last executing test programs:

6.192896503s ago: executing program 3 (id=2030):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@local, @remote, 0x1, 0x2, [@empty, @remote]}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x78d9}, [@IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x2}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000840}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x4c, r1, 0x1, 0x70bd28, 0x25dfdbfe, {{}, {@void, @val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r5, 0x0, 0xd}, 0x18)
r6 = fsopen(&(0x7f0000000000)='devpts\x00', 0x0)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000000314230c2abd7000ff05df250900020073797a310000000008004100727865001400330073797a5f74756e"], 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r8, &(0x7f0000000980)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x18, 0x140c, 0x100, 0x70bd27, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_CQN={0x8, 0x3d, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x14000}, 0x40000)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r9=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r8, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {r9, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x0, @empty}, @in={0x2, 0x0, @empty}}}, 0x118)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)
r10 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_usb_connect$cdc_ncm(0x2, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000040)='source', &(0x7f0000000380)='//\xf2b\x06\b\xba\xdfXo\xdc\xea\x95\x9a\x9b/Q9\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce\x14/8\\\x00\x00\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x94=\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4c\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8p\xa1\xaa\x80I\xa5\xc6\xf3\xf2\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xf1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4b\xe3j%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\xe5\xa8Q\xc9\xe75Q\xea\xd8\xa2=F\x9b\x8f\x8d\xfc\' {e\x949X\xda\xe8H\x1a\x85\xd7%\x93?w}\xfb\xd9t\xea\xbb\xbe\x9b\\\xd7\xd7\xd4\xe2\xd6c(`(r\xd2\xb1G\xe3\xda&\xca\xaa\xba\v\xc5\xa3H\xb1\x11G\xab\xa2\x1f\xa0\xc3\xd9\xcd\xfb\x1a,\x13S\xf1\xfe\xe5F\xf4\xfb\xc8|\x89\x0fNq\x97J\xb9J\x88S\xc5\xb8\x12\x93\xbe\xb9b\xc7\xbc\x03\x03.E\xab\x82\x1c\xbc1\x9d\x14\xfa\x1f\xdd\x1e*\x03`\x91\xe8x\x0f\x05\x1e\xf5\xbfNo\xd4\x0f]S\x85\x89@\xa9f\x05\xfe\x9fkM\xa5\xf6\xc2\x04\xbf\xc7\x00<\x9b\xd5vZ1\xa2j\x9a\xeb6\xa8\xb4\xd9\vv\x94O\xb1\tS\x7f\xf2\xfe\x8dl\xf8\x00\x99\f5\xb7\xee\x95\xf3\xa5\xf1\xf2Z?\xcc\x8d\x9dy\x969\xd8}u\x88\"biYO\xac=j_\xf66{\xf0\xec\xdc1n\x1b\x15\x85N\x1d\x80Z\x1b\x86\xdby4\xcf\x90\b\xf6\x1b\xe6\xf8U\xe9F\x1c+\x14&\x00B\xb0jUS\xaa9\xe5\x1agO\x93\xfe\x98\x00\x00\x00\x00\x00\x04', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='source', &(0x7f0000000640)='//\\b\x06\b\xba\xdfXo\xdc\xea\x95\x9a\x9b/Q9\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce\x14/8\\\x00\x00\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x94=\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4c\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8p\xa1\xaa\x80I\xa5\xc6\xf3\xf2\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xf1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4b\xe3j%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\xe5\xa8Q\xc9\xe75Q\xea\xd8\xa2=F\x9b\x8f\x8d\xfc\' {e\x949X\xda\xe8H\x1a\x85\xd7%\x93?w}\xfb\xd9t\xea\xbb\xbe\x9b\\\xd7\xd7\xd4\xe2\xd6c(`(r\xd2\xb1G\xe3\xda&\xca\xaa\xba\v\xc5\xa3H\xb1\x11G\xab\xa2\x1f\xa0\xc3\xd9\xcd\xfb\x1a,\x13S\xf1\xfe\xe5F\xf4\xfb\xc8|\x89\x0fNq\x97J\xb9J\x88S\xc5\xb8\x12\x93\xbe\xb9b\xc7\xbc\x03\x03.E\xab\x82\x1c\xbc1\x9d\x14\xfa\x1f\xdd\x1e*\x03`\x91\xe8x\x0f\x05\x1e\xf5\xbfNo\xd4\x0f]S\x85\x89@\xa9f\x05\xfe\x9fkM\xa5\xf6\xc2\x04\xbf\xc7\x00<\x9b\xd5vZ1\xa2j\x9a\xeb6\xa8\xb4\xd9\vv\x94O\xb1\tS\x7f\xf2\xfe\x8dl\xf8\x00\x99\f5\xb7\xee\x95\xf3\xa5\xf1\xf2Z?\xcc\x8d\x9dy\x969\xd8}u\x88\"biYO\xac=j_\xf66{\xf0\xec\xdc1n\x1b\x15\x85N\x1d\x80Z\x1b\x86\xdby4\xcf\x90\b\xf6\x1b\xe6\xf8U\xe9F\x1c+\x14&\x00B\xb0jUS\xaa9\xe5\x1agO\x93\xfe\x98\x00\x00\x00\x00\x00\x04', 0x0)
ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f00000000c0))
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0xf}, {0x1, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7, 0x0, "16e90b", 0x5, 0x5}]}}}, 0x12)

5.501264084s ago: executing program 3 (id=2036):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/19, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, 0x0, &(0x7f00000001c0))
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x428a4}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x8000)
sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@dellink={0x20, 0x11, 0x1, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, 0x408}}, 0x20}, 0x1, 0x200000000000000, 0x0, 0x4}, 0x40cc040)

5.232390778s ago: executing program 2 (id=2039):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="1201000000000010711e0920000000000001090224000100000000090400090103000100092105000001220500090581030002"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000000100), 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x5, 0x9a, &(0x7f00000008c0)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x88, 0x2, 0x1, 0x6, 0xc0, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "bf99adf4c0ee"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x40, 0x6, 0x7f}, {0x6, 0x24, 0x1a, 0x2, 0x11}, [@mdlm={0x15, 0x24, 0x12, 0x9}, @country_functional={0x6, 0x24, 0x7, 0xff, 0x400}, @network_terminal={0x7, 0x24, 0xa, 0x0, 0x6b, 0x80, 0x2}, @acm={0x4, 0x24, 0x2, 0x1}]}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0x0, 0x4, 0x2}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x2, 0x0, 0x1a}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x6, 0x1, 0xfc}}}}}}}]}}, &(0x7f0000000240)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x300, 0x5, 0x58, 0x3, 0x10, 0x4}, 0x20, &(0x7f0000000800)={0x5, 0xf, 0x20, 0x1, [@generic={0x1b, 0x10, 0x4, "a1d7e4d7d2bfa65a8fcabb5ea15953013c03a4a1e28dbc6d"}]}, 0x1, [{0x4, &(0x7f00000000c0)=@lang_id={0x4, 0x3, 0x40e}}]})
r1 = epoll_create1(0x0)
r2 = fcntl$dupfd(r1, 0x2, 0xffffffffffffffff)
r3 = fanotify_init(0x2, 0x0)
fanotify_mark(r3, 0x1, 0x100b, r2, 0x0)
fanotify_mark(r3, 0x2, 0x800102b, r2, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETVNETHDRSZ(r4, 0x400454d8, &(0x7f0000000140)=0x90)
write$tun(r4, &(0x7f00000002c0)=ANY=[@ANYRES16=r4, @ANYRESOCT], 0xfdef)

5.231841741s ago: executing program 3 (id=2040):
r0 = socket(0x10, 0x80002, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703340000001f03000000000000040014000d000a000d0000009ee517d3334abc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20004002)
sendmsg(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020100000005fe060c10880008000f00fff3c00e140000001a00ffffba16a0aa1c091dbfa1090000", 0x38}], 0x1}, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0xa800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000180)={0x0, 0x0, r3, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_DIRTYFB(r2, 0xc01864b1, &(0x7f0000000280)={r4, 0x3, 0x9})
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000916000/0x4000)=nil, 0x4000, 0x200000d, 0x10, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000000)={0x80, 0x5, 0x10009})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r6, 0x100000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x38, 0x0, r0})
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000200)='bbr', 0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x1c1)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r7, 0x80086601, &(0x7f0000000000))
r8 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r9 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000540)="a66d0fd2e656ef18fb4f057ff2f8662d1de316f6d58bdedec7bfa66995c9a82dde4c305a105357748d68335d2744854ca7de1cf034fa3540d5bc6e17bac4f815971c9c147bcd7629e811b2f48ad5688503b9f66d6c7432984f5808a4d784b05b6525047beb35d029d60e2a9ab3bbf30e6eedff1cb4067a3e2016e609658f8f667755a9eaef26a422584dc26b2fc7d5427144efbdf71d6611fdae8a250ab0a04a78c1a26e7f04dbd3bfce59e758ff751b9ab305faab637b32458d8d7150562d029ff8d06091f5dc8609ac6feb0c144749529867135b2ea7081414fc6fbc7f97aabf668a0b742c3aae87e4cc7bc1f3f806866f38ee", 0xf4, r9)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x10, 0x2f, 0x1, 0xfffffffd, 0x25dfdbfc}, 0x10}], 0x1, 0x0, 0x0, 0x1}, 0x0)
keyctl$KEYCTL_MOVE(0x1e, r8, 0xffffffffffffffff, r9, 0x1)
r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r11, 0x5423, &(0x7f0000000080)=0x15)
ioctl$TIOCSTI(r11, 0x5412, &(0x7f0000000380)=0x7d)
recvmmsg(r0, &(0x7f0000002300)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f00000010c0)=[{0x0}, {&(0x7f00000011c0)=""/4093, 0xffd}, {&(0x7f0000000dc0)=""/200, 0xc8}], 0x3}, 0x8}], 0x2, 0x20, 0x0)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3000005, 0x13, r0, 0xbd61000)
fsopen(&(0x7f0000000240)='hfs\x00', 0x1)

4.8021871s ago: executing program 0 (id=2041):
r0 = socket$packet(0x11, 0x3, 0x300)
socket(0x1e, 0x4, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="6ec595b4a5d76ac4e3b19bfb4e26735f", 0x10)
sendto$inet6(r3, &(0x7f0000000080)="255b2a20f709b4a43a1307c620044218fe1f90c892edda55948fc95472faf24df297a8e4228b32dcc11a0a004c287b035078ffffffffffeffffdfc5955de", 0xfffffffffffffd0b, 0x800, 0x0, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x4006}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000240)={0x0, 0x0}, 0x8)

4.801732222s ago: executing program 3 (id=2042):
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, 0x0, 0x4000)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/60, 0x3c}], 0x1, &(0x7f0000000180)=""/41, 0x29}, 0x2}, {{&(0x7f0000000480)=@nl, 0x80, &(0x7f0000000540)=[{&(0x7f0000000500)=""/53, 0x35}], 0x1, &(0x7f0000000580)=""/20, 0x14}, 0x9}], 0x2, 0x20, &(0x7f0000000640))
write$char_usb(r0, &(0x7f0000001300)='7', 0x1)
write$char_usb(r0, &(0x7f0000000080)='V', 0x1)
openat$ptmx(0xffffff9c, &(0x7f0000000000), 0x80, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004500003c000000000006907864010102ac1414aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="ac80006f00"/28], 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000004, 0x42032, 0xffffffffffffffff, 0x0)

4.512066556s ago: executing program 1 (id=2044):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
write(r0, &(0x7f0000000280)="e8bd8a4c56281ba2ba42cfa5b9fe5fc6dcde2ee431f5595ceadb9a2c95e57f15ee4a83f9e7d78ea996f78bd588bedcdbc730d6d15df6d2a26ca4e55e97ed0522a190ce241a37bad3317fba7e4be3dbbfec5e2f401b5658cc", 0x58)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0x5)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r1, 0xa, 0x13)
fcntl$setlease(r1, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)

3.901491166s ago: executing program 0 (id=2045):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)={0x2c, r0, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_REKEY_DATA={0x10, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "4e6f416551ef4fee"}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x929c1f6559b1a90b}, 0x4004090) (fail_nth: 2)

3.901257519s ago: executing program 0 (id=2046):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r3})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000006900000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4401, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.669806627s ago: executing program 1 (id=2047):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000005000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x4e1, &(0x7f0000000380)={0x0, 0xf984, 0x10100, 0x3, 0x0, 0x0, r2}, &(0x7f0000000180), &(0x7f00000001c0))
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0}}, 0x800)
io_uring_enter(r3, 0x708, 0x41e3, 0x0, 0x0, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000045c0)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000480)=""/236, 0xec}], 0x1}, 0x4}], 0x1, 0x10000, 0x0)

3.551368028s ago: executing program 2 (id=2048):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])

3.420547011s ago: executing program 2 (id=2049):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe80"], 0x0)
syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x101441)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r0 = semget$private(0x0, 0x4, 0x29b)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c3314, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000240)={0x0, @in={{0x2, 0x4e24, @broadcast}}, 0x2, 0x7, 0xfffffff8, 0xd, 0x10, 0x802, 0x8}, &(0x7f0000000100)=0x9c)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00", 0x26}, {0x0}], 0x2}, 0x4)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
semctl$SEM_STAT_ANY(r0, 0x3, 0x14, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3100000000080041007369770014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x8801}, 0x20000000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x640800, 0x0)
syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000000900000030000380140002"], 0x44}}, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r6, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@dstopts={{0x18, 0x29, 0x37, {0x3c}}}], 0x18}, 0xc044)
openat$binder_debug(0xffffff9c, &(0x7f0000000200)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})

3.251455288s ago: executing program 2 (id=2050):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r3})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000006900000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4401, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.931141177s ago: executing program 0 (id=2051):
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x5)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
write(r0, &(0x7f0000000280)="e8bd8a4c56281ba2ba42cfa5b9fe5fc6dcde2ee431f5595ceadb9a2c95e57f15ee4a83f9e7d78ea996f78bd588bedcdbc730d6d15df6d2a26ca4e55e97ed0522a190ce241a37bad3317fba7e4be3dbbfec5e2f401b5658cc8fda", 0xffffffe5)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0x5)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f0000000080), 0x4)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r2, 0xa, 0x13)
fcntl$setlease(r2, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

2.561282132s ago: executing program 1 (id=2052):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mkdirat(0xffffffffffffff9c, 0x0, 0x4c)
symlinkat(&(0x7f0000000040)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_off}]})
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0/file0\x00', 0x1000)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)

2.560677562s ago: executing program 1 (id=2053):
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
syz_io_uring_complete(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0xff, "d4e9002b2c000000ff00"})
r5 = syz_open_pts(r4, 0x0)
ioctl$TCSETS2(r5, 0x402c542b, &(0x7f0000000000)={0x49, 0x10, 0xfffff000, 0x1, 0x1, "e2076db91f5fa71a758077b8bf00e8e4958658", 0x0, 0x5})
r6 = dup(r5)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x100007, 0x4, 0x25, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
r7 = add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, r7, 0x0)
keyctl$instantiate(0xc, r0, &(0x7f0000000280)=@encrypted_update={'update ', 'ecryptfs', 0x20, 'user:', '-&#},'}, 0x1b, r7)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETLED(r8, 0x4b32, 0x7)

