cf5d3227939f2529cc52d8c85db17e54b19d31b3c2d17ca964f1a97a710c01a91f6c387a8c3d3d942a01692002594c19f4ffadbcc545cb0a43680846f94544228474574b5a1fb384ca5ad38e398fb7f1440c234f43adb2aee9527ad50a87c379fdebb2e86b84bbfc274df2b8814812b7af780c8beef16bee4660289150b712ef01d7f0207f9710b32cbda72e1cbcf6258d985a9c42cdfb4de71d94dffd64f6c747da52af7b3e080c92708a97ccf953a44703bfc48ed0ec85ff5ddedfdfcf778bd3709f3406472de7e4782f6941b5162b088c1a1e09e53b2c1d3660499deb8bb29daddb974748f34db1a984448f414b2e10b33c9944fcf12f07612dada97d27a6a9b352a9862e96ca11098f167ff0ca35fac341d912cd36adce7a8ba97300b2ff82815edc908959d3a22af59b3209b3c09404b5504f97a20331e9bc621b0da750cc9d29ba93e8151b57687873688ddb6ba87073bff31d030a5fde214e664597ba1fba6df10222f87b1b440ba85bb698a620c8fd477d45580701c67aab237bfe2f665fac91670e7c8ba4b27698037712eea21ef7115da145bcc592ebfac16adef7a153bd924afed58ffe31485b265f6a161433f3b0aa77a8ab7f3fca629af33e9ed67019c425ada8382ebb7ff4c6105989156ab11a11b000cd0c196af2a55e5fb1089ebb0aa9403bcc66ebb2d795d8bb192722bdeb13e3a9010386a6d5bb2e4b27e6a604f34aa394aba5923f0f3c75325b8dab314fc507ecf1af11f1882fab99f7b2a8758404a72854687cc9613d86e3d742cafd70829624f4955cf1bd82a64e0f057700769011e25636cba1417f958baae7533dc3e1b0d84ed0319ee02850659ac8eaa8074f2836df6d38967f0fe4aa4947516e30c28ecc6d6cb4ce8cb46d6fb80269438984bae982087af67d046f95e32f040c71d72218cff3bd096fed57a9a753096a513111360007a921258a795c22f3d4a2f14ffdadbed2690642d2f9c96801c71c6f355673dff971e85baaadaade06d2fbf8c5819bfe98474cc0abd8ff6b61159b30a122732d7ab34787af9b83ed59633b0dc8a49e22e9fbbbb03c9caff2e379c229291bf03b719e2e63cf0ed2923ba67a83d43729840974621ecea40105dc1cdf3786e2efc179de8b434d35d69273dcb68f794fd3458ac8b6574cb94981851e5244c985d3d6ae299180fecdc46ec2320045639130e9c764695acea73c356e4a0cc3f2788ae9486f581ee0e286605e0ac3cad485c60559e8d2197fb2d42cda962e0eba1c627e88524ff086782df3ccb7c9931126be1b6bb4ed118aabb0628058ce9069ec3d60387c2071edc8c35227d6b95d6e342b95ee38e7877b12237bdd51c5b5243868b902ee1162097bafea20ff1e99a48d5d8596742d0bd798dd012db3745307320d30b11eef5047ceb7a17a6836e8d1f6ef48b066ae08e28e83353106f575fcae248c642256e20fa6b2b426e72a6ca0d1c76f7b4bf0b9570d9da912456a90318c6f484f7969382f283d16608d26e0f797bffbead4c12091acf6df313ed76fdfb51c3a214d905c2007d270a4330966387286d76d54ff5cbf49f5bb14d7355ae9083cd67bf663a5d000f2c9d09f99c1cbef7a39fb49f777ba8aea4908d39ed8620cda2e72134a1fa0638a26e7c816a094df10f7cb8a0fd296d487236acd2e59a4f38cf4d70d065ca71656a7b5be2ca051423b1da1c75c48c243539c3ccfee0885a51388de74b7e76c156b7acd4b929833e095d57dc16ad5cf6933b253748893448e1f65f09cf1217b6d8bfc152a354b85100200fdba7edcb7f1761aaad4c9680a1806e6e1d19c38823ea18709d40835739a6d06f57a7539ebd90eb48b43466fc314a1b0d153979b6701dba48c0e3e2011cd7af79f9c3a15012e839e3bfbbdd8036ab53aaf325c70cc258a50326c3ca0046dd7f635ecfddce8cffab5ea765c328228be08658bb8ce5b81ec31518f6b1982129c465aee153249d106ced6afd720a4aba0e408868d34bd911d6e25cf631818454264f7286a96d8e9f51f454a0ce02668b5bf216d0b0ea05b3359557b1291eae5dd54594067d4f3e34bb4f1b2721f28dc2b738cf9d64d3b58b3b1a7008ab28e4baa6d61a08e379a40323610eb5a4ca4a66f2e27bdc1f15dfd6cf06a1d1799ca02a97b2addae8bcd3bc00c44d3caaf37c2703a7d1e2c6c958b439de1643237ac25ade52fc969074ab5aa8ee8df892c7dec536fe516dc7ea58bc33fb399ecfafd209a48250e6f7f3434030957f06135622f0e2c067efc81e3c8cffe0662e49fdee2a375915d4b3f0f5f5abb5737e2394e38fa3c288ccf0d739b8421ad14e2fd044988295466451fcbf93afe76cc2f9c95f15adbbfb416345a86f7775c0d90ceb864979bb8d9a72ed1a4605ead0d2f32cd247f63a297749a9eab5aa9424ea04562bd40230410b9ba58961648209ad60b9a27cc595acce637d5f6ad1c448b844e0e931626cd747190c815a1bc9545d8fccf687a1c70bbb02e9b24672a0e379bef2bc59e2ab8379068c5d510d7cd9876cc9d56f77088313a559223e385ba61841be172e02201d966febfe917806dcf6cb7dcbfae7c69e7b0c51ca62077da7b67cd0d03b1c1315fecabe7e93e16a43c3d21890c869ad5162fdadcb03018338d4bf65574200be6854ba47359d37ad2cfdaeea7e5d995572d85cd7db0d6649f5f6d55d3ab3fefa6adb6bae682500f74e384a611a5fa697cfc01ac11a79db70cb4ec416a10e8ea67f9d91752ee25237319e5a4396d9f46ce155a73445bf4a2bad9ad33a0952ab540a0646d5a9961451fae81326e10c5b5aeccef154c34c767d79ba4681e366e1737600f3008ecb583cc2bac38e9bf872ead4ab92f21e573c77bf85de13201cd7144eb5289189033ac641b27c257e174cf97b33630c4093e7652e03a61a27aab50c0e0062e38ddd8d5483c80acf80ce66d2be816924763aace80e881eb03872d102cf81f4b055eec415324c81c636c31e98f03413aa954e9a823cbd607242277b1688391fd06acbc84fbfe3c83b8d5aead1a12e1d12fc6f7b4df04f7771455db095eb034d083283fbf44287bdb32271b24f6832c6c36a9b2039951de71d6bbee2f67dc6b35d024b0f5b77dfa5e70783cff69548bbce022dc2b9667b9c486ece33094095459c2af175bda9d12fb6c9ad143321fbde808decb0e69f29b857bf63a1a1be3ecab1e77234e2407284a5979022ddb5d9469b6f06401916cea649d814b400854698ad3923410d4ab3b1b05b1656008c975f134733985fb14508a7fa80488d0517d8ed6da515f1138ebd4897ec3f62da717ec14e5fa2d60cc7a8f401e33b3e19d88deb7f910300459e541438da39ddbed26ba7f7c78ea78ef03f3d20196ea111f6c171fba2ca7409a88635e2ba2ffe292d93410ea3276e6701a1df698f7b076810191ca474755844bbcd426b2d234e10f854186a3900a3abbe588eef3e85c74e33f044574b0663fd683577e5d46c34597b747e6004ce48303644fc2a0742374a508ff06b39daefb615651aa60723a6e29d6d20a9913a6bb47f2e6a6ac8a87e0f8ca946a58ee3fe1ee98bd3b766fb7161d8ffe52ac2e3ff31058925b42537a27a474f747dc23e72b870123d22cd8195552c7bde6d844fefa81e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380))
rseq(0x0, 0x0, 0x0, 0x0)
msgget(0x2, 0x4eb)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r2 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
r3 = syz_usb_connect(0x3, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109024b0001100000000904000003fe03010009cd8d1f01020000000905050200de7e001009058b1e20"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x105042, 0x0)
r4 = syz_io_uring_setup(0xd3, &(0x7f0000000480)={0x0, 0x0, 0x800, 0x0, 0x20}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc1fff}]})
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={r7}, 0x4)

4.837537801s ago: executing program 4 (id=661):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
setresuid(0x0, 0x0, 0xee01)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
utimensat(0xffffffffffffffff, &(0x7f0000000500)='./file0\x00', 0x0, 0x6a04b5aac208f8fb)
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
getrlimit(0xc, &(0x7f0000000040))
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000000180)={0x2, 0x14, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10)
r5 = openat$audio(0xffffffffffffff9c, 0x0, 0x9e966e64318092aa, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000080)=0x7f)
syz_emit_vhci(&(0x7f00000012c0)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x0, 0xc9, "0d24b2002987f91c"}}}, 0xe)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r6 = request_key(&(0x7f0000000300)='id_resolver\x00', &(0x7f0000000340)={'syz', 0x1}, &(0x7f0000000380)='sched_switch\x00', 0xfffffffffffffffe)
r7 = syz_io_uring_setup(0x16c2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r8=>0x0, &(0x7f0000000140)=<r9=>0x0)
syz_io_uring_submit(r8, r9, 0x0)
io_uring_enter(r7, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r10 = add_key(&(0x7f00000003c0)='pkcs7_test\x00', &(0x7f0000000400)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
r11 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_MOVE(0x1e, r6, r10, r11, 0x1)
r12 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
sendmsg$nl_route(r12, &(0x7f0000000200)={0x0, 0xffea, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000071000100000000000000000007000000", @ANYRES32, @ANYBLOB="0c00018008000100000001000c0002"], 0x30}}, 0x0)

3.860907888s ago: executing program 4 (id=666):
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58)
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000940)="d744784ca67c0398246d848e6df22054de2bd8ca3da64dfdea7d8eb74ffe057d7469066c6ca034a2677ce0c1c25e2b2a825d677e0fbac312a7da165cd5db94fa38cdf3a3f3f93b912a7515e0b1e441a3be644a296bcc765e7adc9ddb4d14376a69cbfcd2ddd156ba432349e96debeda26ee8914c28f4", 0x7ffff000}, {&(0x7f00000009c0)="d86e5c29ab2c0dce2b79f95d543a0d6b45dec9dab7afbc0d6d678feb7a652e67638c3ee007937917fad76308e99818f8f112b73a3c3e3c5ed80c49fab6e0593e95008b4a47aebdde3e28cea1cec26385f3d03b872970dfb69a63a6384a9be5b9419ff8ea6d9c2a730307894adb589d11a1ec59255d10acb1fbef", 0x7a}], 0x2}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x6}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r1 = socket$key(0xf, 0x3, 0x2)
write(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000000)=0x9, &(0x7f0000000100)=0x6)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
clock_getres(0x3, &(0x7f0000000580))
r5 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r6 = open(&(0x7f0000000140)='./bus\x00', 0x24000, 0xa2)
sendfile(r5, r6, 0x0, 0xf800)
write$FUSE_INIT(r6, &(0x7f0000000300)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x200080, 0x2, 0x3, 0x8af, 0x9, 0x0, 0x0, 0x81, 0xe}}, 0x50)
write$binfmt_script(r4, &(0x7f00000000c0)={'#! ', './file0'}, 0xf000)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x200000000000000, 0x100}, 0x0, 0x0)

3.748484591s ago: executing program 0 (id=667):
keyctl$set_reqkey_keyring(0x6, 0xfffffffffffffff4)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time\x00', 0x26e1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x4000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000480)={{{@in6=@mcast1, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@mcast1}, 0x0, @in6=@mcast2}}, &(0x7f00000006c0)=0x7b)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setresuid(0xee01, r4, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), 0x2102023, &(0x7f00000005c0)={[{@redirect_dir_off}, {@nfs_export_off}, {@uuid_null}, {@redirect_dir_nofollow}, {@metacopy_on}, {@verity_off}, {@xino_off}, {@uuid_null}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@euid_gt={'euid>', r1}}, {@euid_eq={'euid', 0x3d, r2}}, {@fowner_eq={'fowner', 0x3d, r4}}, {@fsmagic={'fsmagic', 0x3d, 0xfffffffffffffffd}}]})
close(r0)
syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000580)={[0x5]}, 0x8, 0x80800)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getresuid(0x0, 0x0, 0x0)
ppoll(&(0x7f0000000080)=[{r5, 0xd502}], 0x1, 0x0, 0x0, 0x0)
r6 = signalfd4(r5, &(0x7f0000000340)={[0x1]}, 0x8, 0x80800)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000240)="c4", 0x1, 0x20000841, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0x40405515, 0x0)
r7 = syz_io_uring_setup(0x5c33, &(0x7f00000002c0)={0x0, 0xffffffff, 0x2000, 0x2, 0x217, 0x0, r6}, &(0x7f0000000180), &(0x7f0000000340))
syz_io_uring_setup(0x55b4, &(0x7f0000000380)={0x0, 0x0, 0x40, 0x804}, 0x0, 0x0)
r8 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, &(0x7f00000000c0)=0x1c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000000100)={@mcast1, 0xb, 0x1, 0x0, 0x3, 0x7, 0x3}, 0x20)
syz_io_uring_setup(0x10278e, &(0x7f0000000000)={0x0, 0x0, 0x10, 0x1, 0x3}, &(0x7f0000000200), &(0x7f0000000240))
io_uring_enter(r7, 0x1413, 0x0, 0x0, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)

3.468770824s ago: executing program 0 (id=670):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4)
r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
close(r0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, {0x0, 0x1, 0x9, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0xfffe, 0x0, 0x0, 0x0, "65366a50432b7ebf03000000000000001aced0c19323a26000"}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000040050be01700000000000109022400010000010009040200010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x7, {[@global=@item_012={0x1, 0x1, 0x6, "cb"}, @local=@item_4={0x3, 0x2, 0x3, "0d796112"}]}}, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5004, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)

2.916657521s ago: executing program 0 (id=679):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x25}}, 0x1c)
socket$alg(0x26, 0x5, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
sendmsg$NL802154_CMD_GET_SEC_KEY(0xffffffffffffffff, 0x0, 0x4080)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@bridge_delneigh={0x30, 0x1c, 0x14c751c9543eb259, 0x0, 0x0, {0xa, 0x0, 0x0, r2, 0x40}, [@NDA_DST_IPV6={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x8004}, 0x0)

2.912003999s ago: executing program 4 (id=680):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x0, 0x3}, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x30, r7, 0x413, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x3, 0x1}}}}, 0x30}}, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/custom0\x00', 0x800, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000680001000000000000000000020000000000000004000b"], 0x1c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x81, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)

2.862471395s ago: executing program 0 (id=681):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40080000000008b}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000500)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @empty}, @ib={0x1b, 0x0, 0x0, {"0e000000000000000000000004000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000000340)={0x7, 0x8}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(r3, &(0x7f00000002c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000280)}}, 0x18)

2.71666335s ago: executing program 0 (id=682):
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3d, &(0x7f0000000080)={0x1}, 0x8)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
r2 = inotify_init1(0x0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140))
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$vim2m(&(0x7f0000000340), 0xa, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f15852323460608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x4001, 0x3, 0x330, 0x1b8, 0x0, 0x148, 0x0, 0x148, 0x298, 0x240, 0x240, 0x298, 0x240, 0x7fffffe, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'ip6gretap0\x00', 'netdevsim0\x00'}, 0x0, 0x190, 0x1b8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@unspec=@connlabel={{0x28}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ip={@local, @loopback, 0x0, 0x0, 'veth0_vlan\x00', 'macvtap0\x00'}, 0x0, 0xc0, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28, 'rpfilter\x00', 0x2}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x390)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
inotify_add_watch(r0, &(0x7f00000000c0)='./file1\x00', 0x80000000)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')

2.684425125s ago: executing program 1 (id=683):
prctl$PR_SET_IO_FLUSHER(0x53564d41, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xf, &(0x7f00000005c0)=ANY=[@ANYRESOCT, @ANYBLOB="ecb476f4fd2ece128c9ea079f5d6df4b8e799bb5c768813e5ce413c0e2eb4c94f8deea095d40654de286918a73a1773111c461206a00a3970eb2276e19f7ea3d382fb6814958e1497c6a2dfa40ef02d19b291f6615d7be00cac3ce816273a4859ca7945971e862fed2e7c3d0d612ff0efd4f4b2599b4c12a17918da020b692943409d584f63be33b27b36ee2b0f95f9385d910053050830cc259ab52616094d434b5f503f611756950fefe9fee86b4e1d7371936b1b015fca6cf0cffa747dbf06405630db3a4a2d76ca0f3983f95dfd7a5a38952b7133c882f061352f8b5242a675b016c9a0761d4624db95bdce9917998b267b51420c64638543a0e723a16", @ANYBLOB="00001f0d56dc77a09af8349d2647f4b8000000000000b71085000000080000000000fffff900000055090100000000009500000000ec0000bf916a000000ea00b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f00000069c0)=""/102378, 0x18ff6)
mkdir(0x0, 0xfffffffffffffffe)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000bde5569003000000030109021200010000000009040000006f5c0a00"], 0x0)
mknodat$null(0xffffffffffffffff, &(0x7f00000002c0)='./file1\x00', 0x8000, 0x103)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x16b241, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f0000000100)={0x79, 0x0, 0x2})
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000000000000000000050000000000000000000000030000000000f100ffffffff"])
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000006980)=ANY=[@ANYRES8, @ANYRESHEX, @ANYBLOB="2f8e353a95df378dd6"])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$dsp(0xffffffffffffffff, &(0x7f0000000280)="21dd216d7678d1d5851c8cbd501236dc7c0e76000000000000003ef662f18fd89f648555c42e746fd70c551e440ba5", 0x2f)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000040)=0x5)
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')

2.381061253s ago: executing program 3 (id=685):
syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xdf, 0x2b, 0xfd, 0x40, 0xc4b, 0x100, 0xd7ca, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x45, 0x0, 0x1, 0xc9, 0xce, 0xe4, 0x0, [], [{{0x9, 0x5, 0x8, 0x2, 0x3ff}}]}}]}}]}}, 0x0)

2.006785349s ago: executing program 2 (id=686):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000180), 0xfea7)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0)
r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000001280), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r4, 0xc1205531, &(0x7f00000101c0)={0x2, 0x0, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x3, 0x0, "b6855a32474ffa64f778ddcf29c94337"})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
r5 = syz_init_net_socket$ax25(0x3, 0x5, 0xa)
bind$ax25(r5, &(0x7f0000000380)={{0x3, @bcast, 0x1}, [@bcast, @null, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
writev(0xffffffffffffffff, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100))
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64])
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x7)
r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x10400, 0x0)
setsockopt$packet_tx_ring(r6, 0x107, 0xd, &(0x7f0000000080)=@req={0x6, 0x9, 0xf9c4, 0x6}, 0x10)
r7 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_PREPARE_BUF(r7, 0xc058565d, &(0x7f0000000640)=@fd={0x8, 0x1, 0x4, 0x2000, 0x6000000, {0x77359400}, {0x3, 0xc, 0x7, 0x7, 0x81, 0x8, "25d6dde3"}, 0x1, 0x4, {}, 0xf, 0x0, r6})
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r3, 0x0, 0x2e)

1.83336138s ago: executing program 1 (id=687):
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$netlink(r0, 0x10e, 0x7, 0x0, &(0x7f0000001100))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x10}, [@IFA_ADDRESS={0x14, 0xb, @private0={0xfc, 0x2}}, @IFA_LOCAL={0x14, 0x2, @local}]}, 0x40}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r4, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c000280080007"], 0x3c}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000005c0)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58)
r6 = accept4(r5, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x3, 0x0, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000158c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0x0, 0x57282f8390c76db}}}, 0x24}}, 0x0)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
rseq(&(0x7f0000000100), 0x20, 0x0, 0x0)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f0000001ff0), 0x10)
setsockopt$SO_TIMESTAMP(r7, 0x1, 0x40, &(0x7f0000000180)=0xc, 0x4)
sendmsg$can_bcm(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0xea60, @ANYRES64=0x0, @ANYBLOB="000000000700000000000000ae"], 0x20000078}}, 0x0)
sendmsg$can_bcm(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x5, 0x0, 0x0, {}, {}, {}, 0x7, @canfd={{0x0, 0x0, 0x1, 0x1}, 0x1c, 0x2, 0x0, 0x0, "ea1fa097a623c42f4a9dc8cb860fb58b07fb31eb4ea1678ea6af26eb14deabdd4e7433015fce91e09a2c14ca07994fe01f69b15bfa146df05096d0a0ede0b3ae"}}, 0x80}, 0x1, 0x0, 0x0, 0x20009810}, 0x0)
shmdt(0x0)

