last executing test programs:

13.001334536s ago: executing program 2 (id=1727):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000380)={'syz0\x00', {0xff, 0x6, 0x7fff, 0x8d5}, 0x24, [0x10000, 0xeba, 0x80000000, 0xe67, 0x8, 0x1, 0x5, 0x7ff, 0x54, 0x7fffdfff, 0x2, 0xc, 0x8, 0x9, 0x9, 0xfffffff7, 0x7, 0x40000, 0xa, 0x23, 0x2, 0x0, 0x3ff, 0xfffffff4, 0x1, 0xda6, 0x3, 0xa7, 0xeb36, 0x2, 0x9, 0x76c9, 0x200, 0x1, 0x1, 0x1, 0x7, 0x9, 0xf, 0xb, 0x10, 0x80000000, 0x8, 0xb50, 0x0, 0x800, 0x3, 0x0, 0x6, 0xfffffffe, 0x5, 0x8, 0x24, 0x7fff, 0xb, 0x1, 0x200, 0x0, 0x0, 0x7f, 0x964e, 0x2d5, 0x149, 0x1], [0x66ac, 0xfffffff9, 0x4, 0x3, 0x7fff, 0x7, 0x13e, 0x9, 0x4, 0x2, 0x0, 0x7, 0x6, 0x8001, 0x9, 0x8, 0x2, 0x5, 0x40, 0x7ff, 0x7ff, 0x5, 0x9, 0x800, 0x89, 0x7ff, 0x0, 0x1, 0xfffffff7, 0x9, 0x9, 0x4d26, 0x10000, 0x8, 0x1, 0x6, 0x0, 0x4, 0x4c, 0x9, 0x8, 0x5, 0xe66, 0x8, 0x2, 0x81, 0x4b, 0x4, 0x6, 0xb, 0x4, 0x9, 0x101, 0x8d1, 0x8fd, 0xfffffffa, 0xe0, 0x8e, 0x10001, 0x4, 0x401, 0xae0, 0x7f, 0x9], [0x8396, 0x7, 0x6, 0x9, 0x8000, 0x1, 0x9, 0xe88, 0x8, 0x6, 0x0, 0x400, 0x1000, 0x9, 0x6e, 0x8000, 0x7, 0x3, 0x6, 0x5, 0x3, 0xc9, 0x2, 0x3, 0x0, 0x2, 0x2, 0xc, 0x5, 0xb0f, 0x1e, 0x3, 0x800, 0x8, 0x9, 0x3, 0x4, 0xfffffff7, 0x4, 0xe, 0x464b, 0x6, 0x2e7, 0x7ff, 0x1ff, 0x6, 0x87ff, 0x2, 0x7fffffff, 0xffffffff, 0x4, 0xffff, 0xd5d, 0xa0c787d, 0xffffff4e, 0x9, 0x4, 0x40, 0x3, 0x0, 0x1fc1, 0x9, 0x1, 0x3], [0x10, 0x7, 0x9, 0x2, 0xa5e, 0xfe, 0xff, 0x3, 0x80000000, 0x0, 0xe, 0x2, 0x4, 0x7, 0x7, 0x0, 0xfffffffd, 0xfffffff8, 0xc, 0x4, 0x3, 0xff, 0x6, 0xcc, 0x6, 0x4000400, 0xffffffff, 0xfffffffb, 0x40, 0x80000000, 0x4, 0x7, 0xfff, 0x40, 0x9, 0x6a6d06fb, 0x9, 0x1, 0x0, 0x7, 0x8ac1, 0x3, 0x4, 0x80000002, 0x80000002, 0xff, 0x6, 0x3, 0xfffff801, 0xffffffff, 0x37d, 0xfffffff8, 0xd, 0x7, 0xd, 0x9, 0x6eaf, 0x0, 0x401, 0x5e02, 0x2, 0x3, 0x5, 0x400]}, 0x45c)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x40000000000000, &(0x7f0000000100)={<r2=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r2}}, 0x10)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000000), r2, 0x0, 0x1, 0x4}}, 0x20)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000340)={0x1d, r4, 0x0, {0x2, 0xff, 0x6}}, 0x18)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$can_j1939(r3, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000c80)="c0c957d020443ad68b", 0x9}, 0x1, 0x0, 0x0, 0x804}, 0x4048801)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)}, 0x48005)
socket$inet_sctp(0x2, 0x1, 0x84)
r5 = getpid()
syz_pidfd_open(r5, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo/4\x00')
writev(r0, &(0x7f0000000240)=[{&(0x7f0000000080)="d19b757a509b1b11c4befd8cadfe4c4a57", 0x11}, {0x0}], 0x2)

