last executing test programs:

1m20.501259331s ago: executing program 4 (id=287):
r0 = socket$netlink(0x10, 0x3, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r1 = socket(0x10, 0x803, 0x0)
r2 = fsopen(&(0x7f0000000000)='virtiofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
r4 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f0000000080)={0x5, 0x2})
ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, &(0x7f0000000200))
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r3, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x700, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)

1m20.002807902s ago: executing program 4 (id=291):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_dccp(0xa, 0x6, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1m18.490555078s ago: executing program 4 (id=299):
socket$inet6(0xa, 0xa, 0x2000400)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r1 = accept4$inet(r0, &(0x7f0000000140)={0x2, 0x0, @local}, &(0x7f00000001c0)=0x10, 0x400)
setsockopt$inet_int(r1, 0x0, 0xf, &(0x7f0000000100)=0x40000008, 0x4)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{0xffff1000, 0xeeef0000, 0x10, 0xa, 0xd, 0x0, 0x8, 0x6, 0xb, 0x6, 0x0, 0xf4}, {0x10000, 0x8090000, 0xa, 0x2, 0x80, 0xea, 0x3, 0x47, 0x8, 0xe, 0x0, 0x6}, {0x80a0000, 0x5000, 0xc, 0x9, 0x4, 0xa, 0x4, 0x0, 0xf, 0x5, 0x1, 0x7d}, {0xd004, 0x8000000, 0xe, 0xa, 0xc, 0xe, 0xb, 0x9, 0x0, 0x6f, 0x10, 0x6}, {0x4, 0x2000, 0x19, 0x6f, 0x8, 0x4, 0x4, 0x5, 0x3, 0xc9, 0x78, 0x8}, {0x18000, 0x100000, 0xa, 0x42, 0xa, 0x3, 0xa, 0xb, 0x6, 0x4, 0xff, 0x3}, {0xeeee0000, 0xffff1000, 0xc, 0x3, 0x5, 0x86, 0x85, 0x3, 0x7, 0x1, 0x7, 0x8}, {0x1, 0x5000, 0x10, 0xb1, 0x0, 0x80, 0x40, 0x8, 0x7, 0x6, 0x7, 0xde}, {0x0, 0x5}, {0x3000}, 0x10, 0x0, 0xeeee0000, 0x80, 0x0, 0x800, 0x2, [0x0, 0xfe6f, 0x7, 0x10000]})
syz_open_dev$vim2m(&(0x7f0000000680), 0x7ff, 0x2)
unshare(0x28000600)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x8080)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x20, 0x4, &(0x7f0000001ac0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000140)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4000000010003904000000000000000000000000f19e62c0945265423e0b62d5eaf66f98f1050292bb067674567e95b7065c91a76eb4b39a20988075f0d7dd0a46bd9eed3abcee5907010833adcf81a5f1d508d18af408cb772b9b8c14b3c80b0311f1f48f5eec637c833c1549fbe94f4fb86870c6ffde459201770abb3effc665c7a362920fb5511e393d5acabd172b129f5b762a0ce9e725bd835ece019412c1189737ff0fe97e549c5c97eda09e77306867c38c3e4b3cc89e265538854246fb299fbf0cb524079db29f00579fa47badcc6f5ee2b98323f1c918916b6f43f91c38d372ef64d6a88c6e91169d36111e6852825c49b2d760aedb87baf86f634718259cb422f9a5591f99176c71ca15654cb8a8ad5eebf652fbb5ae5340b4fe3eb9fe17f292392a183f5f911df5ac8aaa", @ANYRES32=r6, @ANYBLOB="01980000000000002000128008000100677265001400028008000700ac141400060003003f000000"], 0x40}}, 0x0)
sendto$packet(r3, &(0x7f0000000000)='1', 0x26, 0x0, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @local}, 0x14)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/config', 0x0, 0x1ce)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'bond0\x00'})
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f00000000c0))
bind$packet(r7, &(0x7f0000000000)={0x11, 0xf7, 0x0, 0x1, 0x58, 0x6, @random="df08d631b4a9"}, 0x14)
timerfd_create(0x3, 0x80800)

1m18.285350021s ago: executing program 4 (id=300):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0) (async)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
close(r1) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x9d) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
syz_usb_disconnect(r0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@gettaction={0x24, 0x32, 0x10, 0x70bd2a, 0x25cfdbfd, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_gd=@TCA_ACT_TAB={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$alg(0x26, 0x5, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x20000003, 0x700000000000, 0xf7, 0x1001, 0x6, 0x203, 0xfffffffffffffffd, 0x5}, &(0x7f0000000140)={0x9, 0x4000000000002, 0x3de5c36d, 0x100, 0xcf9, 0xd, 0x4, 0xb}, 0x0, 0x0, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040)=0x7) (async)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0) (async)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) (async)
io_uring_setup(0x2ef1, &(0x7f00000000c0)={0x0, 0x2030be, 0x4000}) (async)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0) (async)
r4 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000001ac0)={r3, 0x0, {0x0, 0x0, 0x0, 0x1, 0x8000000000000, 0x0, 0x0, 0x0, 0x5, "339f020bbe82b398000000000003740250ceaac594b1b3d743dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d0b00000000e4ffffef3700800000a02447a35df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000011e2000000001500", [0x0, 0x2000000000000]}}) (async)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f00000003c0)={0x8, {"a456ac27f3c7b53a811e4d5240c7102a1b6a779f3793a654cd887800e9b53ef232dec3939ac78fbc41fcc91febd39ad1bf6f892eadbc96e3a830c487f548c9c0e39c380ddea4ae8b12e1c51e335d186977819158fe3e47da9f4b32f6df3d31455b35ab3f4c0936c8863dbd2725fcddaa83728e1912ce13d0b9933edda6348f035d7bf1a9cb905a609f79745d732ec963559681789696584851f7b2ef2f8b858a7a4c6fb4556f985c4407ae2a3a3b19f513a0a10bfc751b6688f05406219657ca898e69a56694b795f59dc4b5e64dbea1970a5ab477ead2180b3780c33aa1d691232ac28580c76288e8ec504a35238e27793c2da55569cb8a778b2361128309350309c9b8ee691e2ffbb52c7a3a2ca62ffe231ea9c29672e52333b79dd6c2bddb806faba898f94ec552d7b572e681b50e687003a22d533940cbd4f5b72981d2ff11595951327954893a9f8aeb56254469768f004d13d7a42960d3302408e82055369f5396e8fb59af05f8979dda7feb6a7662b35e87a062698633f45f8f3c12bb8c9dbab808e1f6e021fbade5e201943918e1d9531f57b1189a7b4177c35c2f405a39846ceee79bd9ca444fb61c2d388053f0215ecdd7c21d691722c9bcdb43c63f55ddc3a5bfb264e2bd105f6d76602c0e7cb1cadc450ffdc3003e13f7dd7f4f2451388d0e4bf2bd3e7d5a83596093e967419ef6d3714bd19e7758bca6bba713d20f73097fe45119a0147b1a187b2273453a8d11f78f828919b73130b4d1abc56ce19c6b9f0557d5c8c1d932919f779165c22b824a3107712a9b84fab3f80a1330730d3b7590d2bdae6694aec36c4197cf7fac20597e67e5fa6553dc2efe7fe8bf22b6f415c8112647ad2570ec18123cbfae3e8a2a8e5026387df8805219711d4839f64d26175ca4655053e0332a0dd12b15cb67749fc49f11e582a22dacc177d551efb8f7cde3c4f95f9974d5dbc5a7c2ec9282ab35c13b25fc3a2ff34e7294b6fe306d67039f495b273f48c69a86c638cd6ff091b8906cf8209bb694fc79bda8ff257d5b36a6af76375db242c040d4e5a5c9ce23679443b5f16d890edfeb0d35d7f6f4666bcd8fd94ca292f8bfb1bab4741b707e9a4ada09f41a9db06f45ab02aedff4a5ae247827de6c187d737242cfc6951355711d630d488514d467319abb2747ab49acbaef5e7ae6b91d421f84505d1862a4411b4949d1c8a732cca145a199379b8978ad639a26e08d09d52d7d0cddcc788b88ad3459fe4afc33a9f493ab6b56d7847954a2feeef0de010727d98e4bdc23a05f5728795b077c62052a1f2b8466fee1c829fe3f9bd1d8c872153806d69e028f9cf643972984a15cf630fc4716837a7d04e5c633bc9915aedfb8e8f6695cb80eca6d267d5087cf84d8551263f28577d18899b167a5067eb72835929e825245d40d4e402ab7af200e72019b0e6911b8b6bf405e8805a78ab7475f3efd5635c3cb288937a7fb165e6e3b86f0109238c03031ff2c971a548813119c5328b379bb39b5abe87865f264f6fcc296930853a45f472f5ce068ccde75675198dc5a1e1b1d947e5867b6368c75c455f294c3679846f55abb5ec4ece022543fe77f2eaa2e2b0c02c71acc56945fb59a9a5fa8486b7de35d76f63331dc9caa3a5955d7eda1088bea7e3d82e8a3d70c1b584d9b8752b4721d068e0d09cae8a39df99ed8a4c07c48ae2364927800d7475bd55bbdcab4caa0c23ef0bc9a70ba6f32f0aa86a0ad09cd2b1d442b3cec2f20fc0122ecb783cf6a6fd276d030bbf991a981272f5afa179628ab97e948342a789f0be38e3a4a13b7d148a0c32c85fcd319c487a1ecbcee77fa655bc3349ad92adb163d2ec49dc76a72e45ee643dcf8f401bfbd7f82c979c09ef74d32d0e8848dce45534e30d5f2df642120d617342436d1a73b5dd7770bf38be44d4df2dabd60748670d24e8486ea2457a409482e4c267f0a67af33e63391cf64b079629d50670041965f2250dc4f8529a586e4d408d1f76a60f4bc9ddd9b466abf7b470544cd45f6819d82364dc37a48f8243c06e5f7906bb666fe2b93cfbc66d857b53b978ae83e93d5732e3929ac484a452082d505c567b32735553c78d51c3d3ab9cd19ae03de5b005d24265d70290b350a3ef357fa8b4dfe1058e22793e82d7e4c92c024b0d5058e2e3cc34095674768c210a640b1a6e28290c9e70afa68722465897b2cd061da0a1c6ac1d33e2d22f5d9e3799212d1809ae6d2683491ef35e6b5c8b44e0765b143f754521371069d53b08711ba1f6dc7a69405e240208ed9d0f726a625d2e0114d168d364b5213e9f4d8a9221d9f72dda69519ad0f21cb53ba67b66ad217909c9f70631833bd677e040176aeecbb29f5101a5c068838fd8e97ebdad1ca688b72b4991ce50cf826d28b59bd6d956621509fb89fcbcb1be2fe2fb1b1ca3bea242e1dfe4521ee8b1a2bc437d790d671686c3e049e3b3bf1c614a1da7f37709f2410fc93b33899efcb4f6e175578540858b548a166b010dbadacf4d8e24a0eaf4727d451c5cbff2d22f6374935365e1e4fadaa4faa857164faf9c069995801160c63ac365b6aaa48ea250c9520f9ad1c7ae77ab82538ecf182595ee10803769335be371db53dd70707bf66a1af595ecf2e940c3d0feb7abe09f0e588db00b1c503fb01f1a7bcb389c0510655f3fac0ea5a81fe09040430b1add61d8fb1d3fd33dca0a1435d841ff480b2979760ab6b91d5101f69ea23b62a0b9a4fed85037d310f7726e50d3c6aaa59d4a6cc0f11a272a3e94a2ba41070f04574c466161de21bd6f49e243f8aef23c0eb475dfdd84a4551d4620332d6f1523b948d62883f901807c78f8ee0eec064964df975e2502fdaff19cd9a704f7e04ae4697745b22be4b89f6387fef292a59d4d2e8fabed9db7a66ad2500e49587660679ab72e0bf1f9cb12421d988d431b9ae3f19423e9e1d69c933990273d440c68525dedaafcefc8c787b459fde83a816fdb8639dd560fd01e033cf8fffdcd0bf34860cf962d30a34d5bdc349004f80e10572b2f52e1cb157a8868ccbd8b1b61cfbe4b78fd01fca21c4659d68cbd8425ed3a2af010843e6cfb4768774ab91150e2a66685f4cafb2d043190873bbfd95bcc75f4ad7fe4023eaf9b50b2bc74e5cf88329cbcd7335e48283f1ffd762f06283d93a4c6e8833bd55f87d8ab8d14facbb767b53fec8d0f0dae2f144c51c659459d13f95031074fbba0e17e2ec956927bef32e38d346acb9bb4db4b2ea7f7c47a5d639a054e1f189e09b29afd84abb440d58038399c4fac3ffa884ac6b22d220a291cab18303b7308709ef28bf14c3c6f7cd4f1a997aae3d427ac5c64d3b0cc30c16f33c335303d75541c11dab4fef5f56c2f19146e8e3104528b585945aff0af2b56ccf412fc0f159e17f0d6ece72b37adbc5db4c4e3032bebb54bde73582f9a1420779d7887e3c45093f1dc3a0b7c9c5b73284b7047ed71b8eeb933cb182981dce900717b8ab7ee1655057175f35bb9eacade726d7af0627e6faa7b3e87bd71d4a897ebec7331f3e0482fa04dc93a11059f7c9fe41856799f59ac0e73df0442d6d0d12b3a93362c5ea015a2ee9d2909ff3202c1a078ea60a3135fdef29ff1380929afa48e5e91f5da597e056faf06d8d1a9b9fb672c40c5fd43a4dee623ade05f89f6180720f4015d30b88df4114255c361e2d39c294cf384f997e09aed5285c45c6c5fceaaa893d5b4760379dba107152ad689856114f604b7a400cd57a493328abeb4f1fc35d76f34eb66a2ae265106c61deaf014f5da27e02589643ff2b62baf40819ea6c9afbf1555730bb75497ec720e229a6850ab4c04edefb4749cdc67d1bcf59180280b84f5d7b93198242cda3db8969ebc3df539f29995766df17c1105fa216428906aead72c67f649f97d20202194fde9255e4a3a2eac5dc1ef174b309f8d14228551b107c0e6c7952ff6e93d56d5e625b04a5def275162c7e8f58fe3ef72b5b2b789fc03d61c43d86f897a95d676d7dc96ba34ea46e42465d7346c8670928ea2f1905dd5ef31e3e0ff555804b9e295162e9220618d1a444d66df69bcb223dadbe4ede5031861372d6931b8b7e9a0ca9a365d6f20d31dfb3e55fe7abf2014a89dff1ea8afb528bc71987a136ab45b04ae3c206fa9fb9d83d4a85f7db1de4e26732d76792a7c26d5a09f7f9b2d58e83c828ae14c1b8a2923c7f815f720454352c7dda4c76ddfa2eeba69f90b80e61b73d2847a96dd4f2d6932375f739721db92adc1dc0d3ac9768c91a5af287ebabf1467447c2036b59fb025e41dad97bd9a2ce1ad75e23c0668b7da6e4a8a737c1fd501943e307a3b9c0ef126fcdfe9bed260ae13d6af63609d44be71d3b05e664cfda61525f9a67f0494014a34321281c2ea19d08702549a84ad6e76ecd3e91654bad52c90f9f9d46300f823c636392ff475db328d3246147ba76d5756116c8e629cc54c880134d21af12855626b686c680f5c9000a6dd2632ccf20727a834ba9740e963fc625d7e9b5c6a61f8041982cb7bf8bf89611827efbed62a6bc160856a676366b260010b0714382653dc077d2782d5266095c21ef3f4c4df1d40cdb9dab477cde26c7b6e9cfa934d9c83ba35e807b9b9e3af8233e1cb9f933e15818221e08877f9bc32c42da68f57d15e79005955de17039175a9b15714bdd08fabca48027d8cf97ad02bcadd44b6c62c47691d900d1d193418337d24231e012a98805d8e9e935dc93908d70b463a92d9aa8fca659e10f00d160e755e8d8e7a5453a78fac0f781ab120f0f8569c85c21d63763a774036dd98cae0abf820ef0d039d0f162a3625807c699777339062d749f0ef3425545f389be74125f360b1c00841df34449616c4eafdc15aa8943673ae18d7394a3289c1c2419f628c5bcfc9fccdfc17d19a9aeffafe327c3d15a59428738460465c415bb5887232347d79ef1bb5a837c1c922858168e01a324ac359cc70e25268a396668211a42b1e930d510738054a9643da199dab1fc7c673ef00ffe3cfa8950dfee1242859a9ce35fee2fea7513cebe0bf632f2b9ecd894f3aa4f0c4ff2d1fd02254574a730a75373db2470252ece01487a3e673359caf6b8281a85c64130b506a908882bf8578b0e5530194599431ba0a3126b2b5ce9b32ab2c1211fdd46159755a56c789a8c2b4d7003599735b4c0b7e6757c456ef9d2f2dcef6c26f6fb44e0cc4f3dd06ec25b5641325a03ddcea3a7a48ef0afbe5274da4e3e29a04c95e152d191975727eb92f710a5cc47d921e66d373cba6a4905aa021f6032cb261e30427dd260f69d9e9847bb700b6e6212582d442809793636a99efd547781db79451c9d962a7abbd1c39726b8e8718234bdc9ff8c400bd0095808b116a8a03713345cd4b31c59ace9de0efa061754e371c0bb06ef22f3f6dd1f499caea7bcee402025155253e1f9392686c8b72baafa394ddc28edfc5e76dadb2c3b16c8cfa6a969a0837362a65013c32a998132a7e44ab735a26d34cb05604d08243cc01fdbf7248bdaba6d0741ce359032ad7dc69f041fe42f03a728256fd798af347aeb713585924a27f8b418b12ab204857771ffe0e579bc60dfcb4022250584dcda56aa36afb3a876eed704a72b5b809378a19a0d8c63fde3a1a6dd90b3ee19e7dd2fee4d245446c3eac42acc139bd25831242eca808949436cd76ad6a4c5bb5a7effb0b7574cb7029d1cd86d41c69f81716bc524dab16a4c723f2545142bd208455b05265c59e623a5363395c555a77df6691e51bde25c8396", 0x1000}}, 0x1006) (async)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4000)
keyctl$get_security(0x11, 0x0, &(0x7f0000000300)=""/252, 0xfc) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x100, 0x0) (async)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r6, 0x6, 0xa, 0x0, 0x0) (async)
syz_usb_connect(0x6, 0x47, 0x0, 0x0)
syz_open_dev$vim2m(0x0, 0xe7, 0x2) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)

1m18.062959579s ago: executing program 4 (id=301):
socket$inet_sctp(0x2, 0x1, 0x84)
syz_open_dev$evdev(&(0x7f0000000080), 0xc73a, 0x8000)
syz_open_dev$video(&(0x7f00000010c0), 0x8, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
syz_usb_connect(0x2, 0x3d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003"], 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket(0x2, 0x80805, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="900000001000030500"/18, @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r2], 0x90}}, 0x0)

1m14.928261803s ago: executing program 4 (id=325):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

59.609186983s ago: executing program 32 (id=325):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

10.458778721s ago: executing program 1 (id=543):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000600), 0x40000, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$vcsn(0x0, 0x3f0b, 0x117001)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340), &(0x7f0000000300))
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000040000000500b600080009000200000008000c00a60a0000060001000500004008000b"], 0x40}, 0x1, 0x0, 0x0, 0xc100}, 0x4040)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r2, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000700)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="00002dbd7000066edf250200000006001d0001000000b723fcc6b773071637a15e81c57d09df24c6873360e155e823e6c2d6357d965b088c0e40cd1e5b8f388ba36c457fca419b697af953cf23f9c01b3e56c8b0"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={0x0, 0x50}}, 0xc804)
syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
r6 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000100), 0x400000, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r6, 0xc018643a, &(0x7f0000000040)={0x40000000, 0x8, 0x2})
r7 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r7, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r7, 0x80047437, &(0x7f0000001f00))
read(r7, &(0x7f00000000c0)=""/97, 0x61)
syz_usb_connect$hid(0x0, 0x3f, &(0x7f00000001c0)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2d50, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xf8, 0x80, 0x7f, [{{0x9, 0x4, 0x0, 0xa0, 0x40, 0x3, 0x1, 0x0, 0x81, {0x9, 0x21, 0x2e1f, 0xf7, 0x1, {0x22, 0x3de}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x4, 0xce}}, [{{0x9, 0x5, 0x2, 0x3, 0x1f7, 0x0, 0x6, 0x4f}}]}}}]}}]}}, &(0x7f0000000640)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x201, 0x5, 0xfe, 0x9, 0x8, 0x5}, 0x25, &(0x7f0000000480)={0x5, 0xf, 0x25, 0x1, [@ssp_cap={0x20, 0x10, 0xa, 0x5, 0x5, 0x0, 0xf00, 0x9, [0x3f00, 0xff0030, 0xffc0c0, 0xff1f7f, 0x3f30]}]}, 0x2, [{0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x480a}}, {0x1e, &(0x7f0000000840)=ANY=[@ANYBLOB="1e03ec5de6367325a79a49ff039b1883378bba3566a120b366c25908dbc8735a179e1e6026fd9e023ef0d5af8ae9c6a06901722b5ad33f30849ec6fed269c6931a459501fba47695ad6bc2ec9204f6bcba227cc5af5b0d984030ec93b4d7b4718435b1dffe00"/111]}]})
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r8}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x4}, {0xac}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_usb_connect(0x5, 0x4a, &(0x7f0000000500)={{0x12, 0x1, 0x310, 0x96, 0xa3, 0x18, 0x20, 0x499, 0x1006, 0xd695, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x38, 0x1, 0x6, 0x6, 0xb0, 0x3, [{{0x9, 0x4, 0x42, 0x4, 0x1, 0x5c, 0xe8, 0x87, 0x0, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x4d7}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x1, 0x5, 0x8}, {0x6, 0x24, 0x1a, 0x8, 0x20}}], [{{0x9, 0x5, 0x7dd36f8e8a171989, 0x4, 0x20, 0x10, 0x3, 0x3}}]}}]}}]}}, &(0x7f0000000b80)={0x0, 0x0, 0x5, &(0x7f0000000280)={0x5, 0xf, 0x5}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={r9, 0xe0, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001400)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="6664f46fe8299c955c57d5b23e85d23d", @ANYRESHEX, @ANYBLOB=',rootmode=0000000000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',default_permissions'], 0x0, 0x0, 0x0)

7.351070787s ago: executing program 1 (id=548):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="0203000910000000000000000000000005000600000000000a00000000000000000000000000000000000000000000000000000000000000020001000000000000000702000000ff05000500000000000a00000000000000ff01000000000000000000000000000100000000000000000200080008"], 0x80}}, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x1, 0x20000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000680), 0x0, 0x0, 0x0, 0x800000}, 0x50)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r2, 0x6, 0x1e, &(0x7f00000001c0)=0x1, 0x4)
syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002}, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB="28000000cc64598e1ef0aae9bd964f8a6c0eb1040412a90844bbd04f1ae09e48be85bd3065cd8094d7a2463f7be6d190271c8f0e2c59a5bff6b00e2b358264d74c80631cb9189c48f3770daebef1bf3011479327c50f74935ec1eacbfc9191a01623c6b294a234dfcce70f3867a8bfc99de9845056b7cec76be991dd7a81504abb9bf6e2e98aa35687f7a89d3bfbb7d0cd1da23b4f1cdc5b9406a12e193dea9ce3cdc4e89a6524ba832b219941dd3da7b0dfb0fe242896b4ddd19435546f55a3c812df1f97275552d65385cc5df451d971a931dea53a1aa989643439e17430462c5c53ff4010b6a38df6cfbc36f7fbd1710c3dcbe8fa747234f348b34da1b2e6b3e5707217265c75e11aa8d71dc7d877200b25fd0ef1df4ed7ca14", @ANYRES16=r5, @ANYBLOB="010004000000fcdbdf252100000008000300", @ANYRES32=r6, @ANYBLOB="0c002c80080000009d030000"], 0x28}}, 0x0)
ftruncate(r1, 0x3)

7.160398527s ago: executing program 1 (id=549):
r0 = syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1e7d, 0x2ced, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
fsmount(0xffffffffffffffff, 0x0, 0x7b)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x20, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
shutdown(r1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000380)=@gcm_128={{0x304}, "82f84cbe349c4abc", "0e5d23e3519731b5395c0eb4843f822e", "c02be723", "df1215a7d932f72d"}, 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xc0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
open_tree(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x81901)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x8724, 0x2)
syz_usb_control_io$hid(r0, &(0x7f0000000380)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0xc, "400252b1"}]}}, &(0x7f0000000340)={0x0, 0x21, 0x9, {0x9, 0x21, 0xfbff, 0x6, 0x1, {0x22, 0xa3}}}}, 0x0)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$FBIOPUTCMAP(r4, 0x4605, &(0x7f0000000980)={0x0, 0x1, &(0x7f0000000000)=[0x0], &(0x7f0000000040), 0x0, 0x0})
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$FUSE_NOTIFY_POLL(r5, &(0x7f0000000900)={0x18, 0x6, 0x0, {0x80}}, 0x18)
openat$cgroup_ro(r2, &(0x7f0000000100)='pids.events\x00', 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/timers\x00', 0x0, 0x0)

6.607865269s ago: executing program 0 (id=552):
syz_emit_ethernet(0x1232, &(0x7f0000000140)=ANY=[], 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$VT_OPENQRY(r2, 0x5600, &(0x7f00000000c0))
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b63d25a80648c2594f90124fc60100c064001000009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x4000}, 0x3500000000000000)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7ffefffc}]})
ioctl$IOMMU_HWPT_GET_DIRTY_BITMAP(r2, 0x3b8c, 0x0)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f0000000200)=0x1, 0x4)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="120100000000001081179808000000000001090224"], 0x0)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r4, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)="82522d9d7a69be94a1f2064e6145e3c9999560d76700121c5c4c5079e9bb5ab7e2afa04bf737e3c628885a4a9c647c44c02cf7a957394753c1e360fe9a737b9643ef833ca963a8ece2bf3234712087dea67a695ad5063e1d98d2e77ddcc5463f67a5", 0x62}], 0x1}}], 0x1, 0x4404c090)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x114, &(0x7f0000000140)=0x4, 0x0, 0x4)
sendto$inet6(r4, &(0x7f0000000300), 0x16, 0x0, 0x0, 0xfffffffffffffdfd)

6.045075494s ago: executing program 2 (id=555):
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

5.902944399s ago: executing program 2 (id=556):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84) (async)
futex(&(0x7f0000000340), 0x5, 0x0, 0x0, &(0x7f0000001600)=0x1, 0x43000002)
r2 = syz_open_dev$video(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_G_CROP(r2, 0xc014563b, &(0x7f0000000180)={0xe, {0x0, 0x80000000}}) (async)
r3 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e21, 0xffffffff, @empty}, 0x1c) (async)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1b}}, 0x20}, 0x1c)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) (async)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f00000001c0)={0x0, 0x6, 0x9, 0xb2e0, 0x7fff, 0x3ff}, 0x14) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
sendmsg$unix(r4, &(0x7f0000000600)={0x0, 0x64, 0x0, 0x0, &(0x7f0000000000)=[@rights={{0x14}}], 0x18, 0x48c4}, 0x20040091) (async)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000000)=0x2, 0x4) (async)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8982, &(0x7f0000000080)={0x6, 'bond0\x00', {0xb3e}, 0xa8}) (async)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGSID(r5, 0x5429, 0x0) (async)
dup(r4)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x81a0000}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c0000000202010100000036000000000a00000813340800044000207e8320b4d95f21a9d45620f17a8480017944f6e696d12a791b24abab4919742225a68705398bdd9473a18f00e3d9d9bd5f783b5ff4b783ab291149901c"], 0x1c}, 0x1, 0x0, 0x0, 0x6044000}, 0x85) (async)
r6 = syz_open_dev$vcsa(&(0x7f0000000200), 0xbb, 0x422000)
sendto$inet6(r6, &(0x7f0000000240)="8cddc07cfb75f65b46ec8ff9e3d2b46ae7ebc1e5fc472045bc35a71e20af552dfd31f13d9060597ddeff3c8bdf13dd80cff08b7ad7eb34c804b02793527147bea970a691572b8e3bdb381465c07210f3185aa839541d73f623440d08f6fbc9c5d390ebf0f8078924916b07f6774fc604eabfb2448c9d0c4167bc74c683d0ed53544d4a7926b364db8bbf127a845ec467fa31600ca2e4bfdfc7c1b3ece99919b81609cb180283cbc80b177c0b6e2155b8ab8d2544e8b7602c29924ac5409dfb8de79ff05748c8d10286d68541c5", 0xcd, 0x40010, &(0x7f0000000340)={0xa, 0x4e20, 0x9, @mcast2, 0xa}, 0x1c)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000000206010200000000000000020000b3eb000505000400010000000900020073797a310000"], 0x28}, 0x1, 0x0, 0x0, 0x4004054}, 0x85)

