last executing test programs:

5.33412392s ago: executing program 3 (id=804):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d08000b000000e8fe55a1180015000600142603600e1209000d0000000401a80016000a00014006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x40010)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040))
ptrace(0x10, 0x1)
ptrace(0x10, r0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='rdma.current\x00', 0x0, 0x0)
r3 = dup2(r2, r2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x10, 0x29, &(0x7f00000006c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@call={0x85, 0x0, 0x0, 0x28}, @jmp={0x5, 0x0, 0x1, 0x5, 0x8, 0x100, 0xffffffffffffffff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @generic={0x8, 0x2, 0x5, 0x99f5, 0x3}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0xd}, @map_fd={0x18, 0x8, 0x1, 0x0, r3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xa}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0x1, 0x1b, &(0x7f00000001c0)=""/27, 0x41000, 0x40, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x2, 0x10, 0x0, 0x80000}, 0x10, 0x0, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000280)=[{0x4, 0x8001, 0x9, 0x9}], 0x10, 0x2, @void, @value}, 0x94)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = socket(0x10, 0x3, 0x6)
r8 = userfaultfd(0x1)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x6f0})
ioctl$UFFDIO_WRITEPROTECT(r8, 0xc018aa06, &(0x7f0000000040)={{&(0x7f00008b1000/0x4000)=nil, 0x4000}, 0x3})
r9 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000600)={'team0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newqdisc={0x60, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x0, 0x0, 0x9, 0xb5f, 0x80000001, 0x3}, [@TCA_NETEM_JITTER64={0xc, 0xb, 0x9f}, @TCA_NETEM_ECN={0x8, 0x7, 0x1}]}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
r11 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
r12 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r6, 0x4068aea3, &(0x7f00000003c0))
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000440)={0xffffffffffffffff, r4})
ptrace$setsig(0x4203, r0, 0x6, &(0x7f0000000040)={0x15, 0x2, 0x1dfffd})
r13 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f0000000980)={<r14=>0x0, 0xff, "76cb27029a53dd6a1d7b40f89abe38267ec7ce9ca861ed8fff5c7b3a9e29cb7a3814ef1c920eb72f0c8ffc8419c3bd79db3169139ebacf76bc63e0897cc2797a8032dc677899676068297daa79e05f92cb5efba1acd2c59b8bdc1c4064775968cf6b9bc8bd7c3a963646890066266c5e1edf637317f1471fed53d7b0caddcea5f1ffb3d01221c49192f1ef1826a728edbf5af590488dd20d692b7e086d76d9cc3a6e5a7ff13d7cb09541dbbaafac9de596e251993094da6179bd467a74fdb694c4178c52a318ec071067fd9b53bb5dd7df1e321067e486a674d41b912b81c01d776baa6b839e6b82d41290e82a0f25fd27f8c6a970c5ad2634e008f7125144"}, &(0x7f0000000140)=0x107)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r13, 0x84, 0x7b, &(0x7f0000000380)={r14, 0x400}, 0x8)

4.734371556s ago: executing program 3 (id=806):
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x2000, 0x0, 0x11, 0x0, @empty=0x2000000, @empty}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data}}}}}, 0x0)

4.477950946s ago: executing program 1 (id=809):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d390987f70e06d038e7ff7fc6e5539b0d650e8b089b3f353b68090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100fde8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8041800005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)

4.454615675s ago: executing program 3 (id=810):
r0 = syz_open_dev$cec(&(0x7f0000000740), 0x0, 0x101080)
ioctl$CEC_DQEVENT(r0, 0xc0506107, &(0x7f0000001800))
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbffffffffffffffe, 0x0, 0xffffffff}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r4 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000380)=@security={'security\x00', 0xe, 0x4, 0x260, 0xffffffff, 0x98, 0x90, 0x130, 0xffffffff, 0xffffffff, 0x208, 0x208, 0x208, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SYNPROXY={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x130}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c0)
sendmsg$tipc(r1, &(0x7f0000000280)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x43}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000000)=0xd9, 0x8, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f000010e000/0x3000)=nil, 0x2)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000080), 0x4)
listen(r5, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000300), 0x42000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000340)={0x18})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r8, 0x8933, &(0x7f0000001880)={'wg1\x00'})
syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000b80)={0x0, 0x0, 0x0}, 0x0)

4.166747237s ago: executing program 1 (id=813):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000880)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a497", 0x1a}], 0x3}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/66, 0xb4}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)

4.008802574s ago: executing program 0 (id=814):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x30, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x3f00, 0x0}, 0x4000)

3.806167027s ago: executing program 1 (id=816):
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
pipe2(0x0, 0xc800)
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x39}, 0x4}, 0x10)
socket(0x2, 0x80805, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup/syz1\x00', 0x1ff)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0.::/', 0x0)
r1 = add_key$user(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000080)="bc5dfc", 0x3, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000180), &(0x7f0000000440)={'syz', 0x1}, &(0x7f0000000480)="c128459efc5da3107148e203511c586ce0e476fff8910e2eb594a5a4e1e3e31baa2294e0f843e0f590748122c3b4fe2464fc06a9429d8d9a2e8d6522eaf3fe136f01206b40f8176051ea652ad6f2c16002726df8db9025fee43cf82d8a2f71f478174193aa709e3d65240114a08fde4c297e9edafd6eca8b4dbce5518440fa0e976023ab58a00206d6000000", 0x8c, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f0000000280)=""/83, 0x53, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x10000)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000400000/0x1000)=nil, 0x20400000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r4 = dup(0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
socket$kcm(0x29, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))

3.67616323s ago: executing program 0 (id=817):
unshare(0x40600)
unshare(0x8000000)
r0 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r1, &(0x7f0000000480)=[{0x84, 0x77, 0x0, 0x0, @time={0x10001, 0x2}, {0xff}, {0x7}, @queue={0x4, {0x8, 0x3}}}, {0x2, 0x0, 0x9, 0x0, @tick=0x4, {0xfd}, {}, @note={0x81, 0x0, 0x0, 0x0, 0x4000000}}, {0x6, 0x3, 0x9, 0x3, @time={0xd, 0x1000}, {0xe, 0x4}, {0xc, 0x2}, @note={0xfa, 0x94, 0x0, 0x4, 0x8}}], 0x54)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x800, 0x0)
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000200000000000000f8ffffffffffffff00000000"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000005b702000014000000b7030000000000008500000083000000b70900000000000055090100000000009500000000000000bf91000000000000b702000000554c2888ca7e2e0ab4f2f659910000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x9, 0x1004, &(0x7f0000001e40)=""/4100, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TCSBRKP(r3, 0x5425, 0x3)
write$sndseq(r2, &(0x7f0000000080)=[{0x1e, 0x0, 0x4, 0x4, @time={0x7, 0x1cf}, {}, {}, @result={0x7}}], 0x1c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4080000400000006110540000000000a6000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000080), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r6, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r6, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x87, 0xd})
fcntl$lock(r5, 0x24, &(0x7f0000000140)={0x2, 0x1, 0x8000003ff, 0x10001})
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)={'full'}, 0xfffffdef)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000140), &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)

3.509176306s ago: executing program 1 (id=819):
syz_emit_ethernet(0xbe, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0xb0, 0x0, 0x0, 0x11, 0x0, @dev, @local}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "f4cb985d86dd6266b5efb88aaa87eda081bac8b2f9a49d564054f1c9218f47b3", "cf8743eb4d9e776f94a6a58d36e006ac614f6f7bce9217cbfea31675d4a860cf6003977b1e4dbb16dc31cc76522bf19d", "5043edd2a8cc8c41345f8feb1a7a8e23043b8a465b1ed5bf8bc91307", {"c7193f7edd1efc4742dc481e6f57f901", "948177bcc5dea4029ba4683a6bdcd7a1"}}}}}}}, 0x0)

3.222280825s ago: executing program 1 (id=822):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000580)="d800000019008111e0020f060d8107040a60090000020000000455a1bc00090008000699e3ffffff140005000800000006000567b8b7b94002000009080016060000000000000074d67f6f5d6b26462f25a4d1c2e446b727f3e29400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a237ee4b11602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9ad809d50b694138c9f1ac76efb42a9ecbee5de6ccd4", 0xd8}], 0x1}, 0x94)
r1 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r1, 0x114, 0x6, &(0x7f00000000c0)=0x1, 0x4)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000180), 0x40, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000280)={0x28, 0x0, 0x2711}, 0x10)
getsockopt(r3, 0x1, 0x4, 0x0, &(0x7f0000000040)=0x13)
r4 = syz_open_dev$media(&(0x7f00000006c0), 0x4007, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000940)=<r5=>0xffffffffffffffff)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r5, 0x7c80, 0x0)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="043e4a0d0302"], 0x4d)
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r2, 0x3b70, &(0x7f00000001c0)={0x30})

3.036970063s ago: executing program 4 (id=823):
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@id, 0x10)
shutdown(r0, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r1, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r3, @ANYBLOB="0a000600080211000001000006006600c78800001a0033"], 0x50}}, 0x0)

2.875985295s ago: executing program 3 (id=824):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, 0x4, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) (fail_nth: 3)

2.77147319s ago: executing program 2 (id=825):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)={0x34, r1, 0x431, 0x70bd28, 0xffffffff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_TX={0x5}]}, 0x34}}, 0x0)

2.770848292s ago: executing program 4 (id=826):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000880)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a497", 0x1a}], 0x3}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/66, 0xb4}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)

2.690470696s ago: executing program 3 (id=827):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
syz_clone3(&(0x7f0000000600)={0x4040100, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pipe(&(0x7f0000000040))

2.614931851s ago: executing program 2 (id=828):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x24040090)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)

2.567192035s ago: executing program 0 (id=829):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="440000001000210400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="cac1040061000000180012800e000100697036677265746170"], 0x44}, 0x1, 0x0, 0x0, 0x4000084}, 0x10) (fail_nth: 8)

2.546588284s ago: executing program 4 (id=830):
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
pipe2(0x0, 0xc800)
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x39}, 0x4}, 0x10)
socket(0x2, 0x80805, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup/syz1\x00', 0x1ff)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0.::/', 0x0)
r1 = add_key$user(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000080)="bc5dfc", 0x3, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000180), &(0x7f0000000440)={'syz', 0x1}, &(0x7f0000000480)="c128459efc5da3107148e203511c586ce0e476fff8910e2eb594a5a4e1e3e31baa2294e0f843e0f590748122c3b4fe2464fc06a9429d8d9a2e8d6522eaf3fe136f01206b40f8176051ea652ad6f2c16002726df8db9025fee43cf82d8a2f71f478174193aa709e3d65240114a08fde4c297e9edafd6eca8b4dbce5518440fa0e976023ab58a00206d6000000", 0x8c, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f0000000280)=""/83, 0x53, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x10000)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000400000/0x1000)=nil, 0x20400000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r4 = dup(0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
socket$kcm(0x29, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))

2.466365868s ago: executing program 2 (id=831):
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$sock_int(r0, 0x1, 0x2b, &(0x7f0000000140)=0x8001, 0x4)

2.334918187s ago: executing program 4 (id=832):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x10, 0x42000)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000200)={r1, 0x0, {0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x1c, "a5bfcb2a66ef507540a2a54fcaf1860b5a61f8e207db0000009f1bb9930200000000000000cf61f3164a3790887d279d4afc7cfd1762729912aabe49225f8d79", "c943e1db06869da66fb3d998ba914272ca193f8dd5ecfdc81f22af8042677e0b2543667e306c360ce82f41f7d0431065868f4a367fb9ec6ec8cbf57917653a8a", "ae3151b9dd0fe9ca443e8ae600", [0x2]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c05, 0xffffffffffffffff) (fail_nth: 3)

2.285490036s ago: executing program 3 (id=833):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
r2 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r2, &(0x7f0000008880), 0x45b, 0x2, 0x0)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = dup(r3)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="600000000206050000000000fffff0000000000005000100060000000900020073797a32000000000500040000000000140007800800124000080000080008400000000014000300686173683a69702c706f72742c6970000500050002"], 0x60}, 0x1, 0x0, 0x0, 0x85}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)={0x14, 0x3, 0x6, 0x801, 0x0, 0x0, {0x1, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x1000}, 0x48050)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000300)={0x67, 0x2, 0x0, 0x1, 0x0, [@remote]}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'vlan1\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=@newlink={0x40, 0x10, 0xd8a88b3807bbf5cf, 0x0, 0x0, {0x0, 0x0, 0x7, 0x0, 0x0, 0x64001}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r7}, @IFLA_HSR_SLAVE1={0x8, 0x1, r8}]}}}]}, 0x40}}, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f00000006c0)={0x14, 0x0, &(0x7f0000000680)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
r9 = socket$inet6_sctp(0xa, 0x801, 0x84)
r10 = epoll_create1(0x0)
preadv2(r6, &(0x7f0000000240)=[{&(0x7f0000000700)=""/4096, 0x1000}, {&(0x7f0000000180)=""/84, 0x54}, {&(0x7f0000000200)=""/63, 0x3f}], 0x3, 0xc, 0x2, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f00000000c0)={0x80000011})
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x2, 0x660, &(0x7f0000001700)={{0x12, 0x1, 0x110, 0xe, 0x2a, 0xd8, 0x10, 0x11ff, 0xc3cc, 0xfa5d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x64e, 0x1, 0x0, 0x9, 0x20, 0x9, [{{0x9, 0x4, 0x6f, 0x0, 0xd, 0xff, 0x5d, 0x1, 0x0, [], [{{0x9, 0x5, 0xc, 0x0, 0x2ff, 0x2, 0x9, 0x1, [@generic={0xbf, 0x6, "9a9af5795aad1381473240fcdb89f34b72f1aef5740964dad9ffa1cbbfd447da28603f87d15d3876c91971a9d1f302d9f29033effc31ebf10c2563473c7a353b701904ecff133839a84c7984436901f9f47158b0969041e13d7e74bbb9587ed96cbc2c9defc82a5a984b4778a498b5702b6062df932058a5c60d640a6a5e9a804d5ae50fe47936a52e006138e9c132ec2d2c110e92bbbaeedbdd0be8d6d383b172521455defe8272702e89fd011dde05d74b6b28d82588477c9cc501fb"}, @generic={0x89, 0x22, "84a0713028e974cc7043a1ccda84b3f67fc931a27ab33fd10527da8e3a1e9831158431d26a2acd9d004defd424c2c85ca457db0004f698781ac3ee37d550b43cbc4625947e3a255ca321e3e4bfa1708b5515e0e3f9d6c3634fa9d70438f6f2368c776f3ac5b7bdde7c4f422386873cbc8889142f891e44aa0ef9194196ee3802a6cc03d1d78744"}]}}, {{0x9, 0x5, 0x8, 0x8, 0x20, 0x0, 0x81, 0x3, [@generic={0xb4, 0x23, "82da571887ba00e6e702851b6a60272eefb7487dc73f7e15d8ba98122986bf8b939592d6a9cda0dcdd5ced806ddc148bacedccfd4c1452bf8028d0bea92584e2e9da26d8ec0638497fabd429ff2c309124cde48fc3b0c26fe39a741347ff4cc3ddd2d82bfa70535bdcdeaea1b84be0ed5d401745ec8dbfe7c1f8176908ad6d95f49455490c72b8276b05735c42efb6610706ca28ccc2e62e65ecdbdc5f374c0d452b32f78d9b2bee18ac891f32309616aa40"}]}}, {{0x9, 0x5, 0xb, 0x0, 0x3d6, 0xc0, 0x5, 0x2, [@generic={0xad, 0x24, "5c765117437e1b1e20ae918b97f0f7a46f7fa6a0621e43b38bd5e7264314a4f476ba512131f963d2d9e9db77ac9d50245fdba855a22b87bb8f0df5082c2d72be9eccce3a222252e445df55e2f2c68caa1beecf097bc1cf0b18fe013c7ad5c374aa1334bf24347edde2351b0089610cc4b17c72aa9c28ba2cce7d1bc26d2c0e303c1377062b5ba83d1c0fcadccdc95973a9182ff223f77696ba45aa89bc1c034b947707c577956fba454a0a"}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0x8, 0x2}]}}, {{0x9, 0x5, 0xb, 0x12, 0x7bf, 0x9, 0x5, 0x6}}, {{0x9, 0x5, 0x6, 0x10, 0x0, 0xd, 0x81, 0x3}}, {{0x9, 0x5, 0xd, 0x0, 0x200, 0x3, 0x0, 0x1}}, {{0x9, 0x5, 0xc, 0x0, 0x40, 0x10, 0xa7, 0xbc, [@uac_iso={0x7, 0x25, 0x1, 0x5, 0x2, 0x1}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x2, 0x1000}]}}, {{0x9, 0x5, 0x80, 0x0, 0x8, 0x4, 0x1, 0x7, [@generic={0xc4, 0x4, "ed25ba4ff4cbb0dfef651a730a78d83f3c5c6b1f12f78701a77cd9551cccaec7b3166a1097d373d2edd60dfd05a1daa441cdadb95ef5080035ec23b4a7654465d2bae3e19b7a7a37399494eb14e02c49dd4e886cf95a955fbd2895532062bc11f95e1c1341a7a0ed2ae88081b0c23cc512c04040bc6932206543966636dcb806f78b663ed3e0573a1d034c2c3d1898e43db214aa0a416deff1ded46db71d04c7abe14122a3660c7db095dec28eef771c3a4be086218a7484dababbea1d87dcc69c26"}, @generic={0xb6, 0x4, "003c25eafd9264ffa1235eb4ddf6f44ebbdefc24b1d5efd8244f9c6570d5cda0dd6fbc73bbeb566e94090c4426b07e64efed83fe448c70f42f7f913dd781cff4c0c77e2872b5a900597a73284a8dc124811afd6b849cf1b9ce16bb3ab2b3cf24989bc249dbdf04c68e703bf37cb1effda1e9cbcffb4d4d5afd9fdd556b9fbb7b96ad70c4688ff949c1a85931ea347c849fdf93c2f9bbd06d9dcf308a1d77c3fefd63b5233800a2dffb7f33b8b7984c8635d77a66"}]}}, {{0x9, 0x5, 0xa, 0x0, 0x10, 0x10, 0xd, 0x5, [@generic={0x54, 0x8, "ad5a3b99a8a8679fffdcbad237b1c6964d97a2784874121370693d56f797aca214973cccf3f1a34052aeab6a09f78315ffe9cd47e753df4d0be9f03b5f0e64cf22ceaef2ead8c852d7ec97fa03a01bb79f7c"}]}}, {{0x9, 0x5, 0x7, 0x4, 0x10, 0x7f, 0x0, 0x81}}, {{0x9, 0x5, 0xe, 0x0, 0x200, 0x5, 0x5, 0x2}}, {{0x9, 0x5, 0x4, 0xb, 0x10, 0x5, 0x6e, 0x8, [@generic={0xe, 0x17, "a9576b0135173c8cafc7b78b"}, @generic={0xc2, 0x21, "eb170def9253a78ba46f59843b79550ae79707408f9d92d5131151648ab3806b8d977771b6ea791ae87af097e91fcd6fcc302bedd707f09b56d03ebabf6199cccc95cdd9d8f4388fa231f493c332a60269b8d7ed5f7ec95d31368809762e66b261955ec1e8e0410765eba00b8b2381d57811220ed9633b9de3c9ad3509f5f15fa6e5e23e5b0688458601e56cb0c56ad08adc5a4b6e2cd8f6d8ec97c7070ead6cc71222d7f8e8c723ba6a9a21fb801fad7bb7a5cf8ccad18f38fe2807712b2c84"}]}}, {{0x9, 0x5, 0xb, 0x10, 0x8, 0x8, 0xfa, 0xc0, [@generic={0x6b, 0xa, "560f2e0cdebe98d3fd1ab1f515dc07f2eee65248ea7a6b5be98c3816630b42efb1a67e2b86cf587aa210424f0a74a2584194a71de50931908ea8fed54e1b1065d75920cbe8d4ad976c19d02aac18884039cdfb1e6225675f55cea16fe399996fab914d0d91acd1dc29"}]}}]}}]}}]}}, &(0x7f0000002040)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x201, 0x6, 0x2, 0x3, 0x20, 0x2}, 0x73, &(0x7f00000020c0)={0x5, 0xf, 0x73, 0x6, [@ssp_cap={0x20, 0x10, 0xa, 0x5, 0x5, 0xe66, 0xf0f, 0x4, [0x3f00, 0xc000, 0xf0, 0x0, 0xc000]}, @wireless={0xb, 0x10, 0x1, 0xc, 0x81, 0x3, 0x81, 0x1, 0x3}, @ssp_cap={0x14, 0x10, 0xa, 0x9, 0x2, 0x5, 0xf1e, 0x0, [0x0, 0xff00cf]}, @ext_cap={0x7, 0x10, 0x2, 0x0, 0xd, 0x6, 0xfff}, @generic={0x1c, 0x10, 0xa, "7bef851a4024ddedac0729027185a318db65da4cc10c110202"}, @ssp_cap={0xc, 0x10, 0xa, 0x0, 0x0, 0x2, 0xf, 0x81}]}, 0x8, [{0x30, &(0x7f0000000440)=@string={0x30, 0x3, "c6a63d11e710eff3335a6b2e03e44e5928fbb65b18f15dc4caa9a77f3711babbe2bb75229f1e4b2fec5c38dd5a41"}}, {0x63, &(0x7f0000000480)=@string={0x63, 0x3, "2f5fb2c5cd46cec2ade50ba62aed7fc7d5487dee536dccac62e05ad8049da03d85cf0e663e4148d4e834c04cdc16be3757fac6aa700d96f35177fdadb9068d019c0c4e5f283a9bfea9da1af2a5d74d4e35df2f4f8de87fe3bc23d25715025f1960"}}, {0xf6, &(0x7f0000001d80)=@string={0xf6, 0x3, "0fa88225740ba845ff40502b54e5d0e0694b6a7a3b035feb4c7504c09b12499b920b1c48cc20021fadccfc8fcddd912a30a65cf551f3dcef382e7faf577429bc1febeec0471ebe0d793991361c6960111564f3ed32a52f655f618a1f4a5200e40e47b715c30b491d86130e837ff873bb9cc1d6b0ed12f1cc8386c3d9854bacaf9b5abc2ef6ee74894c02c737cf08a2a17d99afcecf385bea38d7aefee04e3ecd80e2899e12f7c29e74aaa689a4b33281b590ee621424d0b059974bfa6a2210c172c81f840cfee861bc7ede74222cc9fe48da73524fc6b066fe8099aebdf95c41b00a233a5cfadc2f57a9b2aa5bbf5293c9720c3c"}}, {0x82, &(0x7f0000001e80)=@string={0x82, 0x3, "67be457404493b2fad487f4b680563a2dcdfdd63db17e71c0b526af648da2df67bdb74cc090221219ef90cbf9f371ff3b1a67edea41cb99c6e50c0d2930978fb6c30634708c408cc844e07f2cb13bb82dc164786b0247c70a3f016cff2ae53cc5880e65a2cf68214c491cc74ae95b57f9f86680cf65a2ae77fcc5a2e9f71236a"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x416}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x4c0a}}, {0xd3, &(0x7f0000001f40)=@string={0xd3, 0x3, "7523055e244d34af8f1624db57419f534932190e656e8015f668e1d22f86f6e83f5506f9730957ac31e16f781a8b84d568d9cdb1d85a9fc073159762eb77ee6a7f5ce95d566a2da0cb04d26626e4181797d0d2e6f773a6c811850d0aa96cdb2120b8faece5b87a8e6564fa27309f9b8608646f29062055775718e2608f84de72af3c33c87116e8918da3574f05a5a028acee44a11d60bb043f12b6d35e98644e75a21f3c1799157216f7ba79a5c5208fbef4dd06deb8b846496bb2786b56c7304b5fb3d4f043ec89a8215e08cd73d4e37c"}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0x41f}}]})