12.700825881s ago: executing program 2 (id=1728):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x840, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = mq_open(&(0x7f00000000c0)='${$\x00', 0x840, 0x0, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r4, &(0x7f00000010c0)={0x8, {"eddd025b60fdc30a063f172d718c2bd6b3645eadae0f767eb61f2421975b0064d30faba72ba63ab33c4ee2a6cb2f0cb187830255738dd670e8e178672a7473488a157b83ca0ed9657299e98243c15b6b8e08f34570dda445b526949a9b3aebdb97dda475e54a098f1ae57c4774c8ef81d36c77d309e0c817fba3415591dd26a637e43bec5f0fb193d8671889d89ac77bd90ee5efac63bf9eafc61f393e33aaa503760afad0e395042048defbc27ecc254790f419072feb3d5fb4815364072248a42bb88952f316952ea727ae850143819fb80a77407a2309c90ee7894bee7c5862bf14672cc9036bf0ccba7769b5d57b757b550180000000000000a7f0840d7040084b449eb5445ea40b3b9811a66d5228839907fba91ba8a5ca95b4600fcd98f93af794a412e97404d6f40a61e802f6112ff259a29ca8fb98ffce8fd12509883e812e7edb4a643fe4aac56bb01f69823bd6f4ebd618d81cb3d463eea2c9bae30b888a824043a71d5f3319b146848d63a5415f5ed47b33cafa473cc2c91c425a2d24bf5d8e627e6fc63f58a7b08180ce16e5aa7015478cfbebba3045ec5dd620f69659f3fe11af23b095b43ced6a48afaf3d9a78762d40ada3b1fead7884620e213f28a9a2e6bcda0b88347c8eb3f6be8be3fc2d507eaae0430ccd836d4790038d25d65091e6e7ee9bec612b4a5d90e9e878c9c57fd1aa28ee9fab64d2d3bec12ae68a974c0f64365548a5db8a1d8fc9e32b38df32e826a3d2a88ae824a5faa87d7a25373728da5322ebc73db3d9ac8c64db9c90b18d67b7770966a3b8a1079f5b83f21482ff8b1cc1c699a0a5a135b6fe2791abb556603e3255e89922de5bca02d57ace9f6d486a363891b6c15e3c0000000047e9617351e98a040f2e7019ddee08f2d6cdc9de2f7a32ea65d266513fa7821c24c90ae39268757eefacfe94d53c740747c86429eadbead0a3576549442f4f77d846df8d54b37fc280bd5b9320f872756706357b9813318a6bfeb77d4ddec55ab5592da2c6d05b3c021182485b96a634013c5ad5ba55f07d07211c0db03ccb5981f5955df2e86cd0f62f6ba66fe4abf695ebc6629e42f6ce96a132883f148eeeacdff13b1cbfa73cbc70b8c5b677682d7c60d1a1311b1222aef1edb4e231c869a18f9ae8eeba4eb4cba8a4a56703cd90710b2208bce8e9a18aaf4e7c47474c08ff85c307d660607bddfe49ac714e0fcdfefedddafa452dfe0341c8a8f07e62e4486699a740feda4b7b2bc635308eb6990f3dfa9065aa8b26ad0ac66fe86dbf2dfb5f0c4b0cad557d4fa4b61116aa57a285a705e1d87d3f8d560b5fd3f8c5df3dc22bd4edb36c1c2e78c0b69863f576d3053ceb21ecb287faf64bb7a3cfe3c28eb7c2335a3af5a29308dac5f7d6f48f46da8370124c37e5a3c9fdfd3d78a082030b2233f02fae54012d2ad2b1c1ec2a35a130a5d3f76b5f9a10a4d31ca41c5c2f58a40c058a48e5dd8a71adbabcbca341e46a6ad538491025e79db3c59350b229ae433537e54b62968ff582f041080719fb88778884da1c79ff28398d8edfcd931043b64bf75b944e735d6d0fa62ed1e3550fe9fa5c1f063b06fb8e13909c87efffe72481ada2d01522a93c70266aa3991c7141ecca2bc618fe54d7529a0c2a46469ca4b2086e112fdf4e1266ca6b5fd4b0fbea280dd246f622f0da6d0f3e3b0357dc0744132e66d8b035662ad5cd3faedd2f743e24ecfed2efd6fd3aed1402bdbc66af3c0b77b7962966649591d7d5985c81a063d46ddf07656f2b049f5811b310e567027bc1b6d44fc892d37aeda8cacc704c1dcc1a7ef759937416e01163027b81befa86772ddf576c37f3151792c4358d1fa418bcd250dc41effa988116589b110d31a59486123769e50f5b3985b4660919f08dd5c96ab8ab03322d0c61890f90e56970f0aa13a96bcfa97139d5627ed6a5558dee292bf0a6e5ad23341c7dc3464a05b9045cc3abbfc0448bf9ca044fd188569cc0c57e07105d1fa1efd44529b6592fa718e092c1a3fa3e56689c9c5168a5619bf2109bde2dca59ad16735e597402c1896d4e24f56c9d4bbc1f0b3a0135b7028a402c6a1a78de57a838b1871477d7b43dff3779fdb50b2ec9a3ae11fab7f715e7979e64a0f0d54d025105d1f768cdad112aeb2eac1c8042aff6fb975a16c64080ba4e0de0af9b8a975a2b6af6a05dff8ae848f6b80f2bd80c56e4683e67a3aaad0e72242b0f0f07d7d7a64a8669e75a99ba4fdb2ba239c5ef28c8f1dc0b2459698b374f1035a75eafde3d90d69afa489ee2d7f7958a5cc51e574203bab464ddd4d08abbb77c8874c6ce692d078bdc309d73ccb49c9d60a269c77601e82e1c824fca2a43605f8453943d23794785096da2ff56547389009e27a908cfcea03ede09c392e0bafa30891e23fbacdf08b49cbd2f4083f94c3c71877ffac86d426e5fe08fa9541f837f2de8440e0b2226b664a45a564f1357e804c24cd2cef95564a1e0041736ced508a63af4e9f4ae9f690084f8c67db3b3569fb86225b6cce291da8057200d1f86899081ebfa5274625ada6ee793fe4246d97157d608099a6adf81eb88bb37cdb64a18ed0e13a0cfeea3af2164a59b8a90a4a1dfad6f03cc27ccbcc879c2b54a57a6d81e01dbd9d7440e9f1a1f608617a308214b58a9090022b7c6631cda308a0aa13dd68159bd8578afeb5402b0e227ef709d8c58929fba262ff4ec70c3a8f68b98f92380201112f560c216d5dc61ad466ee08c1af18982617597436c6a0e0077bb2dab8932175fb30aafceb4d63b4b8aa4a1c2f3867a83855d418ae75b3029dff960a5a4fcbe0fb84828633d535413e0c70a26b2485dddaa7c52256ad85d5f71778af39692fb8553850bbac096d8d9c9145e0ed7903b5d530005f29493a5aa7e0c04b62cc07f2bcfa31a48ce7c167abdd145af8c25fb882b64e41a9b51ae77209d82a9095e1d80711e1c802302b92ad8e413bc9b200e57c6038a46bfc9468b5fdda7f3e57e676c99d4dde6b3a86ed2cb9a55cf199835ef9d858f5a692c4036b32ea07c76c29faa5e2241afab129340b6e2ad94baea982429225cfac726dbf137f6477432a31808a281c9af3c4bef4a2f508721ec71fc1c374fca4d4e25ed9754a41ebfcaaac7637caa13791a64ff995d3cd984ed8cecccc491de80596f8db8d3fe6a6f2b208d065fb6fbb5569bf7cd8a8162271ca5e5ed2b3b98f28d81b3b498345c48492c8fe2e6181f527bbe4ce6600f9e33fb65609bc4318ecf4ca151d3095232820a84704311f0bd3532178cf1e6ef9483b1f52ec2992e84aaf1239c99faeab989bd9848223e90093e71eb650660255fce7bd85872e413fe219859d18ef67f1f07a590ceadc1c687820c3c7cf9e2ff9609199c4b49fd74553507c1c7f45b5b1b40c96c0c984977f476ed686f8710248677847f5c0989df0eca6be3df498acfcfbca85bb986c8d844c19f62b06b95d8d6f4e4367040d45e494271f29546f1086f88fdc549402bd669e9aed5fe000000ef7668d3abeadb430d30534aef0a3a9a125bdeaa11647bafe6e1303b967d29718ac301cadbb43654a36b78ff91836584a5e3472db8db4ded526ecfef2efa2279c17639d3aef1587d5b8bbc8abec3a28dba276613c514a50fe243a588ecdb77ab1525088507f5a0537ba59062416beb479538806f04e70bc192c1fd46377c6105116cd21b75f29f91b67317ce4bd67dea18f560765dabf8f0cebfb770339aa2558df698e1ee22adc7b81b16b2e7fb06e7b5c2ca98c71aec18bc23b11d3b84c6a10aa866c5f438fc2d928fc89ce0902492cd79d6a1ffce27a66031cc24d1b82e9e8b6bdcb6b37f89531e048ae5ee10483dccbb734ba20a15b145fdeadfc461e146d8882133b4e6c6ba30d316ee0bf0bf40f26639077d090d1df3b943e78ba5ece82fcd4576cf3a87d7a9ad080b2cce7371e5bd671ad37e35ff03dfb6684ac0d4eda69154444aef2a173ba093bc87839e41388b2101f72a9b6cf675efbb231b007c11a7b452df89a584f459b23340c0dae21a4146968b66ac9b08d2408830ccec4e6fb1dd665c3023a3b32042b1facfb0bd4d5b9861fe5b0abee3313264b5abe61b1e145bc11121dc87bf1a6008433dedd4d7977b082400136bfceb33a2a3ceea9a6b67b8f85b604970c3ad474db7356f802bc840afe833c9056c037b2ea240b5846149682e14e4e126c7f88b9eb2c7384da631fbab63754611d52b4107dfd10fdf46e557be95a07e6ae64cbeb2d420bcfd87a2f52ecbfe5eba301e3c86761c1545b876e5951106e91be75e9d22301674bca4d729fffd9812cb984910b976c2a74966caf3d75ba7dc7f4275d24caf3bc94376a3579e8575c69401ea75d14e27f98eb7a05eccebd36ea89c4ac0dec65eb613d7f052c6b75b398c65249449b0693164a51c0c224ac1bb4f0781d2d10b96519131b6df9541aa1e7511820f71ab1d497234862f475356d9664a9fbbf0285738a143842820d5b795dcca64a24de4bae802fae01d82fec5548e108c4e750e8f1580d2ebd6bde06622db32c1f47eca183a81ecfde3b6a187c47f7984d2c6051f2ace7ac2bfc5da0cd4b0e57e69bf39551cc5443e12e9ce113cff2cecdd2802e5b9c5a1107e1ed982b93b8e986afa379ac1c6a5ee67e966c72bf149f9ba1c169bafe3d58e18e56438ad4a4db4826edb5eb4ff27808ddd7f87eb31cf232effc9bfff7305d91696e17058217d2d5596ae9082a1cc98d60b854b2ff76718d981c20d68ecf4f1a8dcd5f9f06162df324b84b246e5e11d6722003f32e3396e30c11724db17210c37dfa080c1be2fbeea1c92e084f72386fb29856bc25a16a53f97f44a5e81fd55872772eebdd0db3a5bdf0c28d34a48f8d707a97a3b89367c98e30dbe9c02444177a8fbaa605c6051157e41fade8432af5233ee030ad6fb7572ee4e7bd687dd855fe112ac46a7b1abe88771eb3b49e3d583efe7b79394ca4687acfc262af45dbf4736e9e17d39ea5f8e81f6ed7f242c5a09da7f22f37ce9d5e6222fa71aed8ee69e501d30cd98f5c5275d5dcc1f112c3dbd2cca465f7442d952353613ac5b30222cf153c598c15c102b0dd0d99e45595d98ab365fda3f6e3bdf29b66a8d0a43c1c6a109e3056015a49e4f9ed7522163da86b9e2bf14d7c0ff026261f96feabc0b1c64ba130acb2c4927a783bed9f4e1d38f0a1351000334010b99585c24fb9a7a24809e4bffc3448c778dbeeed816225b2173fae0975e1b9c19213dc33bab3a9bbe8f62e306a1aecac5484d3f23421f5064c16aa4fa67de32222115928c0f3b114593dd0c791c590be61e0b97ed0b0e0dcdb238eb1290466d9c10dfaa8c7fcd0bf659897d945df86d936c67e42924d47a4245fb3d6f8ec538d59c100c6e52100317ea41a1fd253ddd54b13b6a2807ea729d3fd7e1b0461cc78b2c7c889b9ad3ec0398399ff645f3ab988b8a52d9f09a430cfa0390c4c5ad3a392ef28a9f4056d77b712df09b69d7d93617c4783133f9abab2d6935d54f59d0c1b5ea4dba28af7bbfeaf29009618c436ddec116f8966b4ae89ceca545daef5a48f1668231731af7abc502df9f7d308998b92adbfdf0937186a9cbcd4267dc1d0e399b27dacc07ca37f76ceb42f13e4de89dd484a91dc8a2bebece95c6400fde8bdc6d2857454f562f04422b632925c84fb501998ab096363acafea06790c298a76267ca63d81763343fa1fbbbeecba24ca939b3f4d577a5129fd3c407cada9151a12b04e76d664b232cf05c9ad000", 0x1000}}, 0x1006)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x1c, "fee8a2ab78fcffffffffffffff2000b8785d960000000000000000000000000f00000000000100000000000000000000000000000200", "2809e897bdb2128bfc82525edd665240f45f819e01982861ac0000000000000000001100", "90be8b1c551265406c7f306003d8a0f4bd00", [0x20]}})
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, 0xffffffffffffffff)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0xfffffffffffffffd}}}, 0xb8}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0xfd, 0x1, 0x0, @private=0xa010102, @local}, @timestamp_reply={0xe, 0x0, 0x0, 0x3, 0xe, 0x7, 0x40, 0x200003}}}}}, 0x0)
syz_open_dev$sndmidi(0x0, 0x0, 0x4401)
close_range(r1, 0xffffffffffffffff, 0x0)

