last executing test programs:

8.398189824s ago: executing program 2 (id=2286):
r0 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x48f, &(0x7f0000000000)={0x11, @private, 0x0, 0x0, 'lc\x00'}, 0x2c)

8.357318479s ago: executing program 2 (id=2287):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f00000025c0)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000480)=""/200, 0xc8}, {&(0x7f0000000100)=""/55, 0x35}, {&(0x7f0000000240)=""/4, 0x4}, {&(0x7f0000000780)=""/230, 0xe6}, {&(0x7f0000000580)=""/173, 0xad}, {&(0x7f0000000680)=""/79, 0x4f}, {&(0x7f0000000880)=""/65, 0x41}, {&(0x7f00000000c0)=""/7, 0x1}, {&(0x7f0000000900)=""/249, 0xf9}], 0x9, &(0x7f0000000380)}}, {{&(0x7f0000000ac0)=@abs, 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000b40)=""/101, 0x65}, {&(0x7f0000000700)=""/63, 0x3f}, {&(0x7f0000000f40)=""/4096, 0x1000}, {&(0x7f0000000bc0)=""/98, 0x62}, {&(0x7f0000000c40)=""/163, 0xa3}, {&(0x7f0000000d00)=""/122, 0x7a}], 0x6, &(0x7f0000000e00)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18}}], 0x100}}, {{&(0x7f0000001f40)=@abs, 0x6e, &(0x7f0000002040)=[{&(0x7f0000001fc0)=""/4, 0x4}, {&(0x7f0000002000)=""/13, 0xd}], 0x2, &(0x7f0000002080)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}, {{&(0x7f0000002100)=@abs, 0x6e, &(0x7f0000002180), 0x4, &(0x7f0000002500)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb8}}], 0x4, 0x10040, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40008)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7b, 0x0, &(0x7f0000000040)=0x700)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
syz_io_uring_setup(0x497, 0x0, &(0x7f0000000340), &(0x7f0000000280))
getpgid(0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x401)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x0, r5})

7.225288947s ago: executing program 1 (id=2289):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
write(r1, &(0x7f0000000300)="fc0000004a000700ab092500090007000aab80ff020000000000369321000100fc0000000000000000ff000000000000008656aaa79bb94b46fe00000007ec020800008c0100036c6c256f1a272f2e117c22ebc205214000000080008934d07326ade01720e6cd5ed6e4e9bfcd772c74fb32c56ce1f0f156272f5b00000005defd5a32e3082038f4f8b29d3e2a73325c6d167c7594978f7bc711fdf3d92c8334b2ccd243f295ed94e0ad91bd073457d43d3f0000000000000000000000000073bfe35951f2d728a1e09c8dcd13323236b0fbe7c61b1bf53cdec0961355f00ca63ff6c90da1dc9f8f594d033472cb97e3b5f3395aa0a4a82775cf8def", 0xfc)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x17, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES8=0x0, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000e2052b0395dfd9d55a9c0f509d91b47a47ad475cda26f86421", @ANYRES32=r2, @ANYRES64=r2, @ANYRESHEX=r2], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4e, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, 0x0, &(0x7f0000000040))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0xfca804a0, 0x1d, 0x0, &(0x7f0000000100)="b800fca2fdefefba529ce78941d5d2946a22ab98d1db1b883e04000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029", 0x5}], 0x1}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

7.218439494s ago: executing program 2 (id=2290):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r1}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
migrate_pages(0x0, 0x5, 0x0, &(0x7f0000000040)=0x272)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0x21, 0x2, 0x2)
socket$kcm(0x21, 0x2, 0x2)
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200), 0x20, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_usb_connect$printer(0x2, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="f3304ad20000001025cc00a440001080ce714b6791aa01010484799bcbfc450409040013a307010202f70b090582028eeddcc0e2b91fbc905feead8cf95a622c"], &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0})

6.161668746s ago: executing program 0 (id=2293):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
r1 = gettid()
tkill(r1, 0xb)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x3, r1, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = gettid()
sched_setscheduler(0x0, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = socket(0xb, 0x2, 0x8)
r5 = epoll_create1(0x0)
epoll_pwait(r5, &(0x7f0000000040)=[{}], 0x1, 0x80, 0x0, 0x0)
r6 = syz_io_uring_setup(0x5842, &(0x7f00000002c0)={0x0, 0x0, 0x4000, 0x3, 0x1f9}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000040)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000004c0)=@IORING_OP_MKDIRAT={0x25, 0xd, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000140)='./file0\x00', 0x80})
io_uring_enter(r6, 0x6e2, 0x3900, 0x1, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000000c0)={0x10000001})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
setsockopt$MRT6_TABLE(r4, 0x29, 0xcf, &(0x7f0000000040)=0xff, 0x4)
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r9, &(0x7f0000000580)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
setsockopt$bt_BT_RCVMTU(r9, 0x112, 0xd, 0x0, 0x0)
r10 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r10, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)

6.160516006s ago: executing program 3 (id=2294):
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000008c0)={0x2, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}, {0x6000, 0x62, &(0x7f0000000600)=""/98}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f, @void, @value}, 0x94)

6.105241841s ago: executing program 4 (id=2295):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2, 0x3, 0x3})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000680)={'wlan0\x00'})
r7 = add_key$user(&(0x7f0000000240), &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe)
r8 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, &(0x7f0000000740)="69bf05d40ff7e03db3ddca537c6c5612321b25d32064e9ed643d462211406432e87c4d40383939ab8276bfc0294ba021d1ccf9b6b32d1b6c9e8c9737ca2d08305301693ef20a414ca24bed3736d182271d197fc2146a9f55070f3f31155b9081ecbd0fcc0296c88eac143394a776955e8a075194717757c9e085976cac66fd4c5bc83183df2db8205863d7f803e302420e7fc5315861803024f921932a49a4283f6a7d8ab2cbd629e984582467fd6ca63598d554677517903644dc2ef01f8d", 0xbf, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r7, r8, r8}, &(0x7f00000002c0)=""/46, 0x2e, &(0x7f0000000380)={&(0x7f0000000300)={'sha1-avx\x00'}})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000380)={0x0, 0x8c}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000002c0)={0x0, 0x9}, 0x8)

6.042086026s ago: executing program 1 (id=2296):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000001280)={0x1000, 0x1, 0x3}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r1, 0x2, &(0x7f00000012c0)={0x0, 0x9}, 0x0)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RNDADDENTROPY(r2, 0x5207, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setreuid(0xee01, 0xee01)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x541b, 0x0)

5.903287814s ago: executing program 3 (id=2297):
r0 = socket$isdn_base(0x22, 0x3, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f0000000980)={0x48, 0x5, r2, 0x0, <r3=>0x0, 0x1})
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x3000, 0x1000004, 0x42031, 0xffffffffffffffff, 0x4000000)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r1, 0x3ba0, &(0x7f0000000a40)={0xffffffffffffffd0, 0x7, r3})
r4 = socket$rxrpc(0x21, 0x2, 0x2)
recvfrom$rxrpc(r4, &(0x7f0000000140)=""/200, 0xc8, 0x86ed51df4b48a71b, &(0x7f0000000240)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e20, @rand_addr=0x64010100}}, 0x24)
bind$inet6(r0, 0x0, 0x0)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)="9df94683b83687e35e504016d32d9c221bd69bcf90bbb5d9d8041d4664f1e2e564454819c6d313c7628900aea42efcd7b93ca6d0230cb5d72336aa8c1ac4393875f89f0cc145a59684280abe0f0ac780075673d373345ea538924fb21515bda2002b7568963ee15165532d5579a051417a556d96b3a13edfb72c25ecf752f9290ee8c0e1d36b31fa1072ba000c64", 0x8e}, {&(0x7f00000000c0)="81d17ba86a8c6273", 0x8}], 0x2)

5.194559305s ago: executing program 0 (id=2298):
ioperm(0x6, 0xa875, 0x10000005)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0xfffffffe, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = gettid()
process_vm_writev(r1, &(0x7f00000000c0)=[{&(0x7f00008f9f09)=""/247, 0xf7}, {&(0x7f0000000300)=""/220}], 0x0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000280)='2', 0x1}], 0x1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, r3)
sendmsg$IEEE802154_ADD_IFACE(r3, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

5.128262906s ago: executing program 4 (id=2299):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f00000000c0))

5.050725299s ago: executing program 3 (id=2300):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f00000025c0)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000480)=""/200, 0xc8}, {&(0x7f0000000100)=""/55, 0x35}, {&(0x7f0000000240)=""/4, 0x4}, {&(0x7f0000000780)=""/230, 0xe6}, {&(0x7f0000000580)=""/173, 0xad}, {&(0x7f0000000680)=""/79, 0x4f}, {&(0x7f0000000880)=""/65, 0x41}, {&(0x7f00000000c0)=""/7, 0x1}, {&(0x7f0000000900)=""/249, 0xf9}], 0x9, &(0x7f0000000380)}}, {{&(0x7f0000000ac0)=@abs, 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000b40)=""/101, 0x65}, {&(0x7f0000000700)=""/63, 0x3f}, {&(0x7f0000000f40)=""/4096, 0x1000}, {&(0x7f0000000bc0)=""/98, 0x62}, {&(0x7f0000000c40)=""/163, 0xa3}, {&(0x7f0000000d00)=""/122, 0x7a}], 0x6, &(0x7f0000000e00)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18}}], 0x100}}, {{&(0x7f0000001f40)=@abs, 0x6e, &(0x7f0000002040)=[{&(0x7f0000001fc0)=""/4, 0x4}, {&(0x7f0000002000)=""/13, 0xd}], 0x2, &(0x7f0000002080)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}, {{&(0x7f0000002100)=@abs, 0x6e, &(0x7f0000002180), 0x4, &(0x7f0000002500)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb8}}], 0x4, 0x10040, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40008)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7b, 0x0, &(0x7f0000000040)=0x700)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
syz_io_uring_setup(0x497, 0x0, &(0x7f0000000340), &(0x7f0000000280))
getpgid(0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x401)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x0, r5})

4.940326621s ago: executing program 4 (id=2301):
quotactl_fd$Q_GETQUOTA(0xffffffffffffffff, 0xffffffff80000702, 0xee00, &(0x7f00000003c0))
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
keyctl$restrict_keyring(0xa, 0x0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')
bind$bt_hci(r1, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
writev(r3, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000280)=0x1)
ppoll(&(0x7f0000000500)=[{r2, 0x80}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

4.36814201s ago: executing program 1 (id=2302):
quotactl_fd$Q_GETQUOTA(0xffffffffffffffff, 0xffffffff80000702, 0xee00, &(0x7f00000003c0))
socket(0x1d, 0x2, 0x6)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x27}, 0x62)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
keyctl$restrict_keyring(0xa, 0x0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')
bind$bt_hci(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
writev(r2, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000280)=0x1)
ppoll(&(0x7f0000000500)=[{r1, 0x80}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

4.134041714s ago: executing program 0 (id=2303):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2, 0x3, 0x3})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000680)={'wlan0\x00'})
r7 = add_key$user(&(0x7f0000000240), &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe)
r8 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, &(0x7f0000000740)="69bf05d40ff7e03db3ddca537c6c5612321b25d32064e9ed643d462211406432e87c4d40383939ab8276bfc0294ba021d1ccf9b6b32d1b6c9e8c9737ca2d08305301693ef20a414ca24bed3736d182271d197fc2146a9f55070f3f31155b9081ecbd0fcc0296c88eac143394a776955e8a075194717757c9e085976cac66fd4c5bc83183df2db8205863d7f803e302420e7fc5315861803024f921932a49a4283f6a7d8ab2cbd629", 0xa8, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r7, r8, r8}, &(0x7f00000002c0)=""/46, 0x2e, &(0x7f0000000380)={&(0x7f0000000300)={'sha1-avx\x00'}})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000380)={0x0, 0x8c}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000002c0)={0x0, 0x9}, 0x8)

3.696365824s ago: executing program 4 (id=2304):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x3f)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000380))
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r5, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
sendto$netrom(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$key(r4, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000980)=ANY=[@ANYBLOB="020300071200fffffffffffffff400000400030000020000fdffffffffffffff00000000000000000000000000000000050006006c0000000a00000300000000ff0100f7ffffffffffffff0000000001000000000000000005000500008000000a0000000000000000010000000000000000020001f3e4fffffd000002030000"], 0x90}}, 0x0)

3.630178922s ago: executing program 3 (id=2305):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f00080000000000000000850000000e000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, &(0x7f0000000040)=0x1)
recvmmsg(r3, &(0x7f0000002080)=[{{&(0x7f0000000080)=@ethernet, 0x80, &(0x7f0000000140)=[{&(0x7f0000000240)=""/243, 0xf3}], 0x1, &(0x7f0000000440)=""/138, 0x8a}, 0xa9c}, {{&(0x7f0000000540)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000340)}, {&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/236, 0xec}], 0x3, &(0x7f00000016c0)=""/79, 0x4f}, 0x10}, {{&(0x7f0000001740)=@ieee802154, 0x80, &(0x7f0000001c80)=[{&(0x7f00000017c0)=""/78, 0x4e}, {&(0x7f0000001840)=""/73, 0x49}, {&(0x7f00000018c0)=""/4, 0x4}, {&(0x7f0000001900)=""/245, 0xf5}, {&(0x7f0000001a00)=""/4, 0x4}, {&(0x7f0000001a40)=""/44, 0x2c}, {&(0x7f0000001a80)=""/227, 0xe3}, {&(0x7f0000001b80)=""/254, 0xfe}], 0x8, &(0x7f0000001d00)=""/13, 0xd}, 0xff}, {{&(0x7f0000001d40)=@tipc, 0x80, &(0x7f0000001f40)=[{&(0x7f0000001dc0)=""/130, 0x82}, {&(0x7f0000001e80)=""/61, 0x3d}, {&(0x7f0000001ec0)=""/56, 0x38}, {&(0x7f0000001f00)=""/18, 0x12}], 0x4, &(0x7f0000001f80)=""/228, 0xe4}, 0x62000000}], 0x4, 0x10001, &(0x7f0000002180))
io_cancel(0x0, 0x0, 0x0)