2.335001958s ago: executing program 2 (id=2054):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000001600)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf200000000000002600020007ffffffbd0310000000000095002000000000006916000000000000bf6700000000000004070000b964b01a4607feff00200000540700000ee61e00bf150000000000000f5700000000000065070000d23700002c030000000000001f75000000000000bf54000000000000070000000400f9ffad430100000000007c000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c4ed68ecf264e0f84f9f17d3c30e3c7bdd2d17f2f175455000078af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd390700000500000000f18c30907d7bee45a0100000fe9de56c9d05000000c6c60bef0d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cac3f1d5af65727546e7c955ccefa1f6ab689ffffff7f63ede202fa4e0a2127b8b83c71a51445dc8dfd13ff15f852a39e5b2ab7bcb8f512036a5ba6d04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916fcecc8158f0200000000c8fb735fd552bdc268694aeb0743e326c819b6cf5c8ac86f8a297dff0445a13d0045fb3cda30a673a6037ed8c85f21ec2c081bdce431e56723888fb126a19bc1172b84b3ebe174aba210d739a018f9bbec63222d20cecac4d03723f1c921b5bbf7949632cacfdd32b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbb400001e3738270b315d362ed834f2af97787f696649a462e7e090000000000000045eac1f2014f720e83b7838e3eede14308d582685e1becd6f35154bcb4000000000000000000000000000000bc3af2b170ad3e2b26539cebca8f4ddc211bc3ccf0bd9d42ca019dd5d022cf74686e9fbe2562979eaed840a7afaab43176e65ec1118d46d1e827f3472f4445d353887a5ad103649afa1769080584f800031e03a651bb04000000ab04871bc47287cd31cc43ea0ffb567b4040c1458d0320ce7d0000413a0000000000000000005f37983f84e98a523d80bd56a57fa82b82f639601ae899a559944cb9a62a29ab028acfc1cb26a0f6a5480a55d624a0c544ba0dc828c22fe30000aa391598000000437d57fcf8295f63a70837f5cd4e5e77964522dc7ca3aa3476b7f2d851d27fd4de6eabb43e0799dc8d9fb7dc6c523ffbd74a6a40e4acb1ac872ade9d1f2ab779b8dbe843aeeda0426c767c00327b8c95b2bb6ddb55117669d9598c0f3598073f3a921c76beceff7e4fbf909a2cabf5b8ea5011db9020823b83abe54346c7af0a99fa077ffe7000feb9e44023a1749eb1d0d572b77d6e0d0fcd74031c8ef2629f5ecff4626746d6abe98a255e92c3c4f79bfcd0d91741380000cfeb73dec68ed56b5d3dfdf0cb8b71ad79000000000000000000000000000000dd434a25e95d0ec29d3adaccf89d0888031ecdfdb4dfbe444673be099ece7e4009c76c7108ef0a7e59fd6d906fbc3c9b412e0478cfee4485f423c63f49db43833c92eeeb647cebd4d7a93a17bcbb6bae5ff876375d4fe39cc2d292691672cc18ca372104ceb83a35ecedd97fc191d8f64d2b1d60c6d12911aada66c26aa4802c3514c3d92ec905000000b13f4a2575fbe943a6c40000000000000000000000000000028026b80c3899543223a6079ee96198b9a326db3be3a48af415ca28ca68c502550044ed8e29af8d763ef9b1f31befcad2ce5394601c7cdc233bff7f0000000000009fb3ad650f77e339768924dfdbeead13b88371154d743544a6091ec93e0d3fd5b4dc42911c1ba322fd4d6fbf19e617d51f964727bfd5cc5ba15370f6e1141d2271eded0b15e4316a1e4623272beb249a0928c417720be14c898f397411c88a7bcf3df46ab3efe7cd5e160c2afd3cc945f75011a102d952c7ad17a58d9be691c334ea35bae71e76e160cc2260bd028162917807ce89e11b5f261052ee0dde18efa1d802af2b7bcf6f8af41933cea0d0343261bccf64ca1c81045153eafbefdb91fbdff9ee3307d4a1837963b2dc2a3698d90e7915b098f19392e792adaea86052f4e948184001b6494e906925a092483adc7e9c8f7a29d226763c100aecae7f00619c36bceb9fb6dd7e55487d8485e498fdfc377fd3d266d21d46ab2f6b2ce22cd0aebba9b0ffbfe8ec3143c3734967c90b16ebbeeae1ce2baaae05aed6bf0f40c8a323f9235dc99698bd0b800067a901a79daada03cc77e74feb98b1586946b452764ff917a8ecc10e529c5bea49cad70e22df522c2803b6ef65df70223c6e22c3433e322d8dbd6e9b040065a9d6b3d5ae276cffe935d559bea88e1aa36b4e6c19e78457904297e77370e013b705a96548d47c609a93c45f4d1382b39c05dcc07d5b49ad75ddb3ce5b5b9416e03995da04647aa5e6fc1a6f5d663380967ccef9de49a90ced031335e3219ebd9d06c257a50497ec523f5ff7361261ccfe239d603364a42e2e81fc068fcbb9792b673827fe7018a988fbce55bb74cdb327ced4b77b8743fb3cb72cc280b9f62e4f92f46a19600b802cba88b7d0a938d9e0e6cfe5d66b874c9a0c6c04b96360d6f499d004179e5b6025c0e1050faec7ecd9de190a975db2f8c06a551236278c4766d7e22e3b85168c9851de6266c791252f919b4f8b257b5a786734e5142e4666c67aef5b7b2f88c6640995434aa8636993089c73f196c54ae829ad4307132655b075ae534fa7f1ea9a17e62357b0bd2bd1d62d34bfc1364640250136729ba4f763ff25c33e8acc806611792add8254e705fefd2a44d5b15e3b36f6b75c97c9c04c511d8cf9e24c61c8284a913a381cb1a5628878040000000000000017b68afd95d4abf7920de9ebe1c89661f4adc3d83d72b1b778e30c2bf2efbbcd054cf51f4205ebf9a98a0d9f18135cb1d8d567c3436fa697b72c3b0200000000000079c0b3339debc78352b2e65299223d7ef2bd540e78167b3ac92a4c4f826f6d0e5c4ebf4f7a70c03e2f5ddbebf168586360c3663531eb5995d228f011a10ffc8b17d716b0c528dab6d0c4fe2ee402348104bc5d4012babedee898c6d3e1017be2e9bc759d3ab4d615f5000000000000000000000000000000000000000000007fff0000000000e693e314adf7dc9f517d04f1e6ca367d30d31d3647c6059db6e1e9529eb1623ef99e2d9ac2ab4872f8e784b07a31110bef6d000000a6f9e89e6d50ee06ce716f94da60f1f22d9669560d296287c13c92070000ee7553eb2df17839542fa88d09f000e88a90cf4406b9000000000000000000000000f441d6a6f516c235c6f5863e7f454ee0e16b9aa2593eb31fa3836703e7765aaeb77a8770e518efaa6d3dd85e03b3b133eb749057cea9af75a0e6f633532f2891b8e263cb6eecea691842827bc7c8c0130187081c8d320642389f5f0c42dba0ff68e84d7b130906f17f6aa075a257310f2d92cb1d1e16468949f5675262ee318e735930b01d8f586e34537bcff7d6196f494cdcf3a712078d745db0f5687a78ee6d000b3d171a0f08299b52d207f32e9da311ca090000003a42732808515eec574f892622c5be497fc3d9ca122d7c18b9e54637812c8debc61f0e42d838e44a819b74bce1a56108bb0fde97a02475920532309c55b2c9ae9f281391ec5cc72a5e94cca1cbf1ff01000000000000bdb537a0c52bd45a9f966c25616cec30c3ea3246cb8e6aac7cf273638e6656a3e4ccadc348f0172028c99cc5f6d5c6d09ed65aa54549e73c28b7c8ad06ad3c5e3c27eec0eff1a6c84f1189919eefcee807fc081e004ffb7d3104af00ac92f1080211c4bee74381a0e31021918f27863fdbafb50f70857d52a1f7df51935a80b1980a4778d35f183ea517f55a98095305701ab3f3ae43f06e91bc7d85e3800b46926944fba9805a985e63e53a62232fcd3f01dbe1728f300e247a7ebe344f9749818ff3961b2a42664ccd680a90bbb6ab400e286acc8f9febef64594777f848ed1cf980a3da2f0f7745760a05887d0c28060d613dd6539d392fc21fee0b5131609664b821d7a994e6c5965a4fa1ec1790c54e54586907dcc5e8bac16e79da9c2444420900000000000000f888a94365b99b72796fca1b922fc9aefaf1546c17cbb1d2d2fd12cb1a49cad501a3ca218c595b667b634606c57987ebfb0783a4948e4561d5cda158fe74453ff4a837beeedba483842c57d6005b544b4f80003386edfd3d4a88a667bd41eefe0d808abed08a29e6bc370a80cc0366fb4080bfbaaa946fd47ab662c794846e403950bbc3a48bb276cbb08a8eab145c06221ef16a238e3d50ad18aea9a2cec97d3c2d0569caabe2bffe02506bc9cb7294c5d020536dd5e7a6351642112df3b55d0215aaec7e45598995e79699e47567e353e68b03f82be860b188554b734e1192f9c1a867b815ef52cdc3307c0cc9be05a40fde69c350e59f11f1d26a4d04d8c8b2c4a4d23ec931d14bc7807db773a614b670acf46f83f7c65a0f8d43c5f64705f0d27c46d4b686e867e9b0be76a7978a8f962bb5a070df97f2bf7612115cfe5ebdc7ad0bc5a5f3ace25347d0e5c347279d55aa67a967380000000000000000000000000000000000000000000000ed0942d980c754c6c69ef65c375ad018824f78b260d5f51bc3feba504408a8c8141d84f3f417603b5081680f346ff0ffbe4ae19e936511966965ce268b6345a0001c0f26a32e0a999fc869292e939dcf89b9bfd794f9c12d41959a00688cca43015a9eec58f647796adea520cd2abeb0b55c22949d10e5a05fee4543fdc1e02554a55b5fef2427a6e5708edc38fac53c2f961945a3f83cdf01979939b49bc6b1aef8c733401bbe473de8d64efbe0d123739f387d1c0d9e74f2175c174ada1678c7db79492e8dd0f34e2ccf419cf7f14ffa408b50a52685b36aed14aa22ad928191d5a2697646edc52a1c0c5d720ae690add2b34aed161f51cc1cb424f76098e1e1921e5a405f9d298a8461f2da30e47b7c6ed7c95c84c745f58723e4cddffae3b53b5b947f9435e589f9ae55b30ecd3827b2de5df31976870823da8058c2538c04e397f3d0ef90c11c74da984fa558697ecb57224ce8fa6f79aadbd7dbf3678e74d790bc2ee72769a3ada1dd504f8e4133ce1effd446bc9a2f139e65cc4bd83912af3122352506c7c2191b3705116b2f4fc20d4e93882bdd6ccea97f3a08d3565b0000000000000000000000000000d35fb97c2d7a9374294dcec3da3df9a13c4fc63b00426682534d894caee0b963a3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe50}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="10007d8005", @ANYRES8=0x0, @ANYRES32=r0], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
openat$tun(0xffffff9c, &(0x7f00000002c0), 0x402880, 0x0)

2.20270138s ago: executing program 2 (id=2055):
sendto$inet(0xffffffffffffffff, &(0x7f000001b000)="2689968d54db21a45f27e53c0887edd6113939dc5a2fb40c521cff1f30b1c778555c870acf2affc61a70262d86cfc4331a71bd2ba8ee01612ecb4e3f50", 0x3d, 0x4000000, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x22, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xfffffffffffffea1, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x9}, 0x80}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
getrlimit(0x0, &(0x7f0000000300))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
pipe(&(0x7f00000001c0))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000b63fe4)={0xa, 0x1, 0x0, @private1}, 0x1c)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$binder(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000810, &(0x7f0000000000)={[{@stats}]})
chroot(0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
dup3(r5, r4, 0x0)

2.053991561s ago: executing program 0 (id=2056):
r0 = getpid()
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x3, 0x10000, 0x0, 0x3, 0x9, 0x6, 0x30002, 0x739, 0x1, 0x73e, 0x7, 0x100000000, 0x1000008, 0x6, 0x3ff, 0xf6], 0x1001, 0x80440})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a32000000000900010073797a30000000001400038008000240010000000800014000000000140000001100"], 0x68}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03000000000000000000020000000900020073797a30000000000900010073797a30000000002c0003800800024000000000080001400000000018000380140001006d61630400633000000000000000000014000000110001"], 0x80}, 0x1, 0x0, 0x0, 0x40801}, 0x0)
close(0x3)

2.000592475s ago: executing program 0 (id=2057):
sendto$inet(0xffffffffffffffff, &(0x7f000001b000)="2689968d54db21a45f27e53c0887edd6113939dc5a2fb40c521cff1f30b1c778555c870acf2affc61a70262d86cfc4331a71bd2ba8ee01612ecb4e3f50", 0x3d, 0x4000000, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x22, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xfffffffffffffea1, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x9}, 0x80}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
getrlimit(0x0, &(0x7f0000000300))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
pipe(&(0x7f00000001c0))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000b63fe4)={0xa, 0x1, 0x0, @private1}, 0x1c)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$binder(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000810, &(0x7f0000000000)={[{@stats}]})
chroot(0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
dup3(r5, r4, 0x0)

1.554484415s ago: executing program 1 (id=2058):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe80"], 0x0)
syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x101441)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r0 = semget$private(0x0, 0x4, 0x29b)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c3314, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000240)={0x0, @in={{0x2, 0x4e24, @broadcast}}, 0x2, 0x7, 0xfffffff8, 0xd, 0x10, 0x802, 0x8}, &(0x7f0000000100)=0x9c)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002", 0x29}, {0x0}], 0x2}, 0x4)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
semctl$SEM_STAT_ANY(r0, 0x3, 0x14, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3100000000080041007369770014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x8801}, 0x20000000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x640800, 0x0)
syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000000900000030000380140002"], 0x44}}, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r6, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=[@dstopts={{0x18, 0x29, 0x37, {0x3c}}}], 0x18}, 0xc044)
openat$binder_debug(0xffffff9c, &(0x7f0000000200)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})

1.378996419s ago: executing program 1 (id=2059):
set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x7)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040844)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x4000050, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000200)=@sr0, &(0x7f0000000280)='./bus\x00', &(0x7f0000000040)='ecryptfs\x00', 0x0, 0x0)
cachestat(0xffffffffffffffff, &(0x7f0000000040), &(0x7f000009de80), 0x0)
syz_clone(0x20223000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x3, 0x4, 0x4, 0xffffffff, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xff, 0x2, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x0, 0x13}}}}}]}}]}}, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

880.651902ms ago: executing program 3 (id=2060):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000005000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0}}, 0x800)
io_uring_enter(0xffffffffffffffff, 0x708, 0x41e3, 0x0, 0x0, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000045c0)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000480)=""/236, 0xec}], 0x1}, 0x4}], 0x1, 0x10000, 0x0)

0s ago: executing program 3 (id=2061):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mkdirat(0xffffffffffffff9c, 0x0, 0x4c)
symlinkat(&(0x7f0000000040)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_off}]})
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0/file0\x00', 0x1000)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)

0s ago: executing program 3 (id=2062):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x2, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r2=>r0})
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f00000000c0)={<r4=>0x0, 0x0, r2})
ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc008640a, &(0x7f0000000180)={r4})
ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc00864d2, &(0x7f0000000140)={r4})

kernel console output (not intermixed with test programs):