12.248667171s ago: executing program 2 (id=1731):
userfaultfd(0x801)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001900010028bd70000000000002181400ff003600001f0000060015"], 0x24}}, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000140)=0x10)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x1, 0x10, 0xfa00, {0x0}}, 0x18)
connect$inet(r4, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r4, 0x0, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_ABS_SETUP(r5, 0x401c5504, &(0x7f0000000140)={0x4, {0x1, 0x1, 0x8, 0x4, 0x5, 0x52}})
shutdown(r4, 0x1)
r6 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b///o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)

10.808209482s ago: executing program 2 (id=1739):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000440), 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x7, 0xfa11, 0xffffffff}, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x31})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r4)
sendmsg$DEVLINK_CMD_RATE_SET(r4, 0x0, 0x0)
syz_open_procfs$userns(0xffffffffffffffff, 0x0)
sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, 0x0, 0x804)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000"], 0x34}, 0x1, 0x0, 0x0, 0x40080c0}, 0x40000)
syz_open_dev$tty20(0xc, 0x4, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)

9.549566289s ago: executing program 2 (id=1746):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r2, 0x1, 0x8, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r5, 0x0, 0x0)
close(r5)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='sessionid\x00')
connect$unix(r6, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
syz_genetlink_get_family_id$smc(&(0x7f00000001c0), r2)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x800021c, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000840)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x1, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000140)={r1})
madvise(&(0x7f000045e000/0x1000)=nil, 0x1000, 0x0)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r7 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000100)=@keyring={'key_or_keyring:', r7})
mlock2(&(0x7f000027f000/0x2000)=nil, 0x2000, 0x1)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r9 = dup(r8)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0)
write$6lowpan_enable(r9, &(0x7f0000000280)='1', 0x1)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="50fff6001000030000bd70000000000000000400", @ANYRES32=0x0, @ANYBLOB="ef03000000000000300012800b000100697036746e6c000020000280050004000600000014000300fc0200"/56], 0x50}}, 0x4004850)

8.769357337s ago: executing program 0 (id=1749):
userfaultfd(0x801)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001900010028bd70000000000002181400ff003600001f0000060015"], 0x24}}, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000140)=0x10)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x1, 0x10, 0xfa00, {0x0}}, 0x18)
connect$inet(r4, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r4, 0x0, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_ABS_SETUP(r5, 0x401c5504, &(0x7f0000000140)={0x4, {0x1, 0x1, 0x8, 0x4, 0x5, 0x52}})
shutdown(r4, 0x1)
r6 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b///o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)

7.761683183s ago: executing program 1 (id=1754):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000005c40)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000780)=""/4096, 0x1000}, 0x101}, {{&(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000100)=""/40, 0x28}, {&(0x7f0000000380)=""/185, 0xb9}], 0x2, &(0x7f0000000440)}, 0x4}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, 0x0}, 0x9}, {{&(0x7f0000002dc0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0, 0x0, &(0x7f0000003000)=""/30, 0x1e}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000005800)=""/104, 0x68}}], 0x6, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xbcb5, 0x0, 0x5, 0x1000}, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x4)
lsm_get_self_attr(0x67, 0x0, &(0x7f0000000540), 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
clock_gettime(0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @remote}, 0x10)
setsockopt$inet_int(r4, 0x0, 0x13, &(0x7f0000000040)=0x29, 0x4)
socket$netlink(0x10, 0x3, 0x2)
preadv2(r3, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000001a00010028bd7000fedbdf250ade047ffc00ff040001000008001900feda52"], 0x2c}, 0x1, 0x0, 0x0, 0x40840}, 0x8044)
syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, &(0x7f0000000000)='bridge0\x00')

6.722341213s ago: executing program 0 (id=1758):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r2], 0x50}, 0x1, 0xba01}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r3, &(0x7f00000003c0)="d4d3ba", 0x3, 0x40000, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r3, 0x84, 0x79, &(0x7f00000011c0)={0x0, 0x5, 0x7fff}, 0x8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000020}, 0x0) (fail_nth: 4)

6.018790637s ago: executing program 0 (id=1761):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000300)=0x8)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0207e80702"], 0x10}}, 0x40044)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000280)={{{@in=@multicast1, @in=@loopback, 0x0, 0x56, 0x0, 0x0, 0xa}, {0x7, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x2000000, 0x2}, {0x1, 0xfffffffffffffffd, 0xff}, 0x1, 0x0, 0x1}, {{@in=@private=0xa010102, 0x0, 0x2b}, 0x2, @in=@broadcast, 0x3507, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r9 = dup(r8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r9, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})
r10 = openat$vimc0(0xffffff9c, &(0x7f0000005cc0), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r10, 0xc0cc5605, &(0x7f0000005d00)={0xc, @pix_mp={0x101, 0x8, 0x3147504d, 0x8, 0xb, [{0xba, 0x7fffffff}, {0x7ffff7ff, 0x1}, {0x0, 0x2202}, {0x46b, 0x4}, {0x6, 0xd5d}, {0x8, 0xe43}, {0x9, 0x2}, {0x2, 0x2}], 0xc, 0xbf, 0x6, 0x0, 0x97be6e47811f337}})
r11 = memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x6)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x97052, r11, 0x0)
socket$kcm(0xa, 0x1, 0x106)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000003c0)=@sack_info={r2, 0x0, 0x3}, 0xc)

5.690862067s ago: executing program 4 (id=1763):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = shmget$private(0x0, 0x4000, 0x1000, &(0x7f0000ff9000/0x4000)=nil)
r2 = shmat(r1, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
shmat(r1, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
shmdt(r2)
r3 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
syz_usb_disconnect(r3)
syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000640)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x80, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0xffffffbe}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x0, 0x3ff}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x0, 0xc0}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x0, 0x0, 0x20}}}}}]}}]}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r5, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008040}, 0x4040)
ioctl$F2FS_IOC_DECOMPRESS_FILE(r0, 0xf517, 0x0)
ioctl$EVIOCRMFF(r3, 0x4004550d, 0x0)

5.238338328s ago: executing program 3 (id=1764):
r0 = syz_open_dev$vbi(&(0x7f0000000400), 0x0, 0x2)
ioctl$VIDIOC_S_PRIORITY(r0, 0x40045644, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001280)=ANY=[@ANYRES32=r1], 0x6c}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001200)={0x24, 0x3, 0x1, 0x101, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x10, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES32, @ANYBLOB="000000e300000000b702000014000000b7030000000000008500000083000000bf090000006b060055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r2, 0x0, &(0x7f0000000880)={[], 0xf000}, 0x0)

4.875018485s ago: executing program 1 (id=1765):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0xa0}}, 0x0)

4.704239713s ago: executing program 1 (id=1766):
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000940)={{0xfffc, 0x8001}, 'syz1\x00', 0x2e})
r0 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x0)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
syz_emit_ethernet(0x46, &(0x7f0000000200)={@local, @random="94f0c5d4e816", @void, {@ipv6={0x86dd, @dccp_packet={0x0, 0x6, 'z?\x00', 0x10, 0x21, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, "dba20d"}}}}}}}, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r2, 0x27)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/bus/input/devices\x00', 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r4, &(0x7f0000000040)={'#! ', '', [{0x20, ']\t'}]}, 0x7)
close(r4)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)={0x14, 0x38, 0x701, 0x0, 0x0, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x4044840}, 0x4000000)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000000140)={{0x8, 0x5}, 'port0\x00', 0x40, 0x400, 0x0, 0xc, 0x40, 0x7f, 0x401, 0x0, 0x2, 0x2})

4.225699331s ago: executing program 3 (id=1767):
userfaultfd(0x801)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001900010028bd70000000000002181400ff003600001f0000060015"], 0x24}}, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000140)=0x10)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x1, 0x10, 0xfa00, {0x0}}, 0x18)
connect$inet(r4, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r4, 0x0, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_ABS_SETUP(r5, 0x401c5504, &(0x7f0000000140)={0x4, {0x1, 0x1, 0x8, 0x4, 0x5, 0x52}})
shutdown(r4, 0x1)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b///o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)

3.793040621s ago: executing program 1 (id=1768):
userfaultfd(0x801)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001900010028bd70000000000002181400ff003600001f0000060015"], 0x24}}, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000140)=0x10)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x1, 0x10, 0xfa00, {0x0}}, 0x18)
connect$inet(r4, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r4, 0x0, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_ABS_SETUP(r5, 0x401c5504, &(0x7f0000000140)={0x4, {0x1, 0x1, 0x8, 0x4, 0x5, 0x52}})
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r6 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b///o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)