5.376933185s ago: executing program 3 (id=560):
r0 = socket(0xa, 0x3, 0x3a)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@newae={0x4c, 0x1e, 0x400, 0x70bd27, 0x25dfdbfd, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4d3, 0x609f407ebdb64237, 0xd4}, @in=@empty}, [@mark={0xc, 0x15, {0x350759, 0x6b}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24004850}, 0x20004844)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
recvmsg$qrtr(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000100}, 0x38, 0x1041)
write$tun(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="020086dd0300000000001400000060ec970012302c00fe8000000000000000000000000000aaff0200000000000000000000000000013a"], 0xfdef)

5.111196583s ago: executing program 3 (id=561):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x8000, 0x7, 0x0, 0xff, 0x7, 0x8, 0xffff61c9}, 0x1c)

5.098899764s ago: executing program 3 (id=562):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r0, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001)
sendmsg$inet6(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000022c0)="f14889c2ad234ad6f0a71da72859c7c1e176134eff431253493482c723f8633d838bf127adff9f48a8854702b889321dfefd5644a03e0e41fb1cd1e442ac39d59aa0370071b34de016c447989af4c7d374e269dcbc1ce5f7083363d5bb2641018094b1721358f7a6c82f35dd9ed03c7be3fc46e5ef7b1fde49376ecde0494076cbe41c8292de99cc323303fda797e0704d3143999a0f53c8c056f2d7c2614c1bd977cc3e42e07548870d6bf096bf0369ee6a3f85cb27ec069f135e88005eb6147c3c08e1c787c9b5f9579653b876d44f3eb55573068fd1355b6fb755d1a72cb8eddfb7928f40f81e88e41bd2b3477299f540275d5107cd0dcb493a6f84ddbb9b43a60169c9ce7abb46e2d65a662a4e48cfafe180fbad39ee09548985149d100a6df90948f173ee8d7884fe5a916395d9631d7c55a09db75724229f3f492aca7c60e7c0984e5e05d555248874628cf294c6e1ad720e6f60662754e716d8e7f27b1321776768a8e4fd3abbeb3a23252a5e08b1f6b6e407cc69b8ed030f713f698db531f40f6082fce8f82eb6b90d7dcb33bd3cbcbc797d5597c444173c4455da38ffd93a45d756d158003c61c9d6e7e45a127a457172ccbbe9f2eadd4beb591f59ee37e3f23e858241463bb1d55b7ca1e19b84d1b077c7d6c3f942899a63dca8d63034da73146cc0e29ad541aff15049154a2c6ebe5b25b62833f09424bdabc08ffff5fff9cd35db4b3a9136ff557d88f68b8dc840e5edd3a9bf554986d3f706a1b962036d8f08e3d4cb9697c012f7be5bc00e77c89e796ee7d43a8c6ac172f262bc69517cc0978570280c2992c597ffa2ba8efc8b243b03b7f16942bf1e071de3dd4fa45a965946500d44fb10709fa8d4f1267077aa7afc2d32bc830e328762ade9f9d9a3b6835074eeffefbb98a45d688a0b76944e6fc4f805c912f966465266d4f43d2e70c65d6c5b0bddb1310c294e1b69b6f761bc4eda8b64121def17e864efc4ed59ca6973831827c77c1b27d50256341dd36e5e64cb78b509911e9cf36cc5b807648f119309f6fd403031434cf60873ce7582673581388cad04103e6b228d176ab09ed16d3d359fe02be3c014aefa3e7bca21ba3b7a5f981a375d0b920533936f8fc8afa3cc0156a902fca84745560fd50afd613d3f4482ec69683eb0ab3b78a106089797f6cbf00d40b2330be8a3e3c7a2838da551ba637cad6f81324348bcf7c65a9ef74999c8c4a8e96c50ec92becf9f08cf474fa597c910ad80a916cdfa6e61ea980875b130171472c760c6cb664f79406ddb74968e3f38e66320bd504ba4c4f25345191c8d3e758559db194781674c9dd02d84c04322b59924873c7092d01e9f45b98895769f35421a76f016e57ad16196d22b701b3639bc85b58b344a447e566b465cf92f6e160eeacfb0a8827480e1e4a9584e0e3984860c7b4cd042b8a5cb54c035be9a5683ebf4997e9dd289dc7d59bb5f2712eacb84031a02e6de31ba4fa3fb82b6106e76b4feed2d890544e7579f729c0f8af00cdea57f77793182e976be43d7158632deb9b154fbd8aa37fd2cbebfcae76014cbeb72c30bdda2dd95d75ed9dfe3f162d22af877bed110fddcb42e48b69fe34f97a0f00d094e962c5fa7eba412e63d57db086bdc6a2445c20dda5880dcaf3d9ad886652a1d2f1ce20f11c6de0481bf2005d0e605db4b4cd7c900f60a36825f4d5c7da23cb868ecdbfda5e3213bc9bc53935542f87863e0097a989c73eb451885d1bda4c860eaef883155b10bc12a60d7cfde19ed4097abdf92ed1a634c250c28d55d6150a4a5e6b0e4473f5004642bc06a91af5b96b586391a61192e4b9ad0b8469bd35988428a2c5346f0ddd387ef8e06f25a06703704b1a018b36f7437c0a18c12a76bb3e59169d3f8eba969994fbb224f2b9c87eb48a60551ab3f7c64c28a431c25d3e112435bd6ce99fbf469c88bf88bff21bd4a596cfe4f13d93878fd28c0debcfdaa5140a0c58c57fb490d49e54b40e735641924a029c0e52be895d2a6bf1ab91718e3c54bcba4714f4ccdbd7e4c0c924dcd00f6bf669cb6189867fe6c908602294e9743133267f740a4ff470737c9cd8fcf77388ce4cded33c6d292cd0113fe58c573d142f313a011241c5c2df7991e6a93c63969c99e3126a2506a99be32fed73d8b3c70d2e6323480da6382ad2e387a98250d324eb574c4114887e1598e18eccc2986a5d9601ba2c4c23906fb6012c4706dbd5c8dea181b4eefbe294a8ba8e53bbb7b82070b5f1069a3a6d6b076e25814365a114bb8a243f777d3d4422ecb786cc9a4ed715911e1fe17ba467538b5a470b49b20d8308af92307549310fca602079b7c13bca24b968f48e673ddbfcbea87af9628f765fef40bd4fd55c4f1bf5fae959c0d17e704bc406ec8b060716fb4f0c21ac27889643c36ace28869becf9e2b6fde8b97c47696fb89cad09788fdc1fa5e941fc760b0addf874edfa727d6d7dd65a39834cf71001a032a6ed56def697d0a36df1c4b947dc162b635b45cc43b9ab0a9497a8f7c35a861706f69a438da228a620570c8f169b7df27c0ff506bf0e384010bd732d6b08dce9c1a369b87904fac32013d76d307e7dd470bc4a02872af5ff5eeb23ff5da46aec78d076478e87ce69a0e6f226fab3575cb7c3411c786fefae63f598b09a6a823373e65f18a612ef303be4f8b885d7bcfcf00e249913de7fbe0ef66c90e5e8112965a866b0217390b4d1c2b6f11bfcd50ea7386852a7fcf18196a21e20e678d5b901fa5ef8d474af63ba15fc227812002f80bcd864450c7331df191118458a6fe38da1469df8ce884dcdddbaa9eaf0ef8b28bae5385a8123bff5aab1e5cfabb286d9a1f8f5c3bf00106cc5919fa5a95edaae9898e84074c425601848e9be04a7ee0034146aa913c906f0fe630a7159da6ce01f56cce8671659d956d67099568fee75e89ccdf3b671b11e5d8c5669c82209b9d2d35f44d0321ef2615de87f823440a3fa5e30bbb39e9c8bf8de366972ab14885c0063bb673b8566df4a256ef8699f879aa6c8c5fac0b2c34f4ce4f1bef2f0591cd7edd568ab498dd1f6a2d4c1fb5d6cb60f40d02aba5576eda7fe45c4d3f3be0e62e503dd2b58d55278b807a6274269aea69dd3fb52a2a6522c32605df612fd24e7068fa11eee4adfb71a42598db496d43822ab5046354f5211c0ba760fb9249d7ba6ce7286497987f27402ef8f56c904a793d0c58a963f7bfaa1267ceb87e318cdfee0bd08c0f1db35dd53ac85e9e0a5bf84375ca6705ce8ae8cbd18d2c064ac210e4d5011b1c06d45cc6a39f68766689f32dc9e5068564f51d15e81cb7dd8e8660a3bda10bb345b54ac580a0ac8f710a1d9e715839000c72a95c485ada79be9c691fa56be232434e0a190ef99b21b129f8e05e41d6bdc736e50b0ecead59f7ca165d6fe4ad160467ca7edde98b493b2d540e2d03bdb6d653f272142a67c09a6b8867bd61a09409aecf5a2b0b14cc42455f16cd246dc3fd779637b5f02ef05aacb1efdc399b6983f02b6ace2917a095c3d9d296ed14ad333883ce1ff568db2cb6d5c011b0e552bbbf2f7a8cbaf65519b4dad2a6f37580c30891e60e7ee269f21575f90d25721385dacd12a0c25fd82321192638020c2e6fe0dadef63dc0696b909f490aa8e75897e00e4171d0c5071bb3a19dcd59def8f8b1720bd59b52f324ba0f9b4005e56031835217d0118952fd1ee29b94bfa7d70c5eb0a45b6d4a9618008f24ebb4af3a859a0d89a7c73bddbb0546fb5c36dbf11873f61fb7b4c89c171df87f51c4de6b2a2e3f7a740cb50ce3c4a951c58af593efcacd6700fd8529777122a1124ef2e3cbb5dbea955934a6657d7644a1a72a5f21ed146784dd539a8d4881158a857bdbb79fce86bd4fe8a79ac738119ce766d05d52404759fe2ea96d14a12f5d4b85f2cc9e66d0eed5cb333c21c4d76bb708542c3aa38cc7ccf5d63c480518a55b81caa84e880c4982a57d535bf3b4ae374fd7354800d3f102f231279489133727e6b92ae0840077d2872dadeebb554e6dfddd7ab3ecb6a16c630fdfd61f89c531f176781ff2a003cb08e23d9ef71cf4e968dc20dc95bae6898fbbdedc0cee6c21cec58a6a34eb6db90b54f1114304ee53b97dc56e65df17d3ce859fcbea1bfc7753e2c5753a99bf1f2b", 0xb89}], 0x1}, 0x20000044)
r1 = syz_usb_connect(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000280)={0x24, &(0x7f0000000080)={0x0, 0xb, 0xd8, {0xd8, 0x7, "a86f7b540678ec7af2648f341c677efeb44e841a49e1ef5f1e6b275cb0284e88ff3e1e00e49dca1e0a9fc1af7404273f275c6a6641240e7f9fc25ea33bf3b581f94dc48e61a61a7a6471b07a01ca0d9e9a35d8ee063daf5dd8f1c6e9a33588ab1e1b10add8485c2f1779c6f2640e6c877bf858b675c121c214aa67b61676dd519fba1cb9119f9ee9d681d843debaf4e721a42d1c0d827c38b0f6b1bc791bb2ea8cf60d3a63c800bcb4461a98a6b46f1c6500924f1169438742c99378a9a6d0ac21c9b18d8a1da1a41b30c9a821a487d803c55a7a5fe7"}}, &(0x7f00000001c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x8bc}}, &(0x7f0000000200)={0x0, 0x22, 0x17, {[@global=@item_4={0x3, 0x1, 0x8, "abc9866d"}, @global=@item_012={0x0, 0x1, 0x6}, @main=@item_012={0x1, 0x0, 0xb, '\\'}, @main=@item_4={0x3, 0x0, 0x9, "555263b3"}, @local=@item_4={0x3, 0x2, 0x0, "ff87347e"}, @local=@item_4={0x3, 0x2, 0x7, "f7e919e5"}]}}, &(0x7f0000000240)={0x0, 0x21, 0x9, {0x9, 0x21, 0x7, 0x0, 0x1, {0x22, 0x1ff}}}}, &(0x7f0000000500)={0x2c, &(0x7f00000002c0)={0x20, 0x16, 0x9d, "339b9f8e81a2bf72c2e2feb225e87f15f66d631438a372da675f5bab71ec116e4bb7d980e674187ca406468bdc9fac368847541838fffaac3cbaf5e55c4a40948bc0af272a97ae56802c926f066ef8d4a06a58b717605e1ff2e9ab48010c0ad665f55402f9182c9fec098bc2271e469b931d3ce2e9e4e8dd2e185857b47a07f393a225242743f4a8b5bdb0f504759f48816ade747633696c515a9bfd04"}, &(0x7f0000000380)={0x0, 0xa, 0x1}, &(0x7f00000003c0)={0x0, 0x8, 0x1}, &(0x7f0000000400)={0x20, 0x1, 0xb8, "a21dae3cc9af35ab48143b401c38aaacff5d2b1170858bb3991adcc1c801bdb91b26c9a6d441f1967fb0aa9579cfc8c99ac56b42e9bf9d7fe913836456ba8520f3b0cae1e216dd558466ad0c15865a5c5bb538db1ef62088731785156d81ff6ff661910d334cdc0a1be3871babedb4468ee74250fd14aabce82f8185613a85cb8208221460f74bf6f880ca12e39bafa5083b50a4d476afa3bf7f7a23092bdc7c5488973df516840e73b68c3dc9d1e49e42e9073905733ba0"}, &(0x7f00000004c0)={0x20, 0x3, 0x1, 0x91}})
socket$inet6_udplite(0xa, 0x2, 0x88) (async)
sendmsg$inet6(r0, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001) (async)
sendmsg$inet6(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000022c0)="f14889c2ad234ad6f0a71da72859c7c1e176134eff431253493482c723f8633d838bf127adff9f48a8854702b889321dfefd5644a03e0e41fb1cd1e442ac39d59aa0370071b34de016c447989af4c7d374e269dcbc1ce5f7083363d5bb2641018094b1721358f7a6c82f35dd9ed03c7be3fc46e5ef7b1fde49376ecde0494076cbe41c8292de99cc323303fda797e0704d3143999a0f53c8c056f2d7c2614c1bd977cc3e42e07548870d6bf096bf0369ee6a3f85cb27ec069f135e88005eb6147c3c08e1c787c9b5f9579653b876d44f3eb55573068fd1355b6fb755d1a72cb8eddfb7928f40f81e88e41bd2b3477299f540275d5107cd0dcb493a6f84ddbb9b43a60169c9ce7abb46e2d65a662a4e48cfafe180fbad39ee09548985149d100a6df90948f173ee8d7884fe5a916395d9631d7c55a09db75724229f3f492aca7c60e7c0984e5e05d555248874628cf294c6e1ad720e6f60662754e716d8e7f27b1321776768a8e4fd3abbeb3a23252a5e08b1f6b6e407cc69b8ed030f713f698db531f40f6082fce8f82eb6b90d7dcb33bd3cbcbc797d5597c444173c4455da38ffd93a45d756d158003c61c9d6e7e45a127a457172ccbbe9f2eadd4beb591f59ee37e3f23e858241463bb1d55b7ca1e19b84d1b077c7d6c3f942899a63dca8d63034da73146cc0e29ad541aff15049154a2c6ebe5b25b62833f09424bdabc08ffff5fff9cd35db4b3a9136ff557d88f68b8dc840e5edd3a9bf554986d3f706a1b962036d8f08e3d4cb9697c012f7be5bc00e77c89e796ee7d43a8c6ac172f262bc69517cc0978570280c2992c597ffa2ba8efc8b243b03b7f16942bf1e071de3dd4fa45a965946500d44fb10709fa8d4f1267077aa7afc2d32bc830e328762ade9f9d9a3b6835074eeffefbb98a45d688a0b76944e6fc4f805c912f966465266d4f43d2e70c65d6c5b0bddb1310c294e1b69b6f761bc4eda8b64121def17e864efc4ed59ca6973831827c77c1b27d50256341dd36e5e64cb78b509911e9cf36cc5b807648f119309f6fd403031434cf60873ce7582673581388cad04103e6b228d176ab09ed16d3d359fe02be3c014aefa3e7bca21ba3b7a5f981a375d0b920533936f8fc8afa3cc0156a902fca84745560fd50afd613d3f4482ec69683eb0ab3b78a106089797f6cbf00d40b2330be8a3e3c7a2838da551ba637cad6f81324348bcf7c65a9ef74999c8c4a8e96c50ec92becf9f08cf474fa597c910ad80a916cdfa6e61ea980875b130171472c760c6cb664f79406ddb74968e3f38e66320bd504ba4c4f25345191c8d3e758559db194781674c9dd02d84c04322b59924873c7092d01e9f45b98895769f35421a76f016e57ad16196d22b701b3639bc85b58b344a447e566b465cf92f6e160eeacfb0a8827480e1e4a9584e0e3984860c7b4cd042b8a5cb54c035be9a5683ebf4997e9dd289dc7d59bb5f2712eacb84031a02e6de31ba4fa3fb82b6106e76b4feed2d890544e7579f729c0f8af00cdea57f77793182e976be43d7158632deb9b154fbd8aa37fd2cbebfcae76014cbeb72c30bdda2dd95d75ed9dfe3f162d22af877bed110fddcb42e48b69fe34f97a0f00d094e962c5fa7eba412e63d57db086bdc6a2445c20dda5880dcaf3d9ad886652a1d2f1ce20f11c6de0481bf2005d0e605db4b4cd7c900f60a36825f4d5c7da23cb868ecdbfda5e3213bc9bc53935542f87863e0097a989c73eb451885d1bda4c860eaef883155b10bc12a60d7cfde19ed4097abdf92ed1a634c250c28d55d6150a4a5e6b0e4473f5004642bc06a91af5b96b586391a61192e4b9ad0b8469bd35988428a2c5346f0ddd387ef8e06f25a06703704b1a018b36f7437c0a18c12a76bb3e59169d3f8eba969994fbb224f2b9c87eb48a60551ab3f7c64c28a431c25d3e112435bd6ce99fbf469c88bf88bff21bd4a596cfe4f13d93878fd28c0debcfdaa5140a0c58c57fb490d49e54b40e735641924a029c0e52be895d2a6bf1ab91718e3c54bcba4714f4ccdbd7e4c0c924dcd00f6bf669cb6189867fe6c908602294e9743133267f740a4ff470737c9cd8fcf77388ce4cded33c6d292cd0113fe58c573d142f313a011241c5c2df7991e6a93c63969c99e3126a2506a99be32fed73d8b3c70d2e6323480da6382ad2e387a98250d324eb574c4114887e1598e18eccc2986a5d9601ba2c4c23906fb6012c4706dbd5c8dea181b4eefbe294a8ba8e53bbb7b82070b5f1069a3a6d6b076e25814365a114bb8a243f777d3d4422ecb786cc9a4ed715911e1fe17ba467538b5a470b49b20d8308af92307549310fca602079b7c13bca24b968f48e673ddbfcbea87af9628f765fef40bd4fd55c4f1bf5fae959c0d17e704bc406ec8b060716fb4f0c21ac27889643c36ace28869becf9e2b6fde8b97c47696fb89cad09788fdc1fa5e941fc760b0addf874edfa727d6d7dd65a39834cf71001a032a6ed56def697d0a36df1c4b947dc162b635b45cc43b9ab0a9497a8f7c35a861706f69a438da228a620570c8f169b7df27c0ff506bf0e384010bd732d6b08dce9c1a369b87904fac32013d76d307e7dd470bc4a02872af5ff5eeb23ff5da46aec78d076478e87ce69a0e6f226fab3575cb7c3411c786fefae63f598b09a6a823373e65f18a612ef303be4f8b885d7bcfcf00e249913de7fbe0ef66c90e5e8112965a866b0217390b4d1c2b6f11bfcd50ea7386852a7fcf18196a21e20e678d5b901fa5ef8d474af63ba15fc227812002f80bcd864450c7331df191118458a6fe38da1469df8ce884dcdddbaa9eaf0ef8b28bae5385a8123bff5aab1e5cfabb286d9a1f8f5c3bf00106cc5919fa5a95edaae9898e84074c425601848e9be04a7ee0034146aa913c906f0fe630a7159da6ce01f56cce8671659d956d67099568fee75e89ccdf3b671b11e5d8c5669c82209b9d2d35f44d0321ef2615de87f823440a3fa5e30bbb39e9c8bf8de366972ab14885c0063bb673b8566df4a256ef8699f879aa6c8c5fac0b2c34f4ce4f1bef2f0591cd7edd568ab498dd1f6a2d4c1fb5d6cb60f40d02aba5576eda7fe45c4d3f3be0e62e503dd2b58d55278b807a6274269aea69dd3fb52a2a6522c32605df612fd24e7068fa11eee4adfb71a42598db496d43822ab5046354f5211c0ba760fb9249d7ba6ce7286497987f27402ef8f56c904a793d0c58a963f7bfaa1267ceb87e318cdfee0bd08c0f1db35dd53ac85e9e0a5bf84375ca6705ce8ae8cbd18d2c064ac210e4d5011b1c06d45cc6a39f68766689f32dc9e5068564f51d15e81cb7dd8e8660a3bda10bb345b54ac580a0ac8f710a1d9e715839000c72a95c485ada79be9c691fa56be232434e0a190ef99b21b129f8e05e41d6bdc736e50b0ecead59f7ca165d6fe4ad160467ca7edde98b493b2d540e2d03bdb6d653f272142a67c09a6b8867bd61a09409aecf5a2b0b14cc42455f16cd246dc3fd779637b5f02ef05aacb1efdc399b6983f02b6ace2917a095c3d9d296ed14ad333883ce1ff568db2cb6d5c011b0e552bbbf2f7a8cbaf65519b4dad2a6f37580c30891e60e7ee269f21575f90d25721385dacd12a0c25fd82321192638020c2e6fe0dadef63dc0696b909f490aa8e75897e00e4171d0c5071bb3a19dcd59def8f8b1720bd59b52f324ba0f9b4005e56031835217d0118952fd1ee29b94bfa7d70c5eb0a45b6d4a9618008f24ebb4af3a859a0d89a7c73bddbb0546fb5c36dbf11873f61fb7b4c89c171df87f51c4de6b2a2e3f7a740cb50ce3c4a951c58af593efcacd6700fd8529777122a1124ef2e3cbb5dbea955934a6657d7644a1a72a5f21ed146784dd539a8d4881158a857bdbb79fce86bd4fe8a79ac738119ce766d05d52404759fe2ea96d14a12f5d4b85f2cc9e66d0eed5cb333c21c4d76bb708542c3aa38cc7ccf5d63c480518a55b81caa84e880c4982a57d535bf3b4ae374fd7354800d3f102f231279489133727e6b92ae0840077d2872dadeebb554e6dfddd7ab3ecb6a16c630fdfd61f89c531f176781ff2a003cb08e23d9ef71cf4e968dc20dc95bae6898fbbdedc0cee6c21cec58a6a34eb6db90b54f1114304ee53b97dc56e65df17d3ce859fcbea1bfc7753e2c5753a99bf1f2b", 0xb89}], 0x1}, 0x20000044) (async)
syz_usb_connect(0x0, 0x0, 0x0, 0x0) (async)
syz_usb_control_io(r1, 0x0, 0x0) (async)
syz_usb_control_io$hid(r1, &(0x7f0000000280)={0x24, &(0x7f0000000080)={0x0, 0xb, 0xd8, {0xd8, 0x7, "a86f7b540678ec7af2648f341c677efeb44e841a49e1ef5f1e6b275cb0284e88ff3e1e00e49dca1e0a9fc1af7404273f275c6a6641240e7f9fc25ea33bf3b581f94dc48e61a61a7a6471b07a01ca0d9e9a35d8ee063daf5dd8f1c6e9a33588ab1e1b10add8485c2f1779c6f2640e6c877bf858b675c121c214aa67b61676dd519fba1cb9119f9ee9d681d843debaf4e721a42d1c0d827c38b0f6b1bc791bb2ea8cf60d3a63c800bcb4461a98a6b46f1c6500924f1169438742c99378a9a6d0ac21c9b18d8a1da1a41b30c9a821a487d803c55a7a5fe7"}}, &(0x7f00000001c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x8bc}}, &(0x7f0000000200)={0x0, 0x22, 0x17, {[@global=@item_4={0x3, 0x1, 0x8, "abc9866d"}, @global=@item_012={0x0, 0x1, 0x6}, @main=@item_012={0x1, 0x0, 0xb, '\\'}, @main=@item_4={0x3, 0x0, 0x9, "555263b3"}, @local=@item_4={0x3, 0x2, 0x0, "ff87347e"}, @local=@item_4={0x3, 0x2, 0x7, "f7e919e5"}]}}, &(0x7f0000000240)={0x0, 0x21, 0x9, {0x9, 0x21, 0x7, 0x0, 0x1, {0x22, 0x1ff}}}}, &(0x7f0000000500)={0x2c, &(0x7f00000002c0)={0x20, 0x16, 0x9d, "339b9f8e81a2bf72c2e2feb225e87f15f66d631438a372da675f5bab71ec116e4bb7d980e674187ca406468bdc9fac368847541838fffaac3cbaf5e55c4a40948bc0af272a97ae56802c926f066ef8d4a06a58b717605e1ff2e9ab48010c0ad665f55402f9182c9fec098bc2271e469b931d3ce2e9e4e8dd2e185857b47a07f393a225242743f4a8b5bdb0f504759f48816ade747633696c515a9bfd04"}, &(0x7f0000000380)={0x0, 0xa, 0x1}, &(0x7f00000003c0)={0x0, 0x8, 0x1}, &(0x7f0000000400)={0x20, 0x1, 0xb8, "a21dae3cc9af35ab48143b401c38aaacff5d2b1170858bb3991adcc1c801bdb91b26c9a6d441f1967fb0aa9579cfc8c99ac56b42e9bf9d7fe913836456ba8520f3b0cae1e216dd558466ad0c15865a5c5bb538db1ef62088731785156d81ff6ff661910d334cdc0a1be3871babedb4468ee74250fd14aabce82f8185613a85cb8208221460f74bf6f880ca12e39bafa5083b50a4d476afa3bf7f7a23092bdc7c5488973df516840e73b68c3dc9d1e49e42e9073905733ba0"}, &(0x7f00000004c0)={0x20, 0x3, 0x1, 0x91}}) (async)

4.968099791s ago: executing program 2 (id=563):
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, &(0x7f00000000c0)=""/55, 0x37)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000) (fail_nth: 9)

4.606988171s ago: executing program 2 (id=564):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000000)={<r3=>0x0, 0x8, "8aad0c012bec9797"}, &(0x7f0000000080)=0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0xf, 0xfffffffffffffffe}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_usb_connect(0x2, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r7=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000080)={0x1d, r7, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r8, &(0x7f0000000040)=""/74, 0x4a)
mknodat(r8, &(0x7f0000000000)='./file0\x00', 0x10, 0x7e)
sendmsg$can_j1939(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
setsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f00000000c0)={r3, 0x5, 0x10000, 0x8}, 0x10)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000540))

4.606534588s ago: executing program 0 (id=565):
pipe(&(0x7f0000000680)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
r3 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r3, 0x8983, &(0x7f0000000000)={0x6, 'veth0_vlan\x00', {0x2}, 0x1})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000140)={0x0, 'veth0_vlan\x00', {0x1}, 0xfff7})
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)
ioctl$SIOCGETVIFCNT(r0, 0x89e0, &(0x7f0000000000))
r4 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='bridge_slave_0\x00', 0x10)
connect$inet(r4, &(0x7f0000000540)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10)
sendmmsg$inet(r4, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000080)={{0x1, 0x1, 0x18, r4, {<r5=>r0}}, './file0\x00'})
setsockopt$inet6_tcp_int(r5, 0x6, 0x19, &(0x7f00000000c0)=0xffc00000, 0x4)