3.6033794s ago: executing program 2 (id=2306):
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000a00), 0x10000, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0xf, &(0x7f0000001340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1ff, @void, @value}, 0x94)
pread64(r1, 0x0, 0x0, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000080), 0x0, &(0x7f0000000540)="0706675823b8a37f19b37e0f9f120663b78a6a322f28cb301825eddc42c667fc68923d7df9f4c1843c5f11b63d2684fff43955079736fa4c80100487c31c09706b6bf145eb1baf416d2681491bd6a3098fe1a6741d65b085b4075db8419d9e6d17b1eec4dfb860a71d61af753459bcc5ea1f20d6c1c74afda3b0c08bf98886eaac01b08aa753b8727f25773c98cd6a78c06b758992b03b81e2e09cf103dc16a5658a3b58626b457ee4773d41b3548f2258a2e11cc22555da4ef9", 0xba, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r3, 0x80047437, &(0x7f0000001f00))
accept$phonet_pipe(0xffffffffffffffff, &(0x7f0000000780), &(0x7f00000007c0)=0x10)
bind$rds(r0, &(0x7f0000000a40)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r5=>0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x8004)
sendmmsg(r3, &(0x7f0000001100)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000800)=@x25, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000880)="eabd17ade40329da5cf46d6a9f7379914bd10bcaca4d67777b737ebcf8a64be0a5f5c4edac5d58b16936dcbebd450044df9ec9364a4c5c4072a1d6fe105f5a6f2164d48a308dda7eeae9b92f52a72826bac0611435decd4dc4ff7a2946248989782c62", 0x63}, {&(0x7f0000000900)="12a688f5cf581f2d55a28fd89882", 0xe}, {&(0x7f0000000940)="87ff4b35002d1e6be872e6d76c0de7683073e8110b6b2522e2cdc201bf5f0639da4e922cd3", 0x25}, {&(0x7f0000000980)="ec6211c8a87e1765bede4fbaa1ce79be2b864fe34bd245e29f613bdb192d739300a1cfd7b48ca953a2fecd2ebe1cfff7ef85d044e502d4f723b1efdfc91b7ebe6bc68dc3f10a2af2307f85cfaef47530570694c83636a7cc8e11928d619216388ea3bd92ca21f4fe69bfd2b41a842f0856d44a700e", 0x75}, {&(0x7f00000011c0)="a6230d4411f026e6d39dbc2d3f81941f7089f8e34f37f637f300cac217103535e30399c0c79d4ae1ccf0c9275df4ee262a3cc10fe41fcbc9f7ddb629bb6ad455f6f94dd8555b7b65ab592c1d36dd08f7482dbfa67a321a7f1527ffd082f1f61ea8dc0bf832f1ea692b09a4484124bf2e8b1b3d1b002636b34405243d9f02e8d32bb9ea3b0d28ab96618cd2dc88b4d0cab609d18e45a3", 0x96}], 0x5, &(0x7f0000001f40)=[{0x1010, 0x0, 0xe, "3691d86b9264abea9caa51db36676e240e75f2df25848506470461c3a0fa833244724ecf48d3e6e0b7d7604dac49ee72af9da2c51fa2e36059521a5aa58fc1744047ccfb5c1fcbaa20c026432aafddedb7f0fe3008af7ca22dfa25ba959f7e3c83c26ddf3b42d8720041947637c2d52cfa4831c08bfe857798a4ed3bfbca01bcb4845d0aacf9bc2163f8fc2351f0d1716841d1970d9bf62a0f7a9862da46e5ec7a8180112eb4b5f4630dbf94afb2ea66b878c9d50db17c65f6e783448073bbab7b9e207dfa240aebec7cdf4aa887dfb9c9b578f12e48cad3db928d8100a12cf23b2c5f81a5d4a9daae6e2ddc66be15731a8db551d15122eee61266821e8eb583fad46a2db3240c3359c037e63cc660afc455bf2e0e223c446c872d776235b2a4243c935ec7986b5d7255eccaf414e3943db09771b11596e7a016dd9a28fadc1b45832918b282b4ac09d86a7f1884df7b160fc08a26e26faff5f20609e38beab807e5639231aa7f5356baa4795d946dacfa9fc265cfc0131d5802158b99e8b1b5f615c6f02b518c4968a2cfdf6c7b50d06ba8f98d62b28d85579a9fc8b262835ed2fb570926b05988f5316e96cb99189907feb1896703fe2603736c563ad2c02f77a89eb0a8aa6daaa4787ba2b50a6b9ffab2955770faefcd02fdb2152dab219f8067005abe1f12f230cf81b4ab3c633cd65af72979828ad296194382d25f0bedc876091afc2b7e3f24c41b5eca4b4d5bfd2ceeea43db24dcb54ab7558e18d258e2b53f285917c6848591465c027e73cea44b7246a2cdbca8fc753ec0f6adff1ea1665b2ed23ee8736f54e7a75031cb6a61e9aed6f88327d1d4dd6ea8eaf8f0150def7a53eed2cd0b5947ce3c7051aff92ef9c48917b6b1c658b87d4474e0c6b11e486e0b38b5a1cbf4b950c1d5885b605298dbe6920fb1e69c82fd746f2ef0911837a456ac2e5dae467edeca778f503a4ed12c5fb9a25386821aeb04364ad59c5c74ddeccc4075fe6797e9a31810ffbb77a9692aaf2e21064e92b4776db6c71f2357bd41512d1c53c6fe200305ff1c8ae052fe0df5b449216cc9325bfa9029debe576b25dd2f77ede056aef235bdc6c365924b16cb79917426a8099bd186f6c8fa1ea9e90f4dc61059959560dd6dd29b0e5aa76e7124eba117131246fe2f70aefa04cd181a4ca86b162951a47e0b2019ac56b72d80f42ccf85d6d7053606b4c53fcc1761fa04b680920cc3aa6e4ba7b46acd1d89752b16399387be317222f5d435c1588c218214241c4483715957750461b6b92021ce9d41e1d25378bcb1a3a1e47cb18d6946bbbbbf060216f84ea906a0d9c2ca381bdd52a14c87c1566248571fb2645d0a38f6a94026944998a3f6cf3b1fdaadaddf5dcd017c23828ccac5f5d03d99947b3c778aa81d7120f2bd8732c81de41ff4deb273ee66c7d366885eef85385c25be4f3d3e52db60fef4132a30dc6fe0d328db557a604cace9c5f6ec3e6c0342f4c0392335eda24abea63c26f07b90751ae3ff1bc90d0baac30cff0d53030eb5658d83171c7198c7be83616c4709f22d469ba51e3e855aac24048af8e98fb571b358fe345193a034a1518361b2f22eb65a3d1ee06ccb4a6152c341a3896aaaf677a13caf9ccbd9e4c1afe6f19920a807fb59de2b10995a05791e5875166abde58c5e09410d96c97aa3a9871b058b9252a910901890982daeed0ee963b7f51b2db19d062637996f88f713065b7651e43c7b13bbfe4f62be6b082a5f551518aa2a12624faa5286513ef80be82b188dac242ca32d22130da692e04ee24ea06a6c73914e518cf8f2cc313f63b6c3acc0b19815c811d5bf593edf9648caaf87a5ba5cac149edabc1249f0c5f9c4b163e8d52df122e23f72c8a119b8756d5c4a4838d1c647ff52e2c72e0fb0c22889eea5021caa1ad6a583e5a3f3c14eac3f2a9e75180a751392fe94334ce2e1cb4d5d7bdbcc3d2de9735af99c3c0528474c5cd09b17c6a8032f3a0160aa3ebf95dcb2e41118679b8cdec6afdd20e2f12094ec9dedc122470249423aebff83853f72216d21ea65818bd8c6e36dcfb0aa5e4d5bd1a2f44dadc711ab9c5bd81d38b69dce8512a4a2dcb340b9bf58a0fb1a08db9038aa705efd27e01b94e52fc55f9f63b6ccd2ca4be100908c24dac9faa9ae890f953f3a8d735ee8e11a0fbc8b2ef8e8ee792c37acac2ca42e447a8e87a1ac0ee35f240fa24dbfbb16e6ed88783a3f9aeaa67f67098c726cdb3935cc7c90bfb982a1826aa92e9a6ce88f39c20b75fca025672d58c6a5f97341488f02753920180f260127dafa5715f85e45a1e8d479dd1c997e4940e5cb8df34b411c11d8ce0aba61becf8d77501f60fc445be2424f38c8ec46b5fac5c4cc3d46ac23b63ecde9e0c19977a5ebb3a84f5f769ba4435d679edeca345cc76640cf9ce60f040d7d2802d7dfd54264b5dc6c67170f20340b11408a88fc316c8e33dcf5fdad9b5edc3f07787b8945df8c500b93a31950e10ca2fb3940a5ca3c28387976995f4e1dd5b5ce74b15e2955220d27569f7e7382c5b314a2e7e84a1d8bef810fc8fdcb7492b0de0aa6ded4b2d3643e9dcd71a18efc2360c79ba0225e4c0e1ed452f6b2d88f54b295d091ca5937c4f32c772dd764bbd8472ec5af0ed750ae798f221910eec49c0a92dbbea61832f2650d79ce652bfdcdd9c1be17efeccf176f363edbeab2840082d7f52b5edfbf879f3d3b0716d68931f2908fb0f16fb7c2e70216fcd0509f998000be0dfdfa18a6946c555ce6dfc7bb8ee2dd44927c90378df25238ea5183870514f6d5aa6f5a64d502e8c8f1cf5bdba4dda31c032cd710d609a31d38688068e2dba14ea5359cc9343da03c6d313b8e241891e225d1bd53ffe9b4850b7176f83fe8fa63eccc866a7264751ce48d90f623f05e17e0b42ee9f094264f28d1d02085b7963596122f378bdde7e63581116135f1ae49bb88f28d23963ec88ca9698d5b0a38f99d4a3e67a203041755513b4620845f1c73caeac4e9cdf671d686eeca6d866853226dc032c8894cae4809d7b31637c9876bd2bc6037df9b0170113ae02dfed06164aea7e6fd5cbfb715294c6ea6023effb7d04b9bc0d509b897d58f0cd375fb39de8bdc9f5221c42272cdf0c500ae5985b2f76d59ee246eca9506f8d6e29009b83ee9928896d2943b0d642ea021845e37bb75fd4eb0171ffaa1bfd9153c62ac3193534c380d1a64866087a0495528919c146901d90fe161577a3b1a1b50be9036ced97a0cb2768559c968d815d60a1c572b530d55065973792962b692ce02c6a07b96919a5108a4478334e210ab0db3c8a224450b2c888b834512c118dab07bf32947d8fe20c7b08fa9994b64c69caf0236c683b8de3b6353352a070abad2e3887195d7111b884b69f49c3a036d556eb371ae5c414191871722dbb9b5bdbd159e3a3e36fafe04513d8f6d359aa8c89ef3bfb1bdc5ba5053718fa57eff0477930958ee953fc73802e11d52add73b992409102f39562f753bd510366afa57dc6cff9de5e9d36768f2d4f692d4d198a1a8f9a40e0001bfd4ae7fee9164b17717afbc167bfd9d8beb1e35d02bf1cca6cc139ea04a16343a231735d60020214914368f972c0f9645643d473741f6a9fe2d0222b35e1007ff05ae6faa4df0de29ccdfc7c785b7e358ef226549843d5b6f721fc9cd53a667a3f426dcaf049cc4ec4c5c59fd3eed7a48cdc5f8b480a1e5316b93a1c5e69ad8e7d54cbb0020918b4dc1ff9ccebc31f61c535848e1c5212afa18eac33da07fc8a641d8733ac4bdbfba038a05c6a0e5e71f2977bd98343ceea76b07d0272dcb5a903ccddee6f8fa90a4e0c23c3efe195fc9bf67a8c2cbeb9f84639407d443b37e0cbdaad9680b1d1a5da4ec4776d16102e07b2383dee7e981312163d7d2594521b3036963e6307301cf68020da74cf4fe5e7e8cc4a93b000bb3b616678c6216bd7295a4b60a6037c442a105f12a7cea6955ff468903c6c521cfa399e8860486febab42fd34e2f18d93a07e6410c46e7a6da9440bcd4d9ed116388049a3cc4d368fa77eac324239a7abe1ca3b21c1a8bb482087b8663504df2ed7de970c2ff18fd5baa243f33cf9cf1a3c2a2617a3ff34d4e6c2e1623d93568956a182aefdc12374f90cd82aa9757ef2dc0b9665ace3ad1d04a895ca71dd468cd6ecb2d290cac1270aaacbccf5a4d179f225f3018002bec2141cc7777325dc12c53e2f802c1b6f79b2d129cd3c9d5a57267ec069cab54ce0758269e76a20e8a70cc585ef6d312a3936792465f989da63e47bf9d16095444260440f9d01bcb1bca6e5bc2be6412af4eb1f01b69273a048347bf6f5521a1ddf57576c108b837725e66aa152063d31ade90d556bf6dc11cfd3ca337ce70d8ed66ad8825662200b07ae2008b4f0c47a67b89132e4d388b642812441a1539625f5418acbbee15ef4146d1ba43fd334ec6d8993e518783719706230d809dd1955d6199f15b812a789a1fa6e555c08a47f352fddcd96314b75f357531dfafa7bf6b2771f61607e7f3c7624c8986b90035dec6f626386144e1c1b529c7c96b1786f4df35a3603d713f7f8232c32417b3d812c26efccc9709beaa832bf0b1b533b7d34bf375f362f5f4cfbd5c2b29a61c73fa0fe0cc61633362c98efbd11efedbba32cc0a242b7a9c8744124618e6cae163e580f3e327f1cbab6ffc8caa99c0d7c4dc6eb55ab2e754c7be67174e93b209a0ae9b9f4fdecd26d395174aae21e78265b3950214b33ea9eef23d6114759113918bf0d0106e56d924d0197cefa8d7430aa525074ebc6a4e443f1b3f79d17d2cf7d5f4f8cfb71b26da31e24bc3e4c0e89ca3c51e2241174ca5413aa00c938523d05012906c408a9a03b2a205e7f19ca731228793b9b0b351251ae739106da4830fb9e211341a39a161b1e305fea6a045b5b8e6417d8a89af37cf3e9f9a89c88315e29f0375d72fd963e34124943d630b00267ff08420a6cd7154149b56df8dc86b06641875208bb9e5219076c385f7e0ee4444983c747e379c30375a28fb2aaaee2bdc78c7f485c8b32667717630e6f6ce84264d6b5b594f8cd8c3de85ac5b77cf600a81522e7cbcfa3926541deb3f07d7a807c23ec681dcb143626fa9a4f4fa25f91a2848734cdc502d3afdfe2a7ee557b79031c9e18a21f5ee3f743eae0deaf359571523b7e4a452c786dbafcff21f0aed4b6bbad770539938988d61e34893027b339a75e2afd868a27dded8da035e1136fe9ab6d2628b4b7d95a39037fde34eacab9bc207e93eb64e2d2b5326a706e263d28fcd233029e3a7829e49fcd9ef0b8d512492040efb463ef24b20375b5de1777c905ff701a874828a267a54c8abfe52245bcae8345d2ca6c9457b06874c3392785a2f7c077e80476d19fd7c862dbeb43b6bd19eb960f85159fe239413b19fcd617fd90466c54735592a958ee3bf0990f22219036418fa0f04b4903be0134b1a538074b423708cb796517dc308b301e788d323a1f9e4a53f3e348da77faf2cf1033f53c30fd321627352e3c90be2cbd8ab7458bbac3591f17ae90eff86d1c7620eb1c80a0cab63baded56f62d893cda58d9b4a88fe44e9b08346af4866ae46987d484eb38b9ecba603915369ee94e902070f090dac865c64fa854c687b088974b3fa582c552d7ed18da7fcd1529edcd75ca147e9490b5bc6f3458309e57692d1ab7465a950b33c81deffdfa65b2baef308e8d1e992055b1688711716fcf9cd86e5dd0c7e39597813dfdab31f89960616a4ac75691e692f644c"}, {0x100, 0x1a8, 0x3, "1828943ed1d75609ddc9a98859ee68f999e3e588817743bfd0d66c0eab5a931d044b1ab033c9a0ff6e09921d2e59d775a4f6f74680c548a2d99514dd996730b7526eda086aca34d98bc3fa88d3ea82cac0d967f12616cfb20a390e55d0009669765532d1e361df44c706e5890efcc1ae69af3cd568cb61cb65af874b1f2ceba3428ba761c0c6bb9b90dbcb05a302bbd24f464c7933d0f0932ea2759bd9393359536e61e089d6b23dd0a7f505ac3d76eff05c8b27421779b83ce343f4535429cb9de8f2c66c20561582b956ba5fb7dae2046d62ac8ebebb3375dd83f0b919a815f94aa57922a7e4f6bcefa8"}, {0xb8, 0x112, 0x1, "71d0a6930211b20295699a8dcdc837c987bd0355932e2283112be349f99f10cf30ce58b1514b33afd44231a4983609e44b5f771dfc7c365426601a6a38de920b6346a87eef50ff372cd55ea363ab33b151630102d2e76edbbcfb4369f23b3c8844cf9a9ed3f854b369786689c96959143f1934ca04491209613c777cc2708552571603b554be7bdb8cc0ca626b97c4a98b6c5ab00aeec67fadd46b536e7daba1148acb6fb23e"}, {0xa0, 0x103, 0xff, "9cc9c094f085e738ba2b1bd0709252e0bee83461d3da1b9f4f83be0218c28c9f77fc2693c73b029c8f7ae3816f0ebad4e1b34d5f594bb321c877ed6f69bc98cb68bad1427d750581231d83be59737ad439233ac1364d3b0453f902445779ee5b1ab1efc804f8859f4e11209f74ab2f310db792150d2163b7870ef7eda7f8a01a615d0c68d3a4c7ea3f2a721f"}], 0x1268}}, {{&(0x7f0000000b40)=@nfc={0x27, r5, 0x0, 0x1}, 0x80, &(0x7f0000000dc0)=[{&(0x7f0000000bc0)}, {&(0x7f0000000c40)="22b625d76ec9921964faf5a0f134a28614d3729aa8b766d4ec7fcd7b4d4e5311f3cd2b713e22446931116ca4da9aa7e1389935a1c1130124308e35effbda7d998fdbcb27db9893696ae8665ede5fafb0", 0x50}, {&(0x7f0000000cc0)="a8651d26ba2c4a146150b99c47b6ea21210a6cdc740b242b8fd6b16455ff685de2312c2bd451b97a2936950f5038d67f8bd5d6bf40ca4247c9f3bd0cfd2b28297d6fb877f5aca81dce60a95a7d397266a4caecb4a6433150a93863bbbd490ba24bec3e2b194669af8756c746d715c1156eb03657697203643b6978f2934d915c4d57aa956c1b3c0c3201703a97d14e462a8e96b42261f6cbc5aa1e5ef4e9cc940c33826071b829fa2e13ec9e702ce6c02c42b32b34c10d09ee2f5b11e96dbd32c99dabd4c1928e8ba3b4a7c23b91a779a3021cad7e83be8ae30c0d193ebc82685493327db357cde54cdee96c00651a12daf686", 0xf3}], 0x3, &(0x7f0000000e00)=[{0x98, 0x111, 0x2, "c5bc226e08f7d16005ccebb031535eb1a064c503d217399fbc3e8c8a5815886c1b218a53fa8bdcc0d58dbefbab080bb5277149a03318b4b0a243fba86e1dbab3aa61c854583337ff504258d0f1651d38544183dae1e5db50f9bc6b96eed4349234f9eea722c92ee92a39ec5e5534bb248cb447d88635498f3a18c4feb46e2f2cdff63f7025dea6"}, {0xa8, 0x103, 0x7, "56272aebe864d4e52582dd8a84674ea4b914558f4fd321d1b36c3e82a8c542003988ee044d0054420d47f00cbbfa80259ad95039dc18957b199c2073bae2bf82197911ea35c6b877b7e7d54f9bb853e4ce4ce38ba13d4bdd433683e5596f7b605dade4c0088b8f2b5df922e8c98e1205065ac3e585fd6c98f6508ba39bc6c0f68f4e3bd202ec7251396e71c404c5f85a58ca9a"}, {0x20, 0x10c, 0x401, "f7809a6f35a034453eac76"}, {0xd0, 0x114, 0x1, "94374ae9e18e42f531bf409996deb0f2082aff58c59d71683e062cf93ca0b258b24cd8f5569da1d562b246f5bdc0dc9e415ebd929d55b9df1c293fb072c6cf2814368beebb02b6b6803a68256f204667904c716032cd4bcd1dd6940532358e80ff17fcea0b18906eba99c19f7d59356e29888e4b112f3f65a2356efc88aa0a541e05ced069315cf242c23d4153fff30b306d05162f172caee52c2742f9b9e7f17fa69ee1e2e27a826f44826d02f6fba22a6cb1ed7cafe3bd1e9dea03baa218fc"}, {0x98, 0x115, 0x6, "f28eeb9bf30739f861cd8f5da26410ce618e8f26f9fcaa036b7e68fa7605491eafdcc8c2fa23cf5a018f958dddbb1a4c52f0445f84db35054f5718a3fd695ee3ec72226be6fea53520d2af9db0b1fe2891a19f62c960245c89b0f82963753b5540ccb57a2c3db1c8d544107828f4cfed8e07ca4b7fd84a496972b90f9e591334def052b5c1"}], 0x2c8}}], 0x3, 0x0)
sendmsg$inet(r3, &(0x7f0000000500)={&(0x7f00000002c0)={0x2, 0x4e20, @broadcast}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000380)="1214cd9d41c12c510eb2893c6e63b129ab1300a0249e606fa7454df192dd588c3c0810f663af59e9b51d41f8095d2c19406bf1a4947996c3474c0371bdd8c3afc02e7a9d9c617511162fb3447617da3e7b38d4228451d1ff149d71e67bf5d89ff3", 0x61}, {&(0x7f0000000300)="94e0046790dba2c3fad3b2fa6acbbc6d65715fb3f76279937c48b04fa3868673590b715b33b7c9d109127c70d17b", 0x2e}, {&(0x7f0000000400)="2025cd522388d88a513089eadf8c9cccabea8893bda4d9cdfb4e6d0e21ba699d6e94c4e7e0a4c71c7b63ee9c2c28bd8233725cd4c9d3197bdffba6ff08d35a8b9d86a3203d5310963683036399cb3bd6661470a8a2d4ab65943ed0ca260994d81db156c796daebc2887752fb1c3f713faa051987f571c37c2e83fb19d0552069e5420c602b172605218de6d7379d19a580644cc70609f084cec2d399d9b1b2f08564772dad36f6", 0xa7}], 0x3, &(0x7f0000000600)=[@ip_retopts={{0x48, 0x0, 0x7, {[@lsrr={0x83, 0xf, 0x23, [@private=0xa010100, @remote, @remote]}, @rr={0x7, 0x23, 0x9f, [@multicast1, @loopback, @private=0xa010102, @broadcast, @dev={0xac, 0x14, 0x14, 0x30}, @loopback, @empty, @multicast1]}, @generic={0x44, 0x5, "7db00e"}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}], 0x60}, 0xc0)
r8 = add_key$user(&(0x7f0000000180), &(0x7f0000000340)={'syz', 0x3}, &(0x7f0000000140)="04", 0x1, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000200)={r8, r2, r8}, &(0x7f0000000680)=""/233, 0xe9, &(0x7f0000000240)={&(0x7f00000001c0)={'hmac(blake2b-384)\x00'}})
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)

3.552553176s ago: executing program 3 (id=2307):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000008c0)={0x2, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}, {0x6000, 0x62, &(0x7f0000000600)=""/98}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f, @void, @value}, 0x94)