2.234912484s ago: executing program 2 (id=834):
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg}}}}}, 0x0)
syz_emit_ethernet(0x9e, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x90, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x7c, 0x0, @wg=@data={0x4, 0x0, 0x0, "000000000000000000000000000000000000000200"/100}}}}}}, 0x0)

1.754358481s ago: executing program 1 (id=835):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x400000001, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x76ed}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r2 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
bind$alg(r3, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r4 = accept4(r3, 0x0, 0x0, 0x0)
recvmmsg$unix(r4, &(0x7f00000021c0)=[{{0x0, 0x0, &(0x7f00000016c0)}}], 0x1, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000013a40)={0x0, 0x0, &(0x7f0000013a00)={&(0x7f00000158c0), 0x10b8c}}, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000000)={@host})
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @my=0x1, 0x0, 0x0, 0x9})
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)

1.736419181s ago: executing program 0 (id=836):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x10, 0x42000)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000200)={r1, 0x0, {0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x1c, "a5bfcb2a66ef507540a2a54fcaf1860b5a61f8e207db0000009f1bb9930200000000000000cf61f3164a3790887d279d4afc7cfd1762729912aabe49225f8d79", "c943e1db06869da66fb3d998ba914272ca193f8dd5ecfdc81f22af8042677e0b2543667e306c360ce82f41f7d0431065868f4a367fb9ec6ec8cbf57917653a8a", "ae3151b9dd0fe9ca443e8ae600", [0x2]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c05, 0xffffffffffffffff)

1.166759204s ago: executing program 2 (id=837):
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x8000, 0xc5f7, @name="ac2ad54970138065d4b1a10a14b7e65642722c3da99ba40f000026e78ffc1e0a"}) (async)
r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000000)="b6b06897370bc199d3414a8edc54435e590b47c41260cd1c9f9c51146e4ed3a5a189d7e31d1e3f447a475603028e613682031277f6fb4158ba2b032be0e07e75336462eb4e0694c614bddc133263bc94055971cd45d1977712c5b8825f4d6f6e82aeae787c8e3a47351df4f94a9f854dcb", 0x71, 0xfffffffffffffffe) (async)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="600000000206010300000000000000000000000005000400000000000900020073797a31000000000500010007000000050005000a000000140007800800114008000000050015000c00000012000300686173683a6e6574"], 0x60}}, 0x0) (async)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)

1.081941204s ago: executing program 2 (id=838):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
r2 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r2, &(0x7f0000008880), 0x45b, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = dup(r3)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="600000000206050000000000fffff0000000000005000100060000000900020073797a32000000000500040000000000140007800800124000080000080008400000000014000300686173683a69702c706f72742c6970000500050002"], 0x60}, 0x1, 0x0, 0x0, 0x85}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)={0x14, 0x3, 0x6, 0x801, 0x0, 0x0, {0x1, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x1000}, 0x48050)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000300)={0x67, 0x2, 0x0, 0x1, 0x0, [@remote]}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'vlan1\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=@newlink={0x40, 0x10, 0xd8a88b3807bbf5cf, 0x0, 0x0, {0x0, 0x0, 0x7, 0x0, 0x0, 0x64001}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r7}, @IFLA_HSR_SLAVE1={0x8, 0x1, r8}]}}}]}, 0x40}}, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f00000006c0)={0x14, 0x0, &(0x7f0000000680)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
r9 = socket$inet6_sctp(0xa, 0x801, 0x84)
r10 = epoll_create1(0x0)
preadv2(r6, &(0x7f0000000240)=[{&(0x7f0000000700)=""/4096, 0x1000}, {&(0x7f0000000180)=""/84, 0x54}, {&(0x7f0000000200)=""/63, 0x3f}], 0x3, 0xc, 0x2, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f00000000c0)={0x80000011})
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x2, 0x660, &(0x7f0000001700)={{0x12, 0x1, 0x110, 0xe, 0x2a, 0xd8, 0x10, 0x11ff, 0xc3cc, 0xfa5d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x64e, 0x1, 0x0, 0x9, 0x20, 0x9, [{{0x9, 0x4, 0x6f, 0x0, 0xd, 0xff, 0x5d, 0x1, 0x0, [], [{{0x9, 0x5, 0xc, 0x0, 0x2ff, 0x2, 0x9, 0x1, [@generic={0xbf, 0x6, "9a9af5795aad1381473240fcdb89f34b72f1aef5740964dad9ffa1cbbfd447da28603f87d15d3876c91971a9d1f302d9f29033effc31ebf10c2563473c7a353b701904ecff133839a84c7984436901f9f47158b0969041e13d7e74bbb9587ed96cbc2c9defc82a5a984b4778a498b5702b6062df932058a5c60d640a6a5e9a804d5ae50fe47936a52e006138e9c132ec2d2c110e92bbbaeedbdd0be8d6d383b172521455defe8272702e89fd011dde05d74b6b28d82588477c9cc501fb"}, @generic={0x89, 0x22, "84a0713028e974cc7043a1ccda84b3f67fc931a27ab33fd10527da8e3a1e9831158431d26a2acd9d004defd424c2c85ca457db0004f698781ac3ee37d550b43cbc4625947e3a255ca321e3e4bfa1708b5515e0e3f9d6c3634fa9d70438f6f2368c776f3ac5b7bdde7c4f422386873cbc8889142f891e44aa0ef9194196ee3802a6cc03d1d78744"}]}}, {{0x9, 0x5, 0x8, 0x8, 0x20, 0x0, 0x81, 0x3, [@generic={0xb4, 0x23, "82da571887ba00e6e702851b6a60272eefb7487dc73f7e15d8ba98122986bf8b939592d6a9cda0dcdd5ced806ddc148bacedccfd4c1452bf8028d0bea92584e2e9da26d8ec0638497fabd429ff2c309124cde48fc3b0c26fe39a741347ff4cc3ddd2d82bfa70535bdcdeaea1b84be0ed5d401745ec8dbfe7c1f8176908ad6d95f49455490c72b8276b05735c42efb6610706ca28ccc2e62e65ecdbdc5f374c0d452b32f78d9b2bee18ac891f32309616aa40"}]}}, {{0x9, 0x5, 0xb, 0x0, 0x3d6, 0xc0, 0x5, 0x2, [@generic={0xad, 0x24, "5c765117437e1b1e20ae918b97f0f7a46f7fa6a0621e43b38bd5e7264314a4f476ba512131f963d2d9e9db77ac9d50245fdba855a22b87bb8f0df5082c2d72be9eccce3a222252e445df55e2f2c68caa1beecf097bc1cf0b18fe013c7ad5c374aa1334bf24347edde2351b0089610cc4b17c72aa9c28ba2cce7d1bc26d2c0e303c1377062b5ba83d1c0fcadccdc95973a9182ff223f77696ba45aa89bc1c034b947707c577956fba454a0a"}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0x8, 0x2}]}}, {{0x9, 0x5, 0xb, 0x12, 0x7bf, 0x9, 0x5, 0x6}}, {{0x9, 0x5, 0x6, 0x10, 0x0, 0xd, 0x81, 0x3}}, {{0x9, 0x5, 0xd, 0x0, 0x200, 0x3, 0x0, 0x1}}, {{0x9, 0x5, 0xc, 0x0, 0x40, 0x10, 0xa7, 0xbc, [@uac_iso={0x7, 0x25, 0x1, 0x5, 0x2, 0x1}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x2, 0x1000}]}}, {{0x9, 0x5, 0x80, 0x0, 0x8, 0x4, 0x1, 0x7, [@generic={0xc4, 0x4, "ed25ba4ff4cbb0dfef651a730a78d83f3c5c6b1f12f78701a77cd9551cccaec7b3166a1097d373d2edd60dfd05a1daa441cdadb95ef5080035ec23b4a7654465d2bae3e19b7a7a37399494eb14e02c49dd4e886cf95a955fbd2895532062bc11f95e1c1341a7a0ed2ae88081b0c23cc512c04040bc6932206543966636dcb806f78b663ed3e0573a1d034c2c3d1898e43db214aa0a416deff1ded46db71d04c7abe14122a3660c7db095dec28eef771c3a4be086218a7484dababbea1d87dcc69c26"}, @generic={0xb6, 0x4, "003c25eafd9264ffa1235eb4ddf6f44ebbdefc24b1d5efd8244f9c6570d5cda0dd6fbc73bbeb566e94090c4426b07e64efed83fe448c70f42f7f913dd781cff4c0c77e2872b5a900597a73284a8dc124811afd6b849cf1b9ce16bb3ab2b3cf24989bc249dbdf04c68e703bf37cb1effda1e9cbcffb4d4d5afd9fdd556b9fbb7b96ad70c4688ff949c1a85931ea347c849fdf93c2f9bbd06d9dcf308a1d77c3fefd63b5233800a2dffb7f33b8b7984c8635d77a66"}]}}, {{0x9, 0x5, 0xa, 0x0, 0x10, 0x10, 0xd, 0x5, [@generic={0x54, 0x8, "ad5a3b99a8a8679fffdcbad237b1c6964d97a2784874121370693d56f797aca214973cccf3f1a34052aeab6a09f78315ffe9cd47e753df4d0be9f03b5f0e64cf22ceaef2ead8c852d7ec97fa03a01bb79f7c"}]}}, {{0x9, 0x5, 0x7, 0x4, 0x10, 0x7f, 0x0, 0x81}}, {{0x9, 0x5, 0xe, 0x0, 0x200, 0x5, 0x5, 0x2}}, {{0x9, 0x5, 0x4, 0xb, 0x10, 0x5, 0x6e, 0x8, [@generic={0xe, 0x17, "a9576b0135173c8cafc7b78b"}, @generic={0xc2, 0x21, "eb170def9253a78ba46f59843b79550ae79707408f9d92d5131151648ab3806b8d977771b6ea791ae87af097e91fcd6fcc302bedd707f09b56d03ebabf6199cccc95cdd9d8f4388fa231f493c332a60269b8d7ed5f7ec95d31368809762e66b261955ec1e8e0410765eba00b8b2381d57811220ed9633b9de3c9ad3509f5f15fa6e5e23e5b0688458601e56cb0c56ad08adc5a4b6e2cd8f6d8ec97c7070ead6cc71222d7f8e8c723ba6a9a21fb801fad7bb7a5cf8ccad18f38fe2807712b2c84"}]}}, {{0x9, 0x5, 0xb, 0x10, 0x8, 0x8, 0xfa, 0xc0, [@generic={0x6b, 0xa, "560f2e0cdebe98d3fd1ab1f515dc07f2eee65248ea7a6b5be98c3816630b42efb1a67e2b86cf587aa210424f0a74a2584194a71de50931908ea8fed54e1b1065d75920cbe8d4ad976c19d02aac18884039cdfb1e6225675f55cea16fe399996fab914d0d91acd1dc29"}]}}]}}]}}]}}, &(0x7f0000002040)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x201, 0x6, 0x2, 0x3, 0x20, 0x2}, 0x73, &(0x7f00000020c0)={0x5, 0xf, 0x73, 0x6, [@ssp_cap={0x20, 0x10, 0xa, 0x5, 0x5, 0xe66, 0xf0f, 0x4, [0x3f00, 0xc000, 0xf0, 0x0, 0xc000]}, @wireless={0xb, 0x10, 0x1, 0xc, 0x81, 0x3, 0x81, 0x1, 0x3}, @ssp_cap={0x14, 0x10, 0xa, 0x9, 0x2, 0x5, 0xf1e, 0x0, [0x0, 0xff00cf]}, @ext_cap={0x7, 0x10, 0x2, 0x0, 0xd, 0x6, 0xfff}, @generic={0x1c, 0x10, 0xa, "7bef851a4024ddedac0729027185a318db65da4cc10c110202"}, @ssp_cap={0xc, 0x10, 0xa, 0x0, 0x0, 0x2, 0xf, 0x81}]}, 0x8, [{0x30, &(0x7f0000000440)=@string={0x30, 0x3, "c6a63d11e710eff3335a6b2e03e44e5928fbb65b18f15dc4caa9a77f3711babbe2bb75229f1e4b2fec5c38dd5a41"}}, {0x63, &(0x7f0000000480)=@string={0x63, 0x3, "2f5fb2c5cd46cec2ade50ba62aed7fc7d5487dee536dccac62e05ad8049da03d85cf0e663e4148d4e834c04cdc16be3757fac6aa700d96f35177fdadb9068d019c0c4e5f283a9bfea9da1af2a5d74d4e35df2f4f8de87fe3bc23d25715025f1960"}}, {0xf6, &(0x7f0000001d80)=@string={0xf6, 0x3, "0fa88225740ba845ff40502b54e5d0e0694b6a7a3b035feb4c7504c09b12499b920b1c48cc20021fadccfc8fcddd912a30a65cf551f3dcef382e7faf577429bc1febeec0471ebe0d793991361c6960111564f3ed32a52f655f618a1f4a5200e40e47b715c30b491d86130e837ff873bb9cc1d6b0ed12f1cc8386c3d9854bacaf9b5abc2ef6ee74894c02c737cf08a2a17d99afcecf385bea38d7aefee04e3ecd80e2899e12f7c29e74aaa689a4b33281b590ee621424d0b059974bfa6a2210c172c81f840cfee861bc7ede74222cc9fe48da73524fc6b066fe8099aebdf95c41b00a233a5cfadc2f57a9b2aa5bbf5293c9720c3c"}}, {0x82, &(0x7f0000001e80)=@string={0x82, 0x3, "67be457404493b2fad487f4b680563a2dcdfdd63db17e71c0b526af648da2df67bdb74cc090221219ef90cbf9f371ff3b1a67edea41cb99c6e50c0d2930978fb6c30634708c408cc844e07f2cb13bb82dc164786b0247c70a3f016cff2ae53cc5880e65a2cf68214c491cc74ae95b57f9f86680cf65a2ae77fcc5a2e9f71236a"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x416}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x4c0a}}, {0xd3, &(0x7f0000001f40)=@string={0xd3, 0x3, "7523055e244d34af8f1624db57419f534932190e656e8015f668e1d22f86f6e83f5506f9730957ac31e16f781a8b84d568d9cdb1d85a9fc073159762eb77ee6a7f5ce95d566a2da0cb04d26626e4181797d0d2e6f773a6c811850d0aa96cdb2120b8faece5b87a8e6564fa27309f9b8608646f29062055775718e2608f84de72af3c33c87116e8918da3574f05a5a028acee44a11d60bb043f12b6d35e98644e75a21f3c1799157216f7ba79a5c5208fbef4dd06deb8b846496bb2786b56c7304b5fb3d4f043ec89a8215e08cd73d4e37c"}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0x41f}}]})

981.557637ms ago: executing program 0 (id=839):
unshare(0x40600)
unshare(0x8000000)
r0 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r1, &(0x7f0000000480)=[{0x84, 0x77, 0x0, 0x0, @time={0x10001, 0x2}, {0xff}, {0x7}, @queue={0x4, {0x8, 0x3}}}, {0x2, 0x0, 0x9, 0x0, @tick=0x4, {0xfd}, {}, @note={0x81, 0x0, 0x0, 0x0, 0x4000000}}, {0x6, 0x3, 0x9, 0x3, @time={0xd, 0x1000}, {0xe, 0x4}, {0xc, 0x2}, @note={0xfa, 0x94, 0x0, 0x4, 0x8}}], 0x54)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x800, 0x0)
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000200000000000000f8ffffffffffffff00000000"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000005b702000014000000b7030000000000008500000083000000b70900000000000055090100000000009500000000000000bf91000000000000b702000000554c2888ca7e2e0ab4f2f659910000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x9, 0x1004, &(0x7f0000001e40)=""/4100, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TCSBRKP(r3, 0x5425, 0x3)
write$sndseq(r2, &(0x7f0000000080)=[{0x1e, 0x0, 0x4, 0x4, @time={0x7, 0x1cf}, {}, {}, @result={0x7}}], 0x1c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4080000400000006110540000000000a6000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000080), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r6, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r6, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x87, 0xd})
fcntl$lock(r5, 0x24, &(0x7f0000000140)={0x2, 0x1, 0x8000003ff, 0x10001})
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)={'full'}, 0xfffffdef)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000140), &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)

771.726659ms ago: executing program 4 (id=840):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000880)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a497", 0x1a}], 0x3}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/66, 0xb4}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)

740.264275ms ago: executing program 4 (id=841):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0xd0002)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r0}, 0x8)
syz_open_dev$video(&(0x7f0000000040), 0x0, 0x1)
socket$inet6(0xa, 0x3, 0x8000000003c)
socket(0x3, 0x80000, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'macvlan0\x00'})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@bridge_newneigh={0x5c, 0x1c, 0x800, 0x70bd27, 0x25dfdbfc, {0xa, 0x0, 0x0, r5, 0x4, 0x1, 0x9}, [@NDA_VLAN={0x6, 0x5, 0x3}, @NDA_FDB_EXT_ATTRS={0x20, 0xe, 0x0, 0x1, [@NFEA_ACTIVITY_NOTIFY={0x5, 0x1, 0x90}, @NFEA_ACTIVITY_NOTIFY={0x5, 0x1, 0x19}, @NFEA_DONT_REFRESH={0x4}, @NFEA_ACTIVITY_NOTIFY={0x5, 0x1, 0xfc}]}, @NDA_PROBES={0x8, 0x4, 0x6}, @NDA_PROTOCOL={0x5, 0xc, 0x8}, @NDA_LINK_NETNSID={0x8, 0xa, 0x4}]}, 0x5c}}, 0x40011)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f0000000140)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x4000, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @empty}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000200)={'syztnl0\x00', 0x0, 0x1, 0x7, 0x0, 0x7, {{0x5, 0x4, 0x1, 0x2c, 0x14, 0x67, 0x0, 0x57, 0x4, 0x0, @remote, @loopback}}}})
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x52, 0xffffffffffffffff, 0x2000)
pread64(0xffffffffffffffff, 0x0, 0x0, 0xc2a)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)