1.830177401s ago: executing program 4 (id=688):
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f01020301090212000800f8ff000904000000a058b700"], 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000500)=""/97, 0x61}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000000})

1.732669595s ago: executing program 3 (id=689):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='sched_process_wait\x00', r0}, 0x18)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
open(0x0, 0x8060, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000002380)={{}, 0x2c, {'rootmode', 0x3d, 0x8000}})
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000180)={0x29, 0x4, 0x0, {0x1, 0xfffffffff0000000, 0x1, 0x0, [0x0]}}, 0x29)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r4 = syz_open_dev$MSR(&(0x7f0000000140), 0x1e9, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000005c0)={@ifindex, 0x11, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000780), 0xffffffffffffffff)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r5 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r5, 0x3)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r6, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)

1.622477916s ago: executing program 1 (id=690):
r0 = syz_io_uring_setup(0x3844, &(0x7f0000000300)={0x0, 0xa66d, 0x14, 0xfffffffc, 0x30a}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000540)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FALLOCATE={0x11, 0xb, 0x0, @fd, 0x9, 0x0, 0x1, 0x0, 0x1})
io_uring_enter(r0, 0x47fe, 0xacc5, 0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xd}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_CREATE_PIT2(r8, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_GET_PIT2(r8, 0x8070ae9f, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
creat(0x0, 0x41)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r9 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r9, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[], 0x0, 0x37, 0x0, 0x0, 0xb47e, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0900000007000000000000000000010000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000082f177", @ANYRES32=0x0, @ANYRES32=r10, @ANYBLOB="02000000010000000000000000000000000000000000000000000000f140c33e375b58cb1d0880e566c752afd1145f8ab9d319960379736a59a285c5459f27c8b8979c178f4f63c6956803e7065392d7730cfb1777d8df6a785fb6e0e0c9294862a73985d752bbf0002c1763d5b99872491c0357304d2c7de0c822034adb52387b67f81539374dc86bd9f2d864f7fddd566d2113c5ed2dc7b75c0e27a16dc14b5d602ef83214ace79fb6cec5f6db3d6153726a403162fd20fc2ab7e11ae6aaf9af5640aaffb508a3b2c24ca7110b"], 0x48)

1.591515908s ago: executing program 3 (id=691):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b05, &(0x7f0000000040)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$kcm(0x29, 0x7, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000500000000000000", @ANYRES32, @ANYBLOB="9e00000000000000f7ffffff00000000000000002e76e94292c3c813853110931ead3596a582146554811cc79b8aa65a3802a376c886e5de167d3d51ff6a023cbbab535d2bfa7cbd6765039d37fcde3b5ec3876df572f410c085ed5bc4dbe3c7d7db64eb34b25109aa3cdc203d636affcb7c54a0a016b456e3eeb2b7453aeb421159ef2a9027f31c3d2fd2ec032a7f59f2dd67b2cf18554e3a5c5e7891b22b7ee5ac7516eef6b65234c88dcc637293ba6f", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000200"/28], 0x50)
r3 = openat$pfkey(0xffffff9c, &(0x7f0000000680), 0x3a1900, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000780)=@o_path={&(0x7f0000000740)='./file0\x00', 0x0, 0x2000, r0}, 0x14)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000002)
syz_emit_ethernet(0x2a, &(0x7f0000000300)={@random="e90c630faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0xe000, 0xff, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x8}}}}}, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd0, &(0x7f00000008c0)=0x8, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x6, 0x13, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@btf_id={0x18, 0x2, 0x3, 0x0, 0x3}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000240)='GPL\x00', 0x200, 0x6, &(0x7f0000000380)=""/6, 0x41000, 0x0, '\x00', 0x0, 0x25, r3, 0x8, &(0x7f00000006c0)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000000700)={0x0, 0x7, 0x39, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000008c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0xfaf, @void, @value}, 0x94)

1.427497852s ago: executing program 3 (id=692):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$packet(0x11, 0x2, 0x300) (async)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) (async)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), r0)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f0000000480)={0x1a0, r3, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xfffffffc}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}]}, @TIPC_NLA_PUBL={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x10000}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x9}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xe}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x58}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9}]}, @TIPC_NLA_LINK={0xa8, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb9c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xd7f}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x81}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xffff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8001}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x62}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}]}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x40080}, 0x8808) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r4, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) (async)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) (async)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
sendmsg$NL80211_CMD_GET_REG(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r5, 0x4c466994d56c53cd}, 0x14}}, 0x0) (async)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1.16067673s ago: executing program 1 (id=693):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x6, &(0x7f00000003c0)=[{0x8785, 0xfc, 0x0, 0x80000000}, {0x1, 0x4, 0x29, 0x9}, {0xf, 0xb8, 0x7, 0x10000}, {0x2, 0x8, 0x0, 0x3}, {0x3, 0x8, 0x0, 0x5}, {0xa, 0xb6, 0x5b, 0xa51}]}, 0x10)
r3 = fcntl$dupfd(r1, 0x406, r0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setresuid(0xee01, 0x0, 0x0)
keyctl$session_to_parent(0x12)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r4 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x228100)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff})
r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0x404000, 0x0)
r7 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000300), 0x6000, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)
preadv(r8, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$NBD_SET_SOCK(r3, 0xab00, r6)
ioctl$NBD_SET_FLAGS(r7, 0xab0a, 0x1000001000104)
unshare(0x2a020480)
r9 = memfd_create(&(0x7f0000000180)='\xfb\"a&\x8fe\x11\x8c\xd64\xf9 \x00\x00\x00\x00\x00\x12\x1a\'<\xf5\xbeV\x12\xaal\xfa\xf0o\xd8\xb1,\xbd>M\xe3\x98?\xd9\x96\xab\xc7\x06\xfd\x9b\xab\xc8\x1e\x89]\x13bZ\x8d /#k\x95\x9eLV(\x8a\x0e\x93\x93Vc]mP\xbativ\xce\xa4K\xfb\xf2\xe0\xbf\x9d\xa1\xa2\xcd\xb39\xb4\x17a9\x1c\x82\x1aLT\xd0\xb9\x1a\xafB\x95\xb4\xcf\x91X\x8c\x87\xc2\xa1\x1b\xfe\xe7\xbc\xf7\xeb\xdeL\x1d\x98Zq\xcc\x12\x98\xb0Yc\xec\xb7\xb5m(9\xde\xd3\xefB\xd4\xee\xb5\xee\xe0\xaa\xdd\x00\xb1jOB\xdas\xe3\xb47}%)\xb9\xbf{\xce\x94^\xec\xdf\xbcW\xe0I\x0e\xa4\x1e}\x06\vK\xed\x11\x880\x0e\x9c\xaeVU\x88\xb0\x842kgA]\x1e\x88\xecif\xee]\x8b\xc6\"\xcej\x84#\x1d2\xb8\x80Z\xf7\x06\xbe\xc9[L\xc5\xc9\xb5\xd6{\xee\xce\x17\x89\xa6r\xc5jeT\'0.\x85\xa2\xc8\xb3_\t\xe8:\x89\xecL\xcf\xd8\xb5\xfb\xbc\tD\x88\xbe\xf4@[\xb2\xd5\x8c\xb9\x0e\x17\x8b\xce\xd09\xd2\xfb\x9e\xef\xabR\x88\x17\x9et\xf7\x9c\x01\x91\xacH\xdb\xf9\xcb\x7fh\x83>\x8eq\xb5\xedR\xc9\xe68h\x19\xafLY\x94\x93\xebT\x15\x817\x9d#\xea\xd2\xa8\xfb^\x8c\x87#\x10vP\xbe\x9a\xf1\xdc\xe4X\"|8A\a\xc9\x9aA', 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x11, r9, 0x0)
fcntl$addseals(r9, 0x409, 0x8)
ioctl$NBD_SET_SOCK(r7, 0xab00, r5)
ioctl$NBD_DO_IT(r4, 0xab03)
ioctl$NBD_CLEAR_SOCK(r7, 0xab04)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x0, 0xd4181)

1.117862481s ago: executing program 4 (id=694):
r0 = io_uring_setup(0x175c, &(0x7f0000000140))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r1, &(0x7f0000000b80)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
r2 = syz_open_pts(r1, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x1})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000480)='Y', 0x1}, {&(0x7f0000000100)="d3", 0x1}, {&(0x7f0000000140)="86f9c5658c11ffce43c42ff5300700", 0xf}], 0x3, 0x0, 0x0, 0x1}}], 0x1, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f0000000180)="f38aeeb8a8d247d3bdf2b4cf6080c0e9e8599c77ddd6cbc7b30d6f6eafba734e456377a9c00b507dcc79ed3d1d6e4a789ef7aec8575901ad148085e7c86ad89284573b2a10df0163e5c6b8594e65b8c1faae90ccfc9c6228c6977925866c62545563db34f59e11c33631e3035e666973af2770421b6aa2511b407908fcb7fa8eef97ac852002ad25b4570d431460121f77ae91bbca604754c2b86e684b1e0d263e7758e85f3cd2a03c086c8d545d75f2b3d597638edffe627e64ec67eb8e0e")
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c643c, &(0x7f0000000300)={0x0, 0x0, r4})
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r2, &(0x7f0000000100)={0x10002000})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r1, &(0x7f0000000080)={0x8})
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)=0xffffffff, 0x4)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x11, @remote, 0x1, 0x3, 'fo\x00', 0x3, 0x52, 0x4000000}, 0x2c)
close_range(r0, 0xffffffffffffffff, 0x0)

988.404163ms ago: executing program 2 (id=695):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote}, 0x14)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
socket$packet(0x11, 0x0, 0x300)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_ext={0x1c, 0x5, &(0x7f0000000100)=@raw=[@call={0x85, 0x0, 0x0, 0xc5}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, @map_val={0x18, 0x5, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x5a}], &(0x7f0000000180)='GPL\x00', 0x9, 0x0, &(0x7f00000001c0), 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x29498, 0xffffffffffffffff, 0x3, &(0x7f0000000240)=[0x1, 0x1, 0x1, 0x1, 0x1], &(0x7f0000000280)=[{0x2, 0x5, 0x10, 0x7}, {0x0, 0x4, 0x10, 0x2}, {0x3, 0x1, 0x8, 0x3}], 0x10, 0x8, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000380)=r2, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_hsr\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x48)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000040)={r4, 0x58, &(0x7f0000000100)}, 0x10)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000080)={@remote, r3}, 0x14)
close_range(r1, 0xffffffffffffffff, 0x0)

905.10509ms ago: executing program 0 (id=696):
socket(0x10, 0x803, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x57e, 0x2009, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0xfd, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000c00)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040))
r3 = memfd_secret(0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r3)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r3, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r4, 0x4, 0x70bd24, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "a2177c398131f9aa5fe9dab44e2e401d"}, @NL80211_ATTR_BSSID={0xa}]}, 0x34}}, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040), 0x4)

828.846491ms ago: executing program 3 (id=697):
syz_usb_connect$cdc_ecm(0x2, 0x56, &(0x7f0000000140)=ANY=[], 0x0)

667.001588ms ago: executing program 1 (id=698):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'gre0\x00'})
prctl$PR_MCE_KILL(0x35, 0x0, 0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet(0xa, 0x801, 0x84)
eventfd(0x1)
r2 = gettid()
timer_create(0x1, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0)
write$FUSE_NOTIFY_POLL(r5, &(0x7f0000000340)={0x18}, 0x18)
write$FUSE_ENTRY(r5, &(0x7f0000000380)={0x90, 0x0, 0x0, {0x0, 0x1}}, 0x90)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5]) (fail_nth: 8)

606.539141ms ago: executing program 4 (id=699):
syz_open_dev$usbmon(&(0x7f0000000900), 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000002c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x5)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000000)=0x5, 0x4)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000001e00010a"], 0x40}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000025c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080)={0x0, <r7=>0x0}, &(0x7f00000000c0)=0xc)
getgroups(0x2, &(0x7f0000000100)=[<r8=>0xffffffffffffffff, 0xee01])
write$FUSE_ENTRY(r5, &(0x7f0000000140)={0x90, 0x0, r6, {0x0, 0x1, 0x7fff, 0x4, 0xc7, 0x8, {0x2, 0x1, 0xffffffff, 0x4, 0x442, 0x8, 0x4, 0x0, 0x10, 0x8000, 0x2, r7, r8, 0x101, 0x2}}}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

144.619962ms ago: executing program 1 (id=700):
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0xfffffff9, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r0 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
clock_gettime(0x0, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
syz_usb_connect(0x5, 0x24, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet6(0xa, 0x3, 0x7)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r1, &(0x7f0000000000)=ANY=[@ANYRES8=r1, @ANYRES16=r1], 0xffdd)
ioprio_get$pid(0x2, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
io_setup(0x4082, &(0x7f0000000380))
syz_io_uring_setup(0x1002943, &(0x7f0000001400)={0x0, 0x2000000, 0x10}, &(0x7f0000001480), &(0x7f00000014c0))
socket$nl_generic(0x10, 0x3, 0x10)

39.75136ms ago: executing program 3 (id=701):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="c0", 0x1}], 0x1)
socketpair(0x18, 0x1, 0x0, &(0x7f0000000000))

0s ago: executing program 2 (id=702):
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1e0000000c00000003000000050000002b100000", @ANYRES32, @ANYBLOB="080000000000dc803daa00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0100000005000000030000000100"/28], 0x50)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000e40), 0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_GATEWAYS(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000440)={0x1c, r5, 0x305, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}]}, 0x1c}}, 0x0)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1040100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x20, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x40c0}, 0x20000080)
r8 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$SG_GET_REQUEST_TABLE(r8, 0x2286, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x9c, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000001940)={0x0, 0x0, 0x0}, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x8, 0x2)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000e00)={{0x12, 0x1, 0x310, 0x1b, 0xf9, 0x17, 0x10, 0xd46, 0x2011, 0xe88a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x3, 0x4, 0xd0, 0x3, [{{0x9, 0x4, 0x6a, 0xa, 0x1, 0x4d, 0x78, 0x27, 0x62, [], [{{0x9, 0x5, 0xd, 0x3, 0x200, 0xa, 0x9, 0x2}}]}}]}}]}}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x4, [{0xff, &(0x7f0000000280)=@string={0xff, 0x3, "de6d09344341e047590af0b95f7acf953694e54a83738712afd29275506084e7274be1229571e96024ecc3ed4a61aef4b5f608e97746a30b0dd5514accbad61b2e545451a1caef779885c6463a85f3e400fb2adddb87642419bbea12f7b075f6fb5046f410471f92985294d48054928bae85875f56ef3c4f248fbc1b4a4acdee271234d4d58c728d7a49f8bf3f41997e42e9c8e43780932d70b5110fbc3729494f43aeb46d5746840a701b82f5cec3315e69ce2c5daa7d75253f66c18d0b419d91e598a1c0d0571b2a022566cfd9c8887fc1834b6eb4183c24860f9e3999c91b6a45bef6b26ca53aca56b61a8f1bd0845b1b717a70b5b944c277f4de7d"}}, {0xc7, &(0x7f0000000480)=@string={0xc7, 0x3, "cd4dee0ca1b64213405d5ed47965c32a376ec49e55adb13c901288d49ec71d37c3782aa303b48920322ab0d2dae88b7adb33e2ce1b5a64876c6ac66d64804241796d0b6c7bff0afc71b76f0bd1c910a7cbd31f6549d351064c7fc30a7beb6fbf270a39fa26eeef9dec000f62aac47e536512ef9e7c9d75ea26d0e325a30dd7b08fb8612eb0cdb7d16a26617c2ef7e6bb5b04b93be498b156d79c9fe1d26a8464d58411922ac8bb09644359e2eb60afa63bb42dd7cf9cd6718d752ad264df6c97be6875f8ba"}}, {0x22, &(0x7f0000000380)=@string={0x22, 0x3, "357ea6078f25ea5f7e66138f004fe41cb49b4e1d70ad747f0b07baaa95e2b253"}}, {0xfe, &(0x7f0000000580)=@string={0xfe, 0x3, "34e1a0c1fcd08af3ae4a8c99c3b8b71d15e2c4200641fe021f8354bdb83c9cc82127ec8ce7692a90631f6b8d21cb58a7d797927b315c0673aab50f3b69391a71fca6db3fa1f460cfb7ed690e17d934ca560c272c6ffa85f40eeca21fcb6427d425387dad364227db00b15c88a4d6af3619dc0f14ffaca3de41c0acfa92a0b27f5509ab7ec00cd6c181123c619449d20f6075fb83d8ffa08939d7703191195804e09906fe053abda3081c36e138975d4c3a0dfdcea8b27d1e789c112193c6d265af41b10b75b64484a61b5bf3cfd8e6b0f59b4cfc4d6a67ee6a460ec9bd5d1265f3f71558b147de7f9149348b026dcd19c4fabfebf1f48ed8f80f235d"}}]})
setsockopt$bt_BT_SECURITY(r8, 0x112, 0x4, &(0x7f00000000c0)={0x9, 0xff}, 0x2)

kernel console output (not intermixed with test programs):