3.060654578s ago: executing program 3 (id=2308):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
syz_open_dev$radio(&(0x7f0000000080), 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x100800, 0x0)
prlimit64(0x0, 0x1, &(0x7f0000000140)={0x8, 0x8000000000088}, 0x0)
getpid()
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x0)
fchdir(r2)
r3 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x4, 0x1, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0xff, 0x5, 0x100, 0x7cf4, 0x9, 0x3, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r3, r3, &(0x7f0000000080)=0x2, 0x7f03)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x3d, 0xe1, 0x47, 0x20, 0xc8f, 0xe086, 0x7490, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xf6, 0x82, 0x2, 0x58, 0x42, 0x0, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000040)={@host})
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r5, 0x7cb, &(0x7f0000000980)={&(0x7f0000000100)={{@hyper}, {}, 0x400, "1710194bd1372be65d5d1be456d243acca17147843aa07e4676b6e5e13d51fe3b442ddd575b7ea5ad5807b65f6ffac80b65547d4a62858f758a3c310e491a45dff1707cfb8288781aa397d3e28b552db90c3fd57f459b4e3da5126b8963a25e860e40c989341b47e8b95063656f91660d61ae86764cd5302c60b77fff946ee5d5b95a65deb8a11af66212c0a3802da8734cf65656145658ef881a33b771b9134fe2e1407a2ffeb9ae90b1cd06a1e2438c7cd1667c0d3dc53f15fd720ed9adc68ca0bf8cb3a5f3e8f2b48ec05a30d52182f3be35dc35ddad91cd4123051996b766cf7f2791773011420d79b507bba3f90ba48eb066b68d56570e96cdac68675271dc756c582705ced77c094ae8f12a4f268fd1c5ed18f1264e27fcc5d2cced8dc50569b03dffbb749caffa1748c5f7c5fc60a7264e04c53bef6c2cba5ed946d420a97a2fa74cb564f80206f75b408bb69c27ab96ae43936e5c497bc56409f13221e4736c3229193f32dfeae901c32027c5941b73beee853b0fcccfb97d02b8675ca92bfe97adcf83d49f8a405dc9be0cfbaa239a73b40b37ee1c03ae15bf08b05d594d3ae80c131b6a0f958a0b5e09653d5d541c29fa4203671c3e8d3898a5618d7d05e7742dad4a6696ae13deef6c402e2afea4acf40d2c14ed5092a438170f1681d4b97eab16fcbfa86d7a361c02f89069d58c2b32c58d5ef7babf62b97c7ac97e413f53bea59cdbf72fc1c14718b1fa6306da64c9700df190c356a9e972d9e63cc9b0383cc8cab28a02a4b3d4f8b96d485dedb3e6a3f4e40d110676dc8de884d3f915b04f220072d4d68697b106faa3577b5011f3144f235439f1aac9f59d37adcc58ba20f209442df7c1328834bdd3933c0796e2975fa5e9b5cc2653b15b7be37172df2d84329307831f2977cac3cca11676512d2d351e00d09889681f9e0e6c172f2d0c3c15eb75ffe6297aecc1cc9d3ebc80735a50b07c7b1eedadbc9f637e26dd4035322abcb77f93fcd9feb2c33bf37c34595dc9bb2e16ada83dc541f98880dd6d4e0ef38e27adf412d1e08a5c1ce83acdc4f40674d9dc14fbff2f42eb71ba5fac19fc742e00c4c15154fcf8f79ad4cd4c8183d4b2d9693eab7f0da562a9ffba7058b272b280611d877f0b05dda462a5e605ea5a8803ad17ce5a9c5f88ec6fef54f407f5f26dc218b21ac5899d03946fdc4d95791f09a272ef0f1388d718c3d38727b1fbbb2c9f22f2d5091c2d0963b971ab47402130e3ca8e201609c34d4379f75257240f9ff0fe921e29bdcc1319bf77a469739ebfc1d1f8605bfb6d46c0cdc31692254715082be9152eabb5a9f2c562c06a985f573b63f02aad0eb63ff970e5a9a28d209b657cd20dc572238ef1d5bbc57041f77c70fca6b5314b6bff2a9b1a03ed2269456e6467664ac0ec2d2304916885fd1f91d5c3b32b924de"}, 0x418})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
close(r0)

3.059745716s ago: executing program 1 (id=2309):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000003e0000000000000000000100"/28], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
write$UHID_INPUT(r2, &(0x7f0000000400)={0x8, {"940de312c9be185c33394390ce360adcb8443d1ca2464ad29fe46c8717a823e29b12011e867516a9c1b63394e6b4922549ac2f98b0bafc013757371b5762e5b03b4c8cfcc5d34368b21917740955f80e80fa98a68cb052b102c03e72a4c6702778dfcc5bb74ce23d914f8b143bd94d7382a38dbe93f61eef509d6cbffa81afee0e3524b8b768a0ef0ae00ad2a219259cccd3bdc7b9e69e5211793728722436d1c150b51bb6c642cb2eeaecb085719014332015474a4ddf7098bb5ac398c0ce256e4dcfd4613dbe9a34b96439546a28db9ce97b344b6c97288b3854e127b4f533f56439a74fcffc41dfeffc5d7a99c01a0fedfd937af595c05a942216581f8efd1ffa1c23c6f08d6987be16bb52420c80bda5da46987fbf7209487defe0374226a526d3588660192d921bfe407f1d1833f390dd8b41b30c53b4deba5a086c516d9bc8ca572d8f0f875303c85bd16570e89f74d7c4ef547a07dd62f334fee76e2e0ca31cca1ad0528d7448ceecd4c9785c302a40bc114335dea8775958a3beff8eeb31afcb9a2c7561980f8554220769e5e90fdfb2f5a905518ef1667a91e2dd474383e4312ea219fe65d421006734fe04661f75e69ae825120b33fb74293e3b83e7f7f563b475cd6e08fd6878ee424fa141d3aee86d952c212c2e7730796510a463a8da486852b23a1d62b714a11301499029d9efb715a11b64f24cd2660c9a47573ce4dd042e333e433ee28b2bce545cf067040193057de290965c1d547fed137e5eb22f5c0a06ad4de6b78204bf053f37c5d96b8053ea445b640360da8fce3391514dc3d1f4e4b35047138cd8c2717bcba278a4f8c27bac01b469ee3fd04004f58287a18307b0ad4120f2c26b08c3267249bfbe1064a3f171e0cfe595f7ab146f3148c73228edf694dc0c400c36e3493b1aca5f85972dadb8d02bddb607b7a431750ca4863812b86aa6656fcf89f15e42db2971e280541cbfa446c6c6d85b77e3327a2d327c25b7619647374e76b1be266cb68959d2651d0c74bc62f99d315dd6658c66500d8536013701194a9f02dd77216f932e07a4c4b4558b2a38d7e5c39a453c8fb5fae0d00550a2d143f721cd676d842f2ae39ecbf99e027b4cf9f3c2a9bf3b663e51a0b29cf4cfb0877d5b89fdfa93fd9bf33392e6a2c8df36f9f2faa3716d293b7d94c93458c17df99aaadd218fe4c7b967b43f48725e6bac67bf9176e8c63f94862b036b1870bc314b51fea9d0c92020427abaf5be10d3faad2f684d46a2461f2a92350d6f204f03ad2a9fa54cbd8a7a3e7ba2d54f3615ac5ea47f120572f8ef941e81b0812bfc4227ef5719093afbf90040ef1a5eda64563eb7fd015ea54342340ec8648d911a8f3f358ca124ef8c70685bce2fbaeeebf54d059cefd53751b5cf33fe2d92c9df6a63821b6db5188210565e132768b192fb27e745605c529e3648060a98d656f35e36dc4be3102bd678db0ceb0301c5cb0f7f7a08c55cd038a5f751a7c96116f0bd9c9a349558a7a8fc6a73cce1132549169822bf32d742fc4f4e2e50f59eb669f2384282247c60253edc98f9bc802a288a94e1011a066ce9f6eca5f87d2afd893900c3aff87be959451269bc9ac735c43c1e5ecf5d5bff262a27f0c8a1ad401492ffec662e27b12399096fee9910d0fadfd1e1bcf1f20f8f7e5ff1cce9e8db0fd71dda6f228aa96bba6b4120361a6f6acc832be5daa1aabd03a9ae810f0d21466c1a652a47c11db6a8e52580a8347326113b54a4beeaeb21b45e5ef0aa3cfbfb22d99640b7b935bce8e37cebce586f7fe72208b491795a9fbb220ec9b98dd7811ced86292189ce351e8a64c6afde9c1dccbaaebf7e5e3d5e529e926e814b381342c13ea0757ce52a0b0a155d1c85c4108deffa719a22bef7b681a17504e22d6fe9197699e0a16a7104f412e3a681c8ee41d8fbddc8610c161f1fad9e4a5e526e20ac61496e9f3596cc94b79e9680a64a832dc26d6e33e127abe5c405b16978bc4297a85ccaf1599b195db9d66b698c770d84fa90d89b51eca02ed3a3465b8eca9589af034bd6b9c8f6329e393e4753887696ae5158e8ca3ef2e66fac38a6d6a1b61e81d5b6a3c1cb007d64a33f1fe01cf39b82b270e9083ce13b1a32f0c98376d43cdbf9f17b74655f3000343fe051a75ac658a84629b1245107652d6dfa54b1a7d77922becb74539ffb11292794f12ebfd3ea8888c7cd10692d52c85340f92c5d01464fe36deaaec6ad6cc22870372d61485e2d76accd9bf93e0842efe5652e73100a6727b3a4ce4d1594c8ddb5742897d05fd6f6333fa1b90afeaab9fc7426251d24deeef43784f12c0bb09f102962ee9ab427a53fd8da8e1e3c8000ac7164e61d6258c515dcdd911fb1a519d7b38e556457da330ceda8e948aeaf7421d37faf50071f0d38c08fc938278f247084195e778ac90ab7bfafb59c2a1c643cd18d883a46a6cc41410f505ba209746d6b12c015eddf31b6c9ebf2f04605518033721cdf02b1da210ca1465129b443c0c46247b5f8cceb000af2c551fcea1c1bef29c534367a33f0956b9092279b47dc652134d2bc54c3688978fd4d7c203749da5e4824fe314aa57e76f58fadfafcc7660b68b1a6043acf8f9f0c259d16fe236b5906f88816e7ab69b67f762ad79a5f654c507cc49be181525ff05cde4d56b53790151efa8060c4685e2b1dd0ad89551a41e0d3dda33c2b528922849a8dfcd7246c242c3b2aa38a69e3e5a37c5806c4bcff53e08ffc7a830d925e3394b68846479ca8cbfe387c9e7df19cfb2b54303c101557aa2ed080194fe0af76d672ed77dfa4c5c0c0f9693f4e8c446d3bc19c0a8654bb4ba8b4daae69edf414615473ec2aadaa6871b7d08a51e349acc7b16fddf741f71670da4c2b0eadcf19f46f0fd18b59ecf7b943a2a5c90125638a3b3270a366c074868e62fe2e8751ff3e60411d7e1b3fb6a873f7843489f661f1bc401765cdfacbd76e1b52e15fb10fc19dc4803d3a4743ab977fae35eed00d59ddf64fcbc61f5fa0cf4098d0babde4a397d2ef100c23ca9f836656d5f25b018606e148e3f66400a682472ed5d28b7de624ed838277432623c11027da18378e46c3fd340585b4835ab1d771266322eee56c3e6bf3300f5d48b6b01f515ba7f3fb726cfc6fdf6c07a2f46bbc3f36fc9ba6e551a46335337c881cc4b79e400cba27768217d9cd3e79e76638411adcaa81ee3b6d0e6e6c721da36dcab68bfb0ca6ba7b2c267b80120143a5c4be333b2cf85b3bd2425ca691ff367d130dbbd8e5f6a819e093eae9d176c1c3fb61557f9e5080ee7703fe2ca1061b52d0a40d7ee2f408b3ceac303e302d96d929c17026793c66423d748a81adfd7cb29027f327b0dac4055e88e385f0400f97988aa1fa40cdf776f9e67991fb55d9d4bfd504604ce580eb74371045dfe01e62ebefced240d821bd4fbba62c1b6232f027c6a4ca613878e3eb538eea28e92b5d909fc7e63ed5a544e7698d0b7d3d99415d4028a5da4cc67fcba3b744acd4f92938027f42b785405228a38d85fd678703b9d41a6a54cd48303a6be64408101fc5471641c1c5a747244da684fef97aa48bf1a225007f26d9f4002a0dc14d01191ef1d749ea2ea05c42c173c3244c1039c04341b0cf37574d8b78e357b451bfcfb79762ed6a4fbc689690bf37afaa92702a0349ed9aecd9111df9fd57b97749bbf5003991029344497c9ff85adaa7a2e566647ba5bad341eed62034b581981dd7c9de9fd4c241a54ad4d6e9e1cf7ca984b13c628cc65eca0829e69d4d390581e43cd2ed5c56608b45c109f35350fb875316e71f79c433319462d4b589a1f7f2d14d43092655da23d63c63298ed62dd481ab0bc58e97f397b39c94b32fad6a1e0cd9da2dfbe6897ee4986fdbafdb0e4b575f800df5da433e8c229b0c99f285a3e9cf318ea7a5e83af136b3bde3296b2bd230ed212f79500c6a4458522c3881532b7bfd170647ee65931760f35a1c1f95b8c93e4233f0de2a13c83f31522f2bee05a57c8378ac6bdd3c9e30dc188b30dadb936f35a3fa247732ebae6a8d762992f8a96c1d26981bda157f2b676ac9d61bb786ac8c349da94dbf75a21b786cdceb47a92597b6d2b22f7dc1187cdb4681ce9bebd69977bab9eabf2af5c7d3b3463d6c7f1392e12a17deb97f2ce5c9ef4021d3b4e0df6b3f4b693e136e3931837e91617cd85846f3019a74d2d65f36369e73a461753631d72f9e2834c446ae7e173d6b1935adc0ce65eb0eac830d442a0344f2cbaedf8d48cb0a6959d07f208fbb2dae434f4fdf35b265fbdbde4138b455b7941096d55808de601ddd8a41a70b12968862d0b4086d4ff55152aee65eaa761a9588bb25bce193b4e55ebb183807f118bff0ccbd85ea761e7c3b6cccb64f97b3f1bf7a96eecc7ab40e770a1620209b509f23aab0f769a16c9b8092326987f0cd1de94b911ea6bef5cf15a93829b7cbf03aa85ef577633e058f81e9653fc47d15ab8bead567ed2affbbf5a470302c065086324dc304c777228050ea9f717e45b6676fc9002ccd0428fcb27d839e4139fb17d4ee72e2fe8394e5de0cc814d92663f8c5f87e131a34ef7094078be0cf54763c82004af9727c7972ff1ea6162b279beea87bc2741e996d14f549d0474aabe780c5b80a35eed311cb734c23d01c160e439662c813126747c7d09068e32fa72605d71abc2a332cb59d81071818d5e0944194285f4cfc050392e505dd93c8c882f46fb6b70b4660784d543a6bf34653487840fdc298c8280241174805bf3cf38083224d213cd6076beac135ed3f8c4c6d808c45da2a47750cb0f4d2be6beada1c481a0152d80c0b520d2f090455494c83ba78eb91e6558d52ceceb23c956bb382bb280e6382d2cb679eecd2bcfb6107e2e4f568f1be293eaa0d2ebb77169b103d5fd48def9848a719a72719e74d745cf082c36022108b4c430a87fa8535f1c56d0c1d5dae50c549b1b08911e2d2619eef61131c7804b35c3ca4dac1f2595c68941b013b5ded8bfd52ed41da13c0886b7f9c61a5244a815711253aad7ea74eae788b1beea9bc15addb199d2fc79e81a34b887a0e4b935ad154e961c8b6972f124cae7742e82db1e714af15f34908960dbb4ea24e44ffd750c9d11dd45bfaae73028bc88fddf74b2d24de205980ba14f4889119f8a6291b3724497503ddf95222d5d050414e487a3dc65e5eda3169e10570a50440be346cc1f1b0c848410b46610c738636707c5d740a8e3a9b688c2c1ea54135bffd2ffd87d9dfa902f3dd97b2a6068fa65f5a5f95da2b9f6124fe07682e27ab65ab96573e762f5060439e18649798e0b9d7864f91dbc4f4ed3a4ab30671f8f7f3c49c7ac504a754f9420fd9b22421afd7203f7cd6dd8c8e7a33709e12d004e402672af2b3f9046bc57854f98482538ad48723cd153cf03103c157cdb1a63e839a02c3f0041d7020280f96f3f7e0ce89c408be10d344540808dee1bfcb01f5293ab606c71ffc09f9e63b93b37e8d8007ad8432d2e81c3d1d40a57711bdb798ee91a3f05f93f4f46f883db0613bf95fabd523d955d0d4a5518e1bb3dae7646af8af8d4a4d7dcfac633c6efa3164f9e05bbb4b0594e40e45eb343b885f8eda4c7149cf38a460b522d6405aa47fada1c78f56fbd33669719b1496427f290532334b69d0a7cf6c46cefe5ecd0fd923b14929fd3db8a1a94ba63954b58ceb9b1e0f8471a02c13a160aa763083a5fd36c199075a769768e164f17911f5a416bb96198aa0954a7d27e30c480691ce80dc71a491", 0x1000}}, 0x103f)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001600)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x5, 0xf62, 0x0, 0x0, 0x0, 0xd, "fee8a2ab780ef39fa3910d96072000001ea800000000fdffffff0000faffffffffffffff00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d99286100001700", "90be8bf4bd00000000000000000000000000001000"}})

2.589235531s ago: executing program 0 (id=2310):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0) (async, rerun: 32)
r2 = socket(0x1e, 0x1, 0x0) (async, rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r3, 0x0, 0x1000000, 0x3) (async)
setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e22, 0xd, @private2={0xfc, 0x2, '\x00', 0x1}, 0x4}}, 0x0, 0x0, 0x33, 0x0, "50d1b1b44bd66a88284b7461444ed4a91c3a8cf7b96c3c5b3ae3767763e6dedb1a9c07eb9377b2cd0e3d7153a0cea38e4762d8877777f81a64d4b0f780555502f3932103be5e8ad453e73d3d9ab98501"}, 0xd8) (async, rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x16, 0x0, 0x4, 0x1, 0x21849, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async, rerun: 64)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020800000100000000000001000000000100140003"], 0x18}}, 0x0) (async, rerun: 64)
io_setup(0x30, &(0x7f0000000600)=<r4=>0x0) (async, rerun: 64)
pipe2$9p(&(0x7f00000000c0), 0x0) (async, rerun: 32)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) (rerun: 32)
io_submit(r4, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f00000000c0)="01", 0x24}])

1.591105228s ago: executing program 2 (id=2311):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f00000000c0))

1.516206535s ago: executing program 2 (id=2312):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mknod(&(0x7f0000000000)='./file1/file3\x00', 0x1, 0x43)
renameat2(0xffffffffffffff9c, &(0x7f0000002200)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000021c0)='./file1/file3\x00', 0x2)

1.270357054s ago: executing program 4 (id=2313):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r1}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
migrate_pages(0x0, 0x5, 0x0, &(0x7f0000000040)=0x272)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0x21, 0x2, 0x2)
socket$kcm(0x21, 0x2, 0x2)
fcntl$setlease(r2, 0x400, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.238415025s ago: executing program 0 (id=2314):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0x0, 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x2, 0x0, @ioapic={0xf000, 0x2, 0x0, 0xeffffdff, 0x0, [{0x0, 0xec}, {0x19, 0x5, 0x0, '\x00', 0x10}, {0xfc, 0x4}, {0xfe, 0x0, 0x7f, '\x00', 0x2}, {0x8, 0x0, 0x5, '\x00', 0xb}, {}, {0x0, 0x81, 0x1}, {0x0, 0x6}, {0x0, 0x0, 0x0, '\x00', 0x7f}, {0x8, 0x6, 0xfe, '\x00', 0x2}, {}, {0x0, 0x5}, {0x4, 0x0, 0x4, '\x00', 0x3}, {0x1, 0x4e, 0x1}, {0x2, 0x2, 0x4, '\x00', 0xfe}, {}, {0x1, 0x0, 0x6, '\x00', 0x1}, {0x0, 0x0, 0x0, '\x00', 0xfd}, {0x1, 0x6, 0x7, '\x00', 0x3}, {0x80, 0x0, 0x0, '\x00', 0x40}, {0x0, 0x4, 0x88}, {0x0, 0x0, 0x0, '\x00', 0x2}, {0x1, 0x0, 0x0, '\x00', 0xe}, {0xfc, 0x83, 0xe}]}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

829.203757ms ago: executing program 1 (id=2315):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, 'lo\x00'}}, 0x1e)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x40a40, 0x0)
r3 = syz_open_dev$vivid(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_PARM(r3, 0xc0cc5616, &(0x7f0000000100)={0x5, @raw_data="fed110e690d2dc2ab9d310fbb91d9d379c9c8384748e1de52380d7097fd2c86913952d8b2a7aae663ce56700caae8fa7a7067b231e3e302ef65ea8a4822ea817affbc265d134a5ddb1ef02501da2d7b371c927aed346a50768da30374774e52ed1ebf3bcbed042dbf19f514ca04a6dd965df31746918c030a0d40d81e2f61727d1d46b444bd9f691032b25e4820b1dae14190914a0936cabb71968becdd44a56b4c3b64011fcd23248dc37d0508044e60dce0498fe1dcd5a02ed7f1d49ef3110dbb5ec279df3bf57"})
ioctl$PPPIOCATTCHAN(r2, 0x40047438, &(0x7f00000000c0)=0x1)
ioctl$PPPIOCBRIDGECHAN(r2, 0x40047435, &(0x7f0000000200)=0x1)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r5 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r5, &(0x7f0000000000), 0xc)
bind$qrtr(r5, &(0x7f0000000040)={0x2a, 0x1, 0x1}, 0xc)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r4, 0x6, 0x3, &(0x7f0000000080)=0x32, 0x4)
ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000002d80)={0x2, @output={0x1000, 0x1, {0x7, 0x9}, 0x4, 0x1}})