type=1804 audit(1765561154.145:172): pid=12081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1698" name="/newroot/446/bus/bus" dev="overlay" ino=2558 res=1 errno=0
[  410.526931][ T6058] usb usb44-port1: unable to enumerate USB device
[  411.184318][T12099] netlink: 'syz.1.1706': attribute type 10 has an invalid length.
[  411.186797][T12099] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1706'.
[  411.190324][T12099] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  411.279354][T12099] netlink: 'syz.1.1706': attribute type 1 has an invalid length.
[  411.281791][T12099] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1706'.
[  411.483086][   T24] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  411.602210][   T40] audit: type=1326 audit(1765561155.214:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12106 comm="syz.2.1709" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70dd579 code=0x0
[  411.642961][   T24] usb 5-1: Using ep0 maxpacket: 16
[  411.644334][   T24] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  411.653929][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  411.653951][   T24] usb 5-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  411.653963][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.659486][   T24] usb 5-1: config 0 descriptor??
[  412.072676][   T24] nzxt-smart2 0003:1E71:2009.000A: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.0-1/input0
[  412.271343][T12101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  412.276372][T12101] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  412.283877][T12101] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1707'.
[  412.356560][   T24] usb 5-1: USB disconnect, device number 23
[  412.926998][T12131] netlink: 'syz.0.1716': attribute type 10 has an invalid length.
[  412.932273][T12131] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1716'.
[  412.935297][T12131] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  412.953685][   T40] audit: type=1804 audit(1765561156.564:174): pid=12129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1714" name="/newroot/450/bus/bus" dev="overlay" ino=2560 res=1 errno=0
[  413.150879][T12131] netlink: 'syz.0.1716': attribute type 1 has an invalid length.
[  413.163676][T12131] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1716'.
[  413.517427][T12143] bond5: entered promiscuous mode
[  413.519107][T12143] bond5: entered allmulticast mode
[  413.520974][T12143] 8021q: adding VLAN 0 to HW filter on device bond5
[  413.692690][T12149] FAULT_INJECTION: forcing a failure.
[  413.692690][T12149] name failslab, interval 1, probability 0, space 0, times 0
[  413.697097][T12149] CPU: 1 UID: 0 PID: 12149 Comm: syz.3.1722 Not tainted syzkaller #0 PREEMPT(full) 
[  413.697113][T12149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  413.697120][T12149] Call Trace:
[  413.697124][T12149]  <TASK>
[  413.697128][T12149]  dump_stack_lvl+0x16c/0x1f0
[  413.697147][T12149]  should_fail_ex+0x512/0x640
[  413.697166][T12149]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  413.697178][T12149]  should_failslab+0xc2/0x120
[  413.697196][T12149]  kmem_cache_alloc_noprof+0x83/0x770
[  413.697210][T12149]  ? skb_clone+0x190/0x3f0
[  413.697224][T12149]  ? skb_clone+0x190/0x3f0
[  413.697234][T12149]  skb_clone+0x190/0x3f0
[  413.697246][T12149]  netlink_deliver_tap+0xabd/0xd30
[  413.697262][T12149]  netlink_unicast+0x64c/0x870
[  413.697277][T12149]  ? __pfx_netlink_unicast+0x10/0x10
[  413.697295][T12149]  netlink_sendmsg+0x8c8/0xdd0
[  413.697311][T12149]  ? __pfx_netlink_sendmsg+0x10/0x10
[  413.697326][T12149]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  413.697351][T12149]  ____sys_sendmsg+0xa5d/0xc30
[  413.697367][T12149]  ? __pfx_____sys_sendmsg+0x10/0x10
[  413.697381][T12149]  ? get_compat_msghdr+0x11a/0x170
[  413.697399][T12149]  ___sys_sendmsg+0x134/0x1d0
[  413.697411][T12149]  ? __pfx____sys_sendmsg+0x10/0x10
[  413.697429][T12149]  ? find_held_lock+0x2b/0x80
[  413.697452][T12149]  __sys_sendmsg+0x16d/0x220
[  413.697463][T12149]  ? __pfx___sys_sendmsg+0x10/0x10
[  413.697483][T12149]  __do_fast_syscall_32+0xe8/0x680
[  413.697499][T12149]  do_fast_syscall_32+0x32/0x80
[  413.697529][T12149]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  413.697544][T12149] RIP: 0023:0xf7fd2579
[  413.697553][T12149] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  413.697565][T12149] RSP: 002b:00000000f54c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  413.697576][T12149] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000100
[  413.697583][T12149] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000
[  413.697589][T12149] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  413.697595][T12149] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  413.697601][T12149] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  413.697615][T12149]  </TASK>
[  413.890661][T12156] 9p: Bad value for 'version'
[  414.834751][   T40] audit: type=1804 audit(1765561158.443:175): pid=12169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1729" name="/newroot/456/bus/bus" dev="overlay" ino=2608 res=1 errno=0
[  416.068157][T12190] FAULT_INJECTION: forcing a failure.
[  416.068157][T12190] name failslab, interval 1, probability 0, space 0, times 0
[  416.072293][T12190] CPU: 3 UID: 0 PID: 12190 Comm: syz.1.1735 Not tainted syzkaller #0 PREEMPT(full) 
[  416.072308][T12190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  416.072315][T12190] Call Trace:
[  416.072320][T12190]  <TASK>
[  416.072325][T12190]  dump_stack_lvl+0x16c/0x1f0
[  416.072343][T12190]  should_fail_ex+0x512/0x640
[  416.072361][T12190]  ? kmem_cache_alloc_noprof+0x62/0x770
[  416.072380][T12190]  should_failslab+0xc2/0x120
[  416.072397][T12190]  kmem_cache_alloc_noprof+0x83/0x770
[  416.072411][T12190]  ? __pmd_alloc+0xbf/0x9c0
[  416.072430][T12190]  ? __pmd_alloc+0xbf/0x9c0
[  416.072446][T12190]  __pmd_alloc+0xbf/0x9c0
[  416.072463][T12190]  __handle_mm_fault+0xbeb/0x2bb0
[  416.072479][T12190]  ? __pfx___handle_mm_fault+0x10/0x10
[  416.072498][T12190]  ? find_vma+0xbf/0x140
[  416.072513][T12190]  ? __pfx_find_vma+0x10/0x10
[  416.072526][T12190]  ? register_lock_class+0x41/0x4b0
[  416.072540][T12190]  handle_mm_fault+0x3fe/0xad0
[  416.072554][T12190]  do_user_addr_fault+0x7a6/0x1370
[  416.072570][T12190]  ? rcu_is_watching+0x12/0xc0
[  416.072587][T12190]  exc_page_fault+0x64/0xc0
[  416.072601][T12190]  asm_exc_page_fault+0x26/0x30
[  416.072612][T12190] RIP: 0010:__put_user_4+0xd/0x20
[  416.072626][T12190] Code: 66 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90
[  416.072637][T12190] RSP: 0018:ffffc900033879b8 EFLAGS: 00050202
[  416.072646][T12190] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000080000c40
[  416.072653][T12190] RDX: ffff8880598b8000 RSI: ffffffff8a62a5d0 RDI: ffffffff8bf2a980
[  416.072660][T12190] RBP: 1ffff92000670f39 R08: 00000000246d54e8 R09: 000000008246d54e
[  416.072667][T12190] R10: 0000000000000001 R11: ffff8880598b8b30 R12: ffff8880134d50e8
[  416.072674][T12190] R13: 0000000080000c40 R14: ffff8880134d5000 R15: 0000000080000c40
[  416.072686][T12190]  ? ax25_ioctl+0x190/0xb20
[  416.072706][T12190]  ax25_ioctl+0x19a/0xb20
[  416.072723][T12190]  ? __pfx_ax25_ioctl+0x10/0x10
[  416.072750][T12190]  sock_do_ioctl+0x118/0x280
[  416.072766][T12190]  ? __pfx_sock_do_ioctl+0x10/0x10
[  416.072780][T12190]  ? lockdep_hardirqs_on+0x7c/0x110
[  416.072811][T12190]  ? find_held_lock+0x2b/0x80
[  416.072829][T12190]  sock_ioctl+0x227/0x6b0
[  416.072845][T12190]  ? __pfx_sock_ioctl+0x10/0x10
[  416.072860][T12190]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  416.072884][T12190]  ? __pfx_sock_ioctl+0x10/0x10
[  416.072900][T12190]  do_vfs_ioctl+0x1099/0x14f0
[  416.072915][T12190]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  416.072932][T12190]  ? find_held_lock+0x2b/0x80
[  416.072946][T12190]  ? hook_file_ioctl_common+0x144/0x410
[  416.072960][T12190]  ? __fget_files+0x20e/0x3c0
[  416.072974][T12190]  ? fput+0x40/0xf0
[  416.072988][T12190]  __ia32_compat_sys_ioctl+0x1c0/0x370
[  416.073003][T12190]  __do_fast_syscall_32+0xe8/0x680
[  416.073019][T12190]  do_fast_syscall_32+0x32/0x80
[  416.073034][T12190]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  416.073047][T12190] RIP: 0023:0xf7ff3579
[  416.073056][T12190] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  416.073066][T12190] RSP: 002b:00000000f54e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  416.073076][T12190] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000541b
[  416.073083][T12190] RDX: 0000000080000c40 RSI: 0000000000000000 RDI: 0000000000000000
[  416.073089][T12190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  416.073096][T12190] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  416.073102][T12190] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  416.073116][T12190]  </TASK>
[  416.184797][T12192] bond6: entered promiscuous mode
[  416.190707][T12192] bond6: entered allmulticast mode
[  416.193197][T12192] 8021q: adding VLAN 0 to HW filter on device bond6
[  416.547185][T12206] 9p: Bad value for 'version'
[  416.851204][   T40] audit: type=1804 audit(1765561160.462:176): pid=12214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1742" name="/newroot/461/bus/bus" dev="overlay" ino=2651 res=1 errno=0
[  417.425376][T12226] FAULT_INJECTION: forcing a failure.
[  417.425376][T12226] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  417.429261][T12226] CPU: 1 UID: 0 PID: 12226 Comm: syz.0.1745 Not tainted syzkaller #0 PREEMPT(full) 
[  417.429287][T12226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  417.429295][T12226] Call Trace:
[  417.429299][T12226]  <TASK>
[  417.429304][T12226]  dump_stack_lvl+0x16c/0x1f0
[  417.429322][T12226]  should_fail_ex+0x512/0x640
[  417.429342][T12226]  should_fail_alloc_page+0xe7/0x130
[  417.429361][T12226]  prepare_alloc_pages+0x401/0x670
[  417.429381][T12226]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  417.429395][T12226]  ? should_fail_alloc_page+0xee/0x130
[  417.429413][T12226]  ? rcu_is_watching+0x12/0xc0
[  417.429429][T12226]  ? trace_mm_page_alloc+0x11b/0x180
[  417.429445][T12226]  ? __alloc_frozen_pages_noprof+0x292/0x2430
[  417.429461][T12226]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  417.429474][T12226]  ? __perf_event_task_sched_in+0x27a/0xa10
[  417.429489][T12226]  ? lock_acquire+0x179/0x330
[  417.429501][T12226]  ? finish_task_switch.isra.0+0x202/0xbd0
[  417.429518][T12226]  ? rcu_is_watching+0x12/0xc0
[  417.429532][T12226]  ? finish_task_switch.isra.0+0x207/0xbd0
[  417.429547][T12226]  ? lockdep_hardirqs_on+0x7c/0x110
[  417.429562][T12226]  ? rcu_is_watching+0x12/0xc0
[  417.429579][T12226]  alloc_pages_bulk_noprof+0x77a/0x1410
[  417.429593][T12226]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  417.429611][T12226]  ? policy_nodemask+0xea/0x4e0
[  417.429629][T12226]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  417.429643][T12226]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  417.429665][T12226]  __kasan_populate_vmalloc+0xfb/0x220
[  417.429683][T12226]  alloc_vmap_area+0x98d/0x2a50
[  417.429704][T12226]  ? __pfx_alloc_vmap_area+0x10/0x10
[  417.429724][T12226]  __get_vm_area_node+0x1ca/0x330
[  417.429743][T12226]  __vmalloc_node_range_noprof+0x247/0x16b0
[  417.429755][T12226]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  417.429773][T12226]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  417.429790][T12226]  ? __lock_acquire+0x436/0x2890
[  417.429799][T12226]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  417.429816][T12226]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  417.429830][T12226]  __vmalloc_node_noprof+0xad/0xf0
[  417.429840][T12226]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  417.429855][T12226]  __vmalloc_noprof+0xa3/0x120
[  417.429865][T12226]  ? __pfx___vmalloc_noprof+0x10/0x10
[  417.429878][T12226]  ? apparmor_capable+0x1d7/0x4e0
[  417.429895][T12226]  bpf_prog_alloc_no_stats+0x58/0x600
[  417.429909][T12226]  ? security_capable+0x7e/0x260
[  417.429925][T12226]  bpf_prog_alloc+0x3b/0x230
[  417.429937][T12226]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  417.429954][T12226]  bpf_prog_load+0x19bc/0x2cc0
[  417.429975][T12226]  ? __pfx_bpf_prog_load+0x10/0x10
[  417.429991][T12226]  ? __lock_acquire+0x436/0x2890
[  417.430001][T12226]  ? finish_task_switch.isra.0+0x207/0xbd0
[  417.430016][T12226]  ? lockdep_hardirqs_on+0x7c/0x110
[  417.430029][T12226]  ? finish_task_switch.isra.0+0x207/0xbd0
[  417.430056][T12226]  __sys_bpf+0x3e72/0x4980
[  417.430085][T12226]  ? __pfx___sys_bpf+0x10/0x10
[  417.430096][T12226]  ? preempt_schedule_common+0x44/0xc0
[  417.430109][T12226]  ? preempt_schedule_thunk+0x16/0x30
[  417.430127][T12226]  ? vfs_write+0x454/0x11d0
[  417.430142][T12226]  ? find_held_lock+0x2b/0x80
[  417.430160][T12226]  ? __mutex_unlock_slowpath+0x161/0x790
[  417.430181][T12226]  ? fput+0x70/0xf0
[  417.430191][T12226]  ? ksys_write+0x1ac/0x250
[  417.430206][T12226]  ? __pfx_ksys_write+0x10/0x10
[  417.430224][T12226]  __ia32_sys_bpf+0x76/0xe0
[  417.430234][T12226]  ? lockdep_hardirqs_on+0x7c/0x110
[  417.430247][T12226]  __do_fast_syscall_32+0xe8/0x680
[  417.430263][T12226]  do_fast_syscall_32+0x32/0x80
[  417.430277][T12226]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  417.430291][T12226] RIP: 0023:0xf700d579
[  417.430300][T12226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  417.430311][T12226] RSP: 002b:00000000f53bb55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  417.430322][T12226] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800054c0
[  417.430329][T12226] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  417.430336][T12226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  417.430342][T12226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  417.430348][T12226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  417.430362][T12226]  </TASK>
[  417.430480][T12226] syz.0.1745: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  417.562017][T12226] CPU: 1 UID: 0 PID: 12226 Comm: syz.0.1745 Not tainted syzkaller #0 PREEMPT(full) 
[  417.562032][T12226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  417.562039][T12226] Call Trace:
[  417.562047][T12226]  <TASK>
[  417.562052][T12226]  dump_stack_lvl+0x16c/0x1f0
[  417.562087][T12226]  warn_alloc+0x248/0x3a0
[  417.562103][T12226]  ? __pfx_warn_alloc+0x10/0x10
[  417.562116][T12226]  ? kfree+0x2f8/0x6e0
[  417.562127][T12226]  ? __get_vm_area_node+0x2cd/0x330
[  417.562147][T12226]  ? __get_vm_area_node+0x2cd/0x330
[  417.562163][T12226]  ? __get_vm_area_node+0x1dc/0x330
[  417.562178][T12226]  ? __get_vm_area_node+0x208/0x330
[  417.562198][T12226]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[  417.562213][T12226]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  417.562231][T12226]  ? __lock_acquire+0x436/0x2890
[  417.562241][T12226]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  417.562258][T12226]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  417.562271][T12226]  __vmalloc_node_noprof+0xad/0xf0
[  417.562282][T12226]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  417.562297][T12226]  __vmalloc_noprof+0xa3/0x120
[  417.562307][T12226]  ? __pfx___vmalloc_noprof+0x10/0x10
[  417.562320][T12226]  ? apparmor_capable+0x1d7/0x4e0
[  417.562338][T12226]  bpf_prog_alloc_no_stats+0x58/0x600
[  417.562351][T12226]  ? security_capable+0x7e/0x260
[  417.562368][T12226]  bpf_prog_alloc+0x3b/0x230
[  417.562380][T12226]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  417.562398][T12226]  bpf_prog_load+0x19bc/0x2cc0
[  417.562418][T12226]  ? __pfx_bpf_prog_load+0x10/0x10
[  417.562434][T12226]  ? __lock_acquire+0x436/0x2890
[  417.562444][T12226]  ? finish_task_switch.isra.0+0x207/0xbd0
[  417.562460][T12226]  ? lockdep_hardirqs_on+0x7c/0x110
[  417.562473][T12226]  ? finish_task_switch.isra.0+0x207/0xbd0
[  417.562500][T12226]  __sys_bpf+0x3e72/0x4980
[  417.562512][T12226]  ? __pfx___sys_bpf+0x10/0x10
[  417.562521][T12226]  ? preempt_schedule_common+0x44/0xc0
[  417.562534][T12226]  ? preempt_schedule_thunk+0x16/0x30
[  417.562546][T12226]  ? vfs_write+0x454/0x11d0
[  417.562562][T12226]  ? find_held_lock+0x2b/0x80
[  417.562579][T12226]  ? __mutex_unlock_slowpath+0x161/0x790
[  417.562601][T12226]  ? fput+0x70/0xf0
[  417.562611][T12226]  ? ksys_write+0x1ac/0x250
[  417.562626][T12226]  ? __pfx_ksys_write+0x10/0x10
[  417.562643][T12226]  __ia32_sys_bpf+0x76/0xe0
[  417.562654][T12226]  ? lockdep_hardirqs_on+0x7c/0x110
[  417.562667][T12226]  __do_fast_syscall_32+0xe8/0x680
[  417.562683][T12226]  do_fast_syscall_32+0x32/0x80
[  417.562697][T12226]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  417.562711][T12226] RIP: 0023:0xf700d579
[  417.562720][T12226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  417.562731][T12226] RSP: 002b:00000000f53bb55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  417.562741][T12226] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800054c0
[  417.562748][T12226] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  417.562754][T12226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  417.562761][T12226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  417.562767][T12226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  417.562780][T12226]  </TASK>
[  417.562784][T12226] Mem-Info:
[  417.665079][T12226] active_anon:4401 inactive_anon:6591 isolated_anon:0
[  417.665079][T12226]  active_file:2944 inactive_file:17343 isolated_file:0
[  417.665079][T12226]  unevictable:1768 dirty:313 writeback:0
[  417.665079][T12226]  slab_reclaimable:7797 slab_unreclaimable:65233
[  417.665079][T12226]  mapped:27719 shmem:8103 pagetables:1241
[  417.665079][T12226]  sec_pagetables:320 bounce:0
[  417.665079][T12226]  kernel_misc_reclaimable:0
[  417.665079][T12226]  free:39644 free_pcp:14699 free_cma:0
[  417.679312][T12226] Node 0 active_anon:8kB inactive_anon:60kB active_file:20kB inactive_file:136kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:4kB writeback:0kB shmem:4324kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9644kB pagetables:1192kB sec_pagetables:1120kB all_unreclaimable? yes Balloon:0kB
[  417.688781][T12226] Node 1 active_anon:17596kB inactive_anon:26304kB active_file:11756kB inactive_file:69236kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:110832kB dirty:1248kB writeback:0kB shmem:28088kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4676kB pagetables:3772kB sec_pagetables:160kB all_unreclaimable? no Balloon:0kB
[  417.698757][T12226] Node 0 DMA free:2340kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:0kB free_cma:0kB
[  417.703291][T12229] netlink: 'syz.3.1746': attribute type 10 has an invalid length.
[  417.708159][T12226] lowmem_reserve[]: 0 289 289 289 289
[  417.708184][T12226] Node 0 DMA32 free:20372kB boost:6144kB min:19476kB low:22808kB high:26140kB reserved_highatomic:0KB free_highatomic:0KB active_anon:8kB inactive_anon:56kB active_file:20kB inactive_file:136kB unevictable:3536kB writepending:4kB zspages:344kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:6692kB local_pcp:3540kB free_cma:0kB
[  417.708218][T12226] lowmem_reserve[]: 0 0 0 0 0
[  417.708238][T12226] Node 1 DMA32 free:135864kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:17696kB inactive_anon:26304kB active_file:11756kB inactive_file:69236kB unevictable:3536kB writepending:1248kB zspages:2416kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:51876kB local_pcp:6988kB free_cma:0kB
[  417.708271][T12226] lowmem_reserve[]: 0 0 0 0 0
[  417.708291][T12226] Node 0 DMA: 61*4kB (UE) 2*8kB (E) 4*16kB (UE) 7*32kB (UE) 2*64kB (UE) 1*128kB (E) 0*256kB 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2340kB