permissive=1
[  123.479783][ T5865] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  123.597299][   T29] audit: type=1400 audit(2000000014.250:414): avc:  denied  { accept } for  pid=6797 comm="syz.4.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  123.643712][ T5865] usb 1-1: Using ep0 maxpacket: 16
[  123.668453][ T5865] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  123.686093][ T5865] usb 1-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  123.706625][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.724322][ T5865] usb 1-1: Product: syz
[  123.730450][ T5865] usb 1-1: Manufacturer: syz
[  123.736806][ T5865] usb 1-1: SerialNumber: syz
[  123.746103][ T5865] usb 1-1: config 0 descriptor??
[  123.753764][ T5865] port100 1-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  123.877557][ T6804] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  123.899453][ T6804] batadv_slave_1: entered promiscuous mode
[  123.923375][ T6804] QAT: Device 7 not found
[  123.941802][   T29] audit: type=1400 audit(2000000014.600:415): avc:  denied  { bind } for  pid=6803 comm="syz.2.235" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  124.020579][ T6794] netlink: 24 bytes leftover after parsing attributes in process `syz.0.231'.
[  124.030274][   T29] audit: type=1400 audit(2000000014.600:416): avc:  denied  { name_bind } for  pid=6803 comm="syz.2.235" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  124.050695][    C1] vkms_vblank_simulate: vblank timer overrun
[  124.075990][ T5931] em28xx 4-1:0.0: AC97 vendor ID = 0x00fc0cbc
[  124.089729][   T29] audit: type=1400 audit(2000000014.600:417): avc:  denied  { node_bind } for  pid=6803 comm="syz.2.235" saddr=720:7469:6d65:6f75:7420:696e:6f64:6520 src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  124.118509][ T5865] usb 1-1: USB disconnect, device number 11
[  124.159419][   T29] audit: type=1400 audit(2000000014.660:418): avc:  denied  { ioctl } for  pid=6803 comm="syz.2.235" path="socket:[11956]" dev="sockfs" ino=11956 ioctlcmd=0x64a6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  124.184237][    C1] vkms_vblank_simulate: vblank timer overrun
[  124.283273][ T5931] em28xx 4-1:0.0: Unknown AC97 audio processor detected!
[  124.293246][ T5931] em28xx 4-1:0.0: couldn't setup AC97 register 2
[  124.309940][ T5931] em28xx 4-1:0.0: couldn't setup AC97 register 4
[  124.326938][ T5931] em28xx 4-1:0.0: couldn't setup AC97 register 6
[  124.343070][ T5931] em28xx 4-1:0.0: couldn't setup AC97 register 54
[  124.356779][ T5931] em28xx 4-1:0.0: couldn't setup AC97 register 56
[  124.378882][ T5931] usb 4-1: USB disconnect, device number 10
[  124.417086][ T6814] xt_hashlimit: max too large, truncated to 1048576
[  124.700319][ T5865] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  124.861137][ T5865] usb 3-1: unable to get BOS descriptor or descriptor too short
[  124.870442][ T5865] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  124.886974][ T5865] usb 3-1: config 1 has no interface number 1
[  124.908202][ T5865] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  124.960154][ T5865] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1032, setting to 1024
[  124.993709][ T5865] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  125.009712][ T5865] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.027883][ T5865] usb 3-1: Product: syz
[  125.037008][ T5865] usb 3-1: Manufacturer: syz
[  125.058297][ T5865] usb 3-1: SerialNumber: syz
[  125.317998][ T6828] FAULT_INJECTION: forcing a failure.
[  125.317998][ T6828] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.331785][   T29] audit: type=1400 audit(2000000015.970:419): avc:  denied  { wake_alarm } for  pid=6827 comm="syz.0.243" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  125.352704][    C1] vkms_vblank_simulate: vblank timer overrun
[  125.424773][ T6832] x_tables: unsorted underflow at hook 3
[  125.460074][ T6828] CPU: 0 UID: 0 PID: 6828 Comm: syz.0.243 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  125.470712][ T6828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  125.480775][ T6828] Call Trace:
[  125.484056][ T6828]  <TASK>
[  125.486990][ T6828]  dump_stack_lvl+0x16c/0x1f0
[  125.491685][ T6828]  should_fail_ex+0x497/0x5b0
[  125.496378][ T6828]  _copy_from_user+0x2e/0xd0
[  125.500988][ T6828]  move_addr_to_kernel+0x68/0x160
[  125.506030][ T6828]  __sys_connect+0xb0/0x170
[  125.510541][ T6828]  ? __pfx___sys_connect+0x10/0x10
[  125.515675][ T6828]  ? __pfx_ksys_write+0x10/0x10
[  125.520534][ T6828]  __x64_sys_connect+0x72/0xb0
[  125.525307][ T6828]  ? lockdep_hardirqs_on+0x7c/0x110
[  125.530511][ T6828]  do_syscall_64+0xcd/0x250
[  125.535026][ T6828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.540926][ T6828] RIP: 0033:0x7f0eccf85d19
[  125.545336][ T6828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.564957][ T6828] RSP: 002b:00007f0ecddba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  125.573378][ T6828] RAX: ffffffffffffffda RBX: 00007f0ecd175fa0 RCX: 00007f0eccf85d19
[  125.581435][ T6828] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000005
[  125.589454][ T6828] RBP: 00007f0ecddba090 R08: 0000000000000000 R09: 0000000000000000
[  125.597419][ T6828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.605649][ T6828] R13: 0000000000000000 R14: 00007f0ecd175fa0 R15: 00007ffe4259f478
[  125.613657][ T6828]  </TASK>
[  125.709172][   T29] audit: type=1400 audit(2000000016.360:420): avc:  denied  { write } for  pid=6813 comm="syz.2.238" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  125.754932][ T5865] usb 3-1: cannot find UAC_HEADER
[  125.820806][ T5865] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  125.847042][ T5865] usb 3-1: USB disconnect, device number 13
[  125.854071][ T6834] fuse: Unknown parameter ''
[  126.119487][   T29] audit: type=1400 audit(2000000016.760:421): avc:  denied  { ioctl } for  pid=6838 comm="syz.0.247" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  126.122284][ T6840] netlink: 11 bytes leftover after parsing attributes in process `syz.0.247'.
[  126.199593][ T5931] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  126.604738][ T5931] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  126.604780][ T5931] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.604805][ T5931] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.604826][ T5931] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  126.604855][ T5931] usb 4-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00
[  126.604875][ T5931] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.606339][ T5931] usb 4-1: config 0 descriptor??
[  126.643734][ T5805] udevd[5805]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  126.747929][   T12] Bluetooth: hci5: Frame reassembly failed (-84)
[  126.848595][ T6849] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 2
[  126.969706][ T5865] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  127.013950][ T6855] netlink: 12 bytes leftover after parsing attributes in process `syz.4.252'.
[  127.033381][ T5931] nintendo 0003:057E:2009.0008: unknown main item tag 0x0
[  127.041231][ T5931] nintendo 0003:057E:2009.0008: unknown main item tag 0x0
[  127.048371][ T5931] nintendo 0003:057E:2009.0008: unknown main item tag 0x0
[  127.055773][ T5931] nintendo 0003:057E:2009.0008: unknown main item tag 0x0
[  127.063128][ T5931] nintendo 0003:057E:2009.0008: unknown main item tag 0x0
[  127.072746][ T5931] nintendo 0003:057E:2009.0008: hidraw0: USB HID v80.00 Device [HID 057e:2009] on usb-dummy_hcd.3-1/input0
[  127.139784][ T5865] usb 3-1: Using ep0 maxpacket: 16
[  127.146037][ T5865] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  127.149512][ T5931] nintendo 0003:057E:2009.0008: Failed to get joycon info; ret=-38
[  127.158305][ T5865] usb 3-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  127.165452][ T5931] nintendo 0003:057E:2009.0008: Failed to retrieve controller info; ret=-38
[  127.173691][ T5865] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.185575][ T5931] nintendo 0003:057E:2009.0008: Failed to initialize controller; ret=-38
[  127.195929][ T5865] usb 3-1: Product: syz
[  127.204024][ T5865] usb 3-1: Manufacturer: syz
[  127.207446][ T5931] nintendo 0003:057E:2009.0008: probe - fail = -38
[  127.208817][ T5865] usb 3-1: SerialNumber: syz
[  127.216683][ T5931] nintendo 0003:057E:2009.0008: probe with driver nintendo failed with error -38
[  127.240428][ T5931] usb 4-1: USB disconnect, device number 11
[  127.250942][ T5865] usb 3-1: config 0 descriptor??
[  127.257541][ T5865] port100 3-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  127.279922][ T5867] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  127.429453][ T5867] usb 5-1: Using ep0 maxpacket: 16
[  127.435794][ T5867] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  127.447139][ T5867] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  127.457547][ T5867] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  127.467749][ T6850] netlink: 24 bytes leftover after parsing attributes in process `syz.2.249'.
[  127.470345][ T5867] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  127.486509][ T5867] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.494837][ T5867] usb 5-1: Product: syz
[  127.499085][ T5867] usb 5-1: Manufacturer: syz
[  127.504451][ T5867] usb 5-1: SerialNumber: syz
[  127.519475][ T5865] usb 3-1: USB disconnect, device number 14
[  127.728909][ T6855] sctp: [Deprecated]: syz.4.252 (pid 6855) Use of struct sctp_assoc_value in delayed_ack socket option.
[  127.728909][ T6855] Use struct sctp_sack_info instead
[  127.748577][ T5867] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[  127.758409][ T5867] usb 5-1: 2:1: cannot set freq 9338507 to ep 0x82
[  127.786944][ T5867] usb 5-1: USB disconnect, device number 11
[  127.917933][   T29] audit: type=1400 audit(2000000018.570:422): avc:  denied  { mount } for  pid=6862 comm="syz.3.254" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  127.991780][ T5832] udevd[5832]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  128.779639][ T5141] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  128.786279][ T5827] Bluetooth: hci5: command 0x1003 tx timeout
[  129.297733][   T29] audit: type=1326 audit(2000000019.950:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6883 comm="syz.0.260" exe="/root/syz-executor" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7f0eccf85d19 code=0x0
[  129.320554][    C1] vkms_vblank_simulate: vblank timer overrun
[  129.474256][   T29] audit: type=1400 audit(2000000020.130:424): avc:  denied  { mounton } for  pid=6888 comm="syz.4.261" path="/55/file0" dev="tmpfs" ino=323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  129.895517][   T29] audit: type=1400 audit(2000000020.540:425): avc:  denied  { read } for  pid=6901 comm="syz.3.266" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  129.958008][   T29] audit: type=1400 audit(2000000020.540:426): avc:  denied  { open } for  pid=6901 comm="syz.3.266" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  129.990982][   T29] audit: type=1400 audit(2000000020.550:427): avc:  denied  { write } for  pid=6901 comm="syz.3.266" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  130.014782][   T29] audit: type=1400 audit(2000000020.550:428): avc:  denied  { ioctl } for  pid=6901 comm="syz.3.266" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  130.189480][ T1969] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  130.197493][ T5931] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  130.349546][ T1969] usb 5-1: Using ep0 maxpacket: 16
[  130.354860][ T5931] usb 2-1: Using ep0 maxpacket: 32
[  130.363473][ T5931] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  130.381603][ T5931] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.392839][ T5931] usb 2-1: Product: syz
[  130.397146][ T5931] usb 2-1: Manufacturer: syz
[  130.404033][ T5931] usb 2-1: SerialNumber: syz
[  130.426425][ T1969] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  130.449740][ T1969] usb 5-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  130.467009][ T5931] usb 2-1: config 0 descriptor??
[  130.479865][ T1969] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.499389][ T1969] usb 5-1: Product: syz
[  130.503626][ T1969] usb 5-1: Manufacturer: syz
[  130.508211][ T1969] usb 5-1: SerialNumber: syz
[  130.521011][ T1969] usb 5-1: config 0 descriptor??
[  130.528608][ T1969] port100 5-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  130.695126][ T6904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  130.715042][ T6904] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  130.740931][ T6900] netlink: 24 bytes leftover after parsing attributes in process `syz.4.265'.
[  130.758176][ T5931] rtl8150 2-1:0.0: couldn't reset the device
[  130.777988][ T5931] rtl8150 2-1:0.0: probe with driver rtl8150 failed with error -5
[  130.817645][ T1969] usb 5-1: USB disconnect, device number 12
[  130.839667][ T5931] usb 2-1: USB disconnect, device number 15
[  131.093195][   T29] audit: type=1400 audit(2000000021.750:429): avc:  denied  { watch watch_reads } for  pid=6921 comm="syz.3.271" path="/44" dev="tmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  131.381299][   T29] audit: type=1400 audit(2000000022.040:430): avc:  denied  { bind } for  pid=6927 comm="syz.1.273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  131.549513][ T5867] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  131.709654][ T5867] usb 1-1: Using ep0 maxpacket: 8
[  132.021143][ T6940] netlink: 'syz.4.274': attribute type 1 has an invalid length.
[  132.311541][ T5867] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8
[  132.331056][ T5867] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  132.340655][ T5867] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.357235][ T5867] usb 1-1: Product: syz
[  132.369402][ T5867] usb 1-1: Manufacturer: syz
[  132.374411][ T5867] usb 1-1: SerialNumber: syz
[  132.390230][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  132.396881][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  132.420682][ T5865] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  132.450516][ T5867] usb 1-1: config 0 descriptor??
[  132.599103][ T6946] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  132.779553][ T5931] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  132.891249][ T5865] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  132.916340][ T5865] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  132.945531][ T5865] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  132.955483][ T5865] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  132.959481][ T5931] usb 3-1: Using ep0 maxpacket: 32
[  132.968671][ T5865] usb 2-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00
[  132.989472][ T5865] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.056534][ T6926] netlink: 8 bytes leftover after parsing attributes in process `syz.0.272'.
[  133.174744][ T5931] usb 3-1: config 0 has an invalid interface number: 81 but max is 0
[  133.175307][ T5865] usb 2-1: config 0 descriptor??
[  133.371486][ T5931] usb 3-1: config 0 has no interface number 0
[  133.380899][ T5867] gspca_main: se401-2.14.0 probing 047d:5003
[  133.391738][ T5931] usb 3-1: New USB device found, idVendor=0f3d, idProduct=68a3, bcdDevice=98.72
[  133.403277][ T5931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.415522][ T5931] usb 3-1: Product: syz
[  133.420667][ T5931] usb 3-1: Manufacturer: syz
[  133.425458][ T5931] usb 3-1: SerialNumber: syz
[  133.434361][ T5931] usb 3-1: config 0 descriptor??
[  133.442412][ T5931] sierra 3-1:0.81: Sierra USB modem converter detected
[  133.489460][    T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  133.639448][    T9] usb 5-1: Using ep0 maxpacket: 16
[  133.647282][    T9] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  133.659870][    T8] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  133.668989][    T9] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  133.680117][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.688158][    T9] usb 5-1: Product: syz
[  133.692550][    T9] usb 5-1: Manufacturer: syz
[  133.697205][    T9] usb 5-1: SerialNumber: syz
[  133.698595][   T29] audit: type=1400 audit(2000000024.360:431): avc:  denied  { listen } for  pid=6943 comm="syz.2.277" lport=44995 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  133.703651][    T9] usb 5-1: config 0 descriptor??
[  133.776384][ T5865] nintendo 0003:057E:2009.0009: unknown main item tag 0x0
[  133.780639][   T29] audit: type=1400 audit(2000000024.430:432): avc:  denied  { accept } for  pid=6943 comm="syz.2.277" lport=44995 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  133.790454][ T5865] nintendo 0003:057E:2009.0009: unknown main item tag 0x0
[  133.811492][    T8] usb 4-1: Using ep0 maxpacket: 16
[  133.824178][ T5865] nintendo 0003:057E:2009.0009: unknown main item tag 0x0
[  133.829783][ T5931] usb 3-1: Sierra USB modem converter now attached to ttyUSB0
[  133.834464][    T8] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  133.845104][ T5931] usb 3-1: USB disconnect, device number 15
[  133.858069][ T5865] nintendo 0003:057E:2009.0009: unknown main item tag 0x0
[  133.861558][ T5931] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  133.865710][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  133.874988][ T5931] sierra 3-1:0.81: device disconnected
[  133.888371][ T5865] nintendo 0003:057E:2009.0009: unknown main item tag 0x0
[  133.905081][ T5865] nintendo 0003:057E:2009.0009: hidraw0: USB HID v80.00 Device [HID 057e:2009] on usb-dummy_hcd.1-1/input0
[  133.916780][    T8] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  133.942176][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.960887][    T8] usb 4-1: Product: syz
[  133.966259][    T8] usb 4-1: Manufacturer: syz
[  133.971415][    T8] usb 4-1: SerialNumber: syz
[  133.986283][    T8] usb 4-1: config 0 descriptor??
[  134.001726][    T8] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  134.011160][    T8] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  134.018508][ T5865] nintendo 0003:057E:2009.0009: Failed to get joycon info; ret=-38
[  134.026748][ T5865] nintendo 0003:057E:2009.0009: Failed to retrieve controller info; ret=-38
[  134.035648][ T5865] nintendo 0003:057E:2009.0009: Failed to initialize controller; ret=-38
[  134.056401][ T5865] nintendo 0003:057E:2009.0009: probe - fail = -38
[  134.063101][ T5865] nintendo 0003:057E:2009.0009: probe with driver nintendo failed with error -38
[  134.078576][ T5865] usb 2-1: USB disconnect, device number 16
[  134.501170][ T5867] usb 1-1: reset high-speed USB device number 12 using dummy_hcd
[  134.511991][ T5867] usb 1-1: device reset changed ep0 maxpacket size!
[  134.521580][ T5867] gspca_se401: read req failed req 0x06 error -19
[  134.548426][ T5867] usb 1-1: USB disconnect, device number 12
[  134.972835][ T5931] libceph: connect (1)[c::]:6789 error -101
[  135.153100][    T8] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  135.154972][ T5931] libceph: mon0 (1)[c::]:6789 connect error
[  135.165930][ T1969] libceph: connect (1)[c::]:6789 error -101
[  135.172184][ T1969] libceph: mon0 (1)[c::]:6789 connect error
[  135.172723][    T8] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[  135.244875][ T6973] ceph: No mds server is up or the cluster is laggy
[  135.244983][ T6974] ceph: No mds server is up or the cluster is laggy
[  135.271367][ T5867] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  135.411885][   T29] audit: type=1400 audit(2000000026.060:433): avc:  denied  { execute } for  pid=6981 comm="syz.1.286" path="/dev/audio1" dev="devtmpfs" ino=1290 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  135.435649][    C1] vkms_vblank_simulate: vblank timer overrun
[  135.489780][ T5867] usb 1-1: Using ep0 maxpacket: 16
[  135.506780][ T5867] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  135.519032][ T5867] usb 1-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  135.528437][ T5867] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.536592][ T5867] usb 1-1: Product: syz
[  135.550762][ T5867] usb 1-1: Manufacturer: syz
[  135.559284][ T5867] usb 1-1: SerialNumber: syz
[  135.574383][ T5867] usb 1-1: config 0 descriptor??
[  135.585826][ T5867] port100 1-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  135.841701][ T6969] netlink: 24 bytes leftover after parsing attributes in process `syz.0.284'.
[  135.927909][ T5867] usb 1-1: USB disconnect, device number 13
[  136.046570][ T1969] usb 5-1: USB disconnect, device number 13
[  136.252928][    T8] em28xx 4-1:0.0: AC97 vendor ID = 0x00fc0cbc
[  136.254932][ T6995] F2FS-fs (nbd4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  136.267017][ T6995] F2FS-fs (nbd4): Can't find valid F2FS filesystem in 1th superblock
[  136.276012][ T6995] F2FS-fs (nbd4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  136.283768][ T6995] F2FS-fs (nbd4): Can't find valid F2FS filesystem in 2th superblock
[  136.349578][   T29] audit: type=1400 audit(2000000027.000:434): avc:  denied  { setopt } for  pid=6993 comm="syz.4.289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  136.439649][ T5931] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  136.444578][   T29] audit: type=1400 audit(2000000027.030:435): avc:  denied  { getopt } for  pid=6993 comm="syz.4.289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  136.588915][    T8] em28xx 4-1:0.0: Unknown AC97 audio processor detected!
[  136.612130][ T6997] netlink: 8 bytes leftover after parsing attributes in process `syz.4.290'.
[  136.674349][    T8] em28xx 4-1:0.0: couldn't setup AC97 register 2
[  136.687659][    T8] em28xx 4-1:0.0: couldn't setup AC97 register 4
[  136.695372][    T8] em28xx 4-1:0.0: couldn't setup AC97 register 6
[  136.712089][    T8] em28xx 4-1:0.0: couldn't setup AC97 register 54
[  136.720612][    T8] em28xx 4-1:0.0: couldn't setup AC97 register 56
[  136.882401][    T8] usb 4-1: USB disconnect, device number 12
[  137.239228][ T5931] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.250414][ T5931] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  137.262397][ T5931] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  137.271521][ T5931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.279693][ T5931] usb 3-1: Product: syz
[  137.283904][ T5931] usb 3-1: Manufacturer: syz
[  137.288503][ T5931] usb 3-1: SerialNumber: syz
[  137.514395][   T29] audit: type=1400 audit(2000000028.170:436): avc:  denied  { create } for  pid=7007 comm="syz.4.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  137.536065][   T29] audit: type=1400 audit(2000000028.200:437): avc:  denied  { bind } for  pid=7007 comm="syz.4.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  137.558583][   T29] audit: type=1400 audit(2000000028.220:438): avc:  denied  { listen } for  pid=7007 comm="syz.4.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  137.588949][ T6992] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  137.617932][   T29] audit: type=1400 audit(2000000028.220:439): avc:  denied  { accept } for  pid=7007 comm="syz.4.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  137.663954][   T29] audit: type=1400 audit(2000000028.320:440): avc:  denied  { read } for  pid=7011 comm="syz.0.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  137.692728][ T7012] netlink: 8 bytes leftover after parsing attributes in process `syz.0.295'.
[  137.712250][   T29] audit: type=1400 audit(2000000028.350:441): avc:  denied  { shutdown } for  pid=7011 comm="syz.0.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  137.804825][ T7015] 9pnet_fd: Insufficient options for proto=fd
[  137.813039][ T7012] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3738224872 (478492783616 ns) > initial count (91121186304 ns). Using initial count to start timer.
[  137.949667][ T5864] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  138.035572][ T6992] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  138.142697][ T5864] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  138.156013][ T5864] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  138.172938][ T5864] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  138.184004][ T5864] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  138.196366][ T5864] usb 5-1: SerialNumber: syz
[  138.288534][ T6992] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  138.329465][ T1969] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  138.345620][    T9] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  138.445550][   T29] audit: type=1400 audit(2000000029.100:442): avc:  denied  { ioctl } for  pid=7007 comm="syz.4.294" path="socket:[13447]" dev="sockfs" ino=13447 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  138.470439][    C1] vkms_vblank_simulate: vblank timer overrun
[  138.500259][ T1969] usb 1-1: Using ep0 maxpacket: 32
[  138.501983][    T9] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  138.509159][ T5931] cdc_mbim 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  138.522490][ T7010] netlink: 8 bytes leftover after parsing attributes in process `syz.4.294'.
[  138.528624][ T5931] cdc_mbim 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  138.533679][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.540602][ T1969] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  138.555614][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.562772][ T5931] cdc_mbim 3-1:1.0: setting rx_max = 2048
[  138.576616][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  138.578138][ T1969] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  138.590943][    T9] usb 2-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00
[  138.606053][ T1969] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  138.611515][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.629066][ T1969] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  138.641771][ T1969] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  138.655290][    T9] usb 2-1: config 0 descriptor??
[  138.660235][ T1969] usb 1-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  138.660262][ T1969] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.660308][ T1969] usb 1-1: Product: syz
[  138.660322][ T1969] usb 1-1: Manufacturer: syz
[  138.691117][ T1969] usb 1-1: SerialNumber: syz
[  138.697472][ T1969] usb 1-1: config 0 descriptor??
[  138.733159][ T5931] cdc_mbim 3-1:1.0: setting tx_max = 184
[  138.741618][ T5931] cdc_mbim 3-1:1.0: cdc-wdm0: USB WDM device
[  138.757364][ T5931] wwan wwan0: port wwan0mbim0 attached
[  138.776584][ T5931] cdc_mbim 3-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.2-1, CDC MBIM, 42:42:42:42:42:42
[  138.981659][ T5931] usb 3-1: USB disconnect, device number 16
[  138.988209][ T5931] cdc_mbim 3-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.2-1, CDC MBIM
[  139.089066][    T9] nintendo 0003:057E:2009.000A: unknown main item tag 0x0
[  139.101239][ T5931] wwan wwan0: port wwan0mbim0 disconnected
[  139.115905][    T9] nintendo 0003:057E:2009.000A: unknown main item tag 0x0
[  139.147803][    T9] nintendo 0003:057E:2009.000A: unknown main item tag 0x0
[  139.232717][    T9] nintendo 0003:057E:2009.000A: unknown main item tag 0x0
[  139.324205][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -32
[  139.329227][    T9] nintendo 0003:057E:2009.000A: unknown main item tag 0x0
[  139.539517][    T9] nintendo 0003:057E:2009.000A: hidraw0: USB HID v80.00 Device [HID 057e:2009] on usb-dummy_hcd.1-1/input0
[  139.647732][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.649523][    T9] nintendo 0003:057E:2009.000A: Failed to get joycon info; ret=-38
[  139.654369][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.673435][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.674414][    T9] nintendo 0003:057E:2009.000A: Failed to retrieve controller info; ret=-38