3.493423851s ago: executing program 4 (id=1769):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001200)=ANY=[@ANYBLOB="800100001a001307fdffffff00000000fe8000000000000000000000000000aaff010000000000000000000000000001fffc4002000000000000000000000000a5116ef15e6b35790a2623a9183b7ee5db787dcf6119a07820e330090e42ffe9023175742e8f64757d388f1233e1f2ee5a2993eb7037261ec42e2fd50906c4a6549d95e821d30200e697a568a6a5acd73c8c5cd03110b62c10fc8be2134ce179ee2e4f7f256d080a9a719d17203dfb1bb30e84aa", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff0100000000000000000000000000010000000033000000ac14140000000000000000000000000009000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000200000000000100000000000a000200600000004800010073686131000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c001200616567697331323800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000"], 0x180}}, 0x8000)
r1 = socket$inet6(0xa, 0x3, 0x9)
unshare(0x2040400)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8000}, 0x8)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r2, &(0x7f0000002d00)=[{{&(0x7f0000001080)={0xa, 0x4e22, 0x1, @private2, 0x10001}, 0x1c, &(0x7f00000010c0)=[{&(0x7f00000011c0)="e6e2", 0x2}], 0x1}}, {{&(0x7f0000001100)={0xa, 0x4e20, 0x7fff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xfffffff7}, 0x1c, &(0x7f00000019c0)=[{&(0x7f0000001140)="a5", 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r2, 0x1)
getsockopt$bt_hci(r2, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000001180)=0xfd9)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f00000014c0)=@name={0x1e, 0x2, 0x2}, 0x10)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_int(r4, 0x0, 0xf, &(0x7f0000000100)=0xfffffffffffffff9, 0x4)
bind$inet(r4, &(0x7f0000000180)={0x2, 0x4e24, @empty}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000001ec0), 0xffffffffffffffff)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000180)=0x7ff, 0x4)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
sendto$packet(r6, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c28", 0x12, 0x4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000000140)={0x30, r5, 0x1, 0x70bd25, 0x0, {{}, {}, {0x14, 0x19, {0x80000000, 0x4000001, 0x1, 0x5}}}}, 0x30}, 0x1, 0x0, 0x0, 0x20040803}, 0x20000000)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
inotify_rm_watch(r8, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="00000000000000006c665e1e0a674e0d7a30dcf630fac429880e3fa2da2519db774ef51731927f3a1d77b473708fe6fbee3a0a63d6420d", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00'})

3.336582248s ago: executing program 4 (id=1770):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, 0x0)
socket(0x848000000015, 0x805, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket(0x1e, 0x805, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000080000000140012800a00010076786c616e00000004000280", @ANYRES64=r1], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)

3.188997524s ago: executing program 4 (id=1771):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, 0x0)
socket(0x848000000015, 0x805, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket(0x1e, 0x805, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000080000000140012800a00010076786c616e0000000400028008000a00"], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)

3.072228853s ago: executing program 4 (id=1772):
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
r0 = syz_open_dev$evdev(0x0, 0x0, 0x0)
userfaultfd(0x801)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$dsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
connect$l2tp6(r4, &(0x7f0000000140)={0xa, 0x0, 0x101, @loopback, 0x8}, 0x20)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r5 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x1b5d, 0x80, 0x40000, 0x114}, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYRES16, @ANYRES32, @ANYRES8=r3, @ANYRES16=r5, @ANYRES32=r5, @ANYRESOCT=r4, @ANYRES32=r2], 0x14}, 0x1, 0x0, 0x0, 0x400c9d5}, 0x20040000)
syz_usb_disconnect(r0)
ioctl$EVIOCRMFF(r0, 0x40045506, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r6, 0x1, 0x3c, &(0x7f0000000340)={0x1, 0x6d}, 0x8)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x41, &(0x7f0000000000)=0x116, 0x4)
sendmmsg$inet6(r6, &(0x7f0000000680)=[{{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x4004000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r7 = add_key$keyring(&(0x7f0000000340), &(0x7f00000004c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000500)=@chain)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000001080)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000140)={0x2, 0x59, 0x2, 0x2, 0xeff, 0x7, 0x1, 0x5, r8}, &(0x7f0000000180)=0x20)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000200)={r8, 0x2, 0x3ff}, 0x8)

2.675698273s ago: executing program 0 (id=1773):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x9}, 0x1c)
unshare(0x22020400)
r2 = socket$l2tp(0x2, 0x2, 0x73)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x4e22, @multicast1}, 0x10)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
sendmsg$inet6(r1, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001780)=[{0x0}, {&(0x7f0000000300)="5c4f3d6bcf", 0x5}], 0x2}, 0x810)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth0_to_batadv\x00', <r4=>0x0})
r5 = getpid()
capget(&(0x7f0000000380)={0x19980330, r5}, &(0x7f00000003c0)={0x380000, 0x8, 0x100, 0x9, 0x8})
move_pages(r5, 0x6, &(0x7f0000000040)=[&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil], &(0x7f00000000c0)=[0xfff, 0x2, 0xc, 0x6, 0x10000, 0xfff, 0x2, 0x6], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="050000000000000071100a000000000006000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000000c0)={'bond_slave_1\x00', &(0x7f0000000080)=@ethtool_cmd={0x26, 0x10000080}})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r8, 0x4068aea3, &(0x7f0000000080)={0xa8, 0x0, 0x2})
socket(0x9, 0x6, 0x6)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x3fff8, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xc}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0xffffffff, 0x0, 0x0, 0xffffffff}, 0x22000, 0x0, 0xffffffff, 0x8, 0x101, 0x3, 0xfe, 0x0, 0x0, 0xfffffffc, {0x4, 0x6, 0xfffffffd, 0x0, 0x0, 0x8}}}}]}, 0x78}}, 0x40000c4)
r9 = fsmount(0xffffffffffffffff, 0x0, 0x1)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r9, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, r3, {r0}}, './file0\x00'})

1.54936821s ago: executing program 0 (id=1774):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r2], 0x50}, 0x1, 0xba01}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r3, &(0x7f00000003c0)="d4d3ba", 0x3, 0x40000, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r3, 0x84, 0x79, &(0x7f00000011c0)={0x0, 0x5, 0x7fff}, 0x8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000020}, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r4, 0xc020662a, &(0x7f00000007c0)={0x1, 0x2, 0x2, 0x6, 0x8, 0x0, [{0x2, 0x401, 0x4, '\x00', 0x8}, {0x800, 0x480000000, 0x7fffffff, '\x00', 0x1808}, {0x8000000000000001, 0x0, 0x120000000, '\x00', 0x80}, {0x8, 0x7, 0x2, '\x00', 0x1908}, {0x3, 0xffffffffffffffff, 0x0, '\x00', 0x2000}, {0x54c, 0x7, 0x1, '\x00', 0x2400}, {0x9, 0x2, 0x1, '\x00', 0x2000}, {0x9, 0x3, 0x4f4, '\x00', 0x2104}]})

1.469127542s ago: executing program 2 (id=1775):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000030601010000000000000000000000000500010007"], 0x1c}}, 0x0) (fail_nth: 4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

952.926702ms ago: executing program 3 (id=1776):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0xa0}}, 0x0)

853.419622ms ago: executing program 4 (id=1777):
r0 = syz_open_dev$vbi(&(0x7f0000000400), 0x0, 0x2)
ioctl$VIDIOC_S_PRIORITY(r0, 0x40045644, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001280)=ANY=[@ANYRES32=r1], 0x6c}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001200)={0x24, 0x3, 0x1, 0x101, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x10, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
socket$netlink(0x10, 0x3, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES32, @ANYBLOB="000000e300000000b702000014000000b7030000000000008500000083000000bf090000006b060055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r2, 0x0, &(0x7f0000000880)={[], 0xf000}, 0x0)

620.923067ms ago: executing program 3 (id=1778):
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000280)='3', 0x1}], 0x1)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'lo\x00'})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="6400000002060103000000000000000000000000050001000700000016000300686173683a6e65742c706f72742c6e65740000000900020073797a30000000000500040000000000050005000a00000014000780080012400000000005001500", @ANYRES8=r2], 0x64}}, 0x0)
getdents64(r0, &(0x7f0000000180)=""/61, 0x3d)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x2, 0x2ff7afedf}, 0xc)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r4, 0x10e, 0x8, &(0x7f00000003c0)=0x9, 0x4)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x0, 0x5, 0x3, 0xc, 0x0, 0x70bd27, 0x25dfdbfe, [@sadb_sa={0x2, 0x1, 0x4d4, 0x6, 0x0, 0x90, 0x3, 0xe0000003}, @sadb_x_policy={0x8, 0x12, 0x4, 0x0, 0x0, 0x6e6bbc, 0x5, {0x6, 0x32, 0x8c, 0xe, 0x0, 0x9, 0x0, @in6=@mcast1, @in6=@empty}}]}, 0x60}}, 0x400c010)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="d00000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c000180140003002001000000000000000000000000000114000400fe8000000000000000000000000000aa0c000280050001000000000008000740000000003c000e800c00028005000104000000002c000180140003"], 0xd0}}, 0x0)

375.384493ms ago: executing program 1 (id=1779):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000100), r1)