0s ago: executing program 0 (id=842):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
chdir(&(0x7f0000000540)='./cgroup\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdir(&(0x7f00000003c0)='./file0\x00', 0xff0c)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r3, &(0x7f00000010c0)={0x8, {"eddd025b60fdc30a063f172d718c2bd6b3645eadae0f767eb61f2421975b0064d30faba72ba63ab33c4ee2a6cb2f0cb187830255738dd670e8e178672a7473488a157b83ca0ed9657299e98243c15b6b8e08f34570dda445b526949a9b3aebdb97dda475e54a098f1ae57c4774c8ef81d36c77d309e0c817fba3415591dd26a637e43bec5f0fb193d8671889d89ac77bd90ee5efac63bf9eafc61f393e33aaa503760afad0e395042048defbc27ecc254790f419072feb3d5fb4815364072248a42bb88952f316952ea727ae850143819fb80a77407a2309c90ee7894bee7c5862bf14672cc9036bf0ccba7769b5d57b757b550180000000000000a7f0840d7040084b449eb5445ea40b3b9811a66d5228839907fba91ba8a5ca95b4600fcd98f93af794a412e97404d6f40a61e802f6112ff259a29ca8fb98ffce8fd12509883e812e7edb4a643fe4aac56bb01f69823bd6f4ebd618d81cb3d463eea2c9bae30b888a824043a71d5f3319b146848d63a5415f5ed47b33cafa473cc2c91c425a2d24bf5d8e627e6fc63f58a7b08180ce16e5aa7015478cfbebba3045ec5dd620f69659f3fe11af23b095b43ced6a48afaf3d9a78762d40ada3b1fead7884620e213f28a9a2e6bcda0b88347c8eb3f6be8be3fc2d507eaae0430ccd836d4790038d25d65091e6e7ee9bec612b4a5d90e9e878c9c57fd1aa28ee9fab64d2d3bec12ae68a974c0f64365548a5db8a1d8fc9e32b38df32e826a3d2a88ae824a5faa87d7a25373728da5322ebc73db3d9ac8c64db9c90b18d67b7770966a3b8a1079f5b83f21482ff8b1cc1c699a0a5a135b6fe2791abb556603e3255e89922de5bca02d57ace9f6d486a363891b6c15e3c0000000047e9617351e98a040f2e7019ddee08f2d6cdc9de2f7a32ea65d266513fa7821c24c90ae39268757eefacfe94d53c740747c86429eadbead0a3576549442f4f77d846df8d54b37fc280bd5b9320f872756706357b9813318a6bfeb77d4ddec55ab5592da2c6d05b3c021182485b96a634013c5ad5ba55f07d07211c0db03ccb5981f5955df2e86cd0f62f6ba66fe4abf695ebc6629e42f6ce96a132883f148eeeacdff13b1cbfa73cbc70b8c5b677682d7c60d1a1311b1222aef1edb4e231c869a18f9ae8eeba4eb4cba8a4a56703cd90710b2208bce8e9a18aaf4e7c47474c08ff85c307d660607bddfe49ac714e0fcdfefedddafa452dfe0341c8a8f07e62e4486699a740feda4b7b2bc635308eb6990f3dfa9065aa8b26ad0ac66fe86dbf2dfb5f0c4b0cad557d4fa4b61116aa57a285a705e1d87d3f8d560b5fd3f8c5df3dc22bd4edb36c1c2e78c0b69863f576d3053ceb21ecb287faf64bb7a3cfe3c28eb7c2335a3af5a29308dac5f7d6f48f46da8370124c37e5a3c9fdfd3d78a082030b2233f02fae54012d2ad2b1c1ec2a35a130a5d3f76b5f9a10a4d31ca41c5c2f58a40c058a48e5dd8a71adbabcbca341e46a6ad538491025e79db3c59350b229ae433537e54b62968ff582f041080719fb88778884da1c79ff28398d8edfcd931043b64bf75b944e735d6d0fa62ed1e3550fe9fa5c1f063b06fb8e13909c87efffe72481ada2d01522a93c70266aa3991c7141ecca2bc618fe54d7529a0c2a46469ca4b2086e112fdf4e1266ca6b5fd4b0fbea280dd246f622f0da6d0f3e3b0357dc0744132e66d8b035662ad5cd3faedd2f743e24ecfed2efd6fd3aed1402bdbc66af3c0b77b7962966649591d7d5985c81a063d46ddf07656f2b049f5811b310e567027bc1b6d44fc892d37aeda8cacc704c1dcc1a7ef759937416e01163027b81befa86772ddf576c37f3151792c4358d1fa418bcd250dc41effa988116589b110d31a59486123769e50f5b3985b4660919f08dd5c96ab8ab03322d0c61890f90e56970f0aa13a96bcfa97139d5627ed6a5558dee292bf0a6e5ad23341c7dc3464a05b9045cc3abbfc0448bf9ca044fd188569cc0c57e07105d1fa1efd44529b6592fa718e092c1a3fa3e56689c9c5168a5619bf2109bde2dca59ad16735e597402c1896d4e24f56c9d4bbc1f0b3a0135b7028a402c6a1a78de57a838b1871477d7b43dff3779fdb50b2ec9a3ae11fab7f715e7979e64a0f0d54d025105d1f768cdad112aeb2eac1c8042aff6fb975a16c64080ba4e0de0af9b8a975a2b6af6a05dff8ae848f6b80f2bd80c56e4683e67a3aaad0e72242b0f0f07d7d7a64a8669e75a99ba4fdb2ba239c5ef28c8f1dc0b2459698b374f1035a75eafde3d90d69afa489ee2d7f7958a5cc51e574203bab464ddd4d08abbb77c8874c6ce692d078bdc309d73ccb49c9d60a269c77601e82e1c824fca2a43605f8453943d23794785096da2ff56547389009e27a908cfcea03ede09c392e0bafa30891e23fbacdf08b49cbd2f4083f94c3c71877ffac86d426e5fe08fa9541f837f2de8440e0b2226b664a45a564f1357e804c24cd2cef95564a1e0041736ced508a63af4e9f4ae9f690084f8c67db3b3569fb86225b6cce291da8057200d1f86899081ebfa5274625ada6ee793fe4246d97157d608099a6adf81eb88bb37cdb64a18ed0e13a0cfeea3af2164a59b8a90a4a1dfad6f03cc27ccbcc879c2b54a57a6d81e01dbd9d7440e9f1a1f608617a308214b58a9090022b7c6631cda308a0aa13dd68159bd8578afeb5402b0e227ef709d8c58929fba262ff4ec70c3a8f68b98f92380201112f560c216d5dc61ad466ee08c1af18982617597436c6a0e0077bb2dab8932175fb30aafceb4d63b4b8aa4a1c2f3867a83855d418ae75b3029dff960a5a4fcbe0fb84828633d535413e0c70a26b2485dddaa7c52256ad85d5f71778af39692fb8553850bbac096d8d9c9145e0ed7903b5d530005f29493a5aa7e0c04b62cc07f2bcfa31a48ce7c167abdd145af8c25fb882b64e41a9b51ae77209d82a9095e1d80711e1c802302b92ad8e413bc9b200e57c6038a46bfc9468b5fdda7f3e57e676c99d4dde6b3a86ed2cb9a55cf199835ef9d858f5a692c4036b32ea07c76c29faa5e2241afab129340b6e2ad94baea982429225cfac726dbf137f6477432a31808a281c9af3c4bef4a2f508721ec71fc1c374fca4d4e25ed9754a41ebfcaaac7637caa13791a64ff995d3cd984ed8cecccc491de80596f8db8d3fe6a6f2b208d065fb6fbb5569bf7cd8a8162271ca5e5ed2b3b98f28d81b3b498345c48492c8fe2e6181f527bbe4ce6600f9e33fb65609bc4318ecf4ca151d3095232820a84704311f0bd3532178cf1e6ef9483b1f52ec2992e84aaf1239c99faeab989bd9848223e90093e71eb650660255fce7bd85872e413fe219859d18ef67f1f07a590ceadc1c687820c3c7cf9e2ff9609199c4b49fd74553507c1c7f45b5b1b40c96c0c984977f476ed686f8710248677847f5c0989df0eca6be3df498acfcfbca85bb986c8d844c19f62b06b95d8d6f4e4367040d45e494271f29546f1086f88fdc549402bd669e9aed5fe000000ef7668d3abeadb430d30534aef0a3a9a125bdeaa11647bafe6e1303b967d29718ac301cadbb43654a36b78ff91836584a5e3472db8db4ded526ecfef2efa2279c17639d3aef1587d5b8bbc8abec3a28dba276613c514a50fe243a588ecdb77ab1525088507f5a0537ba59062416beb479538806f04e70bc192c1fd46377c6105116cd21b75f29f91b67317ce4bd67dea18f560765dabf8f0cebfb770339aa2558df698e1ee22adc7b81b16b2e7fb06e7b5c2ca98c71aec18bc23b11d3b84c6a10aa866c5f438fc2d928fc89ce0902492cd79d6a1ffce27a66031cc24d1b82e9e8b6bdcb6b37f89531e048ae5ee10483dccbb734ba20a15b145fdeadfc461e146d8882133b4e6c6ba30d316ee0bf0bf40f26639077d090d1df3b943e78ba5ece82fcd4576cf3a87d7a9ad080b2cce7371e5bd671ad37e35ff03dfb6684ac0d4eda69154444aef2a173ba093bc87839e41388b2101f72a9b6cf675efbb231b007c11a7b452df89a584f459b23340c0dae21a4146968b66ac9b08d2408830ccec4e6fb1dd665c3023a3b32042b1facfb0bd4d5b9861fe5b0abee3313264b5abe61b1e145bc11121dc87bf1a6008433dedd4d7977b082400136bfceb33a2a3ceea9a6b67b8f85b604970c3ad474db7356f802bc840afe833c9056c037b2ea240b5846149682e14e4e126c7f88b9eb2c7384da631fbab63754611d52b4107dfd10fdf46e557be95a07e6ae64cbeb2d420bcfd87a2f52ecbfe5eba301e3c86761c1545b876e5951106e91be75e9d22301674bca4d729fffd9812cb984910b976c2a74966caf3d75ba7dc7f4275d24caf3bc94376a3579e8575c69401ea75d14e27f98eb7a05eccebd36ea89c4ac0dec65eb613d7f052c6b75b398c65249449b0693164a51c0c224ac1bb4f0781d2d10b96519131b6df9541aa1e7511820f71ab1d497234862f475356d9664a9fbbf0285738a143842820d5b795dcca64a24de4bae802fae01d82fec5548e108c4e750e8f1580d2ebd6bde06622db32c1f47eca183a81ecfde3b6a187c47f7984d2c6051f2ace7ac2bfc5da0cd4b0e57e69bf39551cc5443e12e9ce113cff2cecdd2802e5b9c5a1107e1ed982b93b8e986afa379ac1c6a5ee67e966c72bf149f9ba1c169bafe3d58e18e56438ad4a4db4826edb5eb4ff27808ddd7f87eb31cf232effc9bfff7305d91696e17058217d2d5596ae9082a1cc98d60b854b2ff76718d981c20d68ecf4f1a8dcd5f9f06162df324b84b246e5e11d6722003f32e3396e30c11724db17210c37dfa080c1be2fbeea1c92e084f72386fb29856bc25a16a53f97f44a5e81fd55872772eebdd0db3a5bdf0c28d34a48f8d707a97a3b89367c98e30dbe9c02444177a8fbaa605c6051157e41fade8432af5233ee030ad6fb7572ee4e7bd687dd855fe112ac46a7b1abe88771eb3b49e3d583efe7b79394ca4687acfc262af45dbf4736e9e17d39ea5f8e81f6ed7f242c5a09da7f22f37ce9d5e6222fa71aed8ee69e501d30cd98f5c5275d5dcc1f112c3dbd2cca465f7442d952353613ac5b30222cf153c598c15c102b0dd0d99e45595d98ab365fda3f6e3bdf29b66a8d0a43c1c6a109e3056015a49e4f9ed7522163da86b9e2bf14d7c0ff026261f96feabc0b1c64ba130acb2c4927a783bed9f4e1d38f0a1351000334010b99585c24fb9a7a24809e4bffc3448c778dbeeed816225b2173fae0975e1b9c19213dc33bab3a9bbe8f62e306a1aecac5484d3f23421f5064c16aa4fa67de32222115928c0f3b114593dd0c791c590be61e0b97ed0b0e0dcdb238eb1290466d9c10dfaa8c7fcd0bf659897d945df86d936c67e42924d47a4245fb3d6f8ec538d59c100c6e52100317ea41a1fd253ddd54b13b6a2807ea729d3fd7e1b0461cc78b2c7c889b9ad3ec0398399ff645f3ab988b8a52d9f09a430cfa0390c4c5ad3a392ef28a9f4056d77b712df09b69d7d93617c4783133f9abab2d6935d54f59d0c1b5ea4dba28af7bbfeaf29009618c436ddec116f8966b4ae89ceca545daef5a48f1668231731af7abc502df9f7d308998b92adbfdf0937186a9cbcd4267dc1d0e399b27dacc07ca37f76ceb42f13e4de89dd484a91dc8a2bebece95c6400fde8bdc6d2857454f562f04422b632925c84fb501998ab096363acafea06790c298a76267ca63d81763343fa1fbbbeecba24ca939b3f4d577a5129fd3c407cada9151a12b04e76d664b232cf05c9ad000", 0x1000}}, 0x1006)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x1c, "fee8a2ab78fcffffffffffffff2000b8785d960000000000000000000000000f00000000000100000000000000000000000000000200", "2809e897bdb2128bfc82525edd665240f45f819e01982861ac0000000000000000001100", "90be8b1c551265406c7f306003d8a0f4bd00", [0x20]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)

kernel console output (not intermixed with test programs):