[  139.680768][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.689128][    T9] nintendo 0003:057E:2009.000A: Failed to initialize controller; ret=-38
[  139.707107][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.709692][    T9] nintendo 0003:057E:2009.000A: probe - fail = -38
[  139.720181][    T9] nintendo 0003:057E:2009.000A: probe with driver nintendo failed with error -38
[  139.724444][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.738150][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.748778][    T9] usb 2-1: USB disconnect, device number 17
[  139.751448][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.787251][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.812236][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.822932][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.829875][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.836349][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.843328][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.849875][ T7039] netlink: 1268 bytes leftover after parsing attributes in process `syz.2.302'.
[  139.859472][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.865758][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.872361][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.878695][ T1969] iforce 1-1:0.0: usb_submit_urb failed: -71
[  139.898128][ T1969] input input7: Timeout waiting for response from device.
[  139.905561][   T51] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  139.918646][ T1969] usb 1-1: USB disconnect, device number 14
[  140.089572][   T51] usb 4-1: Using ep0 maxpacket: 16
[  140.100983][   T51] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  140.116764][   T51] usb 4-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  140.139363][   T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.147424][   T51] usb 4-1: Product: syz
[  140.163753][   T51] usb 4-1: Manufacturer: syz
[  140.168422][   T51] usb 4-1: SerialNumber: syz
[  140.185221][   T51] usb 4-1: config 0 descriptor??
[  140.194128][   T51] port100 4-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  140.399807][ T7035] netlink: 24 bytes leftover after parsing attributes in process `syz.3.301'.
[  140.453215][    T9] usb 4-1: USB disconnect, device number 13
[  140.512186][ T5864] usb 5-1: 0:2 : does not exist
[  140.528695][ T5864] usb 5-1: unit 5: unexpected type 0x0a
[  140.585035][ T5864] usb 5-1: USB disconnect, device number 14
[  140.589653][ T5867] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  140.752534][ T5867] usb 2-1: Using ep0 maxpacket: 32
[  140.778937][ T5867] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  140.805314][ T5867] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.835003][ T5867] usb 2-1: Product: syz
[  140.848903][ T5867] usb 2-1: Manufacturer: syz
[  140.853720][ T5867] usb 2-1: SerialNumber: syz
[  140.867671][ T5867] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  141.076097][ T5864] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  141.602135][ T5867] gspca_stk1135: reg_w 0x2 err -110
[  141.608415][ T5867] gspca_stk1135: serial bus timeout: status=0x00
[  141.614849][ T5867] gspca_stk1135: Sensor write failed
[  141.620218][ T5867] gspca_stk1135: serial bus timeout: status=0x00
[  141.626606][ T5867] gspca_stk1135: Sensor write failed
[  141.635377][ T5867] gspca_stk1135: serial bus timeout: status=0x00
[  141.663116][ T5867] gspca_stk1135: Sensor read failed
[  141.710071][ T5867] gspca_stk1135: serial bus timeout: status=0x00
[  141.716466][ T5867] gspca_stk1135: Sensor read failed
[  141.721754][ T5867] gspca_stk1135: Detected sensor type unknown (0x0)
[  141.735462][ T5867] gspca_stk1135: serial bus timeout: status=0x00
[  141.746746][ T5867] gspca_stk1135: Sensor read failed
[  141.752657][ T5867] gspca_stk1135: serial bus timeout: status=0x00
[  141.772123][ T5867] gspca_stk1135: Sensor read failed
[  141.777375][ T5867] gspca_stk1135: serial bus timeout: status=0x00
[  141.784554][ T5867] gspca_stk1135: Sensor write failed
[  141.809723][ T5864] usb 5-1: Using ep0 maxpacket: 16
[  141.832523][ T5864] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  141.857521][ T5867] gspca_stk1135: serial bus timeout: status=0x00
[  141.864564][ T5867] gspca_stk1135: Sensor write failed
[  141.870170][ T5864] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  141.873836][ T5867] stk1135 2-1:64.0: probe with driver stk1135 failed with error -110
[  141.905557][ T5864] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  141.909464][    T9] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  141.931373][ T5864] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.946121][ T7066] Driver unsupported XDP return value 0 on prog  (id 73) dev N/A, expect packet loss!
[  141.959299][ T5864] usb 5-1: Product: syz
[  141.963805][ T5864] usb 5-1: Manufacturer: syz
[  141.971576][ T5864] usb 5-1: SerialNumber: syz
[  141.986600][ T5864] usb 5-1: config 0 descriptor??
[  142.001693][ T5864] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  142.034659][ T5864] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  142.077103][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  142.077120][   T29] audit: type=1326 audit(2000000032.730:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7068 comm="syz.2.312" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffa49385d19 code=0x0
[  142.129448][    T9] usb 4-1: Using ep0 maxpacket: 16
[  142.135986][    T9] usb 4-1: config 0 has an invalid interface number: 75 but max is 0
[  142.145842][    T9] usb 4-1: config 0 has no interface number 0
[  142.153296][    T9] usb 4-1: config 0 interface 75 altsetting 15 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.163959][    T9] usb 4-1: config 0 interface 75 has no altsetting 0
[  142.173248][    T9] usb 4-1: New USB device found, idVendor=1ac7, idProduct=0001, bcdDevice=1a.4f
[  142.545421][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.569451][    T9] usb 4-1: Product: syz
[  142.578188][    T9] usb 4-1: Manufacturer: syz
[  142.596557][    T9] usb 4-1: SerialNumber: syz
[  142.634888][    T9] usb 4-1: config 0 descriptor??
[  142.871877][    T9] usbtouchscreen 4-1:0.75: probe with driver usbtouchscreen failed with error -71
[  142.896254][    T9] usb 4-1: USB disconnect, device number 14
[  142.944078][ T5864] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  142.961061][ T5864] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  143.355313][   T29] audit: type=1400 audit(2000000034.010:480): avc:  denied  { mounton } for  pid=7048 comm="syz.1.306" path="/sys/fs/cgroup" dev="sysfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  143.831112][ T7097] syz.2.317 uses obsolete (PF_INET,SOCK_PACKET)
[  144.474462][ T5864] em28xx 5-1:0.0: AC97 vendor ID = 0x00fc0cbc
[  144.480942][ T5864] em28xx 5-1:0.0: Unknown AC97 audio processor detected!
[  144.488339][ T5864] em28xx 5-1:0.0: couldn't setup AC97 register 2
[  144.495250][ T5864] em28xx 5-1:0.0: couldn't setup AC97 register 4
[  144.509733][ T5931] usb 2-1: USB disconnect, device number 18
[  144.548837][ T5864] em28xx 5-1:0.0: couldn't setup AC97 register 6
[  144.579412][ T5864] em28xx 5-1:0.0: couldn't setup AC97 register 54
[  144.611290][ T5864] em28xx 5-1:0.0: couldn't setup AC97 register 56
[  144.658973][   T29] audit: type=1400 audit(2000000035.280:481): avc:  denied  { bind } for  pid=7103 comm="syz.1.318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  144.670946][ T5864] usb 5-1: USB disconnect, device number 15
[  144.784740][ T7107] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7107 comm=syz.0.319
[  145.446691][   T29] audit: type=1400 audit(2000000036.100:482): avc:  denied  { create } for  pid=7110 comm="syz.2.321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  145.485999][ T7118] rose4: entered allmulticast mode
[  145.511964][ T5805] udevd[5805]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  146.502857][   T29] audit: type=1400 audit(2000000036.650:483): avc:  denied  { mount } for  pid=7132 comm="syz.4.329" name="/" dev="configfs" ino=1122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  146.525467][   T29] audit: type=1400 audit(2000000036.660:484): avc:  denied  { search } for  pid=7132 comm="syz.4.329" name="/" dev="configfs" ino=1122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  146.630609][ T7132] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  146.939631][ T5864] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  146.977118][ T5931] IPVS: starting estimator thread 0...
[  147.081377][ T7150] IPVS: using max 57 ests per chain, 136800 per kthread
[  147.102511][ T5864] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  147.126180][ T5864] usb 4-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=6a.2c
[  147.136803][ T5864] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.150390][ T5864] usb 4-1: Product: syz
[  147.154654][ T5864] usb 4-1: Manufacturer: syz
[  147.159505][ T5864] usb 4-1: SerialNumber: syz
[  147.315452][ T5864] usb 4-1: config 0 descriptor??
[  147.374248][ T7154] SET target dimension over the limit!
[  147.873440][ T7156] FAULT_INJECTION: forcing a failure.
[  147.873440][ T7156] name failslab, interval 1, probability 0, space 0, times 0
[  147.889930][ T7156] CPU: 0 UID: 0 PID: 7156 Comm: syz.4.335 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  147.900560][ T7156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  147.910710][ T7156] Call Trace:
[  147.913990][ T7156]  <TASK>
[  147.916920][ T7156]  dump_stack_lvl+0x16c/0x1f0
[  147.921609][ T7156]  should_fail_ex+0x497/0x5b0
[  147.926292][ T7156]  ? fs_reclaim_acquire+0xae/0x150
[  147.931423][ T7156]  should_failslab+0xc2/0x120
[  147.936114][ T7156]  __kmalloc_noprof+0xcb/0x510
[  147.940882][ T7156]  ? rcu_is_watching+0x12/0xc0
[  147.945655][ T7156]  tomoyo_encode2+0x100/0x3e0
[  147.950340][ T7156]  tomoyo_encode+0x29/0x50
[  147.954747][ T7156]  tomoyo_realpath_from_path+0x19d/0x720
[  147.960374][ T7156]  ? tomoyo_path_number_perm+0x235/0x590
[  147.965999][ T7156]  tomoyo_path_number_perm+0x248/0x590
[  147.971446][ T7156]  ? tomoyo_path_number_perm+0x235/0x590
[  147.977067][ T7156]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  147.983057][ T7156]  ? __pfx_lock_release+0x10/0x10
[  147.988073][ T7156]  ? trace_lock_acquire+0x14e/0x1f0
[  147.993269][ T7156]  ? lock_acquire+0x2f/0xb0
[  147.997763][ T7156]  ? __fget_files+0x40/0x3a0
[  148.002348][ T7156]  ? __fget_files+0x206/0x3a0
[  148.007013][ T7156]  security_file_ioctl+0x9b/0x240
[  148.012027][ T7156]  __x64_sys_ioctl+0xb7/0x200
[  148.016701][ T7156]  do_syscall_64+0xcd/0x250
[  148.021198][ T7156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.027083][ T7156] RIP: 0033:0x7fb47f185d19
[  148.031483][ T7156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.051092][ T7156] RSP: 002b:00007fb47ff8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  148.059509][ T7156] RAX: ffffffffffffffda RBX: 00007fb47f375fa0 RCX: 00007fb47f185d19
[  148.067470][ T7156] RDX: 0000000020000080 RSI: 00000000c020aa07 RDI: 0000000000000003
[  148.075427][ T7156] RBP: 00007fb47ff8a090 R08: 0000000000000000 R09: 0000000000000000
[  148.083385][ T7156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.091341][ T7156] R13: 0000000000000000 R14: 00007fb47f375fa0 R15: 00007ffda9447258
[  148.099310][ T7156]  </TASK>
[  148.159510][ T7156] ERROR: Out of memory at tomoyo_realpath_from_path.
[  148.347133][   T29] audit: type=1326 audit(2000000039.000:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7142 comm="syz.3.332" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4e9bd85d19 code=0x0
[  148.719521][ T5864] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  149.280591][ T5864] usb 3-1: config 0 has an invalid interface number: 32 but max is 0
[  149.294194][ T5864] usb 3-1: config 0 has no interface number 0
[  149.303371][ T5864] usb 3-1: too many endpoints for config 0 interface 32 altsetting 32: 32, using maximum allowed: 30
[  149.320208][ T5864] usb 3-1: config 0 interface 32 altsetting 32 has 0 endpoint descriptors, different from the interface descriptor's value: 32
[  149.333912][ T5864] usb 3-1: config 0 interface 32 has no altsetting 0
[  149.349456][ T5864] usb 3-1: New USB device found, idVendor=0bc3, idProduct=0001, bcdDevice=68.24
[  149.375971][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.407386][ T5864] usb 3-1: Product: syz
[  149.417756][ T5864] usb 3-1: Manufacturer: syz
[  149.423370][ T5864] usb 3-1: SerialNumber: syz
[  149.435041][ T5864] usb 3-1: config 0 descriptor??
[  149.579470][ T5931] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  149.688399][ T7165] Bluetooth: MGMT ver 1.23
[  149.777184][ T5867] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  149.860563][ T5931] usb 5-1: device descriptor read/64, error -71
[  149.955015][ T5864] ipw 3-1:0.32: IPWireless converter converter detected
[  149.964310][ T5864] usb 3-1: USB disconnect, device number 17
[  149.975902][ T5864] ipw 3-1:0.32: device disconnected
[  149.979808][    T9] usb 4-1: USB disconnect, device number 15
[  150.069464][ T5867] usb 2-1: Using ep0 maxpacket: 16
[  150.075847][ T5867] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.087792][ T5867] usb 2-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  150.096916][ T5867] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.105081][ T5867] usb 2-1: Product: syz
[  150.109236][ T5867] usb 2-1: Manufacturer: syz
[  150.109479][ T5931] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  150.114007][ T5867] usb 2-1: SerialNumber: syz
[  150.127692][ T5867] usb 2-1: config 0 descriptor??
[  150.134787][ T5867] port100 2-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  150.250887][    T8] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  150.259433][ T5931] usb 5-1: device descriptor read/64, error -71
[  150.351181][ T7182] netlink: 24 bytes leftover after parsing attributes in process `syz.1.345'.
[  150.380612][ T5931] usb usb5-port1: attempt power cycle
[  150.411209][    T8] usb 1-1: unable to get BOS descriptor or descriptor too short
[  150.427473][    T8] usb 1-1: not running at top speed; connect to a high speed hub
[  150.444170][ T5864] usb 2-1: USB disconnect, device number 19
[  150.487669][    T8] usb 1-1: config 3 has an invalid interface number: 106 but max is 0
[  150.510263][    T8] usb 1-1: config 3 has no interface number 0
[  150.516557][    T8] usb 1-1: config 3 interface 106 altsetting 10 endpoint 0xD has invalid maxpacket 512, setting to 64
[  150.558362][    T8] usb 1-1: config 3 interface 106 has no altsetting 0
[  150.578269][    T8] usb 1-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=e8.8a
[  150.596865][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.623473][    T8] usb 1-1: Product: 縵ަ▏忪晾輓伀᳤鮴ᵎ군罴܋ꪺ厲
[  150.642960][    T8] usb 1-1: Manufacturer: ䷍೮뚡ፂ嵀푞敹⫃渷黄굕㲱ነ품잞㜝磃ꌪ됃₉⨲튰窋㏛컢娛蝤橬淆聤䅂浹氋ｻﰊ띱୯집꜐폋攟퍉ّ罌ૃ뽯ਧ塀鷯ì戏쒪卾ብ黯鵼퀦◣ඣ냗뢏⹡춰톷♪籡믦ћ㮹飤嚱鳗櫒撄蓕鈑젪঻䍤惫ꚯ됻휭鳏燖疍툪靬梾
[  150.717975][    T8] usb 1-1: SerialNumber: 솠탼䪮馌룃ᶷ⃄䄆˾茟뵔㲸좜✡賬槧逪ὣ赫쬡Ꝙ韗箒就猆떪㬏㥩焚꛼㿛콠๩쨴ౖⰧ﩯ᾢ擋퐧㠥굽䈶넀衜횤㚯ᐏ곿쁁窱ꂒ羲ॕ纫ೀ쇖ኁ愼䦔࿒畠菻￘覠휹ㅰᦑј駠︆㨅ꎽᰈ霸䱝ഺ컽늨ṽ鱸ℑ욓旒䆯ற뙵葄ᮦ냦鯵ﱌ橍䙪줎嶽攒堕䞱翞䦑謴洂᧍醙࿸崣
[  150.749523][ T5931] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  150.762092][ T7186] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  150.810979][ T5931] usb 5-1: device descriptor read/8, error -71
[  151.059496][ T5931] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  151.276285][ T5931] usb 5-1: device descriptor read/8, error -71
[  151.335333][   T29] audit: type=1400 audit(2000000041.990:486): avc:  denied  { write } for  pid=7202 comm="syz.1.349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  151.408136][ T5931] usb usb5-port1: unable to enumerate USB device
[  152.515957][    T8] kobil_sct 1-1:3.106: KOBIL USB smart card terminal converter detected
[  152.579529][    T8] usb 1-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  152.679636][    T8] usb 1-1: USB disconnect, device number 15
[  152.809268][    T8] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  152.828709][    T8] kobil_sct 1-1:3.106: device disconnected
[  153.039543][ T5864] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  153.182708][   T29] audit: type=1400 audit(2000000043.840:487): avc:  denied  { read } for  pid=7229 comm="syz.0.356" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  153.211461][   T29] audit: type=1400 audit(2000000043.840:488): avc:  denied  { open } for  pid=7229 comm="syz.0.356" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  154.089412][ T5864] usb 3-1: Using ep0 maxpacket: 8
[  154.195169][ T5864] usb 3-1: config index 0 descriptor too short (expected 1307, got 27)
[  154.205944][ T5864] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[  154.214749][ T5864] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[  154.225333][ T5864] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  154.237355][ T5864] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  154.330825][ T5867] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  154.431128][ T5864] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  154.449556][ T5864] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  154.461052][ T5864] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  154.479530][ T5864] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  154.488747][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.496838][ T5864] usb 3-1: Product: syz
[  154.510064][ T5864] usb 3-1: Manufacturer: syz
[  154.514719][ T5864] usb 3-1: SerialNumber: syz
[  154.521309][ T5864] usb 3-1: config 0 descriptor??
[  154.526882][ T7217] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  154.539895][ T5864] hub 3-1:0.0: bad descriptor, ignoring hub
[  154.545920][ T5864] hub 3-1:0.0: probe with driver hub failed with error -5
[  154.555193][ T5864] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input9
[  154.579716][   T29] audit: type=1400 audit(2000000045.230:489): avc:  denied  { read } for  pid=5175 comm="acpid" name="mouse1" dev="devtmpfs" ino=2913 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  154.612039][   T29] audit: type=1400 audit(2000000045.230:490): avc:  denied  { open } for  pid=5175 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2913 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  154.635600][    C1] vkms_vblank_simulate: vblank timer overrun
[  154.639500][ T5867] usb 5-1: Using ep0 maxpacket: 16
[  154.647076][   T29] audit: type=1400 audit(2000000045.230:491): avc:  denied  { ioctl } for  pid=5175 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=2913 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  154.660304][ T5867] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  154.671917][    C1] vkms_vblank_simulate: vblank timer overrun
[  154.802480][ T7251] FAULT_INJECTION: forcing a failure.
[  154.802480][ T7251] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  154.816309][ T7251] CPU: 1 UID: 0 PID: 7251 Comm: syz.3.360 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  154.826881][ T7251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  154.836911][ T7251] Call Trace:
[  154.840172][ T7251]  <TASK>
[  154.843126][ T7251]  dump_stack_lvl+0x16c/0x1f0
[  154.847801][ T7251]  should_fail_ex+0x497/0x5b0
[  154.852470][ T7251]  ? fs_reclaim_acquire+0xae/0x150
[  154.857575][ T7251]  should_fail_alloc_page+0xe7/0x130
[  154.862860][ T7251]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  154.869021][ T7251]  __alloc_pages_noprof+0x190/0x25b0
[  154.874301][ T7251]  ? hlock_class+0x4e/0x130
[  154.878817][ T7251]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  154.884534][ T7251]  ? hlock_class+0x4e/0x130
[  154.889035][ T7251]  ? mark_lock+0xb5/0xc60
[  154.893342][ T7251]  ? hlock_class+0x4e/0x130
[  154.897834][ T7251]  ? mark_lock+0xb5/0xc60
[  154.902162][ T7251]  ? hlock_class+0x4e/0x130
[  154.906650][ T7251]  ? mark_lock+0xb5/0xc60
[  154.910959][ T7251]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  154.916856][ T7251]  ? policy_nodemask+0xea/0x4e0
[  154.921706][ T7251]  alloc_pages_mpol_noprof+0x2c9/0x610
[  154.927164][ T7251]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  154.933134][ T7251]  ? __lock_acquire+0xcc5/0x3c40
[  154.938063][ T7251]  ? find_held_lock+0x2d/0x110
[  154.942806][ T7251]  folio_alloc_mpol_noprof+0x36/0xd0
[  154.948079][ T7251]  vma_alloc_folio_noprof+0xee/0x1b0
[  154.953367][ T7251]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  154.959262][ T7251]  ? __pfx___lock_acquire+0x10/0x10
[  154.964876][ T7251]  do_wp_page+0x1431/0x47c0
[  154.969368][ T7251]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  154.974994][ T7251]  ? __pfx_do_wp_page+0x10/0x10
[  154.979824][ T7251]  ? rcu_is_watching+0x12/0xc0
[  154.984567][ T7251]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  154.989932][ T7251]  ? lock_acquire+0x2f/0xb0
[  154.994433][ T7251]  ? __handle_mm_fault+0xdfa/0x2a40
[  154.999637][ T7251]  __handle_mm_fault+0x1ade/0x2a40
[  155.005121][ T7251]  ? __pfx___handle_mm_fault+0x10/0x10
[  155.010570][ T7251]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  155.016202][ T7251]  ? find_vma+0xc0/0x140
[  155.020439][ T7251]  ? __pfx_find_vma+0x10/0x10
[  155.025208][ T7251]  handle_mm_fault+0x3fa/0xaa0
[  155.029989][ T7251]  do_user_addr_fault+0x7a3/0x13f0
[  155.035139][ T7251]  exc_page_fault+0x5c/0xc0
[  155.039654][ T7251]  asm_exc_page_fault+0x26/0x30
[  155.044491][ T7251] RIP: 0010:rep_movs_alternative+0x4a/0x70
[  155.050285][ T7251] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[  155.069879][ T7251] RSP: 0018:ffffc9000ddaf970 EFLAGS: 00050206
[  155.075936][ T7251] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000500
[  155.083898][ T7251] RDX: 0000000000000000 RSI: ffff888028a07b00 RDI: 0000000020001000
[  155.091861][ T7251] RBP: 0000000020000500 R08: 0000000000000000 R09: ffffed1005140fff
[  155.099816][ T7251] R10: ffff888028a07fff R11: 0000000000000000 R12: ffffc9000ddafc88
[  155.107771][ T7251] R13: 0000000020001500 R14: ffff888028a07000 R15: 00007ffffffff000
[  155.115734][ T7251]  _copy_to_iter+0x389/0x1560
[  155.120397][ T7251]  ? __mutex_trylock_common+0xea/0x250
[  155.125845][ T7251]  ? __pfx___mutex_trylock_common+0x10/0x10
[  155.131734][ T7251]  ? __pfx__copy_to_iter+0x10/0x10
[  155.136829][ T7251]  ? rcu_is_watching+0x12/0xc0
[  155.141574][ T7251]  ? trace_contention_end+0xee/0x140
[  155.146848][ T7251]  copy_page_to_iter+0xf1/0x180
[  155.151690][ T7251]  pipe_to_user+0xb0/0x170
[  155.156101][ T7251]  __splice_from_pipe+0x3a0/0x810
[  155.161122][ T7251]  ? __pfx_pipe_to_user+0x10/0x10
[  155.166138][ T7251]  __do_sys_vmsplice+0x6f9/0xee0
[  155.171056][ T7251]  ? __pfx_lock_release+0x10/0x10
[  155.176232][ T7251]  ? trace_lock_acquire+0x14e/0x1f0
[  155.181415][ T7251]  ? __pfx___do_sys_vmsplice+0x10/0x10
[  155.186862][ T7251]  ? ksys_write+0x12b/0x250
[  155.191361][ T7251]  ? ksys_write+0x191/0x250
[  155.195847][ T7251]  ? __pfx_lock_release+0x10/0x10
[  155.200873][ T7251]  ? __fget_files+0x206/0x3a0
[  155.205543][ T7251]  ? fput+0x67/0x440
[  155.209440][ T7251]  ? ksys_write+0x1ba/0x250
[  155.213936][ T7251]  ? __pfx_ksys_write+0x10/0x10
[  155.218952][ T7251]  ? do_syscall_64+0xcd/0x250
[  155.223622][ T7251]  do_syscall_64+0xcd/0x250
[  155.228122][ T7251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.234001][ T7251] RIP: 0033:0x7f4e9bd85d19
[  155.238393][ T7251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.257992][ T7251] RSP: 002b:00007f4e99bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[  155.266386][ T7251] RAX: ffffffffffffffda RBX: 00007f4e9bf76160 RCX: 00007f4e9bd85d19
[  155.274373][ T7251] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000005
[  155.282344][ T7251] RBP: 00007f4e99bd5090 R08: 0000000000000000 R09: 0000000000000000
[  155.290297][ T7251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.298253][ T7251] R13: 0000000000000001 R14: 00007f4e9bf76160 R15: 00007fff937313f8
[  155.306224][ T7251]  </TASK>
[  155.309276][    C1] vkms_vblank_simulate: vblank timer overrun
[  155.333607][ T5864] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  155.425542][   T51] usb 3-1: USB disconnect, device number 18
[  155.451237][ T7252] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=122 sclass=netlink_tcpdiag_socket pid=7252 comm=syz.0.358
[  155.482631][ T5867] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  155.490857][ T5864] usb 2-1: Using ep0 maxpacket: 16
[  155.491839][ T5867] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.501698][ T5864] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  155.504860][ T5867] usb 5-1: Product: syz
[  155.519055][ T5867] usb 5-1: Manufacturer: syz
[  155.523777][ T5867] usb 5-1: SerialNumber: syz
[  155.525528][ T5864] usb 2-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  155.560841][ T5867] usb 5-1: config 0 descriptor??
[  155.569465][ T5864] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.604868][ T5864] usb 2-1: Product: syz
[  155.612964][ T5931] usb 5-1: USB disconnect, device number 20
[  155.645411][ T5864] usb 2-1: Manufacturer: syz
[  155.658870][ T5864] usb 2-1: SerialNumber: syz
[  155.689262][ T5864] usb 2-1: config 0 descriptor??
[  155.696033][ T5864] port100 2-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  155.740915][ T7256] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  155.754314][   T29] audit: type=1400 audit(2000000046.420:492): avc:  denied  { getopt } for  pid=7255 comm="syz.4.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  155.943856][ T1969] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  155.944028][ T5867] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  155.990471][ T7243] netlink: 24 bytes leftover after parsing attributes in process `syz.1.359'.
[  156.037899][ T5864] usb 2-1: USB disconnect, device number 20
[  156.109629][ T1969] usb 1-1: Using ep0 maxpacket: 8
[  156.122894][ T1969] usb 1-1: New USB device found, idVendor=0545, idProduct=800c, bcdDevice= 3.0a
[  156.136123][ T1969] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.147440][ T1969] usb 1-1: Product: syz
[  156.153854][ T1969] usb 1-1: Manufacturer: syz
[  156.158615][ T1969] usb 1-1: SerialNumber: syz
[  156.174619][ T1969] usb 1-1: config 0 descriptor??
[  156.181760][ T1969] gspca_main: xirlink-cit-2.14.0 probing 0545:800c
[  156.189024][ T1969] input: xirlink-cit as /devices/platform/dummy_hcd.0/usb1/1-1/input/input10
[  156.219533][ T5867] usb 4-1: Using ep0 maxpacket: 16
[  156.229503][ T5867] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  156.246584][ T5867] usb 4-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  156.280438][ T5867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.288504][ T5867] usb 4-1: Product: syz
[  156.294081][ T5867] usb 4-1: Manufacturer: syz
[  156.298713][ T5867] usb 4-1: SerialNumber: syz
[  156.405012][ T5867] usb 4-1: config 0 descriptor??
[  156.405240][ T1969] usb 1-1: USB disconnect, device number 16
[  156.414031][ T5867] port100 4-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  156.669464][    T9] usb 5-1: new full-speed USB device number 21 using dummy_hcd
[  156.702972][ T7254] netlink: 24 bytes leftover after parsing attributes in process `syz.3.361'.
[  156.932877][ T7272] fuse: Bad value for 'group_id'
[  156.938354][ T7272] fuse: Bad value for 'group_id'
[  157.018409][ T1969] usb 4-1: USB disconnect, device number 16
[  157.162893][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  157.163418][    T9] usb 5-1: not running at top speed; connect to a high speed hub
[  157.164316][    T9] usb 5-1: config 3 has an invalid interface number: 106 but max is 0
[  157.164341][    T9] usb 5-1: config 3 has no interface number 0
[  157.164373][    T9] usb 5-1: config 3 interface 106 altsetting 10 endpoint 0xD has invalid maxpacket 512, setting to 64