677.783128ms ago: executing program 0 (id=2316):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f00000025c0)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000480)=""/200, 0xc8}, {&(0x7f0000000100)=""/55, 0x35}, {&(0x7f0000000240)=""/4, 0x4}, {&(0x7f0000000780)=""/230, 0xe6}, {&(0x7f0000000580)=""/173, 0xad}, {&(0x7f0000000680)=""/79, 0x4f}, {&(0x7f0000000880)=""/65, 0x41}, {&(0x7f00000000c0)=""/7, 0x1}, {&(0x7f0000000900)=""/249, 0xf9}], 0x9, &(0x7f0000000380)}}, {{&(0x7f0000000ac0)=@abs, 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000b40)=""/101, 0x65}, {&(0x7f0000000700)=""/63, 0x3f}, {&(0x7f0000000f40)=""/4096, 0x1000}, {&(0x7f0000000bc0)=""/98, 0x62}, {&(0x7f0000000c40)=""/163, 0xa3}, {&(0x7f0000000d00)=""/122, 0x7a}], 0x6, &(0x7f0000000e00)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18}}], 0x100}}, {{&(0x7f0000001f40)=@abs, 0x6e, &(0x7f0000002040)=[{&(0x7f0000001fc0)=""/4, 0x4}, {&(0x7f0000002000)=""/13, 0xd}], 0x2, &(0x7f0000002080)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}, {{&(0x7f0000002100)=@abs, 0x6e, &(0x7f0000002180), 0x4, &(0x7f0000002500)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb8}}], 0x4, 0x10040, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40008)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
syz_io_uring_setup(0x497, 0x0, &(0x7f0000000340), &(0x7f0000000280))
getpgid(0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x401)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x0, r5})

30.570818ms ago: executing program 1 (id=2317):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xbe6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x5, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000007c0)={@map=r1, 0x662a8dae83da000b, 0x0, 0x3dc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x100, 0x100}})
syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xbe6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x5, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000007c0)={@map=r1, 0x662a8dae83da000b, 0x0, 0x3dc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x100, 0x100}}) (async)

0s ago: executing program 4 (id=2318):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000008c0)={0x2, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}, {0x6000, 0x62, &(0x7f0000000600)=""/98}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f, @void, @value}, 0x94)

kernel console output (not intermixed with test programs):