[  417.708372][T12226] Node 0 DMA32: 5*4kB (ME) 56*8kB (UME) 96*16kB (UME) 214*32kB (UME) 56*64kB (UME) 32*128kB (UME) 9*256kB (UME) 3*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 20372kB
[  417.708453][T12226] Node 1 DMA32: 1642*4kB (UME) 1524*8kB (UME) 1279*16kB (UM) 173*32kB (UME) 104*64kB (UME) 48*128kB (UME) 28*256kB (UME) 23*512kB (UME) 16*1024kB (UM) 9*2048kB (UM) 6*4096kB (UM) = 135896kB
[  417.708544][T12226] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  417.711336][T12229] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1746'.
[  417.712734][T12226] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  417.712745][T12226] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  417.712754][T12226] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  417.712763][T12226] 28625 total pagecache pages
[  417.712767][T12226] 239 pages in swap cache
[  417.712772][T12226] Free swap  = 119432kB
[  417.712776][T12226] Total swap = 124996kB
[  417.712781][T12226] 524155 pages RAM
[  417.723826][T12229] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  417.724432][T12226] 0 pages HighMem/MovableOnly
[  417.724439][T12226] 209047 pages reserved
[  417.724443][T12226] 0 pages cma reserved
[  417.855588][T12229] netlink: 'syz.3.1746': attribute type 1 has an invalid length.
[  417.858603][T12229] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1746'.
[  418.039921][T12240] 8021q: adding VLAN 0 to HW filter on device bond7
[  418.071735][T12240] bond7: (slave veth17): Enslaving as an active interface with an up link
[  418.094421][T12240] bond7: (slave dummy0): Enslaving as an active interface with an up link
[  418.290584][T12240] bond7 (unregistering): (slave veth17): Releasing backup interface
[  418.296266][T12240] bond7 (unregistering): (slave dummy0): Releasing backup interface
[  418.300096][T12240] bond7 (unregistering): Released all slaves
[  418.376581][T12245] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  418.379021][T12245] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  418.381923][T12245] vhci_hcd vhci_hcd.0: Device attached
[  418.646524][ T6058] usb 44-1: SetAddress Request (38) to port 0
[  418.649575][ T6058] usb 44-1: new SuperSpeed USB device number 38 using vhci_hcd
[  418.704272][T12254] bond6: entered promiscuous mode
[  418.705934][T12254] bond6: entered allmulticast mode
[  418.708090][T12254] 8021q: adding VLAN 0 to HW filter on device bond6
[  419.120393][T12246] vhci_hcd: connection reset by peer
[  419.123018][   T60] vhci_hcd vhci_hcd.3: stop threads
[  419.124755][   T60] vhci_hcd vhci_hcd.3: release socket
[  419.126586][   T60] vhci_hcd vhci_hcd.3: disconnect device
[  419.317005][T12262] 9p: Bad value for 'version'
[  419.375057][   T40] audit: type=1804 audit(1765561162.980:177): pid=12265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1754" name="/newroot/408/bus/bus" dev="overlay" ino=2377 res=1 errno=0
[  419.578035][T12270] netlink: 'syz.1.1756': attribute type 10 has an invalid length.
[  419.581578][T12270] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1756'.
[  419.585701][T12270] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  419.660031][T12270] netlink: 'syz.1.1756': attribute type 1 has an invalid length.
[  419.663274][T12270] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1756'.
[  420.478065][T12294] /dev/nullb0: Can't open blockdev
[  421.087700][ T7201] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  421.427142][ T7201] usb 7-1: Using ep0 maxpacket: 16
[  421.670334][ T7201] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  421.673413][ T7201] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  421.676468][ T7201] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  421.680934][ T7201] usb 7-1: config 1 interface 0 has no altsetting 0
[  421.689042][ T7201] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  421.691894][ T7201] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.694894][ T7201] usb 7-1: Product: syz
[  421.696347][ T7201] usb 7-1: Manufacturer: syz
[  421.698059][ T7201] usb 7-1: SerialNumber: syz
[  422.140007][T12307] random: crng reseeded on system resumption
[  422.196599][T12308] netlink: 'syz.3.1764': attribute type 10 has an invalid length.
[  422.620386][T12311] netlink: 'syz.1.1765': attribute type 10 has an invalid length.
[  422.623548][T12311] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1765'.
[  422.626684][T12311] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  422.691064][T12311] netlink: 'syz.1.1765': attribute type 1 has an invalid length.
[  422.693510][T12311] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1765'.
[  423.096026][ T7201] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 31 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  423.137492][ T7201] usb 7-1: USB disconnect, device number 31
[  423.255066][ T7201] usblp0: removed
[  423.619463][T12325] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  423.621553][T12325] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  423.624297][T12325] vhci_hcd vhci_hcd.0: Device attached
[  423.699130][ T6058] usb 44-1: device descriptor read/8, error -110
[  423.899235][   T24] usb 42-1: SetAddress Request (30) to port 0
[  423.902973][   T24] usb 42-1: new SuperSpeed USB device number 30 using vhci_hcd
[  423.930754][ T6135] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  423.974090][T12326] vhci_hcd: connection reset by peer
[  423.976297][ T6146] vhci_hcd vhci_hcd.2: stop threads
[  423.978354][ T6146] vhci_hcd vhci_hcd.2: release socket
[  423.980689][ T6146] vhci_hcd vhci_hcd.2: disconnect device
[  424.051626][T12333] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  424.053712][T12333] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  424.056520][T12333] vhci_hcd vhci_hcd.0: Device attached
[  424.090213][ T6135] usb 6-1: Using ep0 maxpacket: 16
[  424.093658][ T6135] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  424.097323][ T6135] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  424.101277][ T6135] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  424.107172][ T6135] usb 6-1: config 1 interface 0 has no altsetting 0
[  424.113148][ T6135] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  424.116934][ T6135] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.120552][ T6135] usb 6-1: Product: syz
[  424.122046][ T6135] usb 6-1: Manufacturer: syz
[  424.124211][ T6135] usb 6-1: SerialNumber: syz
[  424.149742][ T6058] usb 44-1: SetAddress Request (39) to port 0
[  424.158054][ T6058] usb 44-1: new SuperSpeed USB device number 39 using vhci_hcd
[  424.442159][ T6135] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 32 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  424.468038][ T6135] usb 6-1: USB disconnect, device number 32
[  424.481786][ T6135] usblp0: removed
[  424.761323][T12334] vhci_hcd: connection reset by peer
[  424.763912][ T6771] vhci_hcd vhci_hcd.3: stop threads
[  424.765677][ T6771] vhci_hcd vhci_hcd.3: release socket
[  424.767846][ T6771] vhci_hcd vhci_hcd.3: disconnect device
[  424.939660][ T7201] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  424.979758][ T6479] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  425.089770][ T7201] usb 7-1: Using ep0 maxpacket: 16
[  425.093588][ T7201] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  425.098069][ T7201] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  425.102488][ T7201] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.107940][ T7201] usb 7-1: config 0 descriptor??
[  425.129816][ T7201] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input29
[  425.471857][T12347] random: crng reseeded on system resumption
[  425.536827][T12349] netlink: 'syz.3.1775': attribute type 10 has an invalid length.
[  425.543162][T12350] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1776'.
[  425.646675][T12354] netlink: 'syz.0.1777': attribute type 10 has an invalid length.
[  425.651237][T12354] siw: device registration error -23
[  425.714913][ T1025] libceph: connect (1)[c::]:6789 error -101
[  425.720518][ T1025] libceph: mon0 (1)[c::]:6789 connect error
[  426.470961][ T1025] libceph: connect (1)[c::]:6789 error -101
[  426.473598][ T1025] libceph: mon0 (1)[c::]:6789 connect error
[  426.982151][ T1025] libceph: connect (1)[c::]:6789 error -101
[  426.986944][ T1025] libceph: mon0 (1)[c::]:6789 connect error
[  427.010656][ T6271] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  427.171080][ T6271] usb 6-1: Using ep0 maxpacket: 16
[  427.174909][ T6271] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  427.178248][ T6271] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  427.182651][ T6271] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  427.187469][ T6271] usb 6-1: config 1 interface 0 has no altsetting 0
[  427.192815][ T6271] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  427.196693][ T6271] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.199987][ T6271] usb 6-1: Product: syz
[  427.201814][ T6271] usb 6-1: Manufacturer: syz
[  427.203386][ T6271] usb 6-1: SerialNumber: syz
[  427.418298][ T6271] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 33 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  427.426297][ T6271] usb 6-1: USB disconnect, device number 33
[  427.430898][ T6271] usblp0: removed
[  427.698138][T12352] ceph: No mds server is up or the cluster is laggy
[  427.744177][ T5337] bcm5974 7-1:0.0: could not read from device
[  427.751338][ T7201] usb 7-1: USB disconnect, device number 32
[  427.752694][ T5337] bcm5974 7-1:0.0: could not read from device
[  427.863459][T12378] netlink: 'syz.2.1785': attribute type 10 has an invalid length.
[  427.866782][T12378] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1785'.
[  427.870819][T12378] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  427.960121][T12378] netlink: 'syz.2.1785': attribute type 1 has an invalid length.
[  427.963394][T12378] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1785'.
[  427.995637][T12381] random: crng reseeded on system resumption
[  428.003520][T12381] netlink: 'syz.1.1786': attribute type 10 has an invalid length.
[  428.007913][T12381] siw: device registration error -23
[  428.055103][T12383] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  428.057276][T12383] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  428.060364][T12383] vhci_hcd vhci_hcd.0: Device attached
[  428.083916][T12387] netlink: 'syz.2.1787': attribute type 1 has an invalid length.
[  428.131119][T12387] 8021q: adding VLAN 0 to HW filter on device bond7
[  428.187353][T12389] bond7: (slave veth11): Enslaving as an active interface with an up link
[  428.196066][T12387] bond7: (slave dummy0): Enslaving as an active interface with an up link
[  428.313133][T12387] bond7 (unregistering): (slave veth11): Releasing backup interface
[  428.318585][T12387] bond7 (unregistering): (slave dummy0): Releasing backup interface
[  428.323630][T12387] bond7 (unregistering): Released all slaves
[  428.742690][T12384] vhci_hcd: connection closed
[  428.743424][   T46] vhci_hcd vhci_hcd.3: stop threads
[  428.747826][   T46] vhci_hcd vhci_hcd.3: release socket
[  428.750285][   T46] vhci_hcd vhci_hcd.3: disconnect device
[  428.982065][   T24] usb 42-1: device descriptor read/8, error -110
[  429.211861][ T1025] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  429.222011][ T6058] usb 44-1: device descriptor read/8, error -110
[  429.333782][ T6058] usb usb44-port1: attempt power cycle
[  429.371943][ T1025] usb 5-1: Using ep0 maxpacket: 16
[  429.376701][ T1025] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  429.380198][ T1025] usb 5-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  429.395701][   T24] usb usb42-port1: attempt power cycle
[  429.673031][ T1025] usb 5-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  429.678908][ T1025] usb 5-1: config 1 interface 0 has no altsetting 0
[  429.693755][T12416] netlink: 'syz.1.1795': attribute type 10 has an invalid length.
[  429.696342][T12416] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1795'.
[  429.699503][T12416] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  429.702219][ T1025] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  429.708473][ T1025] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.720814][ T1025] usb 5-1: Product: syz
[  429.722783][ T1025] usb 5-1: Manufacturer: syz
[  429.724787][ T1025] usb 5-1: SerialNumber: syz
[  429.751875][T12416] netlink: 'syz.1.1795': attribute type 1 has an invalid length.
[  429.754899][T12416] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1795'.
[  429.892532][ T6058] usb usb44-port1: unable to enumerate USB device
[  429.952631][   T24] usb usb42-port1: unable to enumerate USB device
[  429.977826][ T1025] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 24 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  429.981056][ T1025] usb 5-1: USB disconnect, device number 24
[  429.982358][ T1025] usblp0: removed
[  429.993261][   T40] audit: type=1326 audit(1765561173.605:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12419 comm="syz.2.1797" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70dd579 code=0x0
[  430.145620][T12435] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  430.148458][T12435] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  430.152325][T12435] vhci_hcd vhci_hcd.0: Device attached
[  430.422750][ T6058] usb 44-1: SetAddress Request (42) to port 0
[  430.425153][ T6058] usb 44-1: new SuperSpeed USB device number 42 using vhci_hcd
[  430.716854][T12436] vhci_hcd: connection reset by peer
[  430.719115][ T6479] vhci_hcd vhci_hcd.3: stop threads
[  430.721027][ T6479] vhci_hcd vhci_hcd.3: release socket
[  430.723025][ T6479] vhci_hcd vhci_hcd.3: disconnect device
[  430.802651][   T34] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  430.902692][ T6135] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  430.952611][   T34] usb 5-1: Using ep0 maxpacket: 16
[  430.956662][   T34] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  430.961286][   T34] usb 5-1: config 0 interface 0 has no altsetting 0
[  430.964007][   T34] usb 5-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  430.967018][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.972861][   T34] usb 5-1: config 0 descriptor??
[  431.067399][ T6135] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  431.071440][ T6135] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  431.074645][T12443] random: crng reseeded on system resumption
[  431.075030][ T6135] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  431.080682][ T6135] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.088772][T12441] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  431.093732][ T6135] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  431.138364][T12444] netlink: 'syz.1.1803': attribute type 10 has an invalid length.
[  431.298035][T12441] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  431.301817][T12441] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  431.312430][T12440] delete_channel: no stack
[  431.314286][  T144] usb 7-1: USB disconnect, device number 33
[  431.399080][   T34] nzxt-smart2 0003:1E71:2009.000B: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.0-1/input0
[  431.665994][T12439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  431.668781][T12439] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  431.678791][T12439] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1801'.
[  431.791699][  T144] usb 5-1: USB disconnect, device number 25
[  432.400275][T12463] netlink: 'syz.0.1809': attribute type 1 has an invalid length.
[  432.411581][T12463] 8021q: adding VLAN 0 to HW filter on device bond7
[  432.496619][T12463] bond7: (slave veth21): Enslaving as an active interface with an up link
[  432.508434][T12465] bond7: (slave dummy0): Enslaving as an active interface with an up link
[  432.560967][T12452] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  432.563077][T12452] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  432.566634][T12452] vhci_hcd vhci_hcd.0: Device attached
[  432.570030][T12452] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.572757][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.598374][T12463] bond7 (unregistering): (slave veth21): Releasing backup interface
[  432.602626][T12463] bond7 (unregistering): (slave dummy0): Releasing backup interface
[  432.607020][T12463] bond7 (unregistering): Released all slaves
[  432.684932][T12466] vhci_hcd: connection closed
[  432.685143][   T60] vhci_hcd vhci_hcd.1: stop threads
[  432.689222][   T60] vhci_hcd vhci_hcd.1: release socket
[  432.690989][   T60] vhci_hcd vhci_hcd.1: disconnect device
[  432.743735][ T5959] Bluetooth: hci3: command 0x0406 tx timeout
[  432.935880][T12474] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  432.938076][T12474] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  432.940904][T12474] vhci_hcd vhci_hcd.0: Device attached
[  433.163878][T12480] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  433.165898][T12480] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  433.173919][T12480] vhci_hcd vhci_hcd.0: Device attached
[  433.203793][  T144] usb 38-1: SetAddress Request (34) to port 0
[  433.206192][  T144] usb 38-1: new SuperSpeed USB device number 34 using vhci_hcd
[  433.226972][T12476] vhci_hcd: connection reset by peer
[  433.229425][ T6479] vhci_hcd vhci_hcd.0: stop threads
[  433.231446][ T6479] vhci_hcd vhci_hcd.0: release socket
[  433.234044][ T6479] vhci_hcd vhci_hcd.0: disconnect device
[  433.465111][   T34] usb 42-1: SetAddress Request (34) to port 0
[  433.470842][   T34] usb 42-1: new SuperSpeed USB device number 34 using vhci_hcd
[  433.778290][T12481] vhci_hcd: connection reset by peer
[  433.786458][ T6771] vhci_hcd vhci_hcd.2: stop threads
[  433.789116][ T6771] vhci_hcd vhci_hcd.2: release socket
[  433.792018][ T6771] vhci_hcd vhci_hcd.2: disconnect device
[  433.864666][   T53] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  434.039495][   T53] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  434.044030][   T53] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  434.048558][   T53] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  434.052524][   T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.078251][T12489] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  434.124926][   T53] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  434.318161][T12489] FAULT_INJECTION: forcing a failure.
[  434.318161][T12489] name failslab, interval 1, probability 0, space 0, times 0
[  434.322405][T12489] CPU: 0 UID: 0 PID: 12489 Comm: syz.0.1815 Not tainted syzkaller #0 PREEMPT(full) 
[  434.322421][T12489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  434.322429][T12489] Call Trace:
[  434.322434][T12489]  <TASK>
[  434.322440][T12489]  dump_stack_lvl+0x16c/0x1f0
[  434.322458][T12489]  should_fail_ex+0x512/0x640
[  434.322476][T12489]  ? kmem_cache_alloc_noprof+0x62/0x770
[  434.322498][T12489]  should_failslab+0xc2/0x120
[  434.322522][T12489]  kmem_cache_alloc_noprof+0x83/0x770
[  434.322541][T12489]  ? security_file_alloc+0x34/0x2b0
[  434.322566][T12489]  ? security_file_alloc+0x34/0x2b0
[  434.322582][T12489]  security_file_alloc+0x34/0x2b0
[  434.322601][T12489]  init_file+0x93/0x4c0
[  434.322620][T12489]  alloc_empty_file+0x73/0x1e0
[  434.322637][T12489]  path_openat+0xde/0x3140
[  434.322653][T12489]  ? __do_fast_syscall_32+0xe8/0x680
[  434.322667][T12489]  ? do_fast_syscall_32+0x32/0x80
[  434.322681][T12489]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  434.322699][T12489]  ? __pfx_path_openat+0x10/0x10