[  157.164400][    T9] usb 5-1: config 3 interface 106 has no altsetting 0
[  157.173411][    T9] usb 5-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=e8.8a
[  157.173442][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.173524][    T9] usb 5-1: Product: 縵ަ▏忪晾輓伀᳤鮴ᵎ군罴܋ꪺ厲
[  157.173542][    T9] usb 5-1: Manufacturer: ䷍೮뚡ፂ嵀푞敹⫃渷黄굕㲱ነ품잞㜝磃ꌪ됃₉⨲튰窋㏛컢娛蝤橬淆聤䅂浹氋ｻﰊ띱୯집꜐폋攟퍉ّ罌ૃ뽯ਧ塀鷯ì戏쒪卾ብ黯鵼퀦◣ඣ냗뢏⹡춰톷♪籡믦ћ㮹飤嚱鳗櫒撄蓕鈑젪঻䍤惫ꚯ됻휭鳏燖疍툪靬梾
[  157.173618][    T9] usb 5-1: SerialNumber: 솠탼䪮馌룃ᶷ⃄䄆˾茟뵔㲸좜✡賬槧逪ὣ赫쬡Ꝙ韗箒就猆떪㬏㥩焚꛼㿛콠๩쨴ౖⰧ﩯ᾢ擋퐧㠥굽䈶넀衜횤㚯ᐏ곿쁁窱ꂒ羲ॕ纫ೀ쇖ኁ愼䦔࿒畠菻￘覠휹ㅰᦑј駠︆㨅ꎽᰈ霸䱝ഺ컽늨ṽ鱸ℑ욓旒䆯ற뙵葄ᮦ냦鯵ﱌ橍䙪줎嶽攒堕䞱翞䦑謴洂᧍醙࿸崣
[  157.182065][ T7265] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  157.705840][ T7285] fuse: Bad value for 'fd'
[  157.919541][ T5863] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  158.069483][ T5863] usb 2-1: Using ep0 maxpacket: 8
[  158.096543][ T5863] usb 2-1: config 0 has no interfaces?
[  158.113533][ T5863] usb 2-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  158.139272][ T5863] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.160231][ T5863] usb 2-1: Product: syz
[  158.166904][ T5863] usb 2-1: Manufacturer: syz
[  158.175837][ T5863] usb 2-1: SerialNumber: syz
[  158.243362][ T5863] usb 2-1: config 0 descriptor??
[  158.504753][ T7284] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  158.518771][ T7284] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.560133][ T1969] usb 2-1: USB disconnect, device number 21
[  158.578755][    T8] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  158.759488][    T8] usb 1-1: Using ep0 maxpacket: 8
[  158.765999][    T8] usb 1-1: config 0 has no interfaces?
[  158.773259][    T8] usb 1-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  158.787007][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.796593][    T8] usb 1-1: Product: syz
[  158.800882][    T8] usb 1-1: Manufacturer: syz
[  158.805541][    T8] usb 1-1: SerialNumber: syz
[  158.818724][    T8] usb 1-1: config 0 descriptor??
[  159.054659][ T7301] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  159.066424][    T9] kobil_sct 5-1:3.106: KOBIL USB smart card terminal converter detected
[  159.101993][ T7301] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  159.120143][    T9] usb 5-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  159.165193][ T1969] usb 1-1: USB disconnect, device number 17
[  159.181613][    T9] usb 5-1: USB disconnect, device number 21
[  159.228591][    T9] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  159.264671][    T9] kobil_sct 5-1:3.106: device disconnected
[  159.593449][    T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  159.869376][    T9] usb 5-1: Using ep0 maxpacket: 16
[  159.898515][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  159.914115][    T9] usb 5-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  159.951546][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.984079][ T1969] IPVS: starting estimator thread 0...
[  160.079697][ T7324] IPVS: using max 59 ests per chain, 141600 per kthread
[  160.278084][ T7328] fuse: Bad value for 'fd'
[  160.313732][    T9] usb 5-1: Product: syz
[  160.342916][    T9] usb 5-1: Manufacturer: syz
[  160.360808][    T9] usb 5-1: SerialNumber: syz
[  160.377636][    T9] usb 5-1: config 0 descriptor??
[  160.395422][    T9] port100 5-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  160.599391][ T1969] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  160.659238][ T7309] netlink: 24 bytes leftover after parsing attributes in process `syz.4.377'.
[  160.739925][ T5863] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  160.759548][ T1969] usb 1-1: Using ep0 maxpacket: 16
[  160.766295][ T1969] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 11
[  160.791768][ T1969] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  160.799520][    T8] usb 5-1: USB disconnect, device number 22
[  160.811445][ T1969] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  160.825834][ T1969] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  160.862066][ T1969] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  160.876538][ T1969] usb 1-1: config 1 interface 0 has no altsetting 0
[  160.885751][ T1969] usb 1-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  160.898489][ T5863] usb 2-1: Using ep0 maxpacket: 16
[  160.917500][ T1969] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.917779][ T5863] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  160.968783][ T1969] ums-sddr09 1-1:1.0: USB Mass Storage device detected
[  161.006717][ T5863] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  161.027032][ T5863] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.046092][ T5863] usb 2-1: Product: syz
[  161.054035][ T5863] usb 2-1: Manufacturer: syz
[  161.058731][ T5863] usb 2-1: SerialNumber: syz
[  161.280560][ T5863] usb 2-1: config 0 descriptor??
[  161.399783][    T8] libceph: connect (1)[c::]:6789 error -101
[  161.405905][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  161.436905][ T1969] ums-sddr09 1-1:1.0: probe with driver ums-sddr09 failed with error -22
[  161.465542][ T1969] usb 1-1: USB disconnect, device number 18
[  161.514289][ T7341] ceph: No mds server is up or the cluster is laggy
[  161.643344][ T7341] 9pnet_virtio: no channels available for device syz
[  162.019115][   T29] audit: type=1400 audit(2000000052.670:493): avc:  denied  { read } for  pid=7352 comm="syz.2.389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  162.142586][ T7357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.390'.
[  162.151774][ T7357] netlink: 72 bytes leftover after parsing attributes in process `syz.0.390'.
[  162.219273][ T7360] netlink: 12 bytes leftover after parsing attributes in process `syz.2.391'.
[  162.230033][    T9] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  162.269499][    T8] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  162.303807][ T7364] fuse: Bad value for 'fd'
[  162.389718][    T9] usb 5-1: Using ep0 maxpacket: 16
[  162.396490][    T9] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  162.408880][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  162.438917][    T9] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  162.448199][    T8] usb 4-1: Using ep0 maxpacket: 32
[  162.456099][    T8] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  162.471307][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.481618][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.500069][    T9] usb 5-1: Product: syz
[  162.504456][    T9] usb 5-1: Manufacturer: syz
[  162.509959][    T8] usb 4-1: config 0 descriptor??
[  162.516192][    T9] usb 5-1: SerialNumber: syz
[  162.525668][    T8] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  162.546079][    T9] usb 5-1: config 0 descriptor??
[  162.565782][    T9] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  162.585863][    T9] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  162.754393][   T29] audit: type=1404 audit(2000000053.410:494): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  162.794422][   T29] audit: type=1400 audit(2000000053.430:495): avc:  denied  { ioctl } for  pid=7349 comm="syz.4.387" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  162.839747][    T9] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  162.849972][    T9] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  162.858823][   T29] audit: type=1400 audit(2000000053.430:496): avc:  denied  { ioctl } for  pid=7349 comm="syz.4.387" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  162.889499][    T9] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  162.898424][    T9] em28xx 5-1:0.0: No AC97 audio processor
[  162.920198][    T9] usb 5-1: USB disconnect, device number 23
[  162.926202][   T29] audit: type=1400 audit(2000000053.430:497): avc:  denied  { ioctl } for  pid=7349 comm="syz.4.387" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  162.970175][    T9] em28xx 5-1:0.0: Disconnecting em28xx
[  163.015858][    T9] em28xx 5-1:0.0: Freeing device
[  163.036969][   T29] audit: type=1400 audit(2000000053.430:498): avc:  denied  { ioctl } for  pid=7349 comm="syz.4.387" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  163.079614][    T8] gspca_vc032x: reg_w err -71
[  163.091601][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.109090][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.115639][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.128443][   T29] audit: type=1400 audit(2000000053.440:499): avc:  denied  { ioctl } for  pid=7349 comm="syz.4.387" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  163.156079][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.162521][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.168147][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.173914][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.179750][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.185258][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.191836][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.192009][ T5863] usb 2-1: USB disconnect, device number 22
[  163.197198][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.209191][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.216881][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.222935][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.231194][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.236713][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.237427][   T29] audit: type=1400 audit(2000000053.440:500): avc:  denied  { ioctl } for  pid=7349 comm="syz.4.387" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  163.261222][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.267104][    C1] vkms_vblank_simulate: vblank timer overrun
[  163.301815][   T29] audit: type=1400 audit(2000000053.440:501): avc:  denied  { ioctl } for  pid=7349 comm="syz.4.387" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  163.330469][    T8] gspca_vc032x: I2c Bus Busy Wait 00
[  163.336085][    T8] gspca_vc032x: Unknown sensor...
May 18 03:34:14 syzkaller kern.err kernel: [  163.330469][    T8] gspca_vc032x: I2c Bus Busy Wait 00
May 18 03:34:14 syzkaller kern.err kernel: [  163.336085][[  163.363381][    T8] vc032x 4-1:0.0: probe with driver vc032x failed with error -22
    T8] gspca_vc032x: Unknown sensor...
May 18 03:34:14 syzkaller kern.err kernel: [  163.363381][    T8] vc032x 4-1:0.0: probe with dri[  163.384361][   T29] audit: type=1400 audit(2000000053.440:502): avc:  denied  { ioctl } for  pid=7349 comm="syz.4.387" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
ver vc032x faile[  163.400593][    T8] usb 4-1: USB disconnect, device number 17
d with error -22
May 18 03:34:14 syzkaller kern.notice kernel: [  163.384361][   T29] audit: type=1400 audit(2000000053.440:502): avc:  denied  { ioctl } for  pid=7349 comm="syz.4.387" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=sys
May 18 03:34:14 syzkaller kern.info kernel: [  163.400593][    T8] usb 4-1: USB disconnect, device number 17
[  164.288795][ T5863] libceph: connect (1)[c::]:6789 error -101
[  164.306297][ T5863] libceph: mon0 (1)[c::]:6789 connect error
May 18 03:34:14 syzkaller kern.err kernel: [  164.288795][ T5863] libceph: connect (1)[c::]:6789 error -101
May 18 03:34:14 syzkaller kern.warn kernel: [  164.306297][ T5863] libceph: mon0 (1)[c::]:6789 connect error
[  164.529494][ T7404] ceph: No mds server is up or the cluster is laggy
May 18 03:34:15 syzkaller kern.info kernel: [  164.529494][ T7404] ceph: No mds server is up or the cluster is laggy
[  167.048178][   T29] kauditd_printk_skb: 236 callbacks suppressed
[  167.048195][   T29] audit: type=1400 audit(2000000057.700:739): avc:  denied  { read } for  pid=7488 comm="syz.0.438" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=0
May 18 03:34:17 syzkaller kern.warn kernel: [  167.048178][   T29] kauditd_printk_skb: 236 callbacks suppressed
May 18 03:34:17 syzkaller kern.notice kernel: [  167.048195][   T29] audit: type=1400 audit(2000000057.700:739): avc:  denied  { read } for  pid=7488 comm="syz.0.438" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t
[  167.226697][   T29] audit: type=1400 audit(2000000057.730:740): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:17 syzkaller kern.notice kernel: [  167.226697][   T29] audit: type=1400 audit(2000000057.730:740): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=l
[  167.304377][   T29] audit: type=1400 audit(2000000057.740:741): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:17 syzkaller kern.notice kernel: [  167.304377][   T29] audit: type=1400 audit(2000000057.740:741): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=l
[  167.356995][   T29] audit: type=1400 audit(2000000057.750:742): avc:  denied  { read } for  pid=7488 comm="syz.0.438" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=0
May 18 03:34:18 syzkaller kern.n[  167.383098][ T7494] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  167.383098][ T7494] The task syz.4.439 (7494) triggered the difference, watch for misbehavior.
otice kernel: [  167.356995][   T29] audit: type[  167.405237][   T29] audit: type=1400 audit(2000000057.750:743): avc:  denied  { read write } for  pid=5818 comm="syz-executor" name="loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
=1400 audit(2000000057.750:742): avc:  denied  { read } for  pid=7488 comm="syz.0.438" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t
May 18 03:34:18 syzkaller kern.info kernel: [  167.383098][ T7494] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
May 18 03:34:18 syzkaller kern.info kernel: [  167.383098][ T7494] The task syz.4.439 (7494) triggered the difference, watch for misbehavior.
May 18 03:34:18 syzkaller kern.notice kernel: [  167.405237][ [  167.477271][   T29] audit: type=1400 audit(2000000057.760:744): avc:  denied  { create } for  pid=7488 comm="syz.0.438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
  T29] audit: type=1400 audit(2000000057.750:743): avc:  denied  { read write } for  pid=5818 comm="syz-executor" name="loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fix
May 18 03:34:18 syzkaller kern.notice kernel: [  167.477271][   T29] audit: type=1400 audit(2000000057.760[  167.523944][   T29] audit: type=1400 audit(2000000057.910:745): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
:744): avc:  denied  { create } for  pid=7488 comm="syz.0.438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
May 18 03:34:18 syzkaller kern.notice kernel: [  167.523944][   T29] audit: type=1400 audit(2000000057.910:745): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=l
[  167.626029][   T29] audit: type=1400 audit(2000000057.930:746): avc:  denied  { create } for  pid=7491 comm="syz.4.439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
May 18 03:34:18 syzkaller kern.notice kernel: [  167.626029][   T29] audit: type=1400 audit(2000000057.930:746): avc:  denied  { create } for  pid=7491 comm="syz.4.439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=
[  167.678270][ T7504] xt_bpf: check failed: parse error
[  167.679858][   T29] audit: type=1400 audit(2000000057.930:747): avc:  denied  { create } for  pid=7491 comm="syz.4.439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
May 18 03:34:18 syzkaller kern.info kernel: [  1[  167.708484][   T29] audit: type=1400 audit(2000000057.940:748): avc:  denied  { read } for  pid=7491 comm="syz.4.439" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=0
67.678270][ T7504] xt_bpf: check failed: parse error
May 18 03:34:18 syzkaller kern.notice kernel: [  167.679858][   T29] audit: type=1400 audit(2000000057.930:747): avc:  denied  { create } for  pid=7491 comm="syz.4.439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=
May 18 03:34:18 syzkaller kern.notice kernel: [  167.708484][   T29] audit: type=1400 audit(2000000057.940:748): avc:  denied  { read } for  pid=7491 comm="syz.4.439" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t
[  169.124025][ T7546] sp0: Synchronizing with TNC
May 18 03:34:19 syzkaller kern.info kernel: [  169.124025][ T7546] sp0: Synchronizing with TNC
[  169.848312][ T7581] could not allocate digest TFM handle @
May 18 03:34:20 syzkaller kern.info kernel: [  169.848312][ T7581] could not allocate digest TFM handle @^E
[  172.074864][   T29] kauditd_printk_skb: 326 callbacks suppressed
[  172.074881][   T29] audit: type=1400 audit(2000000062.730:1075): avc:  denied  { read } for  pid=7635 comm="syz.2.492" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=0
May 18 03:34:22 syzkaller kern.warn kernel: [  172.074864][   T29] kauditd_printk_skb: 326 callbacks suppressed
May 18 03:34:22 syzkaller kern.notice kernel: [  172.074881][   T29] audit: type=1400 audit(2000000062.730:1075): avc:  denied  { read } for  pid=7635 comm="syz.2.492" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_
[  172.170559][   T29] audit: type=1400 audit(2000000062.760:1076): avc:  denied  { read } for  pid=7635 comm="syz.2.492" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=0
May 18 03:34:22 syzkaller kern.notice kernel: [  172.170559][   T29] audit: type=1400 audit(2000000062.760:1076): avc:  denied  { read } for  pid=7635 comm="syz.2.492" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_
[  172.237882][   T29] audit: type=1400 audit(2000000062.770:1077): avc:  denied  { create } for  pid=7635 comm="syz.2.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
May 18 03:34:22 syzkaller kern.notice kernel: [  172.237882][   T29] audit: type=1400 audit(2000000062.770:1077): avc:  denied  { create } for  pid=7635 comm="syz.2.492" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  172.312715][   T29] audit: type=1400 audit(2000000062.770:1078): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:22 syzkaller kern.notice kernel: [  172.312715][   T29] audit: type=1400 audit(2000000062.770:1078): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  172.376650][   T29] audit: type=1400 audit(2000000062.770:1079): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:23 syzkaller kern.notice kernel: [  172.376650][   T29] audit: type=1400 audit(2000000062.770:1079): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  172.453419][   T29] audit: type=1400 audit(2000000062.820:1080): avc:  denied  { read } for  pid=7637 comm="syz.0.493" dev="nsfs" ino=4026533139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
May 18 03:34:23 syzkaller kern.notice kernel: [  172.453419][   T29] audit: type=1400 audit(2000000062.820:1080): avc:  denied  { read } for  pid=7637 comm="syz.0.493" dev="nsfs" ino=4026533139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file pe
[  172.524461][   T29] audit: type=1400 audit(2000000062.850:1081): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:23 syzkaller kern.notice kernel: [  172.524461][   T29] audit: type=1400 audit(2000000062.850:1081): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  172.596358][   T29] audit: type=1400 audit(2000000062.870:1082): avc:  denied  { read write } for  pid=5818 comm="syz-executor" name="loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
May 18 03:34:23 syzkaller kern.notice kernel: [  172.596358][   T29] audit: type=1400 audit(2000000062.870:1082): avc:  denied  { read write } for  pid=5818 comm="syz-executor" name="loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fi
[  172.658513][   T29] audit: type=1400 audit(2000000062.910:1083): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:23 syzkaller kern.notice kernel: [  172.658513][   T29] audit: type=1400 audit(2000000062.910:1083): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  172.718630][   T29] audit: type=1400 audit(2000000062.960:1084): avc:  denied  { read write } for  pid=5822 comm="syz-executor" name="loop3" dev="devtmpfs" ino=650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
May 18 03:34:23 syzkaller kern.notice kernel: [  172.718630][   T29] audit: type=1400 audit(2000000062.960:1084): avc:  denied  { read write } for  pid=5822 comm="syz-executor" name="loop3" dev="devtmpfs" ino=650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fi
[  173.170088][ T7666] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7666 comm=syz.3.503
May 18 03:34:23 syzkaller kern.warn kernel: [  173.170088][ T7666] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7666 comm=syz.3.503
[  176.386958][ T7743] FAULT_INJECTION: forcing a failure.
[  176.386958][ T7743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.404648][ T7743] CPU: 0 UID: 0 PID: 7743 Comm: syz.3.530 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  176.415281][ T7743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  176.425354][ T7743] Call Trace:
[  176.428633][ T7743]  <TASK>
[  176.431544][ T7743]  dump_stack_lvl+0x16c/0x1f0
[  176.436210][ T7743]  should_fail_ex+0x497/0x5b0
[  176.440875][ T7743]  _copy_to_user+0x32/0xd0
[  176.445295][ T7743]  simple_read_from_buffer+0xd0/0x160
[  176.450672][ T7743]  proc_fail_nth_read+0x198/0x270
[  176.455723][ T7743]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.461296][ T7743]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.466864][ T7743]  vfs_read+0x1df/0xbe0
[  176.471036][ T7743]  ? __fget_files+0x1fc/0x3a0
[  176.475729][ T7743]  ? __pfx___mutex_lock+0x10/0x10
[  176.480778][ T7743]  ? __pfx_vfs_read+0x10/0x10
[  176.485482][ T7743]  ? __fget_files+0x206/0x3a0
[  176.490182][ T7743]  ksys_read+0x12b/0x250
[  176.494433][ T7743]  ? __pfx_ksys_read+0x10/0x10
[  176.499215][ T7743]  do_syscall_64+0xcd/0x250
[  176.503737][ T7743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.509646][ T7743] RIP: 0033:0x7f4e9bd8472c
[  176.514068][ T7743] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  176.533691][ T7743] RSP: 002b:00007f4e9cadb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  176.542124][ T7743] RAX: ffffffffffffffda RBX: 00007f4e9bf75fa0 RCX: 00007f4e9bd8472c
[  176.550110][ T7743] RDX: 000000000000000f RSI: 00007f4e9cadb0a0 RDI: 0000000000000003
[  176.558086][ T7743] RBP: 00007f4e9cadb090 R08: 0000000000000000 R09: 0000000000000000
[  176.566047][ T7743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.574013][ T7743] R13: 0000000000000000 R14: 00007f4e9bf75fa0 R15: 00007fff937313f8
[  176.582006][ T7743]  </TASK>
May 18 03:34:27 syzkaller kern.notice kernel: [  176.386958][ T7743] FAULT_INJECTION: forcing a failure.
May 18 03:34:27 syzkaller kern.notice kernel: [  176.386958][ T7743] name fail_usercopy, interval 1, probability 0, space 0, times 0
May 18 03:34:27 syzkaller kern.warn kernel: [  176.404648][ T7743] CPU: 0 UID: 0 PID: 7743 Comm: syz.3.530 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
May 18 03:34:27 syzkaller kern.warn kernel: [  176.415281][ T7743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
May 18 03:34:27 syzkaller kern.warn kernel: [  176.425354][ T7743] Call Trace:
May 18 03:34:27 syzkaller kern.warn kernel: [  176.428633][ T7743]  <TASK>
May 18 03:34:27 syzkaller kern.warn kernel: [  176.431544][ T7743]  dump_stack_lvl+0x16c/0x1f0
May 18 03:34:27 syzkaller kern.warn kernel: [  176.436210][ T7743]  should_fail_ex+0x497/0x5b0
May 18 03:34:27 syzkaller kern.warn kernel: [  176.440875][ T7743]  _copy_to_user+0x32/0xd0
May 18 03:34:27 syzkaller kern.warn kernel: [  176.445295][ T7743]  simple_read_from_buffer+0xd0/0x160
May 18 03:34:27 syzkaller kern.warn kernel: [  176.450672][ T7743]  proc_fail_nth_read+0x198/0x270
May 18 03:34:27 syzkaller kern.warn kernel: [  176.455723][ T7743]  ? __pfx_proc_fail_nth_read+0x10/0x10
May 18 03:34:27 syzkaller kern.warn kernel: [  176.461296][ T7743]  ? __pfx_proc_fail_nth_read+0x10/0x10
May 18 03:34:27 syzkaller kern.warn kernel: [  176.466864][ T7743]  vfs_read+0x1df/0xbe0
May 18 03:34:27 syzkaller kern.warn kernel: [  176.471036][ T7743]  ? __fget_files+0x1fc/0x3a0
May 18 03:34:27 syzkaller kern.warn kernel: [  176.475729][ T7743]  ? __pfx___mutex_lock+0x10/0x10
May 18 03:34:27 syzkaller kern.warn kernel: [  176.480778][ T7743]  ? __pfx_vfs_read+0x10/0x10
May 18 03:34:27 syzkaller kern.warn kernel: [  176.485482][ T7743]  ? __fget_files+0x206/0x3a0
May 18 03:34:27 syzkaller kern.warn kernel: [  176.490182][ T7743]  ksys_read+0x12b/0x250
May 18 03:34:27 syzkaller kern.warn kernel: [  176.494433][ T7743]  ? __pfx_ksys_read+0x10/0x10
May 18 03:34:27 syzkaller kern.warn kernel: [  176.499215][ T7743]  do_syscall_64+0xcd/0x250
May 18 03:34:27 syzkaller kern.warn kernel: [  176.503737][ T7743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
May 18 03:34:27 syzkaller kern.warn kernel: [  176.509646][ T7743] RIP: 0033:0x7f4e9bd8472c
May 18 03:34:27 syzkaller kern.warn kernel: [  176.514068][ T7743] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
May 18 03:34:27 syzkaller kern.warn kernel: [  176.533691][ T7743] RSP: 002b:00007f4e9cadb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
May 18 03:34:27 syzkaller kern.warn kernel: [  176.542124][ T7743] RAX: ffffffffffffffda RBX: 00007f4e9bf75fa0 RCX: 00007f4e9bd8472c
May 18 03:34:27 syzkaller kern.warn kernel: [  176.550110][ T7743] RDX: 000000000000000f RSI: 00007f4e9cadb0a0 RDI: 0000000000000003
May 18 03:34:27 syzkaller kern.warn kernel: [  176.558086][ T7743] RBP: 00007f4e9cadb090 R08: 0000000000000000 R09: 0000000000000000
May 18 03:34:27 syzkaller kern.warn kernel: [  176.566047][ T7743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
May 18 03:34:27 syzkaller kern.warn kernel: [  176.574013][ T7743] R13: 0000000000000000 R14: 00007f4e9bf75fa0 R15: 00007fff937313f8
May 18 03:34:27 syzkaller kern.warn kernel: [  176.582006][ T7743]  </TASK>
[  177.226262][   T29] kauditd_printk_skb: 310 callbacks suppressed
[  177.226304][   T29] audit: type=1400 audit(2000000067.880:1395): avc:  denied  { read write } for  pid=5812 comm="syz-executor" name="loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
May 18 03:34:27 [  177.257935][   T29] audit: type=1400 audit(2000000067.900:1396): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
syzkaller kern.warn kernel: [  177.226262][   T29] kauditd_print[  177.284917][   T29] audit: type=1400 audit(2000000067.910:1397): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
k_skb: 310 callbacks suppressed
May 18 03:34:27[  177.311895][   T29] audit: type=1400 audit(2000000067.940:1398): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
 syzkaller kern.notice kernel: [[  177.336605][   T29] audit: type=1400 audit(2000000067.940:1399): avc:  denied  { create } for  pid=7767 comm="syz.2.540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
  177.226304][   T29] audit: type=1400 audit(2000000067.880:1395[  177.360897][   T29] audit: type=1400 audit(2000000067.960:1400): avc:  denied  { read write } for  pid=5812 comm="syz-executor" name="loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
): avc:  denied  { read write } for  pid=5812 co[  177.389664][   T29] audit: type=1400 audit(2000000067.960:1401): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
mm="syz-executor" name="loop2" dev="devtmpfs" in[  177.415314][   T29] audit: type=1400 audit(2000000067.980:1402): avc:  denied  { read } for  pid=7769 comm="syz.2.541" dev="nsfs" ino=4026533130 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
o=649 scontext=r[  177.437556][   T29] audit: type=1400 audit(2000000067.980:1403): avc:  denied  { create } for  pid=7769 comm="syz.2.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=0
oot:sysadm_r:sys[  177.457914][   T29] audit: type=1400 audit(2000000067.990:1404): avc:  denied  { prog_load } for  pid=7769 comm="syz.2.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
adm_t tcontext=system_u:object_r:fi
May 18 03:34:27 syzkaller kern.notice kernel: [  177.257935][   T29] audit: type=1400 audit(2000000067.900:1396): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
May 18 03:34:27 syzkaller kern.notice kernel: [  177.284917][   T29] audit: type=1400 audit(2000000067.910:1397): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