4.327504459s ago: executing program 3 (id=566):
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
ioctl$TIOCGPTPEER(r0, 0x5441, 0x8)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
add_key(&(0x7f0000000000)='dns_resolver\x00', 0x0, &(0x7f0000000440)='\x00\x00', 0x2, 0xfffffffffffffffe)
r2 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
r3 = syz_open_dev$vcsn(&(0x7f0000000100), 0x80, 0x0)
read$FUSE(r3, &(0x7f00000023c0)={0x2020}, 0x2020)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000200)=@userptr={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "020037e0"}, 0x0, 0x2, {0x0}})
ioctl$vim2m_VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000280)=@mmap={0x0, 0x1, 0x4, 0x100004, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "37bb54f0"}})
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002380)={0x14, 0x52, 0x109, 0x0, 0x25dfdbfb, {0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4000010)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0xc0200, 0x0)
gettid()
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mkdir(&(0x7f0000000140)='./control\x00', 0x8)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r5, 0xc01064d1, &(0x7f0000000040)={0x2, 0x0, &(0x7f0000000080)=[0x0, 0x0]})
bind$alg(r4, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58)
r6 = accept4(r4, 0x0, 0x0, 0x0)
r7 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f0000000080)={0x2, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r7, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x2, 0x4, 0xe7ffffff, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4, "68b9c381"}, 0x0, 0x1, {0x0}, 0x0, 0x0, r7})
sendmmsg(r6, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000180)="6dd1d20ea33b64dbe6df735b9074eb86e9a529a699a96487493109f2801696a5425c51cb5072d9f04d9c543f26e945afa51b569b4f914ff985667c169e73e024227211247d6dcb6e73e4ab396d78cefa4ba4dcf264719c73331cc7", 0x5b}, {&(0x7f0000000580)="6a5ea97c78c386661de72437082f87a07f7fcc2ddd7a2569ac1f3034b70e8a299af06d95e0341962058eab2a905746b96886d55f213572a488974a25bf0398422bdc0fd17cacc304a3fe683290aa448b9412286576c4bde37bb45bbd6f803931c8b76dccd5cfea9abe3fd66a410605599cef469a5f7aecbb74869512275395e558c1ed2fa9ce4232a18954b4797e8b74dbbec1bd617c1a087dce317e9f7254e40a74887c3cde039b5c4eb250c58502fc917948a27f7dc053078da3189b2ac882b4a7ad736e1fc3aac42256945bfe9b90f01c9edfceb215e0b998dd3d030b1aba6d419efe085f009dd0", 0xe9}, {&(0x7f0000000380)="921c9e65615110daa76091b3a1565773b980939c14df3f4cab15dbaee58017ecc78959698882f1f850a3a5ad1579717477b2801b6b63eea2b01f3832e455b684d099d12bef4dcf1ba51c3ddc2a6d38df71a30c1368f368707de1a8489451b42d0202a7c03c5a4f487a880f36354e4331f1205cb8d1f4b3a8aa663edc586a9d303d90f7c3a73ddeda7e63942716527926bc542a4adbc5416c539bc0c0bf2c5c04c1f1192a1488424659099c7b8ed8f792f34477801cd05cfd96cb52e1294414d9794835bf827428bd5851be7a2e3dc4ec39921c588098eb53cb5cd0116b955c20", 0xe0}, {&(0x7f0000000200)="d04da7328b056c5d892e6936447a2df76831", 0x12}, {&(0x7f0000000480)="0d6a2cf672e1062fd84f908e58ac9337bc441bef40de382c7d130e55c0cf23e3e94a9bf68f8835cbcf49f47e23fe8568f345bf40362eb121de489ff00ecadf43c4a0167f9d6216c6b39d", 0x4a}, {&(0x7f0000000540)="553ec8b992b4", 0x6}], 0x6}}, {{&(0x7f0000000680)=@nl=@unspec, 0x80, &(0x7f0000000ac0)=[{&(0x7f00000007c0)="650d2973007e5670ff739ed70434af35384583ac8c3351db244f68771e9738620ab60d4743b422e2278856c6350da36f546e961e3770db51cc342f61d3e5148be4ff6a0bd8b55d152a124a02bc7adf6b9d888ff3e30dae0d2eacbfe56ae177cab4eb5c26a847d91ccd81836566bb3da8c0a257a3f3d9ada27d42c36c9f43d016830c4c6bb311033a6f19fcd29b235bc77a5f635bb32a3c9589", 0x99}, {&(0x7f0000000880)="5e3ac171f7e961329a15441062aa10afbc6080cfb9d317d3eb943a4ae5e7457488f426400eafafbab33e82fb86b897e56c4c2eac36f6461143a49828dc17482b78c3d50fd55c78881d", 0x49}, {&(0x7f0000000140)="33a825e27717435925cdb4a72784e718d98e9daab09626e255a026ddae1fa50ebbb36f53e0d22f1932fe9af204d60a545d38563693", 0x35}, {&(0x7f0000000900)="5e69abff47d7c662d0c84af9d119c880e0fff14e523eeb3b839474bb418ecb3618259b7eb9a100ef2e5cbf4853da7414fabc2399bfff6744640eb63f6505ab5727c778afeb1a5df6d950d7c3bfecd704b11e1d8c464e59b5a936e267bbc98bec6eecf136a0532ea387e3e69172edd90ff64622907a0f2ab49e87a1f012f75e56e54b0c8b81eb019e5ae22aac7a667f10033caa7bc34149523a8ecbd5da3a7626a7caf50a807fd9fe45281206a55e6d62b7900e9bdd46be4be0f0", 0xba}, {&(0x7f00000009c0)="7574753e7db30ccd9dd1c4414852fb8609668a22df3ebef2d60fc834af3c20da39e5e2d351883e7526cf29f4bcfe45b188726014123a1adf06ec1ebdbe8b40b39685a2d7d79e8496e4416e017a1136e2e9fcf7d2c768bb004003b1ebec3dac6bec", 0x61}, {&(0x7f0000000a40)="e5e39f1bb1dc137aaebd369d3c05dd589b776d3d50203f83cd667b7bfb73da2124302417157066b702e6ba74153be49daa7404e23cf5824642c7f55bf74fe1bbbe6661406930813e00fd17745f38e05b050a28a77ba4fbd8b6", 0x59}, {&(0x7f0000000300)}], 0x7}}], 0x2, 0x40004)

4.026660792s ago: executing program 1 (id=567):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
r2 = accept$alg(r1, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000600), 0xfec8)
close_range(r0, 0xffffffffffffffff, 0x0)

3.825224473s ago: executing program 1 (id=568):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000140)={0x2, 0x0, @ioapic={0x4, 0xbb90, 0x1, 0xeffffdff, 0x0, [{0x9, 0xff}, {0x1, 0x0, 0x2}, {0x8}, {0x0, 0x40, 0x7f}, {0x2}, {0x81, 0x65, 0xff}, {0x2, 0x0, 0x30, '\x00', 0x1}, {0x0, 0x61, 0xfc, '\x00', 0x45}, {0x57, 0x10, 0xfa, '\x00', 0x8}, {0x2, 0x4}, {0x0, 0x4}, {0x0, 0x8, 0x5, '\x00', 0xfc}, {0x0, 0x0, 0x80}, {0x3, 0x2, 0x0, '\x00', 0xc4}, {0x0, 0xa, 0x0, '\x00', 0x3}, {0xff, 0x82, 0x80, '\x00', 0x2}, {0x0, 0x2, 0x7f}, {0x0, 0x0, 0x0, '\x00', 0x40}, {0x0, 0x0, 0x19, '\x00', 0x5}, {0x0, 0x3, 0x0, '\x00', 0x26}, {0x58, 0x2, 0x0, '\x00', 0x5}, {0x0, 0x0, 0x41}, {0x0, 0x0, 0x8, '\x00', 0x3}, {0x8, 0x0, 0x7, '\x00', 0x1}]}})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x280041, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x44, 0x6, 0x3a8, 0x2b0, 0x2b0, 0x2b0, 0x138, 0x98, 0x380, 0x380, 0x380, 0x380, 0x380, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x408)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000980)=[@text32={0x20, 0x0}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000080)=@x86={0x73, 0x7, 0x9, 0x0, 0x800, 0x0, 0x9, 0x80, 0x1, 0xc8, 0xcd, 0x5, 0x0, 0x4, 0x9, 0x1, 0x7f, 0x48, 0x6, '\x00', 0x6, 0x804c})
socket$alg(0x26, 0x5, 0x0)
io_uring_setup(0x693d, &(0x7f0000000180)={0x0, 0xfa7e, 0x40, 0xfffffffe, 0x227})
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080))
timerfd_create(0x0, 0x800)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f00000008c0)=ANY=[@ANYBLOB="12010000c758f8403a090f0163c6f400000109021200010000000009043900007a93e7009b4b8e27aa937bac3d490546ff1669b58bf529f91243f2d2bcfe441af1de1ad11aa74c4fa4fceeebed98293573122505f71ed467dae14482662978f5abe935a8c3230e"], 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440)={'syz', 0x3}, &(0x7f0000000340), 0xf2, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f00000000c0)={r6, r6, r6}, &(0x7f0000000080)=""/44, 0x2c, &(0x7f0000000000)={&(0x7f0000000280)={'sha224-generic\x00'}})
socket$kcm(0x10, 0x2, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)

3.239729035s ago: executing program 3 (id=569):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$vcsn(&(0x7f0000000300), 0x3f0b, 0x117001)
openat$full(0xffffff9c, &(0x7f00000003c0), 0x123300, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
add_key$user(0x0, 0x0, &(0x7f0000000180)='5', 0x1, 0xfffffffffffffffd)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r5, 0x84, 0x17, &(0x7f0000000e80)=ANY=[@ANYRES32=0x0, @ANYBLOB="05"], 0x9)
sendto$inet6(r5, &(0x7f00000000c0)="eb", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f0000000340)={0x0, 0x5}, 0x8)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x109600, 0x0)
r7 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r7, &(0x7f0000000400)=ANY=[@ANYBLOB="7f454c460403010b00000022000000000200000000000000010300003800000004000000070000000000e51267faa54c64348af4022e3bc4cc65d1a6a0df9c62cfc7ffc0c73d6b9927e6d484ddb1a2f471281d635ff3250dcb091b45c9063096ca63a3c5106406963c8cc40354d8152c5909253a8db8cf5df189691e92547ceb2297c6b114cbea53505d74790df6a4a7c4711da5c30cb4cf92c3700bcdd22b1288bedf730c9b91a9d55b9884823b8fd60d0ebe167369bc284a4724d1893c365d5fe526da65c311"], 0x38)
close(r7)
close_range(r6, r7, 0x10000000000000)
syz_usb_connect(0x3, 0xfffffffffffffcb7, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf4, 0x5c, 0x15, 0x40, 0x5ab, 0x1001, 0x7249, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x56, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1a, 0x0, 0x2, 0xf7, 0xaa, 0xd3, 0x0, [@cdc_ecm={{0x9, 0x24, 0x6, 0x0, 0x0, "3c9ecf51"}, {0x5, 0x24, 0x0, 0xc}, {0xd, 0x24, 0xf, 0x1, 0x8001, 0x3, 0x10, 0x2}, [@mbim={0xc, 0x24, 0x1b, 0x4d2c, 0x4ad, 0x8, 0x5, 0x3ff, 0x8}, @network_terminal={0x7, 0x24, 0xa, 0x3, 0x9, 0x80, 0x1}, @acm={0x4, 0x24, 0x2, 0xe}]}], [{{0x9, 0x5, 0x2, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x20}}]}}]}}]}}, 0x0)

3.170968899s ago: executing program 0 (id=570):
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000040)={"846bb400", 0x0, 0x5, 0x2, 0x0, 0x0, "f1b304c3e94627219cca00", "000016e2", "03119900", "e85bad2f", ["e5ffffffecffffffe1797e90", "c2fed62d4c87e3065a863243", "000000ff0000000000000020"]})
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x84c0, 0x0, 0xffffffff, 0x121}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socket(0x3, 0x4, 0x1)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0xfcb, &(0x7f0000000240)={0x0, 0x409c, 0x400, 0x0, 0xea}, 0x0, &(0x7f00000002c0)=<r4=>0x0)
r5 = syz_io_uring_setup(0x6d3b, &(0x7f0000000340)={0x0, 0xa7f6, 0x10100, 0x3, 0x3cd}, &(0x7f0000000280)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, 0x0)
syz_io_uring_submit(r3, r4, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FADVISE={0x18, 0x5a, 0x0, @fd_index=0x6, 0x3e, 0x0, 0x7e, 0x5, 0x1, {0x0, r8}})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0xf0f041})

2.693905698s ago: executing program 0 (id=571):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0x0, @loopback}, {0x2, 0x4e21, @empty}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000})
r1 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r1, 0xc0406441, &(0x7f0000000280)={0x34, 0xfffffffe, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f0000000840)={0x0, {0x2, 0x4e24, @empty}, {0x2, 0x44, @local}, {0x2, 0x4e2f, @broadcast}, 0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000040)={&(0x7f0000000000)=[0x0], 0x1, 0x0, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f00000000c0)={0x0, 0xa6d, 0x4, 0xfffffff9, 0x2, [0x0, 0x0, <r3=>0x0], [0x3, 0x0, 0x1, 0x6], [0x1, 0x3, 0x8, 0x2], [0x7, 0x6, 0x2, 0x200]})
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000180)={0x0, <r4=>0x0})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f00000001c0)={<r5=>0x0, 0x0, r1})
ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f0000000200)={r2, 0x80000000, 0xffffff95, 0x2, 0x9dc94e54cde6476, [r3, r4, 0x0, r5], [0x5, 0xc, 0x0, 0x3], [0x4, 0x6, 0x9, 0x3], [0x3, 0x401, 0x82e, 0x9]})

2.431582707s ago: executing program 0 (id=572):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x2, 0xe, @dev={0xfe, 0x80, '\x00', 0xfd}, 0x9}, 0x1c)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000240)=0x3)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000080)=0x7f)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f00000000c0))
read$dsp(r4, &(0x7f0000000300)=""/79, 0x4f)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newtfilter={0x54, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x1, 0x8, 0x1000}, {0xf, 0x0, 0x4}}}]}]}]}}]}, 0x54}}, 0x0)
r6 = socket$igmp6(0xa, 0x3, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r7, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x8101}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000500)=""/254, 0xfe}], 0x1}, 0x9}], 0x2, 0x140, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9584, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

1.455062396s ago: executing program 2 (id=573):
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000040)={"846bb400", 0x0, 0x5, 0x2, 0x0, 0x0, "f1b304c3e94627219cca00", "000016e2", "03119900", "e85bad2f", ["e5ffffffecffffffe1797e90", "c2fed62d4c87e3065a863243", "000000ff0000000000000020"]})
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x84c0, 0x0, 0xffffffff, 0x121}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socket(0x3, 0x4, 0x1)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0xfcb, &(0x7f0000000240)={0x0, 0x409c, 0x400, 0x0, 0xea}, 0x0, &(0x7f00000002c0)=<r4=>0x0)
r5 = syz_io_uring_setup(0x6d3b, &(0x7f0000000340)={0x0, 0xa7f6, 0x10100, 0x3, 0x3cd}, &(0x7f0000000280)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x42, 0x0, 0x0, 0x0, 0x23456})
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, 0x0)
r9 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r9, 0x29, 0xc8, 0x0, 0xc000000)
r10 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
ioctl$USBDEVFS_CONNECTINFO(r10, 0x40085511, &(0x7f00000022c0))
syz_io_uring_submit(r3, r4, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FADVISE={0x18, 0x5a, 0x0, @fd_index=0x6, 0x3e, 0x0, 0x7e, 0x5, 0x1, {0x0, r8}})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000040)={0xf0f041})
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r11, 0x4004af61, &(0x7f00000000c0)=0x1)

1.327063363s ago: executing program 0 (id=574):
r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x3)
write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './control/file0'}, 0x13)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r2)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r1)
syz_usb_ep_write(r2, 0x8, 0xc1, &(0x7f00000001c0)="f623825012bee8ab833e6230e8c78b9a3fc4621c0d0cb8f043061bb40ae4626698082e4a31f0e4d076125138502332b0435fedf3067b96a5678cf80a68d9a07151792a96a2b619e864ee25d2029c513fa84b47ac285c86601aa0ab390659887d2fdfa0bb459f719204aaa3582da289f34889d0d809e18aef60adc22ca99a30b466c6b72f14136adc5d7e3d403229bb42315e974e94aa0b0aa1ed84ca33b6e4fcc339740510e034c1d30fdc7f3ef57404478660665e0738fe74fb7ffb3dfc71c9f0")
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000080)={'lo\x00', 0x1})
r4 = syz_io_uring_setup(0x3f26, &(0x7f0000000780)={0x0, 0x0, 0x10100, 0x1}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000001340)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x1567, 0x0, 0x0, 0x0, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, 0x0, 0x0)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

672.174522ms ago: executing program 1 (id=575):
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x2, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000100)=0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800a00010069706f69620000000400028008000500", @ANYRESDEC], 0x3c}}, 0x0)
pwritev(r4, &(0x7f0000000600)=[{&(0x7f0000000140)="02000000", 0x4}, {&(0x7f0000000240)="f697079a16b14784b2c9f06c2e4f678e1ceb4d4d28004377a50f952adbcc106a2a743cdd", 0x24}], 0x2, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_GET_WOWLAN(r6, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01030000000000004000050000000800010000e5030000000000", @ANYRES32=r8, @ANYBLOB="0c009900a700000027000000"], 0x30}, 0x1, 0x0, 0x0, 0x4000884}, 0x6040)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r6)
r9 = io_uring_setup(0x3eae, &(0x7f0000000300)={0x0, 0xc95e})
io_uring_register$IORING_REGISTER_BUFFERS(r9, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
r10 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x28040085)
bind$alg(r10, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)

483.654822ms ago: executing program 2 (id=576):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x1e, 0x5, 0x0)
r4 = epoll_create(0x2)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000180)={0x10000000})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$kcm(0x10, 0x3, 0x10)
recvmmsg(r5, &(0x7f0000004400)=[{{0x0, 0x0, 0x0}, 0x96a}], 0x1, 0x10022, 0x0)
sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="140000002a000beb2800000000000000000f5ddf", 0x14}], 0x1}, 0x40040)
syz_open_procfs(0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
setsockopt$inet6_tcp_TCP_ULP(r8, 0x6, 0x1f, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x4e, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000000)="0f080fae04a200400f01c426660f3a15e6160fc76bdbf08666350f2170260fed9c000066b9230b00000f32", 0x2b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
r10 = dup(0xffffffffffffffff)
execveat(r10, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

0s ago: executing program 3 (id=577):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
r2 = accept$alg(r1, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000600), 0xfec8)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