d0
[  225.522784][ T7549]  ? __mutex_unlock_slowpath+0x229/0x800
[  225.522837][ T7549]  ? ksys_write+0x275/0x2d0
[  225.522869][ T7549]  __x64_sys_sendmmsg+0xa0/0xb0
[  225.522892][ T7549]  do_syscall_64+0xf3/0x230
[  225.522915][ T7549]  ? clear_bhb_loop+0x45/0xa0
[  225.522944][ T7549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.522963][ T7549] RIP: 0033:0x7f3d0e18d169
[  225.522980][ T7549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.522996][ T7549] RSP: 002b:00007f3d0ef61038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  225.523018][ T7549] RAX: ffffffffffffffda RBX: 00007f3d0e3a6080 RCX: 00007f3d0e18d169
[  225.523032][ T7549] RDX: 0400000000000181 RSI: 00002000000030c0 RDI: 0000000000000003
[  225.523045][ T7549] RBP: 00007f3d0ef61090 R08: 0000000000000000 R09: 0000000000000000
[  225.523057][ T7549] R10: 9200000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.523069][ T7549] R13: 0000000000000001 R14: 00007f3d0e3a6080 R15: 00007f3d0e4cfa28
[  225.523097][ T7549]  </TASK>
[  225.566128][ T6611] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.623401][ T5893] usb 1-1: Manufacturer: syz
[  225.842584][ T6621] usbhid 4-1:0.0: can't add hid device: -71
[  225.851026][ T6621] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  225.887787][ T5893] usb 1-1: SerialNumber: syz
[  225.898900][ T6611] usb 2-1: config 0 descriptor??
[  225.900771][ T5893] usb 1-1: config 0 descriptor??
[  225.935674][ T6621] usb 4-1: USB disconnect, device number 30
[  226.163021][ T5893] usb 1-1: USB disconnect, device number 29
[  226.277474][ T5926] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  226.467962][ T5926] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  226.486792][ T5926] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  226.497422][ T5926] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  226.507218][ T5926] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.530824][ T5926] usb 5-1: config 0 descriptor??
[  226.735293][ T6611] hid-led 0003:27B8:01ED.0004: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.1-1/input0
[  226.766145][ T6611] hid-led 0003:27B8:01ED.0004: ThingM blink(1) initialized
[  226.950536][ T6611] usb 2-1: USB disconnect, device number 31
[  226.970786][ T5926] pyra 0003:1E7D:2CF6.0005: hidraw1: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.4-1/input0
[  227.527773][ T7578] fuse: Bad value for 'fd'
[  227.565804][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  227.565824][   T30] audit: type=1800 audit(1744321554.625:168): pid=7578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.503" name="file1" dev="tmpfs" ino=492 res=0 errno=0
[  227.593143][ T6621] usb 1-1: new full-speed USB device number 30 using dummy_hcd
[  227.609842][ T7578] futex_wake_op: syz.2.503 tries to shift op by 144; fix this program
[  227.624726][ T7554] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  227.635712][ T7554] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  227.651912][ T5926] pyra 0003:1E7D:2CF6.0005: couldn't init struct pyra_device
[  227.672427][ T5926] pyra 0003:1E7D:2CF6.0005: couldn't install mouse
[  227.689761][ T5926] pyra 0003:1E7D:2CF6.0005: probe with driver pyra failed with error -71
[  227.723715][ T5926] usb 5-1: USB disconnect, device number 26
[  227.792052][ T6621] usb 1-1: config 0 has an invalid interface number: 111 but max is 0
[  227.800581][ T6621] usb 1-1: config 0 has an invalid interface number: 237 but max is 0
[  227.932035][ T6621] usb 1-1: config 0 has 3 interfaces, different from the descriptor's value: 1
[  228.108892][ T6621] usb 1-1: config 0 has no interface number 1
[  228.135237][ T6621] usb 1-1: config 0 has no interface number 2
[  228.141544][ T6611] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  228.163088][ T6621] usb 1-1: config 0 interface 111 altsetting 0 endpoint 0xC has invalid maxpacket 767, setting to 64
[  228.220932][ T6621] usb 1-1: config 0 interface 111 altsetting 0 endpoint 0xB has invalid maxpacket 982, setting to 64
[  228.284269][ T6621] usb 1-1: config 0 interface 111 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[  228.326919][ T6621] usb 1-1: config 0 interface 111 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  228.358618][ T6621] usb 1-1: config 0 interface 111 altsetting 0 endpoint 0xD has invalid maxpacket 512, setting to 64
[  228.384901][ T6621] usb 1-1: config 0 interface 111 altsetting 0 has a duplicate endpoint with address 0xC, skipping
[  228.414619][ T6621] usb 1-1: config 0 interface 111 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  228.679882][ T6611] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  228.705522][ T6621] usb 1-1: config 0 interface 111 altsetting 0 has 8 endpoint descriptors, different from the interface descriptor's value: 13
[  228.725387][ T6611] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  228.777512][ T6611] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  228.786676][ T6611] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.797376][ T6621] usb 1-1: too many endpoints for config 0 interface 237 altsetting 37: 186, using maximum allowed: 30
[  228.902831][ T6621] usb 1-1: config 0 interface 237 altsetting 37 has 0 endpoint descriptors, different from the interface descriptor's value: 186
[  228.964504][ T6611] usb 2-1: config 0 descriptor??
[  229.008552][ T6621] usb 1-1: too many endpoints for config 0 interface 0 altsetting 60: 37, using maximum allowed: 30
[  229.040501][ T6621] usb 1-1: config 0 interface 0 altsetting 60 endpoint 0xE has invalid maxpacket 512, setting to 64
[  229.230556][ T6621] usb 1-1: config 0 interface 0 altsetting 60 has a duplicate endpoint with address 0xB, skipping
[  229.269145][ T6621] usb 1-1: config 0 interface 0 altsetting 60 has 5 endpoint descriptors, different from the interface descriptor's value: 37
[  229.287474][ T6621] usb 1-1: config 0 interface 237 has no altsetting 0
[  229.295199][ T6621] usb 1-1: config 0 interface 0 has no altsetting 0
[  229.354107][ T6621] usb 1-1: New USB device found, idVendor=11ff, idProduct=c3cc, bcdDevice=fa.5d
[  229.366655][ T6621] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.376075][ T6621] usb 1-1: Product: ꠏ▂୴䖨䃿⭐䭩穪̻界쀄ኛ魉ஒ䠜⃌ἂ청迼⪑꘰⸸꽿瑗방샮ṇ඾㥹㚑検ᅠ搕ꔲ支慟ᾊ削䜎ᖷ௃ᵉᎆ茎뭳솜냖ይ쳱蚃䮅꾬媛⺼襴Ɍ㟇࣏ꆢ饽캯㣏휸ﺮ仠촾麉黂ꩴ覦뎤脲邵拮␔냐静碑≪섐졲萟︌懨纼瓞Ⱒﻉ剳왏暰胾꺙尿䅜ર㨣臭⿜꥗ꪲ뽛鍒狉㰌
[  229.410934][    C0] vkms_vblank_simulate: vblank timer overrun
[  229.497557][ T6621] usb 1-1: Manufacturer: 弯얲䛍싎ꘋ읿䣕浓곌鴄㶠쾅明䄾푈㓨䳀ᛜ㞾練꫆൰睑귽ڹƍಜ彎㨨ﺛ힥乍伯⎼埒ȕᥟ
[  229.515518][ T6621] usb 1-1: SerialNumber: 빧瑅䤄⼻䢭䭿ըꉣ揝៛᳧刋챴ȉ℡咽뼌㞟ꚱᲤ鲹偮틀ওﭸぬ䝣쐈찈亄Ꮛ芻ᛜ虇⒰灼켖껲챓聘嫦ᒂ釄瓌閮羵蚟౨嫶챿⹚熟樣
[  229.553392][ T7584] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.563533][ T7584] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.059416][ T6621] usb 1-1: config 0 descriptor??
[  230.548586][ T6621] usb 1-1: can't set config #0, error -71
[  230.607229][ T6621] usb 1-1: USB disconnect, device number 30
[  230.768384][ T7608] sock: sock_timestamping_bind_phc: sock not bind to device
[  231.047496][ T5893] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  231.097473][ T6621] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  231.209347][ T5893] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  231.249090][ T5893] usb 4-1: New USB device found, idVendor=3332, idProduct=0bc7, bcdDevice=4e.1c
[  231.259295][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.287877][ T5893] usb 4-1: Product: syz
[  231.292077][ T5893] usb 4-1: Manufacturer: syz
[  231.292297][ T6621] usb 1-1: config 0 has no interfaces?
[  231.296676][ T5893] usb 4-1: SerialNumber: syz
[  231.337886][ T6621] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  231.359725][ T5893] usb 4-1: config 0 descriptor??
[  231.361695][ T6621] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.406345][ T6621] usb 1-1: Product: syz
[  231.419551][ T6621] usb 1-1: Manufacturer: syz
[  231.444366][ T6621] usb 1-1: SerialNumber: syz
[  231.490373][ T6621] usb 1-1: config 0 descriptor??
[  231.674814][ T6618] usb 4-1: USB disconnect, device number 31
[  231.849584][ T6621] usb 1-1: USB disconnect, device number 31
[  232.010941][ T5893] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  232.156164][ T6611] usbhid 2-1:0.0: can't add hid device: -71
[  232.168248][ T6611] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  232.207497][ T5893] usb 5-1: Using ep0 maxpacket: 16
[  232.243009][ T5893] usb 5-1: unable to get BOS descriptor or descriptor too short
[  232.283570][ T5893] usb 5-1: config 1 interface 0 altsetting 8 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  232.315109][ T6611] usb 2-1: USB disconnect, device number 32
[  232.336635][ T5893] usb 5-1: config 1 interface 0 has no altsetting 0
[  232.380540][ T5893] usb 5-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40
[  232.390189][ T5893] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.398616][ T5893] usb 5-1: Product: syz
[  232.416688][ T5893] usb 5-1: Manufacturer: syz
[  232.434908][ T5893] usb 5-1: SerialNumber: syz
[  232.705746][ T7612] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.719123][ T7612] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  232.850534][ T7613] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  233.431506][ T7629] netlink: 16 bytes leftover after parsing attributes in process `syz.1.517'.
[  233.817411][ T6621] usb 4-1: new full-speed USB device number 32 using dummy_hcd
[  233.912793][ T7632] block device autoloading is deprecated and will be removed.
[  233.980297][ T6621] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  233.997491][ T6621] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  234.061148][ T6621] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  234.111919][ T6621] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  234.182933][ T6621] usb 4-1: SerialNumber: syz
[  234.248055][ T6621] usb 4-1: 0:2 : does not exist
[  234.434342][ T7635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.519'.
[  234.817703][ T6604] usb 3-1: new full-speed USB device number 29 using dummy_hcd
[  234.982762][ T6604] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  235.013413][ T6604] usb 3-1: config 0 interface 0 has no altsetting 0
[  235.046100][ T6604] usb 3-1: New USB device found, idVendor=28bd, idProduct=0078, bcdDevice= 0.00
[  235.490878][ T6604] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.587426][ T6618] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  235.887399][ T6604] usb 3-1: config 0 descriptor??
[  235.946983][ T7639] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  236.027785][ T6618] usb 1-1: config 0 has no interfaces?
[  236.044994][ T6618] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  236.057004][ T6618] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.071111][ T6618] usb 1-1: Product: syz
[  236.075424][ T6618] usb 1-1: Manufacturer: syz
[  236.081501][ T6618] usb 1-1: SerialNumber: syz
[  236.111900][ T6618] usb 1-1: config 0 descriptor??
[  236.537278][ T5893] usbhid 5-1:1.0: can't add hid device: -71
[  236.544386][ T5893] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  236.633291][ T5893] usb 5-1: USB disconnect, device number 27
[  236.964964][ T6621] usb 4-1: USB disconnect, device number 32
[  237.000638][ T7653] fuse: Unknown parameter '0x0000000000000006'
[  237.608461][ T6604] usbhid 3-1:0.0: can't add hid device: -71
[  237.639547][ T6604] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  237.714930][ T6604] usb 3-1: USB disconnect, device number 29
[  237.726112][ T7673] FAULT_INJECTION: forcing a failure.
[  237.726112][ T7673] name failslab, interval 1, probability 0, space 0, times 0
[  237.777285][ T7673] CPU: 0 UID: 0 PID: 7673 Comm: syz.2.529 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  237.777317][ T7673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  237.777328][ T7673] Call Trace:
[  237.777335][ T7673]  <TASK>
[  237.777343][ T7673]  dump_stack_lvl+0x241/0x360
[  237.777377][ T7673]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.777402][ T7673]  ? __pfx__printk+0x10/0x10
[  237.777431][ T7673]  ? __pfx___might_resched+0x10/0x10
[  237.777457][ T7673]  should_fail_ex+0x424/0x570
[  237.777480][ T7673]  should_failslab+0xac/0x100
[  237.777507][ T7673]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  237.777534][ T7673]  ? __alloc_skb+0x1c2/0x480
[  237.777549][ T7673]  ? __dev_queue_xmit+0x1780/0x3f60
[  237.777573][ T7673]  __alloc_skb+0x1c2/0x480
[  237.777597][ T7673]  ? do_syscall_64+0xf3/0x230
[  237.777623][ T7673]  ? __pfx___alloc_skb+0x10/0x10
[  237.777645][ T7673]  ? netlink_ack_tlv_len+0x6e/0x200
[  237.777672][ T7673]  netlink_ack+0x147/0xa70
[  237.777697][ T7673]  ? __pfx_nl80211_connect+0x10/0x10
[  237.777729][ T7673]  netlink_rcv_skb+0x296/0x480
[  237.777755][ T7673]  ? __pfx_genl_rcv_msg+0x10/0x10
[  237.777776][ T7673]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  237.777821][ T7673]  ? netlink_deliver_tap+0x2e/0x1b0
[  237.777852][ T7673]  genl_rcv+0x28/0x40
[  237.777869][ T7673]  netlink_unicast+0x7f8/0x9a0
[  237.777900][ T7673]  ? __pfx_netlink_unicast+0x10/0x10
[  237.777925][ T7673]  ? skb_put+0x114/0x1f0
[  237.777946][ T7673]  netlink_sendmsg+0x8c3/0xcd0
[  237.777982][ T7673]  ? __pfx_netlink_sendmsg+0x10/0x10
[  237.778013][ T7673]  ? aa_sock_msg_perm+0x91/0x160
[  237.778044][ T7673]  ? __pfx_netlink_sendmsg+0x10/0x10
[  237.778068][ T7673]  __sock_sendmsg+0x221/0x270
[  237.778095][ T7673]  ____sys_sendmsg+0x523/0x860
[  237.778122][ T7673]  ? __pfx_____sys_sendmsg+0x10/0x10
[  237.778139][ T7673]  ? __fget_files+0x2a/0x420
[  237.778159][ T7673]  ? __fget_files+0x2a/0x420
[  237.778183][ T7673]  __sys_sendmsg+0x271/0x360
[  237.778208][ T7673]  ? __pfx___sys_sendmsg+0x10/0x10
[  237.778277][ T7673]  ? do_syscall_64+0xb6/0x230
[  237.778302][ T7673]  do_syscall_64+0xf3/0x230
[  237.778324][ T7673]  ? clear_bhb_loop+0x45/0xa0
[  237.778346][ T7673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.778364][ T7673] RIP: 0033:0x7fbd27d8d169
[  237.778380][ T7673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.778395][ T7673] RSP: 002b:00007fbd25bf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  237.778415][ T7673] RAX: ffffffffffffffda RBX: 00007fbd27fa5fa0 RCX: 00007fbd27d8d169
[  237.778428][ T7673] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  237.778440][ T7673] RBP: 00007fbd25bf6090 R08: 0000000000000000 R09: 0000000000000000
[  237.778451][ T7673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.778461][ T7673] R13: 0000000000000000 R14: 00007fbd27fa5fa0 R15: 00007fbd280cfa28
[  237.778489][ T7673]  </TASK>
[  238.204363][ T5893] usb 1-1: USB disconnect, device number 32
[  238.288909][ T7676] netlink: 20 bytes leftover after parsing attributes in process `syz.1.530'.
[  238.374179][ T7676] FAULT_INJECTION: forcing a failure.
[  238.374179][ T7676] name failslab, interval 1, probability 0, space 0, times 0
[  238.427707][ T7676] CPU: 0 UID: 0 PID: 7676 Comm: syz.1.530 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  238.427735][ T7676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  238.427747][ T7676] Call Trace:
[  238.427754][ T7676]  <TASK>
[  238.427761][ T7676]  dump_stack_lvl+0x241/0x360
[  238.427795][ T7676]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.427822][ T7676]  ? __pfx__printk+0x10/0x10
[  238.427851][ T7676]  ? __pfx___might_resched+0x10/0x10
[  238.427877][ T7676]  should_fail_ex+0x424/0x570
[  238.427901][ T7676]  should_failslab+0xac/0x100
[  238.427928][ T7676]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  238.427954][ T7676]  ? __alloc_skb+0x1c2/0x480
[  238.427974][ T7676]  __alloc_skb+0x1c2/0x480
[  238.427996][ T7676]  ? __pfx___alloc_skb+0x10/0x10
[  238.428011][ T7676]  ? __pfx_rtnl_newlink+0x10/0x10
[  238.428040][ T7676]  ? netlink_ack_tlv_len+0x6e/0x200
[  238.428068][ T7676]  netlink_ack+0x147/0xa70
[  238.428090][ T7676]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  238.428122][ T7676]  ? ref_tracker_free+0x63e/0x7e0
[  238.428148][ T7676]  netlink_rcv_skb+0x296/0x480
[  238.428173][ T7676]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  238.428200][ T7676]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  238.428239][ T7676]  ? netlink_deliver_tap+0x2e/0x1b0
[  238.428266][ T7676]  ? netlink_deliver_tap+0x2e/0x1b0
[  238.428293][ T7676]  netlink_unicast+0x7f8/0x9a0
[  238.428322][ T7676]  ? __pfx_netlink_unicast+0x10/0x10
[  238.428346][ T7676]  ? skb_put+0x114/0x1f0
[  238.428368][ T7676]  netlink_sendmsg+0x8c3/0xcd0
[  238.428404][ T7676]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.428432][ T7676]  ? aa_sock_msg_perm+0x91/0x160
[  238.428462][ T7676]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.428486][ T7676]  __sock_sendmsg+0x221/0x270
[  238.428512][ T7676]  ____sys_sendmsg+0x523/0x860
[  238.428547][ T7676]  ? __pfx_____sys_sendmsg+0x10/0x10
[  238.428564][ T7676]  ? __fget_files+0x2a/0x420
[  238.428587][ T7676]  ? __fget_files+0x2a/0x420
[  238.428612][ T7676]  __sys_sendmsg+0x271/0x360
[  238.428635][ T7676]  ? __pfx___sys_sendmsg+0x10/0x10
[  238.428700][ T7676]  ? do_syscall_64+0xb6/0x230
[  238.428725][ T7676]  do_syscall_64+0xf3/0x230
[  238.428747][ T7676]  ? clear_bhb_loop+0x45/0xa0
[  238.428767][ T7676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.428785][ T7676] RIP: 0033:0x7f9d62b8d169
[  238.428801][ T7676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.428816][ T7676] RSP: 002b:00007f9d63a28038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  238.428837][ T7676] RAX: ffffffffffffffda RBX: 00007f9d62da5fa0 RCX: 00007f9d62b8d169
[  238.428850][ T7676] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  238.428861][ T7676] RBP: 00007f9d63a28090 R08: 0000000000000000 R09: 0000000000000000
[  238.428872][ T7676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.428882][ T7676] R13: 0000000000000000 R14: 00007f9d62da5fa0 R15: 00007f9d62ecfa28
[  238.428909][ T7676]  </TASK>
[  238.431931][ T7681] macvlan1: entered promiscuous mode
[  238.791637][ T7688] netlink: 20 bytes leftover after parsing attributes in process `syz.1.534'.
[  238.807594][ T7681] macvlan1: left promiscuous mode
[  238.898340][ T6621] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  239.007399][ T6611] usb 4-1: new full-speed USB device number 33 using dummy_hcd
[  239.105524][ T6621] usb 3-1: config 0 has no interfaces?
[  239.118595][ T6621] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  239.128772][ T6621] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.147586][ T6621] usb 3-1: Product: syz
[  239.151878][ T6621] usb 3-1: Manufacturer: syz
[  239.168108][ T6611] usb 4-1: unable to get BOS descriptor or descriptor too short
[  239.186963][ T6611] usb 4-1: not running at top speed; connect to a high speed hub
[  239.194962][ T6621] usb 3-1: SerialNumber: syz
[  239.207450][ T5893] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  239.216530][ T6621] usb 3-1: config 0 descriptor??
[  239.225824][ T6611] usb 4-1: config 3 has an invalid interface number: 167 but max is 2
[  239.245647][ T6611] usb 4-1: config 3 has an invalid interface number: 188 but max is 2
[  239.277697][ T6611] usb 4-1: config 3 has an invalid interface number: 29 but max is 2
[  239.436283][ T6611] usb 4-1: config 3 has 4 interfaces, different from the descriptor's value: 3
[  239.485845][ T6611] usb 4-1: config 3 has no interface number 1
[  239.519452][ T6611] usb 4-1: config 3 has no interface number 2
[  239.541975][ T5893] usb 5-1: Using ep0 maxpacket: 16
[  239.551105][ T6611] usb 4-1: config 3 has no interface number 3
[  239.576139][ T6611] usb 4-1: config 3 interface 188 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[  239.578565][ T5893] usb 5-1: unable to get BOS descriptor or descriptor too short
[  239.599517][ T5893] usb 5-1: config 1 interface 0 altsetting 8 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  239.629107][ T6611] usb 4-1: too many endpoints for config 3 interface 29 altsetting 20: 186, using maximum allowed: 30
[  239.646242][ T5893] usb 5-1: config 1 interface 0 has no altsetting 0
[  239.689737][ T6611] usb 4-1: config 3 interface 29 altsetting 20 endpoint 0xC has invalid maxpacket 1023, setting to 64
[  239.714479][ T6611] usb 4-1: config 3 interface 29 altsetting 20 endpoint 0xD has invalid maxpacket 512, setting to 64
[  239.761968][ T6611] usb 4-1: config 3 interface 29 altsetting 20 has a duplicate endpoint with address 0x4, skipping
[  239.773396][ T5893] usb 5-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40
[  239.798866][ T5893] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.825890][ T6611] usb 4-1: config 3 interface 29 altsetting 20 endpoint 0xB has invalid maxpacket 512, setting to 64
[  239.851566][ T6611] usb 4-1: config 3 interface 29 altsetting 20 has 8 endpoint descriptors, different from the interface descriptor's value: 186
[  239.867441][ T5893] usb 5-1: Product: syz
[  239.890302][ T6611] usb 4-1: config 3 interface 167 has no altsetting 0
[  239.906166][ T6611] usb 4-1: config 3 interface 0 has no altsetting 0
[  239.916174][ T5893] usb 5-1: Manufacturer: syz
[  239.925697][ T5893] usb 5-1: SerialNumber: syz
[  239.943567][ T6611] usb 4-1: config 3 interface 29 has no altsetting 0
[  239.963351][ T6611] usb 4-1: string descriptor 0 read error: -71
[  239.974605][ T6611] usb 4-1: New USB device found, idVendor=0403, idProduct=fb5c, bcdDevice=f2.b1
[  240.006474][ T6611] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.036962][ T6611] usb 4-1: can't set config #3, error -71
[  240.056011][ T6611] usb 4-1: USB disconnect, device number 33
[  240.199450][ T7692] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.209048][ T7692] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.587786][ T7704] fuse: Unknown parameter '0x0000000000000006'
[  240.696396][ T7711] FAULT_INJECTION: forcing a failure.
[  240.696396][ T7711] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.745716][ T7711] CPU: 1 UID: 0 PID: 7711 Comm: syz.3.541 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  240.745746][ T7711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  240.745769][ T7711] Call Trace:
[  240.745777][ T7711]  <TASK>
[  240.745786][ T7711]  dump_stack_lvl+0x241/0x360
[  240.745826][ T7711]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.745858][ T7711]  ? __pfx__printk+0x10/0x10
[  240.745898][ T7711]  should_fail_ex+0x424/0x570
[  240.745924][ T7711]  _copy_to_user+0x31/0xb0
[  240.745956][ T7711]  simple_read_from_buffer+0xc4/0x170
[  240.745990][ T7711]  proc_fail_nth_read+0x1ef/0x260
[  240.746014][ T7711]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  240.746038][ T7711]  ? rw_verify_area+0x246/0x630
[  240.746060][ T7711]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  240.746083][ T7711]  vfs_read+0x21f/0xb90
[  240.746111][ T7711]  ? __pfx___mutex_lock+0x10/0x10
[  240.746138][ T7711]  ? __pfx_vfs_read+0x10/0x10
[  240.746165][ T7711]  ? __fget_files+0x2a/0x420
[  240.746186][ T7711]  ? __fget_files+0x39d/0x420
[  240.746202][ T7711]  ? __fget_files+0x2a/0x420
[  240.746231][ T7711]  ksys_read+0x19d/0x2d0
[  240.746257][ T7711]  ? __pfx_ksys_read+0x10/0x10
[  240.746287][ T7711]  ? do_syscall_64+0xb6/0x230
[  240.746315][ T7711]  do_syscall_64+0xf3/0x230
[  240.746342][ T7711]  ? clear_bhb_loop+0x45/0xa0
[  240.746366][ T7711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.746392][ T7711] RIP: 0033:0x7f2bfb58bb7c
[  240.746411][ T7711] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  240.746428][ T7711] RSP: 002b:00007f2bfc369030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  240.746450][ T7711] RAX: ffffffffffffffda RBX: 00007f2bfb7a5fa0 RCX: 00007f2bfb58bb7c
[  240.746465][ T7711] RDX: 000000000000000f RSI: 00007f2bfc3690a0 RDI: 0000000000000004
[  240.746479][ T7711] RBP: 00007f2bfc369090 R08: 0000000000000000 R09: 0000000000000000
[  240.746492][ T7711] R10: 0000200000000600 R11: 0000000000000246 R12: 0000000000000001
[  240.746505][ T7711] R13: 0000000000000000 R14: 00007f2bfb7a5fa0 R15: 00007f2bfb8cfa28
[  240.746536][ T7711]  </TASK>
[  241.629837][ T6611] usb 3-1: USB disconnect, device number 30
[  241.816640][ T7721] vlan2: entered allmulticast mode
[  241.918071][ T7721] mac80211_hwsim hwsim4 wlan1: entered allmulticast mode
[  241.931554][ T5893] usbhid 5-1:1.0: can't add hid device: -71
[  241.953218][ T5893] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  241.985922][ T7723] netlink: 20 bytes leftover after parsing attributes in process `syz.4.547'.
[  241.987687][ T5893] usb 5-1: USB disconnect, device number 28
[  242.023607][ T7724] netlink: 'syz.4.547': attribute type 12 has an invalid length.
[  242.071058][ T7724] netlink: 132 bytes leftover after parsing attributes in process `syz.4.547'.
[  242.836099][ T6611] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  242.997396][ T5893] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  243.048891][ T6611] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  243.061924][ T6611] usb 1-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  243.117438][ T7756] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  243.136221][ T6611] usb 1-1: config 0 interface 0 has no altsetting 0
[  243.163443][ T6611] usb 1-1: New USB device found, idVendor=0757, idProduct=0a00, bcdDevice= 0.00
[  243.178489][ T6611] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.202340][ T6611] usb 1-1: config 0 descriptor??
[  243.282096][ T5893] usb 2-1: config 0 has no interfaces?
[  243.299815][ T5893] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  243.309067][ T5893] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.319261][ T5893] usb 2-1: Product: syz
[  243.323514][ T5893] usb 2-1: Manufacturer: syz
[  243.364161][ T5893] usb 2-1: SerialNumber: syz