254.81385ms ago: executing program 0 (id=1780):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001200)=ANY=[@ANYBLOB="800100001a001307fdffffff00000000fe8000000000000000000000000000aaff010000000000000000000000000001fffc4002000000000000000000000000a5116ef15e6b35790a2623a9183b7ee5db787dcf6119a07820e330090e42ffe9023175742e8f64757d388f1233e1f2ee5a2993eb7037261ec42e2fd50906c4a6549d95e821d30200e697a568a6a5acd73c8c5cd03110b62c10fc8be2134ce179ee2e4f7f256d080a9a719d17203dfb1bb30e84aaee9f5d82271c", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff0100000000000000000000000000010000000033000000ac14140000000000000000000000000009000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000200000000000100000000000a000200600000004800010073686131000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c001200616567697331323800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000"], 0x180}}, 0x8000)
r1 = socket$inet6(0xa, 0x3, 0x9)
unshare(0x2040400)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8000}, 0x8)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r2, &(0x7f0000002d00)=[{{&(0x7f0000001080)={0xa, 0x4e22, 0x1, @private2, 0x10001}, 0x1c, &(0x7f00000010c0)=[{&(0x7f00000011c0)="e6e2", 0x2}], 0x1}}, {{&(0x7f0000001100)={0xa, 0x4e20, 0x7fff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xfffffff7}, 0x1c, &(0x7f00000019c0)=[{&(0x7f0000001140)="a5", 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r2, 0x1)
getsockopt$bt_hci(r2, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000001180)=0xfd9)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f00000014c0)=@name={0x1e, 0x2, 0x2}, 0x10)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_int(r4, 0x0, 0xf, &(0x7f0000000100)=0xfffffffffffffff9, 0x4)
bind$inet(r4, &(0x7f0000000180)={0x2, 0x4e24, @empty}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000001ec0), 0xffffffffffffffff)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000180)=0x7ff, 0x4)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
sendto$packet(r6, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c28", 0x12, 0x4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000000140)={0x30, r5, 0x1, 0x70bd25, 0x0, {{}, {}, {0x14, 0x19, {0x80000000, 0x4000001, 0x1, 0x5}}}}, 0x30}, 0x1, 0x0, 0x0, 0x20040803}, 0x20000000)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
inotify_rm_watch(r8, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="00000000000000006c665e1e0a674e0d7a30dcf630fac429880e3fa2da2519db774ef51731927f3a1d77b473708fe6fbee3a0a63d6420d", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00'})

201.982991ms ago: executing program 1 (id=1781):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, 0x0)
socket(0x848000000015, 0x805, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket(0x1e, 0x805, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000080000000140012800a00010076786c616e000000040002800800", @ANYRES64=r1], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)

159.689996ms ago: executing program 3 (id=1782):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, 0x0)
socket(0x848000000015, 0x805, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket(0x1e, 0x805, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYRES64=r1], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)

0s ago: executing program 3 (id=1783):
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f00000000c0)=0x80c, 0x4)
r0 = socket(0x10, 0x3, 0x0)
pipe(&(0x7f0000000100))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x34, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8, 0x2, 0x2}, @TCA_FQ_CODEL_INTERVAL={0x8, 0x3, 0xf3c4}, @TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0xffffffff}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x6}, @TCA_FQ_CODEL_DROP_BATCH_SIZE={0x8}, @TCA_FQ_CODEL_ECN={0x8}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x1e, 0x2, 0x3, 0x9, 0x2, 0xffffffff, 0x3}}, {0x4}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x9, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000000)=0x80, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r7, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r8, &(0x7f00000006c0)={0x50d, 0x7d, 0x0, {{0x500, 0x1f7, 0x0, 0x0, {}, 0x0, 0x0, 0xc, 0x0, 0x10f, '\x04nodZ=\xbfd`\xd2\xc2\x97D,\x027\xfcb%\xff\xff\xff\x80\x05\x00\x00\x00\x00\x00\x00\xff\x03\xff\x92\xe9\x16\x00\x05\x00\x00\x00,\x93\xcb=\xb6\xc21\xd1\x19\xaa\xa1ou\xc5\x8f\xa6\x88\x9f\xf3\xc8\xf7\xab\xc6\x1bY\xa1\xd2o\fJ\xf8\xe2\x93\xd3\xf8l\xcd\xc6o\xf5{\xe9\x00\x00\x00\x00\x00\x00\x00\x03\xd5\x89-\x8e\xfe\xbb\x9e\x05\xac\nk\xc5)`z\xc6\x8a8\x13\xaf\xe7\x9e\x85cj\xfdl]\x15\xb2\xae\xbb\xb7\xee;\x1e\xae\x8a\x7f\xbe.\x85\x88s\x14\xcb\xec\xf0\xa1\xa5\x124z\x8c\x15\xb3 \xd1\xe1\xc0\x10Uz\xaaw\x16^Q`208^|\'\x01\x00\xacB3\x00D\xa9\b=\xe5\xbe\xd8\xe0\xbd(h\"\x94\xf68\xc3\x8e%uj\xb0\xb0\x7fe\xdb\xd6$\xee\x95_}\xa7\x8e\xe1\x96I7?0\xe3\xf7\xb9d\xf0\xa2f\xc3\xac\x9ePwS\xa3\xc4\x03\xc8{\xf1Jv\x87%\x91h\xb4[\xbdz\x1f\xd8`\x0e\xa1.\x00\xdb\xfeL\x1a\xfe\xea\xaf\x9d{\xb4\xa7Z\x1c\x82\x18\x93\xf7\xf4|<Pq\x8c\xc3', 0x2b, 'p\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x35, '\xcf`7-a\xcc\xea\xb8\xc8\x86A\xeb\x93\xb4\xcc\xf6\x00*\xb8{\xfc\x01\'\x96\t?h0\\M\" \x83~\x01\b\xe2\xe7HP\x1cQHK\xa0/\x10\x9c\xaa\xf9\x15\t\xa2', 0x55, '\xf8\xf6i\xfbqk\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xdb\x80\xe8\xd4\a\x00\x00\x007\x00'}, 0x301, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\fA\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaau\xf8$k\xccB\xea\xa8\xc61\xc0\xc5\x00\x95\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xc0\xfbNL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12.a\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xc2\x00\x00\x000\xe4\xee+\xfc\x7f\x80P\x85\x11C\xe5\x16\x1a\xcdG\x15\n\xcb\xaft8\"\xdf\xe2\x03\xb1\b\xd3~\x91M\xc1\xe5>#LP\x9e\xcaA\a\xa1q,\xaa\x9d\xa5=\x05\x1c6\x88Ly\x18&a\xf3\xca6\xbc\xdb\xfb\xbd&q\t\xf81\x9d\x8d\xd5\xc0p\x99\xeb\x1b\x11\x03\x06U\xf5biOat=\x19B\x1bJ\x19\xef\x8b\x8bL\xe9\xc9\x93\xc7\xd6\xcb0\fNezNP\xa3[\\\xc1k\x8c\x16\x1a\x8e=\xf9\x03k\xbc\xf2\x8a\xdc\xd1\x9alL)\x17\t\xae\xe5\xab>[\xc5\xae)\xf4u\xe4\xd2D\b\xb5\x16}\x0f\xaf_\xc1Vkp\\\x8b`\xaf\xa8\xac\xa4/~\x04i\x18\x8a\x0e\xf0b\xca\x18\xe3\x8f\x9e\xe1\n\xc7}+~\xb9\xd6\x0e\xa7\x9f\xdbUd\x11H[\x1b\x13\xdb\xb8\xa2\xa6b.\xbc\xf8Lio\xa4\xda!\xba\xd22\r\rh\xe9\xbfCF\xf0ha\x19\xa3\x9e@\x03\x95\xc8\xf2\x82^\xa0i\xae\x0e\x14;\xd1\xa4Ay\xedlTp,^\x9a\x19\xcc\x7f\xfaP\x0f\xa4\x1bl\x80I\xbd\xe4X\'\xd5N\xc9\x01\xd2z\xd1%\x05h\x89\xb33k?\x06\x83\x8c[fz\xe2.\xfe;\xc1[\x82_\x7f\xbc\xe4\x80\'(\x1c\xf9\xfe\x8f\xc2\x1f\xc7|$=\xe2g\x051\x0e\xb8\x1c\xf7M\xe0)1\x92\xa1?j\xd0W\xdea\xfd\x8a\xba\x8e\xf4C\x9b\xc0jE\xb2\xb01bQZ#C:\xfe\xb5*\xed\xb5\xabo3FS8\x05\x15\xf7y\xf3]\xc8\xa7\x8c7w$\x92\xa2(L!\xd2\x13V\xd4s\xf0\x0f\x85\x13|{\xf0cou}5(\x86\x9b?\x00w5\xcf\xf8\\\x9d\x97\x8b\xf5]\xcc&\xd6-%\xe3\b\xf0\x88\'\xa9\x1f\xf4{\xec\x92\xf8\xe9\x1ey\bfT\x00\xaaN9\xb3Y\x86#\x9d\\{\x94\x92\xc5\xbb&\xbcU\xb5[I\xedpHnn}\xa3\x8c \x84P\xf9\xf7\x9e\x1bA\x00'/769, 0xffffffffffffffff, 0xee01}}, 0x50d)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f00000002c0)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1816ebfff7ff03000000000083070400000000fc9074f97f005c5bd3905898affb4e548f853ca71732"], 0x18}, 0x0)

kernel console output (not intermixed with test programs):

