last executing test programs:

9.297710367s ago: executing program 3 (id=967):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@broadcast, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x32}, 0x2, @in, 0x0, 0x4}}, 0xe8)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x2, 0x0) (fail_nth: 5)

8.804415721s ago: executing program 3 (id=969):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
listen(r0, 0x1ff)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10)
fsetxattr$security_ima(r0, &(0x7f00000000c0), 0x0, 0x0, 0x3)
r1 = socket(0x2, 0x80805, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00'})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/pm_freeze_timeout', 0x149a82, 0x142)
write$cgroup_int(r4, &(0x7f0000000040)=0x1c9, 0x12)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000003680)={0x0, 0x0, &(0x7f0000003640)={&(0x7f0000003400)=@getsadinfo={0xbc, 0x23, 0x1, 0x70bd29, 0x25dfdbff, 0x0, [@policy={0xa8, 0x7, {{@in=@local, @in=@remote, 0x4e24, 0x3ff, 0x4e21, 0x75d9, 0xa, 0xa0, 0xa0, 0xd}, {0x8, 0x7fffffffffffffff, 0x400, 0x5b, 0x2, 0xffffffff, 0x65, 0xb}, {0x4a0, 0x8750, 0xe00000, 0x9}, 0x2, 0x6e6bb0, 0x1, 0x1, 0x3, 0x3}}]}, 0xbc}}, 0x40000)
r6 = syz_open_procfs(0x0, 0x0)
pread64(r6, &(0x7f00000001c0)=""/85, 0x55, 0x9)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000240)={0x6, 0x101, 0x206, 0x2, 0x754d, 0x6, 0x9, 0xf, r3}, 0x20)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000180)={r3, 0x3, 0x30}, 0xc)
sendto$inet(r0, &(0x7f0000000100)="ab", 0x1, 0xe61e2840a154b0c0, &(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10)

8.341086173s ago: executing program 3 (id=973):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x48000, 0x0)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r0, @ANYRES32=r1], 0x0)

7.646910512s ago: executing program 2 (id=979):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xfb, 0x323, &(0x7f0000006680))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x6, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000340)=[0x0])
sendmsg$nl_route(r2, 0x0, 0x240088c5)
socket$nl_route(0x10, 0x3, 0x0)
getresgid(0x0, 0x0, 0x0)
madvise(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x65)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="453a4e4785a56b0d96a738a99159cc0000"])
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000180)={@in6={{0xa, 0x4e21, 0xfffff79e, @mcast1, 0xfffffdfc}}, 0x0, 0x0, 0x9, 0x0, "0c9e089c01860b471037f43d223b3c1b324debec40e55a07f709417eb48821996aff1c7154e746be4d7686455261c425a7519cc269d04e6205abaabde24a2b12440b329ad5bd35f21907c7988d1300"}, 0xd8)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, 0x0)
r5 = openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$FUSE_DIRENT(r5, &(0x7f0000000000)=ANY=[], 0x40)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x25dfdbff, {0x0, 0x0, 0x74, r6, {}, {0x0, 0x1}, {0x3, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x40) (fail_nth: 4)

6.92737811s ago: executing program 4 (id=983):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0xa601, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r1, 0x7a4, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0xfffd, 0x0, @loopback, 0x80000}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000140)=@ccm_128={{0x303}, "9a8314a266f00954", "a71b09706f9051ef5028855d6e63d997", "25400c1e", "3b2be4f8eae85ed6"}, 0x28)
r3 = semget(0x1, 0x0, 0x101)
semctl$SEM_INFO(r3, 0x2, 0x13, &(0x7f0000000400)=""/143)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000040)=@gcm_256={{0x304}, "6a655069ade23ce4", "0d35db0d4af1cbcce779bbc24b53fc15118dd14c9837de56339a336a1900", 'FY\\;', "8891ea13f18ef0be"}, 0x36)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
syz_usb_connect$hid(0x6, 0x3f, &(0x7f00000004c0)=ANY=[@ANYBLOB="1201100300000008bd28190940000102030109022d00010100a00809040011ee0201029909210300010122db0f09058103ff03000706090502035000020c0bd4a8fedb6c15c6f7a1b6ad35da5ba3e8bc4a92c8ac5ffd9ce92aa92c30edede4420b9bb78fd842e35e5f81d681b7b7957fff79cff071cf043ce607671c3d7bd18baa9d5fb0f9f10f05e97ff3d2c3a06b5a9a9a20ad94b1b9be0741022a0e36c13faed89c1e8757f5da4b7cc783b2f7494b1a13784a1d473c603ce1f8ef8b83b40621d5a84918017c530922a095d915b5ea193d959998c36f7fc2923bf362b17df4061d15c190928fa5f5de2ce92889b438d819773120f0b92282dfd728b33733aa760a1b75cf2a21aa905dd72115cbc377e34406697a89b8c14c9b899e42aba6680cc28091a28e609ffa33adacef5282ddfc6562dfe9c482a624461fa9160a43a1579a83ac94350b679fbac996947ba8b6b2f7e1f234586f1627d6f854c0a3fb85ed3ee9906225064341a5489cf90169baa1707e8b884536b24b452eefe689c73818dfc0aa17171020dc1805d369e837291105d306dee21bbf47aec7c280bb3153cecb248745b313592addd63a3623799eed1cc9dbd889888c99bfdb5d4e5e089cee92dc0abbdd14a869eeebc4e04805abca823f5119074a1f9961a435e04c428f"], &(0x7f00000003c0)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x200, 0x5, 0x3, 0x6, 0x40, 0x2}, 0x5, &(0x7f00000001c0)={0x5, 0xf, 0x5}, 0x4, [{0x4, &(0x7f0000000200)=@string={0x4, 0x3, "d285"}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x404}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x400a}}, {0x89, &(0x7f0000000300)=@string={0x89, 0x3, "c03826509cb441fcf8cbcb202b6228523aa91b0fa70717e93f06ce4fb2514f7017e98a005b888a8708c353979207b04c12405ee8ff303256e7692d457a650d80fdcc4809939022fda1aad3e6796f61a888cb35f1b9cd38684d99b9c535972361402a854b88bb18259c84790732956126c681e74ee6b2861ce0acd4755ec76716106c32e30fd4d3"}}]})
execveat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000100)='./bus\x00', 0x2000, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r5, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x34, r5, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xcf70}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r6, 0x4038ae7a, 0x0)
mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000002)

6.617354418s ago: executing program 3 (id=984):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000000c0)={0xa0, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x74, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_VALUE={0x68, 0x4, "ab94491e09f7f076a2279abac73412bae67cd4a5250fc3f1ebf22a4e4748174d327d5eaef82bc9e127d2d117c1d59042c57aaa5966fe3ecce3a151371ec957ec05449ce105b4616fef515285cb94e694f351d9d5f4e97c717971fb5c6398d5e752fcc440"}, @ETHTOOL_A_BITSET_MASK={0x1}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}]}]}, 0xa0}}, 0x20000080)

6.221250704s ago: executing program 3 (id=985):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
syz_usb_connect$hid(0x5, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="1201010200000010f3044d0740000102030109022d0001010330050904000801039760eb8921ff0001f021b00b09058103100002ba07090502032000080e01"], 0x0)
r2 = syz_open_dev$video(&(0x7f00000010c0), 0x8, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xd, 0x2a, &(0x7f0000000900)=ANY=[@ANYBLOB="18110000000000000000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018", @ANYRES32, @ANYBLOB, @ANYBLOB="8abadb60cd7e31cb7a30e5225e9ef40d857c90f6abe70f2e3ab0f1064d8c6f354b4e7074e6", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa208000000000007020000f8ffffffb703000008000000b70400000000000085000000820000001811000026ddf419ea50046d8ba0f73239fd125d8069df0497bee468e079fcd2fe7b40a145f3c8f56ee645a464318ac75a26bf7fe600dbfaead9e3bdcd3031d4a4496917f97f874df2de232cd0f90086ca146d0067610bae7aace05a4d54c42147c43b841618ae3091e7ec06d452119854e135d89e6070c2e980c09cc37091074a5c8b6b9ac83c561898d4fa5acb915b367a5c5f8bbb001aa50e811bac3a689ac60d5becd1f8bbdca2a1c180bf1fe381da8cfaea0896c89ca303befd8722a02f4a46784ab1fc7b7388972d6832f9b1d1ae07ad0db64256dd53e8590e133d3f", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$VIDIOC_S_SELECTION(r2, 0xc040565f, &(0x7f0000000040)={0x2, 0x100, 0x4, {0xf, 0x82, 0x1, 0x7}})
syz_io_uring_setup(0x20be, 0xffffffffffffffff, &(0x7f0000000180), &(0x7f00000001c0))
mlock2(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x3, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="c3b9992280ff3da72979e0bb1fac9be169b1cbcdbba822c774817561f907e56ce9a3afeaefe038b5d6cca8", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
r8 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
syz_emit_ethernet(0x1232, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd607428dd11fc3afffe8000000000000000000000000000bbff020000000000000000000000000001850090780000000022127fd4409f371955b4c3909dd9c8fb306a531909b0c9af18891f1cbfa1e61de24d060ef55c95e5dc9bcf6534fc4ed6f602c74fda703aed0ec1597485e936ba1e18d6a5b3ba91a7dd2eab0399ea0f9a8330b91045fd4f063398d0c3116e256e31c855beb8eb21fa539c11950c647cbfc6adde008050290c830ab911878ea83a356cef12a9db5262694652d1e72e4fbec3bc7ca70200fcd3312a70f7c3ddbaf27c9f4f7e535121228bab897fc236a7acc2c62bd04cb8ac0d1699b4e2a50fe5152eeec7f996b94eb21af49bc0a4e2e2bc902350a3a7e8bf94a044ae9b1137fc29da9192ea72c8bce97eb752efb379e5cfd28f87438237490f31820e77e878ec4e090c8d490a1155d0adbd598e1be7f47dce83e5a58369279214f69bf09f66406098c57f820795dd03f8c9724c0069fe01bb12994bad06ffab449251724da1e06066c46682341ff267834a9c3b5195f1dad422731427c27947d540d7dfc0bc7d8567649d0f6884a62d2c26b96b6d0b352a624ecf5988721fcf4052e2e9c0c704c58691124ea030e5280ca0e6c4cb6dcef19196f9604acb2e7a2fec62250a952f793bbd8b425d10c3a5ef8327759ffb64ee822b75bad72e5d55036542d5790efc071aae32349cac28c4d13d375c82caade961e17ab8ddd0b96e1de22f41ddcc0a2656f114bb3fc6338f1e2ece2489734597e006e6e442f6dbb9341956e29530f153b97923540a333c6467c65ad5942ac151c19451137b2d77c68aac"], 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f0000000100)={0xffff, 0x2, 0x2})
syz_usb_connect(0x0, 0x112, &(0x7f0000000240)={{0x12, 0x1, 0x51, 0xad, 0x68, 0xb3, 0x20, 0x7d1, 0x3e01, 0x2e9e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x100, 0x2, 0x59, 0x5, 0x40, 0xf4, [{{0x9, 0x4, 0xe4, 0x0, 0x2, 0xff, 0xff, 0xff, 0x80, [], [{{0x9, 0x5, 0x0, 0x0, 0x200, 0x3, 0x80, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x5, 0x1}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x40, 0x3}]}}, {{0x9, 0x5, 0x8, 0x0, 0x8, 0x1, 0x3, 0xfb}}]}}, {{0x9, 0x4, 0xfb, 0x13, 0x4, 0x1c, 0x4, 0xaa, 0x5, [@cdc_ecm={{0xa, 0x24, 0x6, 0x0, 0x0, "afd0abe2f7"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x3ff, 0xc, 0x3, 0x7}}], [{{0x9, 0x5, 0xe, 0xc, 0x10, 0x6, 0x5, 0x4}}, {{0x9, 0x5, 0x6, 0x4, 0x40, 0xf0, 0x2b, 0x0, [@generic={0x10, 0x22, "cbf8f9dd1acfe0ed1b846c0bc3e3"}]}}, {{0x9, 0x5, 0xc, 0x3, 0x3ff, 0x5, 0x0, 0x85, [@generic={0x2, 0x5}]}}, {{0x9, 0x5, 0xf, 0x10, 0x0, 0x9, 0x0, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x8, 0x100}, @generic={0x6c, 0xc, "ce4f64d58e4730a0277e59881b0179e0d2ef4524885d1cb2cc767ff52bc15463dedf03219f529ea566ee81258f479cc10b0acc2a40fed4e5323c7c38d6e84ec3650a407598a123c6f9280f1e3b9ca69d5a90df0c42cb4d070a8b1e6c3a342c03a230e297470e8202b228"}]}}]}}]}}]}}, 0x0)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000300)=@add_del={0x2, &(0x7f0000000200)='ipvlan1\x00'})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4400000010004b04000023dc5ad93c5c2b7b0000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800500160003000000080004"], 0x44}}, 0x0)

5.737899834s ago: executing program 4 (id=986):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003400200000000000000b94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b4337", 0xd5}], 0x1}, 0x0)

5.596653636s ago: executing program 4 (id=987):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xfb, 0x323, &(0x7f0000006680))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x6, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000340)=[0x0])
sendmsg$nl_route(r2, 0x0, 0x240088c5)
socket$nl_route(0x10, 0x3, 0x0)
getresgid(0x0, 0x0, 0x0)
madvise(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x65)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="453a4e4785a56b0d96a738a99159cc0000"])
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000180)={@in6={{0xa, 0x4e21, 0xfffff79e, @mcast1, 0xfffffdfc}}, 0x0, 0x0, 0x9, 0x0, "0c9e089c01860b471037f43d223b3c1b324debec40e55a07f709417eb48821996aff1c7154e746be4d7686455261c425a7519cc269d04e6205abaabde24a2b12440b329ad5bd35f21907c7988d1300"}, 0xd8)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, 0x0)
r5 = openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$FUSE_DIRENT(r5, &(0x7f0000000000)=ANY=[], 0x40)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x20, 0x11, 0xd27, 0x0, 0x25dfdbff, {0x0, 0x0, 0x74, r6, {}, {0x0, 0x1}, {0x3, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x40)

4.368860198s ago: executing program 2 (id=990):
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000d80)={0x48, 0x2, 0x6, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYRES16=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@tcp6, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000200)={{0x1}})
readv(r2, &(0x7f0000000080)=[{&(0x7f0000000140)=""/144, 0x90}], 0x1)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f00000000c0)={0x4, 0x9, 0x0, 0x0, 0x4})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
ioprio_set$pid(0x1, r3, 0x4000)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000580)="d800000019008111e0020f060d8107040a60090000020000000455a1bc00090008000699e3ffffff140005000800000006000567b8b7b94002000009080016060000000000000074d67f6f5d6b26462f25a4d1c2e446b727f3e29400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a237ee4b11602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9ad809d50b694138c9f1ac76efb42a9ecbee5de6ccd4", 0xd8}], 0x1}, 0x94)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_open_procfs(0x0, 0x0)
r7 = syz_usb_connect$hid(0x4, 0x3f, &(0x7f0000000340)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x2179, 0x53, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xa, 0x50, 0x5, [{{0x9, 0x4, 0x0, 0xe, 0x1, 0x3, 0x1, 0x2, 0x8, {0x9, 0x21, 0x4ae, 0x5, 0x1, {0x22, 0xd12}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0xfe, 0xf2, 0x1}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x6, 0x0, 0xd0}}]}}}]}}]}}, &(0x7f0000000900)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x300, 0x8, 0x9, 0x80, 0x40, 0x2}, 0x15, &(0x7f00000003c0)={0x5, 0xf, 0x15, 0x1, [@ssp_cap={0x10, 0x10, 0xa, 0x6, 0x1, 0x0, 0xf, 0x400, [0xc000]}]}, 0x6, [{0x7b, &(0x7f0000000440)=@string={0x7b, 0x3, "53110e0e55bad007b2ad4d013c94346355682e373c870f958d2fd41252ca4de9bc8af144ef0f4ed7dc895a8cd663629b604b47cd786ebbf8e6eebd11452b388cf833c6d5fce42c214008d2b42397f27ce9644c2e50e05ed19a121f602360cf1fc9255f35b546f9498abf8eae909765510ee9d07d898f4cb17f"}}, {0xf1, &(0x7f0000000680)=@string={0xf1, 0x3, "5a48ff9ea3f1f93fe201ce66c138b8861a714371b999102e1bd778fc29c18d8eee25d1fb872d0311265057357d9bd117a64ad7127ac72c91e89a11fb43908b0f07c96056fdedd5b56ecd5663f5b7d11cc4b26faae977d0f1f1fa335cfec001b674f64bca6289864c1d80443bda49a899721708c0b1036780098b12d3ea1d44175363509c5aac0a340be8b40d77e686f5a1a1595e50e61b7f619272c577d91f4e0c757781f1b7448449f7b49d1fab017074609d7674e21d7bbfe78cd5e2869aa887e9c852ad256e18ed2b8226021a2e61b2873b3b8893a106d2d801e4b9fad58b8c2616956171c5666119ab43a972b8"}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x8}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x403}}, {0xeb, &(0x7f0000000780)=@string={0xeb, 0x3, "82aaf400619cdf5e2afd3da19dafaee104f32cb0ee41390d6ee76add53d15535e3d019eb3702e99cb770821813354c56acbc767e59e78e057440ed70574841e7466e3038edb1443155d8e1298ac37bc9e88ff687c50f898e9ac688c98675c6af2f818864e0de55801307968a1f1797b312a0542a1481785acc97b17ee5d32f4aad0df147f7d219ff18e815cb73c73b113320cba1520d7deb0d92a74f604735fc85ade868a4f42e9b1c8d6ddf940e42407b5b4d754f7414684105757c7b710cd4c21242d80d2e15a86bac719d3fee94d098bbc8d1361477af1165a21ea96fdada4d4996e95bd7da8aae"}}, {0x7d, &(0x7f0000000880)=@string={0x7d, 0x3, "bfef7c7ec399ae4c76f7a7db17bbc583a4e78cbfb3ef88b99538e800df1c69d2bb2c6448c9786d6e1d95c54ce80e83ccd53ba715cbc828941b637916409c8d74464e3f9a2ffe6acc96d483aed7d0a578e254167b0cf12cc4533018c403ee7e07bc9950d017ebbac83963c48e8760fb83d2c21a6dd989356ac6ddf0"}}]})
syz_emit_ethernet(0x36, &(0x7f0000000280)={@local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "7fa727", 0x0, 0x2c, 0x0, @private2, @local}}}}, 0x0)
syz_usb_control_io$hid(r7, &(0x7f0000000b00)={0x14, &(0x7f0000000a00)={0x0, 0x23, 0x40, {0x40, 0xf, "94257945e9923a3fa3655165d8aed76868c9252faa42c5753a833091e31543a97425d23c28920e21f580102064e1e0c564c41312b6dfe6fc7ed95a9e278b"}}, &(0x7f0000000a80)={0x0, 0x3, 0x65, @string={0x65, 0x3, "8a590ca204e19992d0b950438bad0eef927acd86c67ac2e19940e99389f088f0a33e302b44c5fddd1ec98527f7eb98c04ac8392a3464154bee49a00287510843df37716d35081df7442a94c786182c39e4425e01a1d06b47a1220ecb867ac5f0bb837e"}}, &(0x7f0000000540)={0x0, 0x22, 0x11, {[@main=@item_4={0x3, 0x0, 0x8, "70365411"}, @local=@item_4={0x3, 0x2, 0x5, "33111527"}, @global=@item_012={0x1, 0x1, 0xb, "e6"}, @local=@item_4={0x3, 0x2, 0x5, "16c114b5"}]}}, &(0x7f0000000980)={0x0, 0x21, 0x9, {0x9, 0x21, 0x4, 0x4, 0x1, {0x22, 0x155}}}}, &(0x7f0000000d00)={0x18, &(0x7f0000000b40)={0x20, 0x37, 0xf, "d7bab0d2e0392d9c0982b4c8ba6a54"}, &(0x7f0000000b80)={0x0, 0xa, 0x1, 0x1}, &(0x7f0000000bc0)={0x0, 0x8, 0x1, 0x12}, &(0x7f0000000c00)={0x20, 0x1, 0xb8, "eec5d8bf116617f1b1f5ad273575c238ed25d3fee94e06102205a8ba8f9aaeffa7688eea39dac1e6606f615eb7af1f3a923167ae3beb3d6badf62ff61a0b2b85e7f50992e11fdc27da770e7295fb9959d1a95464502cb47250f6e6170b5a0ad618ce474bdff5474ee6139d0909798a652d6f67e5178520b2ccbaab57920cac6b993c03949d46b80570437ade995d498dba3c24bab3848c1c39da3f6ea6d24ab1216a85c0e0112e5ec0c691c8a6d5f7ca79ed487fe60917da"}, &(0x7f0000000cc0)={0x20, 0x3, 0x1, 0xd}})
read$FUSE(r6, 0x0, 0x0)
pread64(r6, 0x0, 0x0, 0xadc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0xfffffffffffffcfb, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYRES16=r6], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c000000040605000000000000000000030004000900020073797a3200000000090002000100000000000000050001000700000005000100070000000900020073797a310000000005000100070000000900020073797a30"], 0x5c}}, 0x0)