[  243.371841][ T7733] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  243.441000][ T5893] usb 2-1: config 0 descriptor??
[  243.721174][ T7739] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  243.934369][ T6611] nti 0003:0757:0A00.0006: unknown main item tag 0x0
[  243.943006][ T6611] nti 0003:0757:0A00.0006: ignoring exceeding usage max
[  243.984191][ T6611] nti 0003:0757:0A00.0006: usage index exceeded
[  244.107345][ T6611] nti 0003:0757:0A00.0006: item 0 0 2 0 parsing failed
[  244.114953][ T6611] nti 0003:0757:0A00.0006: probe with driver nti failed with error -22
[  244.134222][ T7739] netlink: 'syz.0.552': attribute type 29 has an invalid length.
[  244.142296][ T7739] netlink: 148 bytes leftover after parsing attributes in process `syz.0.552'.
[  244.284886][ T3086] usb 1-1: USB disconnect, device number 33
[  244.643372][ T7760] netlink: 'syz.2.559': attribute type 3 has an invalid length.
[  244.657433][ T7760] netlink: 24 bytes leftover after parsing attributes in process `syz.2.559'.
[  244.684923][ T7760] netlink: 12 bytes leftover after parsing attributes in process `syz.2.559'.
[  244.726313][ T7760] netlink: 20 bytes leftover after parsing attributes in process `syz.2.559'.
[  244.738482][ T7774] fuse: Unknown parameter 'fd0x0000000000000006'
[  245.288978][ T5926] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  245.617448][ T5926] usb 1-1: Using ep0 maxpacket: 8
[  245.623956][ T5926] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  245.644526][ T5926] usb 1-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=37.a3
[  245.663204][ T5926] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.688293][ T5926] usb 1-1: Product: syz
[  245.699448][ T5926] usb 1-1: Manufacturer: syz
[  245.715338][ T5926] usb 1-1: SerialNumber: syz
[  245.735320][ T5926] usb 1-1: config 0 descriptor??
[  245.991275][ T7785] netlink: 20 bytes leftover after parsing attributes in process `syz.0.567'.
[  246.022132][ T5926] usb 1-1: USB disconnect, device number 34
[  246.637440][ T3086] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  246.761086][ T5893] usb 2-1: USB disconnect, device number 33
[  246.925566][ T3086] usb 5-1: Using ep0 maxpacket: 16
[  246.997475][ T5926] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  247.087709][ T3086] usb 5-1: unable to get BOS descriptor or descriptor too short
[  247.159461][ T3086] usb 5-1: config 1 interface 0 altsetting 8 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  247.173738][ T5926] usb 3-1: config 0 has no interfaces?
[  247.182860][ T5926] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  247.192867][ T5926] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.239318][ T3086] usb 5-1: config 1 interface 0 has no altsetting 0
[  247.250464][ T5926] usb 3-1: Product: syz
[  247.289816][ T5926] usb 3-1: Manufacturer: syz
[  247.294505][ T5926] usb 3-1: SerialNumber: syz
[  247.328457][ T3086] usb 5-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40
[  247.339793][ T3086] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.371648][ T3086] usb 5-1: Product: syz
[  247.385421][ T5926] usb 3-1: config 0 descriptor??
[  247.390647][ T3086] usb 5-1: Manufacturer: syz
[  247.412737][ T3086] usb 5-1: SerialNumber: syz
[  247.685372][ T7798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  247.694689][ T7798] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  247.738257][ T5926] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  247.856769][ T6611] usb 3-1: USB disconnect, device number 31
[  247.877505][ T5926] usb 4-1: device descriptor read/64, error -71
[  247.997755][ T7814] FAULT_INJECTION: forcing a failure.
[  247.997755][ T7814] name failslab, interval 1, probability 0, space 0, times 0
[  248.030714][ T7814] CPU: 0 UID: 0 PID: 7814 Comm: syz.0.576 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  248.030748][ T7814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  248.030762][ T7814] Call Trace:
[  248.030770][ T7814]  <TASK>
[  248.030779][ T7814]  dump_stack_lvl+0x241/0x360
[  248.030816][ T7814]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.030842][ T7814]  ? __pfx__printk+0x10/0x10
[  248.030864][ T7814]  ? __pfx_nf_tables_newflowtable+0x10/0x10
[  248.030889][ T7814]  ? __pfx___might_resched+0x10/0x10
[  248.030922][ T7814]  should_fail_ex+0x424/0x570
[  248.030949][ T7814]  should_failslab+0xac/0x100
[  248.030978][ T7814]  __kmalloc_cache_noprof+0x73/0x370
[  248.030999][ T7814]  ? nfnetlink_rcv+0x1037/0x28f0
[  248.031017][ T7814]  nfnetlink_rcv+0x1037/0x28f0
[  248.031040][ T7814]  ? __kernel_text_address+0xd/0x40
[  248.031096][ T7814]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  248.031132][ T7814]  ? __lock_acquire+0xad5/0xd80
[  248.031203][ T7814]  ? netlink_deliver_tap+0x2e/0x1b0
[  248.031245][ T7814]  ? netlink_deliver_tap+0x2e/0x1b0
[  248.031273][ T7814]  netlink_unicast+0x7f8/0x9a0
[  248.031301][ T7814]  ? __pfx_netlink_unicast+0x10/0x10
[  248.031319][ T7814]  ? skb_put+0x114/0x1f0
[  248.031340][ T7814]  netlink_sendmsg+0x8c3/0xcd0
[  248.031380][ T7814]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.031410][ T7814]  ? aa_sock_msg_perm+0x91/0x160
[  248.031439][ T7814]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.031456][ T7814]  __sock_sendmsg+0x221/0x270
[  248.031477][ T7814]  ____sys_sendmsg+0x523/0x860
[  248.031506][ T7814]  ? __pfx_____sys_sendmsg+0x10/0x10
[  248.031525][ T7814]  ? __fget_files+0x2a/0x420
[  248.031545][ T7814]  ? __fget_files+0x2a/0x420
[  248.031571][ T7814]  __sys_sendmsg+0x271/0x360
[  248.031590][ T7814]  ? __pfx___sys_sendmsg+0x10/0x10
[  248.031659][ T7814]  ? do_syscall_64+0xb6/0x230
[  248.031692][ T7814]  do_syscall_64+0xf3/0x230
[  248.031712][ T7814]  ? clear_bhb_loop+0x45/0xa0
[  248.031731][ T7814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.031743][ T7814] RIP: 0033:0x7f9de678d169
[  248.031755][ T7814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.031765][ T7814] RSP: 002b:00007f9de75f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  248.031805][ T7814] RAX: ffffffffffffffda RBX: 00007f9de69a5fa0 RCX: 00007f9de678d169
[  248.031819][ T7814] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  248.031831][ T7814] RBP: 00007f9de75f6090 R08: 0000000000000000 R09: 0000000000000000
[  248.031842][ T7814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.031853][ T7814] R13: 0000000000000000 R14: 00007f9de69a5fa0 R15: 00007f9de6acfa28
[  248.031881][ T7814]  </TASK>
[  248.303730][    C0] vkms_vblank_simulate: vblank timer overrun
[  248.367988][ T5926] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  248.507405][ T5926] usb 4-1: device descriptor read/64, error -71
[  248.617724][ T5926] usb usb4-port1: attempt power cycle
[  248.957646][ T5926] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  249.034548][ T5926] usb 4-1: device descriptor read/8, error -71
[  249.857394][ T6605] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  249.980198][ T3086] usbhid 5-1:1.0: can't add hid device: -71
[  250.017805][ T3086] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  250.051553][ T3086] usb 5-1: USB disconnect, device number 29
[  250.058507][ T7838] netlink: 20 bytes leftover after parsing attributes in process `syz.4.585'.
[  250.059515][ T6605] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  250.078199][ T6605] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.104263][ T6605] usb 3-1: config 0 descriptor??
[  250.112165][ T7838] netlink: 'syz.4.585': attribute type 12 has an invalid length.
[  250.119819][ T6605] cp210x 3-1:0.0: cp210x converter detected
[  250.141855][ T7838] netlink: 132 bytes leftover after parsing attributes in process `syz.4.585'.
[  250.231525][ T7836] FAULT_INJECTION: forcing a failure.
[  250.231525][ T7836] name failslab, interval 1, probability 0, space 0, times 0
[  250.245021][ T7836] CPU: 0 UID: 0 PID: 7836 Comm: syz.1.581 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  250.245049][ T7836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  250.245061][ T7836] Call Trace:
[  250.245069][ T7836]  <TASK>
[  250.245077][ T7836]  dump_stack_lvl+0x241/0x360
[  250.245112][ T7836]  ? __pfx_dump_stack_lvl+0x10/0x10
[  250.245140][ T7836]  ? __pfx__printk+0x10/0x10
[  250.245171][ T7836]  ? __pfx___might_resched+0x10/0x10
[  250.245202][ T7836]  should_fail_ex+0x424/0x570
[  250.245227][ T7836]  should_failslab+0xac/0x100
[  250.245256][ T7836]  kmem_cache_alloc_lru_noprof+0x7d/0x390
[  250.245283][ T7836]  ? xas_split_alloc+0x147/0x450
[  250.245313][ T7836]  xas_split_alloc+0x147/0x450
[  250.245350][ T7836]  __folio_split+0xa81/0x1730
[  250.245401][ T7836]  ? __pfx___folio_split+0x10/0x10
[  250.245430][ T7836]  ? __pfx___might_resched+0x10/0x10
[  250.245464][ T7836]  ? do_raw_spin_unlock+0x13c/0x8b0
[  250.245500][ T7836]  madvise_cold_or_pageout_pte_range+0x1b44/0x2350
[  250.245543][ T7836]  ? preempt_schedule_irq+0x145/0x1c0
[  250.245564][ T7836]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  250.245593][ T7836]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  250.245625][ T7836]  ? irqentry_exit+0x63/0x90
[  250.245645][ T7836]  ? lockdep_hardirqs_on+0x9d/0x150
[  250.245695][ T7836]  walk_pgd_range+0xc3f/0x17e0
[  250.245751][ T7836]  ? __pfx_walk_pgd_range+0x10/0x10
[  250.245787][ T7836]  __walk_page_range+0x15f/0x700
[  250.245813][ T7836]  ? find_vma+0xfa/0x170
[  250.245838][ T7836]  ? __pfx_find_vma+0x10/0x10
[  250.245874][ T7836]  walk_page_range_mm+0x591/0x7c0
[  250.245907][ T7836]  ? __pfx_walk_page_range_mm+0x10/0x10
[  250.245934][ T7836]  ? mlock_drain_local+0x79/0x490
[  250.245957][ T7836]  ? tlb_gather_mmu+0x24e/0x310
[  250.245975][ T7836]  ? walk_page_range+0x6a/0x90
[  250.246000][ T7836]  madvise_do_behavior+0x2023/0x4640
[  250.246026][ T7836]  ? rcu_is_watching+0x15/0xb0
[  250.246065][ T7836]  ? irqentry_exit+0x63/0x90
[  250.246084][ T7836]  ? lockdep_hardirqs_on+0x9d/0x150
[  250.246116][ T7836]  ? __pfx_madvise_do_behavior+0x10/0x10
[  250.246143][ T7836]  ? kstrtouint+0xca/0x190
[  250.246164][ T7836]  ? kstrtouint+0xfc/0x190
[  250.246191][ T7836]  ? __lock_acquire+0xad5/0xd80
[  250.246232][ T7836]  ? __lock_acquire+0xad5/0xd80
[  250.246275][ T7836]  ? down_read+0x813/0xa50
[  250.246301][ T7836]  ? __mutex_unlock_slowpath+0x229/0x800
[  250.246333][ T7836]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  250.246372][ T7836]  __x64_sys_madvise+0x185/0x220
[  250.246401][ T7836]  ? __pfx___x64_sys_madvise+0x10/0x10
[  250.246434][ T7836]  ? do_syscall_64+0xb6/0x230
[  250.246459][ T7836]  do_syscall_64+0xf3/0x230
[  250.246482][ T7836]  ? clear_bhb_loop+0x45/0xa0
[  250.246504][ T7836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.246521][ T7836] RIP: 0033:0x7f9d62b8d169
[  250.246536][ T7836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.246551][ T7836] RSP: 002b:00007f9d639e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  250.246571][ T7836] RAX: ffffffffffffffda RBX: 00007f9d62da6160 RCX: 00007f9d62b8d169
[  250.246583][ T7836] RDX: 0000000000000014 RSI: 0000000000003000 RDI: 000020000003e000
[  250.246595][ T7836] RBP: 00007f9d639e6090 R08: 0000000000000000 R09: 0000000000000000
[  250.246606][ T7836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.246617][ T7836] R13: 0000000000000000 R14: 00007f9d62da6160 R15: 00007f9d62ecfa28
[  250.246644][ T7836]  </TASK>
[  250.964339][ T6605] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  251.589090][ T6605] cp210x 3-1:0.0: failed to get vendor val 0x370c size 15: -71
[  251.668798][ T6605] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  251.721383][ T6605] usb 3-1: cp210x converter now attached to ttyUSB0
[  251.747394][ T3086] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  251.759923][ T5893] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  251.909184][ T6605] usb 3-1: USB disconnect, device number 32
[  251.937363][ T5893] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.974237][ T5893] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.986262][ T6605] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  252.005750][ T6605] cp210x 3-1:0.0: device disconnected
[  252.014089][ T3086] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  252.032714][ T5893] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  252.047359][ T3086] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  252.086355][ T5893] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.114356][ T3086] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  252.136526][ T5893] usb 5-1: config 0 descriptor??
[  252.149080][ T3086] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.190104][ T3086] usb 4-1: config 0 descriptor??
[  252.652246][ T7857] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.716454][ T7857] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  252.941503][ T7883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.950730][ T7883] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.587392][ T5926] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  253.819835][ T6605] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  253.862796][ T5926] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.877705][ T5926] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.928591][ T5926] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  254.129161][ T5926] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  254.216432][ T6605] usb 1-1: config 0 has no interfaces?
[  254.233673][ T5926] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.283106][ T6605] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  254.326589][ T5926] usb 3-1: config 0 descriptor??
[  254.344455][ T6605] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.394926][ T6605] usb 1-1: Product: syz
[  254.435032][ T6605] usb 1-1: Manufacturer: syz
[  254.489849][ T6605] usb 1-1: SerialNumber: syz
[  254.548521][ T6605] usb 1-1: config 0 descriptor??
[  254.864471][ T7891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.957717][ T7891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  255.031862][ T7891] vlan2: entered allmulticast mode
[  255.102412][ T7891] hsr0: entered allmulticast mode
[  255.159329][ T7891] hsr_slave_0: entered allmulticast mode
[  255.214957][ T7891] hsr_slave_1: entered allmulticast mode
[  255.532031][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  255.538550][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  255.790769][ T5926] usbhid 3-1:0.0: can't add hid device: -71
[  255.818659][ T5926] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  255.866484][ T5926] usb 3-1: USB disconnect, device number 33
[  256.210210][ T5893] usbhid 5-1:0.0: can't add hid device: -71
[  256.252995][ T5893] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  256.406986][ T5893] usb 5-1: USB disconnect, device number 30
[  256.442349][ T7921] netlink: 128 bytes leftover after parsing attributes in process `syz.4.601'.
[  256.882691][ T7921] netlink: 112 bytes leftover after parsing attributes in process `syz.4.601'.
[  256.979605][ T3086] usbhid 4-1:0.0: can't add hid device: -71
[  257.012253][ T7921] netlink: 112 bytes leftover after parsing attributes in process `syz.4.601'.
[  257.032032][ T3086] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  257.142632][ T3086] usb 4-1: USB disconnect, device number 38
[  257.590387][ T3086] usb 1-1: USB disconnect, device number 35
[  257.938110][ T7957] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  258.467582][ T5926] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  258.540351][ T7972] FAULT_INJECTION: forcing a failure.
[  258.540351][ T7972] name failslab, interval 1, probability 0, space 0, times 0
[  258.617483][ T7972] CPU: 0 UID: 0 PID: 7972 Comm: syz.0.612 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  258.617503][ T7972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  258.617511][ T7972] Call Trace:
[  258.617516][ T7972]  <TASK>
[  258.617521][ T7972]  dump_stack_lvl+0x241/0x360
[  258.617547][ T7972]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.617566][ T7972]  ? __pfx__printk+0x10/0x10
[  258.617586][ T7972]  ? __pfx___might_resched+0x10/0x10
[  258.617605][ T7972]  should_fail_ex+0x424/0x570
[  258.617622][ T7972]  should_failslab+0xac/0x100
[  258.617641][ T7972]  __kmalloc_cache_noprof+0x73/0x370
[  258.617659][ T7972]  ? sctp_association_new+0x8a/0x2540
[  258.617675][ T7972]  sctp_association_new+0x8a/0x2540
[  258.617689][ T7972]  ? sctp_has_association+0x1d4/0x1f0
[  258.617703][ T7972]  ? sctp_has_association+0x2f/0x1f0
[  258.617718][ T7972]  ? __ipv6_addr_type+0xda/0x2f0
[  258.617741][ T7972]  sctp_connect_new_asoc+0x31c/0x700
[  258.617757][ T7972]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  258.617770][ T7972]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  258.617784][ T7972]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  258.617795][ T7972]  ? sctp_endpoint_lookup_assoc+0x217/0x250
[  258.617806][ T7972]  ? sctp_endpoint_lookup_assoc+0x7c/0x250
[  258.617819][ T7972]  __sctp_connect+0x6ab/0xe60
[  258.617843][ T7972]  ? __pfx___sctp_connect+0x10/0x10
[  258.617869][ T7972]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  258.617889][ T7972]  sctp_setsockopt_connectx+0x183/0x2a0
[  258.617904][ T7972]  ? __pfx_sctp_setsockopt_connectx+0x10/0x10
[  258.617917][ T7972]  ? do_raw_spin_unlock+0x13c/0x8b0
[  258.617941][ T7972]  sctp_setsockopt+0x701/0x11e0
[  258.617963][ T7972]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  258.617982][ T7972]  do_sock_setsockopt+0x3b1/0x710
[  258.617999][ T7972]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  258.618010][ T7972]  ? __fget_files+0x2a/0x420
[  258.618024][ T7972]  ? __fget_files+0x39d/0x420
[  258.618034][ T7972]  ? __fget_files+0x2a/0x420
[  258.618051][ T7972]  __x64_sys_setsockopt+0x1ee/0x280
[  258.618068][ T7972]  do_syscall_64+0xf3/0x230
[  258.618084][ T7972]  ? clear_bhb_loop+0x45/0xa0
[  258.618100][ T7972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.618112][ T7972] RIP: 0033:0x7f9de678d169
[  258.618123][ T7972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.618134][ T7972] RSP: 002b:00007f9de75f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  258.618148][ T7972] RAX: ffffffffffffffda RBX: 00007f9de69a5fa0 RCX: 00007f9de678d169
[  258.618157][ T7972] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000003
[  258.618165][ T7972] RBP: 00007f9de75f6090 R08: 000000000000001c R09: 0000000000000000
[  258.618173][ T7972] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.618181][ T7972] R13: 0000000000000000 R14: 00007f9de69a5fa0 R15: 00007f9de6acfa28
[  258.618199][ T7972]  </TASK>
[  259.159357][ T5926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.170282][ T5926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  259.180055][ T5926] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  259.189105][ T5926] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.298222][ T5926] usb 2-1: config 0 descriptor??
[  259.536637][ T7968] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  259.546335][ T7968] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.508034][ T6604] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  260.677374][ T6604] usb 5-1: Using ep0 maxpacket: 32
[  260.684705][ T6604] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  260.839726][ T6604] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  260.922665][ T6604] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  260.992882][ T6604] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  261.068313][ T6604] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.142690][ T6604] usb 5-1: config 0 descriptor??
[  261.180263][ T7989] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  261.278786][ T6604] hub 5-1:0.0: USB hub found
[  261.745140][ T8000] netlink: 128 bytes leftover after parsing attributes in process `syz.3.617'.
[  261.806605][ T8000] netlink: 112 bytes leftover after parsing attributes in process `syz.3.617'.
[  261.879307][ T8000] netlink: 112 bytes leftover after parsing attributes in process `syz.3.617'.
[  262.077990][ T6604] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  262.177472][ T5926] usbhid 2-1:0.0: can't add hid device: -71
[  262.183665][ T5926] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  262.195593][ T6604] usbhid 5-1:0.0: can't add hid device: -71
[  262.235657][ T6604] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  262.270733][ T5926] usb 2-1: USB disconnect, device number 34
[  262.344282][ T6604] usb 5-1: USB disconnect, device number 31
[  262.397874][ T8012] Invalid logical block size (32)
[  262.677801][ T6621] usb 4-1: new full-speed USB device number 39 using dummy_hcd
[  262.787577][ T6604] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  262.865244][ T6621] usb 4-1: config 8 has an invalid interface number: 177 but max is 0
[  262.927425][ T6621] usb 4-1: config 8 has no interface number 0
[  262.953317][ T6621] usb 4-1: config 8 interface 177 altsetting 9 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  262.994658][ T6621] usb 4-1: config 8 interface 177 has no altsetting 0
[  263.022119][ T6621] usb 4-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[  263.043737][ T6604] usb 5-1: config 0 has no interfaces?
[  263.089199][ T6621] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.117398][ T6604] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  263.135528][ T8014] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  263.181089][ T6604] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.258454][ T6604] usb 5-1: Product: syz
[  263.298148][ T6604] usb 5-1: Manufacturer: syz
[  263.302783][ T6604] usb 5-1: SerialNumber: syz
[  263.359694][ T6604] usb 5-1: config 0 descriptor??
[  263.384429][ T6621] usb 4-1: string descriptor 0 read error: -71
[  263.428861][    C0] ir_toy 4-1:8.177: out urb status: -71
[  263.717751][ T8034] netlink: 12 bytes leftover after parsing attributes in process `syz.0.627'.
[  263.954315][ T6621] ir_toy 4-1:8.177: could not write reset command: -110
[  263.997458][ T6621] ir_toy 4-1:8.177: probe with driver ir_toy failed with error -110
[  264.078301][ T6621] usb 4-1: USB disconnect, device number 39
[  264.122736][ T8040] FAULT_INJECTION: forcing a failure.
[  264.122736][ T8040] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.203818][ T8040] CPU: 1 UID: 0 PID: 8040 Comm: syz.3.628 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  264.203847][ T8040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  264.203859][ T8040] Call Trace:
[  264.203867][ T8040]  <TASK>
[  264.203874][ T8040]  dump_stack_lvl+0x241/0x360
[  264.203909][ T8040]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.203936][ T8040]  ? __pfx__printk+0x10/0x10
[  264.203974][ T8040]  should_fail_ex+0x424/0x570
[  264.204000][ T8040]  _copy_to_user+0x31/0xb0
[  264.204030][ T8040]  simple_read_from_buffer+0xc4/0x170
[  264.204061][ T8040]  proc_fail_nth_read+0x1ef/0x260
[  264.204084][ T8040]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.204107][ T8040]  ? rw_verify_area+0x246/0x630
[  264.204126][ T8040]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.204147][ T8040]  vfs_read+0x21f/0xb90
[  264.204173][ T8040]  ? __pfx___mutex_lock+0x10/0x10
[  264.204198][ T8040]  ? __pfx_vfs_read+0x10/0x10
[  264.204221][ T8040]  ? __fget_files+0x2a/0x420
[  264.204241][ T8040]  ? __fget_files+0x39d/0x420
[  264.204257][ T8040]  ? __fget_files+0x2a/0x420
[  264.204283][ T8040]  ksys_read+0x19d/0x2d0
[  264.204306][ T8040]  ? __pfx_ksys_read+0x10/0x10
[  264.204333][ T8040]  ? do_syscall_64+0xb6/0x230
[  264.204359][ T8040]  do_syscall_64+0xf3/0x230
[  264.204383][ T8040]  ? clear_bhb_loop+0x45/0xa0
[  264.204405][ T8040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.204424][ T8040] RIP: 0033:0x7f2bfb58bb7c
[  264.204450][ T8040] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  264.204465][ T8040] RSP: 002b:00007f2bfc369030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  264.204490][ T8040] RAX: ffffffffffffffda RBX: 00007f2bfb7a5fa0 RCX: 00007f2bfb58bb7c
[  264.204504][ T8040] RDX: 000000000000000f RSI: 00007f2bfc3690a0 RDI: 0000000000000004
[  264.204515][ T8040] RBP: 00007f2bfc369090 R08: 0000000000000000 R09: 0000000000000000
[  264.204526][ T8040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.204536][ T8040] R13: 0000000000000000 R14: 00007f2bfb7a5fa0 R15: 00007f2bfb8cfa28
[  264.204563][ T8040]  </TASK>
[  265.037975][ T5926] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  265.218029][ T5926] usb 1-1: Using ep0 maxpacket: 16
[  265.232784][ T5926] usb 1-1: config 0 has no interfaces?
[  265.242291][ T5926] usb 1-1: New USB device found, idVendor=048d, idProduct=0900, bcdDevice=fa.5a
[  265.317899][ T6605] usb 5-1: USB disconnect, device number 32
[  265.325424][ T5926] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.397546][ T5926] usb 1-1: Product: syz
[  265.417478][ T5926] usb 1-1: Manufacturer: syz
[  265.422154][ T5926] usb 1-1: SerialNumber: syz
[  265.488341][ T5926] usb 1-1: config 0 descriptor??
[  265.746419][ T6605] usb 1-1: USB disconnect, device number 36
[  267.508024][ T8088] FAULT_INJECTION: forcing a failure.
[  267.508024][ T8088] name failslab, interval 1, probability 0, space 0, times 0
[  267.597570][ T8088] CPU: 1 UID: 0 PID: 8088 Comm: syz.1.638 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  267.597597][ T8088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  267.597608][ T8088] Call Trace:
[  267.597615][ T8088]  <TASK>
[  267.597623][ T8088]  dump_stack_lvl+0x241/0x360
[  267.597656][ T8088]  ? __pfx_dump_stack_lvl+0x10/0x10
[  267.597680][ T8088]  ? __pfx__printk+0x10/0x10
[  267.597706][ T8088]  ? __pfx___might_resched+0x10/0x10