May 18 03:34:27 syzkaller kern.notice kernel: [  177.311895][   T29] audit: type=1400 audit(2000000067.940:1398): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
May 18 03:34:28 syzkaller kern.notice kernel: [  177.336605][   T29] audit: type=1400 audit(2000000067.940:1399): avc:  denied  { create } for  pid=7767 comm="syz.2.540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
May 18 03:34:28 syzkaller kern.notice kernel: [  177.360897][   T29] audit: type=1400 audit(2000000067.960:1400): avc:  denied  { read write } for  pid=5812 comm="syz-executor" name="loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fi
May 18 03:34:28 syzkaller kern.notice kernel: [  177.389664][   T29] audit: type=1400 audit(2000000067.960:1401): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
May 18 03:34:28 syzkaller kern.notice kernel: [  177.415314][   T29] audit: type=1400 audit(2000000067.980:1402): avc:  denied  { read } for  pid=7769 comm="syz.2.541" dev="nsfs" ino=4026533130 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file pe
May 18 03:34:28 syzkaller kern.notice kernel: [  177.437556][   T29] audit: type=1400 audit(2000000067.980:1403): avc:  denied  { create } for  pid=7769 comm="syz.2.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=0
May 18 03:34:28 syzkaller kern.notice kernel: [  177.457914][   T29] audit: type=1400 audit(2000000067.990:1404): avc:  denied  { prog_load } for  pid=7769 comm="syz.2.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  178.789854][ T7823] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7823 comm=syz.1.561
May 18 03:34:29 syzkaller kern.warn kernel: [  178.789854][ T7823] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7823 comm=syz.1.561
[  179.083857][ T7837] futex_wake_op: syz.2.568 tries to shift op by -1; fix this program
May 18 03:34:29 syzkaller kern.info kernel: [  179.083857][ T7837] futex_wake_op: syz.2.568 tries to shift op by -1; fix this program
[  179.590412][ T7823] syz.1.561 (7823): drop_caches: 2
May 18 03:34:30 syzkaller kern.info kernel: [  179.590412][ T7823] syz.1.561 (7823): drop_caches: 2
[  180.748802][ T7893] FAULT_INJECTION: forcing a failure.
[  180.748802][ T7893] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.798353][ T7893] CPU: 0 UID: 0 PID: 7893 Comm: syz.0.588 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  180.808979][ T7893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  180.819024][ T7893] Call Trace:
[  180.822290][ T7893]  <TASK>
[  180.825207][ T7893]  dump_stack_lvl+0x16c/0x1f0
[  180.829879][ T7893]  should_fail_ex+0x497/0x5b0
[  180.834553][ T7893]  _copy_from_user+0x2e/0xd0
[  180.839139][ T7893]  do_sock_getsockopt+0x5f6/0x800
[  180.844155][ T7893]  ? trace_lock_acquire+0x130/0x1f0
[  180.849352][ T7893]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  180.854889][ T7893]  ? lock_acquire+0x2f/0xb0
[  180.859387][ T7893]  ? __fget_files+0x40/0x3a0
[  180.863969][ T7893]  ? __fget_files+0x206/0x3a0
[  180.868649][ T7893]  __sys_getsockopt+0x12f/0x260
[  180.873501][ T7893]  __x64_sys_getsockopt+0xbd/0x160
[  180.878605][ T7893]  ? do_syscall_64+0x91/0x250
[  180.883273][ T7893]  ? lockdep_hardirqs_on+0x7c/0x110
[  180.888458][ T7893]  do_syscall_64+0xcd/0x250
[  180.892954][ T7893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.898855][ T7893] RIP: 0033:0x7f0eccf85d19
[  180.903256][ T7893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.922848][ T7893] RSP: 002b:00007f0ecddba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  180.931249][ T7893] RAX: ffffffffffffffda RBX: 00007f0ecd175fa0 RCX: 00007f0eccf85d19
[  180.939208][ T7893] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003
[  180.947183][ T7893] RBP: 00007f0ecddba090 R08: 0000000020000880 R09: 0000000000000000
[  180.955142][ T7893] R10: 00000000200007c0 R11: 0000000000000246 R12: 0000000000000001
[  180.963105][ T7893] R13: 0000000000000000 R14: 00007f0ecd175fa0 R15: 00007ffe4259f478
[  180.971075][ T7893]  </TASK>
[  180.974188][    C0] vkms_vblank_simulate: vblank timer overrun
May 18 03:34:31 syzkaller kern.notice kernel: [  180.748802][ T7893] FAULT_INJECTION: forcing a failure.
May 18 03:34:31 syzkaller kern.notice kernel: [  180.748802][ T7893] name fail_usercopy, interval 1, probability 0, space 0, times 0
May 18 03:34:31 syzkaller kern.warn kernel: [  180.798353][ T7893] CPU: 0 UID: 0 PID: 7893 Comm: syz.0.588 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
May 18 03:34:31 syzkaller kern.warn kernel: [  180.808979][ T7893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
May 18 03:34:31 syzkaller kern.warn kernel: [  180.819024][ T7893] Call Trace:
May 18 03:34:31 syzkaller kern.warn kernel: [  180.822290][ T7893]  <TASK>
May 18 03:34:31 syzkaller kern.warn kernel: [  180.825207][ T7893]  dump_stack_lvl+0x16c/0x1f0
May 18 03:34:31 syzkaller kern.warn kernel: [  180.829879][ T7893]  should_fail_ex+0x497/0x5b0
May 18 03:34:31 syzkaller kern.warn kernel: [  180.834553][ T7893]  _copy_from_user+0x2e/0xd0
May 18 03:34:31 syzkaller kern.warn kernel: [  180.839139][ T7893]  do_sock_getsockopt+0x5f6/0x800
May 18 03:34:31 syzkaller kern.warn kernel: [  180.844155][ T7893]  ? trace_lock_acquire+0x130/0x1f0
May 18 03:34:31 syzkaller kern.warn kernel: [  180.849352][ T7893]  ? __pfx_do_sock_getsockopt+0x10/0x10
May 18 03:34:31 syzkaller kern.warn kernel: [  180.854889][ T7893]  ? lock_acquire+0x2f/0xb0
May 18 03:34:31 syzkaller kern.warn kernel: [  180.859387][ T7893]  ? __fget_files+0x40/0x3a0
May 18 03:34:31 syzkaller kern.warn kernel: [  180.863969][ T7893]  ? __fget_files+0x206/0x3a0
May 18 03:34:31 syzkaller kern.warn kernel: [  180.868649][ T7893]  __sys_getsockopt+0x12f/0x260
May 18 03:34:31 syzkaller kern.warn kernel: [  180.873501][ T7893]  __x64_sys_getsockopt+0xbd/0x160
May 18 03:34:31 syzkaller kern.warn kernel: [  180.878605][ T7893]  ? do_syscall_64+0x91/0x250
May 18 03:34:31 syzkaller kern.warn kernel: [  180.883273][ T7893]  ? lockdep_hardirqs_on+0x7c/0x110
May 18 03:34:31 syzkaller kern.warn kernel: [  180.888458][ T7893]  do_syscall_64+0xcd/0x250
May 18 03:34:31 syzkaller kern.warn kernel: [  180.892954][ T7893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
May 18 03:34:31 syzkaller kern.warn kernel: [  180.898855][ T7893] RIP: 0033:0x7f0eccf85d19
May 18 03:34:31 syzkaller kern.warn kernel: [  180.903256][ T7893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
May 18 03:34:31 syzkaller kern.warn kernel: [  180.922848][ T7893] RSP: 002b:00007f0ecddba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
May 18 03:34:31 syzkaller kern.warn kernel: [  180.931249][ T7893] RAX: ffffffffffffffda RBX: 00007f0ecd175fa0 RCX: 00007f0eccf85d19
May 18 03:34:31 syzkaller kern.warn kernel: [  180.939208][ T7893] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003
May 18 03:34:31 syzkaller kern.warn kernel: [  180.947183][ T7893] RBP: 00007f0ecddba090 R08: 0000000020000880 R09: 0000000000000000
May 18 03:34:31 syzkaller kern.warn kernel: [  180.955142][ T7893] R10: 00000000200007c0 R11: 0000000000000246 R12: 0000000000000001
May 18 03:34:31 syzkaller kern.warn kernel: [  180.963105][ T7893] R13: 0000000000000000 R14: 00007f0ecd175fa0 R15: 00007ffe4259f478
May 18 03:34:31 syzkaller kern.warn kernel: [  180.971075][ T7893]  </TASK>
May 18 03:34:31 syzkaller kern.warn kernel: [  180.974188][    C0] vkms_vblank_simulate: vblank timer overrun
[  181.737465][ T7908] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2047 sclass=netlink_route_socket pid=7908 comm=syz.2.593
May 18 03:34:32 syzkaller kern.warn kernel: [  181.737465][ T7908] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2047 sclass=netlink_route_socket pid=7908 comm=syz.2.593
[  182.188457][ T7919] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
May 18 03:34:32 syzkaller kern.info kernel: [  182.188457][ T7919] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  182.252150][   T29] kauditd_printk_skb: 419 callbacks suppressed
[  182.252167][   T29] audit: type=1400 audit(2000000072.910:1824): avc:  denied  { prog_load } for  pid=7915 comm="syz.2.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
May 18 03:34:32 syzkaller kern.warn kernel: [  182.252150][   T29] kauditd_printk_skb: 419 callbacks suppressed
May 18 03:34:32 syzkaller kern.notice kernel: [  182.252167][   T29] audit: type=1400 audit(2000000072.910:1824): avc:  denied  { prog_load } for  pid=7915 com[  182.319091][   T29] audit: type=1400 audit(2000000072.930:1825): avc:  denied  { read write } for  pid=5822 comm="syz-executor" name="loop3" dev="devtmpfs" ino=650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
m="syz.2.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
May 18 03:34:33 syzkaller kern.notice kernel: [  182.319091][   T29] audit: type=1400 audit(2000000072.930:1825): avc:  denied  { read write } for  pid=5[  182.365403][   T29] audit: type=1400 audit(2000000072.940:1826): avc:  denied  { read write } for  pid=5824 comm="syz-executor" name="loop1" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
822 comm="syz-executor" name="loop3" dev="devtmpfs" ino=650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fi
May 18 03:34:33 syzkaller kern.notice kernel: [  182.365403][   T29] audit: type=1400 audit(2000000072.940:1826): avc:  denied  { read write } for  pid=5824 comm="syz-executor" name="loop1" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fi
[  182.426885][   T29] audit: type=1400 audit(2000000072.940:1827): avc:  denied  { read } for  pid=7915 comm="syz.2.597" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=0
May 18 03:34:33 syzkaller kern.notice kernel: [  182.426885][   T29] audit: type=1400 audit(2000000072.940:1827): avc:  denied  { read } for  pid=7915 comm="syz.2.597" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t t
[  182.486590][   T29] audit: type=1400 audit(2000000072.950:1828): avc:  denied  { prog_load } for  pid=7915 comm="syz.2.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
May 18 03:34:33 syzkaller kern.notice kernel: [  182.486590][   T29] audit: type=1400 audit(2000000072.950:1828): avc:  denied  { prog_load } for  pid=7915 comm="syz.2.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tcl[  182.527559][   T29] audit: type=1400 audit(2000000072.950:1829): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
ass=bpf permissive=0
May 18 03:34:33 syzkaller kern.notice kernel: [  182.527559][   T29] audit: type=1400 audit(2000000072.950:1829): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  182.646202][   T29] audit: type=1400 audit(2000000072.950:1830): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:33 syzkaller kern.notice kernel: [  182.646202][   T29] audit: type=1400 audit(2000000072.950:1830): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  182.729422][   T29] audit: type=1400 audit(2000000073.010:1831): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:33 syzkaller kern.notice kernel: [  182.729422][   T29] audit: type=1400 audit(2000000073.010:1831): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:[  182.778786][   T29] audit: type=1400 audit(2000000073.010:1832): avc:  denied  { read write } for  pid=5812 comm="syz-executor" name="loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
syslogd_t tcontext=system_u:object_r:var_t tclass=
May 18 03:34:33 syzkaller kern.notice kernel: [  182.778786][   T29] audit: type=1400 audit(2000000073.010:1832): avc:  denied  { read write } for  pid=5812 comm="syz-executor" name="loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fi
[  182.958007][   T29] audit: type=1400 audit(2000000073.050:1833): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:33 syzkaller kern.notice kernel: [  182.958007][   T29] audit: type=1400 audit(2000000073.050:1833): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  187.263272][   T29] kauditd_printk_skb: 346 callbacks suppressed
[  187.263288][   T29] audit: type=1400 audit(2000000077.920:2180): avc:  denied  { prog_load } for  pid=8047 comm="syz.3.645" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
May 18 03:34:37 syzkaller kern.warn kernel: [  187.263272][   T29] kauditd_printk_skb: 346 callbacks suppressed
May 18 03:34:37 syzkaller kern.notice kernel: [  187.263288][   T29] audit: type=1400 audit(2000000077.920:2180): avc:  denied  { prog_load } for  pid=8047 comm="syz.3.645" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  187.397605][   T29] audit: type=1400 audit(2000000077.930:2181): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:38 syzkaller kern.notice kernel: [  187.397605][   T29] audit: type=1400 audit(2000000077.930:2181): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  187.540048][   T29] audit: type=1400 audit(2000000077.950:2182): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:38 [  187.562915][   T29] audit: type=1400 audit(2000000077.960:2183): avc:  denied  { create } for  pid=8047 comm="syz.3.645" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=0
syzkaller kern.n[  187.584624][   T29] audit: type=1400 audit(2000000077.960:2184): avc:  denied  { read write } for  pid=8047 comm="syz.3.645" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=0
otice kernel: [ [  187.608768][   T29] audit: type=1400 audit(2000000077.960:2185): avc:  denied  { create } for  pid=8048 comm="syz.0.646" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=0
 187.540048][   T29] audit: type=1400 audit(2000000077.950:2182): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tconte[  187.647519][   T29] audit: type=1400 audit(2000000077.980:2186): avc:  denied  { read write } for  pid=5818 comm="syz-executor" name="loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
xt=system_u:object_r:var_t tclass=
May 18 03:34:38 syzkaller kern.notice kernel: [  187.562915][  187.672319][   T29] audit: type=1400 audit(2000000078.020:2187): avc:  denied  { read write } for  pid=5822 comm="syz-executor" name="loop3" dev="devtmpfs" ino=650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   T29] audit: type=1400 audit(2000000077.960:2183): avc:  denied  { create } for  pid=8047 comm="syz.3.645" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=0
[  187.672361][   T29] audit: type=1400 audit(2000000078.100:2188): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
[  187.672394][   T29] audit: type=1400 audit(2000000078.230:2189): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:38 syzkaller kern.notice kernel: [  187.584624][   T29] audit: type=1400 audit(2000000077.960:2184): avc:  denied  { read write } for  pid=8047 comm="syz.3.645" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram
May 18 03:34:38 syzkaller kern.notice kernel: [  187.608768][   T29] audit: type=1400 audit(2000000077.960:2185): avc:  denied  { create } for  pid=8048 comm="syz.0.646" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode p
May 18 03:34:38 syzkaller kern.notice kernel: [  187.647519][   T29] audit: type=1400 audit(2000000077.980:2186): avc:  denied  { read write } for  pid=5818 comm="syz-executor" name="loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fi
May 18 03:34:38 syzkaller kern.notice kernel: [  187.672319][   T29] audit: type=1400 audit(2000000078.020:2187): avc:  denied  { read write } for  pid=5822 comm="syz-executor" name="loop3" dev="devtmpfs" ino=650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fi
May 18 03:34:38 syzkaller kern.notice kernel: [  187.672361][   T29] audit: type=1400 audit(2000000078.100:2188): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
May 18 03:34:38 syzkaller kern.notice kernel: [  187.672394][   T29] audit: type=1400 audit(2000000078.230:2189): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  192.280024][   T29] kauditd_printk_skb: 325 callbacks suppressed
[  192.280042][   T29] audit: type=1400 audit(2000000082.940:2513): avc:  denied  { execmem } for  pid=8174 comm="syz.1.690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
May 18 03:34:42 syzkaller kern.warn kernel: [  192.280024][   T29] kauditd_printk_skb: 325 callbacks suppressed
May 18 03:34:42 syzkaller kern.notice kernel: [  192.280042][   T29] audit: type=1400 audit(2000000082.940:2513): avc:  denied  { execmem } for  pid=8174 comm="syz.1.690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  192.355487][   T29] audit: type=1400 audit(2000000082.970:2514): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:43 syzkaller kern.notice kernel: [  192.355487][   T29] audit: type=1400 audit(2000000082.970:2514): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  192.489583][   T29] audit: type=1400 audit(2000000082.970:2515): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0
May 18 03:34:43 syzkaller kern.notice kernel: [  192.489583][   T29] audit: type=1400 audit(2000000082.970:2515): avc:  denied  { read } for  pid=5172 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=
[  192.568806][   T29] audit: type=1400 audit(2000000082.980:2516): avc:  denied  { read write } for  pid=5822 comm="syz-executor" name="loop3" dev="devtmpfs" ino=650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
May 18 03:34:43 syzkaller kern.notice kernel: [  192.568806][   T29] audit: type=1400 audit(2000000082.980:2516): avc:  denied  { read write } for  pid=5822 comm="syz-executor" name="loop3" dev="devtmpfs" ino=650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fi
[  192.709648][   T29] audit: type=1400 audit(2000000082.990:2517): avc:  denied  { prog_load } for  pid=8174 comm="syz.1.690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
May 18 03:34:43 syzkaller kern.notice kernel: [  192.709648][   T29] audit: type=1400 audit(2000000082.990:2517): avc:  denied  { prog_load } for  pid=8174 comm="syz.1.690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  192.769371][   T29] audit: type=1400 audit(2000000082.990:2518): avc:  denied  { read } for  pid=8174 comm="syz.1.690" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=0
May 18 03:34:43 syzkaller kern.notice kernel: [  192.769371][   T29] audit: type=1400 audit(2000000082.990:2518): avc:  denied  { read } for  pid=8174 comm="syz.1.690" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t t
[  192.827364][   T29] audit: type=1400 audit(2000000083.000:2519): avc:  denied  { bpf } for  pid=8174 comm="syz.1.690" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=0
May 18 03:34:43 syzkaller kern.notice kernel: [  192.827364][   T29] audit: type=1400 audit(2000000083.000:2519): avc:  denied  { bpf } for  pid=8174 comm="syz.1.690" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissiv
[  192.937177][   T29] audit: type=1400 audit(2000000083.000:2520): avc:  denied  { prog_load } for  pid=8174 comm="syz.1.690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  192.981647][   T29] audit: type=1400 audit(2000000083.010:2521): avc:  denied  { bpf } for  pid=8174 comm="syz.1.690" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=0
May 18 03:34:43 syzkaller kern.notice kernel: [  192.937177][   [  193.008977][   T29] audit: type=1400 audit(2000000083.030:2522): avc:  denied  { bpf } for  pid=8174 comm="syz.1.690" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=0
T29] audit: type=1400 audit(2000000083.000:2520): avc:  denied  { prog_load } for  pid=8174 comm="syz.1.690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
May 18 03:34:43 syzkaller kern.notice kernel: [  192.981647][   T29] audit: type=1400 audit(2000000083.010:2521): avc:  denied  { bpf } for  pid=8174 comm="syz.1.690" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissiv
May 18 03:34:43 syzkaller kern.notice kernel: [  193.008977][   T29] audit: type=1400 audit(2000000083.030:2522): avc:  denied  { bpf } for  pid=8174 comm="syz.1.690" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissiv
[  193.189998][ T8196] FAULT_INJECTION: forcing a failure.
[  193.189998][ T8196] name failslab, interval 1, probability 0, space 0, times 0
[  193.203029][ T8196] CPU: 1 UID: 0 PID: 8196 Comm: syz.1.698 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
[  193.213625][ T8196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  193.223691][ T8196] Call Trace:
[  193.226973][ T8196]  <TASK>
[  193.229886][ T8196]  dump_stack_lvl+0x16c/0x1f0
[  193.234554][ T8196]  should_fail_ex+0x497/0x5b0
[  193.239234][ T8196]  ? fs_reclaim_acquire+0xae/0x150
[  193.244335][ T8196]  should_failslab+0xc2/0x120
[  193.248997][ T8196]  __kmalloc_noprof+0xcb/0x510
[  193.253742][ T8196]  ? trace_kmalloc+0x2d/0xd0
[  193.258326][ T8196]  ? __kmalloc_noprof+0x23b/0x510
[  193.263342][ T8196]  tomoyo_realpath_from_path+0xb9/0x720
[  193.268904][ T8196]  ? tomoyo_fill_path_info+0x233/0x420
[  193.274367][ T8196]  tomoyo_mount_acl+0x1af/0x880
[  193.279212][ T8196]  ? hlock_class+0x4e/0x130
[  193.283714][ T8196]  ? __lock_acquire+0x15a9/0x3c40
[  193.288736][ T8196]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  193.294100][ T8196]  ? __pfx___lock_acquire+0x10/0x10
[  193.299285][ T8196]  ? stack_trace_save+0x95/0xd0
[  193.304134][ T8196]  ? __pfx_lock_release+0x10/0x10
[  193.309154][ T8196]  ? trace_lock_acquire+0x14e/0x1f0
[  193.314347][ T8196]  ? tomoyo_mount_permission+0x149/0x420
[  193.319968][ T8196]  ? lock_acquire+0x2f/0xb0
[  193.324456][ T8196]  ? tomoyo_mount_permission+0x149/0x420
[  193.330078][ T8196]  tomoyo_mount_permission+0x16e/0x420
[  193.335525][ T8196]  ? tomoyo_mount_permission+0x149/0x420
[  193.341147][ T8196]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  193.347123][ T8196]  ? get_current_fs_domain+0x184/0x1f0
[  193.352580][ T8196]  security_sb_mount+0x9b/0x260
[  193.357422][ T8196]  path_mount+0x129/0x1f20
[  193.361845][ T8196]  ? kmem_cache_free+0x152/0x4c0
[  193.366776][ T8196]  ? __pfx_path_mount+0x10/0x10
[  193.371622][ T8196]  ? putname+0x13c/0x180
[  193.375860][ T8196]  __x64_sys_mount+0x294/0x320
[  193.380615][ T8196]  ? __pfx___x64_sys_mount+0x10/0x10
[  193.385896][ T8196]  do_syscall_64+0xcd/0x250
[  193.390395][ T8196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.396282][ T8196] RIP: 0033:0x7f42ca985d19
[  193.400687][ T8196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.420286][ T8196] RSP: 002b:00007f42cb82d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  193.428691][ T8196] RAX: ffffffffffffffda RBX: 00007f42cab75fa0 RCX: 00007f42ca985d19
[  193.436676][ T8196] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000
[  193.444647][ T8196] RBP: 00007f42cb82d090 R08: 0000000020000580 R09: 0000000000000000
[  193.452608][ T8196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.460568][ T8196] R13: 0000000000000000 R14: 00007f42cab75fa0 R15: 00007ffe5e4fd7e8
[  193.468536][ T8196]  </TASK>
[  193.498392][ T8196] ERROR: Out of memory at tomoyo_realpath_from_path.
[  193.501883][ T8200] netlink: 36 bytes leftover after parsing attributes in process `syz.4.699'.
May 18 03:34:44 syzkaller kern.notice kernel: [  193.189998][ T8196] FAULT_INJECTION: forcing a failure.
May 18 03:34:44 syzkaller kern.notice kernel: [  193.189998][ T8196] name failslab, interval 1, probability 0, space 0, times 0
May 18 03:34:44 syzkaller kern.warn kernel: [  193.203029][ T8196] CPU: 1 UID: 0 PID: 8196 Comm: syz.1.698 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
May 18 03:34:44 syzkaller kern.warn kernel: [  193.213625][ T8196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
May 18 03:34:44 syzkaller kern.warn kernel: [  193.223691][ T8196] Call Trace:
May 18 03:34:44 syzkaller kern.warn kernel: [  193.226973][ T8196]  <TASK>
May 18 03:34:44 syzkaller kern.warn kernel: [  193.229886][ T8196]  dump_stack_lvl+0x16c/0x1f0
May 18 03:34:44 syzkaller kern.warn kernel: [  193.234554][ T8196]  should_fail_ex+0x497/0x5b0
May 18 03:34:44 syzkaller kern.warn kernel: [  193.239234][ T8196]  ? fs_reclaim_acquire+0xae/0x150
May 18 03:34:44 syzkaller kern.warn kernel: [  193.244335][ T8196]  should_failslab+0xc2/0x120
May 18 03:34:44 syzkaller kern.warn kernel: [  193.248997][ T8196]  __kmalloc_noprof+0xcb/0x510
May 18 03:34:44 syzkaller kern.warn kernel: [  193.253742][ T8196]  ? trace_kmalloc+0x2d/0xd0
May 18 03:34:44 syzkaller kern.warn kernel: [  193.258326][ T8196]  ? __kmalloc_noprof+0x23b/0x510
May 18 03:34:44 syzkaller kern.warn kernel: [  193.263342][ T8196]  tomoyo_realpath_from_path+0xb9/0x720
May 18 03:34:44 syzkaller kern.warn kernel: [  193.268904][ T8196]  ? tomoyo_fill_path_info+0x233/0x420
May 18 03:34:44 syzkaller kern.warn kernel: [  193.274367][ T8196]  tomoyo_mount_acl+0x1af/0x880
May 18 03:34:44 syzkaller kern.warn kernel: [  193.279212][ T8196]  ? hlock_class+0x4e/0x130
May 18 03:34:44 syzkaller kern.warn kernel: [  193.283714][ T8196]  ? __lock_acquire+0x15a9/0x3c40
May 18 03:34:44 syzkaller kern.warn kernel: [  193.288736][ T8196]  ? __pfx_tomoyo_mount_acl+0x10/0x10
May 18 03:34:44 syzkaller kern.warn kernel: [  193.294100][ T8196]  ? __pfx___lock_acquire+0x10/0x10
May 18 03:34:44 syzkaller kern.warn kernel: [  193.299285][ T8196]  ? stack_trace_save+0x95/0xd0
May 18 03:34:44 syzkaller kern.warn kernel: [  193.304134][ T8196]  ? __pfx_lock_release+0x10/0x10
May 18 03:34:44 syzkaller kern.warn kernel: [  193.309154][ T8196]  ? trace_lock_acquire+0x14e/0x1f0
May 18 03:34:44 syzkaller kern.warn kernel: [  193.314347][ T8196]  ? tomoyo_mount_permission+0x149/0x420
May 18 03:34:44 syzkaller kern.warn kernel: [  193.319968][ T8196]  ? lock_acquire+0x2f/0xb0
May 18 03:34:44 syzkaller kern.warn kernel: [  193.324456][ T8196]  ? tomoyo_mount_permission+0x149/0x420
May 18 03:34:44 syzkaller kern.warn kernel: [  193.330078][ T8196]  tomoyo_mount_permission+0x16e/0x420
[  193.759337][    C0] 
May 18 03:34:44 [  193.762061][    C0] =============================
syzkaller kern.w[  193.768266][    C0] [ BUG: Invalid wait context ]
arn kernel: [  1[  193.774472][    C0] 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 Not tainted
93.335525][ T819[  193.782943][    C0] -----------------------------
6]  ? tomoyo_mou[  193.789158][    C0] syz.1.700/8202 is trying to lock:
nt_permission+0x[  193.795714][    C0] ffff88813fffc298 (&zone->lock){-.-.}-{3:3}, at: __rmqueue_pcplist+0x6bb/0x1600
149/0x420
May 1[  193.806186][    C0] other info that might help us debug this:
8 03:34:44 syzka[  193.813448][    C0] context-{2:2}
ller kern.warn k[  193.818264][    C0] 1 lock held by syz.1.700/8202:
ernel: [  193.34[  193.824561][    C0]  #0: ffff8880b8644c58 (&pcp->lock){+.+.}-{3:3}, at: get_page_from_freelist+0x350/0x2f80
1147][ T8196]  ?[  193.835813][    C0] stack backtrace:
 __pfx_tomoyo_mo[  193.840893][    C0] CPU: 0 UID: 0 PID: 8202 Comm: syz.1.700 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
unt_permission+0[  193.852832][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
x10/0x10
May 18[  193.864256][    C0] Call Trace:
 03:34:44 syzkal[  193.868912][    C0]  <TASK>
ler kern.warn ke[  193.873196][    C0]  dump_stack_lvl+0x116/0x1f0
rnel: [  193.347[  193.879224][    C0]  __lock_acquire+0x878/0x3c40
123][ T8196]  ? [  193.885337][    C0]  ? find_held_lock+0x2d/0x110
get_current_fs_d[  193.891444][    C0]  ? __pfx___lock_acquire+0x10/0x10
omain+0x184/0x1f[  193.897990][    C0]  ? tcp_v4_rcv+0x33af/0x4380
0
May 18 03:34:[  193.904013][    C0]  lock_acquire.part.0+0x11b/0x380
44 syzkaller ker[  193.910470][    C0]  ? __rmqueue_pcplist+0x6bb/0x1600
n.warn kernel: [[  193.917013][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
  193.352580][ T[  193.923994][    C0]  ? rcu_is_watching+0x12/0xc0
8196]  security_[  193.930105][    C0]  ? trace_lock_acquire+0x14e/0x1f0
sb_mount+0x9b/0x[  193.936652][    C0]  ? __rmqueue_pcplist+0x6bb/0x1600
260
May 18 03:3[  193.943197][    C0]  ? lock_acquire+0x2f/0xb0
4:44 syzkaller k[  193.949049][    C0]  ? __rmqueue_pcplist+0x6bb/0x1600
ern.warn kernel:[  193.955596][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
 [  193.357422][[  193.962143][    C0]  ? __rmqueue_pcplist+0x6bb/0x1600
 T8196]  path_mo[  193.968690][    C0]  __rmqueue_pcplist+0x6bb/0x1600
unt+0x129/0x1f20[  193.975065][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10