3.297245359s ago: executing program 2 (id=993):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f00000034c0), 0x2, 0x0)
readv(r1, &(0x7f0000004940)=[{&(0x7f0000003500)=""/156, 0x9c}, {&(0x7f00000035c0)=""/125, 0x7d}, {0x0}], 0x3)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x68, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_REJECT_ICMP_CODE={0x5, 0x2, 0x1}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x40, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_OP={0x8}, @NFTA_BYTEORDER_DREG={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_BYTEORDER_SREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_BYTEORDER_SIZE={0x8, 0x5, 0x1, 0x0, 0x92}, @NFTA_BYTEORDER_LEN={0x8, 0x4, 0x1, 0x0, 0x63}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xbc}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0xa0}})
io_uring_enter(0xffffffffffffffff, 0x2def, 0xb80c, 0xe, 0x0, 0x0)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r3)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r5, <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, r8, 0x1, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000600)={r6, 0x0, 0x0, 0x0, 0x3, [<r9=>0x0, 0x0, 0x0, <r10=>0x0], [0x800000], [0x0, 0x1001000, 0x3], [0x0, 0xfffffffffffffffd, 0xe8a6, 0x3]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r3, 0xc06864b8, &(0x7f00000001c0)={r6, 0xae, 0x3ff, 0x34325241, 0x1, [r9, 0x0, 0x0, r10], [0x2b8], [0x10000], [0x0, 0x1]})
ioctl$DRM_IOCTL_GET_SAREA_CTX(r4, 0xc008641d, &(0x7f0000000240)={0x0, &(0x7f0000000180)})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000001a0001"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

2.940456343s ago: executing program 2 (id=994):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000001000)=[{0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000000e80)}], 0x1, &(0x7f0000000fc0)=[@op={0x10}, @op={0x10, 0x117, 0x3, 0x1}], 0x20, 0x4080}], 0x1, 0x2000)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000840)=""/127, 0x7f}, {&(0x7f0000000400)=""/115, 0x73}, {&(0x7f00000000c0)=""/33, 0x21}, {&(0x7f00000004c0)=""/21, 0x15}], 0x5}}], 0x2, 0x60, 0x0)

2.807589209s ago: executing program 2 (id=995):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r2)
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r3, 0x4, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x200000c0) (fail_nth: 5)

2.745579318s ago: executing program 1 (id=996):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000001000)=[{0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000000e80)="f07a174792731bf6ec966dd7f08c47cc70e12b789135b4d9ac16578daec36f59d5ca7257e7cf195e4bd7ca8c1d225cc09e62186fafd01d62c34b430622fccdebbf429ef1d309f8a95e66b5d5733dee3b678ce6bbf6ebb24c061f2b10fab10dd24da866c4ef56c9f6f561a69c3bf0cded57a1fe7de16b7bce84a51dd6659420", 0x7f}], 0x1, &(0x7f0000000fc0)=[@op={0x10}, @op={0x10, 0x117, 0x3, 0x1}, @assoc={0x10, 0x117, 0x4, 0x1}], 0x30, 0x4080}], 0x1, 0x2000)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000840)=""/127, 0x7f}, {&(0x7f0000000400)=""/115, 0x73}, {&(0x7f00000000c0)=""/33, 0x21}, {&(0x7f00000004c0)=""/21, 0x15}], 0x5}}], 0x2, 0x60, 0x0)

2.583222182s ago: executing program 1 (id=997):
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
sched_setattr(r2, &(0x7f00000002c0)={0x38, 0x0, 0xc, 0x80000001, 0xd, 0xa110, 0x6, 0x6, 0x7, 0x8}, 0x0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x7c0c, &(0x7f0000000100)={0x0, 0x6ba9, 0x0, 0x2, 0x1bd, 0x0, r1}, &(0x7f0000000180), &(0x7f0000000200))
r3 = syz_io_uring_setup(0x239, &(0x7f0000000240)={0x0, 0x200001, 0x10100, 0x1}, &(0x7f0000000080)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0)={0x7, 0x3ff, 0x4, 0x2, 0x0, 0xfffffffffffffffd, 0x4, 0x8000}, 0x0, 0x0, &(0x7f0000000400)={0x77359400}, &(0x7f0000000680)={&(0x7f0000000640)={[0x5, 0x9]}, 0x8})

2.497931072s ago: executing program 3 (id=998):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x200000c0, 0xffffffff, 0xfffffff8}, 0x10)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5ac, 0x246, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, {0x9}}}]}}]}}, 0x0)
syz_emit_ethernet(0xce, &(0x7f0000001e40)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @tipc_packet={0x9, 0x6, "8d5fe5", 0x98, 0x6, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x33}}, @dev={0xfe, 0x80, '\x00', 0x3c}, {[], @name_distributor={{0x98, 0x0, 0x0, 0x0, 0x1, 0xa, 0xb, 0x2, 0x2, 0x0, 0x0, 0x6, 0x4, 0x4, 0x4e23, 0x4e20, 0x2, 0x3, 0x0, 0x0, 0x1}, [{0x9, 0x6, 0x7, 0x10, 0x0, 0xcad, 0x9, 0x8}, {0x80, 0x128, 0x5, 0xfffffeff, 0x5, 0xc1c, 0x7, 0x9}, {0x9, 0x14, 0x8, 0x5, 0xf, 0x3, 0x2, 0x1}, {0x9, 0x2, 0x5c, 0x6, 0x649, 0x9d8b, 0x9, 0xffffff9}]}}}}}}, 0x0)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x1ff, 0x80)
ioctl$SNDRV_PCM_IOCTL_RESUME(r2, 0x4147, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, 0x0, 0x0)
sendmsg$kcm(r3, 0x0, 0x4)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000005, 0x40010, r3, 0x39b65000)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="2c0000001a01000048", @ANYRES32=0x0, @ANYBLOB="08000100ac1414aa"], 0x2c}}, 0x0)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f0000000000)=0x3500, 0x4)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r6=>0x0})
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000000080)={0x1d, r8, 0x0, {0x0, 0xff}}, 0x18)
connect$can_j1939(r7, &(0x7f00000002c0)={0x1d, r8, 0x0, {}, 0x1}, 0x18)
sendmmsg(r7, &(0x7f0000002e40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000002680)="b875431a05b182855f", 0x9}], 0x1}}], 0x1, 0x0)
bind$can_j1939(r5, &(0x7f00000000c0)={0x1d, r6, 0x0, {0x0, 0xf0}}, 0x18)
connect$can_j1939(r5, &(0x7f0000000640)={0x1d, r8}, 0x18)
sendmmsg(r5, &(0x7f0000002e40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000002680)="b875431a05b182855f", 0x9}], 0x1}}], 0x1, 0x0)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r4, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000000200)={0xa, 0x4e24, 0x40, @empty, 0x9}, 0x1c)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000180)={{0x2, 0x4e23, @empty=0xfdfd}, {0x20000010304, @multicast}, 0x4, {0x2, 0x4e20, @broadcast}})

2.20020128s ago: executing program 2 (id=1000):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xfb, 0x323, &(0x7f0000006680))
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x2dc, 0x0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x214, 0x20a, 0x278, 0x214, 0x278, 0x3, 0x0, {[{{@ipv6={@private0, @empty, [], [], 'pimreg0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0xf4, 0x118, 0x0, {}, [@common=@inet=@tcp={{0x2c}, {[], [], 0x0, 0x0, 0x2, 0x8}}, @inet=@rpfilter={{0x24}}]}, @common=@inet=@TCPMSS={0x24}}, {{@uncond, 0x0, 0xdc, 0xfc, 0x0, {}, [@common=@unspec=@quota={{0x38}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x338)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0xe0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x6, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000340)=[0x0])
sendmsg$nl_route(r2, 0x0, 0x2400c845)
socket$nl_route(0x10, 0x3, 0x0)
getresgid(0x0, 0x0, 0x0)
madvise(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x65)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYBLOB="0518a03665317503ba51c1c4be0563ac1d3bc574b272fb585bd5b615759307b3b29338e8fed67455e7410ce473d0ab26880710a694188da5ccc24f25ef0c57dc1242ece7e6f52c9d906173bef6b46b266c49dceb4cd11d4f6e43bae2d2a255c8992bdd67beab88c0a3dc9abf8583384531607d88edb58593ee717fed38c4dda6c5e1ff478dc17496dc00"/150, @ANYRESDEC=r2, @ANYRESDEC, @ANYBLOB="453a4e4785a56b0d96a738a99159cc0000"])
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000180)={@in6={{0xa, 0x4e21, 0xfffff79e, @mcast1, 0x100}}, 0x0, 0x0, 0x9, 0x0, "0c9e089c01860b471037f43d223b3c1b324debec40e55a07f709417eb48821996aff1c7154e746be4d7686455261c425a7519cc269d04e6205abaabde24a2b12440b329ad5bd35f21907c7988d1300"}, 0xd8)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, 0x0)
r5 = openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$FUSE_DIRENT(r5, &(0x7f0000000680)=ANY=[@ANYRESDEC, @ANYRES32=r4, @ANYBLOB="22094a1c3b476dd0196a26aaa278902cc62c914469199f5f11e1be4f56ebf3135dc9db848377cc924accf253a80eb98d4b2d90210a7a0994ec770a9130c8577b0fd60752591b83a19dd85a172f0f1f6862feac5951786d1bc33c75", @ANYBLOB="6a58a6c6016e25c3f03b389a4ebf00b5b7b45a1861cd88989a0644e033b61dd3cd9fc23efb72ffb572a0ac9f93120f7cf6a149ae0fa178a36f5e02dc7657e378ce1b0d2bb59d188301000000f8a38c2fe738c25ef6488d4e1b3f", @ANYRESDEC=r0], 0x40)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x25dfdbff, {0x0, 0x0, 0x74, r6, {}, {0x0, 0x1}, {0x3, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x40)

2.089087658s ago: executing program 4 (id=1001):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x2710}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0xf, 0xfffffffffffffffe}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd3a70ae0fb20fa152600cb00845174f08076f8d7a4308000500010000000400088008000100", @ANYRES16=r3], 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x4, 0x0, 0x3, 0xc}, &(0x7f0000000380)=<r6=>0x0, &(0x7f00000002c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.574984204s ago: executing program 1 (id=1002):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
listen(r0, 0x1ff)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10)
fsetxattr$security_ima(r0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, 0x3)
r1 = socket(0x2, 0x80805, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00'})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/pm_freeze_timeout', 0x149a82, 0x142)
write$cgroup_int(r4, &(0x7f0000000040)=0x1c9, 0x12)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000003680)={0x0, 0x0, &(0x7f0000003640)={&(0x7f0000003400)=@getsadinfo={0xbc, 0x23, 0x1, 0x70bd29, 0x25dfdbff, 0x0, [@policy={0xa8, 0x7, {{@in=@local, @in=@remote, 0x4e24, 0x3ff, 0x4e21, 0x75d9, 0xa, 0xa0, 0xa0, 0xd}, {0x8, 0x7fffffffffffffff, 0x400, 0x5b, 0x2, 0xffffffff, 0x65, 0xb}, {0x4a0, 0x8750, 0xe00000, 0x9}, 0x2, 0x6e6bb0, 0x1, 0x1, 0x3, 0x3}}]}, 0xbc}}, 0x40000)
r6 = syz_open_procfs(0x0, 0x0)
pread64(r6, &(0x7f00000001c0)=""/85, 0x55, 0x9)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000240)={0x6, 0x101, 0x206, 0x2, 0x754d, 0x6, 0x9, 0xf, r3}, 0x20)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000180)={r3, 0x3, 0x30}, 0xc)
sendto$inet(r0, &(0x7f0000000100)="ab", 0x1, 0xe61e2840a154b0c0, &(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10)

1.40162498s ago: executing program 0 (id=1003):
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r0 = gettid()
r1 = getpid()
rt_tgsigqueueinfo(r1, r0, 0x7, &(0x7f0000000000)={0xfd, 0xfffffffd, 0x4})

1.155241612s ago: executing program 1 (id=1004):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="03000000000000008f"], 0x48)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FIBMAP(r1, 0x2272, &(0x7f0000000180)=0xa98)

889.414499ms ago: executing program 1 (id=1005):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f00000034c0), 0x2, 0x0)
readv(r1, &(0x7f0000004940)=[{&(0x7f0000003500)=""/156, 0x9c}, {&(0x7f00000035c0)=""/125, 0x7d}, {0x0}], 0x3)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r3 = syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x0, 0x13100, 0x2, 0x2de}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0xa0}})
io_uring_enter(r3, 0x2def, 0xb80c, 0xe, 0x0, 0x0)
r6 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r6)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r8, <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, r11, 0x1, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000600)={r9, 0x0, 0x0, 0x0, 0x3, [<r12=>0x0, 0x0, 0x0, <r13=>0x0], [0x800000], [0x0, 0x1001000, 0x3], [0x0, 0xfffffffffffffffd, 0xe8a6, 0x3]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r6, 0xc06864b8, &(0x7f00000001c0)={r9, 0xae, 0x3ff, 0x34325241, 0x1, [r12, 0x0, 0x0, r13], [0x2b8], [0x10000], [0x0, 0x1]})
ioctl$DRM_IOCTL_GET_SAREA_CTX(r7, 0xc008641d, &(0x7f0000000240)={0x0, &(0x7f0000000180)})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000001a0001"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

797.583889ms ago: executing program 0 (id=1006):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000001000)=[{0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000000e80)}], 0x1, &(0x7f0000000fc0)=[@op={0x10}, @op={0x10, 0x117, 0x3, 0x1}], 0x20, 0x4080}], 0x1, 0x2000)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000840)=""/127, 0x7f}, {&(0x7f0000000400)=""/115, 0x73}, {&(0x7f00000000c0)=""/33, 0x21}, {&(0x7f00000004c0)=""/21, 0x15}], 0x5}}], 0x2, 0x60, 0x0)

712.353857ms ago: executing program 0 (id=1007):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r2, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000080)='cgroup.events\x00', 0x275a, 0x0)
preadv(r6, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/56, 0x38}], 0x1, 0x8, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) (async)
dup(r1) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r2, 0x0) (async)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
openat$cgroup_ro(r5, &(0x7f0000000080)='cgroup.events\x00', 0x275a, 0x0) (async)
preadv(r6, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/56, 0x38}], 0x1, 0x8, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)

642.838431ms ago: executing program 1 (id=1008):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r0, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000200)={'gre0\x00', &(0x7f0000000000)=@ethtool_cmd={0x4a, 0x3, 0x487, 0x9, 0x0, 0x1, 0x2, 0x7, 0x3a, 0x9, 0x80000000, 0xfffffffe, 0x97be, 0x8, 0xfa, 0x8, [0x1154, 0x7]}})
listen(r0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x1, <r4=>0x0, 0x5, 0x23a971, 0x34f83e})
ioctl$IOMMU_TEST_OP_DESTROY_ACCESS_PAGES(0xffffffffffffffff, 0x3ba0, &(0x7f00000002c0)={0x48, 0x6, 0x0, 0x0, r4})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
close(r5)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)={0xfffffffffffffffd, 0x1})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x16, 0x301, 0x0, 0x25dfdbfc, {0x11}}, 0x14}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
listen(0xffffffffffffffff, 0x400005)
sendmmsg(0xffffffffffffffff, &(0x7f0000002980), 0x400000000000239, 0x0)

261.679715ms ago: executing program 0 (id=1009):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000001000)=[{0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000000e80)="f07a174792731bf6ec966dd7f08c47cc70e12b789135b4d9ac16578daec36f59d5ca7257e7cf195e4bd7ca8c1d225cc09e62186fafd01d62c34b430622fccdebbf429ef1d309f8a95e66b5d5733dee3b678ce6bbf6ebb24c061f2b10fab10dd24da866c4ef56c9f6f561a69c3bf0cded57a1fe7de16b7bce84a51dd66594204623", 0x81}], 0x1, &(0x7f0000000fc0)=[@op={0x10}, @op={0x10, 0x117, 0x3, 0x1}, @assoc={0x10, 0x117, 0x4, 0x1}], 0x30, 0x4080}], 0x1, 0x2000)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000840)=""/127, 0x7f}, {&(0x7f0000000400)=""/115, 0x73}, {&(0x7f00000000c0)=""/33, 0x21}, {&(0x7f00000004c0)=""/21, 0x15}], 0x5}}], 0x2, 0x60, 0x0)

228.642128ms ago: executing program 4 (id=1010):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r0, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f0000000000)={0xa, 0x4e20, 0x1, @rand_addr=' \x01\x00', 0x6}, 0x1c)
listen(r0, 0x9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ipvlan1\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYRES16=r4, @ANYRES16=r2, @ANYBLOB="01000300000000000000080000000c00018008000100", @ANYRES32=r4, @ANYBLOB="18000280140003"], 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00'})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0x1, 0x58, &(0x7f0000000240)}, 0x10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x840}, 0x40801)

197.377456ms ago: executing program 0 (id=1011):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14, 0x10, 0x4, 0x1000000}, [@NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x3c}}, 0x0)

61.574757ms ago: executing program 4 (id=1012):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x275a, 0x0)
r1 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r1, 0x0) (async, rerun: 64)
ftruncate(r1, 0x51a9497) (rerun: 64)
clock_gettime(0x0, &(0x7f0000000040)) (async, rerun: 64)
r2 = openat2(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x10000, 0x1da, 0x1}, 0x18) (rerun: 64)
syz_emit_ethernet(0x66, &(0x7f0000000480)={@broadcast, @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x8100}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x81000004}}}}}}, 0x0) (async)
setsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={0x0, 0x4}, 0x8) (async, rerun: 32)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r0, 0x0) (async, rerun: 32)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 0 (id=1013):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='oom_score_adj\x00')
write$khugepaged_scan(r0, &(0x7f0000000800), 0x8)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103", @ANYRESOCT=0x0], 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000002c0)={0x14, &(0x7f0000000380)=ANY=[@ANYBLOB="00000900000019"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x4001, 0x3, 0x12a8, 0x1120, 0x0, 0x148, 0x1120, 0x148, 0x1214, 0x240, 0x240, 0x1214, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x10c0, 0x1120, 0x0, {}, [@common=@socket0={{0x20}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x0, 0x1, './cgroup/syz1\x00', 0x0, {0x1}}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x1, 0x5, 0x4, 0x0, 0x2, 0x5], 0x2, 0x1}, {0x1, [0x5, 0x3, 0x0, 0x0, 0x2, 0x4], 0x0, 0x5}}}}, {{@uncond, 0x0, 0x94, 0xf4, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x8}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x1, [], 0x3}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x1304)
syz_usb_control_io$hid(r1, &(0x7f0000001c40)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="320b00000000087758ed8e87158c79ce4c49897a079e9528c0c6fe696e783830f80950e12be8cac4a104f2fbbd07e57920de31a0c8a5a71807354ff35b58ec95459b5ef87b657f0c4db682f945afe75e5dd231b5790389902dcb47c1857308e60f81c510"], 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000001580), 0xffffffffffffff74, 0x8c441)

kernel console output (not intermixed with test programs):