dpoint 0x81 has invalid wMaxPacketSize 0
[  731.473816][T13285] FAULT_INJECTION: forcing a failure.
[  731.473816][T13285] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  731.479070][ T5897] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  731.491316][   T10] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  731.513397][T13285] CPU: 0 UID: 0 PID: 13285 Comm: syz.0.1909 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  731.513421][T13285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  731.513431][T13285] Call Trace:
[  731.513435][T13285]  <TASK>
[  731.513442][T13285]  dump_stack_lvl+0x16c/0x1f0
[  731.513472][T13285]  should_fail_ex+0x50a/0x650
[  731.513490][T13285]  _copy_from_user+0x2e/0xd0
[  731.513509][T13285]  kstrtouint_from_user+0xe9/0x1d0
[  731.513532][T13285]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  731.513553][T13285]  ? __lock_acquire+0xa92/0x1b80
[  731.513577][T13285]  proc_fail_nth_write+0x84/0x250
[  731.513598][T13285]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  731.513619][T13285]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  731.513635][T13285]  vfs_write+0x24c/0x1150
[  731.513654][T13285]  ? __pfx___mutex_lock+0x10/0x10
[  731.513666][T13285]  ? __pfx_vfs_write+0x10/0x10
[  731.513686][T13285]  ? __fget_files+0x20e/0x3b0
[  731.513706][T13285]  ksys_write+0x12b/0x250
[  731.513728][T13285]  ? __pfx_ksys_write+0x10/0x10
[  731.513744][T13285]  ? rcu_is_watching+0x12/0xc0
[  731.513765][T13285]  do_syscall_64+0xcd/0x250
[  731.513779][T13285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.513797][T13285] RIP: 0033:0x7f8c1778bc1f
[  731.513808][T13285] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  731.513821][T13285] RSP: 002b:00007f8c18687030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  731.513835][T13285] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8c1778bc1f
[  731.513843][T13285] RDX: 0000000000000001 RSI: 00007f8c186870a0 RDI: 0000000000000004
[  731.513851][T13285] RBP: 00007f8c18687090 R08: 0000000000000000 R09: 0000000000000000
[  731.513858][T13285] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  731.513865][T13285] R13: 0000000000000000 R14: 00007f8c179a5fa0 R15: 00007ffc00a65da8
[  731.513880][T13285]  </TASK>
[  731.532341][ T5897] usb 4-1: USB disconnect, device number 39
[  731.547192][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.734313][   T10] usb 5-1: config 0 descriptor??
[  731.740864][   T10] hub 5-1:0.0: USB hub found
[  732.051379][   T30] audit: type=1400 audit(2000000445.520:392): avc:  denied  { read write } for  pid=13291 comm="syz.2.1911" dev="sockfs" ino=29974 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  732.208823][ T5897] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  732.261583][   T10] hub 5-1:0.0: 1 port detected
[  732.501876][ T5897] usb 4-1: Using ep0 maxpacket: 32
[  732.901694][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  733.063076][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  733.284222][ T5897] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  733.322494][T13309] FAULT_INJECTION: forcing a failure.
[  733.322494][T13309] name failslab, interval 1, probability 0, space 0, times 0
[  733.350660][T13309] CPU: 0 UID: 0 PID: 13309 Comm: syz.0.1914 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  733.350686][T13309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  733.350696][T13309] Call Trace:
[  733.350701][T13309]  <TASK>
[  733.350707][T13309]  dump_stack_lvl+0x16c/0x1f0
[  733.350738][T13309]  should_fail_ex+0x50a/0x650
[  733.350754][T13309]  ? kmem_cache_alloc_node_noprof+0x5f/0x3b0
[  733.350779][T13309]  should_failslab+0xc2/0x120
[  733.350804][T13309]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  733.350825][T13309]  ? find_held_lock+0x2b/0x80
[  733.350847][T13309]  ? __alloc_skb+0x2b1/0x380
[  733.350870][T13309]  ? netlink_autobind.isra.0+0x29c/0x5f0
[  733.350896][T13309]  __alloc_skb+0x2b1/0x380
[  733.350920][T13309]  ? __pfx___alloc_skb+0x10/0x10
[  733.350945][T13309]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  733.350971][T13309]  netlink_alloc_large_skb+0x69/0x130
[  733.350997][T13309]  netlink_sendmsg+0x686/0xd70
[  733.351023][T13309]  ? __pfx_netlink_sendmsg+0x10/0x10
[  733.351046][T13309]  ? __import_iovec+0x1cd/0x660
[  733.351071][T13309]  ____sys_sendmsg+0xa87/0xc70
[  733.351091][T13309]  ? copy_msghdr_from_user+0x10b/0x160
[  733.351116][T13309]  ? __pfx_____sys_sendmsg+0x10/0x10
[  733.351143][T13309]  ___sys_sendmsg+0x135/0x1e0
[  733.351169][T13309]  ? __pfx____sys_sendmsg+0x10/0x10
[  733.351192][T13309]  ? __lock_acquire+0x5b6/0x1b80
[  733.351223][T13309]  ? __fget_files+0x20e/0x3b0
[  733.351248][T13309]  __sys_sendmsg+0x16e/0x220
[  733.351264][T13309]  ? __pfx___sys_sendmsg+0x10/0x10
[  733.351285][T13309]  ? rcu_is_watching+0x12/0xc0
[  733.351310][T13309]  do_syscall_64+0xcd/0x250
[  733.351327][T13309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.351350][T13309] RIP: 0033:0x7f8c1778d169
[  733.351362][T13309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  733.351385][T13309] RSP: 002b:00007f8c18687038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  733.351401][T13309] RAX: ffffffffffffffda RBX: 00007f8c179a5fa0 RCX: 00007f8c1778d169
[  733.351412][T13309] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  733.351421][T13309] RBP: 00007f8c18687090 R08: 0000000000000000 R09: 0000000000000000
[  733.351431][T13309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  733.351441][T13309] R13: 0000000000000000 R14: 00007f8c179a5fa0 R15: 00007ffc00a65da8
[  733.351459][T13309]  </TASK>
[  733.378656][ T5897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.380330][    C0] vkms_vblank_simulate: vblank timer overrun
[  733.610605][    C0] vkms_vblank_simulate: vblank timer overrun
[  733.616572][    C0] hrtimer: interrupt took 258028869 ns
[  733.716586][    C0] vkms_vblank_simulate: vblank timer overrun
[  733.788261][ T5897] usb 4-1: config 0 descriptor??
[  733.799757][ T5897] usb 4-1: can't set config #0, error -71
[  733.802302][T13316] FAULT_INJECTION: forcing a failure.
[  733.802302][T13316] name failslab, interval 1, probability 0, space 0, times 0
[  733.811564][ T5897] usb 4-1: USB disconnect, device number 40
[  733.818402][T13316] CPU: 0 UID: 0 PID: 13316 Comm: syz.1.1917 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  733.818423][T13316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  733.818432][T13316] Call Trace:
[  733.818437][T13316]  <TASK>
[  733.818442][T13316]  dump_stack_lvl+0x16c/0x1f0
[  733.818469][T13316]  should_fail_ex+0x50a/0x650
[  733.818484][T13316]  ? kmem_cache_alloc_node_noprof+0x5f/0x3b0
[  733.818507][T13316]  should_failslab+0xc2/0x120
[  733.818532][T13316]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  733.818551][T13316]  ? find_held_lock+0x2b/0x80
[  733.818570][T13316]  ? __alloc_skb+0x2b1/0x380
[  733.818592][T13316]  ? netlink_autobind.isra.0+0x29c/0x5f0
[  733.818615][T13316]  __alloc_skb+0x2b1/0x380
[  733.818635][T13316]  ? __pfx___alloc_skb+0x10/0x10
[  733.818657][T13316]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  733.818680][T13316]  netlink_alloc_large_skb+0x69/0x130
[  733.818702][T13316]  netlink_sendmsg+0x686/0xd70
[  733.818725][T13316]  ? __pfx_netlink_sendmsg+0x10/0x10
[  733.818745][T13316]  ? __import_iovec+0x1cd/0x660
[  733.818766][T13316]  ____sys_sendmsg+0xa87/0xc70
[  733.818784][T13316]  ? copy_msghdr_from_user+0x10b/0x160
[  733.818805][T13316]  ? __pfx_____sys_sendmsg+0x10/0x10
[  733.818829][T13316]  ___sys_sendmsg+0x135/0x1e0
[  733.818851][T13316]  ? __pfx____sys_sendmsg+0x10/0x10
[  733.818872][T13316]  ? __lock_acquire+0x5b6/0x1b80
[  733.818899][T13316]  ? __fget_files+0x20e/0x3b0
[  733.818920][T13316]  __sys_sendmsg+0x16e/0x220
[  733.818934][T13316]  ? __pfx___sys_sendmsg+0x10/0x10
[  733.818952][T13316]  ? rcu_is_watching+0x12/0xc0
[  733.818974][T13316]  do_syscall_64+0xcd/0x250
[  733.818989][T13316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.819008][T13316] RIP: 0033:0x7f2fcbb8d169
[  733.819020][T13316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  733.819034][T13316] RSP: 002b:00007f2fcc966038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  733.819049][T13316] RAX: ffffffffffffffda RBX: 00007f2fcbda5fa0 RCX: 00007f2fcbb8d169
[  733.819059][T13316] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000008
[  733.819067][T13316] RBP: 00007f2fcc966090 R08: 0000000000000000 R09: 0000000000000000
[  733.819076][T13316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  733.819084][T13316] R13: 0000000000000000 R14: 00007f2fcbda5fa0 R15: 00007ffe087826f8
[  733.819100][T13316]  </TASK>
[  734.102456][   T10] hub 5-1:0.0: hub_ext_port_status failed (err = -32)
[  734.132756][   T30] audit: type=1400 audit(2000000447.600:393): avc:  denied  { create } for  pid=13324 comm="syz.0.1918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  734.154037][T13325] FAULT_INJECTION: forcing a failure.
[  734.154037][T13325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  734.167231][T13325] CPU: 0 UID: 0 PID: 13325 Comm: syz.0.1918 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  734.167252][T13325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  734.167262][T13325] Call Trace:
[  734.167267][T13325]  <TASK>
[  734.167273][T13325]  dump_stack_lvl+0x16c/0x1f0
[  734.167301][T13325]  should_fail_ex+0x50a/0x650
[  734.167321][T13325]  _copy_from_user+0x2e/0xd0
[  734.167339][T13325]  copy_msghdr_from_user+0x99/0x160
[  734.167365][T13325]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  734.167404][T13325]  ___sys_sendmsg+0xff/0x1e0
[  734.167429][T13325]  ? __pfx____sys_sendmsg+0x10/0x10
[  734.167452][T13325]  ? __lock_acquire+0x5b6/0x1b80
[  734.167484][T13325]  ? __fget_files+0x20e/0x3b0
[  734.167509][T13325]  __sys_sendmsg+0x16e/0x220
[  734.167523][T13325]  ? __pfx___sys_sendmsg+0x10/0x10
[  734.167543][T13325]  ? rcu_is_watching+0x12/0xc0
[  734.167567][T13325]  do_syscall_64+0xcd/0x250
[  734.167584][T13325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.167607][T13325] RIP: 0033:0x7f8c1778d169
[  734.167619][T13325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.167635][T13325] RSP: 002b:00007f8c18687038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  734.167651][T13325] RAX: ffffffffffffffda RBX: 00007f8c179a5fa0 RCX: 00007f8c1778d169
[  734.167662][T13325] RDX: 0000000000008000 RSI: 0000200000002440 RDI: 0000000000000003
[  734.167672][T13325] RBP: 00007f8c18687090 R08: 0000000000000000 R09: 0000000000000000
[  734.167681][T13325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.167691][T13325] R13: 0000000000000000 R14: 00007f8c179a5fa0 R15: 00007ffc00a65da8
[  734.167708][T13325]  </TASK>
[  734.339443][    C0] vkms_vblank_simulate: vblank timer overrun
[  734.436846][   T30] audit: type=1326 audit(2000000447.900:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.2.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  734.460640][ T8893] usb 5-1: USB disconnect, device number 32
[  734.481963][   T30] audit: type=1326 audit(2000000447.900:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.2.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  734.506740][   T30] audit: type=1326 audit(2000000447.950:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13328 comm="syz.2.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  734.530129][    C0] vkms_vblank_simulate: vblank timer overrun
[  734.822857][T13337] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1923'.
[  735.565131][T13353] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1929'.
[  735.574739][T13353] netlink: 'syz.0.1929': attribute type 1 has an invalid length.
[  735.589286][T13350] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  735.623004][T13355] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  735.888839][ T5897] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  736.100168][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  736.266769][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  736.277239][ T5897] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  736.291875][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.312782][ T5897] usb 5-1: config 0 descriptor??
[  736.574541][ T5897] usbhid 5-1:0.0: can't add hid device: -71
[  736.593065][ T5897] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  736.612858][ T5897] usb 5-1: USB disconnect, device number 33
[  736.838776][   T10] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  736.899217][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  736.899231][   T30] audit: type=1400 audit(2000000450.360:417): avc:  denied  { bind } for  pid=13367 comm="syz.3.1933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  736.925979][   T30] audit: type=1400 audit(2000000450.360:418): avc:  denied  { name_bind } for  pid=13367 comm="syz.3.1933" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  736.946735][    C0] vkms_vblank_simulate: vblank timer overrun
[  736.954726][   T30] audit: type=1400 audit(2000000450.360:419): avc:  denied  { node_bind } for  pid=13367 comm="syz.3.1933" saddr=::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  736.982137][   T30] audit: type=1400 audit(2000000450.360:420): avc:  denied  { listen } for  pid=13367 comm="syz.3.1933" laddr=::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  737.008626][   T10] usb 1-1: device descriptor read/64, error -71
[  737.028699][   T30] audit: type=1400 audit(2000000450.370:421): avc:  denied  { open } for  pid=13367 comm="syz.3.1933" path="/dev/ptyqb" dev="devtmpfs" ino=130 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  737.055784][   T30] audit: type=1400 audit(2000000450.370:422): avc:  denied  { ioctl } for  pid=13367 comm="syz.3.1933" path="/dev/ptyqb" dev="devtmpfs" ino=130 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  737.365735][T13380] FAULT_INJECTION: forcing a failure.
[  737.365735][T13380] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  737.378969][T13380] CPU: 1 UID: 0 PID: 13380 Comm: syz.4.1936 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  737.378991][T13380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  737.379001][T13380] Call Trace:
[  737.379006][T13380]  <TASK>
[  737.379013][T13380]  dump_stack_lvl+0x16c/0x1f0
[  737.379042][T13380]  should_fail_ex+0x50a/0x650
[  737.379062][T13380]  _copy_from_user+0x2e/0xd0
[  737.379081][T13380]  move_addr_to_kernel+0x74/0x160
[  737.379103][T13380]  __copy_msghdr+0x386/0x470
[  737.379129][T13380]  copy_msghdr_from_user+0xc2/0x160
[  737.379154][T13380]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  737.379187][T13380]  ___sys_sendmsg+0xff/0x1e0
[  737.379214][T13380]  ? __pfx____sys_sendmsg+0x10/0x10
[  737.379247][T13380]  ? find_held_lock+0x2b/0x80
[  737.379280][T13380]  __sys_sendmmsg+0x201/0x420
[  737.379298][T13380]  ? __pfx___sys_sendmmsg+0x10/0x10
[  737.379326][T13380]  ? fput+0x70/0xf0
[  737.379341][T13380]  ? ksys_write+0x1ba/0x250
[  737.379372][T13380]  __x64_sys_sendmmsg+0x9c/0x100
[  737.379387][T13380]  ? lockdep_hardirqs_on+0x7c/0x110
[  737.379412][T13380]  do_syscall_64+0xcd/0x250
[  737.379429][T13380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  737.379452][T13380] RIP: 0033:0x7fe92018d169
[  737.379464][T13380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  737.379481][T13380] RSP: 002b:00007fe920ffb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  737.379497][T13380] RAX: ffffffffffffffda RBX: 00007fe9203a6160 RCX: 00007fe92018d169
[  737.379508][T13380] RDX: 0000000000000001 RSI: 0000200000000480 RDI: 0000000000000008
[  737.379519][T13380] RBP: 00007fe920ffb090 R08: 0000000000000000 R09: 0000000000000000
[  737.379528][T13380] R10: 0000000034000811 R11: 0000000000000246 R12: 0000000000000001
[  737.379538][T13380] R13: 0000000000000000 R14: 00007fe9203a6160 R15: 00007ffc97c793d8
[  737.379557][T13380]  </TASK>
[  737.570819][T13379] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1936'.
[  737.571476][ T5897] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  737.585860][   T10] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  737.728849][   T10] usb 1-1: device descriptor read/64, error -71
[  737.738648][ T5897] usb 3-1: Using ep0 maxpacket: 8
[  737.748410][ T5897] usb 3-1: unable to get BOS descriptor or descriptor too short
[  737.763549][ T5897] usb 3-1: config 8 has an invalid interface number: 255 but max is 0
[  737.772247][ T5897] usb 3-1: config 8 has no interface number 0
[  737.778367][ T5897] usb 3-1: config 8 interface 255 has no altsetting 0
[  737.789884][ T5897] usb 3-1: string descriptor 0 read error: -22
[  737.796134][ T5897] usb 3-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf
[  737.806414][ T5897] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  737.842110][   T10] usb usb1-port1: attempt power cycle
[  738.202144][   T10] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  738.231303][   T10] usb 1-1: device descriptor read/8, error -71
[  738.468622][   T10] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  738.488984][   T10] usb 1-1: device descriptor read/8, error -71
[  738.598871][   T10] usb usb1-port1: unable to enumerate USB device
[  739.573825][   T30] audit: type=1400 audit(2000000453.030:423): avc:  denied  { ioctl } for  pid=13402 comm="syz.1.1944" path="socket:[30943]" dev="sockfs" ino=30943 ioctlcmd=0x500a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  740.177535][ T5897] catc 3-1:8.255: Can't set altsetting 1.
[  740.184183][   T30] audit: type=1326 audit(2000000453.660:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13408 comm="syz.0.1945" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8c1778d169 code=0x0
[  740.198608][ T5897] catc 3-1:8.255: probe with driver catc failed with error -5
[  740.259745][ T5897] usb 3-1: USB disconnect, device number 45
[  740.326775][T13409] SELinux: security_context_str_to_sid (u) failed with errno=-22
[  740.416541][T13417] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  740.594186][T13420] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  741.237400][T13427] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  741.671567][ T5829] Bluetooth: hci1: unexpected event for opcode 0x0401
[  741.773919][T13436] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1951'.
[  743.040665][T13449] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  743.527999][   T30] audit: type=1400 audit(2000000456.990:425): avc:  denied  { append } for  pid=13453 comm="syz.0.1955" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  743.550871][    C0] vkms_vblank_simulate: vblank timer overrun
[  743.765790][T13458] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  743.780065][T13458] FAULT_INJECTION: forcing a failure.
[  743.780065][T13458] name failslab, interval 1, probability 0, space 0, times 0
[  743.792902][T13458] CPU: 1 UID: 0 PID: 13458 Comm: syz.0.1955 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  743.792926][T13458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  743.792936][T13458] Call Trace:
[  743.792942][T13458]  <TASK>
[  743.792948][T13458]  dump_stack_lvl+0x16c/0x1f0
[  743.792979][T13458]  should_fail_ex+0x50a/0x650
[  743.792995][T13458]  ? kmem_cache_alloc_noprof+0x5b/0x3c0
[  743.793021][T13458]  should_failslab+0xc2/0x120
[  743.793046][T13458]  kmem_cache_alloc_noprof+0x6e/0x3c0
[  743.793069][T13458]  ? __pfx_make_vfsuid+0x10/0x10
[  743.793086][T13458]  ? alloc_empty_file+0x55/0x1e0
[  743.793104][T13458]  alloc_empty_file+0x55/0x1e0
[  743.793121][T13458]  dentry_open+0x46/0xd0
[  743.793136][T13458]  ovl_path_open+0x198/0x1f0
[  743.793156][T13458]  ovl_dir_read_merged+0x185/0x5d0
[  743.793174][T13458]  ? __pfx_ovl_dir_read_merged+0x10/0x10
[  743.793194][T13458]  ? __pfx_ovl_fill_merge+0x10/0x10
[  743.793218][T13458]  ? kasan_save_track+0x14/0x30
[  743.793242][T13458]  ovl_iterate+0x865/0xe40
[  743.793259][T13458]  ? wrap_directory_iterator+0x4c/0xe0
[  743.793282][T13458]  ? __pfx_ovl_iterate+0x10/0x10
[  743.793298][T13458]  wrap_directory_iterator+0x9f/0xe0
[  743.793318][T13458]  iterate_dir+0x293/0xab0
[  743.793340][T13458]  __x64_sys_getdents+0x148/0x2c0
[  743.793360][T13458]  ? __pfx___x64_sys_getdents+0x10/0x10
[  743.793379][T13458]  ? fput+0x70/0xf0
[  743.793393][T13458]  ? __pfx_filldir+0x10/0x10
[  743.793412][T13458]  ? rcu_is_watching+0x12/0xc0
[  743.793440][T13458]  do_syscall_64+0xcd/0x250
[  743.793457][T13458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  743.793481][T13458] RIP: 0033:0x7f8c1778d169
[  743.793494][T13458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  743.793510][T13458] RSP: 002b:00007f8c18645038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  743.793527][T13458] RAX: ffffffffffffffda RBX: 00007f8c179a6160 RCX: 00007f8c1778d169
[  743.793537][T13458] RDX: 0000000020002078 RSI: 0000200000001fc0 RDI: 0000000000000007
[  743.793548][T13458] RBP: 00007f8c18645090 R08: 0000000000000000 R09: 0000000000000000
[  743.793558][T13458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  743.793575][T13458] R13: 0000000000000000 R14: 00007f8c179a6160 R15: 00007ffc00a65da8
[  743.793594][T13458]  </TASK>
[  745.306454][   T30] audit: type=1400 audit(2000000458.770:426): avc:  denied  { append } for  pid=13468 comm="syz.2.1959" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  745.330096][    C0] vkms_vblank_simulate: vblank timer overrun
[  745.998700][ T5897] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  746.149023][ T5897] usb 5-1: Using ep0 maxpacket: 8
[  746.158419][ T5897] usb 5-1: too many configurations: 17, using maximum allowed: 8
[  746.172599][ T5897] usb 5-1: config 0 has an invalid descriptor of length 154, skipping remainder of the config
[  746.321775][ T5897] usb 5-1: config 0 interface 0 altsetting 53 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  746.335091][ T5897] usb 5-1: config 0 interface 0 has no altsetting 0
[  746.348822][ T5897] usb 5-1: config 0 has an invalid descriptor of length 154, skipping remainder of the config
[  746.366939][ T5897] usb 5-1: config 0 interface 0 altsetting 53 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  746.380378][ T8893] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  746.388319][ T5897] usb 5-1: config 0 interface 0 has no altsetting 0
[  746.397918][ T5897] usb 5-1: config 0 has an invalid descriptor of length 154, skipping remainder of the config
[  746.398621][    T9] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  746.408524][ T5897] usb 5-1: config 0 interface 0 altsetting 53 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  746.429286][ T5897] usb 5-1: config 0 interface 0 has no altsetting 0
[  746.436810][ T5897] usb 5-1: config 0 has an invalid descriptor of length 154, skipping remainder of the config
[  746.447376][ T5897] usb 5-1: config 0 interface 0 altsetting 53 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  746.460892][ T5897] usb 5-1: config 0 interface 0 has no altsetting 0
[  746.468325][ T5897] usb 5-1: config 0 has an invalid descriptor of length 154, skipping remainder of the config
[  746.480624][ T5897] usb 5-1: config 0 interface 0 altsetting 53 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  746.493942][ T5897] usb 5-1: config 0 interface 0 has no altsetting 0
[  746.501630][ T5897] usb 5-1: config 0 has an invalid descriptor of length 154, skipping remainder of the config
[  746.513677][ T5897] usb 5-1: config 0 interface 0 altsetting 53 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  746.526838][ T5897] usb 5-1: config 0 interface 0 has no altsetting 0
[  746.537432][ T5897] usb 5-1: config 0 has an invalid descriptor of length 154, skipping remainder of the config
[  746.547986][ T5897] usb 5-1: config 0 interface 0 altsetting 53 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  746.562287][ T8893] usb 3-1: Using ep0 maxpacket: 16
[  746.568030][ T5897] usb 5-1: config 0 interface 0 has no altsetting 0
[  746.576402][ T8893] usb 3-1: unable to get BOS descriptor or descriptor too short
[  746.587045][ T5897] usb 5-1: config 0 has an invalid descriptor of length 154, skipping remainder of the config
[  746.589799][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  746.598274][ T8893] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  746.619859][ T5897] usb 5-1: config 0 interface 0 altsetting 53 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  746.633804][ T5897] usb 5-1: config 0 interface 0 has no altsetting 0
[  746.641987][ T8893] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  746.652358][ T5897] usb 5-1: New USB device found, idVendor=056a, idProduct=00b9, bcdDevice= 0.00
[  746.663073][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  746.664459][ T8893] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  746.688691][    T9] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  746.698025][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.701664][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.723951][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  746.732105][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  746.741533][    T9] usb 2-1: config 0 descriptor??
[  746.768609][ T8893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  746.791397][ T5897] usb 5-1: config 0 descriptor??
[  746.808737][ T8893] usb 3-1: Product: syz
[  746.816058][ T5897] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  746.848620][ T8893] usb 3-1: Manufacturer: syz
[  746.853246][ T8893] usb 3-1: SerialNumber: syz
[  747.010335][    T9] usbhid 2-1:0.0: can't add hid device: -71
[  747.016312][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  747.048995][    T9] usb 2-1: USB disconnect, device number 43
[  747.148739][   T10] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  747.298603][   T10] usb 1-1: Using ep0 maxpacket: 32
[  747.305550][   T10] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  747.313961][   T10] usb 1-1: config 0 has no interface number 0
[  747.321745][   T10] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  747.330903][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  747.338975][   T10] usb 1-1: Product: syz
[  747.343212][   T10] usb 1-1: Manufacturer: syz
[  747.347858][   T10] usb 1-1: SerialNumber: syz
[  747.354145][   T10] usb 1-1: config 0 descriptor??
[  747.364011][   T10] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  747.661945][   T10] usb 1-1: qt2_setup_urbs - submit read urb failed -8
[  747.669285][   T10] quatech2 1-1:0.51: probe with driver quatech2 failed with error -8
[  747.863066][ T5897] usb 1-1: USB disconnect, device number 36
[  748.108652][   T30] audit: type=1400 audit(2000000461.350:427): avc:  denied  { write } for  pid=13482 comm="syz.4.1962" name="001" dev="devtmpfs" ino=750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  748.131446][    C0] vkms_vblank_simulate: vblank timer overrun
[  748.189610][T13510] misc userio: The device must be registered before sending interrupts
[  748.534684][T13512] FAULT_INJECTION: forcing a failure.
[  748.534684][T13512] name failslab, interval 1, probability 0, space 0, times 0
[  748.547582][T13512] CPU: 1 UID: 0 PID: 13512 Comm: syz.1.1970 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  748.547605][T13512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  748.547615][T13512] Call Trace:
[  748.547622][T13512]  <TASK>
[  748.547633][T13512]  dump_stack_lvl+0x16c/0x1f0
[  748.547665][T13512]  should_fail_ex+0x50a/0x650
[  748.547682][T13512]  ? kmem_cache_alloc_node_noprof+0x5f/0x3b0