[  434.322717][T12489]  ? __lock_acquire+0x436/0x2890
[  434.322729][T12489]  do_filp_open+0x20b/0x470
[  434.322746][T12489]  ? __pfx_do_filp_open+0x10/0x10
[  434.322771][T12489]  ? _raw_spin_unlock+0x28/0x50
[  434.322784][T12489]  ? alloc_fd+0x471/0x7d0
[  434.322803][T12489]  do_sys_openat2+0x11f/0x280
[  434.322815][T12489]  ? __pfx_do_sys_openat2+0x10/0x10
[  434.322828][T12489]  ? __fget_files+0x20e/0x3c0
[  434.322846][T12489]  __ia32_compat_sys_openat+0x16d/0x210
[  434.322859][T12489]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  434.322872][T12489]  ? ksys_write+0x1ac/0x250
[  434.322891][T12489]  __do_fast_syscall_32+0xe8/0x680
[  434.322907][T12489]  do_fast_syscall_32+0x32/0x80
[  434.322921][T12489]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  434.322940][T12489] RIP: 0023:0xf700d579
[  434.322949][T12489] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  434.322960][T12489] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  434.322976][T12489] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000240
[  434.322983][T12489] RDX: 00000000000c2882 RSI: 0000000000000000 RDI: 0000000000000000
[  434.322990][T12489] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  434.322999][T12489] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  434.323005][T12489] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  434.323019][T12489]  </TASK>
[  434.456191][T12488] delete_channel: no stack
[  434.500572][   T53] usb 5-1: USB disconnect, device number 26
[  435.464971][ T6058] usb 44-1: device descriptor read/8, error -110
[  435.875900][ T6058] usb usb44-port1: attempt power cycle
[  436.005482][ T7201] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  436.035311][ T6271] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  436.085244][ T6135] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  436.155282][ T7201] usb 8-1: Using ep0 maxpacket: 16
[  436.158289][ T7201] usb 8-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  436.161762][ T7201] usb 8-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  436.164952][ T7201] usb 8-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  436.169390][ T7201] usb 8-1: config 1 interface 0 has no altsetting 0
[  436.173577][ T7201] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  436.176611][ T7201] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.179217][ T7201] usb 8-1: Product: syz
[  436.180597][ T7201] usb 8-1: Manufacturer: syz
[  436.182158][ T7201] usb 8-1: SerialNumber: syz
[  436.195170][ T6271] usb 5-1: Using ep0 maxpacket: 16
[  436.198689][ T6271] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  436.202279][ T6271] usb 5-1: config 0 interface 0 has no altsetting 0
[  436.204604][ T6271] usb 5-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  436.207643][ T6271] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.212478][ T6271] usb 5-1: config 0 descriptor??
[  436.235224][ T6135] usb 7-1: Using ep0 maxpacket: 16
[  436.238217][ T6135] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  436.241990][ T6135] usb 7-1: config 0 interface 0 has no altsetting 0
[  436.244180][ T6135] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  436.247300][ T6135] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.251112][ T6135] usb 7-1: config 0 descriptor??
[  436.360160][T12509] random: crng reseeded on system resumption
[  436.396556][ T7201] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 24 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  436.405857][ T7201] usb 8-1: USB disconnect, device number 24
[  436.414676][ T7201] usblp0: removed
[  436.421229][T12510] netlink: 'syz.1.1823': attribute type 10 has an invalid length.
[  436.447031][ T6058] usb usb44-port1: unable to enumerate USB device
[  436.627862][ T6271] nzxt-smart2 0003:1E71:2009.000C: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.0-1/input0
[  436.674799][ T6135] nzxt-smart2 0003:1E71:2009.000D: hidraw1: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0
[  436.824613][T12505] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  436.828473][T12505] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  436.833804][T12505] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1821'.
[  436.843662][ T6271] usb 5-1: USB disconnect, device number 27
[  436.868790][T12507] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  436.871766][T12507] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  436.891388][T12507] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1822'.
[  436.971777][ T6058] usb 7-1: USB disconnect, device number 34
[  437.150714][   T40] audit: type=1326 audit(1765561180.752:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12517 comm="syz.3.1825" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd2579 code=0x0
[  438.269497][  T144] usb 38-1: device descriptor read/8, error -110
[  438.586527][   T34] usb 42-1: device descriptor read/8, error -110
[  438.655193][T12544] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1831'.
[  438.686908][  T144] usb usb38-port1: attempt power cycle
[  438.729019][T12546] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  438.731139][T12546] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  438.733892][T12546] vhci_hcd vhci_hcd.0: Device attached
[  438.738761][ T5959] Bluetooth: hci1: unexpected event for opcode 0x080c
[  438.756079][T12551] netlink: 'syz.1.1832': attribute type 10 has an invalid length.
[  438.977558][   T34] usb usb42-port1: attempt power cycle
[  439.006658][ T6135] usb 44-1: SetAddress Request (46) to port 0
[  439.008859][ T6135] usb 44-1: new SuperSpeed USB device number 46 using vhci_hcd
[  439.111681][T12536] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  439.114674][T12536] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  439.125749][T12536] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  439.128533][T12536] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  439.134557][T12536] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  439.139299][T12536] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  439.141438][T12536] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  439.149805][ T5946] Bluetooth: hci4: sending frame failed (-49)
[  439.152981][ T5959] Bluetooth: hci4: Entering manufacturer mode failed (-49)
[  439.165049][T12549] vhci_hcd: connection reset by peer
[  439.174639][  T222] vhci_hcd vhci_hcd.3: stop threads
[  439.176456][  T222] vhci_hcd vhci_hcd.3: release socket
[  439.179438][  T222] vhci_hcd vhci_hcd.3: disconnect device
[  439.267133][  T144] usb usb38-port1: unable to enumerate USB device
[  439.430839][   T24] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  439.444193][T12560] netlink: 'syz.2.1836': attribute type 10 has an invalid length.
[  439.447595][T12560] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1836'.
[  439.451670][T12560] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  439.486797][ T6030] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  439.533541][T12560] netlink: 'syz.2.1836': attribute type 1 has an invalid length.
[  439.536969][T12560] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1836'.
[  439.567759][   T34] usb usb42-port1: unable to enumerate USB device
[  439.586874][   T24] usb 6-1: Using ep0 maxpacket: 16
[  439.590368][   T24] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  439.593569][   T24] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  439.598831][   T24] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  439.604526][   T24] usb 6-1: config 1 interface 0 has no altsetting 0
[  439.611147][   T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  439.614148][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.616744][   T24] usb 6-1: Product: syz
[  439.627204][   T24] usb 6-1: Manufacturer: syz
[  439.628772][   T24] usb 6-1: SerialNumber: syz
[  439.646952][ T6030] usb 5-1: Using ep0 maxpacket: 16
[  439.651782][ T6030] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  439.656492][ T6030] usb 5-1: config 0 interface 0 has no altsetting 0
[  439.662156][ T6030] usb 5-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  439.662723][T12562] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1837'.
[  439.665675][ T6030] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.675973][ T6030] usb 5-1: config 0 descriptor??
[  439.892199][   T24] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 34 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  440.065321][ T6271] usb 6-1: USB disconnect, device number 34
[  440.080124][ T6271] usblp0: removed
[  440.159346][ T6030] nzxt-smart2 0003:1E71:2009.000E: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.0-1/input0
[  440.345734][T12556] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  440.347717][ T5946] Bluetooth: hci0: command 0x0406 tx timeout
[  440.351609][T12556] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  440.360917][T12556] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1834'.
[  440.390790][ T6271] usb 5-1: USB disconnect, device number 28
[  440.872282][T12584] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  440.874482][T12584] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  440.878689][T12584] vhci_hcd vhci_hcd.0: Device attached
[  440.947895][T12588] Cannot find set identified by id 3 to match
[  441.003797][T12590] netlink: 'syz.0.1845': attribute type 10 has an invalid length.
[  441.006368][T12590] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1845'.
[  441.010798][T12590] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  441.127949][T12590] netlink: 'syz.0.1845': attribute type 1 has an invalid length.
[  441.131684][T12590] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1845'.
[  441.148463][ T5959] Bluetooth: hci1: command 0x0406 tx timeout
[  441.157841][ T5959] Bluetooth: hci3: command 0x0406 tx timeout
[  441.178058][ T6271] usb 40-1: SetAddress Request (38) to port 0
[  441.181652][ T6271] usb 40-1: new SuperSpeed USB device number 38 using vhci_hcd
[  441.719874][T12585] vhci_hcd: connection reset by peer
[  441.724179][ T6771] vhci_hcd vhci_hcd.1: stop threads
[  441.726314][ T6771] vhci_hcd vhci_hcd.1: release socket
[  441.730240][ T6771] vhci_hcd vhci_hcd.1: disconnect device
[  441.793113][T12595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1847'.
[  441.934245][T12600] FAULT_INJECTION: forcing a failure.
[  441.934245][T12600] name failslab, interval 1, probability 0, space 0, times 0
[  441.939288][T12600] CPU: 0 UID: 0 PID: 12600 Comm: syz.2.1848 Not tainted syzkaller #0 PREEMPT(full) 
[  441.939314][T12600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  441.939326][T12600] Call Trace:
[  441.939334][T12600]  <TASK>
[  441.939344][T12600]  dump_stack_lvl+0x16c/0x1f0
[  441.939371][T12600]  should_fail_ex+0x512/0x640
[  441.939400][T12600]  ? fs_reclaim_acquire+0xae/0x150
[  441.939430][T12600]  should_failslab+0xc2/0x120
[  441.939458][T12600]  __kmalloc_noprof+0xeb/0x910
[  441.939480][T12600]  ? tomoyo_encode2+0x100/0x3e0
[  441.939505][T12600]  ? tomoyo_encode2+0x100/0x3e0
[  441.939525][T12600]  tomoyo_encode2+0x100/0x3e0
[  441.939550][T12600]  tomoyo_encode+0x29/0x50
[  441.939569][T12600]  tomoyo_realpath_from_path+0x18f/0x6e0
[  441.939598][T12600]  tomoyo_path_number_perm+0x245/0x580
[  441.939628][T12600]  ? tomoyo_path_number_perm+0x237/0x580
[  441.939658][T12600]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  441.939713][T12600]  ? find_held_lock+0x2b/0x80
[  441.939737][T12600]  ? hook_file_ioctl_common+0x144/0x410
[  441.939762][T12600]  ? __fget_files+0x20e/0x3c0
[  441.939786][T12600]  ? fput+0x40/0xf0
[  441.939808][T12600]  security_file_ioctl_compat+0x9b/0x240
[  441.939829][T12600]  __ia32_compat_sys_ioctl+0xc3/0x370
[  441.939855][T12600]  __do_fast_syscall_32+0xe8/0x680
[  441.939882][T12600]  do_fast_syscall_32+0x32/0x80
[  441.939907][T12600]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  441.939931][T12600] RIP: 0023:0xf70dd579
[  441.939946][T12600] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  441.939964][T12600] RSP: 002b:00000000f548b55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  441.939984][T12600] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005412
[  441.939997][T12600] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  441.940008][T12600] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  441.940019][T12600] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  441.940031][T12600] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  441.940057][T12600]  </TASK>
[  441.940084][T12600] ERROR: Out of memory at tomoyo_realpath_from_path.
[  442.434621][   T40] audit: type=1326 audit(1765561186.029:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12607 comm="syz.0.1851" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700d579 code=0x0
[  442.661921][T12597] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  442.666200][T12597] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  442.669194][T12597] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  443.079457][T12621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1854'.
[  443.168814][   T34] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  443.328721][   T34] usb 8-1: Using ep0 maxpacket: 16
[  443.332773][   T34] usb 8-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  443.337312][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  443.342434][   T34] usb 8-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  443.346477][   T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.352873][   T34] usb 8-1: config 0 descriptor??
[  443.771644][   T34] nzxt-smart2 0003:1E71:2009.000F: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0
[  443.950913][ T5946] Bluetooth: hci0: command 0x0406 tx timeout
[  443.965313][T12619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  443.969238][T12619] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  443.979057][T12619] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1853'.
[  444.014118][   T34] usb 8-1: USB disconnect, device number 25
[  444.109289][ T6135] usb 44-1: device descriptor read/8, error -110
[  444.144816][T12635] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  444.147750][T12635] overlayfs: missing 'lowerdir'
[  444.162909][T12635] program syz.0.1856 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  444.489268][ T1025] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  444.509802][ T6135] usb usb44-port1: attempt power cycle
[  444.639910][ T1025] usb 5-1: Using ep0 maxpacket: 32
[  444.644198][ T1025] usb 5-1: config 4 has an invalid descriptor of length 49, skipping remainder of the config
[  444.647908][ T1025] usb 5-1: config 4 has 0 interfaces, different from the descriptor's value: 9
[  444.653252][ T1025] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  444.656669][ T1025] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  444.659710][ T1025] usb 5-1: Product: syz
[  444.661262][ T1025] usb 5-1: Manufacturer: syz
[  444.662935][ T1025] usb 5-1: SerialNumber: syz
[  444.669382][ T5946] Bluetooth: hci1: command 0x0406 tx timeout
[  444.749346][ T5959] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  444.749484][ T5949] Bluetooth: hci4: command 0xfc11 tx timeout
[  444.755199][ T5946] Bluetooth: hci3: command 0x0406 tx timeout
[  444.819400][ T7201] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  444.839228][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  444.971742][ T7201] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  444.975257][ T7201] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  444.978201][ T7201] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  444.981015][ T7201] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.989700][T12637] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  445.017745][   T40] audit: type=1326 audit(1765561188.608:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12638 comm="syz.1.1858" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x0
[  445.030779][ T7201] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  445.058521][T12640] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.062115][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.148548][ T6135] usb usb44-port1: unable to enumerate USB device
[  445.340478][ T7201] usb 8-1: USB disconnect, device number 26
[  445.354912][T12636] delete_channel: no stack
[  446.084299][T12659] netlink: 'syz.1.1864': attribute type 10 has an invalid length.
[  446.087774][T12659] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1864'.
[  446.092292][T12659] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  446.270461][ T6271] usb 40-1: device descriptor read/8, error -110
[  446.306136][T12659] netlink: 'syz.1.1864': attribute type 1 has an invalid length.
[  446.309890][T12659] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1864'.
[  446.429181][T12662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1865'.
[  446.661170][ T6271] usb usb40-port1: attempt power cycle
[  446.750446][ T5946] Bluetooth: hci1: command 0x0406 tx timeout
[  447.057586][ T1025] usb 5-1: USB disconnect, device number 29
[  447.241462][ T6271] usb usb40-port1: unable to enumerate USB device
[  447.249377][   T40] audit: type=1326 audit(1765561190.837:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12666 comm="syz.0.1867" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700d579 code=0x0
[  447.863323][T12677] random: crng reseeded on system resumption
[  447.868342][T12677] netlink: 'syz.2.1869': attribute type 10 has an invalid length.
[  447.871591][T12677] siw: device registration error -23
[  448.215182][   T40] audit: type=1326 audit(1765561191.816:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12679 comm="syz.0.1870" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700d579 code=0x0
[  448.351126][T12693] netlink: 'syz.2.1873': attribute type 10 has an invalid length.
[  448.354491][T12693] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1873'.
[  448.358307][T12693] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  448.402114][T12694] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1874'.
[  448.431766][T12693] netlink: 'syz.2.1873': attribute type 1 has an invalid length.
[  448.434381][T12693] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1873'.
[  448.439982][T12696] random: crng reseeded on system resumption
[  448.448102][T12696] netlink: 'syz.1.1875': attribute type 10 has an invalid length.
[  449.067500][   T40] audit: type=1326 audit(1765561192.666:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12705 comm="syz.0.1878" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700d579 code=0x0
[  449.791890][ T7201] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  449.802504][T12718] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  449.805310][T12718] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  449.808886][T12718] vhci_hcd vhci_hcd.0: Device attached
[  449.941917][ T7201] usb 6-1: Using ep0 maxpacket: 16
[  449.945752][ T7201] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  449.949300][ T7201] usb 6-1: config 0 interface 0 has no altsetting 0
[  449.951421][ T7201] usb 6-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  449.954985][ T7201] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.958891][ T7201] usb 6-1: config 0 descriptor??
[  450.081959][ T6271] usb 42-1: SetAddress Request (38) to port 0
[  450.084075][ T6271] usb 42-1: new SuperSpeed USB device number 38 using vhci_hcd
[  450.381302][ T7201] nzxt-smart2 0003:1E71:2009.0010: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  450.426111][T12724] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  450.435640][T12724] Error validating options; rc = [-22]