70
[  206.742414][ T7477]  ____sys_sendmsg+0x523/0x860
[  206.742460][ T7477]  ? __pfx_____sys_sendmsg+0x10/0x10
[  206.742498][ T7477]  __sys_sendmsg+0x271/0x360
[  206.742524][ T7477]  ? __pfx___sys_sendmsg+0x10/0x10
[  206.742596][ T7477]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  206.742619][ T7477]  ? lockdep_hardirqs_on+0x9d/0x150
[  206.742644][ T7477]  __do_fast_syscall_32+0xb4/0x110
[  206.742667][ T7477]  ? exc_page_fault+0x5f8/0x920
[  206.742693][ T7477]  do_fast_syscall_32+0x34/0x80
[  206.742715][ T7477]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  206.742746][ T7477] RIP: 0023:0xf7fd7579
[  206.742763][ T7477] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  206.742781][ T7477] RSP: 002b:00000000f50d555c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  206.742802][ T7477] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  206.742817][ T7477] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  206.742829][ T7477] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  206.742841][ T7477] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  206.742853][ T7477] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  206.742882][ T7477]  </TASK>
[  207.814260][    T9] hid-generic FFFD:0004:0000.0002: unknown main item tag 0x0
[  207.833279][    T9] hid-generic FFFD:0004:0000.0002: unknown main item tag 0x0
[  207.851124][    T9] hid-generic FFFD:0004:0000.0002: unknown main item tag 0x0
[  207.875831][ T5892] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  207.888150][    T9] hid-generic FFFD:0004:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  208.050494][ T5892] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.066174][ T5892] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  208.066530][ T5889] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  208.088594][ T5892] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  208.105980][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.123229][ T5892] usb 2-1: Product: syz
[  208.128417][ T5892] usb 2-1: Manufacturer: syz
[  208.133165][ T5892] usb 2-1: SerialNumber: syz
[  208.141082][ T5885] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  208.271435][ T5889] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.285927][ T5885] usb 3-1: device descriptor read/64, error -71
[  208.294383][ T5889] usb 5-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  208.312023][ T5889] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.363644][ T7482] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  208.380270][ T5889] usb 5-1: config 0 descriptor??
[  208.517643][   T54] usb 4-1: unable to get BOS descriptor or descriptor too short
[  208.541760][   T54] usb 4-1: unable to read config index 0 descriptor/start: -71
[  208.550054][ T5885] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  208.570248][   T54] usb 4-1: can't read configurations, error -71
[  208.716410][ T5885] usb 3-1: device descriptor read/64, error -71
[  208.775789][ T5887] usb 1-1: new low-speed USB device number 22 using dummy_hcd
[  208.834957][ T7486] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.837662][ T5885] usb usb3-port1: attempt power cycle
[  208.849910][ T7486] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.921545][ T5889] usbhid 5-1:0.0: can't add hid device: -71
[  208.936686][ T5889] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  208.945815][ T5887] usb 1-1: Invalid ep0 maxpacket: 32
[  208.967218][ T5889] usb 5-1: USB disconnect, device number 17
[  209.000498][ T7482] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  209.075710][ T5887] usb 1-1: new low-speed USB device number 23 using dummy_hcd
[  209.215835][ T5885] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  209.222140][ T5892] cdc_mbim 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  209.230486][ T5892] cdc_mbim 2-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  209.238562][ T5892] cdc_mbim 2-1:1.0: setting rx_max = 2048
[  209.245887][ T5887] usb 1-1: Invalid ep0 maxpacket: 32
[  209.252424][ T5885] usb 3-1: device descriptor read/8, error -71
[  209.259131][ T5887] usb usb1-port1: attempt power cycle
[  209.425210][ T5892] cdc_mbim 2-1:1.0: setting tx_max = 184
[  209.436740][ T5892] cdc_mbim 2-1:1.0: cdc-wdm0: USB WDM device
[  209.456084][ T5892] wwan wwan0: port wwan0mbim0 attached
[  209.489055][ T5892] cdc_mbim 2-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.1-1, CDC MBIM, 42:42:42:42:42:42
[  209.505830][ T5885] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  209.529838][ T5885] usb 3-1: device descriptor read/8, error -71
[  209.605721][ T5887] usb 1-1: new low-speed USB device number 24 using dummy_hcd
[  209.625813][   T54] usb 4-1: new full-speed USB device number 22 using dummy_hcd
[  209.644725][ T5887] usb 1-1: Invalid ep0 maxpacket: 32
[  209.652107][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[  209.658997][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[  209.667485][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[  209.674209][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[  209.681934][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[  209.688663][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[  209.695359][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[  209.702066][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[  209.708738][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[  209.715459][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[  209.722149][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[  209.728902][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[  209.735653][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[  209.742374][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[  209.748980][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[  209.755770][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[  209.762316][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[  209.769016][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[  209.775647][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[  209.782361][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[  209.790930][ T5885] usb usb3-port1: unable to enumerate USB device
[  209.809324][    T9] usb 2-1: USB disconnect, device number 13
[  209.817572][    T9] cdc_mbim 2-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.1-1, CDC MBIM
[  209.819798][   T54] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  209.863885][   T54] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.889282][   T54] usb 4-1: config 0 descriptor??
[  209.912499][    T9] wwan wwan0: port wwan0mbim0 disconnected
[  209.940460][ T5887] usb 1-1: new low-speed USB device number 25 using dummy_hcd
[  209.990496][ T5887] usb 1-1: Invalid ep0 maxpacket: 32
[  210.010313][ T5887] usb usb1-port1: unable to enumerate USB device
[  210.083518][ T7516] netlink: 24 bytes leftover after parsing attributes in process `syz.4.508'.
[  210.336891][ T7504] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.346139][ T7504] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.895873][   T56] Bluetooth: hci1: command 0x0406 tx timeout
[  211.901998][ T5852] Bluetooth: hci0: command 0x0406 tx timeout
[  211.902018][ T5851] Bluetooth: hci3: command 0x0406 tx timeout
[  211.908189][   T56] Bluetooth: hci2: command 0x0406 tx timeout
[  211.914133][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[  211.958236][ T7565] FAULT_INJECTION: forcing a failure.
[  211.958236][ T7565] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.997810][ T7558] netlink: 'syz.1.520': attribute type 10 has an invalid length.
[  212.064007][ T7565] CPU: 0 UID: 0 PID: 7565 Comm: syz.0.522 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  212.064040][ T7565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  212.064054][ T7565] Call Trace:
[  212.064063][ T7565]  <TASK>
[  212.064072][ T7565]  dump_stack_lvl+0x241/0x360
[  212.064111][ T7565]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.064141][ T7565]  ? __pfx__printk+0x10/0x10
[  212.064183][ T7565]  should_fail_ex+0x424/0x570
[  212.064211][ T7565]  _copy_to_user+0x31/0xb0
[  212.064244][ T7565]  simple_read_from_buffer+0xc4/0x170
[  212.064280][ T7565]  proc_fail_nth_read+0x1ef/0x260
[  212.064307][ T7565]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  212.064341][ T7565]  ? rw_verify_area+0x246/0x630
[  212.064364][ T7565]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  212.064389][ T7565]  vfs_read+0x21f/0xb90
[  212.064419][ T7565]  ? __pfx___mutex_lock+0x10/0x10
[  212.064444][ T7565]  ? __pfx_vfs_read+0x10/0x10
[  212.064470][ T7565]  ? __fget_files+0x2a/0x420
[  212.064492][ T7565]  ? __fget_files+0x39d/0x420
[  212.064509][ T7565]  ? __fget_files+0x2a/0x420
[  212.064538][ T7565]  ksys_read+0x19d/0x2d0
[  212.064564][ T7565]  ? __pfx_ksys_read+0x10/0x10
[  212.064597][ T7565]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  212.064621][ T7565]  ? lockdep_hardirqs_on+0x9d/0x150
[  212.064647][ T7565]  __do_fast_syscall_32+0xb4/0x110
[  212.064670][ T7565]  ? exc_page_fault+0x5f8/0x920
[  212.064696][ T7565]  do_fast_syscall_32+0x34/0x80
[  212.064717][ T7565]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  212.064736][ T7565] RIP: 0023:0xf73ed579
[  212.064749][ T7565] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  212.064762][ T7565] RSP: 002b:00000000f5076590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  212.064784][ T7565] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5076620
[  212.064799][ T7565] RDX: 000000000000000f RSI: 00000000f73dcff4 RDI: 0000000000000000
[  212.064812][ T7565] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  212.064823][ T7565] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  212.064836][ T7565] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  212.064865][ T7565]  </TASK>
[  212.454737][ T7558] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  212.482187][ T7558] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  212.544787][ T7558] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  212.648404][   T54] [drm] vendor descriptor length:b9 data:b8 06 6f 51 25 51 e2 31 ec dc 1f
[  212.658795][   T54] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  212.692904][   T54] [drm:udl_init] *ERROR* Selecting channel failed
[  212.726656][   T54] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  212.737523][ T7558] macsec1: entered promiscuous mode
[  212.742808][ T7558] bridge0: entered promiscuous mode
[  212.751746][   T54] [drm] Initialized udl on minor 2
[  212.771889][   T54] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  212.793546][   T54] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  212.802173][ T5892] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  212.831631][ T5892] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  212.846017][ T5892] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  212.860391][   T54] usb 4-1: USB disconnect, device number 22
[  212.909866][ T7577] netlink: 8 bytes leftover after parsing attributes in process `syz.3.524'.
[  212.964901][ T7558] bridge0: left promiscuous mode
[  213.116163][ T5885] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  213.146055][ T7577] FAULT_INJECTION: forcing a failure.
[  213.146055][ T7577] name failslab, interval 1, probability 0, space 0, times 0
[  213.162380][ T7577] CPU: 1 UID: 0 PID: 7577 Comm: syz.3.524 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  213.162410][ T7577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  213.162423][ T7577] Call Trace:
[  213.162431][ T7577]  <TASK>
[  213.162440][ T7577]  dump_stack_lvl+0x241/0x360
[  213.162477][ T7577]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.162508][ T7577]  ? __pfx__printk+0x10/0x10
[  213.162543][ T7577]  ? __pfx___might_resched+0x10/0x10
[  213.162576][ T7577]  should_fail_ex+0x424/0x570
[  213.162603][ T7577]  should_failslab+0xac/0x100
[  213.162635][ T7577]  __kvmalloc_node_noprof+0x170/0x5a0
[  213.162665][ T7577]  ? alloc_netdev_mqs+0x92c/0x1210
[  213.162695][ T7577]  alloc_netdev_mqs+0x92c/0x1210
[  213.162726][ T7577]  rtnl_create_link+0x2f9/0xc90
[  213.162758][ T7577]  rtnl_newlink_create+0x2f2/0xcb0
[  213.162789][ T7577]  ? __mutex_lock+0xbe3/0x10c0
[  213.162820][ T7577]  ? __mutex_lock+0x5f3/0x10c0
[  213.162844][ T7577]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  213.162878][ T7577]  ? __pfx___mutex_lock+0x10/0x10
[  213.162913][ T7577]  ? ns_capable+0x8a/0xf0
[  213.162939][ T7577]  rtnl_newlink+0x18b0/0x1fe0
[  213.162969][ T7577]  ? stack_depot_save_flags+0x44/0x940
[  213.163007][ T7577]  ? __pfx_rtnl_newlink+0x10/0x10
[  213.163032][ T7577]  ? __netlink_deliver_tap+0x561/0x7f0
[  213.163058][ T7577]  ? netlink_deliver_tap+0x19d/0x1b0
[  213.163083][ T7577]  ? netlink_unicast+0x7c6/0x9a0
[  213.163104][ T7577]  ? netlink_sendmsg+0x8c3/0xcd0
[  213.163130][ T7577]  ? __sock_sendmsg+0x221/0x270
[  213.163153][ T7577]  ? ____sys_sendmsg+0x523/0x860
[  213.163171][ T7577]  ? __sys_sendmmsg+0x4a3/0x7b0
[  213.163196][ T7577]  ? __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  213.163225][ T7577]  ? __do_fast_syscall_32+0xb4/0x110
[  213.163247][ T7577]  ? do_fast_syscall_32+0x34/0x80
[  213.163269][ T7577]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.163333][ T7577]  ? kasan_quarantine_put+0xdc/0x230
[  213.163355][ T7577]  ? lockdep_hardirqs_on+0x9d/0x150
[  213.163385][ T7577]  ? nlmon_xmit+0xaf/0x100
[  213.163425][ T7577]  ? __local_bh_enable_ip+0x168/0x200
[  213.163444][ T7577]  ? lockdep_hardirqs_on+0x9d/0x150
[  213.163470][ T7577]  ? aa_get_newest_label+0x101/0x6f0
[  213.163499][ T7577]  ? __lock_acquire+0xad5/0xd80
[  213.163534][ T7577]  ? __pfx_rtnl_newlink+0x10/0x10
[  213.163558][ T7577]  rtnetlink_rcv_msg+0x80f/0xd70
[  213.163578][ T7577]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  213.163604][ T7577]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  213.163633][ T7577]  ? ref_tracker_free+0x63e/0x7e0
[  213.163656][ T7577]  netlink_rcv_skb+0x208/0x480
[  213.163679][ T7577]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  213.163703][ T7577]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  213.163739][ T7577]  ? netlink_deliver_tap+0x2e/0x1b0
[  213.163763][ T7577]  ? netlink_deliver_tap+0x2e/0x1b0
[  213.163787][ T7577]  netlink_unicast+0x7f8/0x9a0
[  213.163814][ T7577]  ? __pfx_netlink_unicast+0x10/0x10
[  213.163835][ T7577]  ? skb_put+0x114/0x1f0
[  213.163853][ T7577]  netlink_sendmsg+0x8c3/0xcd0
[  213.163885][ T7577]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.163911][ T7577]  ? __import_iovec+0x585/0x830
[  213.163932][ T7577]  ? aa_sock_msg_perm+0x91/0x160
[  213.163961][ T7577]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.163981][ T7577]  __sock_sendmsg+0x221/0x270
[  213.164004][ T7577]  ____sys_sendmsg+0x523/0x860
[  213.164028][ T7577]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.164059][ T7577]  __sys_sendmmsg+0x4a3/0x7b0
[  213.164086][ T7577]  ? __pfx___sys_sendmmsg+0x10/0x10
[  213.164107][ T7577]  ? __lock_acquire+0xad5/0xd80
[  213.164156][ T7577]  ? vfs_write+0xb29/0xd10
[  213.164195][ T7577]  ? __mutex_unlock_slowpath+0x229/0x800
[  213.164222][ T7577]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  213.164240][ T7577]  ? __fget_files+0x2a/0x420
[  213.164266][ T7577]  ? fput+0x9b/0xd0
[  213.164281][ T7577]  ? ksys_write+0x275/0x2d0
[  213.164308][ T7577]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  213.164335][ T7577]  __do_fast_syscall_32+0xb4/0x110
[  213.164354][ T7577]  ? exc_page_fault+0x5f8/0x920
[  213.164375][ T7577]  do_fast_syscall_32+0x34/0x80
[  213.164394][ T7577]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.164413][ T7577] RIP: 0023:0xf73bd579
[  213.164428][ T7577] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  213.164442][ T7577] RSP: 002b:00000000f502555c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  213.164461][ T7577] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 00000000800002c0
[  213.164473][ T7577] RDX: 000000000000009f RSI: 0000000000000000 RDI: 0000000000000000
[  213.164482][ T7577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  213.164492][ T7577] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  213.164502][ T7577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  213.164525][ T7577]  </TASK>
[  213.808045][ T5885] usb 1-1: Using ep0 maxpacket: 16
[  213.931756][ T7573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.986097][ T7573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  214.499131][ T7593] netlink: 40 bytes leftover after parsing attributes in process `syz.3.529'.
[  214.509807][ T7593] netlink: 40 bytes leftover after parsing attributes in process `syz.3.529'.
[  214.551413][ T7593] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[  214.953916][ T5832] IPVS: starting estimator thread 0...
[  215.055978][ T7616] IPVS: using max 24 ests per chain, 57600 per kthread
[  215.178676][ T7618] netlink: 20 bytes leftover after parsing attributes in process `syz.2.538'.
[  215.785052][ T5887] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  215.886345][ T5885] usb 1-1: unable to get BOS descriptor or descriptor too short
[  215.897135][ T5885] usb 1-1: unable to read config index 0 descriptor/start: -71
[  215.904764][ T5885] usb 1-1: can't read configurations, error -71
[  216.019971][ T5887] usb 2-1: Using ep0 maxpacket: 16
[  216.116267][ T7624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  216.126181][ T7624] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  216.435753][ T5892] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  216.688228][ T5892] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  216.702909][ T5892] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  216.785881][ T5889] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  216.823118][ T5892] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  216.841014][ T5892] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.873796][ T7638] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  216.894416][ T5892] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  216.955671][ T5889] usb 4-1: Using ep0 maxpacket: 16
[  216.966182][ T5889] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  217.026979][ T5889] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  217.115003][ T5889] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  217.139655][ T5892] usb 3-1: USB disconnect, device number 25
[  217.231087][ T5889] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  217.247414][ T5889] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.318159][ T7650] netlink: 20 bytes leftover after parsing attributes in process `syz.0.550'.
[  217.475311][ T5889] usb 4-1: Product: syz
[  217.737006][ T5889] usb 4-1: Manufacturer: syz
[  217.749354][ T5889] usb 4-1: SerialNumber: syz
[  217.790284][ T6562] udevd[6562]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  218.193173][ T5889] usb 4-1: 0:2 : does not exist
[  218.266965][ T7661] netlink: 'syz.2.554': attribute type 10 has an invalid length.
[  218.446631][ T5887] usb 2-1: unable to get BOS descriptor or descriptor too short
[  218.465752][ T5885] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  218.497359][ T5887] usb 2-1: unable to read config index 0 descriptor/start: -71
[  218.515467][ T5887] usb 2-1: can't read configurations, error -71
[  218.591967][ T7667] bridge_slave_0: left allmulticast mode
[  218.624740][ T7667] bridge_slave_0: left promiscuous mode
[  218.632874][ T7667] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.651496][ T7667] bridge_slave_1: left allmulticast mode
[  218.658525][ T5885] usb 1-1: too many configurations: 151, using maximum allowed: 8
[  218.685547][ T7667] bridge_slave_1: left promiscuous mode
[  218.688813][ T5885] usb 1-1: New USB device found, idVendor=04d8, idProduct=0082, bcdDevice=ce.b7
[  218.705162][ T7667] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.724428][ T5885] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=130
[  218.734204][ T5885] usb 1-1: Product: syz
[  218.747555][ T7667] bond0: (slave bond_slave_0): Releasing backup interface
[  218.756912][ T5885] usb 1-1: Manufacturer: syz
[  218.761670][ T5885] usb 1-1: SerialNumber: syz
[  218.762257][ T7667] bond0: (slave bond_slave_1): Releasing backup interface
[  218.792815][ T5885] usb 1-1: config 0 descriptor??
[  218.805780][ T7667] team0: Port device team_slave_0 removed
[  218.817720][ T5885] ims_pcu 1-1:0.0: Zero length descriptor
[  218.824102][ T5885] ims_pcu 1-1:0.0: probe with driver ims_pcu failed with error -22
[  218.833599][ T7667] team0: Port device team_slave_1 removed
[  218.842621][ T7667] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.872675][ T5889] usb 4-1: USB disconnect, device number 23