[  267.597731][ T8088]  should_fail_ex+0x424/0x570
[  267.597754][ T8088]  should_failslab+0xac/0x100
[  267.597780][ T8088]  kmem_cache_alloc_noprof+0x78/0x390
[  267.597803][ T8088]  ? security_file_alloc+0x32/0x310
[  267.597828][ T8088]  security_file_alloc+0x32/0x310
[  267.597868][ T8088]  init_file+0x90/0x300
[  267.597888][ T8088]  alloc_empty_file+0x70/0x1d0
[  267.597933][ T8088]  alloc_file_pseudo+0x206/0x320
[  267.597958][ T8088]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  267.597977][ T8088]  ? rcu_is_watching+0x15/0xb0
[  267.598001][ T8088]  ? hugetlbfs_get_inode+0x45f/0x690
[  267.598029][ T8088]  hugetlb_file_setup+0x38a/0x5c0
[  267.598054][ T8088]  ksys_mmap_pgoff+0x20e/0x720
[  267.598089][ T8088]  do_syscall_64+0xf3/0x230
[  267.598113][ T8088]  ? clear_bhb_loop+0x45/0xa0
[  267.598137][ T8088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.598154][ T8088] RIP: 0033:0x7f9d62b8d169
[  267.598171][ T8088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.598227][ T8088] RSP: 002b:00007f9d63a28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  267.598256][ T8088] RAX: ffffffffffffffda RBX: 00007f9d62da5fa0 RCX: 00007f9d62b8d169
[  267.598271][ T8088] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000200000
[  267.598284][ T8088] RBP: 00007f9d63a28090 R08: ffffffffffffffff R09: 0000000000000000
[  267.598298][ T8088] R10: 000200000006c832 R11: 0000000000000246 R12: 0000000000000001
[  267.598309][ T8088] R13: 0000000000000000 R14: 00007f9d62da5fa0 R15: 00007f9d62ecfa28
[  267.598339][ T8088]  </TASK>
[  268.337384][ T6605] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  268.493318][ T6605] usb 1-1: Using ep0 maxpacket: 32
[  268.522983][ T6605] usb 1-1: config 0 has an invalid interface number: 235 but max is 0
[  268.550493][ T6605] usb 1-1: config 0 has no interface number 0
[  268.588425][ T6605] usb 1-1: New USB device found, idVendor=085a, idProduct=0009, bcdDevice=a3.47
[  268.617439][ T6605] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.625456][ T6605] usb 1-1: Product: syz
[  268.665619][ T6605] usb 1-1: Manufacturer: syz
[  268.671652][ T6605] usb 1-1: SerialNumber: syz
[  268.699287][ T6605] usb 1-1: config 0 descriptor??
[  268.958734][ T6605] kaweth 1-1:0.235: Firmware present in device.
[  268.974651][ T8099] netlink: 20 bytes leftover after parsing attributes in process `syz.2.643'.
[  269.155467][   T30] audit: type=1800 audit(1744321596.215:169): pid=8102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.644" name="/" dev="fuse" ino=1 res=0 errno=0
[  269.201965][ T6605] kaweth 1-1:0.235: Statistics collection: 0
[  269.210448][ T6605] kaweth 1-1:0.235: Multicast filter limit: 0
[  269.232198][ T6605] kaweth 1-1:0.235: MTU: 0
[  269.246558][ T6605] kaweth 1-1:0.235: Read MAC address 00:00:00:00:00:00
[  269.256581][ T8103] Option '�'M�O��' to dns_resolver key: bad/missing value
[  269.730774][ T8111] FAULT_INJECTION: forcing a failure.
[  269.730774][ T8111] name failslab, interval 1, probability 0, space 0, times 0
[  269.770884][ T8111] CPU: 0 UID: 0 PID: 8111 Comm: syz.1.647 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  269.770915][ T8111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  269.770928][ T8111] Call Trace:
[  269.770936][ T8111]  <TASK>
[  269.770945][ T8111]  dump_stack_lvl+0x241/0x360
[  269.770985][ T8111]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.771017][ T8111]  ? __pfx__printk+0x10/0x10
[  269.771045][ T8111]  ? __lock_acquire+0xad5/0xd80
[  269.771080][ T8111]  should_fail_ex+0x424/0x570
[  269.771108][ T8111]  should_failslab+0xac/0x100
[  269.771141][ T8111]  kmem_cache_alloc_noprof+0x78/0x390
[  269.771183][ T8111]  ? skb_clone+0x20c/0x390
[  269.771211][ T8111]  skb_clone+0x20c/0x390
[  269.771248][ T8111]  __netlink_deliver_tap+0x3c4/0x7f0
[  269.771296][ T8111]  ? netlink_deliver_tap+0x2e/0x1b0
[  269.771321][ T8111]  netlink_deliver_tap+0x19d/0x1b0
[  269.771349][ T8111]  netlink_unicast+0x7c6/0x9a0
[  269.771379][ T8111]  ? __pfx_netlink_unicast+0x10/0x10
[  269.771405][ T8111]  ? skb_put+0x114/0x1f0
[  269.771426][ T8111]  netlink_sendmsg+0x8c3/0xcd0
[  269.771464][ T8111]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.771494][ T8111]  ? aa_sock_msg_perm+0x91/0x160
[  269.771525][ T8111]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.771548][ T8111]  __sock_sendmsg+0x221/0x270
[  269.771576][ T8111]  ____sys_sendmsg+0x523/0x860
[  269.771604][ T8111]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.771621][ T8111]  ? __fget_files+0x2a/0x420
[  269.771641][ T8111]  ? __fget_files+0x2a/0x420
[  269.771666][ T8111]  __sys_sendmsg+0x271/0x360
[  269.771691][ T8111]  ? __pfx___sys_sendmsg+0x10/0x10
[  269.771766][ T8111]  ? do_syscall_64+0xb6/0x230
[  269.771793][ T8111]  do_syscall_64+0xf3/0x230
[  269.771815][ T8111]  ? clear_bhb_loop+0x45/0xa0
[  269.771837][ T8111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.771855][ T8111] RIP: 0033:0x7f9d62b8d169
[  269.771872][ T8111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.771888][ T8111] RSP: 002b:00007f9d63a28038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.771908][ T8111] RAX: ffffffffffffffda RBX: 00007f9d62da5fa0 RCX: 00007f9d62b8d169
[  269.771922][ T8111] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  269.771933][ T8111] RBP: 00007f9d63a28090 R08: 0000000000000000 R09: 0000000000000000
[  269.771945][ T8111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.771955][ T8111] R13: 0000000000000000 R14: 00007f9d62da5fa0 R15: 00007f9d62ecfa28
[  269.771983][ T8111]  </TASK>
[  269.774353][ T8111] netlink: 4 bytes leftover after parsing attributes in process `syz.1.647'.
[  270.000330][ T8102] loop2: detected capacity change from 0 to 7
[  270.138471][ T8102] Dev loop2: unable to read RDB block 7
[  270.144137][ T8102]  loop2: unable to read partition table
[  270.177557][ T8102] loop2: partition table beyond EOD, truncated
[  270.183831][ T8102] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  270.427704][ T6621] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  270.475828][ T8129] netlink: 'syz.1.653': attribute type 4 has an invalid length.
[  270.593310][ T6621] usb 5-1: Using ep0 maxpacket: 8
[  270.605204][ T6621] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  270.623018][ T6621] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.694387][ T6621] usb 5-1: Product: syz
[  270.713129][ T6621] usb 5-1: Manufacturer: syz
[  270.830320][ T6621] usb 5-1: SerialNumber: syz
[  270.878059][ T6621] usb 5-1: config 0 descriptor??
[  271.100029][ T6621] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  271.180653][ T6605] kaweth 1-1:0.235: Error setting SOFS wait
[  271.197487][ T6617] usb 2-1: new full-speed USB device number 35 using dummy_hcd
[  271.207630][ T6605] kaweth 1-1:0.235: probe with driver kaweth failed with error -5
[  271.382426][ T6605] usb 1-1: USB disconnect, device number 37
[  271.453890][ T6617] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  271.475909][ T6617] usb 2-1: config 0 interface 0 has no altsetting 0
[  271.527600][ T6617] usb 2-1: New USB device found, idVendor=28bd, idProduct=0078, bcdDevice= 0.00
[  271.567261][ T6617] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.591246][ T6621] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  271.613692][ T6617] usb 2-1: config 0 descriptor??
[  271.632529][ T8138] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  272.156491][ T5926] usb 5-1: USB disconnect, device number 33
[  272.894859][ T6605] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  273.037493][ T6617] usbhid 2-1:0.0: can't add hid device: -71
[  273.043553][ T6617] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  273.058374][ T6605] usb 5-1: device descriptor read/64, error -71
[  273.135948][ T6617] usb 2-1: USB disconnect, device number 35
[  273.143506][ T8161] "syz.0.663" (8161) uses obsolete ecb(arc4) skcipher
[  273.357573][ T5926] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  273.360641][ T6605] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  273.497379][ T6605] usb 5-1: device descriptor read/64, error -71
[  273.529628][ T5926] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.576085][ T5926] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.609232][ T5926] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  273.617831][ T6605] usb usb5-port1: attempt power cycle
[  273.659625][ T5926] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  273.687555][ T5926] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.738904][ T5926] usb 4-1: config 0 descriptor??
[  273.987386][ T6605] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  274.025383][ T6605] usb 5-1: device descriptor read/8, error -71
[  274.297465][ T6605] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  274.358767][ T6605] usb 5-1: device descriptor read/8, error -71
[  274.365171][ T8193] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  274.371707][ T8193] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  274.379508][   T30] audit: type=1326 audit(1744321601.405:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de678d169 code=0x7ffc0000
[  274.403612][ T8193] vhci_hcd vhci_hcd.0: Device attached
[  274.467318][ T8200] netlink: 4 bytes leftover after parsing attributes in process `syz.1.672'.
[  274.499332][ T6605] usb usb5-port1: unable to enumerate USB device
[  274.611764][ T6611] vhci_hcd: vhci_device speed not set
[  274.628800][   T30] audit: type=1326 audit(1744321601.415:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f9de678f0ba code=0x7ffc0000
[  274.677564][ T6611] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[  274.720646][ T8203] netlink: 4 bytes leftover after parsing attributes in process `syz.1.672'.
[  274.772190][   T30] audit: type=1326 audit(1744321601.415:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9de678bad0 code=0x7ffc0000
[  274.861088][   T30] audit: type=1326 audit(1744321601.415:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9de678bc1f code=0x7ffc0000
[  274.921734][   T30] audit: type=1326 audit(1744321601.475:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9de678bdca code=0x7ffc0000
[  275.152594][   T30] audit: type=1326 audit(1744321601.475:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de678d169 code=0x7ffc0000
[  275.293810][ T8194] vhci_hcd: connection reset by peer
[  275.301289][ T8207] netlink: 4 bytes leftover after parsing attributes in process `syz.2.675'.
[  275.311975][   T30] audit: type=1326 audit(1744321601.475:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9de678d169 code=0x7ffc0000
[  275.335469][   T30] audit: type=1326 audit(1744321601.555:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f9de678d169 code=0x7ffc0000
[  275.337449][   T53] vhci_hcd: stop threads
[  275.430679][   T53] vhci_hcd: release socket
[  275.589489][   T53] vhci_hcd: disconnect device
[  276.017431][ T6621] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  276.199797][ T6621] usb 5-1: Using ep0 maxpacket: 16
[  276.230708][ T6621] usb 5-1: unable to get BOS descriptor or descriptor too short
[  276.243589][ T6621] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  276.324762][ T6621] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  276.384404][ T6621] usb 5-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40
[  276.576324][ T6621] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.593800][ T6621] usb 5-1: Product: syz
[  276.602537][ T6621] usb 5-1: Manufacturer: syz
[  276.607177][ T6621] usb 5-1: SerialNumber: syz
[  276.753186][ T8207] ipvlan2: entered promiscuous mode
[  276.765172][ T5926] usbhid 4-1:0.0: can't add hid device: -71
[  276.847592][ T5926] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  276.907930][ T5926] usb 4-1: USB disconnect, device number 40
[  277.057073][ T8214] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.065973][ T8214] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.106370][ T8217] netlink: 8 bytes leftover after parsing attributes in process `syz.3.678'.
[  277.451623][ T5893] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  277.618465][ T5893] usb 3-1: Using ep0 maxpacket: 32
[  277.633101][ T5893] usb 3-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.653767][ T5893] usb 3-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  277.709146][ T5893] usb 3-1: config 0 interface 0 has no altsetting 0
[  277.736982][ T5893] usb 3-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[  277.796506][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.913005][ T5893] usb 3-1: config 0 descriptor??
[  278.474497][ T5893] betop 0003:20BC:5500.0007: unknown main item tag 0x0
[  278.616282][ T5893] betop 0003:20BC:5500.0007: hidraw0: USB HID v0.00 Device [HID 20bc:5500] on usb-dummy_hcd.2-1/input0
[  278.860564][ T5893] betop 0003:20BC:5500.0007: no inputs found
[  278.897821][ T5893] usb 3-1: USB disconnect, device number 34
[  279.484321][ T6621] usb 5-1: USB disconnect, device number 38
[  279.531845][ T8241] netlink: 'syz.4.684': attribute type 10 has an invalid length.
[  279.848416][ T6611] vhci_hcd: vhci_device speed not set
[  279.932722][ T8250] netlink: 'syz.2.687': attribute type 2 has an invalid length.
[  280.153628][ T8250] ave_0: entered promiscuous mode
[  280.305758][ T8254] netlink: 'syz.4.689': attribute type 11 has an invalid length.
[  280.553876][ T8258] netlink: 8 bytes leftover after parsing attributes in process `syz.3.691'.
[  280.597551][ T8258] macvlan0: left allmulticast mode
[  280.687396][ T6621] usb 1-1: new full-speed USB device number 38 using dummy_hcd
[  280.782552][ T8263] netlink: 20 bytes leftover after parsing attributes in process `syz.2.693'.
[  280.829083][ T6621] usb 1-1: device descriptor read/64, error -71
[  280.988366][ T8269] netlink: 48 bytes leftover after parsing attributes in process `syz.4.694'.
[  281.097941][ T6621] usb 1-1: new full-speed USB device number 39 using dummy_hcd
[  281.284569][ T6621] usb 1-1: device descriptor read/64, error -71
[  281.434922][ T6621] usb usb1-port1: attempt power cycle
[  281.577422][ T6617] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  281.836394][ T6621] usb 1-1: new full-speed USB device number 40 using dummy_hcd
[  281.918381][ T6621] usb 1-1: device descriptor read/8, error -71
[  281.977225][ T6617] usb 3-1: config 0 has no interfaces?
[  281.995293][ T6617] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  282.005343][ T6617] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.060647][ T6617] usb 3-1: Product: syz
[  282.067527][ T6617] usb 3-1: Manufacturer: syz
[  282.087517][ T6617] usb 3-1: SerialNumber: syz
[  282.097516][ T6605] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  282.132782][ T6617] usb 3-1: config 0 descriptor??
[  282.178694][ T6621] usb 1-1: new full-speed USB device number 41 using dummy_hcd
[  282.328868][ T6621] usb 1-1: device descriptor read/8, error -71
[  282.350564][ T6605] usb 2-1: Using ep0 maxpacket: 32
[  282.382091][ T6605] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.447569][ T6621] usb usb1-port1: unable to enumerate USB device
[  282.511791][ T8275] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  282.527851][ T6605] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.620926][ T6605] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  282.690492][ T6605] usb 2-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[  282.692729][ T8293] netlink: 4 bytes leftover after parsing attributes in process `syz.3.702'.
[  282.717503][ T6605] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.756324][ T6605] usb 2-1: config 0 descriptor??
[  283.728331][ T8304] x_tables: duplicate underflow at hook 1
[  283.827626][ T6605] input: THQ uDraw Game Tablet for PS3 Joypad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:20D6:CB17.0008/input/input11
[  284.017085][ T8284] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  284.095352][ T6605] input: THQ uDraw Game Tablet for PS3 Touchpad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:20D6:CB17.0008/input/input12
[  284.156838][ T6605] input: THQ uDraw Game Tablet for PS3 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:20D6:CB17.0008/input/input13
[  284.317882][ T8284] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  284.462543][ T6605] input: THQ uDraw Game Tablet for PS3 Accelerometer as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:20D6:CB17.0008/input/input14
[  284.587391][ T6604] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  284.612706][ T6605] hid-udraw 0003:20D6:CB17.0008: hidraw0: USB HID v0.00 Device [HID 20d6:cb17] on usb-dummy_hcd.1-1/input0
[  284.818080][ T6604] usb 1-1: Using ep0 maxpacket: 32
[  284.844225][ T6604] usb 1-1: config index 0 descriptor too short (expected 8978, got 18)
[  284.870567][ T6604] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  284.926108][ T6604] usb 1-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  284.946554][ T6604] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.958274][ T8315] FAULT_INJECTION: forcing a failure.
[  284.958274][ T8315] name failslab, interval 1, probability 0, space 0, times 0
[  284.993724][ T6604] usb 1-1: Product: syz
[  285.002541][ T6605] usb 3-1: USB disconnect, device number 35
[  285.020481][ T6604] usb 1-1: Manufacturer: syz
[  285.026787][ T8315] CPU: 1 UID: 0 PID: 8315 Comm: syz.4.711 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  285.026817][ T8315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  285.026831][ T8315] Call Trace:
[  285.026839][ T8315]  <TASK>
[  285.026848][ T8315]  dump_stack_lvl+0x241/0x360
[  285.026888][ T8315]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.026921][ T8315]  ? __pfx__printk+0x10/0x10
[  285.026956][ T8315]  ? __pfx___might_resched+0x10/0x10
[  285.026988][ T8315]  should_fail_ex+0x424/0x570
[  285.027017][ T8315]  should_failslab+0xac/0x100
[  285.027049][ T8315]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  285.027091][ T8315]  ? __alloc_skb+0x1c2/0x480
[  285.027108][ T8315]  ? __dev_queue_xmit+0x1780/0x3f60
[  285.027136][ T8315]  __alloc_skb+0x1c2/0x480
[  285.027156][ T8315]  ? do_syscall_64+0xf3/0x230
[  285.027185][ T8315]  ? __pfx___alloc_skb+0x10/0x10
[  285.027211][ T8315]  ? netlink_ack_tlv_len+0x6e/0x200
[  285.027242][ T8315]  netlink_ack+0x147/0xa70
[  285.027270][ T8315]  ? __pfx_nl80211_trigger_scan+0x10/0x10
[  285.027323][ T8315]  netlink_rcv_skb+0x296/0x480
[  285.027353][ T8315]  ? __pfx_genl_rcv_msg+0x10/0x10
[  285.027377][ T8315]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  285.027428][ T8315]  ? netlink_deliver_tap+0x2e/0x1b0
[  285.027463][ T8315]  genl_rcv+0x28/0x40
[  285.027482][ T8315]  netlink_unicast+0x7f8/0x9a0
[  285.027518][ T8315]  ? __pfx_netlink_unicast+0x10/0x10
[  285.027546][ T8315]  ? skb_put+0x114/0x1f0
[  285.027581][ T8315]  netlink_sendmsg+0x8c3/0xcd0
[  285.027621][ T8315]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.027653][ T8315]  ? aa_sock_msg_perm+0x91/0x160
[  285.027692][ T8315]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.027717][ T8315]  __sock_sendmsg+0x221/0x270
[  285.027746][ T8315]  ____sys_sendmsg+0x523/0x860
[  285.027775][ T8315]  ? __pfx_____sys_sendmsg+0x10/0x10
[  285.027793][ T8315]  ? __fget_files+0x2a/0x420
[  285.027813][ T8315]  ? __fget_files+0x2a/0x420
[  285.027849][ T8315]  __sys_sendmsg+0x271/0x360
[  285.027873][ T8315]  ? __pfx___sys_sendmsg+0x10/0x10
[  285.027941][ T8315]  ? do_syscall_64+0xb6/0x230
[  285.027966][ T8315]  do_syscall_64+0xf3/0x230
[  285.027989][ T8315]  ? clear_bhb_loop+0x45/0xa0
[  285.028010][ T8315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.028027][ T8315] RIP: 0033:0x7f3d0e18d169
[  285.028043][ T8315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.028058][ T8315] RSP: 002b:00007f3d0ef82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  285.028077][ T8315] RAX: ffffffffffffffda RBX: 00007f3d0e3a5fa0 RCX: 00007f3d0e18d169
[  285.028090][ T8315] RDX: 9590f6cc3ea35512 RSI: 0000200000000000 RDI: 0000000000000003
[  285.028102][ T8315] RBP: 00007f3d0ef82090 R08: 0000000000000000 R09: 0000000000000000
[  285.028113][ T8315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.028124][ T8315] R13: 0000000000000000 R14: 00007f3d0e3a5fa0 R15: 00007f3d0e4cfa28
[  285.028150][ T8315]  </TASK>
[  285.097761][ T6621] usb 2-1: reset high-speed USB device number 36 using dummy_hcd
[  285.237377][ T6604] usb 1-1: SerialNumber: syz
[  285.394796][ T6604] usb 1-1: config 0 descriptor??
[  285.745709][ T8329] FAULT_INJECTION: forcing a failure.
[  285.745709][ T8329] name failslab, interval 1, probability 0, space 0, times 0
[  285.779979][ T8329] CPU: 0 UID: 0 PID: 8329 Comm: syz.4.716 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  285.780023][ T8329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  285.780036][ T8329] Call Trace:
[  285.780044][ T8329]  <TASK>
[  285.780053][ T8329]  dump_stack_lvl+0x241/0x360
[  285.780093][ T8329]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.780123][ T8329]  ? __pfx__printk+0x10/0x10
[  285.780158][ T8329]  ? __pfx___might_resched+0x10/0x10
[  285.780190][ T8329]  should_fail_ex+0x424/0x570
[  285.780217][ T8329]  should_failslab+0xac/0x100
[  285.780248][ T8329]  __kmalloc_cache_noprof+0x73/0x370
[  285.780277][ T8329]  ? tcf_proto_create+0x62/0x370
[  285.780311][ T8329]  tcf_proto_create+0x62/0x370
[  285.780338][ T8329]  tc_new_tfilter+0x15e8/0x1a90
[  285.780386][ T8329]  ? __pfx_tc_new_tfilter+0x10/0x10
[  285.780421][ T8329]  ? __lock_acquire+0xad5/0xd80
[  285.780466][ T8329]  ? __pfx_tc_new_tfilter+0x10/0x10
[  285.780488][ T8329]  rtnetlink_rcv_msg+0x80f/0xd70
[  285.780517][ T8329]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  285.780551][ T8329]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  285.780590][ T8329]  ? ref_tracker_free+0x63e/0x7e0
[  285.780622][ T8329]  netlink_rcv_skb+0x208/0x480
[  285.780652][ T8329]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  285.780684][ T8329]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  285.780734][ T8329]  ? netlink_deliver_tap+0x2e/0x1b0
[  285.780766][ T8329]  ? netlink_deliver_tap+0x2e/0x1b0
[  285.780799][ T8329]  netlink_unicast+0x7f8/0x9a0
[  285.780837][ T8329]  ? __pfx_netlink_unicast+0x10/0x10
[  285.780866][ T8329]  ? skb_put+0x114/0x1f0
[  285.780891][ T8329]  netlink_sendmsg+0x8c3/0xcd0
[  285.780935][ T8329]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.780972][ T8329]  ? aa_sock_msg_perm+0x91/0x160
[  285.781008][ T8329]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.781037][ T8329]  __sock_sendmsg+0x221/0x270
[  285.781069][ T8329]  ____sys_sendmsg+0x523/0x860
[  285.781102][ T8329]  ? __pfx_____sys_sendmsg+0x10/0x10
[  285.781122][ T8329]  ? __fget_files+0x2a/0x420
[  285.781145][ T8329]  ? __fget_files+0x2a/0x420
[  285.781174][ T8329]  __sys_sendmsg+0x271/0x360
[  285.781203][ T8329]  ? __pfx___sys_sendmsg+0x10/0x10
[  285.781289][ T8329]  ? do_syscall_64+0xb6/0x230
[  285.781352][ T8329]  do_syscall_64+0xf3/0x230
[  285.781375][ T8329]  ? clear_bhb_loop+0x45/0xa0
[  285.781399][ T8329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.781417][ T8329] RIP: 0033:0x7f3d0e18d169
[  285.781434][ T8329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.781449][ T8329] RSP: 002b:00007f3d0ef82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  285.781469][ T8329] RAX: ffffffffffffffda RBX: 00007f3d0e3a5fa0 RCX: 00007f3d0e18d169
[  285.781483][ T8329] RDX: 0000000000000000 RSI: 0000200000006040 RDI: 0000000000000004
[  285.781495][ T8329] RBP: 00007f3d0ef82090 R08: 0000000000000000 R09: 0000000000000000
[  285.781506][ T8329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.781517][ T8329] R13: 0000000000000000 R14: 00007f3d0e3a5fa0 R15: 00007f3d0e4cfa28
[  285.781566][ T8329]  </TASK>
[  286.115457][ T8309] kvm: vcpu 0: requested 104 ns lapic timer period limited to 200000 ns
[  286.562978][ T6617] usb 2-1: USB disconnect, device number 36
[  286.574808][ T8341] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  286.581356][ T8341] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  286.609724][ T8341] vhci_hcd vhci_hcd.0: Device attached
[  286.655647][ T8346] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(11)
[  286.662271][ T8346] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  286.673106][ T8346] vhci_hcd vhci_hcd.0: Device attached
[  286.714273][ T8341] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  286.770110][ T8341] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(15)
[  286.776739][ T8341] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  286.797489][ T6604] vhci_hcd: vhci_device speed not set
[  286.823777][ T8341] vhci_hcd vhci_hcd.0: Device attached
[  286.841118][ T8346] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(18)
[  286.847750][ T8346] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  286.857428][ T6604] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  286.876241][ T8346] vhci_hcd vhci_hcd.0: Device attached
[  286.890780][ T8341] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(17)
[  286.897402][ T8341] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  286.927753][ T8341] vhci_hcd vhci_hcd.0: Device attached
[  286.928593][ T8346] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  287.003763][ T8341] vhci_hcd vhci_hcd.0: pdev(4) rhport(7) sockfd(22)
[  287.010388][ T8341] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  287.014261][ T8358] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  287.039636][ T8341] vhci_hcd vhci_hcd.0: Device attached
[  287.143830][ T8355] vhci_hcd: connection closed
[  287.147690][   T53] vhci_hcd: stop threads
[  287.148472][ T8347] vhci_hcd: connection closed