  125.778984][ T6716] kvm: MWAIT instruction emulated as NOP!
[  125.885079][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  125.885092][   T30] audit: type=1326 audit(1743281506.826:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb7798d169 code=0x7ffc0000
[  125.915614][  T840] usb 1-1: USB disconnect, device number 19
[  125.936965][ T5885] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  125.948391][ T5885] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  125.978742][ T5885] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  125.988092][   T30] audit: type=1326 audit(1743281506.826:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb7798d169 code=0x7ffc0000
[  126.036850][ T5885] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.101117][ T5885] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  126.162761][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  126.170914][   T30] audit: type=1326 audit(1743281506.826:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fcb7798d169 code=0x7ffc0000
[  126.203169][ T5885] usb 4-1: Product: syz
[  126.207520][ T5885] usb 4-1: Manufacturer: syz
[  126.243926][   T30] audit: type=1326 audit(1743281506.826:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb7798d169 code=0x7ffc0000
[  126.273403][ T5885] cdc_wdm 4-1:1.0: skipping garbage
[  126.280188][ T5885] cdc_wdm 4-1:1.0: skipping garbage
[  126.298877][ T5885] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22
[  126.389190][   T30] audit: type=1326 audit(1743281506.826:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6709 comm="syz.1.211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb7798d169 code=0x7ffc0000
[  126.540021][ T5943] usb 4-1: USB disconnect, device number 16
[  126.993950][ T5943] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[  127.063915][ T3084] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  127.254024][ T3084] usb 4-1: Using ep0 maxpacket: 32
[  127.260572][ T3084] usb 4-1: config 0 has an invalid interface number: 221 but max is 0
[  127.282747][ T3084] usb 4-1: config 0 has no interface number 0
[  127.292121][ T6744] netlink: 132 bytes leftover after parsing attributes in process `syz.2.219'.
[  127.304071][ T3084] usb 4-1: too many endpoints for config 0 interface 221 altsetting 0: 237, using maximum allowed: 30
[  127.335863][ T3084] usb 4-1: config 0 interface 221 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 237
[  127.355713][ T5943] usb 5-1: config index 0 descriptor too short (expected 64028, got 77)
[  127.375598][ T3084] usb 4-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  127.388759][ T3084] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.404394][ T3084] usb 4-1: Product: syz
[  127.411954][ T5943] usb 5-1: config 0 has too many interfaces: 241, using maximum allowed: 32
[  127.450366][ T5943] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  127.450926][ T3084] usb 4-1: Manufacturer: syz
[  127.507049][ T5943] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 241
[  127.538338][ T5943] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  127.553292][ T5943] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.580103][ T3084] usb 4-1: SerialNumber: syz
[  127.594367][ T3084] usb 4-1: config 0 descriptor??
[  127.666265][ T5943] usb 5-1: Product: syz
[  127.706962][ T5943] usb 5-1: Manufacturer: syz
[  127.729144][ T5943] usb 5-1: SerialNumber: syz
[  127.828294][ T5943] usb 5-1: config 0 descriptor??
[  127.978102][ T3084] usb 4-1: USB disconnect, device number 17
[  129.752336][ T6768] FAULT_INJECTION: forcing a failure.
[  129.752336][ T6768] name failslab, interval 1, probability 0, space 0, times 0
[  129.826895][ T6769] misc userio: The device must be registered before sending interrupts
[  129.843132][ T6768] CPU: 0 UID: 0 PID: 6768 Comm: syz.3.223 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  129.843158][ T6768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  129.843170][ T6768] Call Trace:
[  129.843176][ T6768]  <TASK>
[  129.843202][ T6768]  dump_stack_lvl+0x241/0x360
[  129.843236][ T6768]  ? __pfx_dump_stack_lvl+0x10/0x10
[  129.843263][ T6768]  ? __pfx__printk+0x10/0x10
[  129.843298][ T6768]  ? __lock_acquire+0xad5/0xd80
[  129.843342][ T6768]  should_fail_ex+0x424/0x570
[  129.843374][ T6768]  should_failslab+0xac/0x100
[  129.843405][ T6768]  kmem_cache_alloc_noprof+0x78/0x390
[  129.843452][ T6768]  ? skb_clone+0x20c/0x390
[  129.843482][ T6768]  skb_clone+0x20c/0x390
[  129.843516][ T6768]  __netlink_deliver_tap+0x3c4/0x7f0
[  129.843545][ T6768]  ? netlink_deliver_tap+0x2e/0x1b0
[  129.843564][ T6768]  netlink_deliver_tap+0x19d/0x1b0
[  129.843584][ T6768]  netlink_unicast+0x7c6/0x9a0
[  129.843620][ T6768]  ? __pfx_netlink_unicast+0x10/0x10
[  129.843656][ T6768]  ? skb_put+0x114/0x1f0
[  129.843683][ T6768]  netlink_sendmsg+0x8c3/0xcd0
[  129.843712][ T6768]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.843812][ T6768]  ? aa_sock_msg_perm+0x91/0x160
[  129.843846][ T6768]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.843868][ T6768]  __sock_sendmsg+0x221/0x270
[  129.843894][ T6768]  ____sys_sendmsg+0x523/0x860
[  129.843929][ T6768]  ? __pfx_____sys_sendmsg+0x10/0x10
[  129.843955][ T6768]  ? __fget_files+0x2a/0x420
[  129.843977][ T6768]  ? __fget_files+0x2a/0x420
[  129.844003][ T6768]  __sys_sendmsg+0x271/0x360
[  129.844033][ T6768]  ? __pfx___sys_sendmsg+0x10/0x10
[  129.844097][ T6768]  ? do_syscall_64+0xb6/0x230
[  129.844128][ T6768]  do_syscall_64+0xf3/0x230
[  129.844156][ T6768]  ? clear_bhb_loop+0x45/0xa0
[  129.844180][ T6768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.844201][ T6768] RIP: 0033:0x7fb8dc18d169
[  129.844219][ T6768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.844236][ T6768] RSP: 002b:00007fb8dcf87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  129.844259][ T6768] RAX: ffffffffffffffda RBX: 00007fb8dc3a5fa0 RCX: 00007fb8dc18d169
[  129.844274][ T6768] RDX: 0000000000040040 RSI: 0000200000000280 RDI: 0000000000000005
[  129.844288][ T6768] RBP: 00007fb8dcf87090 R08: 0000000000000000 R09: 0000000000000000
[  129.844301][ T6768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.844314][ T6768] R13: 0000000000000000 R14: 00007fb8dc3a5fa0 R15: 00007fb8dc4cfa28
[  129.844340][ T6768]  </TASK>
[  130.252701][  T840] usb 5-1: USB disconnect, device number 26
[  130.392076][ T6777] netlink: 4 bytes leftover after parsing attributes in process `syz.3.226'.
[  130.501028][ T6783] netlink: 8 bytes leftover after parsing attributes in process `syz.0.228'.
[  130.673691][ T6789] netlink: 132 bytes leftover after parsing attributes in process `syz.1.231'.
[  130.792355][ T6795] netlink: 20 bytes leftover after parsing attributes in process `syz.2.229'.
[  131.201870][ T3084] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  131.440084][  T840] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  131.778095][  T840] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.790074][  T840] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.793957][ T3084] usb 5-1: Using ep0 maxpacket: 32
[  131.804157][  T840] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  131.806777][ T3084] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  131.883990][  T840] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.885481][ T3084] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  131.903836][ T3084] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  131.927756][  T840] usb 2-1: config 0 descriptor??
[  131.953535][ T3084] usb 5-1: Product: syz
[  131.967900][ T3084] usb 5-1: Manufacturer: syz
[  131.972552][ T3084] usb 5-1: SerialNumber: syz
[  132.105554][ T3084] usb 5-1: config 0 descriptor??
[  132.111180][ T6794] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  132.297609][ T5885] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  132.365928][  T840] pyra 0003:1E7D:2CF6.0003: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  132.617613][ T5885] usb 4-1: config index 0 descriptor too short (expected 64028, got 77)
[  132.626247][ T5885] usb 4-1: config 0 has too many interfaces: 241, using maximum allowed: 32
[  132.658954][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  132.667964][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  132.697688][ T5885] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  132.733905][ T3084] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  132.816618][ T5885] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 241
[  132.852828][ T5885] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  132.874983][ T3084] usb 1-1: device descriptor read/64, error -71
[  132.919077][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.957065][ T5885] usb 4-1: Product: syz
[  132.961417][ T5885] usb 4-1: Manufacturer: syz
[  132.992487][ T5885] usb 4-1: SerialNumber: syz
[  133.019200][ T5885] usb 4-1: config 0 descriptor??
[  133.133983][ T3084] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  133.273922][ T3084] usb 1-1: device descriptor read/64, error -71
[  133.354467][  T840] pyra 0003:1E7D:2CF6.0003: couldn't init struct pyra_device
[  133.365997][  T840] pyra 0003:1E7D:2CF6.0003: couldn't install mouse
[  133.375640][  T840] pyra 0003:1E7D:2CF6.0003: probe with driver pyra failed with error -71
[  133.404915][ T3084] usb usb1-port1: attempt power cycle
[  133.418655][  T840] usb 2-1: USB disconnect, device number 15
[  133.603850][ T5885] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  133.753961][ T5885] usb 3-1: Using ep0 maxpacket: 8
[  133.763878][ T5885] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  133.773446][ T5885] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.783427][ T5885] usb 3-1: Product: syz
[  133.784056][ T3084] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  133.788890][ T5885] usb 3-1: Manufacturer: syz
[  133.803632][ T5943] usb 5-1: USB disconnect, device number 27
[  133.822054][ T5885] usb 3-1: SerialNumber: syz
[  133.834980][  T840] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  133.837857][ T3084] usb 1-1: device descriptor read/8, error -71
[  133.857288][ T5885] usb 3-1: config 0 descriptor??
[  133.871764][ T5885] gspca_main: sq930x-2.14.0 probing 2770:930c
[  133.993815][  T840] usb 2-1: Using ep0 maxpacket: 16
[  134.001134][  T840] usb 2-1: config 0 interface 0 has no altsetting 0
[  134.147935][  T840] usb 2-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  134.163977][  T840] usb 2-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  134.202729][  T840] usb 2-1: Product: syz
[  134.216962][ T3084] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  134.217500][  T840] usb 2-1: Manufacturer: syz
[  134.248428][  T840] usb 2-1: SerialNumber: syz
[  134.270567][  T840] usb 2-1: config 0 descriptor??
[  134.277184][ T6824] netlink: 24 bytes leftover after parsing attributes in process `syz.2.241'.
[  134.299073][ T5885] gspca_sq930x: ucbus_write failed -71
[  134.310661][ T3084] usb 1-1: device descriptor read/8, error -71
[  134.343992][ T5943] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  134.434022][ T3084] usb usb1-port1: unable to enumerate USB device
[  134.524561][ T5885] gspca_sq930x: Sensor ov9630 not yet treated
[  134.530785][ T5885] sq930x 3-1:0.0: probe with driver sq930x failed with error -22
[  134.540661][ T5943] usb 5-1: config 0 has no interfaces?
[  134.553621][ T5943] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  134.585695][ T5885] usb 3-1: USB disconnect, device number 22
[  134.615969][  T840] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22
[  134.626557][ T5943] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.648977][ T5943] usb 5-1: Product: syz
[  134.657420][  T840] usb 2-1: USB disconnect, device number 16
[  134.665731][ T5943] usb 5-1: Manufacturer: syz
[  134.675989][ T5943] usb 5-1: SerialNumber: syz
[  134.726720][ T5943] usb 5-1: config 0 descriptor??
[  134.838956][ T6832] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  134.839035][ T6336] udevd[6336]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  135.405005][ T6841] netlink: 276 bytes leftover after parsing attributes in process `syz.1.246'.
[  135.461659][ T6841] syz.1.246 uses obsolete (PF_INET,SOCK_PACKET)
[  135.471102][ T6841] netlink: 8 bytes leftover after parsing attributes in process `syz.1.246'.
[  135.775091][   T47] usb 4-1: USB disconnect, device number 18
[  135.840014][ T6852] FAULT_INJECTION: forcing a failure.
[  135.840014][ T6852] name failslab, interval 1, probability 0, space 0, times 0
[  135.860801][ T6852] CPU: 1 UID: 0 PID: 6852 Comm: syz.1.250 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  135.860828][ T6852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  135.860841][ T6852] Call Trace:
[  135.860848][ T6852]  <TASK>
[  135.860855][ T6852]  dump_stack_lvl+0x241/0x360
[  135.860890][ T6852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.860917][ T6852]  ? __pfx__printk+0x10/0x10
[  135.860955][ T6852]  ? __pfx___might_resched+0x10/0x10
[  135.860978][ T6852]  should_fail_ex+0x424/0x570
[  135.861004][ T6852]  should_failslab+0xac/0x100
[  135.861031][ T6852]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  135.861059][ T6852]  ? __alloc_skb+0x1c2/0x480
[  135.861078][ T6852]  ? tcp_current_mss+0x29d/0x4d0
[  135.861099][ T6852]  __alloc_skb+0x1c2/0x480
[  135.861122][ T6852]  ? __pfx___alloc_skb+0x10/0x10
[  135.861148][ T6852]  ? kernel_text_address+0xa7/0xe0
[  135.861180][ T6852]  tcp_stream_alloc_skb+0x3d/0x310
[  135.861206][ T6852]  tcp_sendmsg_locked+0xd96/0x5030
[  135.861259][ T6852]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  135.861286][ T6852]  ? tcp_sendmsg+0x22/0x50
[  135.861309][ T6852]  ? do_raw_spin_unlock+0x13c/0x8b0
[  135.861338][ T6852]  tcp_sendmsg+0x30/0x50
[  135.861361][ T6852]  __sock_sendmsg+0x1a6/0x270
[  135.861379][ T6852]  __sys_sendto+0x365/0x4c0
[  135.861402][ T6852]  ? __pfx___sys_sendto+0x10/0x10
[  135.861429][ T6852]  ? __fget_files+0x2a/0x420
[  135.861452][ T6852]  ? ksys_write+0x275/0x2d0
[  135.861479][ T6852]  __x64_sys_sendto+0xde/0x100
[  135.861501][ T6852]  do_syscall_64+0xf3/0x230
[  135.861526][ T6852]  ? clear_bhb_loop+0x45/0xa0
[  135.861547][ T6852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.861564][ T6852] RIP: 0033:0x7fcb7798d169
[  135.861580][ T6852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.861595][ T6852] RSP: 002b:00007fcb787f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  135.861615][ T6852] RAX: ffffffffffffffda RBX: 00007fcb77ba5fa0 RCX: 00007fcb7798d169
[  135.861628][ T6852] RDX: 0000000000000003 RSI: 00002000000012c0 RDI: 0000000000000003
[  135.861639][ T6852] RBP: 00007fcb787f7090 R08: 0000000000000000 R09: 0000000000000000
[  135.861650][ T6852] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[  135.861660][ T6852] R13: 0000000000000000 R14: 00007fcb77ba5fa0 R15: 00007fcb77ccfa28
[  135.861683][ T6852]  </TASK>
[  136.098026][    C1] vkms_vblank_simulate: vblank timer overrun
[  136.110262][ T6853] netlink: 32 bytes leftover after parsing attributes in process `syz.3.251'.
[  136.173874][ T3084] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  136.188584][ T6857] FAULT_INJECTION: forcing a failure.
[  136.188584][ T6857] name failslab, interval 1, probability 0, space 0, times 0
[  136.202217][ T6857] CPU: 1 UID: 0 PID: 6857 Comm: syz.2.253 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  136.202236][ T6857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  136.202245][ T6857] Call Trace:
[  136.202249][ T6857]  <TASK>
[  136.202255][ T6857]  dump_stack_lvl+0x241/0x360
[  136.202279][ T6857]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.202298][ T6857]  ? __pfx__printk+0x10/0x10
[  136.202315][ T6857]  ? __lock_acquire+0xad5/0xd80
[  136.202332][ T6857]  should_fail_ex+0x424/0x570
[  136.202353][ T6857]  should_failslab+0xac/0x100
[  136.202375][ T6857]  kmem_cache_alloc_noprof+0x78/0x390
[  136.202395][ T6857]  ? skb_clone+0x20c/0x390
[  136.202416][ T6857]  skb_clone+0x20c/0x390
[  136.202435][ T6857]  __netlink_deliver_tap+0x3c4/0x7f0
[  136.202453][ T6857]  ? netlink_deliver_tap+0x2e/0x1b0
[  136.202466][ T6857]  netlink_deliver_tap+0x19d/0x1b0
[  136.202479][ T6857]  netlink_unicast+0x7c6/0x9a0
[  136.202501][ T6857]  ? __pfx_netlink_unicast+0x10/0x10
[  136.202521][ T6857]  ? skb_put+0x114/0x1f0
[  136.202538][ T6857]  netlink_sendmsg+0x8c3/0xcd0
[  136.202556][ T6857]  ? __pfx_netlink_sendmsg+0x10/0x10
[  136.202572][ T6857]  ? aa_sock_msg_perm+0x91/0x160
[  136.202589][ T6857]  ? __pfx_netlink_sendmsg+0x10/0x10
[  136.202601][ T6857]  __sock_sendmsg+0x221/0x270
[  136.202614][ T6857]  ____sys_sendmsg+0x523/0x860
[  136.202635][ T6857]  ? __pfx_____sys_sendmsg+0x10/0x10
[  136.202659][ T6857]  __sys_sendmmsg+0x3a0/0x7b0
[  136.202681][ T6857]  ? __pfx___sys_sendmmsg+0x10/0x10
[  136.202726][ T6857]  ? rcu_read_lock_any_held+0xbb/0x160
[  136.202744][ T6857]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  136.202780][ T6857]  ? vfs_write+0xb29/0xd10
[  136.202801][ T6857]  ? ksys_write+0x24e/0x2d0
[  136.202819][ T6857]  ? __mutex_unlock_slowpath+0x229/0x800
[  136.202877][ T6857]  ? ksys_write+0x275/0x2d0
[  136.202900][ T6857]  __x64_sys_sendmmsg+0xa0/0xb0
[  136.202919][ T6857]  do_syscall_64+0xf3/0x230
[  136.202939][ T6857]  ? clear_bhb_loop+0x45/0xa0
[  136.202956][ T6857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.202971][ T6857] RIP: 0033:0x7fce0eb8d169
[  136.202983][ T6857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.202995][ T6857] RSP: 002b:00007fce0faa3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  136.203012][ T6857] RAX: ffffffffffffffda RBX: 00007fce0eda5fa0 RCX: 00007fce0eb8d169
[  136.203023][ T6857] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004
[  136.203034][ T6857] RBP: 00007fce0faa3090 R08: 0000000000000000 R09: 0000000000000000
[  136.203043][ T6857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  136.203052][ T6857] R13: 0000000000000000 R14: 00007fce0eda5fa0 R15: 00007fce0eecfa28
[  136.203070][ T6857]  </TASK>
[  136.473802][    C1] vkms_vblank_simulate: vblank timer overrun
[  136.583951][ T3084] usb 1-1: Using ep0 maxpacket: 8
[  136.601717][ T3084] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  136.616524][ T6861] netlink: 20 bytes leftover after parsing attributes in process `syz.3.252'.
[  136.625757][ T3084] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  136.705330][ T3084] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  136.714502][ T3084] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.722583][ T3084] usb 1-1: Product: syz
[  136.726849][ T3084] usb 1-1: Manufacturer: syz
[  136.732040][ T3084] usb 1-1: SerialNumber: syz
[  136.772560][ T3084] usb 1-1: config 0 descriptor??
[  136.992533][ T3084] usb 5-1: USB disconnect, device number 28
[  137.049800][ T5889] usb 1-1: USB disconnect, device number 24
[  137.643921][ T5889] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  137.826084][ T5889] usb 2-1: Using ep0 maxpacket: 8
[  137.955063][ T6871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.976796][ T6871] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.999450][ T5889] usb 2-1: unable to get BOS descriptor or descriptor too short
[  138.008030][ T5889] usb 2-1: unable to read config index 0 descriptor/start: -71
[  138.017065][ T5889] usb 2-1: can't read configurations, error -71
[  138.099574][ T5885] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[  138.255334][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  138.290380][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.300235][ T5885] usb 4-1: New USB device found, idVendor=056a, idProduct=00c2, bcdDevice= 0.00
[  138.309385][ T5885] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.322266][ T5885] usb 4-1: config 0 descriptor??
[  138.394159][ T5888] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  138.577377][ T5888] usb 3-1: config index 0 descriptor too short (expected 64028, got 77)
[  138.586329][ T5888] usb 3-1: config 0 has too many interfaces: 241, using maximum allowed: 32
[  138.596582][ T5888] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  138.614293][ T5888] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 241
[  138.633363][ T5888] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  138.643237][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.655926][ T5888] usb 3-1: Product: syz
[  138.660130][ T5888] usb 3-1: Manufacturer: syz
[  138.667371][ T5888] usb 3-1: SerialNumber: syz
[  138.689071][ T5888] usb 3-1: config 0 descriptor??
[  139.920627][ T6909] (unnamed net_device) (uninitialized): peer notification delay (1164) is not a multiple of miimon (100), value rounded to 1100 ms
[  139.952222][ T6909] bond1: entered promiscuous mode
[  139.957486][ T6909] bond1: entered allmulticast mode
[  139.963051][ T6909] 8021q: adding VLAN 0 to HW filter on device bond1
[  139.982258][ T5885] usbhid 4-1:0.0: can't add hid device: -71
[  139.988539][ T5885] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  140.012838][ T5885] usb 4-1: USB disconnect, device number 19
[  140.833874][  T840] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  141.112849][ T6936] vxcan2: entered promiscuous mode
[  141.118375][ T6936] vxcan2: entered allmulticast mode
[  141.173295][ T5888] usb 3-1: USB disconnect, device number 23
[  141.223857][ T3084] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  141.262047][ T5943] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  141.489976][ T5943] usb 1-1: Using ep0 maxpacket: 32
[  141.522866][ T5943] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.541387][ T6940] FAULT_INJECTION: forcing a failure.
[  141.541387][ T6940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.578399][ T6940] CPU: 1 UID: 0 PID: 6940 Comm: syz.2.272 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  141.578430][ T6940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  141.578442][ T6940] Call Trace:
[  141.578449][ T6940]  <TASK>
[  141.578456][ T6940]  dump_stack_lvl+0x241/0x360
[  141.578490][ T6940]  ? __pfx_dump_stack_lvl+0x10/0x10
[  141.578516][ T6940]  ? __pfx__printk+0x10/0x10
[  141.578560][ T6940]  should_fail_ex+0x424/0x570
[  141.578588][ T6940]  _copy_from_iter+0x211/0x1c70
[  141.578611][ T6940]  ? __build_skb_around+0x247/0x3d0
[  141.578634][ T6940]  ? __alloc_skb+0x298/0x480
[  141.578653][ T6940]  ? __pfx__copy_from_iter+0x10/0x10
[  141.578674][ T6940]  ? __pfx___alloc_skb+0x10/0x10
[  141.578701][ T6940]  ? skb_put+0x114/0x1f0
[  141.578723][ T6940]  netlink_sendmsg+0x73c/0xcd0
[  141.578749][ T6940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.578769][ T6940]  ? aa_sock_msg_perm+0x91/0x160
[  141.578791][ T6940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.578807][ T6940]  __sock_sendmsg+0x221/0x270
[  141.578825][ T6940]  ____sys_sendmsg+0x523/0x860
[  141.578852][ T6940]  ? __pfx_____sys_sendmsg+0x10/0x10
[  141.578872][ T6940]  ? __fget_files+0x2a/0x420
[  141.578891][ T6940]  ? __fget_files+0x2a/0x420
[  141.578912][ T6940]  __sys_sendmsg+0x271/0x360
[  141.578937][ T6940]  ? __pfx___sys_sendmsg+0x10/0x10
[  141.578989][ T6940]  ? do_syscall_64+0xb6/0x230
[  141.579015][ T6940]  do_syscall_64+0xf3/0x230
[  141.579038][ T6940]  ? clear_bhb_loop+0x45/0xa0
[  141.579058][ T6940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.579075][ T6940] RIP: 0033:0x7fce0eb8d169
[  141.579089][ T6940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.579105][ T6940] RSP: 002b:00007fce0faa3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.579124][ T6940] RAX: ffffffffffffffda RBX: 00007fce0eda5fa0 RCX: 00007fce0eb8d169
[  141.579137][ T6940] RDX: 0000000004000000 RSI: 00002000000002c0 RDI: 0000000000000008
[  141.579149][ T6940] RBP: 00007fce0faa3090 R08: 0000000000000000 R09: 0000000000000000
[  141.579160][ T6940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.579170][ T6940] R13: 0000000000000000 R14: 00007fce0eda5fa0 R15: 00007fce0eecfa28
[  141.579192][ T6940]  </TASK>
[  141.579543][ T5943] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.854010][  T840] usb 5-1: config 0 has no interfaces?
[  141.934282][  T840] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  141.951761][ T3084] usb 2-1: no configurations
[  141.956584][ T3084] usb 2-1: can't read configurations, error -22
[  142.064006][  T840] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.103393][  T840] usb 5-1: Product: syz
[  142.112734][  T840] usb 5-1: Manufacturer: syz
[  142.122938][  T840] usb 5-1: SerialNumber: syz
[  142.134841][  T840] usb 5-1: config 0 descriptor??
[  142.149844][ T5943] usb 1-1: config 0 interface 0 has no altsetting 0
[  142.167101][ T5943] usb 1-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[  142.203848][ T5943] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.223945][ T3084] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  142.256004][ T5943] usb 1-1: config 0 descriptor??
[  142.423828][ T3084] usb 2-1: no configurations
[  142.440754][ T3084] usb 2-1: can't read configurations, error -22
[  142.462256][ T3084] usb usb2-port1: attempt power cycle
[  142.766464][ T5943] betop 0003:20BC:5500.0004: unknown main item tag 0x0
[  142.779587][ T5943] betop 0003:20BC:5500.0004: hidraw0: USB HID v0.00 Device [HID 20bc:5500] on usb-dummy_hcd.0-1/input0
[  142.801774][ T5943] betop 0003:20BC:5500.0004: no inputs found
[  143.083281][ T3084] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  143.149565][ T3084] usb 2-1: no configurations
[  143.172122][ T3084] usb 2-1: can't read configurations, error -22
[  143.276971][ T6954] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.300370][ T6954] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.347943][ T3084] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  143.470389][ T3084] usb 2-1: no configurations
[  143.488541][ T3084] usb 2-1: can't read configurations, error -22
[  143.585894][ T5890] usb 1-1: USB disconnect, device number 25
[  143.598052][ T3084] usb usb2-port1: unable to enumerate USB device
[  143.723043][ T6961] veth1_macvtap: left promiscuous mode
[  143.728703][ T6961] macsec0: entered promiscuous mode
[  143.871653][ T6960] veth1_macvtap: entered promiscuous mode
[  143.878645][ T6960] macsec0: left promiscuous mode
[  143.946709][   T30] audit: type=1326 audit(1743281524.916:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  144.132682][   T30] audit: type=1326 audit(1743281524.916:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  144.393850][   T30] audit: type=1326 audit(1743281524.916:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  144.550223][   T30] audit: type=1326 audit(1743281524.916:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  144.742282][ T5890] usb 5-1: USB disconnect, device number 29
[  144.783847][   T30] audit: type=1326 audit(1743281524.916:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  144.893294][   T30] audit: type=1326 audit(1743281524.916:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  144.955171][ T6978] netlink: 4 bytes leftover after parsing attributes in process `syz.3.280'.
[  145.277539][ T6980] kvm: user requested TSC rate below hardware speed
[  145.508569][ T6988] netlink: 24 bytes leftover after parsing attributes in process `syz.1.284'.
[  146.283486][ T6996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.285'.
[  146.604447][ T7000] netlink: 8 bytes leftover after parsing attributes in process `syz.2.286'.
[  146.623482][ T7003] netlink: 'syz.4.287': attribute type 1 has an invalid length.
[  146.651971][ T7003] bond1: entered promiscuous mode
[  146.661365][ T7003] 8021q: adding VLAN 0 to HW filter on device bond1
[  146.881982][ T7003] bond1: (slave veth3): making interface the new active one
[  146.885968][ T7007] fuse: Bad value for 'fd'
[  146.902895][ T7003] veth3: entered promiscuous mode
[  146.912846][ T7003] bond1: (slave veth3): Enslaving as an active interface with an up link
[  148.740381][ T5943] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  148.896160][ T5943] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  148.914169][ T5943] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.953506][ T5943] usb 3-1: config 0 descriptor??
[  148.987451][ T5943] cp210x 3-1:0.0: cp210x converter detected
[  149.296840][ T7057] netlink: 48 bytes leftover after parsing attributes in process `syz.3.303'.
[  149.308139][ T7057] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  149.324901][  T840] usb 5-1: new full-speed USB device number 30 using dummy_hcd
[  149.392385][ T5943] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -71
[  149.405279][ T5943] cp210x 3-1:0.0: failed to get vendor val 0x3711 size 2: -71
[  149.421489][ T5943] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  149.463858][  T840] usb 5-1: device descriptor read/64, error -71
[  149.490900][ T5943] usb 3-1: cp210x converter now attached to ttyUSB0
[  149.506360][ T5943] usb 3-1: USB disconnect, device number 24
[  149.517670][ T5943] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  149.527277][ T5943] cp210x 3-1:0.0: device disconnected
[  149.711407][  T840] usb 5-1: new full-speed USB device number 31 using dummy_hcd
[  149.935550][  T840] usb 5-1: device descriptor read/64, error -71
[  150.018959][ T7054] dccp_close: ABORT with 32 bytes unread
[  150.044756][  T840] usb usb5-port1: attempt power cycle
[  150.077124][ T7062] netlink: 'syz.2.305': attribute type 4 has an invalid length.