[  218.882922][ T7667] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.915522][ T7667] bond0: (slave wlan1): Releasing backup interface
[  218.925974][    T9] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  219.057013][ T5841] udevd[5841]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  219.095957][    T9] usb 3-1: Using ep0 maxpacket: 32
[  219.108421][    T9] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  219.132311][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.143194][    T9] usb 3-1: Product: syz
[  219.143490][ T7674] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold
[  219.147701][ T5888] IPVS: starting estimator thread 0...
[  219.161844][    T9] usb 3-1: Manufacturer: syz
[  219.163305][ T7674] netlink: 32 bytes leftover after parsing attributes in process `syz.4.560'.
[  219.166900][    T9] usb 3-1: SerialNumber: syz
[  219.170137][    T9] usb 3-1: config 0 descriptor??
[  219.187551][ T7674] netlink: 32 bytes leftover after parsing attributes in process `syz.4.560'.
[  219.189572][    T9] rtl8150 3-1:0.0: couldn't find required endpoints
[  219.205984][    T9] rtl8150 3-1:0.0: probe with driver rtl8150 failed with error -5
[  219.245996][ T7676] IPVS: using max 26 ests per chain, 62400 per kthread
[  219.491893][ T7679] mmap: syz.4.562 (7679): VmData 37502976 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  219.550593][ T7682] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  219.559841][ T7682] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  219.785411][ T7688] netlink: 40 bytes leftover after parsing attributes in process `syz.4.565'.
[  219.807515][ T7688] netlink: 40 bytes leftover after parsing attributes in process `syz.4.565'.
[  219.844144][ T7688] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[  220.069701][ T5892] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  220.201683][ T7704] vivid-003: disconnect
[  220.226581][ T5892] usb 4-1: Using ep0 maxpacket: 8
[  220.240246][ T5892] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  220.255045][ T5892] usb 4-1: New USB device found, idVendor=05ac, idProduct=0246, bcdDevice= 0.00
[  220.269109][ T5892] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.274012][ T7706] netlink: 4 bytes leftover after parsing attributes in process `syz.4.573'.
[  220.297903][ T5892] usb 4-1: config 0 descriptor??
[  220.324201][ T5892] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input18
[  220.445902][    T9] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  220.575746][    T9] usb 2-1: device descriptor read/64, error -71
[  220.815716][    T9] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  220.965824][    T9] usb 2-1: device descriptor read/64, error -71
[  221.082577][    T9] usb usb2-port1: attempt power cycle
[  221.128872][ T5832] usb 1-1: USB disconnect, device number 28
[  221.297040][ T7725] netlink: 'syz.0.578': attribute type 21 has an invalid length.
[  221.314493][ T7725] netlink: 128 bytes leftover after parsing attributes in process `syz.0.578'.
[  221.336023][ T7725] netlink: 'syz.0.578': attribute type 5 has an invalid length.
[  221.352038][ T7725] netlink: 'syz.0.578': attribute type 6 has an invalid length.
[  221.359985][ T7725] netlink: 3 bytes leftover after parsing attributes in process `syz.0.578'.
[  221.437646][    T9] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  221.488031][    T9] usb 2-1: device descriptor read/8, error -71
[  221.655971][ T7729] netlink: 4 bytes leftover after parsing attributes in process `syz.0.579'.
[  221.667171][ T7729] netlink: 4 bytes leftover after parsing attributes in process `syz.0.579'.
[  221.779485][    C1] vcan0: j1939_tp_rxtimer: 0xffff88801da81000: rx timeout, send abort
[  221.788058][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88801da81000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  221.802583][    C1] vcan0: j1939_tp_rxtimer: 0xffff88801da80400: rx timeout, send abort
[  221.815831][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88801da80400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  221.831556][    T9] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  221.897494][ T5196] bcm5974 4-1:0.0: could not read from device
[  221.907487][ T5832] usb 3-1: USB disconnect, device number 26
[  221.920251][    T9] usb 2-1: device descriptor read/8, error -71
[  221.969271][ T5196] bcm5974 4-1:0.0: could not read from device
[  221.998033][ T5892] usb 4-1: USB disconnect, device number 24
[  222.022089][ T5196] bcm5974 4-1:0.0: could not read from device
[  222.036249][    T9] usb usb2-port1: unable to enumerate USB device
[  222.061280][ T5196] bcm5974 4-1:0.0: could not read from device
[  222.844260][ T7745] program syz.0.586 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  223.314593][ T7704] vivid-003: reconnect
[  223.835691][   T47] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  224.095709][   T47] usb 2-1: Using ep0 maxpacket: 16
[  224.148039][ T7758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.149165][ T7758] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.659207][ T7782] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  225.835861][ T7786] netlink: 20 bytes leftover after parsing attributes in process `syz.2.599'.
[  226.037617][ T7792] netlink: 'syz.2.601': attribute type 10 has an invalid length.
[  226.095765][ T5892] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  226.197018][ T7794] bridge_slave_0: left allmulticast mode
[  226.208842][ T7794] bridge_slave_0: left promiscuous mode
[  226.215234][ T7794] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.244496][ T7794] bridge_slave_1: left allmulticast mode
[  226.245764][ T5892] usb 4-1: Using ep0 maxpacket: 8
[  226.259279][ T7794] bridge_slave_1: left promiscuous mode
[  226.265370][ T7794] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.286577][ T5892] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  226.297783][ T7794] bond0: (slave bond_slave_0): Releasing backup interface
[  226.306176][ T5892] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  226.317447][ T5892] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  226.328413][ T5892] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  226.342126][ T5892] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  226.366075][ T5892] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.368263][ T7794] bond0: (slave bond_slave_1): Releasing backup interface
[  226.459218][ T7794] team0: Port device team_slave_0 removed
[  226.476625][ T7794] team0: Port device team_slave_1 removed
[  226.582995][ T7794] bond0: (slave wlan1): Releasing backup interface
[  226.597137][   T47] usb 2-1: unable to get BOS descriptor or descriptor too short
[  226.599766][ T7794] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  226.613935][   T47] usb 2-1: unable to read config index 0 descriptor/start: -71
[  226.614932][ T7794] batman_adv: batadv0: Removing interface: ip6gretap1
[  226.642692][   T47] usb 2-1: can't read configurations, error -71
[  226.670784][ T5892] usb 4-1: GET_CAPABILITIES returned 0
[  226.681921][ T5892] usbtmc 4-1:16.0: can't read capabilities
[  226.933696][ T7789] netlink: 8 bytes leftover after parsing attributes in process `syz.3.600'.
[  226.960483][ T5887] usb 4-1: USB disconnect, device number 25
[  227.537909][ T7821] netlink: 4 bytes leftover after parsing attributes in process `syz.0.612'.
[  227.865758][ T5889] usb 4-1: new full-speed USB device number 26 using dummy_hcd
[  228.039062][ T5889] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  228.047665][ T5889] usb 4-1: config 0 has no interface number 0
[  228.054023][ T5889] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  228.115814][ T5889] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  228.159835][ T5889] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  228.200514][ T5889] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  228.214350][ T5889] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.258879][ T5889] usb 4-1: config 0 descriptor??
[  228.275176][ T5889] ldusb 4-1:0.55: Interrupt in endpoint not found
[  228.324175][ T7826] netlink: 'syz.2.614': attribute type 10 has an invalid length.
[  228.334021][ T7828] FAULT_INJECTION: forcing a failure.
[  228.334021][ T7828] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  228.348239][ T7828] CPU: 0 UID: 0 PID: 7828 Comm: syz.1.615 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  228.348271][ T7828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  228.348285][ T7828] Call Trace:
[  228.348295][ T7828]  <TASK>
[  228.348304][ T7828]  dump_stack_lvl+0x241/0x360
[  228.348343][ T7828]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.348374][ T7828]  ? __pfx__printk+0x10/0x10
[  228.348415][ T7828]  should_fail_ex+0x424/0x570
[  228.348442][ T7828]  _copy_from_user+0x2d/0xb0
[  228.348472][ T7828]  kvmemdup_bpfptr_noprof+0x71/0x100
[  228.348501][ T7828]  map_delete_elem+0x1d3/0x5c0
[  228.348523][ T7828]  ? bpf_lsm_bpf+0x9/0x10
[  228.348551][ T7828]  __sys_bpf+0x549/0x8b0
[  228.348575][ T7828]  ? __pfx___sys_bpf+0x10/0x10
[  228.348610][ T7828]  ? ksys_write+0x275/0x2d0
[  228.348647][ T7828]  __ia32_sys_bpf+0x7c/0x90
[  228.348680][ T7828]  __do_fast_syscall_32+0xb4/0x110
[  228.348704][ T7828]  ? exc_page_fault+0x5f8/0x920
[  228.348732][ T7828]  do_fast_syscall_32+0x34/0x80
[  228.348756][ T7828]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  228.348781][ T7828] RIP: 0023:0xf746d579
[  228.348799][ T7828] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  228.348817][ T7828] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000165
[  228.348840][ T7828] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000340
[  228.348854][ T7828] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  228.348867][ T7828] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  228.348879][ T7828] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  228.348900][ T7828] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  228.348930][ T7828]  </TASK>
[  228.529803][    C0] vkms_vblank_simulate: vblank timer overrun
[  228.874390][ T7843] netlink: 24 bytes leftover after parsing attributes in process `syz.1.619'.
[  228.893144][ T7843] netlink: 24 bytes leftover after parsing attributes in process `syz.1.619'.
[  228.943510][ T5887] usb 4-1: USB disconnect, device number 26
[  229.026060][   T54] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  229.186473][   T54] usb 1-1: Using ep0 maxpacket: 16
[  229.216861][ T7839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.225965][ T7839] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.122917][ T7856] netlink: 20 bytes leftover after parsing attributes in process `syz.2.624'.
[  230.415951][ T7860] netlink: 'syz.2.626': attribute type 10 has an invalid length.
[  230.818454][ T7869] FAULT_INJECTION: forcing a failure.
[  230.818454][ T7869] name failslab, interval 1, probability 0, space 0, times 0
[  230.836283][ T7869] CPU: 0 UID: 0 PID: 7869 Comm: syz.1.630 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  230.836313][ T7869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  230.836327][ T7869] Call Trace:
[  230.836336][ T7869]  <TASK>
[  230.836344][ T7869]  dump_stack_lvl+0x241/0x360
[  230.836403][ T7869]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.836452][ T7869]  ? __pfx__printk+0x10/0x10
[  230.836488][ T7869]  ? __pfx___might_resched+0x10/0x10
[  230.836521][ T7869]  should_fail_ex+0x424/0x570
[  230.836549][ T7869]  should_failslab+0xac/0x100
[  230.836581][ T7869]  kmem_cache_alloc_lru_noprof+0x7d/0x390
[  230.836610][ T7869]  ? alloc_inode+0x69/0x1b0
[  230.836641][ T7869]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  230.836675][ T7869]  alloc_inode+0x69/0x1b0
[  230.836710][ T7869]  new_inode+0x22/0x180
[  230.836727][ T7869]  ? start_creating+0x207/0x310
[  230.836758][ T7869]  debugfs_create_dir+0xf6/0x430
[  230.836790][ T7869]  ieee80211_debugfs_recreate_netdev+0x20b/0x1520
[  230.836819][ T7869]  ? __asan_memset+0x23/0x50
[  230.836844][ T7869]  ? __pfx_ieee80211_debugfs_recreate_netdev+0x10/0x10
[  230.836874][ T7869]  ? ieee80211_setup_sdata+0x8e6/0xb70
[  230.836909][ T7869]  ieee80211_if_change_type+0x16d/0x9c0
[  230.836944][ T7869]  ieee80211_change_iface+0xd2/0x4f0
[  230.836963][ T7869]  ? cfg80211_mlme_purge_registrations+0x1fa/0x230
[  230.836995][ T7869]  cfg80211_change_iface+0x796/0xf30
[  230.837028][ T7869]  nl80211_set_interface+0x821/0xb50
[  230.837069][ T7869]  ? __pfx_nl80211_set_interface+0x10/0x10
[  230.837113][ T7869]  genl_rcv_msg+0xb38/0xf00
[  230.837145][ T7869]  ? __pfx_genl_rcv_msg+0x10/0x10
[  230.837163][ T7869]  ? stack_trace_save+0x11a/0x1d0
[  230.837198][ T7869]  ? __pfx_stack_trace_save+0x10/0x10
[  230.837230][ T7869]  ? stack_depot_save_flags+0x44/0x940
[  230.837251][ T7869]  ? stack_trace_snprint+0x31/0xf0
[  230.837296][ T7869]  ? __lock_acquire+0xad5/0xd80
[  230.837319][ T7869]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  230.837349][ T7869]  ? __pfx_nl80211_set_interface+0x10/0x10
[  230.837375][ T7869]  ? __pfx_nl80211_post_doit+0x10/0x10
[  230.837428][ T7869]  netlink_rcv_skb+0x208/0x480
[  230.837457][ T7869]  ? __pfx_genl_rcv_msg+0x10/0x10
[  230.837481][ T7869]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  230.837532][ T7869]  ? netlink_deliver_tap+0x2e/0x1b0
[  230.837568][ T7869]  genl_rcv+0x28/0x40
[  230.837585][ T7869]  netlink_unicast+0x7f8/0x9a0
[  230.837628][ T7869]  ? __pfx_netlink_unicast+0x10/0x10
[  230.837657][ T7869]  ? skb_put+0x114/0x1f0
[  230.837681][ T7869]  netlink_sendmsg+0x8c3/0xcd0
[  230.837724][ T7869]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.837757][ T7869]  ? __import_iovec+0x585/0x830
[  230.837784][ T7869]  ? aa_sock_msg_perm+0x91/0x160
[  230.837820][ T7869]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.837845][ T7869]  __sock_sendmsg+0x221/0x270
[  230.837877][ T7869]  ____sys_sendmsg+0x523/0x860
[  230.837909][ T7869]  ? __pfx_____sys_sendmsg+0x10/0x10
[  230.837962][ T7869]  __sys_sendmsg+0x271/0x360
[  230.837989][ T7869]  ? __pfx___sys_sendmsg+0x10/0x10
[  230.838067][ T7869]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  230.838091][ T7869]  ? lockdep_hardirqs_on+0x9d/0x150
[  230.838116][ T7869]  __do_fast_syscall_32+0xb4/0x110
[  230.838140][ T7869]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  230.838161][ T7869]  ? lockdep_hardirqs_on+0x9d/0x150
[  230.838186][ T7869]  do_fast_syscall_32+0x34/0x80
[  230.838210][ T7869]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  230.838235][ T7869] RIP: 0023:0xf746d579
[  230.838252][ T7869] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  230.838269][ T7869] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  230.838290][ T7869] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  230.838305][ T7869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  230.838317][ T7869] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  230.838329][ T7869] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  230.838341][ T7869] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  230.838372][ T7869]  </TASK>
[  230.838479][ T7869] debugfs: out of free dentries, can not create directory 'stations'
[  231.196856][    C0] vkms_vblank_simulate: vblank timer overrun
[  231.503727][ T5892] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  232.025669][ T5892] usb 4-1: Using ep0 maxpacket: 16
[  232.056583][ T5892] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  232.076685][ T5892] usb 4-1: config 0 has no interfaces?
[  232.095852][ T5892] usb 4-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  232.105481][   T54] usb 1-1: unable to get BOS descriptor or descriptor too short
[  232.115992][ T5892] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.128800][   T54] usb 1-1: unable to read config index 0 descriptor/start: -71
[  232.158914][   T54] usb 1-1: can't read configurations, error -71
[  232.166852][ T5892] usb 4-1: config 0 descriptor??
[  232.483566][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  232.483588][   T30] audit: type=1326 audit(1743733621.843:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7883 comm="syz.0.634" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ed579 code=0x0
[  233.665046][ T5889] usb 4-1: USB disconnect, device number 27
[  234.086669][ T5889] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  234.103986][ T7903] syzkaller1: entered promiscuous mode
[  234.128966][ T7903] syzkaller1: entered allmulticast mode
[  234.235265][ T7906] netlink: 'syz.2.640': attribute type 10 has an invalid length.
[  234.257723][ T5889] usb 4-1: config 0 has an invalid interface number: 246 but max is 0
[  234.267804][ T5889] usb 4-1: config 0 has no interface number 0
[  234.296414][ T5889] usb 4-1: New USB device found, idVendor=28a7, idProduct=71ab, bcdDevice=df.39
[  234.324185][ T5889] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.357621][ T5889] usb 4-1: Product: syz
[  234.361861][ T5889] usb 4-1: Manufacturer: syz
[  234.398585][ T5889] usb 4-1: SerialNumber: syz
[  234.427015][ T5889] usb 4-1: config 0 descriptor??
[  234.448991][ T5889] cdc_wdm 4-1:0.246: More than one union descriptor, skipping ...
[  234.474362][ T5889] cdc_wdm 4-1:0.246: probe with driver cdc_wdm failed with error -22
[  234.740490][ T7919] FAULT_INJECTION: forcing a failure.
[  234.740490][ T7919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.771498][ T7919] CPU: 0 UID: 0 PID: 7919 Comm: syz.2.644 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  234.771531][ T7919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  234.771545][ T7919] Call Trace:
[  234.771553][ T7919]  <TASK>
[  234.771562][ T7919]  dump_stack_lvl+0x241/0x360
[  234.771600][ T7919]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.771629][ T7919]  ? __pfx__printk+0x10/0x10
[  234.771669][ T7919]  should_fail_ex+0x424/0x570
[  234.771695][ T7919]  _copy_to_user+0x31/0xb0
[  234.771727][ T7919]  simple_read_from_buffer+0xc4/0x170
[  234.771763][ T7919]  proc_fail_nth_read+0x1ef/0x260
[  234.771789][ T7919]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.771814][ T7919]  ? rw_verify_area+0x246/0x630
[  234.771836][ T7919]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.771860][ T7919]  vfs_read+0x21f/0xb90
[  234.771889][ T7919]  ? __pfx___mutex_lock+0x10/0x10
[  234.771914][ T7919]  ? __pfx_vfs_read+0x10/0x10
[  234.771941][ T7919]  ? __fget_files+0x2a/0x420
[  234.771962][ T7919]  ? __fget_files+0x39d/0x420
[  234.771979][ T7919]  ? __fget_files+0x2a/0x420
[  234.772009][ T7919]  ksys_read+0x19d/0x2d0
[  234.772044][ T7919]  ? __pfx_ksys_read+0x10/0x10
[  234.772071][ T7919]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  234.772095][ T7919]  ? lockdep_hardirqs_on+0x9d/0x150
[  234.772121][ T7919]  __do_fast_syscall_32+0xb4/0x110
[  234.772145][ T7919]  ? exc_page_fault+0x5f8/0x920
[  234.772171][ T7919]  do_fast_syscall_32+0x34/0x80
[  234.772195][ T7919]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  234.772219][ T7919] RIP: 0023:0xf7fd7579
[  234.772236][ T7919] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  234.772254][ T7919] RSP: 002b:00000000f50d5590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  234.772277][ T7919] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f50d5620
[  234.772291][ T7919] RDX: 000000000000000f RSI: 00000000f745cff4 RDI: 0000000000000000
[  234.772304][ T7919] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  234.772316][ T7919] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  234.772328][ T7919] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  234.772358][ T7919]  </TASK>
[  236.786291][   T54] usb 4-1: USB disconnect, device number 28
[  237.016824][ T7949] netlink: 'syz.0.653': attribute type 10 has an invalid length.
[  237.029511][ T7949] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  237.268823][ T7960] syzkaller1: entered promiscuous mode
[  237.281324][ T7960] syzkaller1: entered allmulticast mode
[  237.502450][ T7963] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.658'.
[  237.525300][ T7963] netlink: zone id is out of range
[  237.539327][ T7963] netlink: zone id is out of range
[  237.565778][ T7963] netlink: zone id is out of range
[  237.587359][ T7963] netlink: zone id is out of range
[  237.596724][ T7963] netlink: zone id is out of range
[  237.604882][ T7963] netlink: zone id is out of range
[  237.737781][ T7963] netlink: zone id is out of range
[  237.744259][ T7963] netlink: zone id is out of range
[  237.751317][ T7963] netlink: zone id is out of range
[  237.759019][ T7963] netlink: zone id is out of range
[  239.325642][   T54] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  239.486060][   T54] usb 1-1: Using ep0 maxpacket: 32
[  239.493000][   T54] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  239.504139][   T54] usb 1-1: config 0 has no interface number 0