[  287.152502][ T8351] vhci_hcd: connection closed
[  287.153066][ T8344] vhci_hcd: connection reset by peer
[  287.156908][ T8353] vhci_hcd: connection closed
[  287.176752][   T53] vhci_hcd: release socket
[  287.213331][   T53] vhci_hcd: disconnect device
[  287.216207][ T8359] vhci_hcd: connection closed
[  287.242708][   T53] vhci_hcd: stop threads
[  287.273860][   T53] vhci_hcd: release socket
[  287.281348][ T6617] usb 1-1: USB disconnect, device number 42
[  287.296446][   T53] vhci_hcd: disconnect device
[  287.316849][   T53] vhci_hcd: stop threads
[  287.332527][   T53] vhci_hcd: release socket
[  287.351885][   T53] vhci_hcd: disconnect device
[  287.372543][   T53] vhci_hcd: stop threads
[  287.376813][   T53] vhci_hcd: release socket
[  287.428246][   T53] vhci_hcd: disconnect device
[  287.450602][ T8365] netlink: 28 bytes leftover after parsing attributes in process `syz.1.724'.
[  287.452410][   T53] vhci_hcd: stop threads
[  287.478414][   T53] vhci_hcd: release socket
[  287.497716][   T53] vhci_hcd: disconnect device
[  287.512787][   T53] vhci_hcd: stop threads
[  287.518140][ T8368] FAULT_INJECTION: forcing a failure.
[  287.518140][ T8368] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.542861][   T53] vhci_hcd: release socket
[  287.552772][   T53] vhci_hcd: disconnect device
[  287.562727][ T8368] CPU: 1 UID: 0 PID: 8368 Comm: syz.2.725 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  287.562751][ T8368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  287.562762][ T8368] Call Trace:
[  287.562769][ T8368]  <TASK>
[  287.562777][ T8368]  dump_stack_lvl+0x241/0x360
[  287.562810][ T8368]  ? __pfx_dump_stack_lvl+0x10/0x10
[  287.562837][ T8368]  ? __pfx__printk+0x10/0x10
[  287.562873][ T8368]  should_fail_ex+0x424/0x570
[  287.562897][ T8368]  _copy_from_user+0x2d/0xb0
[  287.562924][ T8368]  ucma_reject+0xb2/0x450
[  287.562957][ T8368]  ? __pfx_ucma_reject+0x10/0x10
[  287.563020][ T8368]  ? __pfx_ucma_reject+0x10/0x10
[  287.563045][ T8368]  ucma_write+0x2db/0x430
[  287.563076][ T8368]  ? __pfx_ucma_write+0x10/0x10
[  287.563101][ T8368]  ? iov_iter_iovec_advance+0x1fc/0x2c0
[  287.563134][ T8368]  vfs_writev+0x5ba/0xbc0
[  287.563169][ T8368]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  287.563203][ T8368]  ? __pfx_ucma_write+0x10/0x10
[  287.563229][ T8368]  ? __pfx_vfs_writev+0x10/0x10
[  287.563270][ T8368]  ? __fget_files+0x2a/0x420
[  287.563289][ T8368]  ? __fget_files+0x39d/0x420
[  287.563304][ T8368]  ? __fget_files+0x2a/0x420
[  287.563328][ T8368]  do_writev+0x1b8/0x360
[  287.563360][ T8368]  ? __pfx_do_writev+0x10/0x10
[  287.563392][ T8368]  ? do_syscall_64+0xb6/0x230
[  287.563419][ T8368]  do_syscall_64+0xf3/0x230
[  287.563441][ T8368]  ? clear_bhb_loop+0x45/0xa0
[  287.563463][ T8368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.563480][ T8368] RIP: 0033:0x7fbd27d8d169
[  287.563496][ T8368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.563512][ T8368] RSP: 002b:00007fbd25bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  287.563531][ T8368] RAX: ffffffffffffffda RBX: 00007fbd27fa5fa0 RCX: 00007fbd27d8d169
[  287.563544][ T8368] RDX: 0000000000000003 RSI: 0000200000000000 RDI: 0000000000000004
[  287.563556][ T8368] RBP: 00007fbd25bf6090 R08: 0000000000000000 R09: 0000000000000000
[  287.563567][ T8368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.563577][ T8368] R13: 0000000000000000 R14: 00007fbd27fa5fa0 R15: 00007fbd280cfa28
[  287.563604][ T8368]  </TASK>
[  289.577533][ T6605] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  289.753896][ T6605] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.804523][ T6605] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  289.880826][ T6605] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  289.881755][   T30] audit: type=1326 audit(1744321616.935:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8389 comm="syz.4.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d0e18d169 code=0x7ffc0000
[  289.992130][   T30] audit: type=1326 audit(1744321616.935:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8389 comm="syz.4.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d0e18d169 code=0x7ffc0000
[  290.085696][ T6605] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.141363][ T6605] usb 2-1: config 0 descriptor??
[  290.166820][   T30] audit: type=1326 audit(1744321616.945:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8389 comm="syz.4.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3d0e18d169 code=0x7ffc0000
[  290.314927][   T30] audit: type=1326 audit(1744321616.945:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8389 comm="syz.4.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d0e18d169 code=0x7ffc0000
[  290.424643][ T8397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  290.463278][ T8397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  290.592993][   T30] audit: type=1326 audit(1744321616.945:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8389 comm="syz.4.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d0e18d169 code=0x7ffc0000
[  290.631060][ T8411] netlink: 'syz.4.738': attribute type 1 has an invalid length.
[  290.782544][   T30] audit: type=1326 audit(1744321616.985:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8389 comm="syz.4.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3d0e18d169 code=0x7ffc0000
[  290.808354][ T8413] FAULT_INJECTION: forcing a failure.
[  290.808354][ T8413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  290.904739][ T8413] CPU: 0 UID: 0 PID: 8413 Comm: syz.2.737 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  290.904767][ T8413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  290.904779][ T8413] Call Trace:
[  290.904786][ T8413]  <TASK>
[  290.904793][ T8413]  dump_stack_lvl+0x241/0x360
[  290.904827][ T8413]  ? __pfx_dump_stack_lvl+0x10/0x10
[  290.904854][ T8413]  ? __pfx__printk+0x10/0x10
[  290.904888][ T8413]  should_fail_ex+0x424/0x570
[  290.904912][ T8413]  _copy_from_user+0x2d/0xb0
[  290.904939][ T8413]  get_user_ifreq+0xc3/0x200
[  290.904965][ T8413]  sock_do_ioctl+0x1a7/0x490
[  290.904993][ T8413]  ? __pfx_sock_do_ioctl+0x10/0x10
[  290.905020][ T8413]  ? __lock_acquire+0xad5/0xd80
[  290.905050][ T8413]  sock_ioctl+0x644/0x900
[  290.905074][ T8413]  ? __pfx_sock_ioctl+0x10/0x10
[  290.905099][ T8413]  ? __fget_files+0x2a/0x420
[  290.905116][ T8413]  ? __fget_files+0x2a/0x420
[  290.905135][ T8413]  ? __fget_files+0x2a/0x420
[  290.905173][ T8413]  ? __pfx_sock_ioctl+0x10/0x10
[  290.905197][ T8413]  __se_sys_ioctl+0xf1/0x160
[  290.905222][ T8413]  do_syscall_64+0xf3/0x230
[  290.905249][ T8413]  ? clear_bhb_loop+0x45/0xa0
[  290.905272][ T8413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.905290][ T8413] RIP: 0033:0x7fbd27d8d169
[  290.905307][ T8413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.905323][ T8413] RSP: 002b:00007fbd25bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  290.905343][ T8413] RAX: ffffffffffffffda RBX: 00007fbd27fa5fa0 RCX: 00007fbd27d8d169
[  290.905357][ T8413] RDX: 0000200000001440 RSI: 0000000000008993 RDI: 0000000000000003
[  290.905369][ T8413] RBP: 00007fbd25bf6090 R08: 0000000000000000 R09: 0000000000000000
[  290.905382][ T8413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  290.905394][ T8413] R13: 0000000000000000 R14: 00007fbd27fa5fa0 R15: 00007fbd280cfa28
[  290.905423][ T8413]  </TASK>
[  291.255437][   T30] audit: type=1326 audit(1744321616.985:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8389 comm="syz.4.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d0e18d169 code=0x7ffc0000
[  291.277715][   T30] audit: type=1326 audit(1744321616.985:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8389 comm="syz.4.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d0e18d169 code=0x7ffc0000
[  291.300092][   T30] audit: type=1326 audit(1744321617.055:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8389 comm="syz.4.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f3d0e18d169 code=0x7ffc0000
[  291.322688][   T30] audit: type=1326 audit(1744321617.055:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8389 comm="syz.4.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d0e18d169 code=0x7ffc0000
[  292.012516][ T6604] vhci_hcd: vhci_device speed not set
[  292.045943][ T8423] netlink: 32 bytes leftover after parsing attributes in process `syz.3.740'.
[  292.987665][ T5893] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  293.040390][ T6605] usbhid 2-1:0.0: can't add hid device: -71
[  293.046521][ T6605] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  293.105540][ T6605] usb 2-1: USB disconnect, device number 37
[  293.147467][ T5893] usb 4-1: Using ep0 maxpacket: 16
[  293.155187][ T5893] usb 4-1: config 0 has an invalid interface number: 126 but max is 0
[  293.164302][ T5893] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  293.261666][ T5893] usb 4-1: config 0 has no interface number 0
[  293.277533][ T5893] usb 4-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  293.302756][ T6621] usb usb42-port8: attempt power cycle
[  293.329990][ T5893] usb 4-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024
[  293.374292][ T5893] usb 4-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  293.408640][ T5893] usb 4-1: config 0 interface 126 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 147
[  293.416400][ T8454] bridge0: entered promiscuous mode
[  293.429125][ T5893] usb 4-1: config 0 interface 126 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4
[  293.445369][ T8453] bridge0: left promiscuous mode
[  293.493322][ T5893] usb 4-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88
[  293.510466][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.601709][ T5893] usb 4-1: config 0 descriptor??
[  293.608050][ T8441] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  293.635311][ T8441] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  293.652988][ T6605] usb 1-1: new full-speed USB device number 43 using dummy_hcd
[  293.701262][ T5893] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  293.819796][ T6605] usb 1-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  293.829191][ T6605] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.851791][ T6605] usb 1-1: config 0 descriptor??
[  293.871393][ T6605] ums-realtek 1-1:0.0: USB Mass Storage device detected
[  293.882322][ T6621] usb usb42-port8: unable to enumerate USB device
[  293.909632][ T6618] usb 4-1: USB disconnect, device number 41
[  294.082810][ T6605] usb 1-1: USB disconnect, device number 43
[  294.088886][ T5893] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  294.221867][ T6621] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  294.284600][ T5893] usb 5-1: config index 0 descriptor too short (expected 8192, got 77)
[  294.293307][ T5893] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  294.319339][ T5893] usb 5-1: config 0 has no interfaces?
[  294.743889][ T5893] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  294.756960][ T5893] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.765504][ T5893] usb 5-1: Product: syz
[  294.771552][ T6621] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  294.774358][ T5893] usb 5-1: Manufacturer: syz
[  294.787951][ T6621] usb 2-1: config 0 interface 0 has no altsetting 0
[  294.795090][ T5893] usb 5-1: SerialNumber: syz
[  294.832014][ T6621] usb 2-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  294.841591][ T6621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.842626][ T5893] usb 5-1: config 0 descriptor??
[  294.850825][ T6621] usb 2-1: Product: syz
[  294.872285][ T6621] usb 2-1: Manufacturer: syz
[  294.895463][ T6621] usb 2-1: SerialNumber: syz
[  294.931410][ T6621] usb 2-1: config 0 descriptor??
[  294.960299][ T6621] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  294.989720][ T8476] FAULT_INJECTION: forcing a failure.
[  294.989720][ T8476] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  294.999467][ T6621] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  295.036005][ T8476] CPU: 1 UID: 0 PID: 8476 Comm: syz.0.756 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  295.036028][ T8476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  295.036039][ T8476] Call Trace:
[  295.036047][ T8476]  <TASK>
[  295.036055][ T8476]  dump_stack_lvl+0x241/0x360
[  295.036091][ T8476]  ? __pfx_dump_stack_lvl+0x10/0x10
[  295.036118][ T8476]  ? __pfx__printk+0x10/0x10
[  295.036154][ T8476]  should_fail_ex+0x424/0x570
[  295.036180][ T8476]  _copy_from_user+0x2d/0xb0
[  295.036208][ T8476]  move_addr_to_kernel+0x7f/0x170
[  295.036235][ T8476]  __sys_bind+0x12e/0x290
[  295.036263][ T8476]  ? __pfx___sys_bind+0x10/0x10
[  295.036310][ T8476]  __x64_sys_bind+0x7a/0x90
[  295.036337][ T8476]  do_syscall_64+0xf3/0x230
[  295.036361][ T8476]  ? clear_bhb_loop+0x45/0xa0
[  295.036382][ T8476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.036401][ T8476] RIP: 0033:0x7f9de678d169
[  295.036417][ T8476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.036431][ T8476] RSP: 002b:00007f9de75f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  295.036449][ T8476] RAX: ffffffffffffffda RBX: 00007f9de69a5fa0 RCX: 00007f9de678d169
[  295.036462][ T8476] RDX: 000000000000001c RSI: 0000200000000080 RDI: 0000000000000003
[  295.036474][ T8476] RBP: 00007f9de75f6090 R08: 0000000000000000 R09: 0000000000000000
[  295.036486][ T8476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  295.036494][ T8476] R13: 0000000000000000 R14: 00007f9de69a5fa0 R15: 00007f9de6acfa28
[  295.036513][ T8476]  </TASK>
[  295.426018][ T6621] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  295.464563][ T8477] netlink: 36 bytes leftover after parsing attributes in process `syz.4.752'.
[  295.511790][ T6621] usb 2-1: media controller created
[  295.764157][ T8481] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  295.793616][ T8481] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  295.839227][ T8481] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  295.878281][ T6621] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  295.899307][ T8481] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.047483][ T3086] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  296.230415][ T3086] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  296.241884][ T3086] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  296.269323][ T6621] DVB: Unable to find symbol tda10046_attach()
[  296.274326][ T3086] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  296.321965][ T3086] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.352306][ T3086] usb 1-1: config 0 descriptor??
[  296.573749][ T8482] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.583414][ T8482] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.607347][ T6621] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  296.624945][ T6621] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  297.158978][ T5893] usb 5-1: USB disconnect, device number 39
[  297.403675][ T8490] FAULT_INJECTION: forcing a failure.
[  297.403675][ T8490] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.507460][ T8490] CPU: 1 UID: 0 PID: 8490 Comm: syz.4.759 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  297.507488][ T8490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  297.507500][ T8490] Call Trace:
[  297.507506][ T8490]  <TASK>
[  297.507514][ T8490]  dump_stack_lvl+0x241/0x360
[  297.507557][ T8490]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.507583][ T8490]  ? __pfx__printk+0x10/0x10
[  297.507618][ T8490]  should_fail_ex+0x424/0x570
[  297.507641][ T8490]  _copy_from_user+0x2d/0xb0
[  297.507668][ T8490]  do_sock_getsockopt+0x1d5/0x740
[  297.507694][ T8490]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  297.507711][ T8490]  ? __fget_files+0x2a/0x420
[  297.507729][ T8490]  ? __fget_files+0x39d/0x420
[  297.507744][ T8490]  ? __fget_files+0x2a/0x420
[  297.507766][ T8490]  __x64_sys_getsockopt+0x2a3/0x370
[  297.507792][ T8490]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  297.507817][ T8490]  ? do_syscall_64+0xb6/0x230
[  297.507843][ T8490]  do_syscall_64+0xf3/0x230
[  297.507865][ T8490]  ? clear_bhb_loop+0x45/0xa0
[  297.507887][ T8490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.507904][ T8490] RIP: 0033:0x7f3d0e18d169
[  297.507920][ T8490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.507935][ T8490] RSP: 002b:00007f3d0ef82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  297.507955][ T8490] RAX: ffffffffffffffda RBX: 00007f3d0e3a5fa0 RCX: 00007f3d0e18d169
[  297.507969][ T8490] RDX: 0000000000000025 RSI: 0000000000000001 RDI: 0000000000000003
[  297.507980][ T8490] RBP: 00007f3d0ef82090 R08: 0000200000000180 R09: 0000000000000000
[  297.507992][ T8490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.508002][ T8490] R13: 0000000000000000 R14: 00007f3d0e3a5fa0 R15: 00007f3d0e4cfa28
[  297.508028][ T8490]  </TASK>
[  297.947436][ T6621] dvb_usb_m920x 2-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  297.975318][ T6621] usb 2-1: USB disconnect, device number 38
[  298.066767][ T8499] netlink: 128 bytes leftover after parsing attributes in process `syz.2.761'.
[  298.107445][ T8499] netlink: 112 bytes leftover after parsing attributes in process `syz.2.761'.
[  298.147385][ T8499] netlink: 112 bytes leftover after parsing attributes in process `syz.2.761'.
[  298.196567][ T8501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.763'.
[  298.252163][ T8506] fuse: Unknown parameter '׳�0x0000000000000007'
[  298.397539][ T6621] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  298.925868][ T3086] usbhid 1-1:0.0: can't add hid device: -71
[  298.935727][ T3086] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  298.967856][ T3086] usb 1-1: USB disconnect, device number 44
[  299.017663][ T5893] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  299.032522][ T8517] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  299.177994][ T5893] usb 3-1: Using ep0 maxpacket: 16
[  299.201100][ T5893] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 16
[  299.239519][ T5893] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  299.301278][ T5893] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  299.320664][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.344938][ T5893] usb 3-1: Product: syz
[  299.360158][ T5893] usb 3-1: Manufacturer: syz
[  299.374852][ T5893] usb 3-1: SerialNumber: syz
[  299.791720][ T5893] cdc_ncm 3-1:1.0: bind() failure
[  299.963941][ T5893] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  300.014616][ T5893] cdc_ncm 3-1:1.1: bind() failure
[  300.259043][ T5893] usb 3-1: USB disconnect, device number 36
[  300.596711][ T8545] netlink: 4 bytes leftover after parsing attributes in process `syz.1.780'.
[  300.679172][ T6621] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  300.785031][ T8551] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  300.812656][ T8551] netlink: 8 bytes leftover after parsing attributes in process `syz.1.783'.
[  300.848956][ T6621] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  300.875448][ T6621] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  300.954723][ T6621] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  300.981271][ T6621] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  300.992439][ T6621] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  301.019959][ T6621] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  301.031580][ T6621] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  301.049743][ T6621] usb 5-1: Product: syz
[  301.058449][ T6621] usb 5-1: Manufacturer: syz
[  301.081906][ T6621] cdc_wdm 5-1:1.0: skipping garbage
[  301.087145][ T6621] cdc_wdm 5-1:1.0: skipping garbage
[  301.102213][ T6621] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  301.110583][ T6621] cdc_wdm 5-1:1.0: Unknown control protocol
[  301.162263][ T8560] netlink: 4 bytes leftover after parsing attributes in process `syz.3.787'.
[  301.204906][ T8562] FAULT_INJECTION: forcing a failure.
[  301.204906][ T8562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.241651][ T8562] CPU: 1 UID: 0 PID: 8562 Comm: syz.2.788 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  301.241678][ T8562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  301.241688][ T8562] Call Trace:
[  301.241694][ T8562]  <TASK>
[  301.241702][ T8562]  dump_stack_lvl+0x241/0x360
[  301.241735][ T8562]  ? __pfx_dump_stack_lvl+0x10/0x10
[  301.241762][ T8562]  ? __pfx__printk+0x10/0x10
[  301.241799][ T8562]  should_fail_ex+0x424/0x570
[  301.241823][ T8562]  _copy_from_user+0x2d/0xb0
[  301.241850][ T8562]  input_event_from_user+0x211/0x510
[  301.241875][ T8562]  ? __pfx_input_event_from_user+0x10/0x10
[  301.241899][ T8562]  ? input_inject_event+0xd9/0x360
[  301.241928][ T8562]  evdev_write+0x4c4/0x7d0
[  301.241962][ T8562]  ? __pfx_evdev_write+0x10/0x10
[  301.241983][ T8562]  ? bpf_lsm_file_permission+0x9/0x10
[  301.242005][ T8562]  ? rw_verify_area+0x246/0x630
[  301.242025][ T8562]  ? __pfx_evdev_write+0x10/0x10
[  301.242045][ T8562]  vfs_write+0x2bc/0xd10
[  301.242076][ T8562]  ? __pfx_vfs_write+0x10/0x10
[  301.242098][ T8562]  ? __fget_files+0x2a/0x420
[  301.242114][ T8562]  ? __fget_files+0x2a/0x420
[  301.242132][ T8562]  ? __fget_files+0x39d/0x420
[  301.242147][ T8562]  ? __fget_files+0x2a/0x420
[  301.242172][ T8562]  ksys_write+0x19d/0x2d0
[  301.242195][ T8562]  ? __pfx_ksys_write+0x10/0x10
[  301.242222][ T8562]  ? do_syscall_64+0xb6/0x230
[  301.242248][ T8562]  do_syscall_64+0xf3/0x230
[  301.242270][ T8562]  ? clear_bhb_loop+0x45/0xa0
[  301.242292][ T8562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.242310][ T8562] RIP: 0033:0x7fbd27d8d169
[  301.242325][ T8562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.242341][ T8562] RSP: 002b:00007fbd25bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  301.242360][ T8562] RAX: ffffffffffffffda RBX: 00007fbd27fa5fa0 RCX: 00007fbd27d8d169
[  301.242373][ T8562] RDX: 0000000000000918 RSI: 0000200000000040 RDI: 0000000000000004
[  301.242385][ T8562] RBP: 00007fbd25bf6090 R08: 0000000000000000 R09: 0000000000000000
[  301.242396][ T8562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  301.242406][ T8562] R13: 0000000000000000 R14: 00007fbd27fa5fa0 R15: 00007fbd280cfa28
[  301.242434][ T8562]  </TASK>
[  301.471428][    C1] vkms_vblank_simulate: vblank timer overrun
[  301.747711][ T6621] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  301.937439][ T6621] usb 2-1: Using ep0 maxpacket: 8
[  301.944729][ T6621] usb 2-1: unable to get BOS descriptor or descriptor too short
[  301.972992][ T6621] usb 2-1: config 8 has an invalid interface number: 24 but max is 1
[  302.002786][ T6621] usb 2-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  302.057301][ T6621] usb 2-1: config 8 has 1 interface, different from the descriptor's value: 2
[  302.093617][ T6621] usb 2-1: config 8 has no interface number 0
[  302.124003][ T6621] usb 2-1: config 8 interface 24 altsetting 2 endpoint 0xE has invalid wMaxPacketSize 0
[  302.173201][ T6621] usb 2-1: config 8 interface 24 altsetting 2 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  302.234894][ T6621] usb 2-1: config 8 interface 24 altsetting 2 endpoint 0x85 has invalid wMaxPacketSize 0
[  302.283485][ T6621] usb 2-1: config 8 interface 24 has no altsetting 0
[  302.315587][ T6621] usb 2-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af
[  302.347063][ T6621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.379382][ T6621] usb 2-1: Product: syz
[  302.397392][ T6621] usb 2-1: Manufacturer: syz
[  302.402001][ T6621] usb 2-1: SerialNumber: syz
[  302.657839][ T8556] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.773126][ T8556] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  303.015139][ T8583] loop8: detected capacity change from 0 to 1
[  303.040059][ T8583] Dev loop8: unable to read RDB block 1
[  303.094235][ T8583]  loop8: unable to read partition table
[  303.113167][ T8585] FAULT_INJECTION: forcing a failure.
[  303.113167][ T8585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.131982][ T8583] loop8: partition table beyond EOD, truncated
[  303.166018][ T8585] CPU: 0 UID: 0 PID: 8585 Comm: syz.0.795 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  303.166046][ T8585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  303.166058][ T8585] Call Trace:
[  303.166065][ T8585]  <TASK>
[  303.166072][ T8585]  dump_stack_lvl+0x241/0x360
[  303.166105][ T8585]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.166148][ T8585]  should_fail_ex+0x424/0x570
[  303.166172][ T8585]  _copy_from_user+0x2d/0xb0
[  303.166198][ T8585]  kstrtouint_from_user+0xce/0x1a0
[  303.166222][ T8585]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  303.166247][ T8585]  ? __lock_acquire+0xad5/0xd80
[  303.166276][ T8585]  proc_fail_nth_write+0xac/0x2d0
[  303.166295][ T8585]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  303.166320][ T8585]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  303.166344][ T8585]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  303.166364][ T8585]  vfs_write+0x2bc/0xd10
[  303.166389][ T8585]  ? fdget_pos+0x247/0x310
[  303.166409][ T8585]  ? __pfx_vfs_write+0x10/0x10
[  303.166432][ T8585]  ? __fget_files+0x2a/0x420
[  303.166449][ T8585]  ? __fget_files+0x39d/0x420
[  303.166463][ T8585]  ? __fget_files+0x2a/0x420
[  303.166488][ T8585]  ksys_write+0x19d/0x2d0
[  303.166510][ T8585]  ? __pfx_ksys_write+0x10/0x10
[  303.166536][ T8585]  ? do_syscall_64+0xb6/0x230
[  303.166561][ T8585]  do_syscall_64+0xf3/0x230
[  303.166582][ T8585]  ? clear_bhb_loop+0x45/0xa0