[  150.395499][  T840] usb 5-1: new full-speed USB device number 32 using dummy_hcd
[  150.430154][  T840] usb 5-1: device descriptor read/8, error -71
[  150.511498][ T7078] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  150.685164][  T840] usb 5-1: new full-speed USB device number 33 using dummy_hcd
[  150.706565][  T840] usb 5-1: device descriptor read/8, error -71
[  150.814267][  T840] usb usb5-port1: unable to enumerate USB device
[  150.923964][ T5888] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[  151.059549][ T7098] netlink: 12 bytes leftover after parsing attributes in process `syz.1.317'.
[  151.097373][ T5888] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  151.128671][ T5888] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  151.142826][ T5888] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  151.159532][ T5888] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  151.171877][ T5888] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.182923][ T5888] usb 1-1: Product: syz
[  151.189566][ T5888] usb 1-1: Manufacturer: syz
[  151.199210][ T5888] usb 1-1: SerialNumber: syz
[  151.209376][ T5888] usb 1-1: config 0 descriptor??
[  151.219926][ T7090] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  151.228195][ T7090] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  151.248185][ T5888] usb 1-1: ucan: probing device on interface #0
[  151.861823][ T5888] ucan 1-1:0.0 can0: registered device
[  152.126875][ T5888] ucan 1-1:0.0 can0: firmware string: ÁÙ
[  152.178788][ T7125] veth1_macvtap: left promiscuous mode
[  152.184506][ T7125] macsec0: entered promiscuous mode
[  152.198218][ T7125] veth1_macvtap: entered promiscuous mode
[  152.204377][ T7125] macsec0: left promiscuous mode
[  152.232123][   T30] audit: type=1326 audit(1743281533.176:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7116 comm="syz.2.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  152.302216][   T30] audit: type=1326 audit(1743281533.176:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7116 comm="syz.2.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  152.342066][   T30] audit: type=1326 audit(1743281533.176:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7116 comm="syz.2.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  152.364847][ T3084] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  152.376984][   T30] audit: type=1326 audit(1743281533.176:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7116 comm="syz.2.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  152.516666][   T30] audit: type=1326 audit(1743281533.176:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7116 comm="syz.2.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  152.553912][ T3084] usb 2-1: Using ep0 maxpacket: 8
[  152.584258][ T3084] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  152.597464][ T3084] usb 2-1: config 179 has no interface number 0
[  152.607550][   T30] audit: type=1326 audit(1743281533.176:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7116 comm="syz.2.324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  152.650770][ T3084] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  152.680290][ T3084] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  152.740889][ T3084] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  152.763566][ T3084] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  152.798878][ T3084] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  152.830805][ T3084] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  152.854576][ T3084] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.874622][ T7115] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  153.308740][    C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  153.317033][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  153.327981][ T5888] usb 2-1: USB disconnect, device number 23
[  153.639453][ T5506] ucan 1-1:0.0 can0: could not start device, code: -71
[  153.646859][ T5888] usb 1-1: USB disconnect, device number 26
[  153.652865][ T5506] ucan 1-1:0.0 can0: could not reset device, code: -71
[  153.952107][ T7156] netlink: 8 bytes leftover after parsing attributes in process `syz.1.330'.
[  154.004183][ T3084] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  154.143916][  T840] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  154.186478][ T3084] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  154.196441][ T3084] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  154.205700][ T3084] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  154.216811][ T3084] usb 3-1: config 0 interface 0 has no altsetting 0
[  154.224805][ T3084] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  154.233954][ T3084] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  154.245096][ T3084] usb 3-1: config 0 interface 0 has no altsetting 0
[  154.252509][ T3084] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  154.261956][ T3084] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  154.273011][ T3084] usb 3-1: config 0 interface 0 has no altsetting 0
[  154.280620][ T3084] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  154.289699][ T3084] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  154.300699][ T3084] usb 3-1: config 0 interface 0 has no altsetting 0
[  154.303959][  T840] usb 1-1: Using ep0 maxpacket: 8
[  154.308419][ T3084] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  154.318101][  T840] usb 1-1: no configurations
[  154.321572][ T3084] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  154.330223][  T840] usb 1-1: can't read configurations, error -22
[  154.337293][ T3084] usb 3-1: config 0 interface 0 has no altsetting 0
[  154.351229][ T3084] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  154.360593][ T3084] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  154.371964][ T3084] usb 3-1: config 0 interface 0 has no altsetting 0
[  154.379573][ T3084] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  154.388900][ T3084] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  154.400112][ T3084] usb 3-1: config 0 interface 0 has no altsetting 0
[  154.403896][ T5943] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  154.408038][ T3084] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  154.424006][ T3084] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  154.435766][ T3084] usb 3-1: config 0 interface 0 has no altsetting 0
[  154.444193][ T3084] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  154.453329][ T3084] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  154.461913][ T3084] usb 3-1: Product: syz
[  154.466429][ T3084] usb 3-1: Manufacturer: syz
[  154.471045][ T3084] usb 3-1: SerialNumber: syz
[  154.477900][ T3084] usb 3-1: config 0 descriptor??
[  154.483926][  T840] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  154.488090][ T3084] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[  154.574964][ T5943] usb 2-1: Using ep0 maxpacket: 8
[  154.587477][ T5943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  154.598703][ T5943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  154.608404][ T5943] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  154.618135][ T5943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  154.629456][ T5943] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  154.639651][ T5943] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  154.648781][ T5943] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.657044][  T840] usb 1-1: Using ep0 maxpacket: 8
[  154.662718][  T840] usb 1-1: no configurations
[  154.668633][  T840] usb 1-1: can't read configurations, error -22
[  154.675773][ T5943] usb 2-1: config 0 descriptor??
[  154.681877][  T840] usb usb1-port1: attempt power cycle
[  154.682084][ T7168] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  154.762602][ T7169] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  154.776427][ T7169] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.023895][  T840] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  155.054603][  T840] usb 1-1: Using ep0 maxpacket: 8
[  155.060300][  T840] usb 1-1: no configurations
[  155.066312][  T840] usb 1-1: can't read configurations, error -22
[  155.203902][  T840] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  155.224001][ T3084] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  155.232080][  T840] usb 1-1: Using ep0 maxpacket: 8
[  155.243283][  T840] usb 1-1: no configurations
[  155.248174][  T840] usb 1-1: can't read configurations, error -22
[  155.254822][  T840] usb usb1-port1: unable to enumerate USB device
[  155.376936][ T3084] usb 4-1: device descriptor read/64, error -71
[  155.633870][ T3084] usb 4-1: new full-speed USB device number 21 using dummy_hcd
[  155.784423][ T3084] usb 4-1: device descriptor read/64, error -71
[  155.905109][ T3084] usb usb4-port1: attempt power cycle
[  156.263973][ T3084] usb 4-1: new full-speed USB device number 22 using dummy_hcd
[  156.285727][ T3084] usb 4-1: device descriptor read/8, error -71
[  156.543866][ T3084] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[  156.564453][ T3084] usb 4-1: device descriptor read/8, error -71
[  156.684309][ T3084] usb usb4-port1: unable to enumerate USB device
[  156.742693][ T3084] usb 3-1: USB disconnect, device number 25
[  156.751636][ T3084] yurex 3-1:0.0: USB YUREX #0 now disconnected
[  156.786366][ T7185] FAULT_INJECTION: forcing a failure.
[  156.786366][ T7185] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.800213][ T7185] CPU: 0 UID: 0 PID: 7185 Comm: syz.2.338 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  156.800237][ T7185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  156.800249][ T7185] Call Trace:
[  156.800255][ T7185]  <TASK>
[  156.800262][ T7185]  dump_stack_lvl+0x241/0x360
[  156.800308][ T7185]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.800333][ T7185]  ? __pfx__printk+0x10/0x10
[  156.800363][ T7185]  should_fail_ex+0x424/0x570
[  156.800391][ T7185]  _copy_from_user+0x2d/0xb0
[  156.800413][ T7185]  copy_msghdr_from_user+0xb3/0x580
[  156.800448][ T7185]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  156.800474][ T7185]  ? __fget_files+0x2a/0x420
[  156.800492][ T7185]  ? __fget_files+0x2a/0x420
[  156.800514][ T7185]  __sys_recvmsg+0x210/0x3a0
[  156.800539][ T7185]  ? __pfx___sys_recvmsg+0x10/0x10
[  156.800569][ T7185]  ? __fget_files+0x2a/0x420
[  156.800598][ T7185]  ? do_syscall_64+0xb6/0x230
[  156.800624][ T7185]  do_syscall_64+0xf3/0x230
[  156.800646][ T7185]  ? clear_bhb_loop+0x45/0xa0
[  156.800667][ T7185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.800683][ T7185] RIP: 0033:0x7fce0eb8d169
[  156.800699][ T7185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.800714][ T7185] RSP: 002b:00007fce0faa3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  156.800733][ T7185] RAX: ffffffffffffffda RBX: 00007fce0eda5fa0 RCX: 00007fce0eb8d169
[  156.800746][ T7185] RDX: 0000000000002142 RSI: 00002000000001c0 RDI: 0000000000000004
[  156.800757][ T7185] RBP: 00007fce0faa3090 R08: 0000000000000000 R09: 0000000000000000
[  156.800769][ T7185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.800779][ T7185] R13: 0000000000000000 R14: 00007fce0eda5fa0 R15: 00007fce0eecfa28
[  156.800800][ T7185]  </TASK>
[  157.060584][ T7190] netlink: 'syz.0.340': attribute type 1 has an invalid length.
[  158.593910][ T5885] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  158.743934][ T3084] usb 3-1: new full-speed USB device number 26 using dummy_hcd
[  158.873915][ T3084] usb 3-1: device descriptor read/64, error -71
[  158.923238][ T5885] usb 4-1: config 0 has no interfaces?
[  158.963839][ T5885] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  158.979346][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.032238][ T5885] usb 4-1: Product: syz
[  159.144166][ T3084] usb 3-1: new full-speed USB device number 27 using dummy_hcd
[  159.208390][ T5885] usb 4-1: Manufacturer: syz
[  159.218882][ T5885] usb 4-1: SerialNumber: syz
[  159.232134][ T5885] usb 4-1: config 0 descriptor??
[  159.283861][ T3084] usb 3-1: device descriptor read/64, error -71
[  159.412783][ T3084] usb usb3-port1: attempt power cycle
[  159.676474][ T7208] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  159.712998][ T7208] netlink: 4 bytes leftover after parsing attributes in process `syz.1.344'.
[  159.754207][ T7208] bond0: (slave bond_slave_0): Releasing backup interface
[  159.774224][ T3084] usb 3-1: new full-speed USB device number 28 using dummy_hcd
[  159.815205][ T3084] usb 3-1: device descriptor read/8, error -71
[  160.073807][ T3084] usb 3-1: new full-speed USB device number 29 using dummy_hcd
[  160.168662][ T3084] usb 3-1: device descriptor read/8, error -71
[  160.194524][ T7214] netlink: 'syz.0.347': attribute type 1 has an invalid length.
[  160.223681][ T7214] 8021q: adding VLAN 0 to HW filter on device bond1
[  160.244529][ T7214] bond1: (slave gretap1): making interface the new active one
[  160.252862][ T7214] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  160.295245][ T3084] usb usb3-port1: unable to enumerate USB device
[  160.723880][ T3084] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  160.910422][ T3084] usb 1-1: config index 0 descriptor too short (expected 64028, got 77)
[  160.918940][ T3084] usb 1-1: config 0 has too many interfaces: 241, using maximum allowed: 32
[  160.932718][ T3084] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  160.960976][ T3084] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 241
[  160.991801][ T3084] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  161.001367][ T3084] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.009464][ T3084] usb 1-1: Product: syz
[  161.014011][ T3084] usb 1-1: Manufacturer: syz
[  161.018694][ T3084] usb 1-1: SerialNumber: syz
[  161.065198][ T5885] usb 4-1: USB disconnect, device number 24
[  161.149313][ T7221] fuse: Bad value for 'user_id'
[  161.163265][ T7221] fuse: Bad value for 'user_id'
[  161.195711][ T3084] usb 1-1: config 0 descriptor??
[  161.573880][ T5885] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  161.723889][ T5885] usb 4-1: Using ep0 maxpacket: 8
[  161.737084][ T5885] usb 4-1: no configurations
[  161.741714][ T5885] usb 4-1: can't read configurations, error -22
[  161.893976][ T3084] usb 3-1: new full-speed USB device number 30 using dummy_hcd
[  161.902005][ T5885] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  162.034072][ T3084] usb 3-1: device descriptor read/64, error -71
[  162.200239][ T5885] usb 4-1: Using ep0 maxpacket: 8
[  162.212970][ T5885] usb 4-1: no configurations
[  162.221268][ T5885] usb 4-1: can't read configurations, error -22
[  162.229766][ T5885] usb usb4-port1: attempt power cycle
[  162.313843][ T3084] usb 3-1: new full-speed USB device number 31 using dummy_hcd
[  162.453885][ T3084] usb 3-1: device descriptor read/64, error -71
[  162.573954][ T5885] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  162.574182][ T3084] usb usb3-port1: attempt power cycle
[  162.604499][ T5885] usb 4-1: Using ep0 maxpacket: 8
[  162.612578][ T5885] usb 4-1: no configurations
[  162.617625][ T5885] usb 4-1: can't read configurations, error -22
[  162.753854][ T5885] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  162.775526][ T5885] usb 4-1: Using ep0 maxpacket: 8
[  162.782829][ T5885] usb 4-1: no configurations
[  162.787553][ T5885] usb 4-1: can't read configurations, error -22
[  162.794735][ T5885] usb usb4-port1: unable to enumerate USB device
[  162.934022][ T3084] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[  162.964367][ T3084] usb 3-1: device descriptor read/8, error -71
[  163.214058][ T3084] usb 3-1: new full-speed USB device number 33 using dummy_hcd
[  163.244406][ T3084] usb 3-1: device descriptor read/8, error -71
[  163.345821][ T5886] usb 1-1: USB disconnect, device number 31
[  163.364113][ T3084] usb usb3-port1: unable to enumerate USB device
[  163.763878][ T5886] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  163.925314][ T5886] usb 1-1: config 0 has an invalid interface number: 171 but max is 0
[  163.933597][ T5886] usb 1-1: config 0 has no interface number 0
[  163.940036][ T5886] usb 1-1: config 0 interface 171 has no altsetting 0
[  163.950531][ T5886] usb 1-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 1.00
[  163.959806][ T5886] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.967820][ T5886] usb 1-1: Product: syz
[  163.971985][ T5886] usb 1-1: Manufacturer: syz
[  163.978240][ T5886] usb 1-1: SerialNumber: syz
[  163.990050][ T5886] usb 1-1: config 0 descriptor??
[  163.997123][ T5886] usb-storage 1-1:0.171: USB Mass Storage device detected
[  164.212680][ T7230] kvm: pic: non byte write
[  164.220044][ T5936] usb 1-1: USB disconnect, device number 32
[  164.423896][ T7236] netlink: 4 bytes leftover after parsing attributes in process `syz.3.354'.
[  164.437978][ T7236] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  164.446856][ T7236] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  164.455648][ T7236] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  164.464512][ T7236] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  164.473810][ T7236] vxlan0: entered promiscuous mode
[  164.694332][ T7238] netdevsim netdevsim2 netdevsim1: Unsupported IPsec algorithm
[  165.271695][ T7254] netlink: 12 bytes leftover after parsing attributes in process `syz.0.360'.
[  165.306437][ T7257] FAULT_INJECTION: forcing a failure.
[  165.306437][ T7257] name failslab, interval 1, probability 0, space 0, times 0
[  165.349942][ T7257] CPU: 0 UID: 0 PID: 7257 Comm: syz.3.361 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  165.349971][ T7257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  165.349983][ T7257] Call Trace:
[  165.349989][ T7257]  <TASK>
[  165.349997][ T7257]  dump_stack_lvl+0x241/0x360
[  165.350028][ T7257]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.350053][ T7257]  ? __pfx__printk+0x10/0x10
[  165.350079][ T7257]  ? __pfx___might_resched+0x10/0x10
[  165.350104][ T7257]  should_fail_ex+0x424/0x570
[  165.350132][ T7257]  should_failslab+0xac/0x100
[  165.350159][ T7257]  __kmalloc_cache_noprof+0x73/0x370
[  165.350175][ T7257]  ? fl_change+0x1cc/0x1f10
[  165.350214][ T7257]  fl_change+0x1cc/0x1f10
[  165.350246][ T7257]  ? __pfx_fl_change+0x10/0x10
[  165.350265][ T7257]  ? fl_get+0x9d/0x480
[  165.350290][ T7257]  ? fl_destroy+0x1c0/0x280
[  165.350312][ T7257]  ? __pfx_fl_change+0x10/0x10
[  165.350333][ T7257]  tc_new_tfilter+0x112f/0x1a90
[  165.350372][ T7257]  ? __pfx_tc_new_tfilter+0x10/0x10
[  165.350407][ T7257]  ? __lock_acquire+0xad5/0xd80
[  165.350438][ T7257]  ? __pfx_tc_new_tfilter+0x10/0x10
[  165.350460][ T7257]  rtnetlink_rcv_msg+0x80f/0xd70
[  165.350478][ T7257]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  165.350500][ T7257]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  165.350523][ T7257]  ? ref_tracker_free+0x63e/0x7e0
[  165.350556][ T7257]  netlink_rcv_skb+0x208/0x480
[  165.350575][ T7257]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  165.350594][ T7257]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  165.350623][ T7257]  ? netlink_deliver_tap+0x2e/0x1b0
[  165.350643][ T7257]  ? netlink_deliver_tap+0x2e/0x1b0
[  165.350663][ T7257]  netlink_unicast+0x7f8/0x9a0
[  165.350695][ T7257]  ? __pfx_netlink_unicast+0x10/0x10
[  165.350723][ T7257]  ? skb_put+0x114/0x1f0
[  165.350747][ T7257]  netlink_sendmsg+0x8c3/0xcd0
[  165.350774][ T7257]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.350795][ T7257]  ? aa_sock_msg_perm+0x91/0x160
[  165.350820][ T7257]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.350837][ T7257]  __sock_sendmsg+0x221/0x270
[  165.350857][ T7257]  ____sys_sendmsg+0x523/0x860
[  165.350886][ T7257]  ? __pfx_____sys_sendmsg+0x10/0x10
[  165.350921][ T7257]  __sys_sendmmsg+0x3a0/0x7b0
[  165.350952][ T7257]  ? __pfx___sys_sendmmsg+0x10/0x10
[  165.350998][ T7257]  ? rcu_read_lock_any_held+0xbb/0x160
[  165.351021][ T7257]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  165.351047][ T7257]  ? vfs_write+0xb29/0xd10
[  165.351075][ T7257]  ? ksys_write+0x24e/0x2d0
[  165.351099][ T7257]  ? __mutex_unlock_slowpath+0x229/0x800
[  165.351144][ T7257]  ? ksys_write+0x275/0x2d0
[  165.351172][ T7257]  __x64_sys_sendmmsg+0xa0/0xb0
[  165.351198][ T7257]  do_syscall_64+0xf3/0x230
[  165.351223][ T7257]  ? clear_bhb_loop+0x45/0xa0
[  165.351245][ T7257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.351263][ T7257] RIP: 0033:0x7fb8dc18d169
[  165.351280][ T7257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.351303][ T7257] RSP: 002b:00007fb8dcf87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  165.351324][ T7257] RAX: ffffffffffffffda RBX: 00007fb8dc3a5fa0 RCX: 00007fb8dc18d169
[  165.351338][ T7257] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004
[  165.351351][ T7257] RBP: 00007fb8dcf87090 R08: 0000000000000000 R09: 0000000000000000
[  165.351363][ T7257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  165.351374][ T7257] R13: 0000000000000000 R14: 00007fb8dc3a5fa0 R15: 00007fb8dc4cfa28
[  165.351407][ T7257]  </TASK>
[  165.865731][ T7269] netlink: 'syz.0.363': attribute type 12 has an invalid length.
[  165.896418][ T7269] hsr0: entered promiscuous mode
[  166.183864][ T5888] usb 1-1: new low-speed USB device number 33 using dummy_hcd
[  166.303855][ T5886] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  166.336872][ T5888] usb 1-1: config index 0 descriptor too short (expected 1307, got 27)
[  166.345236][ T5888] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  166.353454][ T5888] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  166.362879][ T5888] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  166.376650][ T5888] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  166.387289][ T5888] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  166.403592][ T5888] usb 1-1: string descriptor 0 read error: -22
[  166.410220][ T5888] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  166.419705][ T5888] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.440497][ T5888] usb 1-1: config 0 descriptor??
[  166.456729][ T7269] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  166.474995][ T5888] hub 1-1:0.0: bad descriptor, ignoring hub
[  166.481001][ T5888] hub 1-1:0.0: probe with driver hub failed with error -5
[  166.498270][ T5888] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input9
[  166.510367][ T5886] usb 4-1: config 0 has no interfaces?
[  166.520523][    C1] usb_acecad 1-1:0.0: can't resubmit intr, dummy_hcd.0-1/input0, status -1
[  166.533060][ T5886] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  166.542228][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.550469][ T5886] usb 4-1: Product: syz
[  166.554888][ T5886] usb 4-1: Manufacturer: syz
[  166.559819][ T5886] usb 4-1: SerialNumber: syz
[  166.568766][ T5886] usb 4-1: config 0 descriptor??
[  166.668909][    C1] usb_acecad 1-1:0.0: can't resubmit intr, dummy_hcd.0-1/input0, status -1
[  166.711789][ T7277] netlink: 132 bytes leftover after parsing attributes in process `syz.2.367'.
[  166.907093][ T5888] usb 1-1: USB disconnect, device number 33
[  166.914668][ T7268] hsr0: left promiscuous mode
[  167.024019][ T7282] kvm: pic: non byte write
[  167.552451][   T30] audit: type=1326 audit(1743281548.516:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7288 comm="syz.2.372" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x0
[  167.943927][ T5885] usb 1-1: new full-speed USB device number 34 using dummy_hcd
[  168.096038][ T5885] usb 1-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  168.105346][ T5885] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.114948][ T5885] usb 1-1: config 0 descriptor??
[  168.122128][ T5885] ums-realtek 1-1:0.0: USB Mass Storage device detected
[  168.684639][ T5885] usb 3-1: new full-speed USB device number 34 using dummy_hcd
[  168.805519][ T5936] usb 4-1: USB disconnect, device number 29
[  168.849042][ T5885] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  168.860839][ T5885] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  168.878981][ T5885] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  168.898589][ T5885] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  168.907880][ T5885] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.916070][ T5885] usb 3-1: Product: syz
[  168.920345][ T5885] usb 3-1: Manufacturer: syz
[  168.925223][ T5885] usb 3-1: SerialNumber: syz
[  168.931211][ T5885] usb 3-1: config 0 descriptor??
[  168.937006][ T7299] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  168.944442][ T7299] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  168.954261][ T5885] usb 3-1: ucan: probing device on interface #0
[  169.865226][ T7308] netem: incorrect gi model size
[  169.893900][ T7308] netem: change failed
[  170.087202][ T5885] ucan 3-1:0.0 can0: registered device
[  170.340279][ T5885] ucan 3-1:0.0 can0: firmware string: ÁÙ
[  170.683324][ T5836] usb 1-1: USB disconnect, device number 34
[  170.791728][ T7317] netlink: 'syz.0.379': attribute type 1 has an invalid length.
[  170.826483][ T7317] bond2: entered allmulticast mode
[  170.852904][ T7317] 8021q: adding VLAN 0 to HW filter on device bond2
[  171.577946][ T5506] ucan 3-1:0.0 can0: could not start device, code: -71
[  171.585152][ T5506] ucan 3-1:0.0 can0: could not reset device, code: -71
[  171.592157][ T5888] usb 3-1: USB disconnect, device number 34
[  171.641166][ T7340] FAULT_INJECTION: forcing a failure.
[  171.641166][ T7340] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.679038][ T7340] CPU: 1 UID: 0 PID: 7340 Comm: syz.2.382 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  171.679060][ T7340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  171.679069][ T7340] Call Trace:
[  171.679074][ T7340]  <TASK>
[  171.679080][ T7340]  dump_stack_lvl+0x241/0x360
[  171.679106][ T7340]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.679127][ T7340]  ? __pfx__printk+0x10/0x10
[  171.679151][ T7340]  should_fail_ex+0x424/0x570
[  171.679174][ T7340]  _copy_from_user+0x2d/0xb0
[  171.679192][ T7340]  sk_setsockopt+0x2af/0x3340
[  171.679214][ T7340]  ? __pfx_sk_setsockopt+0x10/0x10
[  171.679236][ T7340]  ? __pfx___might_resched+0x10/0x10
[  171.679255][ T7340]  ? rcu_read_lock_any_held+0xbb/0x160
[  171.679274][ T7340]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  171.679295][ T7340]  udp_lib_setsockopt+0x114/0xb20
[  171.679321][ T7340]  ? __pfx_udp_lib_setsockopt+0x10/0x10
[  171.679343][ T7340]  ? __pfx_aa_sk_perm+0x10/0x10
[  171.679360][ T7340]  udpv6_setsockopt+0x73/0xb0
[  171.679393][ T7340]  ? __pfx_udp_v6_push_pending_frames+0x10/0x10
[  171.679414][ T7340]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  171.679428][ T7340]  do_sock_setsockopt+0x3b1/0x710
[  171.679447][ T7340]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  171.679462][ T7340]  ? __fget_files+0x2a/0x420
[  171.679477][ T7340]  ? __fget_files+0x39d/0x420
[  171.679489][ T7340]  ? __fget_files+0x2a/0x420
[  171.679504][ T7340]  __x64_sys_setsockopt+0x1ee/0x280
[  171.679524][ T7340]  do_syscall_64+0xf3/0x230
[  171.679543][ T7340]  ? clear_bhb_loop+0x45/0xa0
[  171.679558][ T7340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.679571][ T7340] RIP: 0033:0x7fce0eb8d169
[  171.679583][ T7340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.679594][ T7340] RSP: 002b:00007fce0faa3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  171.679629][ T7340] RAX: ffffffffffffffda RBX: 00007fce0eda5fa0 RCX: 00007fce0eb8d169
[  171.679643][ T7340] RDX: 0000000000000027 RSI: 0000000000000001 RDI: 0000000000000003
[  171.679673][ T7340] RBP: 00007fce0faa3090 R08: 0000000000000004 R09: 0000000000000000
[  171.679687][ T7340] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  171.679701][ T7340] R13: 0000000000000000 R14: 00007fce0eda5fa0 R15: 00007fce0eecfa28
[  171.679726][ T7340]  </TASK>
[  171.928817][ T7327] dccp_close: ABORT with 32 bytes unread
[  172.313851][ T5836] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  172.505298][ T5836] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.553961][ T5936] usb 4-1: new full-speed USB device number 30 using dummy_hcd
[  172.574551][ T5836] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  172.663092][ T5836] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  172.687522][ T5836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.711210][ T5836] usb 1-1: Product: syz
[  172.717987][ T5836] usb 1-1: Manufacturer: syz
[  172.723602][ T5836] usb 1-1: SerialNumber: syz
[  172.786347][ T5936] usb 4-1: config 0 has no interfaces?
[  172.802551][ T7366] vivid-004: =================  START STATUS  =================
[  172.889201][ T7366] vivid-004: Radio HW Seek Mode: 
[  172.889258][ T5936] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  172.889287][ T5936] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.913506][ T7366] Bounded
[  172.923642][ T7366] vivid-004: Radio Programmable HW Seek: 
[  172.933413][ T7347] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  172.951084][ T7366] false
[  172.958060][ T7366] vivid-004: RDS Rx I/O Mode: Block I/O
[  172.997794][ T7366] vivid-004: Generate RBDS Instead of RDS: false
[  173.013996][ T7366] vivid-004: RDS Reception: true
[  173.020265][ T7366] vivid-004: RDS Program Type: 0 inactive
[  173.026801][ T7366] vivid-004: RDS PS Name:  inactive