[  748.547707][T13512]  should_failslab+0xc2/0x120
[  748.547733][T13512]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  748.547756][T13512]  ? find_held_lock+0x2b/0x80
[  748.547778][T13512]  ? __alloc_skb+0x2b1/0x380
[  748.547803][T13512]  ? netlink_autobind.isra.0+0x29c/0x5f0
[  748.547829][T13512]  __alloc_skb+0x2b1/0x380
[  748.547853][T13512]  ? __pfx___alloc_skb+0x10/0x10
[  748.547879][T13512]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  748.547906][T13512]  netlink_alloc_large_skb+0x69/0x130
[  748.547932][T13512]  netlink_sendmsg+0x686/0xd70
[  748.547959][T13512]  ? __pfx_netlink_sendmsg+0x10/0x10
[  748.547983][T13512]  ? __import_iovec+0x1cd/0x660
[  748.548008][T13512]  ____sys_sendmsg+0xa87/0xc70
[  748.548029][T13512]  ? copy_msghdr_from_user+0x10b/0x160
[  748.548054][T13512]  ? __pfx_____sys_sendmsg+0x10/0x10
[  748.548082][T13512]  ___sys_sendmsg+0x135/0x1e0
[  748.548109][T13512]  ? __pfx____sys_sendmsg+0x10/0x10
[  748.548133][T13512]  ? __lock_acquire+0x5b6/0x1b80
[  748.548165][T13512]  ? __fget_files+0x20e/0x3b0
[  748.548191][T13512]  __sys_sendmsg+0x16e/0x220
[  748.548206][T13512]  ? __pfx___sys_sendmsg+0x10/0x10
[  748.548228][T13512]  ? rcu_is_watching+0x12/0xc0
[  748.548254][T13512]  do_syscall_64+0xcd/0x250
[  748.548269][T13512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  748.548297][T13512] RIP: 0033:0x7f2fcbb8d169
[  748.548309][T13512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  748.548324][T13512] RSP: 002b:00007f2fcc966038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  748.548338][T13512] RAX: ffffffffffffffda RBX: 00007f2fcbda5fa0 RCX: 00007f2fcbb8d169
[  748.548348][T13512] RDX: 0000000004000000 RSI: 0000200000000100 RDI: 0000000000000003
[  748.548358][T13512] RBP: 00007f2fcc966090 R08: 0000000000000000 R09: 0000000000000000
[  748.548366][T13512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  748.548375][T13512] R13: 0000000000000000 R14: 00007f2fcbda5fa0 R15: 00007ffe087826f8
[  748.548392][T13512]  </TASK>
[  749.014298][ T8893] usb 3-1: USB disconnect, device number 46
[  749.959930][T13533] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  750.064067][ T5808] udevd[5808]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  750.383060][ T5829] Bluetooth: hci3: unexpected event for opcode 0x0401
[  750.434983][   T10] usb 5-1: USB disconnect, device number 34
[  750.492652][T13541] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1977'.
[  751.288703][   T10] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  751.869980][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  751.890520][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  751.911451][   T10] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  751.944827][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  751.975489][   T10] usb 5-1: config 0 descriptor??
[  752.011208][T13558] FAULT_INJECTION: forcing a failure.
[  752.011208][T13558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  752.138757][T13558] CPU: 1 UID: 0 PID: 13558 Comm: syz.0.1982 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  752.138783][T13558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  752.138792][T13558] Call Trace:
[  752.138796][T13558]  <TASK>
[  752.138802][T13558]  dump_stack_lvl+0x16c/0x1f0
[  752.138832][T13558]  should_fail_ex+0x50a/0x650
[  752.138850][T13558]  _copy_from_user+0x2e/0xd0
[  752.138869][T13558]  copy_msghdr_from_user+0x99/0x160
[  752.138894][T13558]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  752.138924][T13558]  ___sys_sendmsg+0xff/0x1e0
[  752.138949][T13558]  ? __pfx____sys_sendmsg+0x10/0x10
[  752.138972][T13558]  ? __lock_acquire+0x5b6/0x1b80
[  752.139002][T13558]  ? __fget_files+0x20e/0x3b0
[  752.139027][T13558]  __sys_sendmsg+0x16e/0x220
[  752.139042][T13558]  ? __pfx___sys_sendmsg+0x10/0x10
[  752.139061][T13558]  ? rcu_is_watching+0x12/0xc0
[  752.139087][T13558]  do_syscall_64+0xcd/0x250
[  752.139103][T13558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  752.139125][T13558] RIP: 0033:0x7f8c1778d169
[  752.139138][T13558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  752.139153][T13558] RSP: 002b:00007f8c18687038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  752.139169][T13558] RAX: ffffffffffffffda RBX: 00007f8c179a5fa0 RCX: 00007f8c1778d169
[  752.139180][T13558] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000003
[  752.139190][T13558] RBP: 00007f8c18687090 R08: 0000000000000000 R09: 0000000000000000
[  752.139199][T13558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  752.139209][T13558] R13: 0000000000000000 R14: 00007f8c179a5fa0 R15: 00007ffc00a65da8
[  752.139226][T13558]  </TASK>
[  752.530056][   T10] usbhid 5-1:0.0: can't add hid device: -71
[  752.539224][   T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  752.553855][   T10] usb 5-1: USB disconnect, device number 35
[  753.066382][T13581] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1986'.
[  753.114370][T13582] loop9: detected capacity change from 0 to 7
[  753.124845][T13582] Dev loop9: unable to read RDB block 7
[  753.131281][T13582]  loop9: unable to read partition table
[  753.137353][T13582] loop9: partition table beyond EOD, truncated
[  753.144146][T13582] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  753.229461][T13583] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  753.248639][ T5897] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  754.689259][ T5897] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  755.357836][ T5897] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  755.367927][ T5897] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  755.377214][ T5897] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.405059][ T5897] usb 3-1: config 0 descriptor??
[  755.505659][T13589] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  755.838811][ T5829] Bluetooth: hci1: unexpected event for opcode 0x0401
[  755.852659][ T5897] usbhid 3-1:0.0: can't add hid device: -71
[  755.859020][ T5897] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  755.871184][ T5897] usb 3-1: USB disconnect, device number 47
[  755.945168][T13596] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1991'.
[  756.008654][ T5867] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  756.508778][ T5867] usb 4-1: Using ep0 maxpacket: 32
[  756.515160][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  756.526116][ T5867] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  756.535875][ T5867] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  756.987525][ T5867] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  756.996828][ T5867] usb 4-1: config 0 descriptor??
[  757.004862][ T5867] hub 4-1:0.0: USB hub found
[  757.206364][ T5867] hub 4-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  757.325345][T13608] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  757.779812][ T5867] usbhid 4-1:0.0: can't add hid device: -71
[  757.792652][ T5867] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  757.820396][ T5867] usb 4-1: USB disconnect, device number 41
[  758.319029][T13618] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  758.789453][ T5867] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  758.907960][T13629] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  759.070598][ T5867] usb 1-1: Using ep0 maxpacket: 8
[  759.187574][ T5867] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  759.336771][ T5867] usb 1-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  759.346048][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  759.356301][ T5867] usb 1-1: config 0 descriptor??
[  759.665036][T13632] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  760.349374][ T5867] belkin 0003:050D:3201.0005: hiddev0,hidraw0: USB HID v0.00 Device [HID 050d:3201] on usb-dummy_hcd.0-1/input0
[  760.382597][T13626] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  760.477451][ T5867] usb 1-1: USB disconnect, device number 37
[  762.085140][T13660] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  763.677432][ T5829] Bluetooth: hci1: unexpected event for opcode 0x2019
[  764.362910][   T30] audit: type=1400 audit(2000000477.830:428): avc:  denied  { setopt } for  pid=13687 comm="syz.1.2016" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  764.454072][T13689] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  764.541907][ T5866] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  764.698607][ T5866] usb 1-1: Using ep0 maxpacket: 32
[  764.806900][ T5866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  764.818120][ T5866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  764.829493][ T5866] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  764.844317][ T5866] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  764.871748][ T5866] usb 1-1: config 0 descriptor??
[  764.880320][ T5866] hub 1-1:0.0: USB hub found
[  764.902104][   T30] audit: type=1400 audit(2000000478.360:429): avc:  denied  { bind } for  pid=13693 comm="syz.1.2018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  764.981993][   T30] audit: type=1400 audit(2000000478.440:430): avc:  denied  { setattr } for  pid=13695 comm="syz.1.2019" path="/dev/mixer" dev="devtmpfs" ino=1288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  765.069760][   T30] audit: type=1400 audit(2000000478.480:431): avc:  denied  { setopt } for  pid=13698 comm="syz.2.2020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  765.083152][ T5866] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  765.130116][T13702] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2022'.
[  765.202684][T13705] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2023'.
[  765.218706][   T10] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  765.426991][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  765.592223][   T10] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3
[  765.710489][   T10] usb 2-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  765.737814][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  765.750379][   T10] usb 2-1: config 0 descriptor??
[  765.774672][ T5866] usbhid 1-1:0.0: can't add hid device: -71
[  765.785259][ T5866] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  765.822106][ T5866] usb 1-1: USB disconnect, device number 38
[  765.883957][ T8893] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  766.565100][ T8893] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  766.577243][ T8893] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  766.588328][ T8893] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  766.589278][   T10] Bluetooth: Can't get state to change to load ram patch err
[  766.599382][ T8893] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  766.631333][   T10] Bluetooth: Loading patch file failed
[  766.636818][   T10] ath3k 2-1:0.0: probe with driver ath3k failed with error -71
[  766.657885][   T10] usb 2-1: USB disconnect, device number 44
[  766.679088][ T8893] usb 4-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  766.688289][ T8893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  766.699011][ T8893] usb 4-1: config 0 descriptor??
[  767.674580][ T8893] usbhid 4-1:0.0: can't add hid device: -71
[  767.722501][ T8893] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  767.767643][ T8893] usb 4-1: USB disconnect, device number 42
[  768.747244][T13747] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  768.796196][ T5897] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  768.887727][   T30] audit: type=1400 audit(2000000482.350:432): avc:  denied  { map } for  pid=13750 comm="syz.2.2035" path="socket:[30686]" dev="sockfs" ino=30686 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  769.088664][ T5897] usb 5-1: config index 0 descriptor too short (expected 8228, got 36)
[  769.104646][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  769.154305][ T5897] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  769.181138][ T5897] usb 5-1: New USB device found, idVendor=1532, idProduct=011d, bcdDevice= 0.01
[  769.191571][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  769.215648][ T5897] usb 5-1: config 0 descriptor??
[  769.391410][T13761] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  769.669631][T13773] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  770.462774][ T5897] hid-rmi 0003:1532:011D.0006: item fetching failed at offset 0/4
[  770.481901][ T5897] hid-rmi 0003:1532:011D.0006: parse failed
[  770.488149][ T5897] hid-rmi 0003:1532:011D.0006: probe with driver hid-rmi failed with error -22
[  771.130698][    T9] usb 5-1: USB disconnect, device number 36
[  771.188147][   T30] audit: type=1400 audit(2000000484.650:433): avc:  denied  { block_suspend } for  pid=13780 comm="syz.0.2043" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  771.255712][T13786] netlink: 596 bytes leftover after parsing attributes in process `syz.0.2043'.
[  771.389856][   T30] audit: type=1400 audit(2000000484.780:434): avc:  denied  { module_load } for  pid=13780 comm="syz.0.2043" path="/sys/power/wakeup_count" dev="sysfs" ino=1407 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  771.519242][T13798] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  771.813479][   T30] audit: type=1400 audit(2000000485.280:435): avc:  denied  { watch watch_reads } for  pid=13802 comm="syz.4.2049" path="pipe:[31780]" dev="pipefs" ino=31780 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  771.837453][    C1] vkms_vblank_simulate: vblank timer overrun
[  772.704334][T13816] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  772.717401][T13813] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  773.064628][   T30] audit: type=1400 audit(2000000486.530:436): avc:  denied  { setopt } for  pid=13819 comm="syz.2.2055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  773.084092][    C1] vkms_vblank_simulate: vblank timer overrun
[  773.131611][   T30] audit: type=1400 audit(2000000486.600:437): avc:  denied  { ioctl } for  pid=13823 comm="syz.2.2056" path="socket:[31831]" dev="sockfs" ino=31831 ioctlcmd=0x4944 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  773.156278][    C1] vkms_vblank_simulate: vblank timer overrun
[  774.475197][    T9] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  774.645872][T13844] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  774.838783][ T5897] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  775.021666][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  775.034843][    T9] usb 3-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  775.046315][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  775.063639][T13846] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2063'.
[  775.063777][    T9] usb 3-1: Product: syz
[  775.077106][    T9] usb 3-1: Manufacturer: syz
[  775.089336][    T9] usb 3-1: SerialNumber: syz
[  775.100389][    T9] usb 3-1: config 0 descriptor??
[  775.115516][    T9] ims_pcu 3-1:0.0: Missing CDC union descriptor
[  775.121963][    T9] ims_pcu 3-1:0.0: probe with driver ims_pcu failed with error -22
[  775.264625][ T5897] usb 1-1: Using ep0 maxpacket: 32
[  775.271472][ T5897] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  775.282879][ T5897] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  775.759176][ T5897] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  775.769560][ T5897] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  775.770669][    T9] usb 3-1: USB disconnect, device number 48
[  775.790264][ T5897] usb 1-1: config 0 descriptor??
[  775.887993][ T5897] hub 1-1:0.0: USB hub found
[  776.289419][ T5897] hub 1-1:0.0: 1 port detected
[  777.035927][ T1142] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  777.690503][    T9] usb 1-1: USB disconnect, device number 39
[  777.690790][ T5897] hub 1-1:0.0: hub_ext_port_status failed (err = -71)
[  778.073112][T13875] FAULT_INJECTION: forcing a failure.
[  778.073112][T13875] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  778.088665][T13875] CPU: 0 UID: 0 PID: 13875 Comm: syz.3.2071 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  778.088688][T13875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  778.088698][T13875] Call Trace:
[  778.088703][T13875]  <TASK>
[  778.088709][T13875]  dump_stack_lvl+0x16c/0x1f0
[  778.088739][T13875]  should_fail_ex+0x50a/0x650
[  778.088759][T13875]  _copy_from_user+0x2e/0xd0
[  778.088778][T13875]  oom_score_adj_write+0xc7/0x200
[  778.088801][T13875]  ? __pfx_oom_score_adj_write+0x10/0x10
[  778.088829][T13875]  ? __pfx_oom_score_adj_write+0x10/0x10
[  778.088850][T13875]  vfs_write+0x24c/0x1150
[  778.088873][T13875]  ? __pfx___mutex_lock+0x10/0x10
[  778.088889][T13875]  ? __pfx_vfs_write+0x10/0x10
[  778.088915][T13875]  ? __fget_files+0x20e/0x3b0
[  778.088942][T13875]  ksys_write+0x12b/0x250
[  778.088962][T13875]  ? __pfx_ksys_write+0x10/0x10
[  778.088982][T13875]  ? rcu_is_watching+0x12/0xc0
[  778.089009][T13875]  do_syscall_64+0xcd/0x250
[  778.089026][T13875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.089049][T13875] RIP: 0033:0x7fc30118d169
[  778.089061][T13875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  778.089077][T13875] RSP: 002b:00007fc302018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  778.089093][T13875] RAX: ffffffffffffffda RBX: 00007fc3013a5fa0 RCX: 00007fc30118d169
[  778.089104][T13875] RDX: 0000000000000012 RSI: 0000200000000080 RDI: 0000000000000003
[  778.089114][T13875] RBP: 00007fc302018090 R08: 0000000000000000 R09: 0000000000000000
[  778.089124][T13875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  778.089133][T13875] R13: 0000000000000000 R14: 00007fc3013a5fa0 R15: 00007ffd55d10b58
[  778.089151][T13875]  </TASK>
[  778.578600][ T5897] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  778.732798][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  778.803879][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  779.428686][ T5897] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  779.437770][ T5897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  779.452689][ T5897] usb 4-1: config 0 descriptor??
[  779.888616][ T5897] usbhid 4-1:0.0: can't add hid device: -71
[  779.908448][ T5897] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  779.937949][ T5897] usb 4-1: USB disconnect, device number 43
[  779.952432][   T30] audit: type=1326 audit(2000000493.420:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13896 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  780.157979][   T30] audit: type=1326 audit(2000000493.420:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13896 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  780.250607][   T30] audit: type=1326 audit(2000000493.420:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13896 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  780.276299][   T30] audit: type=1326 audit(2000000493.450:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13896 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  780.299700][    C1] vkms_vblank_simulate: vblank timer overrun
[  780.311642][   T30] audit: type=1326 audit(2000000493.450:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13896 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  780.335023][    C1] vkms_vblank_simulate: vblank timer overrun
[  780.342909][   T30] audit: type=1326 audit(2000000493.450:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13896 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  780.347336][T13903] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  780.366199][    C1] vkms_vblank_simulate: vblank timer overrun
[  780.366784][   T30] audit: type=1326 audit(2000000493.450:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13896 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  780.402960][    C1] vkms_vblank_simulate: vblank timer overrun
[  780.410149][   T30] audit: type=1326 audit(2000000493.450:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13896 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  780.433511][    C1] vkms_vblank_simulate: vblank timer overrun
[  780.439708][   T30] audit: type=1326 audit(2000000493.450:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13896 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  780.524756][    T9] usb 1-1: new full-speed USB device number 40 using dummy_hcd
[  780.539050][   T30] audit: type=1326 audit(2000000493.450:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13896 comm="syz.0.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  780.690181][    T9] usb 1-1: device descriptor read/64, error -71
[  780.878720][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  780.936255][T13912] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  781.358748][    T9] usb 1-1: new full-speed USB device number 41 using dummy_hcd
[  781.366399][  T970] usb 2-1: new full-speed USB device number 45 using dummy_hcd
[  781.375092][T13910] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2081'.
[  782.015482][  T970] usb 2-1: device descriptor read/64, error -71
[  782.021815][    T9] usb 1-1: device descriptor read/64, error -71
[  782.041890][T13921] FAULT_INJECTION: forcing a failure.
[  782.041890][T13921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  782.056212][T13921] CPU: 1 UID: 0 PID: 13921 Comm: syz.4.2083 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  782.056235][T13921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  782.056245][T13921] Call Trace:
[  782.056250][T13921]  <TASK>
[  782.056257][T13921]  dump_stack_lvl+0x16c/0x1f0
[  782.056287][T13921]  should_fail_ex+0x50a/0x650
[  782.056306][T13921]  _copy_from_user+0x2e/0xd0
[  782.056325][T13921]  move_addr_to_kernel+0x74/0x160
[  782.056348][T13921]  __sys_connect+0xb0/0x170
[  782.056369][T13921]  ? __pfx___sys_connect+0x10/0x10
[  782.056391][T13921]  ? __fget_files+0x20e/0x3b0
[  782.056419][T13921]  ? __pfx_ksys_write+0x10/0x10
[  782.056445][T13921]  ? rcu_is_watching+0x12/0xc0
[  782.056470][T13921]  __x64_sys_connect+0x72/0xb0
[  782.056492][T13921]  ? lockdep_hardirqs_on+0x7c/0x110
[  782.056517][T13921]  do_syscall_64+0xcd/0x250
[  782.056534][T13921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  782.056557][T13921] RIP: 0033:0x7fe92018d169
[  782.056570][T13921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  782.056586][T13921] RSP: 002b:00007fe92103d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  782.056602][T13921] RAX: ffffffffffffffda RBX: 00007fe9203a5fa0 RCX: 00007fe92018d169
[  782.056613][T13921] RDX: 000000000000000a RSI: 00002000000001c0 RDI: 0000000000000006
[  782.056623][T13921] RBP: 00007fe92103d090 R08: 0000000000000000 R09: 0000000000000000
[  782.056632][T13921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  782.056642][T13921] R13: 0000000000000000 R14: 00007fe9203a5fa0 R15: 00007ffc97c793d8
[  782.056661][T13921]  </TASK>
[  782.139477][    T9] usb usb1-port1: attempt power cycle
[  782.318719][  T970] usb 2-1: new full-speed USB device number 46 using dummy_hcd
[  782.508707][ T5897] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  782.928621][ T5897] usb 5-1: Using ep0 maxpacket: 32
[  782.940536][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  782.960568][  T970] usb 2-1: device descriptor read/64, error -71
[  782.998680][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  783.008654][ T5897] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  783.017855][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  783.035708][ T5897] usb 5-1: config 0 descriptor??
[  783.052389][    T9] usb 1-1: new full-speed USB device number 42 using dummy_hcd
[  783.058075][ T5897] hub 5-1:0.0: USB hub found
[  783.116216][T13931] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  783.403649][  T970] usb usb2-port1: attempt power cycle
[  783.409119][    T9] usb 1-1: device not accepting address 42, error -71
[  783.557448][ T5897] hub 5-1:0.0: 1 port detected
[  784.827712][T13950] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  785.521506][ T5897] hub 5-1:0.0: hub_ext_port_status failed (err = -71)
[  785.524210][  T970] usb 5-1: USB disconnect, device number 37
[  785.540796][    T9] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  785.660360][T13964] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  785.949949][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  785.973762][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  785.986302][    T9] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  785.995783][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.025842][    T9] usb 1-1: config 0 descriptor??
[  786.375551][    T9] usbhid 1-1:0.0: can't add hid device: -71
[  786.388454][    T9] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  786.905304][    T9] usb 1-1: USB disconnect, device number 44
[  788.318639][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  789.478744][T12750] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  789.738656][T12750] usb 1-1: Using ep0 maxpacket: 32
[  789.742069][T12750] usb 1-1: config 0 interface 0 has no altsetting 0
[  789.742159][T12750] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  789.742205][T12750] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  789.790533][T12750] usb 1-1: config 0 descriptor??
[  789.919357][T12750] gspca_main: sunplus-2.14.0 probing 041e:400b
[  790.423601][T12750] gspca_sunplus: reg_w_riv err -71
[  790.457436][T12750] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  790.490354][T12750] usb 1-1: USB disconnect, device number 45
[  790.518637][ T5897] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  790.631624][T14019] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  790.753638][ T5897] usb 5-1: Using ep0 maxpacket: 32
[  790.775561][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  790.866235][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  790.876503][ T5897] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  790.888676][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  790.913088][ T5897] usb 5-1: config 0 descriptor??
[  790.919614][ T5897] hub 5-1:0.0: USB hub found
[  791.167502][ T5897] hub 5-1:0.0: 1 port detected
[  791.498634][   T10] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  791.638618][ T8893] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  791.698603][   T10] usb 3-1: Using ep0 maxpacket: 16
[  791.705190][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  791.718672][T12750] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  791.718722][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  791.743926][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  791.758576][   T10] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  791.768379][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  791.788639][   T10] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  791.789917][ T8893] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  791.808870][   T10] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  791.816858][   T10] usb 3-1: Manufacturer: syz
[  791.831002][ T5897] hub 5-1:0.0: hub_ext_port_status failed (err = -71)
[  791.848791][ T5897] usb 5-1: USB disconnect, device number 38
[  791.855006][ T1202] usb 5-1: Failed to suspend device, error -19
[  791.855455][   T10] usb 3-1: config 0 descriptor??
[  791.861276][ T8893] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  791.898616][T12750] usb 4-1: Using ep0 maxpacket: 32