May 18 03:34:4[  193.982042][    C0]  ? rcu_is_watching+0x12/0xc0
4 syzkaller kern[  193.988153][    C0]  ? trace_lock_acquire+0x14e/0x1f0
.warn kernel: [ [  193.994700][    C0]  ? do_raw_spin_trylock+0xb1/0x180
 193.361845][ T8[  194.001440][    C0]  ? __pfx___rmqueue_pcplist+0x10/0x10
196]  ? kmem_cac[  194.008255][    C0]  ? lock_acquire+0x2f/0xb0
he_free+0x152/0x[  194.014105][    C0]  ? get_page_from_freelist+0x350/0x2f80
4c0
May 18 03:3[  194.021085][    C0]  get_page_from_freelist+0x3d2/0x2f80
4:44 syzkaller k[  194.027892][    C0]  ? __pfx_mark_lock+0x10/0x10
ern.warn kernel:[  194.033999][    C0]  ? __pfx_get_page_from_freelist+0x10/0x10
 [  193.366776][[  194.041237][    C0]  ? should_fail_alloc_page+0xee/0x130
 T8196]  ? __pfx[  194.048044][    C0]  ? prepare_alloc_pages.constprop.0+0x16f/0x560
_path_mount+0x10[  194.055720][    C0]  __alloc_pages_noprof+0x223/0x25b0
/0x10
May 18 03[  194.062353][    C0]  ? __pfx___lock_acquire+0x10/0x10
:34:44 syzkaller[  194.069158][    C0]  ? hlock_class+0x4e/0x130
 kern.warn kerne[  194.075008][    C0]  ? __lock_acquire+0xcc5/0x3c40
l: [  193.371622[  194.081298][    C0]  ? __pfx___alloc_pages_noprof+0x10/0x10
][ T8196]  ? put[  194.088359][    C0]  ? find_held_lock+0x2d/0x110
name+0x13c/0x180[  194.094472][    C0]  ? is_bpf_text_address+0x8a/0x1a0