[  173.032240][ T7366] vivid-004: RDS Radio Text:  inactive
[  173.038872][ T7366] vivid-004: RDS Traffic Announcement: false inactive
[  173.088808][ T7366] vivid-004: RDS Traffic Program: false inactive
[  173.106697][ T5936] usb 4-1: Product: syz
[  173.111140][ T7366] vivid-004: RDS Music: false inactive
[  173.138927][ T7366] vivid-004: ==================  END STATUS  ==================
[  173.146809][ T5936] usb 4-1: Manufacturer: syz
[  173.152706][ T5936] usb 4-1: SerialNumber: syz
[  173.169637][ T5936] usb 4-1: config 0 descriptor??
[  173.558576][ T7375] netlink: 4 bytes leftover after parsing attributes in process `syz.1.388'.
[  173.608269][ T7375] netlink: 28 bytes leftover after parsing attributes in process `syz.1.388'.
[  173.814012][ T5888] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  173.986903][ T5888] usb 3-1: config 0 has no interfaces?
[  173.997977][ T5888] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  174.007485][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.016311][ T5888] usb 3-1: Product: syz
[  174.020713][ T5888] usb 3-1: Manufacturer: syz
[  174.025950][ T5888] usb 3-1: SerialNumber: syz
[  174.044141][ T5888] usb 3-1: config 0 descriptor??
[  174.057622][ T5836] cdc_mbim 1-1:1.0: bind() failure
[  174.065834][ T5836] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[  174.084735][ T5836] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[  174.109084][ T5836] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[  174.138443][ T5836] usb 1-1: USB disconnect, device number 35
[  174.533843][ T5836] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  174.686607][ T5836] usb 1-1: config 0 has no interfaces?
[  174.694638][ T5836] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  174.704037][ T5836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.712046][ T5836] usb 1-1: Product: syz
[  174.716481][ T5836] usb 1-1: Manufacturer: syz
[  174.721114][ T5836] usb 1-1: SerialNumber: syz
[  174.727755][ T5836] usb 1-1: config 0 descriptor??
[  175.170117][ T5936] usb 4-1: USB disconnect, device number 30
[  175.379594][ T7386] netlink: 'syz.3.391': attribute type 152 has an invalid length.
[  175.387739][ T7386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.391'.
[  175.998709][ T7389] netlink: 20 bytes leftover after parsing attributes in process `syz.1.392'.
[  176.070635][ T7392] IPv6: NLM_F_REPLACE set, but no existing node found!
[  176.165983][ T7394] netlink: 8 bytes leftover after parsing attributes in process `syz.3.393'.
[  176.475456][ T7399] netlink: 20 bytes leftover after parsing attributes in process `syz.1.395'.
[  176.498795][ T7399] netlink: 20 bytes leftover after parsing attributes in process `syz.1.395'.
[  176.545813][ T5885] usb 3-1: USB disconnect, device number 35
[  176.814853][ T7407] FAULT_INJECTION: forcing a failure.
[  176.814853][ T7407] name failslab, interval 1, probability 0, space 0, times 0
[  176.828138][ T7407] CPU: 0 UID: 0 PID: 7407 Comm: syz.3.398 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  176.828163][ T7407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  176.828173][ T7407] Call Trace:
[  176.828178][ T7407]  <TASK>
[  176.828184][ T7407]  dump_stack_lvl+0x241/0x360
[  176.828209][ T7407]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.828230][ T7407]  ? __pfx__printk+0x10/0x10
[  176.828250][ T7407]  ? __pfx___might_resched+0x10/0x10
[  176.828269][ T7407]  should_fail_ex+0x424/0x570
[  176.828291][ T7407]  should_failslab+0xac/0x100
[  176.828313][ T7407]  ? __get_vm_area_node+0x132/0x2d0
[  176.828328][ T7407]  __kmalloc_cache_node_noprof+0x74/0x3c0
[  176.828345][ T7407]  __get_vm_area_node+0x132/0x2d0
[  176.828361][ T7407]  __vmalloc_node_range_noprof+0x349/0x1390
[  176.828377][ T7407]  ? xstateregs_set+0x132/0x240
[  176.828403][ T7407]  ? kstrtoull+0x1d3/0x2f0
[  176.828425][ T7407]  ? __pfx_kstrtoull+0x10/0x10
[  176.828452][ T7407]  ? kstrtouint+0xfc/0x190
[  176.828463][ T7407]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  176.828481][ T7407]  ? __lock_acquire+0xad5/0xd80
[  176.828497][ T7407]  ? xstateregs_set+0x132/0x240
[  176.828518][ T7407]  vmalloc_noprof+0x79/0x90
[  176.828533][ T7407]  ? xstateregs_set+0x132/0x240
[  176.828553][ T7407]  xstateregs_set+0x132/0x240
[  176.828574][ T7407]  ? ptrace_regset+0x35e/0x410
[  176.828590][ T7407]  ptrace_request+0x12ca/0x2500
[  176.828608][ T7407]  ? __pfx_ptrace_request+0x10/0x10
[  176.828623][ T7407]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  176.828647][ T7407]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  176.828664][ T7407]  ? do_raw_spin_unlock+0x13c/0x8b0
[  176.828688][ T7407]  ? wait_task_inactive+0x41c/0x7d0
[  176.828714][ T7407]  ? ptrace_check_attach+0x2db/0x3a0
[  176.828734][ T7407]  arch_ptrace+0x2ce/0x410
[  176.828750][ T7407]  __se_sys_ptrace+0x152/0x440
[  176.828775][ T7407]  ? __pfx___se_sys_ptrace+0x10/0x10
[  176.828801][ T7407]  ? do_syscall_64+0xb6/0x230
[  176.828829][ T7407]  do_syscall_64+0xf3/0x230
[  176.828856][ T7407]  ? clear_bhb_loop+0x45/0xa0
[  176.828889][ T7407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.828902][ T7407] RIP: 0033:0x7fb8dc18d169
[  176.828913][ T7407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.828925][ T7407] RSP: 002b:00007fb8dcf87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  176.828939][ T7407] RAX: ffffffffffffffda RBX: 00007fb8dc3a5fa0 RCX: 00007fb8dc18d169
[  176.828949][ T7407] RDX: 0000000000000202 RSI: 000000000000010c RDI: 0000000000004205
[  176.828958][ T7407] RBP: 00007fb8dcf87090 R08: 0000000000000000 R09: 0000000000000000
[  176.828967][ T7407] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  176.828975][ T7407] R13: 0000000000000000 R14: 00007fb8dc3a5fa0 R15: 00007fb8dc4cfa28
[  176.828991][ T7407]  </TASK>
[  176.829141][ T7407] syz.3.398: vmalloc error: size 832, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  177.173928][ T7407] CPU: 0 UID: 0 PID: 7407 Comm: syz.3.398 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  177.173954][ T7407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  177.173965][ T7407] Call Trace:
[  177.173971][ T7407]  <TASK>
[  177.173978][ T7407]  dump_stack_lvl+0x241/0x360
[  177.174009][ T7407]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.174033][ T7407]  ? __pfx__printk+0x10/0x10
[  177.174054][ T7407]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  177.174077][ T7407]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  177.174095][ T7407]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  177.174115][ T7407]  warn_alloc+0x27c/0x410
[  177.174134][ T7407]  ? __pfx_warn_alloc+0x10/0x10
[  177.174153][ T7407]  ? __get_vm_area_node+0x280/0x2d0
[  177.174171][ T7407]  __vmalloc_node_range_noprof+0x36e/0x1390
[  177.174188][ T7407]  ? kstrtoull+0x1d3/0x2f0
[  177.174212][ T7407]  ? __pfx_kstrtoull+0x10/0x10
[  177.174237][ T7407]  ? kstrtouint+0xfc/0x190
[  177.174249][ T7407]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  177.174266][ T7407]  ? __lock_acquire+0xad5/0xd80
[  177.174281][ T7407]  ? xstateregs_set+0x132/0x240
[  177.174303][ T7407]  vmalloc_noprof+0x79/0x90
[  177.174317][ T7407]  ? xstateregs_set+0x132/0x240
[  177.174337][ T7407]  xstateregs_set+0x132/0x240
[  177.174357][ T7407]  ? ptrace_regset+0x35e/0x410
[  177.174374][ T7407]  ptrace_request+0x12ca/0x2500
[  177.174393][ T7407]  ? __pfx_ptrace_request+0x10/0x10
[  177.174408][ T7407]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  177.174425][ T7407]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  177.174442][ T7407]  ? do_raw_spin_unlock+0x13c/0x8b0
[  177.174464][ T7407]  ? wait_task_inactive+0x41c/0x7d0
[  177.174490][ T7407]  ? ptrace_check_attach+0x2db/0x3a0
[  177.174510][ T7407]  arch_ptrace+0x2ce/0x410
[  177.174525][ T7407]  __se_sys_ptrace+0x152/0x440
[  177.174542][ T7407]  ? __pfx___se_sys_ptrace+0x10/0x10
[  177.174560][ T7407]  ? do_syscall_64+0xb6/0x230
[  177.174580][ T7407]  do_syscall_64+0xf3/0x230
[  177.174598][ T7407]  ? clear_bhb_loop+0x45/0xa0
[  177.174619][ T7407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.174633][ T7407] RIP: 0033:0x7fb8dc18d169
[  177.174645][ T7407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.174658][ T7407] RSP: 002b:00007fb8dcf87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  177.174674][ T7407] RAX: ffffffffffffffda RBX: 00007fb8dc3a5fa0 RCX: 00007fb8dc18d169
[  177.174684][ T7407] RDX: 0000000000000202 RSI: 000000000000010c RDI: 0000000000004205
[  177.174693][ T7407] RBP: 00007fb8dcf87090 R08: 0000000000000000 R09: 0000000000000000
[  177.174702][ T7407] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  177.174711][ T7407] R13: 0000000000000000 R14: 00007fb8dc3a5fa0 R15: 00007fb8dc4cfa28
[  177.174728][ T7407]  </TASK>
[  177.174736][ T7407] Mem-Info:
[  177.466461][ T7407] active_anon:7211 inactive_anon:0 isolated_anon:0
[  177.466461][ T7407]  active_file:13458 inactive_file:38341 isolated_file:0
[  177.466461][ T7407]  unevictable:768 dirty:189 writeback:0
[  177.466461][ T7407]  slab_reclaimable:9817 slab_unreclaimable:99110
[  177.466461][ T7407]  mapped:35053 shmem:3228 pagetables:996
[  177.466461][ T7407]  sec_pagetables:0 bounce:0
[  177.466461][ T7407]  kernel_misc_reclaimable:0
[  177.466461][ T7407]  free:1319106 free_pcp:1447 free_cma:0
[  177.545117][ T7407] Node 0 active_anon:21744kB inactive_anon:0kB active_file:53832kB inactive_file:153292kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:140212kB dirty:752kB writeback:0kB shmem:4276kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11324kB pagetables:3684kB sec_pagetables:0kB all_unreclaimable? no
[  177.581859][ T5936] usb 1-1: USB disconnect, device number 36
[  177.604407][ T7407] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  177.651209][ T7407] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  177.705117][ T7407] lowmem_reserve[]: 0 2489 2490 2490 2490
[  177.711850][ T7407] Node 0 DMA32 free:1364400kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:21836kB inactive_anon:0kB active_file:53832kB inactive_file:152976kB unevictable:1536kB writepending:756kB present:3129332kB managed:2549588kB mlocked:0kB bounce:0kB free_pcp:1440kB local_pcp:804kB free_cma:0kB
[  177.748937][ T7407] lowmem_reserve[]: 0 0 0 0 0
[  177.822967][ T7407] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:316kB unevictable:0kB writepending:4kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  177.836578][ T7419] netlink: 72 bytes leftover after parsing attributes in process `syz.0.402'.
[  177.858498][ T7407] lowmem_reserve[]: 0 0 0 0 0
[  177.865335][ T7407] Node 1 Normal free:3909224kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  177.900981][ T7407] lowmem_reserve[]: 0 0 0 0 0
[  177.911151][ T7407] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  177.951056][ T7407] Node 0 DMA32: 271*4kB (U) 112*8kB (UME) 472*16kB (UME) 444*32kB (UME) 329*64kB (UME) 56*128kB (UME) 24*256kB (UME) 15*512kB (UME) 8*1024kB (UM) 6*2048kB (UME) 311*4096kB (UM) = 1360124kB
[  177.980288][ T7407] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  177.995880][ T7407] Node 1 Normal: 184*4kB (UME) 45*8kB (UME) 26*16kB (UME) 178*32kB (UME) 67*64kB (UME) 25*128kB (UME) 7*256kB (UM) 11*512kB (UME) 4*1024kB (UME) 6*2048kB (UE) 945*4096kB (UM) = 3909224kB
[  178.019038][ T7407] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  178.029011][ T7407] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  178.043844][ T7407] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  178.053549][ T7407] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  178.075318][ T7407] 54584 total pagecache pages
[  178.090047][ T7407] 0 pages in swap cache
[  178.103153][ T7407] Free swap  = 124708kB
[  178.118381][ T7407] Total swap = 124996kB
[  178.134405][ T7407] 2097051 pages RAM
[  178.148111][ T7407] 0 pages HighMem/MovableOnly
[  178.162886][ T7407] 427932 pages reserved
[  178.194831][ T7407] 0 pages cma reserved
[  178.688804][ T7413] netlink: 4 bytes leftover after parsing attributes in process `syz.1.399'.
[  178.762504][ T7413] netlink: 28 bytes leftover after parsing attributes in process `syz.1.399'.
[  178.794042][ T5936] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  179.028373][ T5936] usb 4-1: config 0 has no interfaces?
[  179.038981][ T5936] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  179.050685][ T5936] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.080550][ T5936] usb 4-1: Product: syz
[  179.101751][ T5936] usb 4-1: Manufacturer: syz
[  179.123465][ T5936] usb 4-1: SerialNumber: syz
[  179.172313][ T5936] usb 4-1: config 0 descriptor??
[  179.403864][ T5888] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  179.585134][ T5888] usb 1-1: config 0 has no interfaces?
[  179.607036][ T5888] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  179.623159][ T5888] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.632130][ T5888] usb 1-1: Product: syz
[  179.640523][ T5888] usb 1-1: Manufacturer: syz
[  179.645382][ T5888] usb 1-1: SerialNumber: syz
[  179.929458][ T5888] usb 1-1: config 0 descriptor??
[  180.027655][ T7435] fuse: Bad value for 'user_id'
[  180.035469][ T7435] fuse: Bad value for 'user_id'
[  180.141287][ T7438] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  180.393885][ T5936] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  180.544376][ T5936] usb 3-1: Using ep0 maxpacket: 8
[  180.551009][ T5936] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  180.560684][ T5936] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  180.571725][ T5936] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  180.582610][ T5936] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  180.592268][ T5936] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.600536][ T5936] usb 3-1: Manufacturer: ೵侻ਙȯﺨ╹沛�
[  180.816669][ T5936] usb 3-1: 0:2 : does not exist
[  180.841091][ T5936] usb 3-1: USB disconnect, device number 36
[  181.035091][ T5839] udevd[5839]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  181.121726][ T7443] netlink: 20 bytes leftover after parsing attributes in process `syz.1.409'.
[  181.131664][ T7443] netlink: 20 bytes leftover after parsing attributes in process `syz.1.409'.
[  181.362262][ T5890] usb 4-1: USB disconnect, device number 31
[  181.883816][ T5890] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  182.059231][ T5890] usb 4-1: device descriptor read/64, error -71
[  182.429059][  T840] usb 1-1: USB disconnect, device number 37
[  182.464080][ T5890] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  182.613920][ T5890] usb 4-1: device descriptor read/64, error -71
[  182.724155][ T5890] usb usb4-port1: attempt power cycle
[  183.363944][ T5890] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  183.447011][ T5890] usb 4-1: device descriptor read/8, error -71
[  183.613916][ T5888] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  183.703821][ T5890] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  183.736729][ T5890] usb 4-1: device descriptor read/8, error -71
[  183.784527][ T7470] netlink: 4 bytes leftover after parsing attributes in process `syz.1.419'.
[  183.808758][ T5888] usb 1-1: config 0 has no interfaces?
[  183.825245][ T7470] netlink: 28 bytes leftover after parsing attributes in process `syz.1.419'.
[  183.844277][ T5890] usb usb4-port1: unable to enumerate USB device
[  183.866629][ T5888] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  183.881157][ T5888] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.890237][ T5888] usb 1-1: Product: syz
[  183.897253][ T5888] usb 1-1: Manufacturer: syz
[  183.902118][ T5888] usb 1-1: SerialNumber: syz
[  183.913003][ T5888] usb 1-1: config 0 descriptor??
[  184.953859][ T5888] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  185.003910][ T5886] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  185.116132][ T5888] usb 3-1: config 0 has no interfaces?
[  185.123903][ T5888] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  185.133412][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.141791][ T5888] usb 3-1: Product: syz
[  185.146385][ T5888] usb 3-1: Manufacturer: syz
[  185.151193][ T5888] usb 3-1: SerialNumber: syz
[  185.157784][ T5888] usb 3-1: config 0 descriptor??
[  185.168932][ T5886] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  185.181204][ T5886] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  185.190431][ T5886] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  185.199707][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.211727][ T5886] usb 4-1: config 0 descriptor??
[  185.822896][ T5890] usb 1-1: USB disconnect, device number 38
[  187.509549][ T7513] netlink: 'syz.1.431': attribute type 1 has an invalid length.
[  187.614163][ T5886] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  187.706109][ T5888] usb 3-1: USB disconnect, device number 37
[  187.773975][ T5886] usb 1-1: Using ep0 maxpacket: 16
[  187.783520][ T5886] usb 1-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  187.797509][ T5886] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  187.808867][ T5886] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  187.818287][ T5886] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.826405][ T5886] usb 1-1: Product: syz
[  187.830625][ T5886] usb 1-1: Manufacturer: syz
[  187.835458][ T5886] usb 1-1: SerialNumber: syz
[  188.056501][ T5886] usb 1-1: 0:2 : does not exist
[  188.069887][ T5886] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  188.089712][ T5886] usb 1-1: USB disconnect, device number 39
[  188.114235][ T5888] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  188.253835][ T5888] usb 3-1: device descriptor read/64, error -71
[  188.294430][ T5839] udevd[5839]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  188.503898][ T5888] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  188.634598][ T5888] usb 3-1: device descriptor read/64, error -71
[  188.748378][ T5888] usb usb3-port1: attempt power cycle
[  189.038059][   T24] usb 4-1: USB disconnect, device number 36
[  189.115534][ T5888] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  189.134254][ T5888] usb 3-1: device descriptor read/8, error -71
[  189.373868][ T5888] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  189.394511][ T5888] usb 3-1: device descriptor read/8, error -71
[  189.584655][ T5888] usb usb3-port1: unable to enumerate USB device
[  189.736704][ T7526] netlink: 4 bytes leftover after parsing attributes in process `syz.3.434'.
[  189.821102][ T7527] netlink: 28 bytes leftover after parsing attributes in process `syz.3.434'.
[  189.930655][ T7526] team0 (unregistering): Port device team_slave_0 removed
[  189.952486][ T7526] team0 (unregistering): Port device team_slave_1 removed
[  190.323804][   T24] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  190.486545][   T24] usb 1-1: config 0 has no interfaces?
[  190.626095][   T24] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  190.645906][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.672383][   T24] usb 1-1: Product: syz
[  190.677140][   T24] usb 1-1: Manufacturer: syz
[  190.681767][   T24] usb 1-1: SerialNumber: syz
[  190.694868][   T24] usb 1-1: config 0 descriptor??
[  190.764911][ T7535] kvm: pic: non byte write
[  191.273821][   T24] usb 3-1: new full-speed USB device number 42 using dummy_hcd
[  191.445164][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  191.460057][   T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  191.476921][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  191.490683][   T24] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  191.502799][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.511379][   T24] usb 3-1: Product: syz
[  191.518896][   T24] usb 3-1: Manufacturer: syz
[  191.523665][   T24] usb 3-1: SerialNumber: syz
[  191.532739][   T24] usb 3-1: config 0 descriptor??
[  191.544799][ T7540] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  191.552228][ T7540] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  191.563676][   T24] usb 3-1: ucan: probing device on interface #0
[  192.179778][   T24] ucan 3-1:0.0 can0: registered device
[  192.304634][ T7546] veth1_macvtap: left promiscuous mode
[  192.310393][ T7546] macsec0: entered promiscuous mode
[  192.326751][ T7546] veth1_macvtap: entered promiscuous mode
[  192.332790][ T7546] macsec0: left promiscuous mode
[  192.352150][   T30] audit: type=1326 audit(1743281573.316:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.3.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8dc18d169 code=0x7ffc0000
[  192.377962][   T30] audit: type=1326 audit(1743281573.316:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.3.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fb8dc18d169 code=0x7ffc0000
[  192.400511][   T30] audit: type=1326 audit(1743281573.316:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.3.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8dc18d169 code=0x7ffc0000
[  192.538902][   T24] ucan 3-1:0.0 can0: firmware string: ÁÙ
[  192.549273][   T30] audit: type=1326 audit(1743281573.316:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.3.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8dc18d169 code=0x7ffc0000
[  192.571986][   T30] audit: type=1326 audit(1743281573.316:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.3.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7fb8dc18d169 code=0x7ffc0000
[  192.638507][   T30] audit: type=1326 audit(1743281573.316:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.3.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8dc18d169 code=0x7ffc0000
[  192.718844][   T30] audit: type=1326 audit(1743281573.316:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.3.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8dc18d169 code=0x7ffc0000
[  192.956138][ T5888] usb 1-1: USB disconnect, device number 40
[  193.543957][ T5888] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  193.718115][ T5888] usb 1-1: config 0 has no interfaces?
[  193.726404][ T5888] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  193.735845][ T5888] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.744182][ T5888] usb 1-1: Product: syz
[  193.748750][ T5888] usb 1-1: Manufacturer: syz
[  193.753462][ T5888] usb 1-1: SerialNumber: syz
[  193.760783][ T5888] usb 1-1: config 0 descriptor??
[  193.952546][ T5890] usb 3-1: USB disconnect, device number 42
[  193.958663][ T5506] ucan 3-1:0.0 can0: could not start device, code: -71
[  193.999649][ T5506] ucan 3-1:0.0 can0: could not reset device, code: -19
[  194.101570][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  194.109408][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  194.429156][ T7591] netlink: 'syz.1.446': attribute type 1 has an invalid length.
[  194.495871][ T7593] netlink: 20 bytes leftover after parsing attributes in process `syz.3.445'.
[  194.771701][ T7596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.447'.
[  195.153821][ T5888] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  195.314159][ T5888] usb 3-1: device descriptor read/64, error -71
[  195.553856][ T5888] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  195.633885][ T5886] usb 4-1: new full-speed USB device number 37 using dummy_hcd
[  195.694064][ T5888] usb 3-1: device descriptor read/64, error -71
[  195.817087][ T5888] usb usb3-port1: attempt power cycle
[  195.823786][ T5886] usb 4-1: unable to get BOS descriptor or descriptor too short
[  195.833440][ T5886] usb 4-1: unable to read config index 0 descriptor/start: -71
[  195.841172][ T5886] usb 4-1: can't read configurations, error -71
[  196.086583][ T5885] usb 1-1: USB disconnect, device number 41
[  196.164458][ T5888] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  196.184344][ T5888] usb 3-1: device descriptor read/8, error -71
[  196.373422][ T7615] veth1_macvtap: left promiscuous mode
[  196.379122][ T7615] macsec0: entered promiscuous mode
[  196.439172][ T7614] veth1_macvtap: entered promiscuous mode
[  196.447592][ T7614] macsec0: left promiscuous mode
[  196.465708][ T5888] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  196.504325][ T5888] usb 3-1: device descriptor read/8, error -71
[  196.553300][   T30] audit: type=1326 audit(1743281577.516:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a958d169 code=0x7ffc0000
[  196.584677][   T30] audit: type=1326 audit(1743281577.546:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f23a958d169 code=0x7ffc0000
[  196.614480][   T30] audit: type=1326 audit(1743281577.546:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.0.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a958d169 code=0x7ffc0000
[  196.624146][ T5888] usb usb3-port1: unable to enumerate USB device
[  196.923995][ T5886] usb 4-1: new full-speed USB device number 38 using dummy_hcd
[  197.109082][ T5886] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  197.120519][ T5886] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  197.138428][ T5886] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  197.154711][ T5886] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  197.167075][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.175270][ T5886] usb 4-1: Product: syz
[  197.179729][ T5886] usb 4-1: Manufacturer: syz
[  197.186913][ T5886] usb 4-1: SerialNumber: syz
[  197.192840][ T5886] usb 4-1: config 0 descriptor??
[  197.202090][ T7617] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  197.212184][ T7617] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  197.232282][ T5886] usb 4-1: ucan: probing device on interface #0
[  197.795214][ T7626] veth1_macvtap: left promiscuous mode
[  197.800909][ T7626] macsec0: entered promiscuous mode
[  197.816401][ T7626] veth1_macvtap: entered promiscuous mode
[  197.822700][ T7626] macsec0: left promiscuous mode
[  197.926883][ T5886] ucan 4-1:0.0 can0: registered device
[  197.936453][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  197.936469][   T30] audit: type=1326 audit(1743281578.906:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7623 comm="syz.1.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb7798d169 code=0x7ffc0000
[  197.968834][   T30] audit: type=1326 audit(1743281578.936:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7623 comm="syz.1.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb7798d169 code=0x7ffc0000
[  198.131861][ T5886] ucan 4-1:0.0 can0: firmware string: ÁÙ
[  199.422947][ T3084] usb 4-1: USB disconnect, device number 38
[  199.450735][ T7651] netlink: 40 bytes leftover after parsing attributes in process `syz.2.458'.
[  199.466398][ T7651] erspan0: entered promiscuous mode
[  199.471724][ T7651] erspan0: entered allmulticast mode
[  200.725037][ T5890] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  200.874144][ T5890] usb 1-1: Using ep0 maxpacket: 8
[  200.886820][ T5890] usb 1-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.899336][ T5890] usb 1-1: config 0 interface 0 has no altsetting 0
[  200.908837][ T5890] usb 1-1: New USB device found, idVendor=0458, idProduct=501b, bcdDevice= 0.00
[  200.919513][ T5890] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.938076][ T5890] usb 1-1: config 0 descriptor??
[  201.207291][ T7671] IPv6: Can't replace route, no match found
[  201.233922][  T840] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  201.244213][ T5886] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  201.363981][  T840] usb 3-1: device descriptor read/64, error -71
[  201.393864][ T5886] usb 4-1: Using ep0 maxpacket: 16
[  201.400619][ T5886] usb 4-1: config 53 has an invalid interface number: 240 but max is 0
[  201.409068][ T5886] usb 4-1: config 53 has an invalid descriptor of length 0, skipping remainder of the config
[  201.419303][ T5886] usb 4-1: config 53 has no interface number 0
[  201.422512][ T5890] kye 0003:0458:501B.0005: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  201.426600][ T5886] usb 4-1: config 53 interface 240 altsetting 0 has an endpoint descriptor with address 0xC2, changing to 0x82
[  201.443896][ T5890] kye 0003:0458:501B.0005: hidraw0: USB HID v3.ff Device [HID 0458:501b] on usb-dummy_hcd.0-1/input0
[  201.448049][ T5886] usb 4-1: config 53 interface 240 altsetting 0 endpoint 0x82 has invalid maxpacket 33307, setting to 1024
[  201.463025][ T5890] kye 0003:0458:501B.0005: tablet-enabling feature report not found
[  201.479037][ T5886] usb 4-1: config 53 interface 240 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  201.479066][ T5886] usb 4-1: config 53 interface 240 altsetting 0 has an endpoint descriptor with address 0x1F, changing to 0xF
[  201.479092][ T5886] usb 4-1: config 53 interface 240 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  201.479122][ T5886] usb 4-1: config 53 interface 240 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[  201.493499][ T5890] kye 0003:0458:501B.0005: tablet enabling failed
[  201.524882][ T5886] usb 4-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[  201.537717][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.545858][ T5886] usb 4-1: Product: syz
[  201.550349][ T5886] usb 4-1: Manufacturer: syz
[  201.555064][ T5886] usb 4-1: SerialNumber: syz
[  201.570391][ T7681] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  201.613874][  T840] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  201.735613][ T5890] usb 1-1: USB disconnect, device number 42
[  201.743926][  T840] usb 3-1: device descriptor read/64, error -71