[  450.528891][T12719] vhci_hcd: connection reset by peer
[  450.533548][ T6095] vhci_hcd vhci_hcd.2: stop threads
[  450.536077][ T6095] vhci_hcd vhci_hcd.2: release socket
[  450.539023][ T6095] vhci_hcd vhci_hcd.2: disconnect device
[  450.570528][T12715] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  450.604015][T12715] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  450.629958][T12715] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1880'.
[  450.650053][   T34] usb 6-1: USB disconnect, device number 35
[  450.782348][ T6135] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  450.952531][ T6135] usb 5-1: Using ep0 maxpacket: 16
[  450.955753][ T6135] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  450.958976][ T6135] usb 5-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  450.962077][ T6135] usb 5-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  450.967767][ T6135] usb 5-1: config 1 interface 0 has no altsetting 0
[  450.973037][ T6135] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  450.976858][ T6135] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.980258][ T6135] usb 5-1: Product: syz
[  450.982100][ T6135] usb 5-1: Manufacturer: syz
[  450.984607][ T6135] usb 5-1: SerialNumber: syz
[  451.149872][T12729] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1883'.
[  451.205728][T12733] netlink: 'syz.1.1885': attribute type 10 has an invalid length.
[  451.208701][T12733] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1885'.
[  451.212904][T12733] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  451.297631][T12733] netlink: 'syz.1.1885': attribute type 1 has an invalid length.
[  451.300795][T12733] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1885'.
[  451.381150][T12735] random: crng reseeded on system resumption
[  451.440538][T12737] netlink: 'syz.1.1886': attribute type 10 has an invalid length.
[  452.283083][ T6010] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  452.311106][T12746] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  452.316819][T12746] Error validating options; rc = [-22]
[  452.444170][ T6010] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  452.448385][ T6010] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  452.484520][ T6010] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  452.491047][ T6010] usb 8-1: config 0 interface 0 has no altsetting 0
[  452.496837][ T6010] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  452.543332][ T6010] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  452.548469][ T6010] usb 8-1: config 0 interface 0 has no altsetting 0
[  452.552728][ T6010] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  452.556672][ T6010] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  452.560702][ T6010] usb 8-1: config 0 interface 0 has no altsetting 0
[  452.567088][ T6010] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  452.593165][   T76] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  452.613781][ T6010] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  452.621211][ T6010] usb 8-1: config 0 interface 0 has no altsetting 0
[  452.627559][ T6010] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  452.633481][ T6010] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  452.643115][ T6010] usb 8-1: config 0 interface 0 has no altsetting 0
[  452.647042][ T6010] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  452.650174][ T6010] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  452.654458][ T6010] usb 8-1: config 0 interface 0 has no altsetting 0
[  452.657922][ T6010] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  452.661435][ T6010] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  452.665517][ T6010] usb 8-1: config 0 interface 0 has no altsetting 0
[  452.669226][ T6010] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  452.672936][ T6010] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  452.677739][ T6010] usb 8-1: config 0 interface 0 has no altsetting 0
[  452.682620][ T6010] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  452.686460][ T6010] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  452.690007][ T6010] usb 8-1: Product: syz
[  452.691821][ T6010] usb 8-1: Manufacturer: syz
[  452.693859][ T6010] usb 8-1: SerialNumber: syz
[  452.698712][ T6010] usb 8-1: config 0 descriptor??
[  452.709296][ T6010] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[  452.753176][   T76] usb 7-1: Using ep0 maxpacket: 16
[  452.757587][   T76] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  452.761803][   T76] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  452.766079][   T76] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  452.771601][   T76] usb 7-1: config 1 interface 0 has no altsetting 0
[  452.776606][   T76] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  452.780398][   T76] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.784466][   T76] usb 7-1: Product: syz
[  452.786408][   T76] usb 7-1: Manufacturer: syz
[  452.788419][   T76] usb 7-1: SerialNumber: syz
[  454.232308][   T40] audit: type=1326 audit(1765561197.823:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12754 comm="syz.0.1890" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700d579 code=0x0
[  455.004449][    C2] usb 8-1: yurex_control_callback - control failed: -2
[  455.007006][    C2] usb 8-1: yurex_control_callback - control failed: -32
[  455.035979][ T6135] usblp 5-1:1.0: usblp1: USB Unidirectional printer dev 30 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  455.056328][ T6135] usb 5-1: USB disconnect, device number 30
[  455.076492][ T6135] usblp1: removed
[  455.154436][ T6271] usb 42-1: device descriptor read/8, error -110
[  455.275753][T12766] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1893'.
[  455.312673][T12768] netlink: 'syz.0.1894': attribute type 10 has an invalid length.
[  455.315381][T12768] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1894'.
[  455.318509][T12768] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  455.385233][T12768] netlink: 'syz.0.1894': attribute type 1 has an invalid length.
[  455.387811][T12768] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1894'.
[  455.461208][T12770] overlayfs: failed lookup in lower (newroot/465, name='file0', err=-40): overlapping layers
[  455.545004][ T6271] usb usb42-port1: attempt power cycle
[  456.049693][   T29] usb 8-1: USB disconnect, device number 27
[  456.066657][   T29] yurex 8-1:0.0: USB YUREX #0 now disconnected
[  456.090027][   T76] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 35 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  456.105245][ T6271] usb usb42-port1: unable to enumerate USB device
[  456.108133][   T76] usb 7-1: USB disconnect, device number 35
[  456.115379][   T76] usblp0: removed
[  456.889940][   T40] audit: type=1326 audit(1765561200.482:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12787 comm="syz.0.1901" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700d579 code=0x0
[  456.995237][  T222] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  457.106810][T12793] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1902'.
[  457.177367][T12799] netlink: 'syz.3.1903': attribute type 10 has an invalid length.
[  457.180830][T12799] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1903'.
[  457.185064][T12799] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  457.256259][T12799] netlink: 'syz.3.1903': attribute type 1 has an invalid length.
[  457.259001][T12799] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1903'.
[  457.425458][ T6271] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  457.547634][T12808] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  457.552750][T12808] Error validating options; rc = [-22]
[  457.576193][ T6271] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  457.581347][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  457.584231][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  457.593692][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  457.602101][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  457.610087][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  457.622147][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  457.656767][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  457.660587][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  457.665107][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  457.669433][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  457.673092][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  457.686000][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  457.693283][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  457.700399][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  457.711191][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  457.718803][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  457.722702][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  457.905805][   T34] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  457.927115][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  457.933059][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  457.985808][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  457.989470][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  457.992932][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  457.999046][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  458.003520][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  458.007415][ T6271] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  458.010488][ T6271] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  458.013388][ T6271] usb 7-1: Product: syz
[  458.015054][ T6271] usb 7-1: Manufacturer: syz
[  458.016802][ T6271] usb 7-1: SerialNumber: syz
[  458.024926][ T6271] usb 7-1: config 0 descriptor??
[  458.034952][ T6271] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  458.075692][   T34] usb 8-1: Using ep0 maxpacket: 16
[  458.121859][   T34] usb 8-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  458.126191][   T34] usb 8-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  458.130312][   T34] usb 8-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  458.145748][   T34] usb 8-1: config 1 interface 0 has no altsetting 0
[  458.153870][   T34] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  458.157822][   T34] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.161115][   T34] usb 8-1: Product: syz
[  458.162826][   T34] usb 8-1: Manufacturer: syz
[  458.165054][   T34] usb 8-1: SerialNumber: syz
[  458.345856][ T6135] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  458.495868][ T6135] usb 6-1: Using ep0 maxpacket: 16
[  458.499654][ T6135] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  458.504185][ T6135] usb 6-1: config 0 interface 0 has no altsetting 0
[  458.507080][ T6135] usb 6-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  458.510646][ T6135] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.515985][ T6135] usb 6-1: config 0 descriptor??
[  458.924566][T12823] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  458.926821][T12823] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  458.930182][T12823] vhci_hcd vhci_hcd.0: Device attached
[  458.936993][ T6135] nzxt-smart2 0003:1E71:2009.0011: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  459.134608][T12815] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  459.138548][T12815] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  459.147700][T12815] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1909'.
[  459.154320][ T6135] usb 6-1: USB disconnect, device number 36
[  459.206283][ T6271] usb 38-1: SetAddress Request (38) to port 0
[  459.208516][ T6271] usb 38-1: new SuperSpeed USB device number 38 using vhci_hcd
[  459.508114][T12824] vhci_hcd: connection reset by peer
[  459.510255][ T4169] vhci_hcd vhci_hcd.0: stop threads
[  459.511976][ T4169] vhci_hcd vhci_hcd.0: release socket
[  459.513808][ T4169] vhci_hcd vhci_hcd.0: disconnect device
[  460.146924][T12830] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1913'.
[  460.174855][    C0] usb 7-1: yurex_control_callback - control failed: -2
[  460.187721][T12832] netlink: 'syz.0.1914': attribute type 10 has an invalid length.
[  460.190220][T12832] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1914'.
[  460.192141][ T6135] usb 7-1: USB disconnect, device number 36
[  460.193224][T12832] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  460.196564][ T6135] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  460.271145][T12832] netlink: 'syz.0.1914': attribute type 1 has an invalid length.
[  460.274461][T12832] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1914'.
[  460.678913][   T40] audit: type=1326 audit(1765561204.270:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12838 comm="syz.0.1916" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700d579 code=0x0
[  461.277284][   T34] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 28 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  461.321339][   T34] usb 8-1: USB disconnect, device number 28
[  461.325161][   T34] usblp0: removed
[  461.757571][   T76] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  461.897516][ T7201] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  461.908050][   T76] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  461.911299][   T76] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  461.914140][   T76] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  461.917564][   T76] usb 6-1: config 0 interface 0 has no altsetting 0
[  461.920611][   T76] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  461.923764][   T76] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  461.927046][   T76] usb 6-1: config 0 interface 0 has no altsetting 0
[  461.930073][   T76] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  461.932909][   T76] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  461.936279][   T76] usb 6-1: config 0 interface 0 has no altsetting 0
[  461.939420][   T76] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  461.942370][   T76] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  461.945705][   T76] usb 6-1: config 0 interface 0 has no altsetting 0
[  461.948692][   T76] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  461.951627][   T76] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  461.955034][   T76] usb 6-1: config 0 interface 0 has no altsetting 0
[  461.959541][   T76] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  461.962403][   T76] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  461.965718][   T76] usb 6-1: config 0 interface 0 has no altsetting 0
[  461.968740][   T76] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  461.975958][   T76] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  461.979465][   T76] usb 6-1: config 0 interface 0 has no altsetting 0
[  461.984713][   T76] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  462.003565][   T76] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  462.007221][   T76] usb 6-1: config 0 interface 0 has no altsetting 0
[  462.019651][   T76] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  462.022697][   T76] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  462.025530][   T76] usb 6-1: Product: syz
[  462.026926][   T76] usb 6-1: Manufacturer: syz
[  462.030699][   T76] usb 6-1: SerialNumber: syz
[  462.038289][   T76] usb 6-1: config 0 descriptor??
[  462.043621][   T76] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  462.058250][ T7201] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  462.064912][ T7201] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  462.072264][ T7201] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  462.076947][ T7201] usb 8-1: config 0 interface 0 has no altsetting 0
[  462.081060][ T7201] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  462.084600][ T7201] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  462.089174][ T7201] usb 8-1: config 0 interface 0 has no altsetting 0
[  462.092952][ T7201] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  462.096919][ T7201] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  462.104211][ T7201] usb 8-1: config 0 interface 0 has no altsetting 0
[  462.110503][ T7201] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  462.114092][ T7201] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  462.119375][ T7201] usb 8-1: config 0 interface 0 has no altsetting 0
[  462.124313][ T7201] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  462.130515][ T7201] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  462.134181][ T7201] usb 8-1: config 0 interface 0 has no altsetting 0
[  462.139954][ T7201] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  462.143302][ T7201] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  462.146725][ T7201] usb 8-1: config 0 interface 0 has no altsetting 0
[  462.151013][ T7201] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  462.154318][ T7201] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  462.158680][ T7201] usb 8-1: config 0 interface 0 has no altsetting 0
[  462.162678][ T7201] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  462.165899][ T7201] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  462.169850][ T7201] usb 8-1: config 0 interface 0 has no altsetting 0
[  462.176451][ T7201] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  462.179846][ T7201] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  462.182580][ T7201] usb 8-1: Product: syz
[  462.183946][ T7201] usb 8-1: Manufacturer: syz
[  462.185395][ T7201] usb 8-1: SerialNumber: syz
[  462.196430][ T7201] usb 8-1: config 0 descriptor??
[  462.228425][ T7201] yurex 8-1:0.0: USB YUREX device now attached to Yurex #1
[  462.889155][T12880] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  462.893938][T12880] Error validating options; rc = [-22]
[  462.999718][T12883] random: crng reseeded on system resumption
[  463.010312][T12883] netlink: 'syz.2.1927': attribute type 10 has an invalid length.
[  463.015017][T12883] siw: device registration error -23
[  463.243183][ T7201] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  463.408362][ T7201] usb 5-1: Using ep0 maxpacket: 16
[  463.428265][ T7201] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  463.432886][ T7201] usb 5-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  463.437229][ T7201] usb 5-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  463.442712][ T7201] usb 5-1: config 1 interface 0 has no altsetting 0
[  463.449697][ T7201] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  463.454888][ T7201] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.457337][ T7201] usb 5-1: Product: syz
[  463.462963][ T7201] usb 5-1: Manufacturer: syz
[  463.464476][ T7201] usb 5-1: SerialNumber: syz
[  464.278770][ T6271] usb 38-1: device descriptor read/8, error -110
[  464.439088][    C1] usb 6-1: yurex_control_callback - control failed: -2
[  464.441416][    C1] usb 6-1: yurex_control_callback - control failed: -32
[  464.679693][ T6271] usb usb38-port1: attempt power cycle
[  464.838825][ T6010] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  464.989013][ T6010] usb 7-1: Using ep0 maxpacket: 16
[  464.992598][ T6010] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  464.996914][ T6010] usb 7-1: config 0 interface 0 has no altsetting 0
[  464.999654][ T6010] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  465.003247][ T6010] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.008443][ T6010] usb 7-1: config 0 descriptor??
[  465.241014][ T6271] usb usb38-port1: unable to enumerate USB device