[  303.166604][ T8585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.166621][ T8585] RIP: 0033:0x7f9de678bc1f
[  303.166635][ T8585] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  303.166649][ T8585] RSP: 002b:00007f9de75f6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  303.166665][ T8585] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9de678bc1f
[  303.166676][ T8585] RDX: 0000000000000001 RSI: 00007f9de75f60a0 RDI: 0000000000000005
[  303.166687][ T8585] RBP: 00007f9de75f6090 R08: 0000000000000000 R09: 0000000000000000
[  303.166696][ T8585] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  303.166705][ T8585] R13: 0000000000000000 R14: 00007f9de69a5fa0 R15: 00007f9de6acfa28
[  303.166731][ T8585]  </TASK>
[  303.386072][ T8583] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[  303.426373][ T8583] futex_wake_op: syz.4.779 tries to shift op by -33; fix this program
[  304.012915][ T6611] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  304.179737][ T6621] vmk80xx 2-1:8.24: driver 'vmk80xx' failed to auto-configure device.
[  304.254325][ T6621] vmk80xx 2-1:8.24: probe with driver vmk80xx failed with error -22
[  304.266787][ T8595] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  304.275528][ T6611] usb 1-1: Using ep0 maxpacket: 16
[  304.291028][ T6611] usb 1-1: config 4 has an invalid interface number: 37 but max is 0
[  304.302184][ T6621] usb 2-1: USB disconnect, device number 40
[  304.311300][ T6611] usb 1-1: config 4 has no interface number 0
[  304.327392][ T6611] usb 1-1: config 4 interface 37 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  304.371479][ T6611] usb 1-1: config 4 interface 37 has no altsetting 0
[  304.405093][ T6611] usb 1-1: New USB device found, idVendor=0b05, idProduct=9202, bcdDevice=94.4f
[  304.416414][ T6611] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.430973][ T6611] usb 1-1: Product: syz
[  304.442152][ T6611] usb 1-1: Manufacturer: syz
[  304.456647][ T6611] usb 1-1: SerialNumber: syz
[  304.475728][ T8591] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  304.894948][ T8607] netlink: 12 bytes leftover after parsing attributes in process `syz.1.800'.
[  305.027977][ T6617] usb 5-1: USB disconnect, device number 40
[  305.642538][ T8612] netlink: 'syz.3.804': attribute type 13 has an invalid length.
[  305.650427][ T8612] netlink: 152 bytes leftover after parsing attributes in process `syz.3.804'.
[  305.660423][ T8612] syz_tun: refused to change device tx_queue_len
[  305.666822][ T8612] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  306.772777][ T6611] usb 1-1: USB disconnect, device number 45
[  307.621378][ T8655] netlink: 12 bytes leftover after parsing attributes in process `syz.4.821'.
[  307.658446][ T8655] netlink: 4 bytes leftover after parsing attributes in process `syz.4.821'.
[  307.874405][ T8658] netlink: 4 bytes leftover after parsing attributes in process `syz.4.823'.
[  308.288822][ T8653] No buffer was provided with the request
[  308.366341][ T8674] netlink: 12 bytes leftover after parsing attributes in process `syz.0.829'.
[  308.403278][ T8674] netlink: 4 bytes leftover after parsing attributes in process `syz.0.829'.
[  308.447947][ T8674] FAULT_INJECTION: forcing a failure.
[  308.447947][ T8674] name failslab, interval 1, probability 0, space 0, times 0
[  308.495253][ T8674] CPU: 0 UID: 0 PID: 8674 Comm: syz.0.829 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  308.495282][ T8674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  308.495294][ T8674] Call Trace:
[  308.495302][ T8674]  <TASK>
[  308.495311][ T8674]  dump_stack_lvl+0x241/0x360
[  308.495348][ T8674]  ? __pfx_dump_stack_lvl+0x10/0x10
[  308.495378][ T8674]  ? __pfx__printk+0x10/0x10
[  308.495412][ T8674]  ? __pfx___might_resched+0x10/0x10
[  308.495442][ T8674]  should_fail_ex+0x424/0x570
[  308.495470][ T8674]  should_failslab+0xac/0x100
[  308.495500][ T8674]  __kvmalloc_node_noprof+0x170/0x5a0
[  308.495537][ T8674]  ? alloc_netdev_mqs+0x92c/0x1210
[  308.495559][ T8674]  ? __asan_memset+0x23/0x50
[  308.495584][ T8674]  alloc_netdev_mqs+0x92c/0x1210
[  308.495615][ T8674]  rtnl_create_link+0x2f7/0xea0
[  308.495648][ T8674]  rtnl_newlink_create+0x2f2/0xcb0
[  308.495681][ T8674]  ? __mutex_lock+0x380/0x10c0
[  308.495709][ T8674]  ? __pfx_aa_get_newest_label+0x10/0x10
[  308.495743][ T8674]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  308.495778][ T8674]  ? __pfx___mutex_lock+0x10/0x10
[  308.495814][ T8674]  ? ns_capable+0x8a/0xf0
[  308.495839][ T8674]  rtnl_newlink+0x18b0/0x1fe0
[  308.495888][ T8674]  ? __pfx_rtnl_newlink+0x10/0x10
[  308.495914][ T8674]  ? unwind_get_return_address+0x4d/0x90
[  308.495942][ T8674]  ? arch_stack_walk+0xff/0x150
[  308.495973][ T8674]  ? __lock_acquire+0xad5/0xd80
[  308.496001][ T8674]  ? __lock_acquire+0xad5/0xd80
[  308.496026][ T8674]  ? __lock_acquire+0xad5/0xd80
[  308.496067][ T8674]  ? is_bpf_text_address+0x26/0x2a0
[  308.496096][ T8674]  ? is_bpf_text_address+0x288/0x2a0
[  308.496119][ T8674]  ? is_bpf_text_address+0x26/0x2a0
[  308.496143][ T8674]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  308.496175][ T8674]  ? kernel_text_address+0xa7/0xe0
[  308.496196][ T8674]  ? __kernel_text_address+0xd/0x40
[  308.496221][ T8674]  ? aa_get_newest_label+0x101/0x6f0
[  308.496256][ T8674]  ? __lock_acquire+0xad5/0xd80
[  308.496301][ T8674]  ? __pfx_rtnl_newlink+0x10/0x10
[  308.496331][ T8674]  rtnetlink_rcv_msg+0x80f/0xd70
[  308.496358][ T8674]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  308.496393][ T8674]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  308.496419][ T8674]  ? __lock_acquire+0xad5/0xd80
[  308.496457][ T8674]  netlink_rcv_skb+0x208/0x480
[  308.496487][ T8674]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  308.496518][ T8674]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  308.496577][ T8674]  ? netlink_deliver_tap+0x2e/0x1b0
[  308.496609][ T8674]  ? netlink_deliver_tap+0x2e/0x1b0
[  308.496641][ T8674]  netlink_unicast+0x7f8/0x9a0
[  308.496676][ T8674]  ? __pfx_netlink_unicast+0x10/0x10
[  308.496705][ T8674]  ? skb_put+0x114/0x1f0
[  308.496730][ T8674]  netlink_sendmsg+0x8c3/0xcd0
[  308.496772][ T8674]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.496807][ T8674]  ? aa_sock_msg_perm+0x91/0x160
[  308.496841][ T8674]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.496868][ T8674]  __sock_sendmsg+0x221/0x270
[  308.496899][ T8674]  ____sys_sendmsg+0x523/0x860
[  308.496931][ T8674]  ? __pfx_____sys_sendmsg+0x10/0x10
[  308.496950][ T8674]  ? __fget_files+0x2a/0x420
[  308.496973][ T8674]  ? __fget_files+0x2a/0x420
[  308.497001][ T8674]  __sys_sendmsg+0x271/0x360
[  308.497029][ T8674]  ? __pfx___sys_sendmsg+0x10/0x10
[  308.497110][ T8674]  ? do_syscall_64+0xb6/0x230
[  308.497139][ T8674]  do_syscall_64+0xf3/0x230
[  308.497164][ T8674]  ? clear_bhb_loop+0x45/0xa0
[  308.497189][ T8674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.497209][ T8674] RIP: 0033:0x7f9de678d169
[  308.497227][ T8674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.497244][ T8674] RSP: 002b:00007f9de75f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  308.497270][ T8674] RAX: ffffffffffffffda RBX: 00007f9de69a5fa0 RCX: 00007f9de678d169
[  308.497285][ T8674] RDX: 0000000000000010 RSI: 0000200000000280 RDI: 0000000000000003
[  308.497297][ T8674] RBP: 00007f9de75f6090 R08: 0000000000000000 R09: 0000000000000000
[  308.497309][ T8674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  308.497321][ T8674] R13: 0000000000000000 R14: 00007f9de69a5fa0 R15: 00007f9de6acfa28
[  308.497352][ T8674]  </TASK>
[  309.083549][ T8681] FAULT_INJECTION: forcing a failure.
[  309.083549][ T8681] name failslab, interval 1, probability 0, space 0, times 0
[  309.155493][ T8681] CPU: 1 UID: 0 PID: 8681 Comm: syz.4.832 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  309.155519][ T8681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  309.155530][ T8681] Call Trace:
[  309.155538][ T8681]  <TASK>
[  309.155546][ T8681]  dump_stack_lvl+0x241/0x360
[  309.155580][ T8681]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.155606][ T8681]  ? __pfx__printk+0x10/0x10
[  309.155635][ T8681]  ? __pfx___might_resched+0x10/0x10
[  309.155661][ T8681]  should_fail_ex+0x424/0x570
[  309.155686][ T8681]  should_failslab+0xac/0x100
[  309.155713][ T8681]  __kmalloc_noprof+0xdf/0x4d0
[  309.155737][ T8681]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  309.155765][ T8681]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  309.155797][ T8681]  tomoyo_realpath_from_path+0xcf/0x5e0
[  309.155837][ T8681]  tomoyo_path_perm+0x2be/0x640
[  309.155863][ T8681]  ? tomoyo_path_perm+0x28c/0x640
[  309.155886][ T8681]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  309.155939][ T8681]  ? do_raw_spin_lock+0x151/0x370
[  309.155967][ T8681]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  309.155996][ T8681]  security_inode_getattr+0x130/0x330
[  309.156016][ T8681]  vfs_getattr+0x25/0x70
[  309.156043][ T8681]  loop_get_status+0x295/0x530
[  309.156070][ T8681]  ? __pfx_loop_get_status+0x10/0x10
[  309.156123][ T8681]  lo_ioctl+0x582/0x2850
[  309.156148][ T8681]  ? register_lock_class+0x54/0x330
[  309.156169][ T8681]  ? __pfx_lo_ioctl+0x10/0x10
[  309.156188][ T8681]  ? __lock_acquire+0xad5/0xd80
[  309.156215][ T8681]  ? process_measurement+0x7c2/0x1fe0
[  309.156253][ T8681]  ? up_write+0x1ab/0x590
[  309.156299][ T8681]  ? __lock_acquire+0xad5/0xd80
[  309.156321][ T8681]  ? __lock_acquire+0xad5/0xd80
[  309.156341][ T8681]  ? __lock_acquire+0xad5/0xd80
[  309.156376][ T8681]  ? is_bpf_text_address+0x26/0x2a0
[  309.156401][ T8681]  ? is_bpf_text_address+0x288/0x2a0
[  309.156420][ T8681]  ? is_bpf_text_address+0x26/0x2a0
[  309.156440][ T8681]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  309.156468][ T8681]  ? kernel_text_address+0xa7/0xe0
[  309.156487][ T8681]  ? __kernel_text_address+0xd/0x40
[  309.156505][ T8681]  ? unwind_get_return_address+0x4d/0x90
[  309.156529][ T8681]  ? arch_stack_walk+0xff/0x150
[  309.156564][ T8681]  ? stack_trace_save+0x11a/0x1d0
[  309.156593][ T8681]  ? __pfx_stack_trace_save+0x10/0x10
[  309.156621][ T8681]  ? stack_depot_save_flags+0x44/0x940
[  309.156648][ T8681]  ? kasan_save_track+0x51/0x80
[  309.156667][ T8681]  ? kasan_save_track+0x3f/0x80
[  309.156685][ T8681]  ? kasan_save_free_info+0x40/0x50
[  309.156700][ T8681]  ? __kasan_slab_free+0x59/0x70
[  309.156720][ T8681]  ? kfree+0x198/0x430
[  309.156741][ T8681]  ? tomoyo_path_number_perm+0x5fd/0x790
[  309.156763][ T8681]  ? security_file_ioctl+0xc6/0x2a0
[  309.156783][ T8681]  ? __se_sys_ioctl+0x46/0x160
[  309.156802][ T8681]  ? do_syscall_64+0xf3/0x230
[  309.156823][ T8681]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.156845][ T8681]  ? do_vfs_ioctl+0xef8/0x2750
[  309.156871][ T8681]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  309.156917][ T8681]  ? kasan_quarantine_put+0xdc/0x230
[  309.156936][ T8681]  ? lockdep_hardirqs_on+0x9d/0x150
[  309.156966][ T8681]  ? tomoyo_path_number_perm+0x215/0x790
[  309.156990][ T8681]  ? blkdev_common_ioctl+0x1060/0x25a0
[  309.157019][ T8681]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  309.157041][ T8681]  ? tomoyo_path_number_perm+0x215/0x790
[  309.157066][ T8681]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  309.157097][ T8681]  ? ksys_write+0x24e/0x2d0
[  309.157125][ T8681]  ? __lock_acquire+0xad5/0xd80
[  309.157158][ T8681]  ? file_to_blk_mode+0xcb/0x140
[  309.157183][ T8681]  ? __pfx_lo_ioctl+0x10/0x10
[  309.157208][ T8681]  blkdev_ioctl+0x5df/0x710
[  309.157239][ T8681]  ? __pfx_blkdev_ioctl+0x10/0x10
[  309.157266][ T8681]  ? __pfx_blkdev_ioctl+0x10/0x10
[  309.157289][ T8681]  __se_sys_ioctl+0xf1/0x160
[  309.157313][ T8681]  do_syscall_64+0xf3/0x230
[  309.157335][ T8681]  ? clear_bhb_loop+0x45/0xa0
[  309.157357][ T8681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.157375][ T8681] RIP: 0033:0x7f3d0e18d169
[  309.157391][ T8681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.157406][ T8681] RSP: 002b:00007f3d0ef82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  309.157426][ T8681] RAX: ffffffffffffffda RBX: 00007f3d0e3a5fa0 RCX: 00007f3d0e18d169
[  309.157440][ T8681] RDX: ffffffffffffffff RSI: 0000000000004c05 RDI: 0000000000000003
[  309.157451][ T8681] RBP: 00007f3d0ef82090 R08: 0000000000000000 R09: 0000000000000000
[  309.157462][ T8681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  309.157473][ T8681] R13: 0000000000000000 R14: 00007f3d0e3a5fa0 R15: 00007f3d0e4cfa28
[  309.157500][ T8681]  </TASK>
[  309.709419][ T8681] ERROR: Out of memory at tomoyo_realpath_from_path.
[  310.076628][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  310.076645][   T30] audit: type=1326 audit(1744321637.135:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.1.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d62b8d169 code=0x7ffc0000
[  310.262857][   T30] audit: type=1326 audit(1744321637.135:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.1.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d62b8d169 code=0x7ffc0000
[  310.407641][   T30] audit: type=1326 audit(1744321637.185:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.1.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f9d62b8d169 code=0x7ffc0000
[  310.467365][ T6605] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  310.562388][   T30] audit: type=1326 audit(1744321637.185:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.1.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d62b8d169 code=0x7ffc0000
[  310.598370][   T30] audit: type=1326 audit(1744321637.195:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.1.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f9d62b8d169 code=0x7ffc0000
[  310.658313][ T6605] usb 5-1: config 0 has no interfaces?
[  310.823823][ T6605] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  310.846304][ T6605] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.871294][   T30] audit: type=1326 audit(1744321637.195:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.1.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d62b8d169 code=0x7ffc0000
[  310.895602][ T6605] usb 5-1: Product: syz
[  310.909505][ T6605] usb 5-1: Manufacturer: syz
[  310.916904][ T6605] usb 5-1: SerialNumber: syz
[  310.935190][ T6605] usb 5-1: config 0 descriptor??
[  310.944368][   T30] audit: type=1326 audit(1744321637.195:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.1.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f9d62b8d169 code=0x7ffc0000
[  310.997730][ T5893] usb 4-1: new full-speed USB device number 42 using dummy_hcd
[  311.023975][   T30] audit: type=1326 audit(1744321637.195:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.1.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d62b8d169 code=0x7ffc0000
[  311.058137][ T8718] 
[  311.060466][ T8718] ======================================================
[  311.067470][ T8718] WARNING: possible circular locking dependency detected
[  311.074469][ T8718] 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 Not tainted
[  311.081556][ T8718] ------------------------------------------------------
[  311.088555][ T8718] syz.0.842/8718 is trying to acquire lock:
[  311.094425][ T8718] ffff88801bef79e0 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0xb3/0x510
[  311.104674][ T8718] 
[  311.104674][ T8718] but task is already holding lock:
[  311.112022][ T8718] ffff888143b4f5a8 (&q->q_usage_counter(io)#26){++++}-{0:0}, at: lo_ioctl+0x203b/0x2850
[  311.121764][ T8718] 
[  311.121764][ T8718] which lock already depends on the new lock.
[  311.121764][ T8718] 
[  311.132149][ T8718] 
[  311.132149][ T8718] the existing dependency chain (in reverse order) is:
[  311.141149][ T8718] 
[  311.141149][ T8718] -> #3 (&q->q_usage_counter(io)#26){++++}-{0:0}:
[  311.149777][ T8718]        lock_acquire+0x116/0x2f0
[  311.154788][ T8718]        blk_alloc_queue+0x542/0x620
[  311.160070][ T8718]        __blk_mq_alloc_disk+0x162/0x380
[  311.165711][ T8718]        loop_add+0x445/0xaf0
[  311.170377][ T8718]        loop_init+0x168/0x220
[  311.175132][ T8718]        do_one_initcall+0x24a/0x940
[  311.180412][ T8718]        do_initcall_level+0x157/0x210
[  311.185877][ T8718]        do_initcalls+0x71/0xd0
[  311.190740][ T8718]        kernel_init_freeable+0x432/0x5d0
[  311.196457][ T8718]        kernel_init+0x1d/0x2b0
[  311.201304][ T8718]        ret_from_fork+0x4b/0x80
[  311.206234][ T8718]        ret_from_fork_asm+0x1a/0x30
[  311.211511][ T8718] 
[  311.211511][ T8718] -> #2 (fs_reclaim){+.+.}-{0:0}:
[  311.218728][ T8718]        lock_acquire+0x116/0x2f0
[  311.223757][ T8718]        fs_reclaim_acquire+0x88/0x130
[  311.229209][ T8718]        kmem_cache_alloc_noprof+0x49/0x390
[  311.235097][ T8718]        __kernfs_iattrs+0x94/0x280
[  311.240288][ T8718]        kernfs_iop_setattr+0xe3/0x3f0
[  311.245747][ T8718]        notify_change+0xbca/0xe90
[  311.250872][ T8718]        do_truncate+0x222/0x310
[  311.255807][ T8718]        path_openat+0x2e4f/0x35d0
[  311.260917][ T8718]        do_filp_open+0x284/0x4e0
[  311.265939][ T8718]        do_sys_openat2+0x12b/0x1d0
[  311.271139][ T8718]        __x64_sys_openat+0x249/0x2a0
[  311.276518][ T8718]        do_syscall_64+0xf3/0x230
[  311.281541][ T8718]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.287948][ T8718] 
[  311.287948][ T8718] -> #1 (iattr_mutex){+.+.}-{4:4}:
[  311.295256][ T8718]        lock_acquire+0x116/0x2f0
[  311.300276][ T8718]        __mutex_lock+0x1a5/0x10c0
[  311.305389][ T8718]        __kernfs_iattrs+0x2b/0x280
[  311.310589][ T8718]        kernfs_iop_setattr+0xe3/0x3f0
[  311.316051][ T8718]        notify_change+0xbca/0xe90
[  311.321180][ T8718]        do_truncate+0x222/0x310
[  311.326165][ T8718]        path_openat+0x2e4f/0x35d0
[  311.331272][ T8718]        do_filp_open+0x284/0x4e0
[  311.336296][ T8718]        do_sys_openat2+0x12b/0x1d0
[  311.341506][ T8718]        __x64_sys_openat+0x249/0x2a0
[  311.346885][ T8718]        do_syscall_64+0xf3/0x230
[  311.351910][ T8718]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.358321][ T8718] 
[  311.358321][ T8718] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}:
[  311.366844][ T8718]        validate_chain+0xa69/0x24e0
[  311.372136][ T8718]        __lock_acquire+0xad5/0xd80
[  311.377338][ T8718]        lock_acquire+0x116/0x2f0
[  311.382364][ T8718]        down_read+0xb3/0xa50
[  311.387053][ T8718]        kernfs_iop_getattr+0xb3/0x510
[  311.392516][ T8718]        loop_assign_backing_file+0x276/0x500
[  311.398586][ T8718]        lo_ioctl+0x20a9/0x2850
[  311.403445][ T8718]        blkdev_ioctl+0x5df/0x710
[  311.408469][ T8718]        __se_sys_ioctl+0xf1/0x160
[  311.413584][ T8718]        do_syscall_64+0xf3/0x230
[  311.418612][ T8718]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.425031][ T8718] 
[  311.425031][ T8718] other info that might help us debug this:
[  311.425031][ T8718] 
[  311.435255][ T8718] Chain exists of:
[  311.435255][ T8718]   &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#26
[  311.435255][ T8718] 
[  311.449699][ T8718]  Possible unsafe locking scenario:
[  311.449699][ T8718] 
[  311.457146][ T8718]        CPU0                    CPU1
[  311.462505][ T8718]        ----                    ----
[  311.467869][ T8718]   lock(&q->q_usage_counter(io)#26);
[  311.473251][ T8718]                                lock(fs_reclaim);
[  311.479765][ T8718]                                lock(&q->q_usage_counter(io)#26);
[  311.487666][ T8718]   rlock(&root->kernfs_iattr_rwsem);
[  311.493042][ T8718] 
[  311.493042][ T8718]  *** DEADLOCK ***
[  311.493042][ T8718] 
[  311.501180][ T8718] 3 locks held by syz.0.842/8718:
[  311.506204][ T8718]  #0: ffff88802580f368 (&lo->lo_mutex){+.+.}-{4:4}, at: lo_ioctl+0x135f/0x2850
[  311.515273][ T8718]  #1: ffff888143b4f5a8 (&q->q_usage_counter(io)#26){++++}-{0:0}, at: lo_ioctl+0x203b/0x2850
[  311.525484][ T8718]  #2: ffff888143b4f5e0 (&q->q_usage_counter(queue)#20){+.+.}-{0:0}, at: lo_ioctl+0x203b/0x2850
[  311.535934][ T8718] 
[  311.535934][ T8718] stack backtrace:
[  311.541817][ T8718] CPU: 1 UID: 0 PID: 8718 Comm: syz.0.842 Not tainted 6.15.0-rc1-syzkaller-00139-gab59a8605604 #0 PREEMPT(full) 
[  311.541838][ T8718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  311.541849][ T8718] Call Trace:
[  311.541855][ T8718]  <TASK>
[  311.541862][ T8718]  dump_stack_lvl+0x241/0x360
[  311.541887][ T8718]  ? __pfx_dump_stack_lvl+0x10/0x10
[  311.541909][ T8718]  ? __pfx__printk+0x10/0x10
[  311.541931][ T8718]  ? print_lock+0x171/0x1a0
[  311.541950][ T8718]  print_circular_bug+0x2e1/0x300
[  311.541972][ T8718]  check_noncircular+0x142/0x160
[  311.541995][ T8718]  validate_chain+0xa69/0x24e0
[  311.542029][ T8718]  __lock_acquire+0xad5/0xd80
[  311.542047][ T8718]  lock_acquire+0x116/0x2f0
[  311.542062][ T8718]  ? kernfs_iop_getattr+0xb3/0x510
[  311.542081][ T8718]  down_read+0xb3/0xa50
[  311.542101][ T8718]  ? kernfs_iop_getattr+0xb3/0x510
[  311.542115][ T8718]  ? __lock_acquire+0xad5/0xd80
[  311.542133][ T8718]  ? __pfx_down_read+0x10/0x10
[  311.542156][ T8718]  ? kernfs_root+0x1c/0x230
[  311.542170][ T8718]  ? kernfs_root+0x1c/0x230
[  311.542184][ T8718]  kernfs_iop_getattr+0xb3/0x510
[  311.542201][ T8718]  loop_assign_backing_file+0x276/0x500
[  311.542224][ T8718]  ? __pfx_loop_assign_backing_file+0x10/0x10
[  311.542246][ T8718]  ? schedule+0x90/0x360
[  311.542273][ T8718]  lo_ioctl+0x20a9/0x2850
[  311.542297][ T8718]  ? __pfx_lo_ioctl+0x10/0x10
[  311.542322][ T8718]  ? xfd_validate_state+0x6e/0x150
[  311.542341][ T8718]  ? __lock_acquire+0xad5/0xd80
[  311.542357][ T8718]  ? __lock_acquire+0xad5/0xd80
[  311.542374][ T8718]  ? __lock_acquire+0xad5/0xd80
[  311.542390][ T8718]  ? __lock_acquire+0xad5/0xd80
[  311.542408][ T8718]  ? __lock_acquire+0xad5/0xd80
[  311.542424][ T8718]  ? __lock_acquire+0xad5/0xd80
[  311.542445][ T8718]  ? is_bpf_text_address+0x26/0x2a0
[  311.542465][ T8718]  ? is_bpf_text_address+0x288/0x2a0
[  311.542482][ T8718]  ? is_bpf_text_address+0x26/0x2a0
[  311.542500][ T8718]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  311.542523][ T8718]  ? kernel_text_address+0xa7/0xe0
[  311.542537][ T8718]  ? __kernel_text_address+0xd/0x40
[  311.542551][ T8718]  ? unwind_get_return_address+0x4d/0x90
[  311.542571][ T8718]  ? arch_stack_walk+0xff/0x150
[  311.542596][ T8718]  ? stack_trace_save+0x11a/0x1d0
[  311.542618][ T8718]  ? __pfx_stack_trace_save+0x10/0x10
[  311.542640][ T8718]  ? stack_depot_save_flags+0x44/0x940
[  311.542660][ T8718]  ? kasan_save_track+0x51/0x80
[  311.542677][ T8718]  ? kasan_save_track+0x3f/0x80
[  311.542693][ T8718]  ? kasan_save_free_info+0x40/0x50
[  311.542706][ T8718]  ? __kasan_slab_free+0x59/0x70
[  311.542723][ T8718]  ? kfree+0x198/0x430
[  311.542742][ T8718]  ? tomoyo_path_number_perm+0x5fd/0x790
[  311.542762][ T8718]  ? security_file_ioctl+0xc6/0x2a0
[  311.542779][ T8718]  ? __se_sys_ioctl+0x46/0x160
[  311.542796][ T8718]  ? do_syscall_64+0xf3/0x230
[  311.542831][ T8718]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.542849][ T8718]  ? do_vfs_ioctl+0xef8/0x2750
[  311.542869][ T8718]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  311.542898][ T8718]  ? kasan_quarantine_put+0xdc/0x230
[  311.542915][ T8718]  ? lockdep_hardirqs_on+0x9d/0x150
[  311.542937][ T8718]  ? tomoyo_path_number_perm+0x215/0x790
[  311.542958][ T8718]  ? blkdev_common_ioctl+0x1060/0x25a0
[  311.542981][ T8718]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  311.543001][ T8718]  ? tomoyo_path_number_perm+0x215/0x790
[  311.543029][ T8718]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  311.543056][ T8718]  ? __lock_acquire+0xad5/0xd80
[  311.543079][ T8718]  ? file_to_blk_mode+0xcb/0x140
[  311.543103][ T8718]  ? __pfx_lo_ioctl+0x10/0x10
[  311.543124][ T8718]  blkdev_ioctl+0x5df/0x710
[  311.543145][ T8718]  ? __pfx_blkdev_ioctl+0x10/0x10
[  311.543166][ T8718]  ? __pfx_blkdev_ioctl+0x10/0x10
[  311.543187][ T8718]  __se_sys_ioctl+0xf1/0x160
[  311.543206][ T8718]  do_syscall_64+0xf3/0x230
[  311.543226][ T8718]  ? clear_bhb_loop+0x45/0xa0
[  311.543244][ T8718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.543261][ T8718] RIP: 0033:0x7f9de678d169
[  311.543275][ T8718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.543290][ T8718] RSP: 002b:00007f9de75f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  311.543307][ T8718] RAX: ffffffffffffffda RBX: 00007f9de69a5fa0 RCX: 00007f9de678d169
[  311.543320][ T8718] RDX: 0000000000000004 RSI: 0000000000004c06 RDI: 0000000000000003
[  311.543330][ T8718] RBP: 00007f9de680e990 R08: 0000000000000000 R09: 0000000000000000
[  311.543341][ T8718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  311.543351][ T8718] R13: 0000000000000000 R14: 00007f9de69a5fa0 R15: 00007f9de6acfa28
[  311.543368][ T8718]  </TASK>
[  311.991713][ T3086] usb 3-1: new full-speed USB device number 37 using dummy_hcd
[  312.019999][   T30] audit: type=1326 audit(1744321637.195:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.1.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9d62b8d169 code=0x7ffc0000
[  312.701451][   T30] audit: type=1326 audit(1744321637.195:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8678 comm="syz.1.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d62b8d169 code=0x7ffc0000
[  313.217034][ T5893] usb 4-1: device descriptor read/all, error -71
[  313.262693][ T3086] usb 3-1: device descriptor read/all, error -71
[  314.718849][ T6617] usb 5-1: USB disconnect, device number 41
[  316.970010][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  316.976370][ T1301] ieee802154 phy1 wpan1: encryption failed: -22