[  201.854111][  T840] usb usb3-port1: attempt power cycle
[  202.132262][ T5886] kvaser_usb 4-1:53.240: error -ENODEV: Cannot get usb endpoint(s)
[  202.149609][ T5886] usb 4-1: USB disconnect, device number 39
[  202.194105][  T840] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  202.214263][  T840] usb 3-1: device descriptor read/8, error -71
[  202.453821][  T840] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  202.474401][  T840] usb 3-1: device descriptor read/8, error -71
[  202.586788][  T840] usb usb3-port1: unable to enumerate USB device
[  203.258515][ T7703] netlink: 20 bytes leftover after parsing attributes in process `syz.0.468'.
[  204.175132][ T7712] netlink: 12 bytes leftover after parsing attributes in process `syz.2.472'.
[  204.217414][ T7715] CUSE: zero length info key specified
[  204.563892][  T840] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  204.673839][    T9] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  204.715818][  T840] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 86, changing to 10
[  204.758449][  T840] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.768492][  T840] usb 4-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  204.785242][  T840] usb 4-1: config 0 interface 0 has no altsetting 0
[  204.792045][  T840] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  204.806578][  T840] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.819671][  T840] usb 4-1: config 0 descriptor??
[  204.903824][    T9] usb 3-1: Using ep0 maxpacket: 32
[  204.911849][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  204.929186][    T9] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  204.939320][    T9] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  204.948049][    T9] usb 3-1: Product: syz
[  204.952278][    T9] usb 3-1: Manufacturer: syz
[  204.957707][    T9] usb 3-1: SerialNumber: syz
[  204.968031][    T9] usb 3-1: config 0 descriptor??
[  204.977481][ T7732] netlink: 'syz.0.479': attribute type 5 has an invalid length.
[  204.978856][ T7723] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  204.997428][    T9] hub 3-1:0.0: bad descriptor, ignoring hub
[  205.003556][    T9] hub 3-1:0.0: probe with driver hub failed with error -5
[  205.031374][ T7721] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.064352][ T7721] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  205.108443][ T7721] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.131277][ T7734] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.142843][ T7721] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  205.169455][ T7734] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  205.426166][  T840] pyra 0003:1E7D:2C24.0006: reserved main item tag 0xd
[  205.438983][  T840] pyra 0003:1E7D:2C24.0006: hidraw0: USB HID v0.01 Device [HID 1e7d:2c24] on usb-dummy_hcd.3-1/input0
[  205.614267][ T5890] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  205.627828][ T7605] usb 4-1: USB disconnect, device number 40
[  205.743904][ T5890] usb 1-1: device descriptor read/64, error -71
[  205.974565][ T7753] futex_wake_op: syz.1.487 tries to shift op by 32; fix this program
[  205.988983][ T5890] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  206.123888][ T5890] usb 1-1: device descriptor read/64, error -71
[  206.222846][ T7756] FAULT_INJECTION: forcing a failure.
[  206.222846][ T7756] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.234083][ T5890] usb usb1-port1: attempt power cycle
[  206.236414][ T7756] CPU: 1 UID: 0 PID: 7756 Comm: syz.3.488 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  206.236445][ T7756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  206.236465][ T7756] Call Trace:
[  206.236473][ T7756]  <TASK>
[  206.236482][ T7756]  dump_stack_lvl+0x241/0x360
[  206.236533][ T7756]  ? __pfx_dump_stack_lvl+0x10/0x10
[  206.236565][ T7756]  ? __pfx__printk+0x10/0x10
[  206.236616][ T7756]  should_fail_ex+0x424/0x570
[  206.236652][ T7756]  _copy_from_user+0x2d/0xb0
[  206.236679][ T7756]  input_event_from_user+0x211/0x510
[  206.236715][ T7756]  ? __pfx_input_event_from_user+0x10/0x10
[  206.236749][ T7756]  ? input_inject_event+0xd9/0x360
[  206.236776][ T7756]  evdev_write+0x4c4/0x7d0
[  206.236810][ T7756]  ? __pfx_evdev_write+0x10/0x10
[  206.236840][ T7756]  ? bpf_lsm_file_permission+0x9/0x10
[  206.236874][ T7756]  ? rw_verify_area+0x246/0x630
[  206.236899][ T7756]  ? __pfx_evdev_write+0x10/0x10
[  206.236928][ T7756]  vfs_write+0x2bc/0xd10
[  206.236972][ T7756]  ? __pfx_vfs_write+0x10/0x10
[  206.236999][ T7756]  ? __fget_files+0x2a/0x420
[  206.237019][ T7756]  ? __fget_files+0x2a/0x420
[  206.237040][ T7756]  ? __fget_files+0x39d/0x420
[  206.237060][ T7756]  ? __fget_files+0x2a/0x420
[  206.237086][ T7756]  ksys_write+0x19d/0x2d0
[  206.237113][ T7756]  ? __pfx_ksys_write+0x10/0x10
[  206.237144][ T7756]  ? do_syscall_64+0xb6/0x230
[  206.237178][ T7756]  do_syscall_64+0xf3/0x230
[  206.237207][ T7756]  ? clear_bhb_loop+0x45/0xa0
[  206.237231][ T7756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.237253][ T7756] RIP: 0033:0x7fb8dc18d169
[  206.237277][ T7756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.237296][ T7756] RSP: 002b:00007fb8dcf66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  206.237326][ T7756] RAX: ffffffffffffffda RBX: 00007fb8dc3a6080 RCX: 00007fb8dc18d169
[  206.237341][ T7756] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000003
[  206.237356][ T7756] RBP: 00007fb8dcf66090 R08: 0000000000000000 R09: 0000000000000000
[  206.237371][ T7756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.237384][ T7756] R13: 0000000000000001 R14: 00007fb8dc3a6080 R15: 00007fb8dc4cfa28
[  206.237412][ T7756]  </TASK>
[  206.443947][ T5886] usb 3-1: USB disconnect, device number 51
[  206.793837][ T5890] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  206.814286][ T5890] usb 1-1: device descriptor read/8, error -71
[  207.056014][ T5890] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  207.104680][ T5890] usb 1-1: device descriptor read/8, error -71
[  207.173053][ T7767] netlink: 68 bytes leftover after parsing attributes in process `syz.2.493'.
[  207.224188][ T5890] usb usb1-port1: unable to enumerate USB device
[  207.368505][ T7775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.495'.
[  207.379832][ T7775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.495'.
[  208.461649][ T7787] netlink: 72 bytes leftover after parsing attributes in process `syz.3.500'.
[  208.501972][ T7787] FAULT_INJECTION: forcing a failure.
[  208.501972][ T7787] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  208.515548][ T7787] CPU: 0 UID: 0 PID: 7787 Comm: syz.3.500 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  208.515576][ T7787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  208.515589][ T7787] Call Trace:
[  208.515597][ T7787]  <TASK>
[  208.515605][ T7787]  dump_stack_lvl+0x241/0x360
[  208.515641][ T7787]  ? __pfx_dump_stack_lvl+0x10/0x10
[  208.515669][ T7787]  ? __pfx__printk+0x10/0x10
[  208.515703][ T7787]  should_fail_ex+0x424/0x570
[  208.515734][ T7787]  prepare_alloc_pages+0x1dd/0x5c0
[  208.515764][ T7787]  __alloc_frozen_pages_noprof+0x181/0x7b0
[  208.515793][ T7787]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  208.515824][ T7787]  ? __pfx_mod_objcg_state+0x10/0x10
[  208.515852][ T7787]  ? percpu_ref_get_many+0x19/0x140
[  208.515883][ T7787]  alloc_pages_mpol+0x339/0x690
[  208.515917][ T7787]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  208.515949][ T7787]  ? rcu_is_watching+0x15/0xb0
[  208.515975][ T7787]  alloc_pages_noprof+0x121/0x190
[  208.516006][ T7787]  kvm_vm_ioctl_create_vcpu+0x145/0x8b0
[  208.516038][ T7787]  kvm_vm_ioctl+0x8a0/0xd90
[  208.516065][ T7787]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  208.516097][ T7787]  ? kasan_quarantine_put+0xdc/0x230
[  208.516121][ T7787]  ? lockdep_hardirqs_on+0x9d/0x150
[  208.516154][ T7787]  ? tomoyo_path_number_perm+0x215/0x790
[  208.516177][ T7787]  ? tomoyo_path_number_perm+0x684/0x790
[  208.516200][ T7787]  ? tomoyo_path_number_perm+0x215/0x790
[  208.516221][ T7787]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  208.516245][ T7787]  ? ksys_write+0x24e/0x2d0
[  208.516275][ T7787]  ? __lock_acquire+0xad5/0xd80
[  208.516307][ T7787]  ? __fget_files+0x2a/0x420
[  208.516327][ T7787]  ? __fget_files+0x2a/0x420
[  208.516348][ T7787]  ? __fget_files+0x2a/0x420
[  208.516384][ T7787]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  208.516410][ T7787]  __se_sys_ioctl+0xf1/0x160
[  208.516437][ T7787]  do_syscall_64+0xf3/0x230
[  208.516464][ T7787]  ? clear_bhb_loop+0x45/0xa0
[  208.516488][ T7787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.516508][ T7787] RIP: 0033:0x7fb8dc18d169
[  208.516532][ T7787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.516550][ T7787] RSP: 002b:00007fb8dcf87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  208.516573][ T7787] RAX: ffffffffffffffda RBX: 00007fb8dc3a5fa0 RCX: 00007fb8dc18d169
[  208.516589][ T7787] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005
[  208.516601][ T7787] RBP: 00007fb8dcf87090 R08: 0000000000000000 R09: 0000000000000000
[  208.516614][ T7787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.516626][ T7787] R13: 0000000000000000 R14: 00007fb8dc3a5fa0 R15: 00007fb8dc4cfa28
[  208.516651][ T7787]  </TASK>
[  208.789609][    C0] vkms_vblank_simulate: vblank timer overrun
[  208.843215][ T7791] netlink: 40 bytes leftover after parsing attributes in process `syz.0.502'.
[  209.093325][ T7789] netlink: 8 bytes leftover after parsing attributes in process `syz.2.501'.
[  209.245002][ T7801] fuse: Unknown parameter ''
[  210.322258][ T7829] sch_tbf: burst 0 is lower than device veth1 mtu (1514) !
[  211.915179][ T7849] kvm: user requested TSC rate below hardware speed
[  211.935030][ T7849] kvm: user requested TSC rate below hardware speed
[  212.382666][ T7869] veth1_macvtap: left promiscuous mode
[  212.521362][ T7869] macsec0: entered promiscuous mode
[  212.598389][ T7872] FAULT_INJECTION: forcing a failure.
[  212.598389][ T7872] name failslab, interval 1, probability 0, space 0, times 0
[  212.855432][ T7868] veth1_macvtap: left promiscuous mode
[  212.864031][ T7872] CPU: 0 UID: 0 PID: 7872 Comm: syz.3.523 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  212.864062][ T7872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  212.864076][ T7872] Call Trace:
[  212.864084][ T7872]  <TASK>
[  212.864093][ T7872]  dump_stack_lvl+0x241/0x360
[  212.864130][ T7872]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.864160][ T7872]  ? __pfx__printk+0x10/0x10
[  212.864191][ T7872]  ? __pfx___might_resched+0x10/0x10
[  212.864219][ T7872]  should_fail_ex+0x424/0x570
[  212.864252][ T7872]  should_failslab+0xac/0x100
[  212.864285][ T7872]  __kmalloc_noprof+0xdf/0x4d0
[  212.864316][ T7872]  ? video_usercopy+0x204/0x1330
[  212.864346][ T7872]  video_usercopy+0x204/0x1330
[  212.864387][ T7872]  ? __pfx___video_do_ioctl+0x10/0x10
[  212.864414][ T7872]  ? __pfx_video_usercopy+0x10/0x10
[  212.864449][ T7872]  ? __fget_files+0x2a/0x420
[  212.864471][ T7872]  ? __fget_files+0x2a/0x420
[  212.864493][ T7872]  v4l2_ioctl+0x189/0x1e0
[  212.864518][ T7872]  ? __pfx_v4l2_ioctl+0x10/0x10
[  212.864544][ T7872]  __se_sys_ioctl+0xf1/0x160
[  212.864571][ T7872]  do_syscall_64+0xf3/0x230
[  212.864601][ T7872]  ? clear_bhb_loop+0x45/0xa0
[  212.864625][ T7872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.864645][ T7872] RIP: 0033:0x7fb8dc18d169
[  212.864663][ T7872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.864681][ T7872] RSP: 002b:00007fb8dcf87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  212.864705][ T7872] RAX: ffffffffffffffda RBX: 00007fb8dc3a5fa0 RCX: 00007fb8dc18d169
[  212.864720][ T7872] RDX: 0000200000003280 RSI: 00000000c100565c RDI: 0000000000000003
[  212.864734][ T7872] RBP: 00007fb8dcf87090 R08: 0000000000000000 R09: 0000000000000000
[  212.864746][ T7872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.864758][ T7872] R13: 0000000000000000 R14: 00007fb8dc3a5fa0 R15: 00007fb8dc4cfa28
[  212.864783][ T7872]  </TASK>
[  213.090160][ T7868] macsec0: entered promiscuous mode
[  213.123960][ T7870] veth1_macvtap: entered promiscuous mode
[  213.129859][ T7870] macsec0: left promiscuous mode
[  213.212084][   T30] audit: type=1326 audit(1743281594.146:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7862 comm="syz.2.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  213.318862][ T7873] veth1_macvtap: entered promiscuous mode
[  213.333113][ T7873] macsec0: left promiscuous mode
[  213.350403][   T30] audit: type=1326 audit(1743281594.146:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7862 comm="syz.2.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  213.407207][   T30] audit: type=1326 audit(1743281594.146:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7862 comm="syz.2.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  213.482642][   T30] audit: type=1326 audit(1743281594.146:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7862 comm="syz.2.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0eb8d169 code=0x7ffc0000
[  213.563876][   T30] audit: type=1326 audit(1743281594.166:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a958d169 code=0x7ffc0000
[  213.649282][   T30] audit: type=1326 audit(1743281594.166:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a958d169 code=0x7ffc0000
[  213.720522][   T30] audit: type=1326 audit(1743281594.166:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f23a958d169 code=0x7ffc0000
[  213.742690][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.764633][ T7888] pimreg3: entered allmulticast mode
[  213.779953][ T7887] pimreg3: left allmulticast mode
[  213.794522][   T30] audit: type=1326 audit(1743281594.166:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a958d169 code=0x7ffc0000
[  213.821549][   T30] audit: type=1326 audit(1743281594.166:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a958d169 code=0x7ffc0000
[  213.843741][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.853864][   T30] audit: type=1326 audit(1743281594.166:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.0.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f23a958d169 code=0x7ffc0000
[  213.855129][ T7889] netlink: 20 bytes leftover after parsing attributes in process `syz.3.525'.
[  213.886522][ T7889] netlink: 20 bytes leftover after parsing attributes in process `syz.3.525'.
[  214.045393][ T7891] FAULT_INJECTION: forcing a failure.
[  214.045393][ T7891] name failslab, interval 1, probability 0, space 0, times 0
[  214.093790][ T7891] CPU: 1 UID: 0 PID: 7891 Comm: syz.0.528 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  214.093822][ T7891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  214.093836][ T7891] Call Trace:
[  214.093843][ T7891]  <TASK>
[  214.093852][ T7891]  dump_stack_lvl+0x241/0x360
[  214.093888][ T7891]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.093917][ T7891]  ? __pfx__printk+0x10/0x10
[  214.093946][ T7891]  ? __pfx___might_resched+0x10/0x10
[  214.093975][ T7891]  should_fail_ex+0x424/0x570
[  214.094017][ T7891]  should_failslab+0xac/0x100
[  214.094050][ T7891]  kmem_cache_alloc_noprof+0x78/0x390
[  214.094081][ T7891]  ? security_inode_alloc+0x37/0x310
[  214.094110][ T7891]  security_inode_alloc+0x37/0x310
[  214.094136][ T7891]  inode_init_always_gfp+0xa0f/0xd90
[  214.094168][ T7891]  ? __pfx_proc_alloc_inode+0x10/0x10
[  214.094193][ T7891]  alloc_inode+0xa3/0x1b0
[  214.094223][ T7891]  new_inode+0x22/0x180
[  214.094245][ T7891]  proc_pid_make_inode+0x1f/0x130
[  214.094273][ T7891]  proc_pident_instantiate+0x76/0x2b0
[  214.094306][ T7891]  proc_pident_lookup+0x1c6/0x2a0
[  214.094336][ T7891]  ? __pfx_proc_tgid_base_lookup+0x10/0x10
[  214.094367][ T7891]  path_openat+0x11c3/0x35d0
[  214.094414][ T7891]  ? __pfx_path_openat+0x10/0x10
[  214.094436][ T7891]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.094471][ T7891]  do_filp_open+0x284/0x4e0
[  214.094497][ T7891]  ? __pfx_do_filp_open+0x10/0x10
[  214.094519][ T7891]  ? do_raw_spin_lock+0x151/0x370
[  214.094553][ T7891]  ? __pfx_kfree_link+0x10/0x10
[  214.094600][ T7891]  do_sys_openat2+0x12b/0x1d0
[  214.094621][ T7891]  ? __pfx_do_sys_openat2+0x10/0x10
[  214.094639][ T7891]  ? __fget_files+0x2a/0x420
[  214.094660][ T7891]  ? __fget_files+0x2a/0x420
[  214.094684][ T7891]  __x64_sys_openat+0x249/0x2a0
[  214.094705][ T7891]  ? __pfx___x64_sys_openat+0x10/0x10
[  214.094731][ T7891]  ? do_syscall_64+0xb6/0x230
[  214.094762][ T7891]  do_syscall_64+0xf3/0x230
[  214.094789][ T7891]  ? clear_bhb_loop+0x45/0xa0
[  214.094813][ T7891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.094833][ T7891] RIP: 0033:0x7f23a958bad0
[  214.094858][ T7891] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  214.094876][ T7891] RSP: 002b:00007f23aa3bff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  214.094898][ T7891] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f23a958bad0
[  214.094913][ T7891] RDX: 0000000000000002 RSI: 00007f23aa3bffa0 RDI: 00000000ffffff9c
[  214.094930][ T7891] RBP: 00007f23aa3bffa0 R08: 0000000000000000 R09: 0000000000000000
[  214.094943][ T7891] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  214.094955][ T7891] R13: 0000000000000000 R14: 00007f23a97a5fa0 R15: 00007f23a98cfa28
[  214.094981][ T7891]  </TASK>
[  214.375748][    C1] vkms_vblank_simulate: vblank timer overrun
[  214.484878][ T7893] openvswitch: netlink: nsh attribute has 65504 unknown bytes.
[  214.492542][ T7893] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  214.840071][ T7895] kvm: vcpu 0: requested 1792 ns lapic timer period limited to 200000 ns
[  214.850929][ T7903] input: syz0 as /devices/virtual/input/input11
[  215.879168][ T7920] netlink: 'syz.3.540': attribute type 1 has an invalid length.
[  216.424102][ T3084] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  216.565192][ T3084] usb 3-1: device descriptor read/64, error -71
[  216.628783][ T7936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.543'.
[  216.743282][ T7938] FAULT_INJECTION: forcing a failure.
[  216.743282][ T7938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.756581][ T7938] CPU: 0 UID: 0 PID: 7938 Comm: syz.0.544 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  216.756610][ T7938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  216.756623][ T7938] Call Trace:
[  216.756631][ T7938]  <TASK>
[  216.756640][ T7938]  dump_stack_lvl+0x241/0x360
[  216.756676][ T7938]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.756705][ T7938]  ? __pfx__printk+0x10/0x10
[  216.756740][ T7938]  should_fail_ex+0x424/0x570
[  216.756774][ T7938]  strncpy_from_user+0x36/0x280
[  216.756804][ T7938]  getname_flags+0xf0/0x530
[  216.756841][ T7938]  __x64_sys_mkdirat+0x7a/0xa0
[  216.756877][ T7938]  do_syscall_64+0xf3/0x230
[  216.756902][ T7938]  ? clear_bhb_loop+0x45/0xa0
[  216.756922][ T7938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.756939][ T7938] RIP: 0033:0x7f23a958b9d7
[  216.756955][ T7938] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.756971][ T7938] RSP: 002b:00007f23aa3bfe68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  216.756990][ T7938] RAX: ffffffffffffffda RBX: 00007f23aa3bfef0 RCX: 00007f23a958b9d7
[  216.757003][ T7938] RDX: 00000000000001ff RSI: 0000200000002080 RDI: 00000000ffffff9c
[  216.757015][ T7938] RBP: 0000200000002040 R08: 0000000000000000 R09: 0000000000000000
[  216.757026][ T7938] R10: 0000200000002040 R11: 0000000000000246 R12: 0000200000002080
[  216.757038][ T7938] R13: 00007f23aa3bfeb0 R14: 0000000000000000 R15: 0000200000000240
[  216.757059][ T7938]  </TASK>
[  216.863879][ T3084] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  216.872011][    C0] vkms_vblank_simulate: vblank timer overrun
[  216.928296][    C0] vkms_vblank_simulate: vblank timer overrun
[  216.934366][    C0] hrtimer: interrupt took 170664555 ns
[  217.034416][    C0] vkms_vblank_simulate: vblank timer overrun
[  217.103910][ T3084] usb 3-1: device descriptor read/64, error -71
[  217.224754][ T3084] usb usb3-port1: attempt power cycle
[  217.593940][ T3084] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  217.624642][ T3084] usb 3-1: device descriptor read/8, error -71
[  217.883923][ T3084] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  217.905357][ T3084] usb 3-1: device descriptor read/8, error -71
[  218.013977][ T3084] usb usb3-port1: unable to enumerate USB device
[  218.246197][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880616c3000: rx timeout, send abort
[  218.754509][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880616c3000: abort rx timeout. Force session deactivation
[  219.355695][ T5890] hid-generic C98F:0003:0000.0007: collection stack underflow
[  219.372453][ T5890] hid-generic C98F:0003:0000.0007: item 0 0 0 12 parsing failed
[  219.416000][ T5890] hid-generic C98F:0003:0000.0007: probe with driver hid-generic failed with error -22
[  220.489138][ T7967] netlink: 'syz.0.552': attribute type 6 has an invalid length.
[  220.539749][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  220.539767][   T30] audit: type=1326 audit(1743281601.506:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.0.552" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f23a958d169 code=0x7ffe0000
[  220.603244][ T7967] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.552'.
[  222.025124][ T7998] FAULT_INJECTION: forcing a failure.
[  222.025124][ T7998] name failslab, interval 1, probability 0, space 0, times 0
[  222.038174][ T7998] CPU: 1 UID: 0 PID: 7998 Comm: syz.2.563 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  222.038201][ T7998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  222.038214][ T7998] Call Trace:
[  222.038222][ T7998]  <TASK>
[  222.038247][ T7998]  dump_stack_lvl+0x241/0x360
[  222.038283][ T7998]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.038312][ T7998]  ? __pfx__printk+0x10/0x10
[  222.038341][ T7998]  ? __pfx___might_resched+0x10/0x10
[  222.038370][ T7998]  should_fail_ex+0x424/0x570
[  222.038402][ T7998]  should_failslab+0xac/0x100
[  222.038433][ T7998]  kmem_cache_alloc_noprof+0x78/0x390
[  222.038463][ T7998]  ? security_inode_alloc+0x37/0x310
[  222.038491][ T7998]  security_inode_alloc+0x37/0x310
[  222.038515][ T7998]  inode_init_always_gfp+0xa0f/0xd90
[  222.038547][ T7998]  ? __pfx_proc_alloc_inode+0x10/0x10
[  222.038572][ T7998]  alloc_inode+0xa3/0x1b0
[  222.038600][ T7998]  new_inode+0x22/0x180
[  222.038621][ T7998]  proc_pid_make_inode+0x1f/0x130
[  222.038655][ T7998]  proc_pident_instantiate+0x76/0x2b0
[  222.038686][ T7998]  proc_fill_cache+0x331/0x440
[  222.038715][ T7998]  ? __pfx_proc_pident_instantiate+0x10/0x10
[  222.038742][ T7998]  ? __pfx_proc_fill_cache+0x10/0x10
[  222.038777][ T7998]  ? get_pid_task+0x23/0x1f0
[  222.038805][ T7998]  ? get_pid_task+0x23/0x1f0
[  222.038832][ T7998]  proc_pident_readdir+0x380/0x4c0
[  222.038866][ T7998]  iterate_dir+0x5a9/0x760
[  222.038894][ T7998]  __se_sys_getdents64+0x1e4/0x4c0
[  222.038926][ T7998]  ? __pfx___se_sys_getdents64+0x10/0x10
[  222.038950][ T7998]  ? ksys_write+0x275/0x2d0
[  222.038971][ T7998]  ? __pfx_filldir64+0x10/0x10
[  222.039003][ T7998]  ? do_syscall_64+0xb6/0x230
[  222.039033][ T7998]  do_syscall_64+0xf3/0x230
[  222.039054][ T7998]  ? clear_bhb_loop+0x45/0xa0
[  222.039072][ T7998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.039087][ T7998] RIP: 0033:0x7fce0eb8d169
[  222.039101][ T7998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.039115][ T7998] RSP: 002b:00007fce0faa3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  222.039133][ T7998] RAX: ffffffffffffffda RBX: 00007fce0eda5fa0 RCX: 00007fce0eb8d169
[  222.039145][ T7998] RDX: 0000000000001000 RSI: 0000200000000f80 RDI: 0000000000000004
[  222.039155][ T7998] RBP: 00007fce0faa3090 R08: 0000000000000000 R09: 0000000000000000
[  222.039165][ T7998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.039175][ T7998] R13: 0000000000000000 R14: 00007fce0eda5fa0 R15: 00007fce0eecfa28
[  222.039194][ T7998]  </TASK>
[  222.743847][ T5888] usb 3-1: new full-speed USB device number 56 using dummy_hcd
[  222.953896][ T5888] usb 3-1: config 0 has no interfaces?
[  222.984709][ T5888] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  223.014346][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.040092][ T5888] usb 3-1: Product: syz
[  223.048614][ T5888] usb 3-1: Manufacturer: syz
[  223.053233][ T5888] usb 3-1: SerialNumber: syz
[  223.060600][ T5888] usb 3-1: config 0 descriptor??
[  224.423878][ T5888] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  224.832616][ T8031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.572'.
[  224.895070][ T8032] netlink: 12 bytes leftover after parsing attributes in process `syz.0.572'.
[  225.471541][    T9] usb 3-1: USB disconnect, device number 56
[  225.923806][ T5885] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  226.097809][ T5885] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  226.109786][ T5885] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  226.138584][ T5885] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  226.192233][ T5885] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  226.246952][ T5885] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  226.273624][ T5885] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  226.307106][ T5885] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  226.336999][ T5885] usb 1-1: Product: syz
[  226.348902][ T5885] usb 1-1: Manufacturer: syz
[  226.367466][ T5885] cdc_wdm 1-1:1.0: skipping garbage
[  226.374755][ T5885] cdc_wdm 1-1:1.0: skipping garbage
[  226.390132][ T5885] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  226.403045][ T5885] cdc_wdm 1-1:1.0: Unknown control protocol
[  226.569534][    C1] cdc_wdm 1-1:1.0: nonzero urb status received: -71
[  226.575034][ T5885] usb 1-1: USB disconnect, device number 47
[  226.576278][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes
[  226.588195][    C1] cdc_wdm 1-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  226.622680][ T8043] netlink: 20 bytes leftover after parsing attributes in process `syz.1.575'.
[  231.200450][ T5212] udevd[5212]: worker [6336] /devices/platform/dummy_hcd.1/usb2/2-1 is taking a long time
[  255.535393][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  255.541735][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  311.224818][   T31] INFO: task kworker/1:1:47 blocked for more than 143 seconds.
[  311.232403][   T31]       Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0
[  311.239910][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  311.248670][   T31] task:kworker/1:1     state:D stack:25808 pid:47    tgid:47    ppid:2      task_flags:0x4208060 flags:0x00004000
[  311.260851][   T31] Workqueue: events rfkill_sync_work
[  311.266268][   T31] Call Trace:
[  311.269559][   T31]  <TASK>
[  311.272482][   T31]  __schedule+0x1b88/0x5240
[  311.277145][   T31]  ? do_raw_spin_lock+0xb0/0x370
[  311.282104][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  311.287599][   T31]  ? schedule+0x163/0x360
[  311.291954][   T31]  ? __pfx___schedule+0x10/0x10
[  311.297030][   T31]  ? schedule+0x90/0x360
[  311.301309][   T31]  ? schedule+0x90/0x360
[  311.305828][   T31]  schedule+0x163/0x360
[  311.310127][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  311.314971][   T31]  schedule_preempt_disabled+0x13/0x30
[  311.320443][   T31]  __mutex_lock+0x805/0x10c0
[  311.325108][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  311.329901][   T31]  ? nfc_rfkill_set_block+0x50/0x310
[  311.335620][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  311.340688][   T31]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  311.347177][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  311.353702][   T31]  ? __lock_acquire+0xad5/0xd80
[  311.358584][   T31]  nfc_rfkill_set_block+0x50/0x310
[  311.363912][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  311.369664][   T31]  rfkill_set_block+0x1f1/0x440
[  311.374681][   T31]  rfkill_sync_work+0x12c/0x220
[  311.379570][   T31]  ? process_scheduled_works+0x9cb/0x18e0
[  311.385428][   T31]  process_scheduled_works+0xac3/0x18e0
[  311.391017][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  311.397068][   T31]  ? assign_work+0x367/0x3d0
[  311.401681][   T31]  worker_thread+0x870/0xd50
[  311.406561][   T31]  ? __kthread_parkme+0x1a8/0x200
[  311.411622][   T31]  ? __pfx_worker_thread+0x10/0x10
[  311.416845][   T31]  kthread+0x7b7/0x940
[  311.420946][   T31]  ? __pfx_worker_thread+0x10/0x10
[  311.426210][   T31]  ? __pfx_kthread+0x10/0x10
[  311.430831][   T31]  ? __pfx_kthread+0x10/0x10
[  311.435507][   T31]  ? __pfx_kthread+0x10/0x10
[  311.440170][   T31]  ? __pfx_kthread+0x10/0x10
[  311.444863][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  311.450092][   T31]  ? lockdep_hardirqs_on+0x9d/0x150
[  311.455596][   T31]  ? __pfx_kthread+0x10/0x10
[  311.460220][   T31]  ret_from_fork+0x4b/0x80
[  311.464825][   T31]  ? __pfx_kthread+0x10/0x10
[  311.469630][   T31]  ret_from_fork_asm+0x1a/0x30
[  311.474603][   T31]  </TASK>
[  311.477780][   T31] INFO: task syz-executor:5852 blocked for more than 143 seconds.
[  311.485741][   T31]       Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0
[  311.493071][   T31]       Blocked by coredump.