 T5924] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0012/input/input66
[  383.305381][ T5924] microsoft 0003:045E:07DA.0012: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  383.343216][ T5924] usb 4-1: USB disconnect, device number 56
[  383.534791][T10340] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1346'.
[  383.618075][T10340] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1346'.
[  383.760828][T10346] input: syz0 as /devices/virtual/input/input67
[  384.021365][   T30] kauditd_printk_skb: 55 callbacks suppressed
[  384.021383][   T30] audit: type=1326 audit(1744688216.045:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.3.1350" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  384.061555][   T30] audit: type=1326 audit(1744688216.045:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.3.1350" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  384.126906][   T30] audit: type=1326 audit(1744688216.085:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.3.1350" exe="/root/syz-executor" sig=0 arch=40000003 syscall=250 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  384.149937][   T30] audit: type=1326 audit(1744688216.085:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.3.1350" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  384.225119][   T30] audit: type=1326 audit(1744688216.085:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.3.1350" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  384.249651][   T30] audit: type=1326 audit(1744688216.085:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.3.1350" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  384.313765][    T9] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  384.336038][T10353] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1351'.
[  384.403412][   T30] audit: type=1326 audit(1744688216.085:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.3.1350" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  384.495244][   T30] audit: type=1326 audit(1744688216.085:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.3.1350" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  384.526991][    T9] usb 4-1: Using ep0 maxpacket: 16
[  384.566754][    T9] usb 4-1: config 75 has an invalid interface number: 136 but max is 0
[  384.578373][    T9] usb 4-1: config 75 has no interface number 0
[  384.588994][   T30] audit: type=1326 audit(1744688216.085:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.3.1350" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  384.627056][    T9] usb 4-1: New USB device found, idVendor=0403, idProduct=fa78, bcdDevice=bc.ca
[  384.642477][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.652287][   T30] audit: type=1326 audit(1744688216.085:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10350 comm="syz.3.1350" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73dd579 code=0x7ffc0000
[  384.729792][    T9] usb 4-1: Product: syz
[  384.751990][    T9] usb 4-1: Manufacturer: syz
[  384.756632][    T9] usb 4-1: SerialNumber: syz
[  385.064415][    T9] ftdi_sio 4-1:75.136: FTDI USB Serial Device converter detected
[  385.101187][    T9] ftdi_sio ttyUSB0: unknown device type: 0xbcca
[  385.206189][    T9] usb 4-1: USB disconnect, device number 57
[  385.643770][    T9] ftdi_sio 4-1:75.136: device disconnected
[  385.742650][ T5894] usb 2-1: new full-speed USB device number 75 using dummy_hcd
[  385.903693][ T5894] usb 2-1: unable to get BOS descriptor or descriptor too short
[  385.912322][ T5894] usb 2-1: not running at top speed; connect to a high speed hub
[  385.987107][ T5894] usb 2-1: config 5 has an invalid interface number: 246 but max is 0
[  385.997557][ T5894] usb 2-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  386.010608][ T5894] usb 2-1: config 5 has no interface number 0
[  386.018363][ T5894] usb 2-1: config 5 interface 246 altsetting 4 endpoint 0x3 has invalid maxpacket 255, setting to 64
[  386.032850][ T5894] usb 2-1: config 5 interface 246 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  386.048453][ T5894] usb 2-1: config 5 interface 246 has no altsetting 0
[  386.057021][ T5942] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  386.070095][ T5894] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=f5.e4
[  386.089081][ T5894] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.105857][ T5894] usb 2-1: Product: syz
[  386.119166][ T5894] usb 2-1: Manufacturer: syz
[  386.144385][ T5894] usb 2-1: SerialNumber: syz
[  386.191778][ T5942] usb 3-1: device descriptor read/64, error -71
[  386.292218][T10382] FAULT_INJECTION: forcing a failure.
[  386.292218][T10382] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.305674][T10382] CPU: 0 UID: 0 PID: 10382 Comm: syz.4.1360 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  386.305698][T10382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  386.305708][T10382] Call Trace:
[  386.305715][T10382]  <TASK>
[  386.305722][T10382]  dump_stack_lvl+0x241/0x360
[  386.305754][T10382]  ? __pfx_dump_stack_lvl+0x10/0x10
[  386.305778][T10382]  ? __pfx__printk+0x10/0x10
[  386.305815][T10382]  should_fail_ex+0x424/0x570
[  386.305838][T10382]  _copy_from_iter+0x211/0x1c70
[  386.305865][T10382]  ? __build_skb_around+0x247/0x3d0
[  386.305886][T10382]  ? __alloc_skb+0x298/0x480
[  386.305901][T10382]  ? __pfx__copy_from_iter+0x10/0x10
[  386.305924][T10382]  ? __pfx___alloc_skb+0x10/0x10
[  386.305943][T10382]  ? skb_put+0x114/0x1f0
[  386.305963][T10382]  netlink_sendmsg+0x73c/0xcd0
[  386.305999][T10382]  ? __pfx_netlink_sendmsg+0x10/0x10
[  386.306026][T10382]  ? __import_iovec+0x585/0x830
[  386.306046][T10382]  ? aa_sock_msg_perm+0x91/0x160
[  386.306074][T10382]  ? __pfx_netlink_sendmsg+0x10/0x10
[  386.306096][T10382]  __sock_sendmsg+0x221/0x270
[  386.306121][T10382]  ____sys_sendmsg+0x523/0x860
[  386.306148][T10382]  ? __pfx_____sys_sendmsg+0x10/0x10
[  386.306182][T10382]  __sys_sendmsg+0x271/0x360
[  386.306205][T10382]  ? __pfx___sys_sendmsg+0x10/0x10
[  386.306270][T10382]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  386.306290][T10382]  ? lockdep_hardirqs_on+0x9d/0x150
[  386.306323][T10382]  __do_fast_syscall_32+0xb4/0x110
[  386.306344][T10382]  ? exc_page_fault+0x5f8/0x920
[  386.306368][T10382]  do_fast_syscall_32+0x34/0x80
[  386.306388][T10382]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  386.306407][T10382] RIP: 0023:0xf73ed579
[  386.306421][T10382] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  386.306434][T10382] RSP: 002b:00000000f507655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  386.306451][T10382] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  386.306463][T10382] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  386.306473][T10382] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  386.306488][T10382] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  386.306498][T10382] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  386.306525][T10382]  </TASK>
[  386.551646][ T5942] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  386.599817][ T5894] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  386.618829][ T1089] usb 2-1: Failed to submit usb control message: -71
[  386.626909][ T1089] usb 2-1: unable to send the bmi data to the device: -71
[  386.631811][ T5895] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[  386.634652][ T1089] usb 2-1: unable to get target info from device
[  386.648339][ T1089] usb 2-1: could not get target info (-71)
[  386.656175][ T1089] usb 2-1: could not probe fw (-71)
[  386.672227][T10387] FAULT_INJECTION: forcing a failure.
[  386.672227][T10387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  386.684029][ T5894] usb 2-1: USB disconnect, device number 75
[  386.692741][ T5942] usb 3-1: device descriptor read/64, error -71
[  386.699218][T10387] CPU: 1 UID: 0 PID: 10387 Comm: syz.4.1361 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  386.699243][T10387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  386.699253][T10387] Call Trace:
[  386.699260][T10387]  <TASK>
[  386.699267][T10387]  dump_stack_lvl+0x241/0x360
[  386.699298][T10387]  ? __pfx_dump_stack_lvl+0x10/0x10
[  386.699321][T10387]  ? __pfx__printk+0x10/0x10
[  386.699353][T10387]  should_fail_ex+0x424/0x570
[  386.699376][T10387]  _copy_to_user+0x31/0xb0
[  386.699401][T10387]  simple_read_from_buffer+0xc4/0x170
[  386.699425][T10387]  proc_fail_nth_read+0x1ef/0x260
[  386.699444][T10387]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  386.699462][T10387]  ? rw_verify_area+0x246/0x630
[  386.699477][T10387]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  386.699495][T10387]  vfs_read+0x21f/0xb90
[  386.699515][T10387]  ? __pfx___mutex_lock+0x10/0x10
[  386.699536][T10387]  ? __pfx_vfs_read+0x10/0x10
[  386.699556][T10387]  ? __fget_files+0x2a/0x420
[  386.699573][T10387]  ? __fget_files+0x39d/0x420
[  386.699587][T10387]  ? __fget_files+0x2a/0x420
[  386.699609][T10387]  ksys_read+0x19d/0x2d0
[  386.699630][T10387]  ? __pfx_ksys_read+0x10/0x10
[  386.699649][T10387]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  386.699669][T10387]  ? lockdep_hardirqs_on+0x9d/0x150
[  386.699692][T10387]  __do_fast_syscall_32+0xb4/0x110
[  386.699712][T10387]  ? exc_page_fault+0x5f8/0x920
[  386.699745][T10387]  do_fast_syscall_32+0x34/0x80
[  386.699766][T10387]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  386.699786][T10387] RIP: 0023:0xf73ed579
[  386.699801][T10387] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  386.699814][T10387] RSP: 002b:00000000f5076590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  386.699833][T10387] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5076620
[  386.699845][T10387] RDX: 000000000000000f RSI: 00000000f73ddff4 RDI: 0000000000000000