[  791.906110][ T8893] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  791.918296][T12750] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  791.929366][T12750] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  791.940089][ T8893] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  791.958876][T12750] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  791.979192][ T8893] usb 1-1: config 0 descriptor??
[  791.984239][T12750] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  791.999873][T12750] usb 4-1: config 0 descriptor??
[  792.008862][T12750] hub 4-1:0.0: USB hub found
[  792.327017][ T8893] usbhid 1-1:0.0: can't add hid device: -71
[  792.354805][ T8893] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  792.377841][ T8893] usb 1-1: USB disconnect, device number 46
[  792.410504][T12750] hub 4-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  793.002186][T12750] usbhid 4-1:0.0: can't add hid device: -71
[  793.026643][T12750] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  793.208735][T12750] usb 4-1: USB disconnect, device number 44
[  793.898717][   T10] rc_core: IR keymap rc-hauppauge not found
[  793.914268][   T10] Registered IR keymap rc-empty
[  793.941843][T14060] FAULT_INJECTION: forcing a failure.
[  793.941843][T14060] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  793.958761][T14060] CPU: 1 UID: 0 PID: 14060 Comm: syz.1.2120 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  793.958784][T14060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  793.958787][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  793.958794][T14060] Call Trace:
[  793.958799][T14060]  <TASK>
[  793.958806][T14060]  dump_stack_lvl+0x16c/0x1f0
[  793.958834][T14060]  should_fail_ex+0x50a/0x650
[  793.958851][T14060]  _copy_from_user+0x2e/0xd0
[  793.958869][T14060]  copy_msghdr_from_user+0x99/0x160
[  793.958891][T14060]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  793.958920][T14060]  ___sys_sendmsg+0xff/0x1e0
[  793.958942][T14060]  ? __pfx____sys_sendmsg+0x10/0x10
[  793.958962][T14060]  ? __lock_acquire+0x5b6/0x1b80
[  793.958990][T14060]  ? __fget_files+0x20e/0x3b0
[  793.959013][T14060]  __sys_sendmsg+0x16e/0x220
[  793.959026][T14060]  ? __pfx___sys_sendmsg+0x10/0x10
[  793.959045][T14060]  ? rcu_is_watching+0x12/0xc0
[  793.959073][T14060]  do_syscall_64+0xcd/0x250
[  793.959088][T14060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  793.959108][T14060] RIP: 0033:0x7f2fcbb8d169
[  793.959120][T14060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  793.959134][T14060] RSP: 002b:00007f2fcc966038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  793.959149][T14060] RAX: ffffffffffffffda RBX: 00007f2fcbda5fa0 RCX: 00007f2fcbb8d169
[  793.959158][T14060] RDX: 0000000000004800 RSI: 0000200000000240 RDI: 0000000000000004
[  793.959167][T14060] RBP: 00007f2fcc966090 R08: 0000000000000000 R09: 0000000000000000
[  793.959176][T14060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  793.959184][T14060] R13: 0000000000000000 R14: 00007f2fcbda5fa0 R15: 00007ffe087826f8
[  793.959201][T14060]  </TASK>
[  794.238648][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.269088][   T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  794.282222][   T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input8
[  794.358788][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.388660][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.409026][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.437742][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.467138][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.474752][ T5865] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  794.518679][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.548601][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.568595][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.588889][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.623757][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  794.639698][ T5865] usb 4-1: Using ep0 maxpacket: 32
[  794.648868][T14072] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  794.675314][ T5865] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  794.684036][ T5865] usb 4-1: config 0 has no interface number 0
[  794.693457][   T10] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  794.702387][   T10] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  794.717059][ T5865] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  794.801445][T14075] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  794.896263][T14074] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  795.144990][ T5865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  795.160134][   T10] usb 3-1: USB disconnect, device number 49
[  795.166928][ T5865] usb 4-1: Product: syz
[  795.172959][ T5865] usb 4-1: Manufacturer: syz
[  795.178408][ T5865] usb 4-1: SerialNumber: syz
[  795.202443][ T5865] usb 4-1: config 0 descriptor??
[  795.309410][ T5865] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  795.431558][ T5865] usb 4-1: qt2_setup_urbs - submit read urb failed -8
[  795.469065][ T5865] quatech2 4-1:0.51: probe with driver quatech2 failed with error -8
[  795.528600][   T10] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  795.828152][ T5865] usb 4-1: USB disconnect, device number 45
[  796.009672][   T10] usb 3-1: Using ep0 maxpacket: 32
[  796.016413][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  796.027629][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  796.038276][   T10] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  796.047809][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  796.057777][   T10] usb 3-1: config 0 descriptor??
[  796.065767][   T10] hub 3-1:0.0: USB hub found
[  796.169641][T14085] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  796.922329][   T10] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  796.973170][   T10] usbhid 3-1:0.0: can't add hid device: -71
[  796.989854][   T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  797.016030][T14096] loop9: detected capacity change from 0 to 7
[  797.025541][T14096] Dev loop9: unable to read RDB block 7
[  797.036151][   T10] usb 3-1: USB disconnect, device number 50
[  797.042325][T14096]  loop9: unable to read partition table
[  797.051408][T14096] loop9: partition table beyond EOD, truncated
[  797.751984][T14096] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  798.078627][    T9] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  798.086621][   T30] kauditd_printk_skb: 45 callbacks suppressed
[  798.086633][   T30] audit: type=1400 audit(2000000511.550:493): avc:  denied  { ioctl } for  pid=14103 comm="syz.3.2134" path="/dev/usbmon0" dev="devtmpfs" ino=716 ioctlcmd=0x9203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  799.206834][    T9] usb 1-1: Using ep0 maxpacket: 32
[  799.248709][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  799.282555][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  799.308802][   T30] audit: type=1400 audit(2000000512.770:494): avc:  denied  { create } for  pid=14122 comm="syz.3.2140" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  799.335800][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  799.366420][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  799.386637][    T9] usb 1-1: config 0 descriptor??
[  799.403995][    T9] hub 1-1:0.0: USB hub found
[  799.658872][ T8893] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  799.912574][    T9] hub 1-1:0.0: 1 port detected
[  800.028757][ T8893] usb 3-1: Using ep0 maxpacket: 32
[  800.058782][ T8893] usb 3-1: no configurations
[  800.063404][ T8893] usb 3-1: can't read configurations, error -22
[  800.284324][ T8893] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  800.568640][ T8893] usb 3-1: Using ep0 maxpacket: 32
[  800.574355][ T8893] usb 3-1: no configurations
[  800.580398][   T30] audit: type=1400 audit(2000000514.050:495): avc:  denied  { ioctl } for  pid=14119 comm="syz.1.2138" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  800.580933][ T8893] usb 3-1: can't read configurations, error -22
[  800.604983][    C1] vkms_vblank_simulate: vblank timer overrun
[  800.618014][ T8893] usb usb3-port1: attempt power cycle
[  800.800895][ T5897] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  800.857930][T14150] loop9: detected capacity change from 0 to 7
[  800.865761][T14150] Dev loop9: unable to read RDB block 7
[  800.871785][T14150]  loop9: unable to read partition table
[  800.877597][T14150] loop9: partition table beyond EOD, truncated
[  800.885230][ T5865] usb 1-1: USB disconnect, device number 47
[  800.886886][T14150] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  800.891237][    T9] hub 1-1:0.0: hub_ext_port_status failed (err = -71)
[  800.961594][ T5897] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  800.971093][ T8893] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  800.978877][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  801.009020][ T8893] usb 3-1: Using ep0 maxpacket: 32
[  801.014691][ T8893] usb 3-1: no configurations
[  801.019423][ T8893] usb 3-1: can't read configurations, error -22
[  801.044792][ T5897] usb 5-1: config 0 descriptor??
[  801.151233][ T8893] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  801.266032][ T5897] [drm] vendor descriptor length:6 data:06 5f 01 74 75 6e 00 00 00 00 00
[  801.325049][ T5897] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  801.350006][ T8893] usb 3-1: Using ep0 maxpacket: 32
[  801.408434][ T8893] usb 3-1: no configurations
[  801.459416][ T8893] usb 3-1: can't read configurations, error -22
[  801.489792][ T5897] [drm:udl_init] *ERROR* Selecting channel failed
[  801.522841][ T8893] usb usb3-port1: unable to enumerate USB device
[  801.547888][ T5897] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[  801.563335][ T5897] [drm] Initialized udl on minor 2
[  801.575675][   T30] audit: type=1326 audit(2000000515.040:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14157 comm="syz.0.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  801.578102][ T5897] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  801.602763][   T30] audit: type=1326 audit(2000000515.040:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14157 comm="syz.0.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  801.631544][   T30] audit: type=1326 audit(2000000515.040:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14157 comm="syz.0.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  801.706780][ T5897] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  801.759561][ T8893] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  801.783557][ T5897] usb 5-1: USB disconnect, device number 39
[  801.832138][ T8893] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  801.862007][   T30] audit: type=1326 audit(2000000515.120:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14157 comm="syz.0.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  802.018894][   T30] audit: type=1326 audit(2000000515.120:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14157 comm="syz.0.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  802.042299][    C1] vkms_vblank_simulate: vblank timer overrun
[  802.071386][   T30] audit: type=1326 audit(2000000515.120:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14157 comm="syz.0.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  802.095122][   T30] audit: type=1326 audit(2000000515.120:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14157 comm="syz.0.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  802.097055][T14163] FAULT_INJECTION: forcing a failure.
[  802.097055][T14163] name failslab, interval 1, probability 0, space 0, times 0
[  802.157450][T14163] CPU: 1 UID: 0 PID: 14163 Comm: syz.1.2149 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  802.157475][T14163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  802.157485][T14163] Call Trace:
[  802.157491][T14163]  <TASK>
[  802.157498][T14163]  dump_stack_lvl+0x16c/0x1f0
[  802.157529][T14163]  should_fail_ex+0x50a/0x650
[  802.157545][T14163]  ? fs_reclaim_acquire+0xae/0x150
[  802.157566][T14163]  ? tomoyo_realpath_from_path+0xb9/0x720
[  802.157582][T14163]  should_failslab+0xc2/0x120
[  802.157607][T14163]  __kmalloc_noprof+0xcb/0x510
[  802.157633][T14163]  tomoyo_realpath_from_path+0xb9/0x720
[  802.157651][T14163]  ? tomoyo_profile+0x47/0x60
[  802.157671][T14163]  tomoyo_path_number_perm+0x248/0x590
[  802.157693][T14163]  ? tomoyo_path_number_perm+0x235/0x590
[  802.157717][T14163]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  802.157739][T14163]  ? find_held_lock+0x2b/0x80
[  802.157778][T14163]  ? find_held_lock+0x2b/0x80
[  802.157801][T14163]  ? __fget_files+0x204/0x3b0
[  802.157826][T14163]  ? __fget_files+0x20e/0x3b0
[  802.157849][T14163]  security_file_ioctl+0x9b/0x240
[  802.157875][T14163]  __x64_sys_ioctl+0xb7/0x200
[  802.157895][T14163]  do_syscall_64+0xcd/0x250
[  802.157913][T14163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.157936][T14163] RIP: 0033:0x7f2fcbb8d169
[  802.157949][T14163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  802.157965][T14163] RSP: 002b:00007f2fcc966038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  802.157982][T14163] RAX: ffffffffffffffda RBX: 00007f2fcbda5fa0 RCX: 00007f2fcbb8d169
[  802.157999][T14163] RDX: 00002000000000c0 RSI: 00000000c0485661 RDI: 0000000000000003
[  802.158010][T14163] RBP: 00007f2fcc966090 R08: 0000000000000000 R09: 0000000000000000
[  802.158021][T14163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  802.158031][T14163] R13: 0000000000000000 R14: 00007f2fcbda5fa0 R15: 00007ffe087826f8
[  802.158051][T14163]  </TASK>
[  802.158057][T14163] ERROR: Out of memory at tomoyo_realpath_from_path.
[  802.306890][    C1] vkms_vblank_simulate: vblank timer overrun
[  803.185322][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  803.185338][   T30] audit: type=1400 audit(2000000516.650:517): avc:  denied  { bind } for  pid=14174 comm="syz.4.2155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  803.688691][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  804.645514][   T30] audit: type=1326 audit(2000000518.100:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14194 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  804.703020][   T30] audit: type=1326 audit(2000000518.100:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14194 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  804.740915][   T30] audit: type=1326 audit(2000000518.100:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14194 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  804.795671][   T30] audit: type=1326 audit(2000000518.100:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14194 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  804.912046][T14201] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  805.262056][   T30] audit: type=1326 audit(2000000518.100:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14194 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  805.354687][T14197] 9pnet_fd: Insufficient options for proto=fd
[  805.429588][   T30] audit: type=1326 audit(2000000518.100:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14194 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  805.455154][   T30] audit: type=1326 audit(2000000518.100:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14194 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  805.938694][   T30] audit: type=1326 audit(2000000518.100:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14194 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  805.969268][T14194] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  805.998665][   T30] audit: type=1326 audit(2000000518.100:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14194 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  806.231786][T14215] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2161'.
[  806.929808][T14219] netlink: 180 bytes leftover after parsing attributes in process `syz.2.2162'.
[  808.208129][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  808.214539][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  808.348700][   T30] kauditd_printk_skb: 25 callbacks suppressed
[  808.348711][   T30] audit: type=1326 audit(2000000521.810:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14238 comm="syz.4.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  808.472851][   T30] audit: type=1326 audit(2000000521.810:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14238 comm="syz.4.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  808.565359][   T30] audit: type=1326 audit(2000000521.810:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14238 comm="syz.4.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  808.588799][    C1] vkms_vblank_simulate: vblank timer overrun
[  808.645431][   T30] audit: type=1326 audit(2000000521.920:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14238 comm="syz.4.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  808.728675][ T8893] usb 5-1: new full-speed USB device number 40 using dummy_hcd
[  808.776874][   T30] audit: type=1326 audit(2000000521.920:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14238 comm="syz.4.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  808.858633][ T8893] usb 5-1: device descriptor read/64, error -71
[  808.869492][   T30] audit: type=1326 audit(2000000521.920:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14238 comm="syz.4.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  808.892741][    C1] vkms_vblank_simulate: vblank timer overrun
[  809.208612][   T30] audit: type=1326 audit(2000000521.920:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14238 comm="syz.4.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  809.308232][   T30] audit: type=1326 audit(2000000521.920:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14238 comm="syz.4.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  809.333056][ T8893] usb 5-1: new full-speed USB device number 41 using dummy_hcd
[  809.359276][   T30] audit: type=1326 audit(2000000521.920:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14238 comm="syz.4.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  809.408190][   T30] audit: type=1326 audit(2000000521.920:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14238 comm="syz.4.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  809.559748][ T8893] usb 5-1: device descriptor read/64, error -71
[  810.079259][ T8893] usb usb5-port1: attempt power cycle
[  810.138825][ T5897] usb 2-1: new full-speed USB device number 48 using dummy_hcd
[  810.278753][ T5897] usb 2-1: device descriptor read/64, error -71
[  810.418636][ T8893] usb 5-1: new full-speed USB device number 42 using dummy_hcd
[  810.521551][ T8893] usb 5-1: device descriptor read/8, error -71
[  811.032972][ T5897] usb 2-1: new full-speed USB device number 49 using dummy_hcd
[  811.171480][ T8893] usb 5-1: new full-speed USB device number 43 using dummy_hcd
[  811.179187][ T5897] usb 2-1: device descriptor read/64, error -71
[  811.213547][ T8893] usb 5-1: device descriptor read/8, error -71
[  811.303128][ T5897] usb usb2-port1: attempt power cycle
[  811.329024][ T8893] usb usb5-port1: unable to enumerate USB device
[  811.620531][T14262] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  811.709423][ T5897] usb 2-1: new full-speed USB device number 50 using dummy_hcd
[  811.739804][ T5897] usb 2-1: device descriptor read/8, error -71
[  814.069210][    T9] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  815.408607][    T9] usb 3-1: Using ep0 maxpacket: 32
[  815.414979][    T9] usb 3-1: config 0 has an invalid interface number: 62 but max is 0
[  815.425559][    T9] usb 3-1: config 0 has no interface number 0
[  815.431896][    T9] usb 3-1: config 0 interface 62 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 1023
[  815.448616][    T9] usb 3-1: config 0 interface 62 has no altsetting 0
[  816.239160][    T9] usb 3-1: New USB device found, idVendor=0e41, idProduct=534d, bcdDevice=d4.e7
[  816.248243][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  816.300344][    T9] usb 3-1: Product: syz
[  816.312844][    T9] usb 3-1: config 0 descriptor??
[  816.318181][    T9] usb 3-1: can't set config #0, error -71
[  816.325192][    T9] usb 3-1: USB disconnect, device number 55
[  816.397407][   T30] kauditd_printk_skb: 86 callbacks suppressed
[  816.397418][   T30] audit: type=1326 audit(2000000529.860:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14299 comm="syz.1.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fcbb8d169 code=0x7ffc0000
[  816.524618][   T30] audit: type=1326 audit(2000000529.860:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14299 comm="syz.1.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fcbb8d169 code=0x7ffc0000
[  817.180579][   T30] audit: type=1326 audit(2000000529.860:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14299 comm="syz.1.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f2fcbb8d169 code=0x7ffc0000
[  817.328591][   T30] audit: type=1326 audit(2000000529.900:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14302 comm="syz.0.2182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  817.353965][   T30] audit: type=1326 audit(2000000529.900:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14302 comm="syz.0.2182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  817.531520][   T30] audit: type=1326 audit(2000000529.900:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14302 comm="syz.0.2182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  817.554916][    C1] vkms_vblank_simulate: vblank timer overrun
[  817.561872][   T30] audit: type=1326 audit(2000000529.990:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14299 comm="syz.1.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fcbb8d169 code=0x7ffc0000
[  817.591819][T14316] netlink: 'syz.4.2188': attribute type 27 has an invalid length.
[  817.599809][   T30] audit: type=1326 audit(2000000529.990:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14299 comm="syz.1.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fcbb8d169 code=0x7ffc0000
[  817.623145][    C1] vkms_vblank_simulate: vblank timer overrun
[  817.800809][   T30] audit: type=1326 audit(2000000530.020:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14299 comm="syz.1.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2fcbb8d169 code=0x7ffc0000
[  817.824131][    C1] vkms_vblank_simulate: vblank timer overrun
[  817.846926][   T30] audit: type=1326 audit(2000000530.020:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14299 comm="syz.1.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fcbb8d169 code=0x7ffc0000
[  817.870366][    C1] vkms_vblank_simulate: vblank timer overrun
[  818.359215][T14324] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  818.947313][ T5897] usb 2-1: new full-speed USB device number 52 using dummy_hcd
[  819.307079][ T5897] usb 2-1: device descriptor read/64, error -71
[  819.307797][ T5865] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  819.451664][T14333] FAULT_INJECTION: forcing a failure.
[  819.451664][T14333] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  819.485466][T14333] CPU: 0 UID: 0 PID: 14333 Comm: syz.4.2192 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  819.485494][T14333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  819.485503][T14333] Call Trace:
[  819.485508][T14333]  <TASK>
[  819.485515][T14333]  dump_stack_lvl+0x16c/0x1f0
[  819.485547][T14333]  should_fail_ex+0x50a/0x650
[  819.485568][T14333]  _copy_from_user+0x2e/0xd0
[  819.485587][T14333]  copy_msghdr_from_user+0x99/0x160
[  819.485615][T14333]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  819.485650][T14333]  ___sys_sendmsg+0xff/0x1e0
[  819.485676][T14333]  ? __pfx____sys_sendmsg+0x10/0x10
[  819.485701][T14333]  ? __lock_acquire+0x5b6/0x1b80
[  819.485734][T14333]  ? __fget_files+0x20e/0x3b0
[  819.485761][T14333]  __sys_sendmsg+0x16e/0x220
[  819.485777][T14333]  ? __pfx___sys_sendmsg+0x10/0x10
[  819.485799][T14333]  ? rcu_is_watching+0x12/0xc0
[  819.485826][T14333]  do_syscall_64+0xcd/0x250
[  819.485843][T14333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  819.485867][T14333] RIP: 0033:0x7fe92018d169
[  819.485880][T14333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  819.485895][T14333] RSP: 002b:00007fe92103d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  819.485912][T14333] RAX: ffffffffffffffda RBX: 00007fe9203a5fa0 RCX: 00007fe92018d169
[  819.485923][T14333] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  819.485933][T14333] RBP: 00007fe92103d090 R08: 0000000000000000 R09: 0000000000000000
[  819.485942][T14333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  819.485951][T14333] R13: 0000000000000000 R14: 00007fe9203a5fa0 R15: 00007ffc97c793d8
[  819.485970][T14333]  </TASK>
[  819.691313][ T5865] usb 1-1: Using ep0 maxpacket: 32
[  819.702869][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  819.714235][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  819.724121][ T5865] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  819.733331][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  819.912167][ T5897] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  820.170360][ T5897] usb 2-1: Using ep0 maxpacket: 32
[  820.501570][ T5897] usb 2-1: config 0 has an invalid interface number: 62 but max is 0
[  820.518591][ T5897] usb 2-1: config 0 has no interface number 0
[  820.533184][ T5897] usb 2-1: config 0 interface 62 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 1023
[  820.656729][ T5865] usb 1-1: config 0 descriptor??
[  820.669749][ T5865] hub 1-1:0.0: USB hub found
[  820.672173][ T5897] usb 2-1: config 0 interface 62 has no altsetting 0
[  820.690176][ T5897] usb 2-1: New USB device found, idVendor=0e41, idProduct=534d, bcdDevice=d4.e7
[  820.703349][ T5897] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  820.715996][ T5897] usb 2-1: Product: syz
[  820.936505][ T5897] usb 2-1: Manufacturer: syz
[  820.996719][T14350] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  821.708447][ T5897] usb 2-1: SerialNumber: syz
[  821.734322][ T5897] usb 2-1: config 0 descriptor??
[  821.761066][T14336] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  821.935018][ T5897] snd_usb_variax 2-1:0.62: Line 6 Variax Workbench found
[  821.953010][ T5865] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[  821.962906][ T5897] usb 2-1: selecting invalid altsetting 1
[  821.988348][ T5897] snd_usb_variax 2-1:0.62: set_interface failed
[  822.035110][T14355] FAULT_INJECTION: forcing a failure.
[  822.035110][T14355] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  822.075578][ T5897] snd_usb_variax 2-1:0.62: Line 6 Variax Workbench now disconnected
[  822.140691][ T5897] snd_usb_variax 2-1:0.62: probe with driver snd_usb_variax failed with error -22
[  822.175070][T14355] CPU: 1 UID: 0 PID: 14355 Comm: syz.4.2197 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  822.175096][T14355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  822.175106][T14355] Call Trace:
[  822.175112][T14355]  <TASK>
[  822.175118][T14355]  dump_stack_lvl+0x16c/0x1f0
[  822.175152][T14355]  should_fail_ex+0x50a/0x650
[  822.175172][T14355]  _copy_from_user+0x2e/0xd0
[  822.175192][T14355]  copy_msghdr_from_user+0x99/0x160
[  822.175218][T14355]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  822.175247][T14355]  ? __pfx___schedule+0x10/0x10
[  822.175273][T14355]  ___sys_sendmsg+0xff/0x1e0