[  311.497734][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  311.506541][   T31] task:syz-executor    state:D stack:20904 pid:5852  tgid:5852  ppid:1      task_flags:0x40054c flags:0x00004006
[  311.518569][   T31] Call Trace:
[  311.521892][   T31]  <TASK>
[  311.524899][   T31]  __schedule+0x1b88/0x5240
[  311.529435][   T31]  ? __lock_acquire+0xa01/0xd80
[  311.534349][   T31]  ? schedule+0x163/0x360
[  311.538702][   T31]  ? __pfx___schedule+0x10/0x10
[  311.543564][   T31]  ? schedule+0x90/0x360
[  311.547926][   T31]  ? schedule+0x90/0x360
[  311.552212][   T31]  schedule+0x163/0x360
[  311.556459][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  311.561249][   T31]  schedule_preempt_disabled+0x13/0x30
[  311.566832][   T31]  __mutex_lock+0x805/0x10c0
[  311.571444][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  311.576294][   T31]  ? rfkill_unregister+0xd0/0x230
[  311.581346][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  311.586458][   T31]  ? __pfx_device_del+0x10/0x10
[  311.591330][   T31]  ? hci_sock_dev_event+0x480/0x660
[  311.596617][   T31]  rfkill_unregister+0xd0/0x230
[  311.601507][   T31]  hci_unregister_dev+0x366/0x510
[  311.606652][   T31]  vhci_release+0x80/0xd0
[  311.611030][   T31]  ? __pfx_vhci_release+0x10/0x10
[  311.616119][   T31]  __fput+0x3e9/0x9f0
[  311.620133][   T31]  task_work_run+0x251/0x310
[  311.624795][   T31]  ? __pfx_task_work_run+0x10/0x10
[  311.629938][   T31]  ? switch_task_namespaces+0xe4/0x110
[  311.635451][   T31]  do_exit+0xa11/0x2950
[  311.639643][   T31]  ? do_raw_spin_lock+0x151/0x370
[  311.644733][   T31]  ? __pfx_do_exit+0x10/0x10
[  311.649338][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  311.654762][   T31]  do_group_exit+0x207/0x2c0
[  311.659366][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  311.664659][   T31]  ? lockdep_hardirqs_on+0x9d/0x150
[  311.669889][   T31]  get_signal+0x1696/0x1730
[  311.674457][   T31]  ? __pfx_call_rcu+0x10/0x10
[  311.679150][   T31]  ? __pfx_get_signal+0x10/0x10
[  311.684056][   T31]  arch_do_signal_or_restart+0x98/0x840
[  311.689639][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  311.696029][   T31]  ? syscall_exit_to_user_mode+0xa3/0x340
[  311.701780][   T31]  syscall_exit_to_user_mode+0xce/0x340
[  311.707418][   T31]  do_syscall_64+0x100/0x230
[  311.712035][   T31]  ? clear_bhb_loop+0x45/0xa0
[  311.716922][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.722874][   T31] RIP: 0033:0x7f16e61833d7
[  311.727377][   T31] RSP: 002b:00007f16e64cfd80 EFLAGS: 00000293 ORIG_RAX: 000000000000003d
[  311.735894][   T31] RAX: fffffffffffffe00 RBX: 00000000000000a5 RCX: 00007f16e61833d7
[  311.743937][   T31] RDX: 0000000040000000 RSI: 00007f16e64cfdec RDI: 00000000ffffffff
[  311.751932][   T31] RBP: 00007f16e64cfdec R08: 0000000000000000 R09: 0000000000000000
[  311.760006][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000031
[  311.768071][   T31] R13: 0000555563797590 R14: 000000000002554e R15: 00007f16e64cfe40
[  311.776116][   T31]  </TASK>
[  311.779158][   T31] INFO: task kworker/1:6:5889 blocked for more than 143 seconds.
[  311.786943][   T31]       Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0
[  311.794279][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  311.802981][   T31] task:kworker/1:6     state:D stack:21536 pid:5889  tgid:5889  ppid:2      task_flags:0x4208060 flags:0x00004000
[  311.815029][   T31] Workqueue: events rfkill_global_led_trigger_worker
[  311.821736][   T31] Call Trace:
[  311.825066][   T31]  <TASK>
[  311.828014][   T31]  __schedule+0x1b88/0x5240
[  311.832550][   T31]  ? schedule+0x163/0x360
[  311.836941][   T31]  ? __pfx___schedule+0x10/0x10
[  311.841815][   T31]  ? schedule+0x90/0x360
[  311.846134][   T31]  ? schedule+0x90/0x360
[  311.850419][   T31]  schedule+0x163/0x360
[  311.857148][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  311.861960][   T31]  schedule_preempt_disabled+0x13/0x30
[  311.867516][   T31]  __mutex_lock+0x805/0x10c0
[  311.872197][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  311.877065][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[  311.883330][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  311.888417][   T31]  ? lockdep_hardirqs_on+0x9d/0x150
[  311.893743][   T31]  ? process_scheduled_works+0x9cb/0x18e0
[  311.899480][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[  311.905641][   T31]  ? process_scheduled_works+0x9cb/0x18e0
[  311.911397][   T31]  process_scheduled_works+0xac3/0x18e0
[  311.917071][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  311.923091][   T31]  ? assign_work+0x367/0x3d0
[  311.927876][   T31]  worker_thread+0x870/0xd50
[  311.932516][   T31]  ? __kthread_parkme+0x1a8/0x200
[  311.937779][   T31]  ? __pfx_worker_thread+0x10/0x10
[  311.942914][   T31]  kthread+0x7b7/0x940
[  311.947089][   T31]  ? __pfx_worker_thread+0x10/0x10
[  311.952224][   T31]  ? __pfx_kthread+0x10/0x10
[  311.956882][   T31]  ? __pfx_kthread+0x10/0x10
[  311.961500][   T31]  ? __pfx_kthread+0x10/0x10
[  311.966154][   T31]  ? __pfx_kthread+0x10/0x10
[  311.970771][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  311.976147][   T31]  ? lockdep_hardirqs_on+0x9d/0x150
[  311.981380][   T31]  ? __pfx_kthread+0x10/0x10
[  311.986073][   T31]  ret_from_fork+0x4b/0x80
[  311.990513][   T31]  ? __pfx_kthread+0x10/0x10
[  311.995274][   T31]  ret_from_fork_asm+0x1a/0x30
[  312.000064][   T31]  </TASK>
[  312.003093][   T31] INFO: task kworker/0:8:5943 blocked for more than 144 seconds.
[  312.011200][   T31]       Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0
[  312.018576][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  312.027622][   T31] task:kworker/0:8     state:D stack:20984 pid:5943  tgid:5943  ppid:2      task_flags:0x4208060 flags:0x00004000
[  312.040203][   T31] Workqueue: usb_hub_wq hub_event
[  312.045382][   T31] Call Trace:
[  312.048681][   T31]  <TASK>
[  312.051620][   T31]  __schedule+0x1b88/0x5240
[  312.056643][   T31]  ? schedule+0x163/0x360
[  312.061022][   T31]  ? __pfx___schedule+0x10/0x10
[  312.065982][   T31]  ? schedule+0x90/0x360
[  312.070249][   T31]  ? schedule+0x90/0x360
[  312.074550][   T31]  schedule+0x163/0x360
[  312.078746][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  312.083508][   T31]  schedule_preempt_disabled+0x13/0x30
[  312.089045][   T31]  __mutex_lock+0x805/0x10c0
[  312.093727][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  312.098552][   T31]  ? rfkill_register+0x34/0x8c0
[  312.103579][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  312.108694][   T31]  rfkill_register+0x34/0x8c0
[  312.113400][   T31]  hci_register_dev+0x407/0x8b0
[  312.118329][   T31]  btusb_probe+0x2cd8/0x30a0
[  312.122941][   T31]  ? __pfx_btusb_probe+0x10/0x10
[  312.127922][   T31]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  312.134012][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  312.140387][   T31]  ? usb_disable_lpm+0x77/0x380
[  312.145317][   T31]  usb_probe_interface+0x650/0xbc0
[  312.150469][   T31]  ? __pfx_usb_probe_interface+0x10/0x10
[  312.156162][   T31]  really_probe+0x2b9/0xad0
[  312.160699][   T31]  __driver_probe_device+0x1a2/0x390
[  312.166054][   T31]  driver_probe_device+0x50/0x430
[  312.171111][   T31]  __device_attach_driver+0x2d6/0x530
[  312.176722][   T31]  bus_for_each_drv+0x258/0x2e0
[  312.181611][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  312.187572][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  312.192973][   T31]  __device_attach+0x341/0x530
[  312.197879][   T31]  ? __pfx___device_attach+0x10/0x10
[  312.203403][   T31]  ? do_raw_spin_unlock+0x13c/0x8b0
[  312.210486][   T31]  bus_probe_device+0x189/0x260
[  312.215485][   T31]  device_add+0x856/0xbf0
[  312.219873][   T31]  usb_set_configuration+0x1999/0x1fe0
[  312.225420][   T31]  usb_generic_driver_probe+0x88/0x140
[  312.230912][   T31]  usb_probe_device+0x1b8/0x380
[  312.235847][   T31]  ? __pfx_usb_probe_device+0x10/0x10
[  312.241254][   T31]  really_probe+0x2b9/0xad0
[  312.246265][   T31]  __driver_probe_device+0x1a2/0x390
[  312.251600][   T31]  driver_probe_device+0x50/0x430
[  312.258338][   T31]  __device_attach_driver+0x2d6/0x530
[  312.264036][   T31]  bus_for_each_drv+0x258/0x2e0
[  312.268925][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  312.274922][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  312.280337][   T31]  __device_attach+0x341/0x530
[  312.285198][   T31]  ? __pfx___device_attach+0x10/0x10
[  312.290538][   T31]  bus_probe_device+0x189/0x260
[  312.295525][   T31]  device_add+0x856/0xbf0
[  312.299901][   T31]  usb_new_device+0x1052/0x19a0
[  312.304846][   T31]  ? __pfx_usb_new_device+0x10/0x10
[  312.310073][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  312.315350][   T31]  ? lockdep_hardirqs_on+0x9d/0x150
[  312.320575][   T31]  hub_event+0x2bfd/0x50f0
[  312.325114][   T31]  ? __pfx_hub_event+0x10/0x10
[  312.329909][   T31]  ? __lock_acquire+0xad5/0xd80
[  312.334876][   T31]  ? process_scheduled_works+0x9cb/0x18e0
[  312.340620][   T31]  process_scheduled_works+0xac3/0x18e0
[  312.346627][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  312.352657][   T31]  ? assign_work+0x367/0x3d0
[  312.357331][   T31]  worker_thread+0x870/0xd50
[  312.361955][   T31]  ? __kthread_parkme+0x1a8/0x200
[  312.367279][   T31]  ? __pfx_worker_thread+0x10/0x10
[  312.372449][   T31]  kthread+0x7b7/0x940
[  312.376597][   T31]  ? __pfx_worker_thread+0x10/0x10
[  312.381816][   T31]  ? __pfx_kthread+0x10/0x10
[  312.386458][   T31]  ? __pfx_kthread+0x10/0x10
[  312.391085][   T31]  ? __pfx_kthread+0x10/0x10
[  312.395755][   T31]  ? __pfx_kthread+0x10/0x10
[  312.400372][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  312.405673][   T31]  ? lockdep_hardirqs_on+0x9d/0x150
[  312.410895][   T31]  ? __pfx_kthread+0x10/0x10
[  312.415592][   T31]  ret_from_fork+0x4b/0x80
[  312.420139][   T31]  ? __pfx_kthread+0x10/0x10
[  312.424801][   T31]  ret_from_fork_asm+0x1a/0x30
[  312.429604][   T31]  </TASK>
[  312.432643][   T31] INFO: task udevd:6336 blocked for more than 144 seconds.
[  312.439948][   T31]       Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0
[  312.447279][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  312.456041][   T31] task:udevd           state:D stack:23336 pid:6336  tgid:6336  ppid:5212   task_flags:0x400140 flags:0x00004002
[  312.468216][   T31] Call Trace:
[  312.471493][   T31]  <TASK>
[  312.474497][   T31]  __schedule+0x1b88/0x5240
[  312.479029][   T31]  ? schedule+0x163/0x360
[  312.483403][   T31]  ? __pfx___schedule+0x10/0x10
[  312.488346][   T31]  ? schedule+0x90/0x360
[  312.492613][   T31]  ? schedule+0x90/0x360
[  312.496922][   T31]  schedule+0x163/0x360
[  312.501101][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  312.505938][   T31]  schedule_preempt_disabled+0x13/0x30
[  312.511428][   T31]  __mutex_lock+0x805/0x10c0
[  312.516107][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  312.520896][   T31]  ? uevent_show+0x17d/0x340
[  312.525565][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  312.530643][   T31]  ? __kasan_kmalloc+0x9d/0xb0
[  312.535520][   T31]  ? uevent_show+0x163/0x340
[  312.540160][   T31]  uevent_show+0x17d/0x340
[  312.544680][   T31]  dev_attr_show+0x55/0xc0
[  312.549129][   T31]  ? __pfx_dev_attr_show+0x10/0x10
[  312.554465][   T31]  sysfs_kf_seq_show+0x331/0x4c0
[  312.559439][   T31]  seq_read_iter+0x461/0xda0
[  312.564118][   T31]  vfs_read+0x9a0/0xb90
[  312.568302][   T31]  ? __pfx_vfs_read+0x10/0x10
[  312.573070][   T31]  ksys_read+0x19d/0x2d0
[  312.577491][   T31]  ? __pfx_ksys_read+0x10/0x10
[  312.582283][   T31]  ? do_syscall_64+0xb6/0x230
[  312.587047][   T31]  do_syscall_64+0xf3/0x230
[  312.591575][   T31]  ? clear_bhb_loop+0x45/0xa0
[  312.596327][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.602263][   T31] RIP: 0033:0x7f6a89116b6a
[  312.606718][   T31] RSP: 002b:00007ffc7cc78258 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  312.615221][   T31] RAX: ffffffffffffffda RBX: 0000563598ac5180 RCX: 00007f6a89116b6a
[  312.623207][   T31] RDX: 0000000000001000 RSI: 0000563598b50eb0 RDI: 0000000000000008
[  312.631254][   T31] RBP: 0000563598ac5180 R08: 0000000000000008 R09: 0000000000000080
[  312.639288][   T31] R10: 000000000000010f R11: 0000000000000246 R12: 0000000000000000
[  312.647360][   T31] R13: 0000000000003fff R14: 00007ffc7cc78738 R15: 000000000000000a
[  312.655408][   T31]  </TASK>
[  312.658440][   T31] INFO: task syz.4.325:7119 blocked for more than 144 seconds.
[  312.666157][   T31]       Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0
[  312.673446][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  312.682202][   T31] task:syz.4.325       state:D stack:25928 pid:7119  tgid:7118  ppid:5852   task_flags:0x400040 flags:0x00004004
[  312.694240][   T31] Call Trace:
[  312.697541][   T31]  <TASK>
[  312.700488][   T31]  __schedule+0x1b88/0x5240
[  312.705104][   T31]  ? schedule+0x163/0x360
[  312.709469][   T31]  ? __pfx___schedule+0x10/0x10
[  312.714394][   T31]  ? register_lock_class+0x54/0x330
[  312.719595][   T31]  ? schedule+0x90/0x360
[  312.723886][   T31]  ? schedule+0x90/0x360
[  312.728148][   T31]  schedule+0x163/0x360
[  312.732304][   T31]  schedule_timeout+0xb1/0x2b0
[  312.737253][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  312.742656][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  312.747903][   T31]  ? lockdep_hardirqs_on+0x9d/0x150
[  312.753123][   T31]  ? wait_for_completion+0x2d4/0x600
[  312.758477][   T31]  wait_for_completion+0x32f/0x600
[  312.763612][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  312.769392][   T31]  ? __flush_work+0xee/0xc60
[  312.774064][   T31]  __flush_work+0xa48/0xc60
[  312.778577][   T31]  ? __flush_work+0xee/0xc60
[  312.783159][   T31]  ? __pfx___flush_work+0x10/0x10
[  312.788227][   T31]  ? __pfx_wq_barrier_func+0x10/0x10
[  312.793534][   T31]  ? __pfx___cancel_work+0x10/0x10
[  312.798698][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  312.803900][   T31]  ? nfc_genl_device_removed+0x266/0x380
[  312.809564][   T31]  __cancel_work_sync+0xbc/0x110
[  312.814645][   T31]  rfkill_unregister+0x96/0x230
[  312.819765][   T31]  nfc_unregister_device+0x96/0x2a0
[  312.825028][   T31]  virtual_ncidev_close+0x56/0x90
[  312.830063][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  312.835864][   T31]  __fput+0x3e9/0x9f0
[  312.839871][   T31]  task_work_run+0x251/0x310
[  312.844519][   T31]  ? _raw_spin_unlock+0x28/0x50
[  312.849409][   T31]  ? __pfx_task_work_run+0x10/0x10
[  312.854627][   T31]  ? syscall_exit_to_user_mode+0xa3/0x340
[  312.860385][   T31]  syscall_exit_to_user_mode+0x13f/0x340
[  312.866092][   T31]  do_syscall_64+0x100/0x230
[  312.870711][   T31]  ? clear_bhb_loop+0x45/0xa0
[  312.875509][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.881432][   T31] RIP: 0033:0x7f16e618d169
[  312.885905][   T31] RSP: 002b:00007f16e7013038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  312.894416][   T31] RAX: 0000000000000000 RBX: 00007f16e63a5fa0 RCX: 00007f16e618d169
[  312.902487][   T31] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003
[  312.910508][   T31] RBP: 00007f16e620e2a0 R08: 0000000000000000 R09: 0000000000000000
[  312.918519][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  312.926642][   T31] R13: 0000000000000000 R14: 00007f16e63a5fa0 R15: 00007f16e64cfa28
[  312.934716][   T31]  </TASK>
[  312.937796][   T31] INFO: task syz-executor:7285 blocked for more than 145 seconds.
[  312.945675][   T31]       Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0
[  312.952966][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  312.961693][   T31] task:syz-executor    state:D stack:23720 pid:7285  tgid:7285  ppid:5824   task_flags:0x400000 flags:0x00004004
[  312.974143][   T31] Call Trace:
[  312.977443][   T31]  <TASK>
[  312.980383][   T31]  __schedule+0x1b88/0x5240
[  312.984927][   T31]  ? __lock_acquire+0xa01/0xd80
[  312.989791][   T31]  ? schedule+0x163/0x360
[  312.994165][   T31]  ? __pfx___schedule+0x10/0x10
[  312.999041][   T31]  ? schedule+0x90/0x360
[  313.003284][   T31]  ? schedule+0x90/0x360
[  313.007610][   T31]  schedule+0x163/0x360
[  313.011787][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  313.016631][   T31]  schedule_preempt_disabled+0x13/0x30
[  313.022111][   T31]  __mutex_lock+0x805/0x10c0
[  313.026792][   T31]  ? __mutex_lock+0x5f3/0x10c0
[  313.031607][   T31]  ? rfkill_register+0x34/0x8c0
[  313.036521][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  313.041576][   T31]  ? device_initialize+0x266/0x460
[  313.046767][   T31]  rfkill_register+0x34/0x8c0
[  313.051469][   T31]  hci_register_dev+0x407/0x8b0
[  313.056406][   T31]  vhci_create_device+0x38b/0x6e0
[  313.061485][   T31]  vhci_write+0x3c8/0x4a0
[  313.066423][   T31]  vfs_write+0x70f/0xd10
[  313.070704][   T31]  ? __pfx_vhci_write+0x10/0x10
[  313.075697][   T31]  ? __pfx_vfs_write+0x10/0x10
[  313.080495][   T31]  ksys_write+0x19d/0x2d0
[  313.084879][   T31]  ? __pfx_ksys_write+0x10/0x10
[  313.089743][   T31]  ? do_syscall_64+0xb6/0x230
[  313.094498][   T31]  do_syscall_64+0xf3/0x230
[  313.099020][   T31]  ? clear_bhb_loop+0x45/0xa0
[  313.103760][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.109672][   T31] RIP: 0033:0x7fd42098bbe0
[  313.114148][   T31] RSP: 002b:00007ffd70d9ee98 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  313.122581][   T31] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fd42098bbe0
[  313.130726][   T31] RDX: 0000000000000002 RSI: 00007ffd70d9eeaa RDI: 00000000000000ca
[  313.138765][   T31] RBP: 00007fd420ba6738 R08: 00000000000000d7 R09: 0000000000000000
[  313.146791][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[  313.154840][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  313.162830][   T31]  </TASK>
[  313.165951][   T31] 
[  313.165951][   T31] Showing all locks held in the system:
[  313.173743][   T31] 1 lock held by khungtaskd/31:
[  313.178595][   T31]  #0: ffffffff8ed3a2a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x30/0x180
[  313.188707][   T31] 4 locks held by kworker/1:1/47:
[  313.193816][   T31]  #0: ffff88801b080d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0
[  313.204893][   T31]  #1: ffffc90000b87c60 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0
[  313.217406][   T31]  #2: ffffffff903cd9c8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x23/0x220
[  313.227677][   T31]  #3: ffff88802e973100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x310
[  313.237475][   T31] 5 locks held by kworker/u8:3/53:
[  313.242639][   T31] 2 locks held by getty/5597:
[  313.247381][   T31]  #0: ffff88814d3bf0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  313.257234][   T31]  #1: ffffc9000334b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x53d/0x16b0
[  313.267438][   T31] 1 lock held by syz-executor/5852:
[  313.272646][   T31]  #0: ffffffff903cd9c8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xd0/0x230
[  313.282833][   T31] 3 locks held by kworker/1:6/5889:
[  313.288076][   T31]  #0: ffff88801b080d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0
[  313.299320][   T31]  #1: ffffc9000425fc60 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0
[  313.313148][   T31]  #2: ffffffff903cd9c8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[  313.324631][   T31] 6 locks held by kworker/0:8/5943:
[  313.329841][   T31]  #0: ffff888020ec2548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x990/0x18e0
[  313.341421][   T31]  #1: ffffc900043f7c60 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9cb/0x18e0
[  313.353349][   T31]  #2: ffff888028f23190 (&dev->mutex){....}-{4:4}, at: hub_event+0x200/0x50f0
[  313.362307][   T31]  #3: ffff88805c032190 (&dev->mutex){....}-{4:4}, at: __device_attach+0x90/0x530
[  313.371647][   T31]  #4: ffff888029fb0160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x90/0x530
[  313.381003][   T31]  #5: ffffffff903cd9c8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x34/0x8c0
[  313.391217][   T31] 4 locks held by udevd/6336:
[  313.396224][   T31]  #0: ffff88802e6729e0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb4/0xda0
[  313.405149][   T31]  #1: ffff888021f42888 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x53/0x3b0
[  313.414626][   T31]  #2: ffff888028fb7008 (kn->active#5){.+.+}-{0:0}, at: kernfs_seq_start+0x72/0x3b0
[  313.424119][   T31]  #3: ffff88805c032190 (&dev->mutex){....}-{4:4}, at: uevent_show+0x17d/0x340
[  313.433129][   T31] 1 lock held by syz.4.325/7119:
[  313.438101][   T31]  #0: ffff88802e973100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[  313.447972][   T31] 2 locks held by syz-executor/7285:
[  313.453250][   T31]  #0: ffff88802afe3918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  313.463335][   T31]  #1: ffffffff903cd9c8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x34/0x8c0
[  313.473489][   T31] 
[  313.475881][   T31] =============================================
[  313.475881][   T31] 
[  313.484362][   T31] NMI backtrace for cpu 0
[  313.484374][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  313.484391][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  313.484400][   T31] Call Trace:
[  313.484406][   T31]  <TASK>
[  313.484412][   T31]  dump_stack_lvl+0x241/0x360
[  313.484437][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.484457][   T31]  ? __pfx__printk+0x10/0x10
[  313.484481][   T31]  nmi_cpu_backtrace+0x4ab/0x4e0
[  313.484500][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  313.484514][   T31]  ? _printk+0xd5/0x120
[  313.484532][   T31]  ? __wake_up_klogd+0xcc/0x110
[  313.484553][   T31]  ? __pfx__printk+0x10/0x10
[  313.484572][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  313.484588][   T31]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  313.484606][   T31]  watchdog+0x1058/0x10a0
[  313.484620][   T31]  ? watchdog+0x1ea/0x10a0
[  313.484635][   T31]  ? __pfx_watchdog+0x10/0x10
[  313.484647][   T31]  kthread+0x7b7/0x940
[  313.484667][   T31]  ? __pfx_watchdog+0x10/0x10
[  313.484680][   T31]  ? __pfx_kthread+0x10/0x10
[  313.484697][   T31]  ? __pfx_kthread+0x10/0x10
[  313.484715][   T31]  ? __pfx_kthread+0x10/0x10
[  313.484733][   T31]  ? __pfx_kthread+0x10/0x10
[  313.484750][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  313.484766][   T31]  ? lockdep_hardirqs_on+0x9d/0x150
[  313.484784][   T31]  ? __pfx_kthread+0x10/0x10
[  313.484802][   T31]  ret_from_fork+0x4b/0x80
[  313.484817][   T31]  ? __pfx_kthread+0x10/0x10
[  313.484835][   T31]  ret_from_fork_asm+0x1a/0x30
[  313.484855][   T31]  </TASK>
[  313.484860][   T31] Sending NMI from CPU 0 to CPUs 1:
[  313.645752][    C1] NMI backtrace for cpu 1
[  313.645770][    C1] CPU: 1 UID: 0 PID: 3590 Comm: kworker/u8:9 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  313.645791][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  313.645803][    C1] Workqueue: events_unbound toggle_allocation_gate
[  313.645835][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x37/0x70
[  313.645862][    C1] Code: 08 70 66 93 65 8b 15 78 d5 a2 11 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 3c 16 00 00 00 74 2c 8b 91 18 16 00 00 <83> fa 02 75 21 48 8b 91 20 16 00 00 48 8b 32 48 8d 7e 01 8b 89 1c
[  313.645877][    C1] RSP: 0018:ffffc9000cc574f8 EFLAGS: 00000046
[  313.645892][    C1] RAX: ffffffff816058ce RBX: ffff88801b070000 RCX: ffff888032d51e00
[  313.645905][    C1] RDX: 0000000000000000 RSI: ffffffff8ee40880 RDI: ffff88801b070000
[  313.645917][    C1] RBP: ffffc9000cc57590 R08: ffffffff8ee41063 R09: 1ffffffff1dc820c
[  313.645929][    C1] R10: dffffc0000000000 R11: fffffbfff1dc820d R12: dffffc0000000000
[  313.645942][    C1] R13: 1ffff9200198aea0 R14: ffffffff8ee40880 R15: 0000000000000000
[  313.645954][    C1] FS:  0000000000000000(0000) GS:ffff8881250b9000(0000) knlGS:0000000000000000
[  313.645968][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  313.645980][    C1] CR2: 0000564cffac0680 CR3: 000000000eb38000 CR4: 00000000003526f0
[  313.645995][    C1] Call Trace:
[  313.646001][    C1]  <NMI>
[  313.646009][    C1]  ? nmi_cpu_backtrace+0x3d1/0x4e0
[  313.646030][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  313.646048][    C1]  ? look_up_lock_class+0x7b/0x170
[  313.646071][    C1]  ? lock_acquire+0x1fc/0x2f0
[  313.646090][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  313.646107][    C1]  ? nmi_handle+0x196/0x5e0
[  313.646127][    C1]  ? nmi_handle+0x7e/0x5e0
[  313.646148][    C1]  ? __sanitizer_cov_trace_pc+0x37/0x70
[  313.646173][    C1]  ? default_do_nmi+0x63/0x160
[  313.646189][    C1]  ? exc_nmi+0x123/0x1f0
[  313.646205][    C1]  ? end_repeat_nmi+0xf/0x53
[  313.646224][    C1]  ? switch_ldt+0x6e/0x280
[  313.646245][    C1]  ? __sanitizer_cov_trace_pc+0x37/0x70
[  313.646269][    C1]  ? __sanitizer_cov_trace_pc+0x37/0x70
[  313.646294][    C1]  ? __sanitizer_cov_trace_pc+0x37/0x70
[  313.646318][    C1]  </NMI>
[  313.646323][    C1]  <TASK>
[  313.646329][    C1]  switch_ldt+0x6e/0x280
[  313.646350][    C1]  ? __pfx_switch_ldt+0x10/0x10
[  313.646371][    C1]  ? rcu_is_watching+0x15/0xb0
[  313.646393][    C1]  switch_mm_irqs_off+0x67d/0xb00
[  313.646419][    C1]  ? __pfx_switch_mm_irqs_off+0x10/0x10
[  313.646442][    C1]  ? kasan_check_range+0x191/0x2a0
[  313.646466][    C1]  ? text_poke_memcpy+0x25/0x30
[  313.646489][    C1]  ? __asan_memcpy+0x40/0x70
[  313.646509][    C1]  __text_poke+0x933/0xe20
[  313.646533][    C1]  ? __kvmalloc_node_noprof+0x183/0x5a0
[  313.646550][    C1]  ? __pfx_text_poke_memcpy+0x10/0x10
[  313.646574][    C1]  ? __pfx___text_poke+0x10/0x10
[  313.646603][    C1]  ? perf_event_text_poke+0x262/0x330
[  313.646623][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  313.646644][    C1]  ? __pfx_perf_event_text_poke+0x10/0x10
[  313.646662][    C1]  ? __pfx___mutex_trylock_common+0x10/0x10
[  313.646688][    C1]  text_poke_bp_batch+0x8cf/0xb30
[  313.646716][    C1]  ? kmem_cache_alloc_bulk_noprof+0x15b/0x7c0
[  313.646733][    C1]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  313.646759][    C1]  ? arch_jump_label_transform_queue+0x9b/0x100
[  313.646780][    C1]  text_poke_finish+0x30/0x50
[  313.646802][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  313.646818][    C1]  static_key_enable_cpuslocked+0x136/0x260
[  313.646845][    C1]  static_key_enable+0x1a/0x20
[  313.646868][    C1]  toggle_allocation_gate+0xc0/0x250
[  313.646892][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  313.646921][    C1]  ? process_scheduled_works+0x9cb/0x18e0
[  313.646939][    C1]  process_scheduled_works+0xac3/0x18e0
[  313.646968][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  313.646989][    C1]  ? assign_work+0x367/0x3d0
[  313.647007][    C1]  worker_thread+0x870/0xd50
[  313.647031][    C1]  ? __kthread_parkme+0x1a8/0x200
[  313.647051][    C1]  ? __pfx_worker_thread+0x10/0x10
[  313.647069][    C1]  kthread+0x7b7/0x940
[  313.647091][    C1]  ? __pfx_worker_thread+0x10/0x10
[  313.647109][    C1]  ? __pfx_kthread+0x10/0x10
[  313.647129][    C1]  ? __pfx_kthread+0x10/0x10
[  313.647167][    C1]  ? __pfx_kthread+0x10/0x10
[  313.647189][    C1]  ? __pfx_kthread+0x10/0x10
[  313.647210][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  313.647229][    C1]  ? lockdep_hardirqs_on+0x9d/0x150
[  313.647249][    C1]  ? __pfx_kthread+0x10/0x10
[  313.647270][    C1]  ret_from_fork+0x4b/0x80
[  313.647287][    C1]  ? __pfx_kthread+0x10/0x10
[  313.647308][    C1]  ret_from_fork_asm+0x1a/0x30
[  313.647330][    C1]  </TASK>
[  313.680917][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  313.680943][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(full) 
[  313.680971][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  313.680987][   T31] Call Trace:
[  313.680996][   T31]  <TASK>
[  313.681006][   T31]  dump_stack_lvl+0x241/0x360
[  313.681045][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.681077][   T31]  ? __pfx__printk+0x10/0x10
[  313.681110][   T31]  ? vscnprintf+0x5d/0x90
[  313.681135][   T31]  panic+0x349/0x880
[  313.681162][   T31]  ? __pfx_preempt_schedule+0x10/0x10
[  313.681189][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  313.681215][   T31]  ? __pfx_panic+0x10/0x10
[  313.681242][   T31]  ? __pfx_delay_tsc+0x10/0x10
[  313.681266][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  313.681292][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  313.681316][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  313.681342][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  313.681369][   T31]  watchdog+0x1097/0x10a0
[  313.681392][   T31]  ? watchdog+0x1ea/0x10a0
[  313.681413][   T31]  ? __pfx_watchdog+0x10/0x10
[  313.681434][   T31]  kthread+0x7b7/0x940
[  313.681463][   T31]  ? __pfx_watchdog+0x10/0x10
[  313.681484][   T31]  ? __pfx_kthread+0x10/0x10
[  313.681512][   T31]  ? __pfx_kthread+0x10/0x10
[  313.681538][   T31]  ? __pfx_kthread+0x10/0x10
[  313.681567][   T31]  ? __pfx_kthread+0x10/0x10
[  313.681604][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  313.681629][   T31]  ? lockdep_hardirqs_on+0x9d/0x150
[  313.681657][   T31]  ? __pfx_kthread+0x10/0x10
[  313.681686][   T31]  ret_from_fork+0x4b/0x80
[  313.681708][   T31]  ? __pfx_kthread+0x10/0x10
[  313.681737][   T31]  ret_from_fork_asm+0x1a/0x30
[  313.681767][   T31]  </TASK>
[  313.687335][   T31] Kernel Offset: disabled