[  465.418202][ T6010] nzxt-smart2 0003:1E71:2009.0012: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0
[  465.480115][ T6135] usb 6-1: USB disconnect, device number 37
[  465.485619][ T6271] usb 8-1: USB disconnect, device number 29
[  465.501888][ T6271] yurex 8-1:0.0: USB YUREX #1 now disconnected
[  465.501888][ T6135] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  465.625853][T12895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  465.647488][T12895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  465.753072][T12895] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1931'.
[  465.992866][ T7201] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 31 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  466.041923][ T7201] usb 5-1: USB disconnect, device number 31
[  466.107413][ T7201] usblp0: removed
[  466.189178][ T6271] usb 7-1: USB disconnect, device number 37
[  466.751536][T12913] overlayfs: failed lookup in lower (newroot/455, name='file0', err=-40): overlapping layers
[  468.140445][ T6135] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  468.292882][ T6135] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  468.299924][ T6135] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.306040][ T6135] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.315566][ T6135] usb 7-1: config 0 interface 0 has no altsetting 0
[  468.321400][ T6135] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.324675][ T6135] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.328768][ T6135] usb 7-1: config 0 interface 0 has no altsetting 0
[  468.335318][ T6135] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.339453][ T6135] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.342939][ T6135] usb 7-1: config 0 interface 0 has no altsetting 0
[  468.349165][ T6135] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.353190][ T6135] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.357496][ T6135] usb 7-1: config 0 interface 0 has no altsetting 0
[  468.364072][ T6135] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.371487][ T6135] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.375089][ T6135] usb 7-1: config 0 interface 0 has no altsetting 0
[  468.380471][ T6135] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.384206][ T6135] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.388195][ T6135] usb 7-1: config 0 interface 0 has no altsetting 0
[  468.393958][ T6135] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.398085][ T6135] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.401539][ T6135] usb 7-1: config 0 interface 0 has no altsetting 0
[  468.407725][ T6135] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.417431][ T6135] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.424004][ T6135] usb 7-1: config 0 interface 0 has no altsetting 0
[  468.434079][ T6135] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  468.438091][ T6135] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  468.443937][ T6135] usb 7-1: Product: syz
[  468.449123][ T6135] usb 7-1: Manufacturer: syz
[  468.453379][ T6135] usb 7-1: SerialNumber: syz
[  468.492989][ T6135] usb 7-1: config 0 descriptor??
[  468.539598][ T6135] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  468.818253][T12942] random: crng reseeded on system resumption
[  468.824520][T12942] netlink: 'syz.0.1945': attribute type 10 has an invalid length.
[  468.826623][T12944] netlink: 'syz.3.1946': attribute type 10 has an invalid length.
[  468.827498][T12942] siw: device registration error -23
[  468.830368][T12944] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1946'.
[  468.838844][T12944] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  469.908430][T12958] netlink: 'syz.3.1949': attribute type 10 has an invalid length.
[  469.911002][T12958] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1949'.
[  469.914571][T12958] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  470.152430][T12961] random: crng reseeded on system resumption
[  470.159974][T12961] netlink: 'syz.3.1951': attribute type 10 has an invalid length.
[  470.227346][T12966] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1952'.
[  470.316861][T12970] FAULT_INJECTION: forcing a failure.
[  470.316861][T12970] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  470.321092][T12970] CPU: 1 UID: 0 PID: 12970 Comm: syz.3.1953 Not tainted syzkaller #0 PREEMPT(full) 
[  470.321107][T12970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  470.321115][T12970] Call Trace:
[  470.321120][T12970]  <TASK>
[  470.321126][T12970]  dump_stack_lvl+0x16c/0x1f0
[  470.321144][T12970]  should_fail_ex+0x512/0x640
[  470.321165][T12970]  _copy_from_iter+0x2a4/0x16c0
[  470.321186][T12970]  ? __pfx__copy_from_iter+0x10/0x10
[  470.321202][T12970]  ? __lock_acquire+0x436/0x2890
[  470.321216][T12970]  ? find_held_lock+0x2b/0x80
[  470.321232][T12970]  tun_get_user+0x3c7/0x3cc0
[  470.321269][T12970]  ? __pfx_tun_get_user+0x10/0x10
[  470.321286][T12970]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  470.321302][T12970]  ? find_held_lock+0x2b/0x80
[  470.321316][T12970]  ? tun_get+0x191/0x370
[  470.321334][T12970]  tun_chr_write_iter+0xdc/0x210
[  470.321352][T12970]  vfs_write+0x7d3/0x11d0
[  470.321368][T12970]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  470.321387][T12970]  ? __pfx_vfs_write+0x10/0x10
[  470.321401][T12970]  ? find_held_lock+0x2b/0x80
[  470.321423][T12970]  ksys_write+0x12a/0x250
[  470.321438][T12970]  ? __pfx_ksys_write+0x10/0x10
[  470.321453][T12970]  ? fput+0x70/0xf0
[  470.321466][T12970]  __do_fast_syscall_32+0xe8/0x680
[  470.321482][T12970]  do_fast_syscall_32+0x32/0x80
[  470.321497][T12970]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  470.321511][T12970] RIP: 0023:0xf7fd2579
[  470.321520][T12970] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  470.321532][T12970] RSP: 002b:00000000f54c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  470.321542][T12970] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380
[  470.321549][T12970] RDX: 0000000000000ffe RSI: 0000000000000000 RDI: 0000000000000000
[  470.321556][T12970] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  470.321562][T12970] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  470.321568][T12970] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  470.321582][T12970]  </TASK>
[  470.491047][T12975] netlink: 'syz.1.1955': attribute type 10 has an invalid length.
[  470.493825][T12975] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1955'.
[  470.497023][T12975] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  470.761937][    C2] usb 7-1: yurex_control_callback - control failed: -2
[  470.764295][    C2] usb 7-1: yurex_control_callback - control failed: -2
[  470.783691][ T6271] usb 7-1: USB disconnect, device number 38
[  470.788119][ T6271] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  471.476667][T12996] random: crng reseeded on system resumption
[  471.536036][T12996] netlink: 'syz.0.1961': attribute type 10 has an invalid length.
[  471.581157][T13003] 9pnet_virtio: no channels available for device syz
[  471.636605][T13007] netlink: 'syz.3.1965': attribute type 10 has an invalid length.
[  471.639688][T13007] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1965'.
[  471.643785][T13007] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  471.713920][T13011] FAULT_INJECTION: forcing a failure.
[  471.713920][T13011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  471.719641][T13011] CPU: 2 UID: 0 PID: 13011 Comm: syz.1.1966 Not tainted syzkaller #0 PREEMPT(full) 
[  471.719665][T13011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  471.719676][T13011] Call Trace:
[  471.719684][T13011]  <TASK>
[  471.719691][T13011]  dump_stack_lvl+0x16c/0x1f0
[  471.719719][T13011]  should_fail_ex+0x512/0x640
[  471.719751][T13011]  _copy_to_user+0x32/0xd0
[  471.719781][T13011]  simple_read_from_buffer+0xcb/0x170
[  471.719810][T13011]  proc_fail_nth_read+0x197/0x240
[  471.719848][T13011]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  471.719879][T13011]  ? rw_verify_area+0xcf/0x6c0
[  471.719901][T13011]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  471.719930][T13011]  vfs_read+0x1e4/0xcf0
[  471.719957][T13011]  ? __pfx___mutex_lock+0x10/0x10
[  471.719983][T13011]  ? __pfx_vfs_read+0x10/0x10
[  471.720006][T13011]  ? find_held_lock+0x2b/0x80
[  471.720036][T13011]  ? __fget_files+0x20e/0x3c0
[  471.720069][T13011]  ksys_read+0x12a/0x250
[  471.720094][T13011]  ? __pfx_ksys_read+0x10/0x10
[  471.720119][T13011]  ? __secure_computing+0x21c/0x320
[  471.720165][T13011]  __do_fast_syscall_32+0xe8/0x680
[  471.720195][T13011]  do_fast_syscall_32+0x32/0x80
[  471.720219][T13011]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  471.720243][T13011] RIP: 0023:0xf7ff3579
[  471.720258][T13011] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  471.720275][T13011] RSP: 002b:00000000f54e6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  471.720292][T13011] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f54e6620
[  471.720304][T13011] RDX: 000000000000000f RSI: 00000000f7486ff4 RDI: 0000000000000000
[  471.720315][T13011] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  471.720325][T13011] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  471.720336][T13011] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  471.720361][T13011]  </TASK>
[  471.982666][   T34] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  472.222892][   T34] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  472.227169][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  472.231055][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  472.235954][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  472.239620][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  472.243805][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  472.248276][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  472.251932][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  472.256224][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  472.260715][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  472.264721][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  472.268528][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  472.273194][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  472.277640][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  472.281403][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  472.286100][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  472.289703][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  472.293819][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  472.298161][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  472.301743][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  472.306549][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  472.311004][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  472.314657][   T34] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  472.317437][   T34] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  472.320864][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  472.324678][   T34] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  472.327493][   T34] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  472.330099][   T34] usb 8-1: Product: syz
[  472.331405][   T34] usb 8-1: Manufacturer: syz
[  472.333150][   T34] usb 8-1: SerialNumber: syz
[  472.340086][   T34] usb 8-1: config 0 descriptor??
[  472.350170][   T34] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[  472.907257][T13040] netlink: 'syz.1.1975': attribute type 10 has an invalid length.
[  472.910564][T13040] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1975'.
[  472.911079][T13041] random: crng reseeded on system resumption
[  472.916042][T13040] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  472.930169][T13041] netlink: 'syz.2.1976': attribute type 10 has an invalid length.
[  472.976877][T13044] xt_connbytes: Forcing CT accounting to be enabled
[  472.982272][T13044] xt_TPROXY: Can be used only with -p tcp or -p udp
[  473.093716][T13047] FAULT_INJECTION: forcing a failure.
[  473.093716][T13047] name failslab, interval 1, probability 0, space 0, times 0
[  473.102697][T13047] CPU: 1 UID: 0 PID: 13047 Comm: syz.2.1978 Not tainted syzkaller #0 PREEMPT(full) 
[  473.102725][T13047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  473.102737][T13047] Call Trace:
[  473.102745][T13047]  <TASK>
[  473.102753][T13047]  dump_stack_lvl+0x16c/0x1f0
[  473.102783][T13047]  should_fail_ex+0x512/0x640
[  473.102819][T13047]  ? __kmalloc_noprof+0xca/0x910
[  473.102844][T13047]  should_failslab+0xc2/0x120
[  473.102872][T13047]  __kmalloc_noprof+0xeb/0x910
[  473.102894][T13047]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  473.102929][T13047]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  473.102956][T13047]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  473.102988][T13047]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  473.103017][T13047]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  473.103043][T13047]  ? genl_get_cmd+0x194/0x580
[  473.103074][T13047]  ? bpf_lsm_capable+0x9/0x10
[  473.103099][T13047]  ? security_capable+0x7e/0x260
[  473.103130][T13047]  genl_rcv_msg+0x55c/0x800
[  473.103157][T13047]  ? __pfx_genl_rcv_msg+0x10/0x10
[  473.103184][T13047]  ? __pfx_nfc_genl_disable_se+0x10/0x10
[  473.103214][T13047]  ? __lock_acquire+0x436/0x2890
[  473.103237][T13047]  netlink_rcv_skb+0x158/0x420
[  473.103259][T13047]  ? __pfx_genl_rcv_msg+0x10/0x10
[  473.103303][T13047]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  473.103337][T13047]  ? netlink_deliver_tap+0x1ae/0xd30
[  473.103364][T13047]  genl_rcv+0x28/0x40
[  473.103386][T13047]  netlink_unicast+0x5aa/0x870
[  473.103412][T13047]  ? __pfx_netlink_unicast+0x10/0x10
[  473.103434][T13047]  ? __pfx___might_resched+0x10/0x10
[  473.103468][T13047]  netlink_sendmsg+0x8c8/0xdd0
[  473.103496][T13047]  ? __pfx_netlink_sendmsg+0x10/0x10
[  473.103522][T13047]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  473.103554][T13047]  ____sys_sendmsg+0xa5d/0xc30
[  473.103582][T13047]  ? __pfx_____sys_sendmsg+0x10/0x10
[  473.103606][T13047]  ? get_compat_msghdr+0x11a/0x170
[  473.103637][T13047]  ___sys_sendmsg+0x134/0x1d0
[  473.103657][T13047]  ? __pfx____sys_sendmsg+0x10/0x10
[  473.103687][T13047]  ? find_held_lock+0x2b/0x80
[  473.103726][T13047]  __sys_sendmsg+0x16d/0x220
[  473.103746][T13047]  ? __pfx___sys_sendmsg+0x10/0x10
[  473.103782][T13047]  __do_fast_syscall_32+0xe8/0x680
[  473.103815][T13047]  do_fast_syscall_32+0x32/0x80
[  473.103840][T13047]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  473.103863][T13047] RIP: 0023:0xf70dd579
[  473.103878][T13047] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  473.103897][T13047] RSP: 002b:00000000f54cd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  473.103915][T13047] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800004c0
[  473.103927][T13047] RDX: 0000000024000854 RSI: 0000000000000000 RDI: 0000000000000000
[  473.103939][T13047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  473.103950][T13047] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  473.103961][T13047] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  473.103987][T13047]  </TASK>
[  473.302359][T13050] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  473.305094][T13050] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  473.308009][T13050] vhci_hcd vhci_hcd.0: Device attached
[  473.311499][ T5946] Bluetooth: hci0: unexpected event for opcode 0x080c
[  473.592949][   T29] usb 38-1: SetAddress Request (42) to port 0
[  473.597115][   T29] usb 38-1: new SuperSpeed USB device number 42 using vhci_hcd
[  473.805057][T13054] vhci_hcd: connection reset by peer
[  473.807928][ T6146] vhci_hcd vhci_hcd.0: stop threads
[  473.809920][ T6146] vhci_hcd vhci_hcd.0: release socket
[  473.812213][ T6146] vhci_hcd vhci_hcd.0: disconnect device
[  474.436741][   T40] audit: type=1326 audit(1765561218.024:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13069 comm="syz.2.1986" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70dd579 code=0x0
[  474.500156][T13078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1989'.
[  474.651427][T13087] random: crng reseeded on system resumption
[  474.661499][T13087] netlink: 'syz.1.1992': attribute type 10 has an invalid length.
[  474.667733][T13087] siw: device registration error -23
[  474.684454][    C3] usb 8-1: yurex_control_callback - control failed: -2
[  474.687019][    C3] usb 8-1: yurex_control_callback - control failed: -32
[  475.163723][T13094] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1995'.
[  475.501819][T13099] openvswitch: netlink: IP tunnel dst address not specified
[  475.610819][T13105] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2000'.
[  475.721908][ T6010] usb 8-1: USB disconnect, device number 30
[  475.730897][ T6010] yurex 8-1:0.0: USB YUREX #0 now disconnected
[  475.754188][ T6135] usb 7-1: new high-speed USB device number 39 using dummy_hcd
[  475.913892][ T6135] usb 7-1: Using ep0 maxpacket: 8
[  475.917080][ T6135] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  475.920268][ T6135] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  475.923436][ T6135] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  475.927688][ T6135] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  475.932102][ T6135] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  475.936429][ T6135] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.150182][ T6135] usb 7-1: GET_CAPABILITIES returned 0
[  476.153252][ T6135] usbtmc 7-1:16.0: can't read capabilities
[  476.354615][T13099] nbd: illegal input index -1495182229
[  476.358375][   T34] usb 7-1: USB disconnect, device number 39
[  476.689336][T13121] random: crng reseeded on system resumption
[  476.697353][T13121] netlink: 'syz.3.2004': attribute type 10 has an invalid length.
[  477.140635][T13134] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  477.156800][T13134] netlink: 'syz.3.2006': attribute type 4 has an invalid length.
[  477.159599][T13134] netlink: 'syz.3.2006': attribute type 4 has an invalid length.
[  477.424631][   T34] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  477.575420][   T34] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  477.580071][   T34] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  477.583682][   T34] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  477.588540][   T34] usb 5-1: config 0 interface 0 has no altsetting 0
[  477.591553][   T34] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  477.594504][   T34] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  477.598008][   T34] usb 5-1: config 0 interface 0 has no altsetting 0
[  477.601962][   T34] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  477.605272][   T34] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  477.608776][   T34] usb 5-1: config 0 interface 0 has no altsetting 0
[  477.611617][   T34] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  477.614520][   T34] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  477.618142][   T34] usb 5-1: config 0 interface 0 has no altsetting 0
[  477.621787][   T34] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  477.625993][   T34] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  477.631473][   T34] usb 5-1: config 0 interface 0 has no altsetting 0
[  477.635464][   T34] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  477.639501][   T34] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  477.643138][   T34] usb 5-1: config 0 interface 0 has no altsetting 0