[  239.513090][   T54] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  239.525994][   T54] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.534356][   T54] usb 1-1: Product: syz
[  239.677145][   T54] usb 1-1: Manufacturer: syz
[  239.690413][   T54] usb 1-1: SerialNumber: syz
[  239.771125][   T54] usb 1-1: config 0 descriptor??
[  239.862270][   T54] smsc95xx v2.0.0
[  239.883110][   T54] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  239.897205][ T7978] FAULT_INJECTION: forcing a failure.
[  239.897205][ T7978] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.921842][   T54] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -22
[  239.962901][ T7978] CPU: 1 UID: 0 PID: 7978 Comm: syz.4.662 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  239.962924][ T7978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  239.962943][ T7978] Call Trace:
[  239.962950][ T7978]  <TASK>
[  239.962957][ T7978]  dump_stack_lvl+0x241/0x360
[  239.962985][ T7978]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.963007][ T7978]  ? __pfx__printk+0x10/0x10
[  239.963036][ T7978]  should_fail_ex+0x424/0x570
[  239.963056][ T7978]  _copy_to_user+0x31/0xb0
[  239.963080][ T7978]  simple_read_from_buffer+0xc4/0x170
[  239.963105][ T7978]  proc_fail_nth_read+0x1ef/0x260
[  239.963123][ T7978]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.963140][ T7978]  ? rw_verify_area+0x246/0x630
[  239.963157][ T7978]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.963173][ T7978]  vfs_read+0x21f/0xb90
[  239.963193][ T7978]  ? __pfx___mutex_lock+0x10/0x10
[  239.963211][ T7978]  ? __pfx_vfs_read+0x10/0x10
[  239.963230][ T7978]  ? __fget_files+0x2a/0x420
[  239.963245][ T7978]  ? __fget_files+0x39d/0x420
[  239.963257][ T7978]  ? __fget_files+0x2a/0x420
[  239.963277][ T7978]  ksys_read+0x19d/0x2d0
[  239.963296][ T7978]  ? __pfx_ksys_read+0x10/0x10
[  239.963314][ T7978]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  239.963330][ T7978]  ? lockdep_hardirqs_on+0x9d/0x150
[  239.963348][ T7978]  __do_fast_syscall_32+0xb4/0x110
[  239.963365][ T7978]  ? exc_page_fault+0x5f8/0x920
[  239.963384][ T7978]  do_fast_syscall_32+0x34/0x80
[  239.963401][ T7978]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  239.963419][ T7978] RIP: 0023:0xf7fb4579
[  239.963431][ T7978] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  239.963444][ T7978] RSP: 002b:00000000f50d6590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  239.963460][ T7978] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50d6620
[  239.963470][ T7978] RDX: 000000000000000f RSI: 00000000f743cff4 RDI: 0000000000000000
[  239.963479][ T7978] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  239.963488][ T7978] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  239.963497][ T7978] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  239.963518][ T7978]  </TASK>
[  240.188584][    C1] vkms_vblank_simulate: vblank timer overrun
[  240.213396][ T7976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.222324][ T7976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.253486][ T7981] netlink: 56 bytes leftover after parsing attributes in process `syz.2.663'.
[  240.417839][ T7981] netlink: 'syz.2.663': attribute type 3 has an invalid length.
[  240.491211][    T9] usb 1-1: USB disconnect, device number 31
[  241.412528][ T7997] netlink: 'syz.0.669': attribute type 10 has an invalid length.
[  241.475810][    T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  241.635828][    T9] usb 2-1: Using ep0 maxpacket: 8
[  241.679340][    T9] usb 2-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  241.863679][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.887466][    T9] usb 2-1: config 0 descriptor??
[  242.136097][ T7994] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  242.147511][ T7994] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  242.167987][ T7994] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  243.278861][ T8020] syzkaller1: entered promiscuous mode
[  243.297868][ T8020] syzkaller1: entered allmulticast mode
[  243.989077][    T9] usb 2-1: string descriptor 0 read error: -71
[  244.002941][    T9] usb 2-1: Found UVC 0.00 device <unnamed> (2833:0201)
[  244.025093][    T9] usb 2-1: No valid video chain found.
[  244.061380][    T9] usb 2-1: USB disconnect, device number 22
[  244.188693][ T8031] pimreg: entered allmulticast mode
[  244.234576][ T8031] pimreg: left allmulticast mode
[  244.311771][ T8032] xt_CT: No such helper "netbios-ns"
[  244.320618][ T8036] FAULT_INJECTION: forcing a failure.
[  244.320618][ T8036] name failslab, interval 1, probability 0, space 0, times 0
[  244.336312][ T8036] CPU: 0 UID: 0 PID: 8036 Comm: syz.3.682 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  244.336334][ T8036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  244.336343][ T8036] Call Trace:
[  244.336349][ T8036]  <TASK>
[  244.336355][ T8036]  dump_stack_lvl+0x241/0x360
[  244.336384][ T8036]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.336405][ T8036]  ? __pfx__printk+0x10/0x10
[  244.336429][ T8036]  ? __pfx___might_resched+0x10/0x10
[  244.336459][ T8036]  should_fail_ex+0x424/0x570
[  244.336479][ T8036]  should_failslab+0xac/0x100
[  244.336502][ T8036]  __kmalloc_noprof+0xdf/0x4d0
[  244.336522][ T8036]  ? ethnl_default_doit+0x201/0x1090
[  244.336547][ T8036]  ethnl_default_doit+0x201/0x1090
[  244.336575][ T8036]  ? __nla_parse+0x40/0x60
[  244.336592][ T8036]  ? __pfx_ethnl_default_doit+0x10/0x10
[  244.336614][ T8036]  ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290
[  244.336636][ T8036]  genl_rcv_msg+0xb38/0xf00
[  244.336657][ T8036]  ? __pfx_genl_rcv_msg+0x10/0x10
[  244.336677][ T8036]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  244.336700][ T8036]  ? lockdep_hardirqs_on+0x9d/0x150
[  244.336726][ T8036]  ? __lock_acquire+0xad5/0xd80
[  244.336743][ T8036]  ? __pfx_ethnl_default_doit+0x10/0x10
[  244.336775][ T8036]  netlink_rcv_skb+0x208/0x480
[  244.336796][ T8036]  ? __pfx_genl_rcv_msg+0x10/0x10
[  244.336811][ T8036]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  244.336846][ T8036]  ? netlink_deliver_tap+0x2e/0x1b0
[  244.336871][ T8036]  genl_rcv+0x28/0x40
[  244.336883][ T8036]  netlink_unicast+0x7f8/0x9a0
[  244.336907][ T8036]  ? __pfx_netlink_unicast+0x10/0x10
[  244.336926][ T8036]  ? skb_put+0x114/0x1f0
[  244.336943][ T8036]  netlink_sendmsg+0x8c3/0xcd0
[  244.336972][ T8036]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.336994][ T8036]  ? __import_iovec+0x585/0x830
[  244.337014][ T8036]  ? aa_sock_msg_perm+0x91/0x160
[  244.337039][ T8036]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.337057][ T8036]  __sock_sendmsg+0x221/0x270
[  244.337078][ T8036]  ____sys_sendmsg+0x523/0x860
[  244.337100][ T8036]  ? __pfx_____sys_sendmsg+0x10/0x10
[  244.337127][ T8036]  __sys_sendmsg+0x271/0x360
[  244.337146][ T8036]  ? __pfx___sys_sendmsg+0x10/0x10
[  244.337200][ T8036]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  244.337216][ T8036]  ? lockdep_hardirqs_on+0x9d/0x150
[  244.337234][ T8036]  __do_fast_syscall_32+0xb4/0x110
[  244.337251][ T8036]  ? exc_page_fault+0x5f8/0x920
[  244.337271][ T8036]  do_fast_syscall_32+0x34/0x80
[  244.337289][ T8036]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  244.337308][ T8036] RIP: 0023:0xf73bd579
[  244.337320][ T8036] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  244.337333][ T8036] RSP: 002b:00000000f504655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  244.337349][ T8036] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000380
[  244.337359][ T8036] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  244.337368][ T8036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  244.337376][ T8036] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  244.337385][ T8036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  244.337406][ T8036]  </TASK>
[  245.209402][ T8044] netlink: 20 bytes leftover after parsing attributes in process `syz.3.683'.
[  245.635682][ T5889] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  245.665742][ T5892] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  245.805892][ T5889] usb 4-1: Using ep0 maxpacket: 8
[  245.815690][ T5892] usb 1-1: Using ep0 maxpacket: 16
[  245.850212][ T8054] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.863861][ T8054] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.948774][ T5889] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  245.963664][ T5889] usb 4-1: New USB device found, idVendor=05ac, idProduct=0246, bcdDevice= 0.00
[  245.972951][ T5889] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.993449][ T5889] usb 4-1: config 0 descriptor??
[  246.084059][ T5889] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input19
[  246.310046][ T8065] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  246.449352][ T8067] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  246.720608][ T8071] netlink: 32 bytes leftover after parsing attributes in process `syz.4.695'.
[  246.941802][ T8075] netlink: 20 bytes leftover after parsing attributes in process `syz.1.697'.
[  247.507279][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880582eb000: rx timeout, send abort
[  247.515884][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880582eb000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  247.530394][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880582e8400: rx timeout, send abort
[  247.538777][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880582e8400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  247.575954][ T5196] bcm5974 4-1:0.0: could not read from device
[  247.591719][ T5889] usb 4-1: USB disconnect, device number 29
[  247.615506][ T5196] bcm5974 4-1:0.0: could not read from device
[  248.476396][ T8098] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  248.493979][ T5892] usb 1-1: unable to get BOS descriptor or descriptor too short
[  248.552340][ T5892] usb 1-1: unable to read config index 0 descriptor/start: -71
[  248.580992][ T5892] usb 1-1: can't read configurations, error -71
[  248.650903][ T8105] netlink: 20 bytes leftover after parsing attributes in process `syz.3.709'.
[  248.872295][ T8108] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  248.879465][ T8108] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  248.888976][ T8108] vhci_hcd vhci_hcd.0: Device attached
[  248.915720][   T47] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  249.238943][ T8114] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  249.245623][ T8114] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  249.256105][ T5887] usb 34-1: SetAddress Request (2) to port 0
[  249.256318][ T5832] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  249.262711][ T5887] usb 34-1: new SuperSpeed USB device number 2 using vhci_hcd
[  249.309152][   T47] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  249.323642][ T8114] vhci_hcd vhci_hcd.0: Device attached
[  249.337436][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.345506][   T47] usb 2-1: Product: syz
[  249.537120][   T47] usb 2-1: Manufacturer: syz
[  249.541788][   T47] usb 2-1: SerialNumber: syz
[  249.562277][ T8111] vhci_hcd: connection reset by peer
[  249.569223][ T8120] vhci_hcd: connection closed
[  249.572203][ T1152] vhci_hcd: stop threads
[  249.584110][   T47] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  249.605271][ T5832] usb 4-1: too many configurations: 154, using maximum allowed: 8
[  249.605357][ T1152] vhci_hcd: release socket
[  249.617887][ T5832] usb 4-1: unable to read config index 0 descriptor/start: -61
[  249.617930][ T5832] usb 4-1: can't read configurations, error -61
[  249.689090][ T1152] vhci_hcd: disconnect device
[  249.704423][   T54] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  249.724335][ T1152] vhci_hcd: stop threads
[  249.745795][ T5832] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  249.777934][ T1152] vhci_hcd: release socket
[  249.804330][ T1152] vhci_hcd: disconnect device
[  249.913815][ T5832] usb 4-1: too many configurations: 154, using maximum allowed: 8
[  249.972439][ T5832] usb 4-1: unable to read config index 0 descriptor/start: -61
[  249.994849][ T5832] usb 4-1: can't read configurations, error -61
[  250.032525][ T5832] usb usb4-port1: attempt power cycle
[  250.535937][ T5832] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  250.538282][    T9] usb 2-1: USB disconnect, device number 23
[  250.577707][ T5832] usb 4-1: too many configurations: 154, using maximum allowed: 8
[  250.605495][ T5832] usb 4-1: unable to read config index 0 descriptor/start: -61
[  250.634106][ T5832] usb 4-1: can't read configurations, error -61
[  250.785940][ T5832] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  250.806793][ T5832] usb 4-1: too many configurations: 154, using maximum allowed: 8
[  250.820502][ T5832] usb 4-1: unable to read config index 0 descriptor/start: -61
[  250.829587][ T5832] usb 4-1: can't read configurations, error -61
[  250.849137][ T5832] usb usb4-port1: unable to enumerate USB device
[  250.858006][   T54] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  250.866403][   T54] ath9k_htc: Failed to initialize the device
[  250.895657][    T9] usb 2-1: ath9k_htc: USB layer deinitialized
[  251.245762][ T8143] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  251.291463][ T8145] netlink: 'syz.1.722': attribute type 10 has an invalid length.
[  251.305883][ T8145] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  251.812475][ T8154] netlink: 20 bytes leftover after parsing attributes in process `syz.1.723'.
[  251.964967][ T8156] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  251.995755][   T54] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  252.188967][   T54] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  252.225280][   T54] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  252.245835][   T54] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  252.301483][   T54] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.368526][   T54] usb 3-1: config 0 descriptor??
[  252.796070][ T5888] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  252.974633][ T8183] netlink: 20 bytes leftover after parsing attributes in process `syz.1.736'.
[  252.986238][ T5888] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  252.997237][   T54] usb 3-1: language id specifier not provided by device, defaulting to English
[  252.997333][ T5888] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  253.035642][ T5888] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  253.069129][ T5888] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  253.087137][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.106018][ T5888] usb 4-1: Product: syz
[  253.110245][ T5888] usb 4-1: Manufacturer: syz
[  253.115404][ T5888] usb 4-1: SerialNumber: syz
[  253.338205][ T5888] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 34 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  253.400428][ T8152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  253.409657][ T8152] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.453258][   T54] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input20
[  253.531427][ T5832] usb 4-1: USB disconnect, device number 34
[  253.553453][   T54] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input21
[  253.565729][    T9] usb 1-1: new low-speed USB device number 34 using dummy_hcd
[  253.697211][   T54] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input22
[  253.723885][   T54] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0003/input/input23
[  253.737016][ T8167] FAULT_INJECTION: forcing a failure.
[  253.737016][ T8167] name failslab, interval 1, probability 0, space 0, times 0
[  253.749897][ T8167] CPU: 1 UID: 0 PID: 8167 Comm: syz.3.730 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  253.749944][ T8167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  253.749961][ T8167] Call Trace:
[  253.749970][ T8167]  <TASK>
[  253.749978][ T8167]  dump_stack_lvl+0x241/0x360
[  253.750016][ T8167]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.750046][ T8167]  ? __pfx__printk+0x10/0x10
[  253.750080][ T8167]  ? __pfx___might_resched+0x10/0x10
[  253.750110][ T8167]  should_fail_ex+0x424/0x570
[  253.750137][ T8167]  should_failslab+0xac/0x100
[  253.750168][ T8167]  __kmalloc_noprof+0xdf/0x4d0
[  253.750195][ T8167]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  253.750226][ T8167]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  253.750263][ T8167]  tomoyo_realpath_from_path+0xcf/0x5e0
[  253.750308][ T8167]  tomoyo_path_number_perm+0x245/0x790
[  253.750333][ T8167]  ? __lock_acquire+0xad5/0xd80
[  253.750357][ T8167]  ? tomoyo_path_number_perm+0x215/0x790
[  253.750386][ T8167]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  253.750454][ T8167]  ? __fget_files+0x2a/0x420
[  253.750472][ T8167]  ? __fget_files+0x2a/0x420
[  253.750494][ T8167]  ? __fget_files+0x2a/0x420
[  253.750518][ T8167]  security_file_ioctl_compat+0xc6/0x2a0
[  253.750546][ T8167]  __se_compat_sys_ioctl+0xd8/0xc30
[  253.750572][ T8167]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  253.750597][ T8167]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  253.750625][ T8167]  ? __fget_files+0x2a/0x420
[  253.750651][ T8167]  ? fput+0x9b/0xd0
[  253.750669][ T8167]  ? ksys_write+0x275/0x2d0
[  253.750713][ T8167]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  253.750736][ T8167]  ? lockdep_hardirqs_on+0x9d/0x150
[  253.750761][ T8167]  __do_fast_syscall_32+0xb4/0x110
[  253.750785][ T8167]  ? exc_page_fault+0x5f8/0x920
[  253.750812][ T8167]  do_fast_syscall_32+0x34/0x80
[  253.750836][ T8167]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  253.750861][ T8167] RIP: 0023:0xf73bd579
[  253.750878][ T8167] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  253.750895][ T8167] RSP: 002b:00000000f504655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  253.750917][ T8167] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000008008f511
[  253.750932][ T8167] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  253.750944][ T8167] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  253.750956][ T8167] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  253.750969][ T8167] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  253.750999][ T8167]  </TASK>
[  253.751424][ T8167] ERROR: Out of memory at tomoyo_realpath_from_path.
[  253.787582][    T9] usb 1-1: config index 0 descriptor too short (expected 1307, got 27)
[  253.792297][ T8166] usblp0: removed
[  253.975602][    T9] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  254.057211][   T54] uclogic 0003:256C:006D.0003: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  254.080815][   T54] usb 3-1: USB disconnect, device number 27
[  254.136825][    T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  254.149977][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  254.160727][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  254.173964][    T9] usb 1-1: language id specifier not provided by device, defaulting to English
[  254.195457][    T9] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  254.204821][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.213560][    T9] usb 1-1: Manufacturer: 牢
[  254.227814][    T9] usb 1-1: config 0 descriptor??
[  254.272029][    T9] hub 1-1:0.0: bad descriptor, ignoring hub
[  254.278400][    T9] hub 1-1:0.0: probe with driver hub failed with error -5
[  254.311553][    T9] input: 牢 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input24
[  254.379325][ T5887] usb 34-1: device descriptor read/8, error -110
[  254.585724][ T5889] vhci_hcd: vhci_device speed not set
[  254.724782][ T8205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.745'.
[  254.733910][ T8205] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[  254.756847][ T8206] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  254.778833][ T8205] FAULT_INJECTION: forcing a failure.
[  254.778833][ T8205] name failslab, interval 1, probability 0, space 0, times 0
[  254.792085][ T8205] CPU: 0 UID: 0 PID: 8205 Comm: syz.3.745 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  254.792115][ T8205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  254.792129][ T8205] Call Trace:
[  254.792137][ T8205]  <TASK>
[  254.792145][ T8205]  dump_stack_lvl+0x241/0x360
[  254.792183][ T8205]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.792212][ T8205]  ? __pfx__printk+0x10/0x10
[  254.792244][ T8205]  ? __pfx___might_resched+0x10/0x10
[  254.792277][ T8205]  should_fail_ex+0x424/0x570
[  254.792305][ T8205]  should_failslab+0xac/0x100
[  254.792336][ T8205]  __kvmalloc_node_noprof+0x170/0x5a0
[  254.792367][ T8205]  ? alloc_netdev_mqs+0xac6/0x1210
[  254.792398][ T8205]  alloc_netdev_mqs+0xac6/0x1210
[  254.792431][ T8205]  rtnl_create_link+0x2f9/0xc90