[  386.699855][T10387] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  386.699865][T10387] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  386.699875][T10387] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  386.699902][T10387]  </TASK>
[  386.949829][ T5942] usb usb3-port1: attempt power cycle
[  387.012224][ T5895] usb 1-1: device descriptor read/64, error -71
[  387.271761][ T5895] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[  387.301808][ T5942] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  387.341797][  T975] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  387.389622][ T5942] usb 3-1: device descriptor read/8, error -71
[  387.474599][T10400] input: syz0 as /devices/virtual/input/input68
[  387.525974][ T5895] usb 1-1: device descriptor read/64, error -71
[  387.652155][ T5895] usb usb1-port1: attempt power cycle
[  387.691722][ T5942] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  387.723001][ T5942] usb 3-1: device descriptor read/8, error -71
[  387.742295][  T975] usb 5-1: config 0 has no interfaces?
[  387.878713][ T5942] usb usb3-port1: unable to enumerate USB device
[  387.881040][  T975] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  387.924937][  T975] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.933132][  T975] usb 5-1: Product: syz
[  387.937354][  T975] usb 5-1: Manufacturer: syz
[  387.942805][  T975] usb 5-1: SerialNumber: syz
[  387.974264][  T975] usb 5-1: config 0 descriptor??
[  388.001911][ T5895] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[  388.041815][ T5895] usb 1-1: device descriptor read/8, error -71
[  388.248477][  T975] usb 5-1: USB disconnect, device number 61
[  388.291770][ T5895] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[  388.391032][ T5895] usb 1-1: device descriptor read/8, error -71
[  388.512298][ T5895] usb usb1-port1: unable to enumerate USB device
[  388.574025][T10406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1367'.
[  388.758255][T10414] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1368'.
[  388.962112][T10422] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  389.102929][T10419] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1368'.
[  389.453758][   T48] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  389.621777][   T48] usb 3-1: device descriptor read/64, error -71
[  389.864702][   T48] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  390.026556][   T48] usb 3-1: device descriptor read/64, error -71
[  390.165394][   T48] usb usb3-port1: attempt power cycle
[  390.561840][   T48] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  390.624025][   T48] usb 3-1: device descriptor read/8, error -71
[  390.715172][ T5924] usb 2-1: new full-speed USB device number 76 using dummy_hcd
[  390.861853][   T48] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  390.882449][   T48] usb 3-1: device descriptor read/8, error -71
[  390.897697][ T5924] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  390.937972][ T5924] usb 2-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  390.964380][ T5924] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.971992][ T5942] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  390.973631][ T5924] usb 2-1: Product: syz
[  390.992097][   T48] usb usb3-port1: unable to enumerate USB device
[  391.016528][ T5924] usb 2-1: Manufacturer: syz
[  391.034137][ T5924] usb 2-1: SerialNumber: syz
[  391.064236][ T5924] usb 2-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  391.151848][ T5942] usb 5-1: Using ep0 maxpacket: 16
[  391.163765][ T5942] usb 5-1: config 2 has an invalid interface number: 142 but max is 0
[  391.177716][ T5942] usb 5-1: config 2 has no interface number 0
[  391.185705][ T5942] usb 5-1: config 2 interface 142 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 16
[  391.200498][ T5942] usb 5-1: config 2 interface 142 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  391.246704][ T5942] usb 5-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=c6.6e
[  391.286425][ T5942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.314348][ T5942] usb 5-1: Product: syz
[  391.323880][ T5942] usb 5-1: Manufacturer: syz
[  391.329136][ T5942] usb 5-1: SerialNumber: syz
[  391.349943][T10448] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  391.380121][ T5942] usb 5-1: NFC: intf ffff888061132000 id ffffffff8f73e2e0
[  391.681109][    T9] usb 5-1: USB disconnect, device number 62
[  391.737861][T10462] FAULT_INJECTION: forcing a failure.
[  391.737861][T10462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  391.778246][T10462] CPU: 1 UID: 0 PID: 10462 Comm: syz.0.1383 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  391.778274][T10462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  391.778284][T10462] Call Trace:
[  391.778293][T10462]  <TASK>
[  391.778301][T10462]  dump_stack_lvl+0x241/0x360
[  391.778335][T10462]  ? __pfx_dump_stack_lvl+0x10/0x10
[  391.778359][T10462]  ? __pfx__printk+0x10/0x10
[  391.778396][T10462]  should_fail_ex+0x424/0x570
[  391.778420][T10462]  _copy_to_iter+0x43f/0x1c90
[  391.778459][T10462]  ? __pfx__copy_to_iter+0x10/0x10
[  391.778479][T10462]  ? net_generic+0x1f/0x240
[  391.778500][T10462]  ? net_generic+0x1f/0x240
[  391.778514][T10462]  ? net_generic+0x1f0/0x240
[  391.778532][T10462]  ? xt_table_seq_next+0xe2/0x120
[  391.778553][T10462]  seq_read_iter+0xb7b/0xda0
[  391.778596][T10462]  seq_read+0x3ab/0x4f0
[  391.778622][T10462]  ? __pfx_seq_read+0x10/0x10
[  391.778643][T10462]  ? __mutex_trylock_common+0x184/0x2e0
[  391.778689][T10462]  ? __pfx_seq_read+0x10/0x10
[  391.778706][T10462]  proc_reg_read+0x201/0x2f0
[  391.778727][T10462]  ? __pfx_proc_reg_read+0x10/0x10
[  391.778749][T10462]  vfs_read+0x21f/0xb90
[  391.778774][T10462]  ? __pfx___mutex_lock+0x10/0x10
[  391.778797][T10462]  ? __pfx_vfs_read+0x10/0x10
[  391.778820][T10462]  ? __fget_files+0x2a/0x420
[  391.778837][T10462]  ? __fget_files+0x39d/0x420
[  391.778852][T10462]  ? __fget_files+0x2a/0x420
[  391.778877][T10462]  ksys_read+0x19d/0x2d0
[  391.778900][T10462]  ? __pfx_ksys_read+0x10/0x10
[  391.778923][T10462]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  391.778943][T10462]  ? lockdep_hardirqs_on+0x9d/0x150
[  391.778967][T10462]  __do_fast_syscall_32+0xb4/0x110
[  391.778988][T10462]  ? exc_page_fault+0x5f8/0x920
[  391.779014][T10462]  do_fast_syscall_32+0x34/0x80
[  391.779036][T10462]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  391.779056][T10462] RIP: 0023:0xf73fd579
[  391.779071][T10462] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  391.779086][T10462] RSP: 002b:00000000f508655c EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  391.779106][T10462] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 0000000080000dc0
[  391.779118][T10462] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  391.779129][T10462] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  391.779146][T10462] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  391.779157][T10462] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  391.779185][T10462]  </TASK>
[  391.909486][ T5924] usb 2-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  392.362339][T10477] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  392.506866][   T48] usb 2-1: USB disconnect, device number 76
[  392.532038][T10479] FAULT_INJECTION: forcing a failure.
[  392.532038][T10479] name failslab, interval 1, probability 0, space 0, times 0
[  392.588814][T10479] CPU: 0 UID: 0 PID: 10479 Comm: syz.2.1389 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  392.588841][T10479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  392.588852][T10479] Call Trace:
[  392.588860][T10479]  <TASK>
[  392.588868][T10479]  dump_stack_lvl+0x241/0x360
[  392.588900][T10479]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.588925][T10479]  ? __pfx__printk+0x10/0x10
[  392.588953][T10479]  ? __pfx___might_resched+0x10/0x10
[  392.588980][T10479]  should_fail_ex+0x424/0x570
[  392.589004][T10479]  should_failslab+0xac/0x100
[  392.589029][T10479]  __kmalloc_noprof+0xdf/0x4d0
[  392.589051][T10479]  ? skcipher_next_slow+0xea/0x230
[  392.589079][T10479]  skcipher_next_slow+0xea/0x230
[  392.589103][T10479]  cbc_decrypt+0xcd/0x640
[  392.589129][T10479]  ? kfree+0x198/0x430
[  392.589147][T10479]  ? sock_kfree_s+0x28/0x60
[  392.589170][T10479]  ? __pfx_cbc_decrypt+0x10/0x10
[  392.589212][T10479]  skcipher_recvmsg+0xbff/0x1250
[  392.589253][T10479]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  392.589275][T10479]  ? aa_sock_msg_perm+0x91/0x160
[  392.589311][T10479]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  392.589327][T10479]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  392.589351][T10479]  sock_recvmsg+0x22f/0x280
[  392.589378][T10479]  ____sys_recvmsg+0x1c8/0x480
[  392.589407][T10479]  ? __pfx_____sys_recvmsg+0x10/0x10
[  392.589425][T10479]  ? get_compat_msghdr+0x45e/0x730
[  392.589471][T10479]  do_recvmmsg+0x53e/0xab0
[  392.589502][T10479]  ? __pfx_do_recvmmsg+0x10/0x10
[  392.589544][T10479]  ? rcu_read_lock_any_held+0xbb/0x160
[  392.589587][T10479]  ? ksys_write+0x24e/0x2d0
[  392.589635][T10479]  __sys_recvmmsg+0x1aa/0x280
[  392.589655][T10479]  ? fput+0x9b/0xd0
[  392.589670][T10479]  ? __pfx___sys_recvmmsg+0x10/0x10
[  392.589687][T10479]  ? ksys_write+0x275/0x2d0
[  392.589716][T10479]  __ia32_compat_sys_recvmmsg_time32+0xbf/0xd0
[  392.589738][T10479]  __do_fast_syscall_32+0xb4/0x110
[  392.589760][T10479]  ? exc_page_fault+0x5f8/0x920
[  392.589784][T10479]  do_fast_syscall_32+0x34/0x80
[  392.589807][T10479]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  392.589827][T10479] RIP: 0023:0xf7fd5579
[  392.589842][T10479] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  392.589856][T10479] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[  392.589876][T10479] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080002340