[  477.646331][   T34] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  477.649892][   T34] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  477.653321][   T34] usb 5-1: config 0 interface 0 has no altsetting 0
[  477.657558][   T34] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  477.661786][   T34] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  477.666596][   T34] usb 5-1: config 0 interface 0 has no altsetting 0
[  477.671427][   T34] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  477.674695][   T34] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  477.677565][   T34] usb 5-1: Product: syz
[  477.679033][   T34] usb 5-1: Manufacturer: syz
[  477.680600][   T34] usb 5-1: SerialNumber: syz
[  477.683865][   T34] usb 5-1: config 0 descriptor??
[  477.695198][   T34] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  477.877902][T13149] random: crng reseeded on system resumption
[  477.882950][T13149] netlink: 'syz.3.2014': attribute type 10 has an invalid length.
[  477.912880][T13151] FAULT_INJECTION: forcing a failure.
[  477.912880][T13151] name failslab, interval 1, probability 0, space 0, times 0
[  477.918922][T13151] CPU: 1 UID: 0 PID: 13151 Comm: syz.1.2015 Not tainted syzkaller #0 PREEMPT(full) 
[  477.918949][T13151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  477.918962][T13151] Call Trace:
[  477.918968][T13151]  <TASK>
[  477.918976][T13151]  dump_stack_lvl+0x16c/0x1f0
[  477.919004][T13151]  should_fail_ex+0x512/0x640
[  477.919034][T13151]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  477.919062][T13151]  should_failslab+0xc2/0x120
[  477.919090][T13151]  kmem_cache_alloc_node_noprof+0x86/0x800
[  477.919112][T13151]  ? __alloc_skb+0x156/0x410
[  477.919147][T13151]  ? __alloc_skb+0x156/0x410
[  477.919175][T13151]  __alloc_skb+0x156/0x410
[  477.919202][T13151]  ? __alloc_skb+0x35d/0x410
[  477.919230][T13151]  ? __pfx___alloc_skb+0x10/0x10
[  477.919261][T13151]  ? netlink_autobind.isra.0+0x158/0x370
[  477.919291][T13151]  netlink_alloc_large_skb+0x69/0x140
[  477.919315][T13151]  netlink_sendmsg+0x698/0xdd0
[  477.919343][T13151]  ? __pfx_netlink_sendmsg+0x10/0x10
[  477.919368][T13151]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  477.919399][T13151]  ____sys_sendmsg+0xa5d/0xc30
[  477.919426][T13151]  ? __pfx_____sys_sendmsg+0x10/0x10
[  477.919448][T13151]  ? get_compat_msghdr+0x11a/0x170
[  477.919478][T13151]  ___sys_sendmsg+0x134/0x1d0
[  477.919499][T13151]  ? __pfx____sys_sendmsg+0x10/0x10
[  477.919529][T13151]  ? find_held_lock+0x2b/0x80
[  477.919569][T13151]  __sys_sendmsg+0x16d/0x220
[  477.919589][T13151]  ? __pfx___sys_sendmsg+0x10/0x10
[  477.919624][T13151]  __do_fast_syscall_32+0xe8/0x680
[  477.919652][T13151]  do_fast_syscall_32+0x32/0x80
[  477.919676][T13151]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  477.919699][T13151] RIP: 0023:0xf7ff3579
[  477.919714][T13151] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  477.919731][T13151] RSP: 002b:00000000f54e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  477.919754][T13151] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000240
[  477.919767][T13151] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  477.919778][T13151] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  477.919788][T13151] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  477.919799][T13151] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  477.919824][T13151]  </TASK>
[  478.334479][T13163] mkiss: ax0: crc mode is auto.
[  478.685638][   T29] usb 38-1: device descriptor read/8, error -110
[  478.957286][T13167] netlink: 'syz.1.2018': attribute type 10 has an invalid length.
[  478.960640][T13167] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2018'.
[  478.969647][T13167] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  479.076306][   T29] usb usb38-port1: attempt power cycle
[  479.435519][ T6271] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[  479.595595][ T6271] usb 7-1: Using ep0 maxpacket: 16
[  479.599282][ T6271] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  479.603250][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  479.606044][ T6271] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  479.609680][ T6271] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.614370][ T6271] usb 7-1: config 0 descriptor??
[  479.636016][   T29] usb usb38-port1: unable to enumerate USB device
[  479.675649][   T34] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  479.845659][   T34] usb 6-1: Using ep0 maxpacket: 16
[  479.848808][   T34] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  479.852235][   T34] usb 6-1: config 0 interface 0 has no altsetting 0
[  479.854436][   T34] usb 6-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  479.857612][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.862023][   T34] usb 6-1: config 0 descriptor??
[  479.965776][    C3] usb 5-1: yurex_control_callback - control failed: -2
[  479.968562][    C3] usb 5-1: yurex_control_callback - control failed: -32
[  480.030747][ T6271] nzxt-smart2 0003:1E71:2009.0013: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0
[  480.223117][T13182] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  480.229792][T13182] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  480.287005][   T34] nzxt-smart2 0003:1E71:2009.0014: hidraw1: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  480.318710][ T6271] usb 7-1: USB disconnect, device number 40
[  480.473839][T13189] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  480.477810][T13189] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  480.558437][   T34] usb 6-1: USB disconnect, device number 38
[  480.644104][T13202] rdma_rxe: rxe_newlink: failed to add syz_tun
[  480.864159][T13205] netlink: 'syz.2.2031': attribute type 10 has an invalid length.
[  480.867054][T13205] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2031'.
[  480.870857][T13205] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  480.999208][   T34] usb 5-1: USB disconnect, device number 32
[  481.002735][   T34] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  481.155664][T13215] tipc: Can't bind to reserved service type 1
[  481.164072][T13217] random: crng reseeded on system resumption
[  481.172618][T13217] netlink: 'syz.1.2035': attribute type 10 has an invalid length.
[  481.317469][T13222] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2036'.
[  481.558653][   T40] audit: type=1326 audit(1765561225.141:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13223 comm="syz.1.2037" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff3579 code=0x0
[  481.634105][T13236] netlink: 'syz.3.2040': attribute type 10 has an invalid length.
[  481.636718][T13236] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2040'.
[  481.640905][T13236] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  481.878565][   T34] usb 7-1: new high-speed USB device number 41 using dummy_hcd
[  482.026739][   T34] usb 7-1: Using ep0 maxpacket: 16
[  482.030320][   T34] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  482.034208][   T34] usb 7-1: config 0 interface 0 has no altsetting 0
[  482.037170][   T34] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  482.040060][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.045187][   T34] usb 7-1: config 0 descriptor??
[  482.257206][ T6271] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  482.417740][ T6271] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  482.422323][ T6271] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  482.425413][ T6271] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  482.430701][ T6271] usb 8-1: config 0 interface 0 has no altsetting 0
[  482.435973][ T6271] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  482.442574][ T6271] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  482.446420][ T6271] usb 8-1: config 0 interface 0 has no altsetting 0
[  482.457138][ T6271] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  482.460249][ T6271] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  482.463882][ T6271] usb 8-1: config 0 interface 0 has no altsetting 0
[  482.468598][   T34] nzxt-smart2 0003:1E71:2009.0015: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0
[  482.473101][ T6271] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  482.481602][ T6271] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  482.490372][ T6271] usb 8-1: config 0 interface 0 has no altsetting 0
[  482.496446][ T6271] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  482.502337][ T6271] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  482.509420][ T6271] usb 8-1: config 0 interface 0 has no altsetting 0
[  482.514986][ T6271] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  482.518781][ T6271] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  482.523226][ T6271] usb 8-1: config 0 interface 0 has no altsetting 0
[  482.527116][ T6271] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  482.531719][ T6271] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  482.538204][ T6271] usb 8-1: config 0 interface 0 has no altsetting 0
[  482.543665][ T6271] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  482.546529][ T6271] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  482.555433][ T6271] usb 8-1: config 0 interface 0 has no altsetting 0
[  482.562649][ T6271] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  482.565496][ T6271] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  482.573036][ T6271] usb 8-1: Product: syz
[  482.574365][ T6271] usb 8-1: Manufacturer: syz
[  482.575871][ T6271] usb 8-1: SerialNumber: syz
[  482.582909][ T6271] usb 8-1: config 0 descriptor??
[  482.590726][ T6271] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[  482.662668][T13234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  482.667945][T13234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  482.743312][   T34] usb 7-1: USB disconnect, device number 41
[  483.422366][T13264] random: crng reseeded on system resumption
[  483.430235][T13264] netlink: 'syz.2.2049': attribute type 10 has an invalid length.
[  483.434082][T13264] siw: device registration error -23
[  484.101941][   T40] audit: type=1326 audit(1765561227.680:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13270 comm="syz.0.2051" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700d579 code=0x0
[  484.248654][T13281] overlayfs: failed to resolve './file0': -2
[  484.848093][    C0] usb 8-1: yurex_control_callback - control failed: -2
[  484.850657][    C0] usb 8-1: yurex_control_callback - control failed: -32
[  484.976090][T13300] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  484.978925][T13300] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  484.983439][T13300] vhci_hcd vhci_hcd.0: Device attached
[  485.099001][T13303] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  485.101937][T13303] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  485.118294][T13303] vhci_hcd vhci_hcd.0: Device attached
[  485.258168][ T6135] usb 42-1: SetAddress Request (42) to port 0
[  485.260451][ T6135] usb 42-1: new SuperSpeed USB device number 42 using vhci_hcd
[  485.311429][T13307] random: crng reseeded on system resumption
[  485.320336][T13307] netlink: 'syz.1.2058': attribute type 10 has an invalid length.
[  485.324336][T13307] siw: device registration error -23
[  485.399869][ T6010] usb 38-1: SetAddress Request (46) to port 0
[  485.404974][ T6010] usb 38-1: new SuperSpeed USB device number 46 using vhci_hcd
[  485.569902][T13312] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  485.575364][T13312] Error validating options; rc = [-22]
[  485.613470][T13301] vhci_hcd: connection reset by peer
[  485.640619][ T4169] vhci_hcd vhci_hcd.2: stop threads
[  485.643794][ T4169] vhci_hcd vhci_hcd.2: release socket
[  485.661368][ T4169] vhci_hcd vhci_hcd.2: disconnect device
[  485.794082][T13304] vhci_hcd: connection reset by peer
[  485.797697][ T6146] vhci_hcd vhci_hcd.0: stop threads
[  485.802013][ T6146] vhci_hcd vhci_hcd.0: release socket
[  485.806354][ T6146] vhci_hcd vhci_hcd.0: disconnect device
[  485.848411][   T24] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  485.915410][   T34] usb 8-1: USB disconnect, device number 31
[  485.919872][   T34] yurex 8-1:0.0: USB YUREX #0 now disconnected
[  485.998655][   T24] usb 6-1: Using ep0 maxpacket: 16
[  486.080044][   T24] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  486.083527][   T24] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  486.086779][   T24] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  486.091439][   T24] usb 6-1: config 1 interface 0 has no altsetting 0
[  486.096164][   T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  486.099836][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  486.102705][   T24] usb 6-1: Product: syz
[  486.104281][   T24] usb 6-1: Manufacturer: syz
[  486.105910][   T24] usb 6-1: SerialNumber: syz
[  486.837847][T13318] overlayfs: failed to resolve './file0': -2
[  486.888511][T13319] ------------[ cut here ]------------
[  486.890455][T13319] WARNING: drivers/gpu/drm/drm_prime.c:224 at drm_prime_destroy_file_private+0x43/0x60, CPU#2: syz.3.2062/13319
[  486.894274][T13319] Modules linked in:
[  486.895828][T13319] CPU: 2 UID: 0 PID: 13319 Comm: syz.3.2062 Not tainted syzkaller #0 PREEMPT(full) 
[  486.899234][T13319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.903235][T13319] RIP: 0010:drm_prime_destroy_file_private+0x43/0x60
[  486.905424][T13319] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 21 48 8b 83 90 00 00 00 48 85 c0 75 06 5b e9 d3 75 6e fc e8 ce 75 6e fc 90 <0f> 0b 90 5b e9 c4 75 6e fc e8 cf 4b d7 fc eb d8 66 66 2e 0f 1f 84
[  486.911846][T13319] RSP: 0018:ffffc90007307c88 EFLAGS: 00010293
[  486.914190][T13319] RAX: 0000000000000000 RBX: ffff888022f4a380 RCX: ffffffff8b7625d1
[  486.916751][T13319] RDX: ffff88804b1124c0 RSI: ffffffff854fd022 RDI: ffff888022f4a410
[  486.919418][T13319] RBP: ffff888022f4a000 R08: 0000000000000001 R09: fffff52000e60f71
[  486.922022][T13319] R10: ffffc90007307b8f R11: 0000000000000000 R12: ffff88804452e000
[  486.924573][T13319] R13: ffff888022f4a2b0 R14: 0000000000000000 R15: ffff888022f4a2d8
[  486.927080][T13319] FS:  0000000000000000(0000) GS:ffff888097902000(0063) knlGS:00000000569b3440
[  486.929971][T13319] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  486.932153][T13319] CR2: 000000000c3690a8 CR3: 000000005b837000 CR4: 0000000000352ef0
[  486.934746][T13319] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  486.937310][T13319] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  486.939894][T13319] Call Trace:
[  486.941286][T13319]  <TASK>
[  486.942422][T13319]  drm_file_free.part.0+0x7ee/0xcd0
[  486.944482][T13319]  drm_close_helper.isra.0+0x186/0x1f0
[  486.946320][T13319]  drm_release+0x1ab/0x360
[  486.947794][T13319]  ? __pfx_drm_release+0x10/0x10
[  486.949478][T13319]  __fput+0x402/0xb70
[  486.950844][T13319]  task_work_run+0x150/0x240
[  486.952400][T13319]  ? __pfx_task_work_run+0x10/0x10
[  486.954195][T13319]  ? __do_sys_close_range+0x278/0x730
[  486.955970][T13319]  exit_to_user_mode_loop+0xfb/0x540
[  486.957757][T13319]  __do_fast_syscall_32+0x4a4/0x680
[  486.959574][T13319]  do_fast_syscall_32+0x32/0x80
[  486.961258][T13319]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  486.963340][T13319] RIP: 0023:0xf7fd2579
[  486.964709][T13319] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  486.970917][T13319] RSP: 002b:00000000ffea138c EFLAGS: 00000202 ORIG_RAX: 00000000000001b4
[  486.973645][T13319] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e
[  486.976211][T13319] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  486.978850][T13319] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  486.981411][T13319] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  486.983982][T13319] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  486.986574][T13319]  </TASK>
[  486.987664][T13319] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  486.990007][T13319] CPU: 2 UID: 0 PID: 13319 Comm: syz.3.2062 Not tainted syzkaller #0 PREEMPT(full) 
[  486.992956][T13319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  486.996291][T13319] Call Trace:
[  486.997373][T13319]  <TASK>
[  486.998345][T13319]  dump_stack_lvl+0x3d/0x1f0
[  486.999873][T13319]  vpanic+0x640/0x6f0
[  487.001163][T13319]  ? drm_prime_destroy_file_private+0x43/0x60
[  487.003112][T13319]  panic+0xca/0xd0
[  487.004324][T13319]  ? __pfx_panic+0x10/0x10
[  487.005772][T13319]  ? check_panic_on_warn+0x1f/0xb0
[  487.007423][T13319]  check_panic_on_warn+0xab/0xb0
[  487.009074][T13319]  __warn+0x108/0x3c0
[  487.010416][T13319]  __report_bug+0x2a0/0x520
[  487.011882][T13319]  ? drm_prime_destroy_file_private+0x43/0x60
[  487.013855][T13319]  ? __pfx___report_bug+0x10/0x10
[  487.015388][T13319]  ? find_held_lock+0x2b/0x80
[  487.016853][T13319]  ? drm_master_release+0x2c1/0x600
[  487.018464][T13319]  ? drm_prime_destroy_file_private+0x43/0x60
[  487.020373][T13319]  report_bug+0xb2/0x220
[  487.021754][T13319]  ? drm_prime_destroy_file_private+0x43/0x60
[  487.023700][T13319]  handle_bug+0x127/0x260
[  487.025104][T13319]  exc_invalid_op+0x17/0x50
[  487.026588][T13319]  asm_exc_invalid_op+0x1a/0x20
[  487.028159][T13319] RIP: 0010:drm_prime_destroy_file_private+0x43/0x60
[  487.030276][T13319] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 21 48 8b 83 90 00 00 00 48 85 c0 75 06 5b e9 d3 75 6e fc e8 ce 75 6e fc 90 <0f> 0b 90 5b e9 c4 75 6e fc e8 cf 4b d7 fc eb d8 66 66 2e 0f 1f 84
[  487.036344][T13319] RSP: 0018:ffffc90007307c88 EFLAGS: 00010293
[  487.038374][T13319] RAX: 0000000000000000 RBX: ffff888022f4a380 RCX: ffffffff8b7625d1
[  487.041679][T13319] RDX: ffff88804b1124c0 RSI: ffffffff854fd022 RDI: ffff888022f4a410
[  487.045040][T13319] RBP: ffff888022f4a000 R08: 0000000000000001 R09: fffff52000e60f71
[  487.048285][T13319] R10: ffffc90007307b8f R11: 0000000000000000 R12: ffff88804452e000
[  487.051668][T13319] R13: ffff888022f4a2b0 R14: 0000000000000000 R15: ffff888022f4a2d8
[  487.054978][T13319]  ? __mutex_unlock_slowpath+0x161/0x790
[  487.057383][T13319]  ? drm_prime_destroy_file_private+0x42/0x60
[  487.059868][T13319]  ? drm_prime_destroy_file_private+0x42/0x60
[  487.062463][T13319]  drm_file_free.part.0+0x7ee/0xcd0
[  487.064455][T13319]  drm_close_helper.isra.0+0x186/0x1f0
[  487.066645][T13319]  drm_release+0x1ab/0x360
[  487.068554][T13319]  ? __pfx_drm_release+0x10/0x10
[  487.070794][T13319]  __fput+0x402/0xb70
[  487.072533][T13319]  task_work_run+0x150/0x240
[  487.074579][T13319]  ? __pfx_task_work_run+0x10/0x10
[  487.076700][T13319]  ? __do_sys_close_range+0x278/0x730
[  487.078983][T13319]  exit_to_user_mode_loop+0xfb/0x540
[  487.081027][T13319]  __do_fast_syscall_32+0x4a4/0x680
[  487.083192][T13319]  do_fast_syscall_32+0x32/0x80
[  487.085205][T13319]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  487.087785][T13319] RIP: 0023:0xf7fd2579
[  487.089517][T13319] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  487.096574][T13319] RSP: 002b:00000000ffea138c EFLAGS: 00000202 ORIG_RAX: 00000000000001b4
[  487.099228][T13319] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e
[  487.101728][T13319] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  487.104226][T13319] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  487.106715][T13319] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  487.109232][T13319] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  487.111728][T13319]  </TASK>
[  487.113456][T13319] Kernel Offset: disabled
[  487.114844][T13319] Rebooting in 86400 seconds..