[  254.792462][ T8205]  rtnl_newlink_create+0x2f2/0xcb0
[  254.792494][ T8205]  ? __mutex_lock+0x380/0x10c0
[  254.792522][ T8205]  ? __pfx_aa_get_newest_label+0x10/0x10
[  254.792556][ T8205]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  254.792599][ T8205]  ? __pfx___mutex_lock+0x10/0x10
[  254.792634][ T8205]  ? ns_capable+0x8a/0xf0
[  254.792660][ T8205]  rtnl_newlink+0x18b0/0x1fe0
[  254.792691][ T8205]  ? stack_depot_save_flags+0x44/0x940
[  254.792728][ T8205]  ? __pfx_rtnl_newlink+0x10/0x10
[  254.792753][ T8205]  ? __netlink_deliver_tap+0x561/0x7f0
[  254.792779][ T8205]  ? netlink_deliver_tap+0x19d/0x1b0
[  254.792804][ T8205]  ? netlink_unicast+0x7c6/0x9a0
[  254.792825][ T8205]  ? netlink_sendmsg+0x8c3/0xcd0
[  254.792850][ T8205]  ? __sock_sendmsg+0x221/0x270
[  254.792873][ T8205]  ? ____sys_sendmsg+0x523/0x860
[  254.792892][ T8205]  ? __sys_sendmsg+0x271/0x360
[  254.792910][ T8205]  ? __do_fast_syscall_32+0xb4/0x110
[  254.792959][ T8205]  ? do_fast_syscall_32+0x34/0x80
[  254.792981][ T8205]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.793046][ T8205]  ? kasan_quarantine_put+0xdc/0x230
[  254.793069][ T8205]  ? lockdep_hardirqs_on+0x9d/0x150
[  254.793101][ T8205]  ? nlmon_xmit+0xaf/0x100
[  254.793145][ T8205]  ? __local_bh_enable_ip+0x168/0x200
[  254.793165][ T8205]  ? lockdep_hardirqs_on+0x9d/0x150
[  254.793195][ T8205]  ? aa_get_newest_label+0x101/0x6f0
[  254.793231][ T8205]  ? __lock_acquire+0xad5/0xd80
[  254.793275][ T8205]  ? __pfx_rtnl_newlink+0x10/0x10
[  254.793306][ T8205]  rtnetlink_rcv_msg+0x80f/0xd70
[  254.793332][ T8205]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  254.793365][ T8205]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  254.793400][ T8205]  ? ref_tracker_free+0x63e/0x7e0
[  254.793431][ T8205]  netlink_rcv_skb+0x208/0x480
[  254.793460][ T8205]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  254.793489][ T8205]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  254.793536][ T8205]  ? netlink_deliver_tap+0x2e/0x1b0
[  254.793566][ T8205]  ? netlink_deliver_tap+0x2e/0x1b0
[  254.793603][ T8205]  netlink_unicast+0x7f8/0x9a0
[  254.793638][ T8205]  ? __pfx_netlink_unicast+0x10/0x10
[  254.793665][ T8205]  ? skb_put+0x114/0x1f0
[  254.793687][ T8205]  netlink_sendmsg+0x8c3/0xcd0
[  254.793727][ T8205]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.793759][ T8205]  ? __import_iovec+0x585/0x830
[  254.793785][ T8205]  ? aa_sock_msg_perm+0x91/0x160
[  254.793819][ T8205]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.793843][ T8205]  __sock_sendmsg+0x221/0x270
[  254.793873][ T8205]  ____sys_sendmsg+0x523/0x860
[  254.793903][ T8205]  ? __pfx_____sys_sendmsg+0x10/0x10
[  254.793941][ T8205]  __sys_sendmsg+0x271/0x360
[  254.793966][ T8205]  ? __pfx___sys_sendmsg+0x10/0x10
[  254.794039][ T8205]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  254.794062][ T8205]  ? lockdep_hardirqs_on+0x9d/0x150
[  254.794088][ T8205]  __do_fast_syscall_32+0xb4/0x110
[  254.794111][ T8205]  ? exc_page_fault+0x5f8/0x920
[  254.794138][ T8205]  do_fast_syscall_32+0x34/0x80
[  254.794162][ T8205]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  254.794185][ T8205] RIP: 0023:0xf73bd579
[  254.794202][ T8205] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  254.794219][ T8205] RSP: 002b:00000000f504655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  254.794240][ T8205] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  254.794254][ T8205] RDX: 0000000020008844 RSI: 0000000000000000 RDI: 0000000000000000
[  254.794267][ T8205] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  254.794296][ T8205] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  254.794309][ T8205] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  254.794339][ T8205]  </TASK>
[  255.230202][    C0] vkms_vblank_simulate: vblank timer overrun
[  255.444653][ T8213] netlink: 'syz.3.747': attribute type 64 has an invalid length.
[  255.454452][ T8213] netlink: 44 bytes leftover after parsing attributes in process `syz.3.747'.
[  255.502309][ T8215] usb usb1: usbfs: process 8215 (syz.1.746) did not claim interface 0 before use
[  255.618009][ T8217] netlink: 8 bytes leftover after parsing attributes in process `syz.4.748'.
[  255.627303][ T8217] netlink: 4 bytes leftover after parsing attributes in process `syz.4.748'.
[  255.710405][ T8219] netlink: 20 bytes leftover after parsing attributes in process `syz.4.749'.
[  255.740310][    T9] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  255.740330][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.740416][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  255.915675][    T9] usb 4-1: Using ep0 maxpacket: 8
[  255.929810][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  255.943522][ T5887] usb usb34-port1: attempt power cycle
[  255.951401][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  255.963268][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  255.973698][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  255.986862][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  255.996033][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.222818][    T9] usb 4-1: usb_control_msg returned -32
[  256.248745][    T9] usbtmc 4-1:16.0: can't read capabilities
[  256.306091][ T5889] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  256.344115][   T54] usb 1-1: USB disconnect, device number 34
[  256.475650][ T5889] usb 3-1: Using ep0 maxpacket: 16
[  256.516413][ T8227] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  256.526351][ T8227] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  256.576464][ T5887] usb usb34-port1: unable to enumerate USB device
[  256.622673][ T8233] net_ratelimit: 9 callbacks suppressed
[  256.622697][ T8233] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  257.105865][ T8243] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  258.356695][ T8252] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  258.476025][    T9] usb 4-1: USB disconnect, device number 35
[  258.945837][   T54] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  259.005317][ T8260] netlink: 'syz.1.765': attribute type 21 has an invalid length.
[  259.023818][ T8260] IPv6: NLM_F_CREATE should be specified when creating new route
[  259.045292][ T8260] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  259.053252][ T8260] IPv6: NLM_F_CREATE should be set when creating new route
[  259.060669][ T8260] IPv6: NLM_F_CREATE should be set when creating new route
[  259.067987][ T8260] IPv6: NLM_F_CREATE should be set when creating new route
[  259.092578][ T8265] netlink: 'syz.4.767': attribute type 10 has an invalid length.
[  259.115792][   T54] usb 4-1: Using ep0 maxpacket: 16
[  259.130896][   T54] usb 4-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  259.142969][   T54] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.174440][   T54] usb 4-1: Product: syz
[  259.194462][   T54] usb 4-1: Manufacturer: syz
[  259.208128][   T54] usb 4-1: SerialNumber: syz
[  259.229545][   T54] usb 4-1: config 0 descriptor??
[  259.252999][   T54] ssu100 4-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  259.463210][ T5889] usb 3-1: unable to get BOS descriptor or descriptor too short
[  259.505864][ T5889] usb 3-1: unable to read config index 0 descriptor/start: -71
[  259.525522][ T5889] usb 3-1: can't read configurations, error -71
[  259.553134][ T8278] netlink: 20 bytes leftover after parsing attributes in process `syz.2.771'.
[  260.169924][   T54] ssu100 4-1:0.0: probe with driver ssu100 failed with error -71
[  260.181872][   T54] usb 4-1: USB disconnect, device number 36
[  261.752157][ T8316] netlink: 20 bytes leftover after parsing attributes in process `syz.2.784'.
[  262.165725][   T54] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  262.315702][   T47] usb 4-1: new full-speed USB device number 37 using dummy_hcd
[  262.323466][   T54] usb 3-1: Using ep0 maxpacket: 8
[  262.330736][   T54] usb 3-1: config 1 descriptor has 1 excess byte, ignoring
[  262.338863][   T54] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  262.350115][   T54] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  262.428746][   T54] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  262.480546][   T47] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 4
[  262.500971][   T47] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 65535, setting to 64
[  262.512894][   T54] usb 3-1: config 1 interface 1 has no altsetting 0
[  262.529033][   T54] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  262.541203][   T54] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.552696][   T47] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  262.575110][   T54] usb 3-1: Product: syz
[  262.584257][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.592619][   T54] usb 3-1: Manufacturer: syz
[  262.606728][   T54] usb 3-1: SerialNumber: syz
[  262.633204][ T8321] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  262.651625][   T47] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  262.667830][   T47] usb 4-1: invalid MIDI in EP 0
[  262.761323][   T47] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[  262.797530][ T8329] tipc: Can't bind to reserved service type 1
[  262.852376][   T47] usb 4-1: USB disconnect, device number 37
[  263.050506][ T5935] udevd[5935]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  264.372068][ T8349] netlink: 8 bytes leftover after parsing attributes in process `syz.0.796'.
[  264.530932][ T8349] netlink: 24 bytes leftover after parsing attributes in process `syz.0.796'.
[  264.928642][   T54] usb 3-1: 2:1 : no or invalid class specific endpoint descriptor
[  264.956576][   T54] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  264.962904][   T54] usb 3-1: 2:1 : invalid channels 0
[  265.132291][   T54] usb 3-1: USB disconnect, device number 30
[  265.363825][ T5952] udevd[5952]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  266.036667][ T8391] loop2: detected capacity change from 0 to 7
[  266.075883][ T8391] Dev loop2: unable to read RDB block 7
[  266.113058][ T8391]  loop2: unable to read partition table
[  266.126410][ T8391] loop2: partition table beyond EOD, truncated
[  266.165346][ T8391] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  266.195865][   T54] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  266.245960][ T5885] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  266.356126][   T54] usb 3-1: Using ep0 maxpacket: 16
[  266.372702][   T54] usb 3-1: config 1 interface 0 altsetting 213 endpoint 0x81 has an invalid bInterval 249, changing to 11
[  266.418559][   T54] usb 3-1: config 1 interface 0 altsetting 213 endpoint 0x2 has an invalid bInterval 252, changing to 11
[  266.436418][ T5885] usb 2-1: Using ep0 maxpacket: 16
[  266.457933][   T54] usb 3-1: config 1 interface 0 has no altsetting 0
[  266.500527][ T8388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.510803][ T8388] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  266.587932][   T54] usb 3-1: New USB device found, idVendor=0458, idProduct=5015, bcdDevice= 0.40
[  266.598948][   T54] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.608847][   T54] usb 3-1: Product: 鳴঳넄羸葤綠㽔⁒ᷨ똯酘鄵뵕ꤣ鎀앏贪菅ｻ俽ヤ嗨〰箾쮤ළ◕ꤋஔ㝦쌾랙旲㷠鲼㳊博ꉶ٥
[  266.625427][   T54] usb 3-1: Manufacturer: Ј
[  266.633777][   T54] usb 3-1: SerialNumber: 뤽⹠㩛鐨晭쌣仑쥘ి鬳蚨胶婁᥺ᝫ䴲棹
[  266.678400][ T8405] netlink: 'syz.0.816': attribute type 10 has an invalid length.
[  266.891181][ T8386] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.902175][ T8386] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.445761][   T47] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  267.605975][   T47] usb 1-1: Using ep0 maxpacket: 16
[  267.618894][   T47] usb 1-1: config 1 interface 0 altsetting 213 endpoint 0x81 has an invalid bInterval 249, changing to 11
[  267.634310][   T47] usb 1-1: config 1 interface 0 altsetting 213 endpoint 0x2 has an invalid bInterval 252, changing to 11
[  267.665944][   T47] usb 1-1: config 1 interface 0 has no altsetting 0
[  267.677890][   T47] usb 1-1: New USB device found, idVendor=0458, idProduct=5015, bcdDevice= 0.40
[  267.687365][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.696009][   T47] usb 1-1: Product: 鳴皳넄羸葤綠㽔⁒ᷨ똯酘鄵뵕ꤣ鎀앋贪菅ｻ俽ヤ嗨〰箾쮤ළ◕ꤋஔ㝦쌾랙旲㷠鲼㳊博ꉶ٥
[  267.726414][   T47] usb 1-1: Manufacturer: Ј
[  267.731079][   T47] usb 1-1: SerialNumber: 뤽⹠㩛鐨晭쌣仑쥘ి鬳蚨胶婁᥺ᝫ䴲棹
[  267.990917][ T8414] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  268.000097][ T8414] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.143833][ T8423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.823'.
[  268.837299][   T54] usbhid 3-1:1.0: can't add hid device: -71
[  268.849115][   T54] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  268.865694][ T5892] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  268.921419][   T54] usb 3-1: USB disconnect, device number 31
[  269.052178][ T5892] usb 4-1: config 0 has no interfaces?
[  269.067829][ T5892] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  269.077500][ T5892] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.092585][ T5892] usb 4-1: Product: syz
[  269.097482][ T5892] usb 4-1: Manufacturer: syz
[  269.102628][ T5892] usb 4-1: SerialNumber: syz
[  269.123125][ T5892] usb 4-1: config 0 descriptor??
[  269.558632][ T5885] usb 2-1: unable to get BOS descriptor or descriptor too short
[  269.578323][ T5885] usb 2-1: unable to read config index 0 descriptor/start: -71
[  269.613976][ T5885] usb 2-1: can't read configurations, error -71
[  269.820848][ T8439] netlink: 'syz.2.828': attribute type 10 has an invalid length.
[  270.162531][   T47] usbhid 1-1:1.0: can't add hid device: -71
[  270.188556][   T47] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[  270.329702][   T47] usb 1-1: USB disconnect, device number 35
[  272.038305][ T5889] usb 4-1: USB disconnect, device number 38
[  272.587273][ T8485] netlink: 8 bytes leftover after parsing attributes in process `syz.3.846'.
[  272.615938][ T8485] netlink: 'syz.3.846': attribute type 5 has an invalid length.
[  272.655059][ T8485] netlink: 'syz.3.846': attribute type 10 has an invalid length.
[  272.712583][ T8485] team0: Device hsr_slave_0 failed to register rx_handler
[  273.301644][ T8499] netlink: 'syz.2.852': attribute type 10 has an invalid length.
[  273.566978][ T8507] FAULT_INJECTION: forcing a failure.
[  273.566978][ T8507] name failslab, interval 1, probability 0, space 0, times 0
[  273.580396][ T8507] CPU: 1 UID: 0 PID: 8507 Comm: syz.2.856 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  273.580426][ T8507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  273.580436][ T8507] Call Trace:
[  273.580442][ T8507]  <TASK>
[  273.580449][ T8507]  dump_stack_lvl+0x241/0x360
[  273.580477][ T8507]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.580498][ T8507]  ? __pfx__printk+0x10/0x10
[  273.580523][ T8507]  ? __pfx___might_resched+0x10/0x10
[  273.580545][ T8507]  should_fail_ex+0x424/0x570
[  273.580564][ T8507]  should_failslab+0xac/0x100
[  273.580586][ T8507]  __kmalloc_noprof+0xdf/0x4d0
[  273.580606][ T8507]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  273.580629][ T8507]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  273.580655][ T8507]  tomoyo_realpath_from_path+0xcf/0x5e0
[  273.580692][ T8507]  tomoyo_path_number_perm+0x245/0x790
[  273.580711][ T8507]  ? __lock_acquire+0xad5/0xd80
[  273.580728][ T8507]  ? tomoyo_path_number_perm+0x215/0x790
[  273.580748][ T8507]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  273.580794][ T8507]  ? __fget_files+0x2a/0x420
[  273.580807][ T8507]  ? __fget_files+0x2a/0x420
[  273.580823][ T8507]  ? __fget_files+0x2a/0x420
[  273.580840][ T8507]  security_file_ioctl_compat+0xc6/0x2a0
[  273.580860][ T8507]  __se_compat_sys_ioctl+0xd8/0xc30
[  273.580878][ T8507]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  273.580897][ T8507]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  273.580917][ T8507]  ? __fget_files+0x2a/0x420
[  273.580934][ T8507]  ? fput+0x9b/0xd0
[  273.580948][ T8507]  ? ksys_write+0x275/0x2d0
[  273.580971][ T8507]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  273.580987][ T8507]  ? lockdep_hardirqs_on+0x9d/0x150
[  273.581005][ T8507]  __do_fast_syscall_32+0xb4/0x110
[  273.581027][ T8507]  ? exc_page_fault+0x5f8/0x920
[  273.581045][ T8507]  do_fast_syscall_32+0x34/0x80
[  273.581063][ T8507]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  273.581081][ T8507] RIP: 0023:0xf7fd7579
[  273.581093][ T8507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  273.581106][ T8507] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  273.581122][ T8507] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0045405
[  273.581133][ T8507] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  273.581142][ T8507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  273.581151][ T8507] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  273.581159][ T8507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  273.581181][ T8507]  </TASK>
[  273.581204][ T8507] ERROR: Out of memory at tomoyo_realpath_from_path.
[  273.906103][ T8507] netlink: 'syz.2.856': attribute type 4 has an invalid length.
[  273.923684][ T8513] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  274.576346][ T8523] netlink: 36 bytes leftover after parsing attributes in process `syz.4.860'.
[  275.028875][ T8538] netlink: 8 bytes leftover after parsing attributes in process `syz.4.865'.
[  275.272255][ T8542] netlink: 'syz.3.867': attribute type 10 has an invalid length.
[  275.397230][   T30] audit: type=1326 audit(1743733664.763:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8547 comm="syz.0.869" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ed579 code=0x0
[  275.648421][ T8557] netlink: 20 bytes leftover after parsing attributes in process `syz.1.873'.
[  276.322964][ T5885] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  276.512758][ T5885] usb 2-1: Using ep0 maxpacket: 16
[  276.547577][   T47] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  276.679075][ T8572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  276.691028][ T8572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.171992][ T8583] netlink: 8 bytes leftover after parsing attributes in process `syz.4.882'.
[  277.231307][   T47] usb 3-1: Using ep0 maxpacket: 16
[  277.287856][ T8575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.298792][ T8575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  278.260813][ T8585] netlink: 'syz.4.883': attribute type 10 has an invalid length.
[  278.575513][ T8590] netlink: 20 bytes leftover after parsing attributes in process `syz.4.886'.
[  279.731318][ T5885] usb 2-1: unable to get BOS descriptor or descriptor too short
[  279.772639][ T5885] usb 2-1: unable to read config index 0 descriptor/start: -71
[  279.843267][ T5885] usb 2-1: can't read configurations, error -71
[  280.595133][   T47] usb 3-1: unable to get BOS descriptor or descriptor too short
[  280.650979][   T47] usb 3-1: unable to read config index 0 descriptor/start: -71
[  280.725677][   T47] usb 3-1: can't read configurations, error -71
[  280.907773][ T8624] netlink: 'syz.2.896': attribute type 10 has an invalid length.
[  281.236054][   T54] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  281.279084][ T8632] netlink: 8 bytes leftover after parsing attributes in process `syz.2.901'.
[  281.328458][ T8632] netlink: 8 bytes leftover after parsing attributes in process `syz.2.901'.
[  281.417341][   T54] usb 2-1: Using ep0 maxpacket: 8
[  281.457833][   T54] usb 2-1: config 0 has an invalid interface number: 246 but max is 0
[  281.475670][   T54] usb 2-1: config 0 has no interface number 0
[  281.484496][   T54] usb 2-1: config 0 interface 246 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  281.522463][   T54] usb 2-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  281.551682][   T54] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.574833][   T54] usb 2-1: Product: syz
[  281.588192][   T54] usb 2-1: Manufacturer: syz
[  281.607833][   T54] usb 2-1: SerialNumber: syz
[  281.624235][   T54] usb 2-1: config 0 descriptor??
[  281.793836][   T54] msi2500 2-1:0.246: Registered as swradio24
[  281.807104][   T54] msi2500 2-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[  281.879670][   T54] usb 2-1: USB disconnect, device number 28
[  282.230700][ T8660] FAULT_INJECTION: forcing a failure.
[  282.230700][ T8660] name failslab, interval 1, probability 0, space 0, times 0
[  282.243503][ T8660] CPU: 0 UID: 0 PID: 8660 Comm: syz.4.911 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  282.243525][ T8660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  282.243534][ T8660] Call Trace:
[  282.243543][ T8660]  <TASK>
[  282.243549][ T8660]  dump_stack_lvl+0x241/0x360
[  282.243577][ T8660]  ? __pfx_dump_stack_lvl+0x10/0x10
[  282.243599][ T8660]  ? __pfx__printk+0x10/0x10