May 18 03:34:4[  194.101018][    C0]  ? lock_acquire+0x2f/0xb0
4 syzkaller kern[  194.106866][    C0]  ? is_bpf_text_address+0x30/0x1a0
.warn kernel: [ [  194.113412][    C0]  ? bpf_ksym_find+0x127/0x1c0
 193.375860][ T8[  194.119524][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
196]  __x64_sys_[  194.126765][    C0]  ? policy_nodemask+0xea/0x4e0
mount+0x294/0x32[  194.132965][    C0]  alloc_pages_mpol_noprof+0x2c9/0x610
0
May 18 03:34:[  194.139773][    C0]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
44 syzkaller ker[  194.147099][    C0]  stack_depot_save_flags+0x8e0/0x9e0
n.warn kernel: [[  194.153815][    C0]  ? __lock_acquire+0xcc5/0x3c40
  193.380615][ T[  194.160101][    C0]  kasan_save_stack+0x42/0x60
8196]  ? __pfx__[  194.166126][    C0]  ? kasan_save_stack+0x33/0x60
_x64_sys_mount+0[  194.172325][    C0]  ? __kasan_record_aux_stack+0xba/0xd0
x10/0x10
May 18[  194.179214][    C0]  ? task_work_add+0xc0/0x3b0
 03:34:44 syzkal[  194.185237][    C0]  ? run_posix_cpu_timers+0x69f/0x7d0
ler kern.warn ke[  194.192763][    C0]  ? update_process_times+0x1a1/0x2d0
rnel: [  193.385[  194.199741][    C0]  ? tick_nohz_handler+0x376/0x530
896][ T8196]  do[  194.206200][    C0]  ? __hrtimer_run_queues+0x5fb/0xae0
_syscall_64+0xcd[  194.212918][    C0]  ? hrtimer_interrupt+0x392/0x8e0
/0x250
May 18 0[  194.219380][    C0]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
3:34:44 syzkalle[  194.226879][    C0]  ? sysvec_apic_timer_interrupt+0x52/0xc0
r kern.warn kern[  194.234033][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
el: [  193.39039[  194.241546][    C0]  __kasan_record_aux_stack+0xba/0xd0
5][ T8196]  entr[  194.248252][    C0]  task_work_add+0xc0/0x3b0
y_SYSCALL_64_aft[  194.254104][    C0]  ? __pfx_task_work_add+0x10/0x10
er_hwframe+0x77/[  194.260653][    C0]  ? lock_acquire.part.0+0x11b/0x380
0x7f
May 18 03:[  194.267285][    C0]  ? find_held_lock+0x2d/0x110
34:44 syzkaller [  194.273400][    C0]  run_posix_cpu_timers+0x69f/0x7d0
kern.warn kernel[  194.279947][    C0]  ? __pfx_run_posix_cpu_timers+0x10/0x10
: [  193.396282][  194.287017][    C0]  ? sched_balance_trigger+0x225/0xea0
[ T8196] RIP: 00[  194.293823][    C0]  ? __pfx_sched_balance_trigger+0x10/0x10
33:0x7f42ca985d1[  194.300974][    C0]  ? sched_tick+0x286/0x4f0
9
May 18 03:34:[  194.306824][    C0]  update_process_times+0x1a1/0x2d0
44 syzkaller ker[  194.313369][    C0]  ? __pfx_update_process_times+0x10/0x10
n.warn kernel: [[  194.320434][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
  193.400687][ T[  194.327239][    C0]  ? update_wall_time+0x1c/0x40
8196] Code: ff f[  194.333440][    C0]  tick_nohz_handler+0x376/0x530
f c3 66 2e 0f 1f[  194.339725][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
 84 00 00 00 00 [  194.346528][    C0]  __hrtimer_run_queues+0x5fb/0xae0
00 0f 1f 40 00 4[  194.353081][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
8 89 f8 48 89 f7[  194.360142][    C0]  ? read_tsc+0x9/0x20
 48 89 d6 48 89 [  194.365564][    C0]  hrtimer_interrupt+0x392/0x8e0
ca 4d 89 c2 4d 8[  194.371851][    C0]  __sysvec_apic_timer_interrupt+0x10f/0x400
9 c8 4c 8b 4c 24[  194.379172][    C0]  sysvec_apic_timer_interrupt+0x52/0xc0
 08 0f 05 <48> 3[  194.386325][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
d 01 f0 ff ff 73[  194.393652][    C0] RIP: 0033:0x7f42ca85f4dd
 01 c3 48 c7 c1 [  194.399420][    C0] Code: 08 48 83 c3 08 48 39 d1 72 f3 48 83 e8 08 48 39 f2 73 17 66 2e 0f 1f 84 00 00 00 00 00 48 8b 70 f8 48 83 e8 08 48 39 f2 72 f3 <48> 39 c3 73 3e 48 89 33 48 83 c3 08 48 8b 70 f8 48 89 08 48 8b 0b
a8 ff ff ff f7 d[  194.420373][    C0] RSP: 002b:00007ffe5e4fd800 EFLAGS: 00000212
8 64 89 01 48
M[  194.427783][    C0] RAX: 00007f42c9835c40 RBX: 00007f42c982b6a8 RCX: ffffffff81d08a92
ay 18 03:34:44 s[  194.437106][    C0] RDX: ffffffff81d0891c RSI: ffffffff81d0433d RDI: 00007f42c983b2a8
yzkaller kern.wa[  194.446431][    C0] RBP: 00007f42c98219b0 R08: 00007f42c982e628 R09: 00007f42cab62000
rn kernel: [  19[  194.455756][    C0] R10: 00007f42c97fb008 R11: 000000000000001b R12: 00007f42c98219a8
3.420286][ T8196[  194.465078][    C0] R13: 000000000000001a R14: 0000000000000032 R15: 00007f42c97fb008
May 18 03:34:44 [  194.474406][    C0]  ? __filemap_get_folio+0x452/0xaf0
May 18 03:34:44 [  194.481034][    C0]  ? __filemap_get_folio+0x2dc/0xaf0
[  194.487663][    C0]  ? filemap_add_folio+0x6d/0x220
[  194.492669][    C0]  </TASK>
[  194.516519][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  194.526089][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
May 18 03:34:45 syzkaller kern.warn kernel: [  193.759337][    C0] 
May 18 03:34:45 syzkaller kern.warn kernel: [  193.762061][    C0] =============================
May 18 03:34:45 syzkaller kern.warn kernel: [  193.768266][    C0] [ BUG: Invalid wait context ]
May 18 03:34:45 syzkaller kern.warn kernel: [  193.774472][    C0] 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 Not tainted
May 18 03:34:45 syzkaller kern.warn kernel: [  193.782943][    C0] -----------------------------
May 18 03:34:45 syzkaller kern.warn kernel: [  193.789158][    C0] syz.1.700/8202 is trying to lock:
May 18 03:34:45 syzkaller kern.warn kernel: [  193.795714][    C0] ffff88813fffc298 (&zone->lock){-.-.}-{3:3}, at: __rmqueue_pcplist+0x6bb/0x1600
May 18 03:34:45 syzkaller kern.warn kernel: [  193.806186][    C0] other info that might help us debug this:
May 18 03:34:45 syzkaller kern.warn kernel: [  193.813448][    C0] context-{2:2}
May 18 03:34:45 syzkaller kern.warn kernel: [  193.818264][    C0] 1 lock held by syz.1.700/8202:
May 18 03:34:45 syzkaller kern.warn kernel: [  193.824561][    C0]  #0: ffff8880b8644c58 (&pcp->lock){+.+.}-{3:3}, at: get_page_from_freelist+0x350/0x2f80
May 18 03:34:45 syzkaller kern.warn kernel: [  193.835813][    C0] stack backtrace:
May 18 03:34:45 syzkaller kern.warn kernel: [  193.840893][    C0] CPU: 0 UID: 0 PID: 8202 Comm: syz.1.700 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0
May 18 03:34:45 syzkaller kern.warn kernel: [  193.852832][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
May 18 03:34:45 syzkaller kern.warn kernel: [  193.864256][    C0] Call Trace:
May 18 03:34:45 syzkaller kern.warn kernel: [  193.868912][    C0]  <TASK>
May 18 03:34:45 syzkaller kern.warn kernel: [  193.873196][    C0]  dump_stack_lvl+0x116/0x1f0
May 18 03:34:45 syzkaller kern.warn kernel: [  193.879224][    C0]  __lock_acquire+0x878/0x3c40
May 18 03:34:45 syzkaller kern.warn kernel: [  193.885337][    C0]  ? find_held_lock+0x2d/0x110
May 18 03:34:45 syzkaller kern.warn kernel: [  193.891444][    C0]  ? __pfx___lock_acquire+0x10/0x10
May 18 03:34:45 syzkaller kern.warn kernel: [  193.897990][    C0]  ? tcp_v4_rcv+0x33af/0x4380
May 18 03:34:45 syzkaller kern.warn kernel: [  193.904013][    C0]  lock_acquire.part.0+0x11b/0x380
May 18 03:34:45 syzkaller kern.warn kernel: [  193.910470][    C0]  ? __rmqueue_pcplist+0x6bb/0x1600
May 18 03:34:45 syzkaller kern.warn kernel: [  193.917013][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
May 18 03:34:45 syzkaller kern.warn kernel: [  193.923994][    C0]  ? rcu_is_watching+0x12/0xc0
May 18 03:34:45 syzkaller kern.warn kernel: [  193.930105][    C0]  ? trace_lock_acquire+0x14e/0x1f0
May 18 03:34:45 syzkaller kern.warn kernel: [  193.936652][    C0]  ? __rmqueue_pcplist+0x6bb/0x1600
May 18 03:34:45 syzkaller kern.warn kernel: [  193.943197][    C0]  ? lock_acquire+0x2f/0xb0
May 18 03:34:45 syzkaller kern.warn kernel: [  193.949049][    C0]  ? __rmqueue_pcplist+0x6bb/0x1600
May 18 03:34:45 syzkaller kern.warn kernel: [  193.955596][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
May 18 03:34:45 syzkaller kern.warn kernel: [  193.962143][    C0]  ? __rmqueue_pcplist+0x6bb/0x1600
May 18 03:34:45 syzkaller kern.warn kernel: [  193.968690][    C0]  __rmqueue_pcplist+0x6bb/0x1600
May 18 03:34:45 syzkaller kern.warn kernel: [  193.975065][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
May 18 03:34:45 syzkaller kern.warn kernel: [  193.982042][    C0]  ? rcu_is_watching+0x12/0xc0
May 18 03:34:45 syzkaller kern.warn kernel: [  193.988153][    C0]  ? trace_lock_acquire+0x14e/0x1f0
May 18 03:34:45 syzkaller kern.warn kernel: [  193.994700][    C0]  ? do_raw_spin_trylock+0xb1/0x180
May 18 03:34:45 syzkaller kern.warn kernel: [  194.001440][    C0]  ? __pfx___rmqueue_pcplist+0x10/0x10
May 18 03:34:45 syzkaller kern.warn kernel: [  194.008255][    C0]  ? lock_acquire+0x2f/0xb0
May 18 03:34:45 syzkaller kern.warn kernel: [  194.014105][    C0]  ? get_page_from_freelist+0x350/0x2f80
May 18 03:34:45 syzkaller kern.warn kernel: [  194.021085][    C0]  get_page_from_freelist+0x3d2/0x2f80
May 18 03:34:45 syzkaller kern.warn kernel: [  194.027892][    C0]  ? __pfx_mark_lock+0x10/0x10
May 18 03:34:45 syzkaller kern.warn kernel: [  194.033999][    C0]  ? __pfx_get_page_from_freelist+0x10/0x10
May 18 03:34:45 syzkaller kern.warn kernel: [  194.041237][    C0]  ? should_fail_alloc_page+0xee/0x130
May 18 03:34:45 syzkaller kern.warn kernel: [  194.048044][    C0]  ? prepare_alloc_pages.constprop.0+0x16f/0x560
May 18 03:34:45 syzkaller kern.warn kernel: [  194.055720][    C0]  __alloc_pages_noprof+0x223/0x25b0
May 18 03:34:45 syzkaller kern.warn kernel: [  194.062353][    C0]  ? __pfx___lock_acquire+0x10/0x10
May 18 03:34:45 syzkaller kern.warn kernel: [  194.069158][    C0]  ? hlock_class+0x4e/0x130
May 18 03:34:45 syzkaller kern.warn kernel: [  194.075008][    C0]  ? __lock_acquire+0xcc5/0x3c40
May 18 03:34:45 syzkaller kern.warn kernel: [  194.081298][    C0]  ? __pfx___alloc_pages_noprof+0x10/0x10
May 18 03:34:45 syzkaller kern.warn kernel: [  194.088359][    C0]  ? find_held_lock+0x2d/0x110
May 18 03:34:45 syzkaller kern.warn kernel: [  194.094472][    C0]  ? is_bpf_text_address+0x8a/0x1a0