[  822.175298][T14355]  ? __pfx____sys_sendmsg+0x10/0x10
[  822.175343][T14355]  __sys_sendmmsg+0x201/0x420
[  822.175360][T14355]  ? __pfx___sys_sendmmsg+0x10/0x10
[  822.175382][T14355]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  822.175414][T14355]  ? fput+0x70/0xf0
[  822.175429][T14355]  ? ksys_write+0x1ba/0x250
[  822.175449][T14355]  ? __pfx_ksys_write+0x10/0x10
[  822.175473][T14355]  __x64_sys_sendmmsg+0x9c/0x100
[  822.175488][T14355]  ? lockdep_hardirqs_on+0x7c/0x110
[  822.175511][T14355]  do_syscall_64+0xcd/0x250
[  822.175528][T14355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.175551][T14355] RIP: 0033:0x7fe92018d169
[  822.175564][T14355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  822.175579][T14355] RSP: 002b:00007fe92103d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  822.175596][T14355] RAX: ffffffffffffffda RBX: 00007fe9203a5fa0 RCX: 00007fe92018d169
[  822.175607][T14355] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000003
[  822.175617][T14355] RBP: 00007fe92103d090 R08: 0000000000000000 R09: 0000000000000000
[  822.175626][T14355] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000001
[  822.175636][T14355] R13: 0000000000000000 R14: 00007fe9203a5fa0 R15: 00007ffc97c793d8
[  822.175654][T14355]  </TASK>
[  822.370249][    C1] vkms_vblank_simulate: vblank timer overrun
[  822.570249][ T5865] usbhid 1-1:0.0: can't add hid device: -71
[  822.576241][ T5865] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  822.610275][  T970] usb 2-1: USB disconnect, device number 53
[  822.666813][ T5865] usb 1-1: USB disconnect, device number 48
[  823.404521][T14369] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  824.615379][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  824.615393][   T30] audit: type=1326 audit(2000000538.080:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14371 comm="syz.4.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  825.018975][   T30] audit: type=1326 audit(2000000538.080:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14371 comm="syz.4.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  825.168657][   T30] audit: type=1326 audit(2000000538.080:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14371 comm="syz.4.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  825.192361][   T30] audit: type=1326 audit(2000000538.110:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14371 comm="syz.4.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  825.216298][   T30] audit: type=1326 audit(2000000538.110:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14371 comm="syz.4.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  825.268605][ T5865] usb 5-1: new full-speed USB device number 44 using dummy_hcd
[  825.297692][   T30] audit: type=1326 audit(2000000538.110:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14371 comm="syz.4.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  825.762657][   T30] audit: type=1326 audit(2000000538.110:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14371 comm="syz.4.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  825.789319][   T30] audit: type=1326 audit(2000000538.110:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14371 comm="syz.4.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  825.918691][ T5865] usb 5-1: device descriptor read/64, error -71
[  826.278731][ T5865] usb 5-1: new full-speed USB device number 45 using dummy_hcd
[  826.481666][   T30] audit: type=1326 audit(2000000538.110:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14371 comm="syz.4.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  826.518696][T14381] SELinux:  policydb version 0 does not match my version range 15-34
[  826.527167][T14381] SELinux: failed to load policy
[  826.540029][   T30] audit: type=1326 audit(2000000538.110:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14371 comm="syz.4.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  826.678570][ T5865] usb 5-1: device descriptor read/64, error -71
[  826.791742][ T5865] usb usb5-port1: attempt power cycle
[  827.497555][   T24] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  827.588825][ T5865] usb usb5-port1: Cannot enable. Maybe the USB cable is bad?
[  827.698737][   T24] usb 3-1: Using ep0 maxpacket: 32
[  828.599502][ T5865] usb 5-1: new full-speed USB device number 47 using dummy_hcd
[  828.668346][   T24] usb 3-1: config 0 has an invalid interface number: 62 but max is 0
[  828.674323][ T5865] usb 5-1: config 0 has an invalid interface number: 6 but max is 0
[  828.684460][   T24] usb 3-1: config 0 has no interface number 0
[  828.690742][   T24] usb 3-1: config 0 interface 62 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 1023
[  828.701878][ T5865] usb 5-1: config 0 has an invalid descriptor of length 134, skipping remainder of the config
[  828.702327][   T24] usb 3-1: config 0 interface 62 has no altsetting 0
[  828.720903][   T24] usb 3-1: New USB device found, idVendor=0e41, idProduct=534d, bcdDevice=d4.e7
[  828.730177][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  828.738160][   T24] usb 3-1: Product: syz
[  828.742388][   T24] usb 3-1: Manufacturer: syz
[  828.746980][   T24] usb 3-1: SerialNumber: syz
[  828.746979][ T5865] usb 5-1: config 0 has no interface number 0
[  828.747008][ T5865] usb 5-1: config 0 interface 6 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  828.771807][   T24] usb 3-1: config 0 descriptor??
[  828.777328][T14403] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  828.786599][   T24] snd_usb_variax 3-1:0.62: Line 6 Variax Workbench found
[  828.794176][   T24] usb 3-1: selecting invalid altsetting 1
[  828.799963][   T24] snd_usb_variax 3-1:0.62: set_interface failed
[  828.806752][   T24] snd_usb_variax 3-1:0.62: Line 6 Variax Workbench now disconnected
[  828.814872][   T24] snd_usb_variax 3-1:0.62: probe with driver snd_usb_variax failed with error -22
[  829.743175][ T5865] usb 5-1: config 0 interface 6 altsetting 0 endpoint 0x82 has invalid maxpacket 9728, setting to 64
[  829.757860][ T5865] usb 5-1: New USB device found, idVendor=10cf, idProduct=8061, bcdDevice=b7.12
[  829.767352][ T5865] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  829.786935][  T970] usb 3-1: USB disconnect, device number 56
[  830.040844][ T5865] usb 5-1: Product: syz
[  830.045062][ T5865] usb 5-1: Manufacturer: syz
[  830.049883][ T5865] usb 5-1: SerialNumber: syz
[  831.047299][ T5865] usb 5-1: config 0 descriptor??
[  831.076779][ T5865] usb 5-1: can't set config #0, error -71
[  831.110067][ T5865] usb 5-1: USB disconnect, device number 47
[  832.392909][T14445] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  832.613154][T14456] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2223'.
[  832.622969][T14456] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2223'.
[  832.640172][T14456] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2223'.
[  832.721406][T14454] syzkaller0: entered promiscuous mode
[  832.743221][T14454] syzkaller0: entered allmulticast mode
[  832.758336][T10503] syzkaller0: tun_net_xmit 48
[  832.828637][   T10] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  833.012155][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  833.241840][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  833.281466][   T10] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  833.324999][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  833.366181][   T10] usb 4-1: config 0 descriptor??
[  833.680066][   T10] usbhid 4-1:0.0: can't add hid device: -71
[  833.696242][   T10] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  833.716489][   T10] usb 4-1: USB disconnect, device number 46
[  833.768610][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  834.889999][T14488] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  835.068643][   T10] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  835.299573][   T10] usb 1-1: Using ep0 maxpacket: 32
[  835.318994][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  835.337843][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  835.407570][   T10] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  835.417015][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  835.427544][   T10] usb 1-1: config 0 descriptor??
[  835.434887][   T10] hub 1-1:0.0: USB hub found
[  835.864662][   T10] hub 1-1:0.0: 1 port detected
[  836.085556][T14504] loop9: detected capacity change from 0 to 7
[  837.655735][   T10] hub 1-1:0.0: hub_ext_port_status failed (err = -32)
[  838.358715][T14504] Dev loop9: unable to read RDB block 7
[  838.371444][T14504]  loop9: unable to read partition table
[  838.377240][T14504] loop9: partition table beyond EOD, truncated
[  838.383486][T14504] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  839.116885][T14517] netlink: 180 bytes leftover after parsing attributes in process `syz.2.2239'.
[  839.218761][T14519] netlink: 187320 bytes leftover after parsing attributes in process `syz.3.2238'.
[  839.228376][T14519] netlink: zone id is out of range
[  839.240352][T14519] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2238'.
[  840.240480][T12750] usb 1-1: USB disconnect, device number 49
[  840.370817][   T24] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  840.898604][   T24] usb 5-1: Using ep0 maxpacket: 32
[  840.906129][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  840.938541][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  841.016736][   T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  841.042801][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  841.066044][   T24] usb 5-1: config 0 descriptor??
[  841.081628][T14545] FAULT_INJECTION: forcing a failure.
[  841.081628][T14545] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  841.098215][   T24] hub 5-1:0.0: USB hub found
[  841.103920][T14545] CPU: 1 UID: 0 PID: 14545 Comm: syz.0.2246 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  841.103943][T14545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  841.103952][T14545] Call Trace:
[  841.103957][T14545]  <TASK>
[  841.103963][T14545]  dump_stack_lvl+0x16c/0x1f0
[  841.103993][T14545]  should_fail_ex+0x50a/0x650
[  841.104017][T14545]  _copy_from_user+0x2e/0xd0
[  841.104035][T14545]  copy_msghdr_from_user+0x99/0x160
[  841.104061][T14545]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  841.104094][T14545]  ___sys_sendmsg+0xff/0x1e0
[  841.104119][T14545]  ? __pfx____sys_sendmsg+0x10/0x10
[  841.104143][T14545]  ? __lock_acquire+0x5b6/0x1b80
[  841.104174][T14545]  ? __fget_files+0x20e/0x3b0
[  841.104199][T14545]  __sys_sendmsg+0x16e/0x220
[  841.104215][T14545]  ? __pfx___sys_sendmsg+0x10/0x10
[  841.104236][T14545]  ? rcu_is_watching+0x12/0xc0
[  841.104262][T14545]  do_syscall_64+0xcd/0x250
[  841.104278][T14545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.104301][T14545] RIP: 0033:0x7f8c1778d169
[  841.104314][T14545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  841.104330][T14545] RSP: 002b:00007f8c18687038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  841.104346][T14545] RAX: ffffffffffffffda RBX: 00007f8c179a5fa0 RCX: 00007f8c1778d169
[  841.104357][T14545] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  841.104366][T14545] RBP: 00007f8c18687090 R08: 0000000000000000 R09: 0000000000000000
[  841.104376][T14545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  841.104385][T14545] R13: 0000000000000000 R14: 00007f8c179a5fa0 R15: 00007ffc00a65da8
[  841.104403][T14545]  </TASK>
[  841.296976][   T24] hub 5-1:0.0: 1 port detected
[  841.651177][ T5865] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  841.822748][ T5865] usb 2-1: Using ep0 maxpacket: 32
[  842.197429][ T5865] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  842.246935][ T5865] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  842.277416][ T5865] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  842.292148][ T5865] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  842.314420][ T5865] usb 2-1: config 0 descriptor??
[  842.338991][ T5865] hub 2-1:0.0: USB hub found
[  842.543878][ T5865] hub 2-1:0.0: 1 port detected
[  843.634521][   T24] hub 5-1:0.0: hub_ext_port_status failed (err = -32)
[  844.020718][   T10] usb 2-1: USB disconnect, device number 54
[  844.026801][ T5865] hub 2-1:0.0: hub_ext_port_status failed (err = -71)
[  844.038622][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  844.038634][   T30] audit: type=1400 audit(2000000557.500:713): avc:  denied  { bind } for  pid=14588 comm="syz.4.2253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  844.955986][T14597] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2256'.
[  845.017375][  T970] usb 5-1: USB disconnect, device number 48
[  845.194182][T14597] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2256'.
[  846.769948][T14623] FAULT_INJECTION: forcing a failure.
[  846.769948][T14623] name failslab, interval 1, probability 0, space 0, times 0
[  846.782830][T14623] CPU: 0 UID: 0 PID: 14623 Comm: syz.3.2263 Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0 PREEMPT(full) 
[  846.782852][T14623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  846.782862][T14623] Call Trace:
[  846.782867][T14623]  <TASK>
[  846.782873][T14623]  dump_stack_lvl+0x16c/0x1f0
[  846.782902][T14623]  should_fail_ex+0x50a/0x650
[  846.782918][T14623]  ? fs_reclaim_acquire+0xae/0x150
[  846.782938][T14623]  ? tomoyo_realpath_from_path+0xb9/0x720
[  846.782954][T14623]  should_failslab+0xc2/0x120
[  846.782978][T14623]  __kmalloc_noprof+0xcb/0x510
[  846.783003][T14623]  tomoyo_realpath_from_path+0xb9/0x720
[  846.783020][T14623]  ? tomoyo_profile+0x47/0x60
[  846.783038][T14623]  tomoyo_path_number_perm+0x248/0x590
[  846.783057][T14623]  ? tomoyo_path_number_perm+0x235/0x590
[  846.783080][T14623]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  846.783102][T14623]  ? find_held_lock+0x2b/0x80
[  846.783138][T14623]  ? find_held_lock+0x2b/0x80
[  846.783161][T14623]  ? __fget_files+0x204/0x3b0
[  846.783185][T14623]  ? __fget_files+0x20e/0x3b0
[  846.783208][T14623]  security_file_ioctl+0x9b/0x240
[  846.783234][T14623]  __x64_sys_ioctl+0xb7/0x200
[  846.783253][T14623]  do_syscall_64+0xcd/0x250
[  846.783270][T14623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.783292][T14623] RIP: 0033:0x7fc30118d169
[  846.783305][T14623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  846.783320][T14623] RSP: 002b:00007fc302018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  846.783336][T14623] RAX: ffffffffffffffda RBX: 00007fc3013a5fa0 RCX: 00007fc30118d169
[  846.783346][T14623] RDX: 0000200000000040 RSI: 00000000c05c6104 RDI: 0000000000000003
[  846.783356][T14623] RBP: 00007fc302018090 R08: 0000000000000000 R09: 0000000000000000
[  846.783366][T14623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  846.783374][T14623] R13: 0000000000000000 R14: 00007fc3013a5fa0 R15: 00007ffd55d10b58
[  846.783392][T14623]  </TASK>
[  846.783399][T14623] ERROR: Out of memory at tomoyo_realpath_from_path.
[  847.071312][   T30] audit: type=1326 audit(2000000560.540:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14626 comm="syz.2.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  847.358753][   T30] audit: type=1326 audit(2000000560.540:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14626 comm="syz.2.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  847.382807][   T30] audit: type=1326 audit(2000000560.540:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14626 comm="syz.2.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  847.408759][   T30] audit: type=1326 audit(2000000560.570:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14626 comm="syz.2.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  847.435150][   T30] audit: type=1326 audit(2000000560.570:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14626 comm="syz.2.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  847.459488][   T30] audit: type=1326 audit(2000000560.570:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14626 comm="syz.2.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  847.529377][   T30] audit: type=1326 audit(2000000560.570:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14626 comm="syz.2.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  847.584140][   T30] audit: type=1326 audit(2000000560.570:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14626 comm="syz.2.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  847.657047][T14641] netlink: 'syz.2.2268': attribute type 10 has an invalid length.
[  847.673737][   T30] audit: type=1326 audit(2000000560.570:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14626 comm="syz.2.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  847.688550][T14641] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2268'.
[  847.708631][T14642] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  847.742048][T14642] batman_adv: batadv0: Removing interface: batadv_slave_0
[  847.762990][T14642] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  847.768633][   T24] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  847.779930][T14642] batman_adv: batadv0: Removing interface: batadv_slave_1
[  847.932767][   T24] usb 4-1: Using ep0 maxpacket: 16
[  847.942846][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  847.957412][   T24] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  847.971083][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  848.000191][   T24] usb 4-1: config 0 descriptor??
[  848.033548][T14651] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  849.268213][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  849.268245][   T30] audit: type=1400 audit(2000000562.730:738): avc:  denied  { write } for  pid=14632 comm="syz.3.2266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  849.286478][   T24] mcp2221 0003:04D8:00DD.0007: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  850.618073][  T970] usb 4-1: USB disconnect, device number 47
[  851.134936][T14674] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2276'.
[  851.513600][   T30] audit: type=1326 audit(2000000564.980:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.0.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  851.669683][   T30] audit: type=1326 audit(2000000564.980:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.0.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  851.708831][   T30] audit: type=1326 audit(2000000565.040:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.0.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  851.784629][   T30] audit: type=1326 audit(2000000565.050:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.0.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  851.942123][   T30] audit: type=1326 audit(2000000565.050:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.0.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  851.978631][ T8893] usb 1-1: new full-speed USB device number 50 using dummy_hcd
[  852.350892][   T30] audit: type=1326 audit(2000000565.090:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.0.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  852.407051][   T30] audit: type=1326 audit(2000000565.090:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.0.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  852.448706][   T30] audit: type=1326 audit(2000000565.090:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.0.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  852.501619][ T8893] usb 1-1: device descriptor read/64, error -71
[  852.505649][   T30] audit: type=1326 audit(2000000565.090:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14676 comm="syz.0.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8c1778d169 code=0x7ffc0000
[  852.808666][ T8893] usb 1-1: new full-speed USB device number 51 using dummy_hcd
[  853.084533][ T8893] usb 1-1: device descriptor read/64, error -71
[  853.597375][ T8893] usb usb1-port1: attempt power cycle
[  854.002281][ T8893] usb 1-1: new full-speed USB device number 52 using dummy_hcd
[  854.061226][T14722] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2289'.
[  854.071067][ T8893] usb 1-1: device descriptor read/8, error -71
[  854.858675][   T30] kauditd_printk_skb: 63 callbacks suppressed
[  854.858712][   T30] audit: type=1326 audit(2000000568.250:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14723 comm="syz.2.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  854.976136][   T30] audit: type=1326 audit(2000000568.250:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14723 comm="syz.2.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  855.047919][   T30] audit: type=1326 audit(2000000568.250:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14723 comm="syz.2.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  855.181309][   T30] audit: type=1326 audit(2000000568.270:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14723 comm="syz.2.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  855.273752][   T30] audit: type=1326 audit(2000000568.270:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14723 comm="syz.2.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  855.300184][   T30] audit: type=1326 audit(2000000568.270:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14723 comm="syz.2.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  855.353919][   T30] audit: type=1326 audit(2000000568.270:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14723 comm="syz.2.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  855.387332][   T30] audit: type=1326 audit(2000000568.270:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14723 comm="syz.2.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  855.411058][   T30] audit: type=1326 audit(2000000568.270:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14723 comm="syz.2.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  855.434406][    C1] vkms_vblank_simulate: vblank timer overrun
[  855.441546][ T5897] usb 3-1: new full-speed USB device number 57 using dummy_hcd
[  855.838780][   T30] audit: type=1326 audit(2000000568.440:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14723 comm="syz.2.2290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f822978d169 code=0x7ffc0000
[  855.958703][ T5897] usb 3-1: device descriptor read/64, error -71
[  856.934290][ T5897] usb 3-1: new full-speed USB device number 58 using dummy_hcd
[  857.069755][ T5897] usb 3-1: device descriptor read/64, error -71
[  857.609150][ T5897] usb usb3-port1: attempt power cycle
[  858.376356][T14802] loop9: detected capacity change from 0 to 7
[  858.625322][T14802] Dev loop9: unable to read RDB block 7
[  858.631194][T14802]  loop9: unable to read partition table
[  858.637381][T14802] loop9: partition table beyond EOD, truncated
[  858.643765][T14802] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  859.626836][T14806] netlink: 'syz.0.2310': attribute type 3 has an invalid length.
[  859.798052][ T5897] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  859.928413][T14815] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  859.968671][ T5897] usb 4-1: Using ep0 maxpacket: 32
[  859.975250][ T5897] usb 4-1: config 0 has an invalid interface number: 246 but max is 0
[  860.001064][ T5897] usb 4-1: config 0 has no interface number 0
[  860.007285][ T5897] usb 4-1: config 0 interface 246 has no altsetting 0
[  860.016172][ T5897] usb 4-1: New USB device found, idVendor=0c8f, idProduct=e086, bcdDevice=74.90
[  860.025716][ T5897] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  860.057565][ T5897] usb 4-1: Product: syz
[  860.060571][   T30] kauditd_printk_skb: 41 callbacks suppressed
[  860.060583][   T30] audit: type=1326 audit(2000000573.520:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14816 comm="syz.4.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  860.062178][ T5897] usb 4-1: Manufacturer: syz
[  860.093352][   T30] audit: type=1326 audit(2000000573.520:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14816 comm="syz.4.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  860.097514][ T5897] usb 4-1: SerialNumber: syz
[  860.257101][   T30] audit: type=1326 audit(2000000573.520:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14816 comm="syz.4.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  860.291327][   T30] audit: type=1326 audit(2000000573.590:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14816 comm="syz.4.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  860.413194][ T5897] usb 4-1: config 0 descriptor??
[  860.506746][   T30] audit: type=1326 audit(2000000573.590:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14816 comm="syz.4.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  860.625047][   T30] audit: type=1326 audit(2000000573.590:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14816 comm="syz.4.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  860.721258][   T30] audit: type=1326 audit(2000000573.590:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14816 comm="syz.4.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  861.139972][   T30] audit: type=1326 audit(2000000573.590:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14816 comm="syz.4.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  861.164717][   T30] audit: type=1326 audit(2000000573.590:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14816 comm="syz.4.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  861.188787][   T30] audit: type=1326 audit(2000000573.590:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14816 comm="syz.4.2313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92018d169 code=0x7ffc0000
[  861.253744][  T970] usb 4-1: USB disconnect, device number 48
[  870.318792][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  870.325084][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  895.208592][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  931.103589][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  934.088899][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  994.268841][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  994.275140][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1012.958559][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1033.298642][   T31] INFO: task syz.0.2316:14825 blocked for more than 148 seconds.
[ 1033.306395][   T31]       Not tainted 6.14.0-syzkaller-00826-g327ecdbc0fda #0
[ 1034.264156][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1034.272896][   T31] task:syz.0.2316      state:D stack:26472 pid:14825 tgid:14825 ppid:5815   task_flags:0x400040 flags:0x00004006
[ 1034.284846][   T31] Call Trace:
[ 1034.288118][   T31]  <TASK>
[ 1034.291066][   T31]  __schedule+0x112e/0x5b80
[ 1034.295580][   T31]  ? __lock_acquire+0x5b6/0x1b80
[ 1034.300536][   T31]  ? __pfx___schedule+0x10/0x10
[ 1034.305393][   T31]  ? schedule+0x2d7/0x3a0
[ 1034.309754][   T31]  schedule+0xe7/0x3a0
[ 1034.313827][   T31]  schedule_timeout+0x244/0x280
[ 1037.288884][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1037.294639][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1039.308491][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1039.313740][   T31]  __wait_for_common+0x3e1/0x600
[ 1040.328482][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1040.333903][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1042.311290][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1042.316082][   T31]  __vhost_worker_flush+0x1aa/0x1e0