[  282.243623][ T8660]  ? __pfx___might_resched+0x10/0x10
[  282.243645][ T8660]  should_fail_ex+0x424/0x570
[  282.243665][ T8660]  should_failslab+0xac/0x100
[  282.243687][ T8660]  __kmalloc_noprof+0xdf/0x4d0
[  282.243708][ T8660]  ? tomoyo_encode+0x26f/0x540
[  282.243734][ T8660]  tomoyo_encode+0x26f/0x540
[  282.243757][ T8660]  ? __pfx_sockfs_dname+0x10/0x10
[  282.243779][ T8660]  tomoyo_realpath_from_path+0x59e/0x5e0
[  282.243811][ T8660]  tomoyo_path_number_perm+0x245/0x790
[  282.243830][ T8660]  ? __lock_acquire+0xad5/0xd80
[  282.243848][ T8660]  ? tomoyo_path_number_perm+0x215/0x790
[  282.243876][ T8660]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  282.243942][ T8660]  ? __fget_files+0x2a/0x420
[  282.243962][ T8660]  ? __fget_files+0x2a/0x420
[  282.243982][ T8660]  ? __fget_files+0x2a/0x420
[  282.243999][ T8660]  security_file_ioctl_compat+0xc6/0x2a0
[  282.244019][ T8660]  __se_compat_sys_ioctl+0xd8/0xc30
[  282.244038][ T8660]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  282.244057][ T8660]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  282.244076][ T8660]  ? __fget_files+0x2a/0x420
[  282.244094][ T8660]  ? fput+0x9b/0xd0
[  282.244107][ T8660]  ? ksys_write+0x275/0x2d0
[  282.244131][ T8660]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  282.244153][ T8660]  ? lockdep_hardirqs_on+0x9d/0x150
[  282.244171][ T8660]  __do_fast_syscall_32+0xb4/0x110
[  282.244188][ T8660]  ? exc_page_fault+0x5f8/0x920
[  282.244207][ T8660]  do_fast_syscall_32+0x34/0x80
[  282.244225][ T8660]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  282.244244][ T8660] RIP: 0023:0xf7fb4579
[  282.244256][ T8660] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  282.244269][ T8660] RSP: 002b:00000000f50d655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  282.244285][ T8660] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008916
[  282.244296][ T8660] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  282.244305][ T8660] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  282.244313][ T8660] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  282.244322][ T8660] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  282.244343][ T8660]  </TASK>
[  282.244364][ T8660] ERROR: Out of memory at tomoyo_realpath_from_path.
[  283.825160][ T8685] Cannot find add_set index 2 as target
[  284.170515][ T8692] FAULT_INJECTION: forcing a failure.
[  284.170515][ T8692] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  284.246242][ T8692] CPU: 1 UID: 0 PID: 8692 Comm: syz.0.923 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  284.246275][ T8692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  284.246288][ T8692] Call Trace:
[  284.246296][ T8692]  <TASK>
[  284.246305][ T8692]  dump_stack_lvl+0x241/0x360
[  284.246342][ T8692]  ? __pfx_dump_stack_lvl+0x10/0x10
[  284.246372][ T8692]  ? __pfx__printk+0x10/0x10
[  284.246411][ T8692]  should_fail_ex+0x424/0x570
[  284.246438][ T8692]  _copy_to_user+0x31/0xb0
[  284.246470][ T8692]  simple_read_from_buffer+0xc4/0x170
[  284.246506][ T8692]  proc_fail_nth_read+0x1ef/0x260
[  284.246532][ T8692]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  284.246557][ T8692]  ? rw_verify_area+0x246/0x630
[  284.246579][ T8692]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  284.246603][ T8692]  vfs_read+0x21f/0xb90
[  284.246632][ T8692]  ? __pfx___mutex_lock+0x10/0x10
[  284.246657][ T8692]  ? __pfx_vfs_read+0x10/0x10
[  284.246684][ T8692]  ? __fget_files+0x2a/0x420
[  284.246704][ T8692]  ? __fget_files+0x39d/0x420
[  284.246721][ T8692]  ? __fget_files+0x2a/0x420
[  284.246750][ T8692]  ksys_read+0x19d/0x2d0
[  284.246775][ T8692]  ? __pfx_ksys_read+0x10/0x10
[  284.246802][ T8692]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  284.246823][ T8692]  ? lockdep_hardirqs_on+0x9d/0x150
[  284.246849][ T8692]  __do_fast_syscall_32+0xb4/0x110
[  284.246872][ T8692]  ? exc_page_fault+0x5f8/0x920
[  284.246899][ T8692]  do_fast_syscall_32+0x34/0x80
[  284.246923][ T8692]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  284.246947][ T8692] RIP: 0023:0xf73ed579
[  284.246965][ T8692] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  284.246983][ T8692] RSP: 002b:00000000f5076590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  284.247004][ T8692] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5076620
[  284.247018][ T8692] RDX: 000000000000000f RSI: 00000000f73dcff4 RDI: 0000000000000000
[  284.247030][ T8692] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  284.247042][ T8692] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  284.247055][ T8692] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  284.247091][ T8692]  </TASK>
[  284.637523][ T8703] netlink: 20 bytes leftover after parsing attributes in process `syz.4.930'.
[  284.764143][ T8705] netlink: 'syz.3.929': attribute type 10 has an invalid length.
[  284.942766][ T8721] FAULT_INJECTION: forcing a failure.
[  284.942766][ T8721] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  284.962172][ T8721] CPU: 1 UID: 0 PID: 8721 Comm: syz.3.934 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  284.962202][ T8721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  284.962215][ T8721] Call Trace:
[  284.962223][ T8721]  <TASK>
[  284.962232][ T8721]  dump_stack_lvl+0x241/0x360
[  284.962271][ T8721]  ? __pfx_dump_stack_lvl+0x10/0x10
[  284.962301][ T8721]  ? __pfx__printk+0x10/0x10
[  284.962343][ T8721]  should_fail_ex+0x424/0x570
[  284.962370][ T8721]  _copy_to_user+0x31/0xb0
[  284.962403][ T8721]  simple_read_from_buffer+0xc4/0x170
[  284.962436][ T8721]  proc_fail_nth_read+0x1ef/0x260
[  284.962461][ T8721]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  284.962486][ T8721]  ? rw_verify_area+0x246/0x630
[  284.962508][ T8721]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  284.962531][ T8721]  vfs_read+0x21f/0xb90
[  284.962561][ T8721]  ? __pfx___mutex_lock+0x10/0x10
[  284.962586][ T8721]  ? __pfx_vfs_read+0x10/0x10
[  284.962612][ T8721]  ? __fget_files+0x2a/0x420
[  284.962633][ T8721]  ? __fget_files+0x39d/0x420
[  284.962650][ T8721]  ? __fget_files+0x2a/0x420
[  284.962680][ T8721]  ksys_read+0x19d/0x2d0
[  284.962705][ T8721]  ? __pfx_ksys_read+0x10/0x10
[  284.962740][ T8721]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  284.962763][ T8721]  ? lockdep_hardirqs_on+0x9d/0x150
[  284.962789][ T8721]  __do_fast_syscall_32+0xb4/0x110
[  284.962813][ T8721]  ? exc_page_fault+0x5f8/0x920
[  284.962839][ T8721]  do_fast_syscall_32+0x34/0x80
[  284.962861][ T8721]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  284.962885][ T8721] RIP: 0023:0xf73bd579
[  284.962902][ T8721] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  284.962919][ T8721] RSP: 002b:00000000f5046590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  284.962941][ T8721] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5046620
[  284.962956][ T8721] RDX: 000000000000000f RSI: 00000000f73acff4 RDI: 0000000000000000
[  284.962969][ T8721] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  284.962981][ T8721] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  284.962994][ T8721] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  284.963024][ T8721]  </TASK>
[  285.984060][ T8738] netlink: 'syz.3.941': attribute type 10 has an invalid length.
[  286.053483][ T8738] netlink: 40 bytes leftover after parsing attributes in process `syz.3.941'.
[  286.077846][ T8738] team0: entered promiscuous mode
[  286.105865][ T8738] team_slave_0: entered promiscuous mode
[  286.172892][ T8738] team0: entered allmulticast mode
[  286.205925][ T8738] team_slave_0: entered allmulticast mode
[  286.241615][ T8738] bridge0: port 3(team0) entered blocking state
[  286.294205][ T8738] bridge0: port 3(team0) entered disabled state
[  286.393646][ T8738] bridge0: port 3(team0) entered blocking state
[  286.400137][ T8738] bridge0: port 3(team0) entered forwarding state
[  286.515330][ T8751] netlink: 24 bytes leftover after parsing attributes in process `syz.0.945'.
[  286.916715][   T47] usb 3-1: new full-speed USB device number 34 using dummy_hcd
[  287.100307][   T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  287.118466][   T47] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  287.130907][   T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  287.181392][   T47] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  287.195066][   T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.235662][   T54] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  287.265629][   T47] usb 3-1: Product: syz
[  287.269988][   T47] usb 3-1: Manufacturer: syz
[  287.321602][   T47] usb 3-1: SerialNumber: syz
[  287.417831][   T47] usb 3-1: config 0 descriptor??
[  287.437230][ T8757] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  287.444690][ T8757] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  287.455209][   T47] usb 3-1: ucan: probing device on interface #0
[  287.463224][   T54] usb 1-1: Using ep0 maxpacket: 16
[  287.495452][ T8767] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  287.507859][ T8767] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  287.914651][ T8757] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  287.924400][ T8757] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  287.938154][   T47] usb 3-1: ucan: failed to retrieve device info
[  287.956667][   T47] usb 3-1: ucan: probe failed; try to update the device firmware
[  288.007767][   T47] usb 3-1: USB disconnect, device number 34
[  288.055678][ T8788] FAULT_INJECTION: forcing a failure.
[  288.055678][ T8788] name failslab, interval 1, probability 0, space 0, times 0
[  288.078800][ T8788] CPU: 0 UID: 0 PID: 8788 Comm: syz.1.961 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  288.078831][ T8788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  288.078845][ T8788] Call Trace:
[  288.078853][ T8788]  <TASK>
[  288.078866][ T8788]  dump_stack_lvl+0x241/0x360
[  288.078902][ T8788]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.078932][ T8788]  ? __pfx__printk+0x10/0x10
[  288.078966][ T8788]  ? __pfx___might_resched+0x10/0x10
[  288.078996][ T8788]  should_fail_ex+0x424/0x570
[  288.079021][ T8788]  should_failslab+0xac/0x100
[  288.079050][ T8788]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  288.079082][ T8788]  ? __alloc_skb+0x1c2/0x480
[  288.079117][ T8788]  __alloc_skb+0x1c2/0x480
[  288.079145][ T8788]  ? __kernel_text_address+0xd/0x40
[  288.079164][ T8788]  ? unwind_get_return_address+0x4d/0x90
[  288.079194][ T8788]  ? __pfx___alloc_skb+0x10/0x10
[  288.079228][ T8788]  ? __nla_parse+0x40/0x60
[  288.079257][ T8788]  ip6addrlbl_get+0x4b3/0x9d0
[  288.079296][ T8788]  ? __pfx_ip6addrlbl_get+0x10/0x10
[  288.079336][ T8788]  ? __pfx_ip6addrlbl_get+0x10/0x10
[  288.079369][ T8788]  rtnetlink_rcv_msg+0x80f/0xd70
[  288.079395][ T8788]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  288.079428][ T8788]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  288.079453][ T8788]  ? __lock_acquire+0xad5/0xd80
[  288.079492][ T8788]  netlink_rcv_skb+0x208/0x480
[  288.079522][ T8788]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  288.079551][ T8788]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  288.079597][ T8788]  ? netlink_deliver_tap+0x2e/0x1b0
[  288.079627][ T8788]  ? netlink_deliver_tap+0x2e/0x1b0
[  288.079657][ T8788]  netlink_unicast+0x7f8/0x9a0
[  288.079691][ T8788]  ? __pfx_netlink_unicast+0x10/0x10
[  288.079724][ T8788]  ? skb_put+0x114/0x1f0
[  288.079747][ T8788]  netlink_sendmsg+0x8c3/0xcd0
[  288.079788][ T8788]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.079820][ T8788]  ? __import_iovec+0x585/0x830
[  288.079846][ T8788]  ? aa_sock_msg_perm+0x91/0x160
[  288.079880][ T8788]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.079905][ T8788]  __sock_sendmsg+0x221/0x270
[  288.079933][ T8788]  ____sys_sendmsg+0x523/0x860
[  288.079964][ T8788]  ? __pfx_____sys_sendmsg+0x10/0x10
[  288.080000][ T8788]  __sys_sendmsg+0x271/0x360
[  288.080026][ T8788]  ? __pfx___sys_sendmsg+0x10/0x10
[  288.080101][ T8788]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  288.080125][ T8788]  ? lockdep_hardirqs_on+0x9d/0x150
[  288.080151][ T8788]  __do_fast_syscall_32+0xb4/0x110
[  288.080174][ T8788]  ? exc_page_fault+0x5f8/0x920
[  288.080201][ T8788]  do_fast_syscall_32+0x34/0x80
[  288.080226][ T8788]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  288.080251][ T8788] RIP: 0023:0xf746d579
[  288.080270][ T8788] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  288.080286][ T8788] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  288.080308][ T8788] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  288.080322][ T8788] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  288.080334][ T8788] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  288.080345][ T8788] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  288.080358][ T8788] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  288.080389][ T8788]  </TASK>
[  288.411671][    C0] vkms_vblank_simulate: vblank timer overrun
[  289.014882][ T8798] FAULT_INJECTION: forcing a failure.
[  289.014882][ T8798] name failslab, interval 1, probability 0, space 0, times 0
[  289.045624][ T8798] CPU: 0 UID: 0 PID: 8798 Comm: syz.3.965 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  289.045656][ T8798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  289.045670][ T8798] Call Trace:
[  289.045679][ T8798]  <TASK>
[  289.045688][ T8798]  dump_stack_lvl+0x241/0x360
[  289.045724][ T8798]  ? __pfx_dump_stack_lvl+0x10/0x10
[  289.045751][ T8798]  ? __pfx__printk+0x10/0x10
[  289.045771][ T8798]  ? __do_fast_syscall_32+0xb4/0x110
[  289.045794][ T8798]  ? __pfx___might_resched+0x10/0x10
[  289.045826][ T8798]  should_fail_ex+0x424/0x570
[  289.045856][ T8798]  should_failslab+0xac/0x100
[  289.045886][ T8798]  __kmalloc_noprof+0xdf/0x4d0
[  289.045909][ T8798]  ? bitmap_find_next_zero_area_off+0xa3/0xc0
[  289.045923][ T8798]  ? __vb2_queue_alloc+0x286/0x16f0
[  289.045942][ T8798]  __vb2_queue_alloc+0x286/0x16f0
[  289.045971][ T8798]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  289.046015][ T8798]  vb2_core_reqbufs+0xd3b/0x17d0
[  289.046054][ T8798]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  289.046077][ T8798]  ? __kasan_kmalloc+0x9d/0xb0
[  289.046096][ T8798]  ? __kmalloc_cache_noprof+0x236/0x370
[  289.046124][ T8798]  ? __vb2_init_fileio+0x1e9/0xfa0
[  289.046153][ T8798]  __vb2_init_fileio+0x319/0xfa0
[  289.046174][ T8798]  ? vb2_fop_poll+0xce/0x360
[  289.046197][ T8798]  ? __pfx___mutex_lock+0x10/0x10
[  289.046216][ T8798]  ? __lock_acquire+0xad5/0xd80
[  289.046238][ T8798]  vb2_core_poll+0x45a/0x7a0
[  289.046274][ T8798]  vb2_fop_poll+0x170/0x360
[  289.046306][ T8798]  ? __pfx_vb2_fop_poll+0x10/0x10
[  289.046325][ T8798]  v4l2_poll+0x140/0x2b0
[  289.046351][ T8798]  ? __pfx_v4l2_poll+0x10/0x10
[  289.046383][ T8798]  ep_modify+0x50a/0xa90
[  289.046406][ T8798]  ? do_epoll_ctl+0x41d/0xf70
[  289.046430][ T8798]  ? __pfx_ep_modify+0x10/0x10
[  289.046477][ T8798]  do_epoll_ctl+0x761/0xf70
[  289.046512][ T8798]  __ia32_sys_epoll_ctl+0x162/0x1a0
[  289.046537][ T8798]  ? __pfx___ia32_sys_epoll_ctl+0x10/0x10
[  289.046559][ T8798]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  289.046576][ T8798]  ? lockdep_hardirqs_on+0x9d/0x150
[  289.046604][ T8798]  __do_fast_syscall_32+0xb4/0x110
[  289.046626][ T8798]  ? exc_page_fault+0x5f8/0x920
[  289.046651][ T8798]  do_fast_syscall_32+0x34/0x80
[  289.046674][ T8798]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  289.046691][ T8798] RIP: 0023:0xf73bd579
[  289.046703][ T8798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  289.046715][ T8798] RSP: 002b:00000000f504655c EFLAGS: 00000206 ORIG_RAX: 00000000000000ff
[  289.046734][ T8798] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000003
[  289.046749][ T8798] RDX: 0000000000000005 RSI: 0000000080000c40 RDI: 0000000000000000
[  289.046762][ T8798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  289.046773][ T8798] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  289.046784][ T8798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  289.046812][ T8798]  </TASK>
[  289.351248][    C0] vkms_vblank_simulate: vblank timer overrun
[  289.502488][ T8804] FAULT_INJECTION: forcing a failure.
[  289.502488][ T8804] name failslab, interval 1, probability 0, space 0, times 0
[  289.525799][ T8804] CPU: 0 UID: 0 PID: 8804 Comm: syz.3.967 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  289.525834][ T8804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  289.525848][ T8804] Call Trace:
[  289.525857][ T8804]  <TASK>
[  289.525866][ T8804]  dump_stack_lvl+0x241/0x360
[  289.525906][ T8804]  ? __pfx_dump_stack_lvl+0x10/0x10
[  289.525937][ T8804]  ? __pfx__printk+0x10/0x10
[  289.525971][ T8804]  ? __pfx___might_resched+0x10/0x10
[  289.526002][ T8804]  should_fail_ex+0x424/0x570
[  289.526029][ T8804]  should_failslab+0xac/0x100
[  289.526061][ T8804]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  289.526106][ T8804]  ? __alloc_skb+0x1c2/0x480
[  289.526141][ T8804]  __alloc_skb+0x1c2/0x480
[  289.526171][ T8804]  ? __lock_acquire+0xad5/0xd80
[  289.526198][ T8804]  ? __pfx___alloc_skb+0x10/0x10
[  289.526242][ T8804]  alloc_skb_with_frags+0xc3/0x830
[  289.526267][ T8804]  ? is_bpf_text_address+0x26/0x2a0
[  289.526297][ T8804]  ? is_bpf_text_address+0x288/0x2a0
[  289.526325][ T8804]  sock_alloc_send_pskb+0x91c/0xa70
[  289.526406][ T8804]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  289.526449][ T8804]  ? _raw_spin_unlock_irqrestore+0x90/0x140
[  289.526484][ T8804]  ? lockdep_hardirqs_on+0x9d/0x150
[  289.526522][ T8804]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  289.526555][ T8804]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  289.526594][ T8804]  __ip_append_data+0x3097/0x4750
[  289.526642][ T8804]  ? __pfx_udplite_getfrag+0x10/0x10
[  289.526688][ T8804]  ? __pfx___ip_append_data+0x10/0x10
[  289.526707][ T8804]  ? __pfx_ipv4_mtu+0x10/0x10
[  289.526738][ T8804]  ? ip_setup_cork+0x580/0x9a0
[  289.526763][ T8804]  ip_make_skb+0x19a/0x420
[  289.526790][ T8804]  ? __pfx_udplite_getfrag+0x10/0x10
[  289.526813][ T8804]  ? __pfx_ip_make_skb+0x10/0x10
[  289.526854][ T8804]  udp_sendmsg+0x1c7e/0x2ca0
[  289.526903][ T8804]  ? __pfx_udplite_getfrag+0x10/0x10
[  289.526925][ T8804]  ? __pfx_udp_sendmsg+0x10/0x10
[  289.526944][ T8804]  ? tomoyo_supervisor+0x590/0x18b0
[  289.527016][ T8804]  ? register_lock_class+0x54/0x330
[  289.527047][ T8804]  udpv6_sendmsg+0xe4c/0x3070
[  289.527098][ T8804]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  289.527121][ T8804]  ? udp_lib_get_port+0x16be/0x1b40
[  289.527157][ T8804]  ? __lock_acquire+0xad5/0xd80
[  289.527199][ T8804]  ? inet_send_prepare+0x1b7/0x260
[  289.527220][ T8804]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  289.527240][ T8804]  ? inet_send_prepare+0x1b7/0x260
[  289.527260][ T8804]  ? do_raw_spin_unlock+0x13c/0x8b0
[  289.527320][ T8804]  __sock_sendmsg+0xef/0x270
[  289.527351][ T8804]  ____sys_sendmsg+0x523/0x860
[  289.527383][ T8804]  ? __pfx_____sys_sendmsg+0x10/0x10
[  289.527422][ T8804]  __sys_sendmmsg+0x4a3/0x7b0
[  289.527457][ T8804]  ? __pfx___sys_sendmmsg+0x10/0x10
[  289.527484][ T8804]  ? __lock_acquire+0xad5/0xd80
[  289.527554][ T8804]  ? vfs_write+0xb29/0xd10
[  289.527602][ T8804]  ? __mutex_unlock_slowpath+0x229/0x800
[  289.527636][ T8804]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  289.527659][ T8804]  ? __fget_files+0x2a/0x420
[  289.527691][ T8804]  ? fput+0x9b/0xd0
[  289.527711][ T8804]  ? ksys_write+0x275/0x2d0
[  289.527747][ T8804]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  289.527783][ T8804]  __do_fast_syscall_32+0xb4/0x110
[  289.527806][ T8804]  ? exc_page_fault+0x5f8/0x920
[  289.527834][ T8804]  do_fast_syscall_32+0x34/0x80
[  289.527860][ T8804]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  289.527886][ T8804] RIP: 0023:0xf73bd579
[  289.527906][ T8804] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  289.527923][ T8804] RSP: 002b:00000000f504655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  289.527945][ T8804] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000a80
[  289.527960][ T8804] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  289.527972][ T8804] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  289.527985][ T8804] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  289.527998][ T8804] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  289.528028][ T8804]  </TASK>
[  289.933648][    C0] vkms_vblank_simulate: vblank timer overrun
[  290.069011][ T8810] netlink: 16 bytes leftover after parsing attributes in process `syz.2.970'.
[  290.496282][   T54] usb 1-1: unable to get BOS descriptor or descriptor too short
[  290.504892][   T54] usb 1-1: unable to read config index 0 descriptor/start: -71
[  290.513442][   T54] usb 1-1: can't read configurations, error -71
[  290.624403][ T8814] netlink: 16 bytes leftover after parsing attributes in process `syz.2.971'.
[  290.831563][   T47] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  290.945169][ T8829] netlink: 'syz.0.977': attribute type 10 has an invalid length.
[  291.006024][   T47] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  291.040461][   T47] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  291.065991][   T47] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  291.075117][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  291.096948][   T47] usb 4-1: SerialNumber: syz
[  291.340656][   T47] usb 4-1: 0:2 : does not exist
[  291.431553][   T47] usb 4-1: USB disconnect, device number 39
[  291.450035][ T8840] FAULT_INJECTION: forcing a failure.
[  291.450035][ T8840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  291.520269][ T8840] CPU: 1 UID: 0 PID: 8840 Comm: syz.2.979 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  291.520301][ T8840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  291.520314][ T8840] Call Trace:
[  291.520322][ T8840]  <TASK>
[  291.520338][ T8840]  dump_stack_lvl+0x241/0x360
[  291.520377][ T8840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.520405][ T8840]  ? __pfx__printk+0x10/0x10
[  291.520446][ T8840]  should_fail_ex+0x424/0x570
[  291.520468][ T8840]  _copy_from_iter+0x211/0x1c70
[  291.520494][ T8840]  ? __build_skb_around+0x247/0x3d0
[  291.520523][ T8840]  ? __alloc_skb+0x298/0x480
[  291.520548][ T8840]  ? __pfx__copy_from_iter+0x10/0x10
[  291.520575][ T8840]  ? __pfx___alloc_skb+0x10/0x10
[  291.520602][ T8840]  ? skb_put+0x114/0x1f0
[  291.520620][ T8840]  netlink_sendmsg+0x73c/0xcd0
[  291.520653][ T8840]  ? __pfx_netlink_sendmsg+0x10/0x10
[  291.520678][ T8840]  ? __import_iovec+0x585/0x830
[  291.520699][ T8840]  ? aa_sock_msg_perm+0x91/0x160
[  291.520726][ T8840]  ? __pfx_netlink_sendmsg+0x10/0x10
[  291.520747][ T8840]  __sock_sendmsg+0x221/0x270
[  291.520770][ T8840]  ____sys_sendmsg+0x523/0x860
[  291.520794][ T8840]  ? __pfx_____sys_sendmsg+0x10/0x10
[  291.520824][ T8840]  __sys_sendmsg+0x271/0x360
[  291.520844][ T8840]  ? __pfx___sys_sendmsg+0x10/0x10
[  291.520901][ T8840]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  291.520920][ T8840]  ? lockdep_hardirqs_on+0x9d/0x150
[  291.520940][ T8840]  __do_fast_syscall_32+0xb4/0x110
[  291.520958][ T8840]  ? exc_page_fault+0x5f8/0x920
[  291.520979][ T8840]  do_fast_syscall_32+0x34/0x80
[  291.520998][ T8840]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  291.521018][ T8840] RIP: 0023:0xf7fd7579
[  291.521032][ T8840] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  291.521046][ T8840] RSP: 002b:00000000f50b455c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  291.521065][ T8840] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000200
[  291.521077][ T8840] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  291.521089][ T8840] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  291.521098][ T8840] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  291.521108][ T8840] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  291.521131][ T8840]  </TASK>
[  292.026201][ T5952] udevd[5952]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  292.043507][    C0] vkms_vblank_simulate: vblank timer overrun
[  292.081365][   T54] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  292.139964][ T8847] tipc: Started in network mode
[  292.163736][ T8847] tipc: Node identity ac14140f, cluster identity 4711
[  292.226098][ T8847] tipc: New replicast peer: 255.255.255.255
[  292.232722][ T8847] tipc: Enabled bearer <udp:syz2>, priority 10
[  292.341047][   T54] usb 2-1: Using ep0 maxpacket: 8
[  292.385940][   T54] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  292.432205][   T54] usb 2-1: New USB device found, idVendor=05ac, idProduct=0246, bcdDevice= 0.00
[  292.473934][   T54] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.579154][   T54] usb 2-1: config 0 descriptor??
[  292.602421][   T54] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input25
[  292.813204][ T5196] bcm5974 2-1:0.0: could not read from device
[  292.837596][ T5196] bcm5974 2-1:0.0: could not read from device
[  292.850304][ T5196] bcm5974 2-1:0.0: could not read from device
[  292.858825][   T54] usb 2-1: USB disconnect, device number 29
[  292.871506][ T5196] bcm5974 2-1:0.0: could not read from device
[  292.945846][   T47] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  293.213840][   T47] usb 4-1: Using ep0 maxpacket: 16
[  293.255709][    T9] tipc: Node number set to 2886997007
[  293.257771][ T8856] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.288130][ T8856] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.866454][ T8862] team0 (unregistering): Port device team_slave_0 removed
[  294.535799][   T54] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  294.586793][   T30] audit: type=1326 audit(1743733683.943:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[  294.681388][   T30] audit: type=1326 audit(1743733683.943:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[  294.749818][   T54] usb 2-1: config 0 has an invalid interface number: 182 but max is 1
[  294.759362][   T54] usb 2-1: config 0 has an invalid interface number: 9 but max is 1
[  294.816018][   T54] usb 2-1: config 0 has no interface number 0
[  294.853259][   T30] audit: type=1326 audit(1743733684.003:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[  294.909063][   T54] usb 2-1: config 0 has no interface number 1
[  294.920396][   T54] usb 2-1: too many endpoints for config 0 interface 9 altsetting 255: 255, using maximum allowed: 30
[  294.976860][   T30] audit: type=1326 audit(1743733684.003:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[  294.999564][   T54] usb 2-1: config 0 interface 9 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  295.033995][   T30] audit: type=1326 audit(1743733684.013:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[  295.065252][   T54] usb 2-1: config 0 interface 9 has no altsetting 0
[  295.085013][   T30] audit: type=1326 audit(1743733684.163:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=40000003 syscall=1 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[  295.107088][   T54] usb 2-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=9c.af
[  295.128356][   T54] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.166400][   T54] usb 2-1: config 0 descriptor??
[  295.221136][   T54] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  295.253839][   T54] snd-usb-audio 2-1:0.182: probe with driver snd-usb-audio failed with error -2
[  295.348601][   T54] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  295.398719][ T8866] netlink: 180 bytes leftover after parsing attributes in process `syz.1.989'.
[  295.685318][   T54] snd-usb-audio 2-1:0.9: probe with driver snd-usb-audio failed with error -2
[  295.698607][   T54] usb 2-1: USB disconnect, device number 30
[  295.926239][ T5934] udevd[5934]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.9/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  296.223851][   T47] usb 4-1: unable to get BOS descriptor or descriptor too short
[  296.230590][ T8886] FAULT_INJECTION: forcing a failure.
[  296.230590][ T8886] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.265779][   T47] usb 4-1: unable to read config index 0 descriptor/start: -71
[  296.276517][ T8886] CPU: 0 UID: 0 PID: 8886 Comm: syz.2.995 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  296.276550][ T8886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  296.276563][ T8886] Call Trace:
[  296.276571][ T8886]  <TASK>
[  296.276580][ T8886]  dump_stack_lvl+0x241/0x360
[  296.276619][ T8886]  ? __pfx_dump_stack_lvl+0x10/0x10
[  296.276649][ T8886]  ? __pfx__printk+0x10/0x10
[  296.276691][ T8886]  should_fail_ex+0x424/0x570
[  296.276718][ T8886]  _copy_from_iter+0x211/0x1c70
[  296.276751][ T8886]  ? __build_skb_around+0x247/0x3d0
[  296.276800][ T8886]  ? __alloc_skb+0x298/0x480
[  296.276827][ T8886]  ? __pfx__copy_from_iter+0x10/0x10
[  296.276856][ T8886]  ? __pfx___alloc_skb+0x10/0x10
[  296.276888][ T8886]  ? skb_put+0x114/0x1f0
[  296.276912][ T8886]  netlink_sendmsg+0x73c/0xcd0
[  296.276955][ T8886]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.276987][ T8886]  ? __import_iovec+0x585/0x830
[  296.277013][ T8886]  ? aa_sock_msg_perm+0x91/0x160
[  296.277048][ T8886]  ? __pfx_netlink_sendmsg+0x10/0x10
[  296.277074][ T8886]  __sock_sendmsg+0x221/0x270
[  296.277103][ T8886]  ____sys_sendmsg+0x523/0x860
[  296.277134][ T8886]  ? __pfx_____sys_sendmsg+0x10/0x10
[  296.277172][ T8886]  __sys_sendmsg+0x271/0x360
[  296.277199][ T8886]  ? __pfx___sys_sendmsg+0x10/0x10
[  296.277273][ T8886]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  296.277298][ T8886]  ? lockdep_hardirqs_on+0x9d/0x150
[  296.277323][ T8886]  __do_fast_syscall_32+0xb4/0x110
[  296.277347][ T8886]  ? exc_page_fault+0x5f8/0x920
[  296.277374][ T8886]  do_fast_syscall_32+0x34/0x80
[  296.277398][ T8886]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  296.277422][ T8886] RIP: 0023:0xf7fd7579
[  296.277440][ T8886] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  296.277457][ T8886] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  296.277479][ T8886] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  296.277494][ T8886] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  296.277507][ T8886] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  296.277519][ T8886] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  296.277531][ T8886] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  296.277562][ T8886]  </TASK>
[  296.521640][   T47] usb 4-1: can't read configurations, error -71
[  296.810530][ T8897] program syz.0.999 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  296.824455][ T8897] FAULT_INJECTION: forcing a failure.
[  296.824455][ T8897] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.844080][ T8897] CPU: 0 UID: 0 PID: 8897 Comm: syz.0.999 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  296.844111][ T8897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  296.844125][ T8897] Call Trace:
[  296.844134][ T8897]  <TASK>
[  296.844143][ T8897]  dump_stack_lvl+0x241/0x360
[  296.844182][ T8897]  ? __pfx_dump_stack_lvl+0x10/0x10
[  296.844213][ T8897]  ? __pfx__printk+0x10/0x10
[  296.844254][ T8897]  should_fail_ex+0x424/0x570
[  296.844277][ T8897]  _copy_from_user+0x2d/0xb0
[  296.844299][ T8897]  scsi_ioctl+0x1eef/0x2f20
[  296.844320][ T8897]  ? __kasan_slab_free+0x59/0x70
[  296.844337][ T8897]  ? kfree+0x198/0x430
[  296.844355][ T8897]  ? tomoyo_path_number_perm+0x5fd/0x790
[  296.844374][ T8897]  ? __se_compat_sys_ioctl+0xd8/0xc30
[  296.844393][ T8897]  ? do_vfs_ioctl+0xef8/0x2750
[  296.844410][ T8897]  ? __pfx_scsi_ioctl+0x10/0x10
[  296.844430][ T8897]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  296.844468][ T8897]  ? kasan_quarantine_put+0xdc/0x230
[  296.844483][ T8897]  ? lockdep_hardirqs_on+0x9d/0x150
[  296.844506][ T8897]  ? tomoyo_path_number_perm+0x215/0x790
[  296.844528][ T8897]  ? tomoyo_path_number_perm+0x684/0x790
[  296.844545][ T8897]  ? __lock_acquire+0xad5/0xd80
[  296.844563][ T8897]  ? tomoyo_path_number_perm+0x215/0x790
[  296.844583][ T8897]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  296.844612][ T8897]  sg_ioctl+0x17f8/0x2ea0
[  296.844642][ T8897]  ? __pfx_sg_ioctl+0x10/0x10
[  296.844661][ T8897]  ? __fget_files+0x2a/0x420
[  296.844674][ T8897]  ? __fget_files+0x2a/0x420
[  296.844690][ T8897]  ? __fget_files+0x2a/0x420
[  296.844710][ T8897]  __se_compat_sys_ioctl+0x50e/0xc30
[  296.844731][ T8897]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  296.844750][ T8897]  ? __fget_files+0x2a/0x420
[  296.844767][ T8897]  ? fput+0x9b/0xd0
[  296.844781][ T8897]  ? ksys_write+0x275/0x2d0
[  296.844803][ T8897]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  296.844819][ T8897]  ? lockdep_hardirqs_on+0x9d/0x150
[  296.844836][ T8897]  __do_fast_syscall_32+0xb4/0x110
[  296.844853][ T8897]  ? exc_page_fault+0x5f8/0x920
[  296.844872][ T8897]  do_fast_syscall_32+0x34/0x80
[  296.844889][ T8897]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  296.844912][ T8897] RIP: 0023:0xf73ed579
[  296.844925][ T8897] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  296.844937][ T8897] RSP: 002b:00000000f507655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  296.844953][ T8897] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000001
[  296.844962][ T8897] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  296.844971][ T8897] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  296.844980][ T8897] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  296.844988][ T8897] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  296.845009][ T8897]  </TASK>
[  297.155310][ T8900] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1000'.
[  297.215669][   T47] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  297.465993][   T47] usb 4-1: Using ep0 maxpacket: 8
[  297.483038][   T47] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  297.499983][   T47] usb 4-1: New USB device found, idVendor=05ac, idProduct=0246, bcdDevice= 0.00
[  297.510018][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.542064][   T47] usb 4-1: config 0 descriptor??
[  297.573119][   T47] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input26
[  297.728919][ T8900] team0 (unregistering): Port device team_slave_0 removed
[  297.751948][ T8900] team0 (unregistering): Port device team_slave_1 removed
[  298.786030][ T5843] BUG: unable to handle page fault for address: ffff88805fa41000
[  298.793808][ T5843] #PF: supervisor write access in kernel mode
[  298.799902][ T5843] #PF: error_code(0x0002) - not-present page
[  298.805906][ T5843] PGD 1ae01067 P4D 1ae01067 PUD 5fa40063 PMD 2a687063 PTE 800fffffa05be020
[  298.814560][ T5843] Oops: Oops: 0002 [#1] SMP KASAN PTI
[  298.819951][ T5843] CPU: 0 UID: 0 PID: 5843 Comm: syz-executor Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  298.831786][ T5843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  298.841882][ T5843] RIP: 0010:clear_page_erms+0xb/0x20
[  298.847201][ T5843] Code: 48 8d 7f 40 75 d9 90 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa b9 00 10 00 00 31 c0 <f3> aa c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90
[  298.866840][ T5843] RSP: 0018:ffffc90003f4ec78 EFLAGS: 00010246
[  298.872973][ T5843] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000001000
[  298.880967][ T5843] RDX: ffff88805fa41000 RSI: 0000000000000001 RDI: ffff88805fa41000
[  298.888973][ T5843] RBP: ffffea00017e9040 R08: ffffffff905fcf77 R09: 0000000000000000
[  298.896964][ T5843] R10: ffffed100bf48200 R11: fffffbfff20bf9ef R12: 0000000000000000
[  298.905129][ T5843] R13: 0000000000000001 R14: 0000000000000001 R15: ffffea00017e9040
[  298.913120][ T5843] FS:  0000000000000000(0000) GS:ffff888124f99000(0063) knlGS:0000000056aa3440
[  298.922074][ T5843] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  298.928670][ T5843] CR2: ffff88805fa41000 CR3: 0000000066642000 CR4: 00000000003526f0
[  298.936680][ T5843] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  298.944657][ T5843] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  298.952669][ T5843] Call Trace:
[  298.956659][ T5843]  <TASK>
[  298.959954][ T5843]  post_alloc_hook+0xf5/0x240
[  298.964655][ T5843]  get_page_from_freelist+0x352b/0x36c0
[  298.970232][ T5843]  ? __pfx_get_page_from_freelist+0x10/0x10
[  298.976135][ T5843]  ? prepare_alloc_pages+0x220/0x610
[  298.981427][ T5843]  __alloc_frozen_pages_noprof+0x211/0x5b0
[  298.987234][ T5843]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  298.993579][ T5843]  ? rcu_preempt_deferred_qs_irqrestore+0x8c6/0xcb0
[  299.000190][ T5843]  alloc_pages_mpol+0x339/0x690
[  299.005053][ T5843]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  299.010537][ T5843]  alloc_pages_noprof+0x121/0x190
[  299.015581][ T5843]  pte_alloc_one+0x1e/0x160
[  299.020463][ T5843]  __pte_alloc+0x7b/0x240
[  299.024821][ T5843]  ? __pfx___pte_alloc+0x10/0x10
[  299.029781][ T5843]  copy_pte_range+0x607b/0x6680
[  299.033111][    C1] vcan0: j1939_tp_rxtimer: 0xffff88803421f400: rx timeout, send abort
[  299.034644][ T5843]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  299.043042][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88803421f400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  299.048931][ T5843]  ? kernel_text_address+0xa7/0xe0
[  299.048957][ T5843]  ? unwind_get_return_address+0x4d/0x90
[  299.063354][    C1] vcan0: j1939_tp_rxtimer: 0xffff88803421dc00: rx timeout, send abort
[  299.068547][ T5843]  ? __pfx_copy_pte_range+0x10/0x10
[  299.068570][ T5843]  ? stack_trace_save+0x11a/0x1d0
[  299.075704][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88803421dc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  299.082358][ T5843]  ? __lock_acquire+0xad5/0xd80
[  299.111758][ T5843]  ? __pfx_stack_trace_save+0x10/0x10
[  299.117168][ T5843]  ? __pfx_mas_destroy+0x10/0x10
[  299.122118][ T5843]  ? __lock_acquire+0xad5/0xd80
[  299.127015][ T5843]  ? mas_wr_store_type+0xc24/0x16c0
[  299.132233][ T5843]  copy_page_range+0xe57/0x13a0
[  299.137155][ T5843]  ? __pfx_copy_page_range+0x10/0x10
[  299.142495][ T5843]  ? up_write+0x1ab/0x590
[  299.146866][ T5843]  ? __asan_memset+0x23/0x50
[  299.151481][ T5843]  ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10
[  299.158288][ T5843]  ? vma_interval_tree_insert_after+0x26f/0x2c0
[  299.164557][ T5843]  copy_mm+0x130d/0x22c0
[  299.168830][ T5843]  ? __pfx_copy_mm+0x10/0x10
[  299.173456][ T5843]  ? __init_rwsem+0x122/0x160
[  299.178166][ T5843]  ? copy_signal+0x500/0x630
[  299.182799][ T5843]  copy_process+0x17de/0x3d10
[  299.187497][ T5843]  ? copy_process+0xa07/0x3d10
[  299.192287][ T5843]  ? __pfx_copy_process+0x10/0x10
[  299.197337][ T5843]  ? count_memcg_event_mm+0x388/0x440
[  299.202738][ T5843]  ? count_memcg_event_mm+0x96/0x440
[  299.208048][ T5843]  kernel_clone+0x242/0x930
[  299.212576][ T5843]  ? __pfx_kernel_clone+0x10/0x10
[  299.217605][ T5843]  ? handle_mm_fault+0x1830/0x1bf0
[  299.222735][ T5843]  __ia32_compat_sys_ia32_clone+0x266/0x2e0
[  299.228639][ T5843]  ? __pfx___ia32_compat_sys_ia32_clone+0x10/0x10
[  299.235082][ T5843]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  299.241691][ T5843]  ? lockdep_hardirqs_on+0x9d/0x150
[  299.246897][ T5843]  __do_fast_syscall_32+0xb4/0x110
[  299.252019][ T5843]  ? exc_page_fault+0x5f8/0x920
[  299.256889][ T5843]  do_fast_syscall_32+0x34/0x80
[  299.261755][ T5843]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  299.268102][ T5843] RIP: 0023:0xf73ed579
[  299.272174][ T5843] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  299.291798][ T5843] RSP: 002b:00000000f753fcbc EFLAGS: 00000206 ORIG_RAX: 0000000000000078
[  299.300239][ T5843] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000
[  299.308223][ T5843] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000056aa34a8
[  299.316208][ T5843] RBP: 00000000f73dcff4 R08: 0000000000000000 R09: 0000000000000000
[  299.324191][ T5843] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  299.332175][ T5843] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  299.340161][ T5843]  </TASK>
[  299.343265][ T5843] Modules linked in:
[  299.347180][ T5843] CR2: ffff88805fa41000
[  299.351363][ T5843] ---[ end trace 0000000000000000 ]---
[  299.356842][ T5843] RIP: 0010:clear_page_erms+0xb/0x20
[  299.362137][ T5843] Code: 48 8d 7f 40 75 d9 90 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa b9 00 10 00 00 31 c0 <f3> aa c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90
[  299.381766][ T5843] RSP: 0018:ffffc90003f4ec78 EFLAGS: 00010246
[  299.387861][ T5843] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000001000
[  299.395846][ T5843] RDX: ffff88805fa41000 RSI: 0000000000000001 RDI: ffff88805fa41000
[  299.403847][ T5843] RBP: ffffea00017e9040 R08: ffffffff905fcf77 R09: 0000000000000000
[  299.411838][ T5843] R10: ffffed100bf48200 R11: fffffbfff20bf9ef R12: 0000000000000000
[  299.419840][ T5843] R13: 0000000000000001 R14: 0000000000000001 R15: ffffea00017e9040
[  299.427820][ T5843] FS:  0000000000000000(0000) GS:ffff888124f99000(0063) knlGS:0000000056aa3440
[  299.436757][ T5843] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  299.443334][ T5843] CR2: ffff88805fa41000 CR3: 0000000066642000 CR4: 00000000003526f0
[  299.451319][ T5843] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  299.459308][ T5843] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  299.467297][ T5843] Kernel panic - not syncing: Fatal exception
[  299.473693][ T5843] Kernel Offset: disabled
[  299.478017][ T5843] Rebooting in 86400 seconds..