[  392.589888][T10479] RDX: 0000000000000001 RSI: 0000000040002000 RDI: 0000000000000000
[  392.589899][T10479] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  392.589909][T10479] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  392.589919][T10479] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  392.589946][T10479]  </TASK>
[  392.942978][T10486] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1392'.
[  393.295916][T10495] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1393'.
[  393.342876][ T5895] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  393.351540][T10495] FAULT_INJECTION: forcing a failure.
[  393.351540][T10495] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  393.402444][T10495] CPU: 0 UID: 0 PID: 10495 Comm: syz.0.1393 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  393.402470][T10495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  393.402481][T10495] Call Trace:
[  393.402489][T10495]  <TASK>
[  393.402497][T10495]  dump_stack_lvl+0x241/0x360
[  393.402530][T10495]  ? __pfx_dump_stack_lvl+0x10/0x10
[  393.402554][T10495]  ? __pfx__printk+0x10/0x10
[  393.402590][T10495]  should_fail_ex+0x424/0x570
[  393.402614][T10495]  _copy_from_iter+0x211/0x1c70
[  393.402643][T10495]  ? __build_skb_around+0x247/0x3d0
[  393.402665][T10495]  ? __alloc_skb+0x298/0x480
[  393.402681][T10495]  ? __pfx__copy_from_iter+0x10/0x10
[  393.402706][T10495]  ? __pfx___alloc_skb+0x10/0x10
[  393.402725][T10495]  ? skb_put+0x114/0x1f0
[  393.402746][T10495]  netlink_sendmsg+0x73c/0xcd0
[  393.402788][T10495]  ? __pfx_netlink_sendmsg+0x10/0x10
[  393.402816][T10495]  ? __import_iovec+0x585/0x830
[  393.402837][T10495]  ? aa_sock_msg_perm+0x91/0x160
[  393.402866][T10495]  ? __pfx_netlink_sendmsg+0x10/0x10
[  393.402888][T10495]  __sock_sendmsg+0x221/0x270
[  393.402914][T10495]  ____sys_sendmsg+0x523/0x860
[  393.402941][T10495]  ? __pfx_____sys_sendmsg+0x10/0x10
[  393.402976][T10495]  __sys_sendmsg+0x271/0x360
[  393.403000][T10495]  ? __pfx___sys_sendmsg+0x10/0x10
[  393.403069][T10495]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  393.403090][T10495]  ? lockdep_hardirqs_on+0x9d/0x150
[  393.403112][T10495]  __do_fast_syscall_32+0xb4/0x110
[  393.403133][T10495]  ? exc_page_fault+0x5f8/0x920
[  393.403158][T10495]  do_fast_syscall_32+0x34/0x80
[  393.403180][T10495]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  393.403205][T10495] RIP: 0023:0xf73fd579
[  393.403221][T10495] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  393.403236][T10495] RSP: 002b:00000000f508655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  393.403255][T10495] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000440
[  393.403267][T10495] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  393.403277][T10495] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  393.403288][T10495] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  393.403299][T10495] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  393.403325][T10495]  </TASK>
[  393.644961][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.820184][ T5895] usb 5-1: config 0 has no interfaces?
[  393.883073][ T5895] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  394.218641][ T5895] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.218670][ T5895] usb 5-1: Product: syz
[  394.218687][ T5895] usb 5-1: Manufacturer: syz
[  394.218701][ T5895] usb 5-1: SerialNumber: syz
[  394.279589][ T5895] usb 5-1: config 0 descriptor??
[  395.268489][ T5924] usb 2-1: new full-speed USB device number 77 using dummy_hcd
[  395.509596][ T5924] usb 2-1: not running at top speed; connect to a high speed hub
[  395.530378][ T5924] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  395.595340][ T5924] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  395.627328][ T5924] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  395.680307][ T5924] usb 2-1: Product: syz
[  395.704347][ T5924] usb 2-1: Manufacturer: syz
[  395.739144][ T5924] usb 2-1: SerialNumber: syz
[  395.908383][ T5924] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  395.970939][T10539] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  396.027726][T10539] macvlan2: entered allmulticast mode
[  396.041393][T10539] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  396.089908][T10539] mac80211_hwsim hwsim6 wlan0: left allmulticast mode
[  396.141928][T10539] mac80211_hwsim hwsim6 wlan0: left promiscuous mode
[  396.626332][ T5895] usb 5-1: USB disconnect, device number 63
[  397.200297][T10554] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  397.208562][T10554] macvlan2: entered allmulticast mode
[  397.217402][T10554] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[  397.231314][T10554] mac80211_hwsim hwsim4 wlan0: left allmulticast mode
[  397.244536][T10554] mac80211_hwsim hwsim4 wlan0: left promiscuous mode
[  397.564338][T10561] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  397.688143][ T5924] usb 2-1: USB disconnect, device number 77
[  398.158154][T10575] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1418'.
[  398.661449][T10588] FAULT_INJECTION: forcing a failure.
[  398.661449][T10588] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  398.691921][ T5895] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[  398.712375][T10588] CPU: 0 UID: 0 PID: 10588 Comm: syz.4.1423 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  398.712392][T10588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  398.712399][T10588] Call Trace:
[  398.712403][T10588]  <TASK>
[  398.712408][T10588]  dump_stack_lvl+0x241/0x360
[  398.712429][T10588]  ? __pfx_dump_stack_lvl+0x10/0x10
[  398.712443][T10588]  ? __pfx__printk+0x10/0x10
[  398.712476][T10588]  should_fail_ex+0x424/0x570
[  398.712491][T10588]  _copy_to_iter+0x43f/0x1c90
[  398.712506][T10588]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  398.712527][T10588]  ? __pfx__copy_to_iter+0x10/0x10
[  398.712541][T10588]  ? tipc_wait_for_rcvmsg+0x533/0x6a0
[  398.712559][T10588]  __skb_datagram_iter+0x101/0x940
[  398.712572][T10588]  ? lockdep_hardirqs_on+0x9d/0x150
[  398.712584][T10588]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  398.712599][T10588]  skb_copy_datagram_iter+0xd1/0x250
[  398.712613][T10588]  tipc_recvstream+0x7ac/0xf90
[  398.712635][T10588]  ? __pfx_tipc_recvstream+0x10/0x10
[  398.712645][T10588]  ? aa_sock_msg_perm+0x91/0x160
[  398.712660][T10588]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  398.712669][T10588]  ? __pfx_tipc_recvstream+0x10/0x10
[  398.712681][T10588]  sock_recvmsg+0x22f/0x280
[  398.712696][T10588]  ____sys_recvmsg+0x1c8/0x480
[  398.712712][T10588]  ? __pfx_____sys_recvmsg+0x10/0x10
[  398.712721][T10588]  ? get_compat_msghdr+0x45e/0x730
[  398.712748][T10588]  do_recvmmsg+0x53e/0xab0
[  398.712770][T10588]  ? __pfx_do_recvmmsg+0x10/0x10
[  398.712793][T10588]  ? rcu_read_lock_any_held+0xbb/0x160
[  398.712816][T10588]  ? ksys_write+0x24e/0x2d0
[  398.712843][T10588]  __sys_recvmmsg+0x1aa/0x280
[  398.712854][T10588]  ? fput+0x9b/0xd0
[  398.712862][T10588]  ? __pfx___sys_recvmmsg+0x10/0x10
[  398.712872][T10588]  ? ksys_write+0x275/0x2d0
[  398.712888][T10588]  __ia32_compat_sys_recvmmsg_time32+0xbf/0xd0
[  398.712901][T10588]  __do_fast_syscall_32+0xb4/0x110
[  398.712913][T10588]  ? exc_page_fault+0x5f8/0x920
[  398.712927][T10588]  do_fast_syscall_32+0x34/0x80
[  398.712939][T10588]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  398.712950][T10588] RIP: 0023:0xf73ed579
[  398.712960][T10588] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  398.712968][T10588] RSP: 002b:00000000f505555c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[  398.712979][T10588] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080004b40
[  398.712986][T10588] RDX: 0000000000000002 RSI: 0000000020012140 RDI: 0000000000000000
[  398.712992][T10588] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  398.712998][T10588] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  398.713003][T10588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  398.713017][T10588]  </TASK>
[  399.133540][ T5895] usb 2-1: Using ep0 maxpacket: 8
[  399.146214][ T5895] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  399.280316][ T5895] usb 2-1: config 179 has no interface number 0
[  399.298068][ T5895] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  399.321472][ T5895] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  399.373419][ T5895] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  399.401498][ T5895] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  399.441786][ T5895] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  399.491791][ T5895] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  399.500880][ T5895] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.533417][T10582] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  399.542361][ T5942] usb 3-1: new full-speed USB device number 61 using dummy_hcd
[  399.704883][ T5942] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  399.716276][ T5942] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  399.736244][ T5942] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  399.833652][ T5942] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.847415][ T5892] usb 2-1: USB disconnect, device number 78
[  399.847473][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  399.862524][    C1] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[  399.871174][ T5942] usb 3-1: Product: syz
[  399.880490][ T5942] usb 3-1: Manufacturer: syz
[  399.885612][ T5942] usb 3-1: SerialNumber: syz
[  400.104976][ T5942] usb 3-1: 0:2 : does not exist
[  400.124322][ T5942] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  400.222795][ T5942] usb 3-1: USB disconnect, device number 61
[  400.304169][T10617] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1434'.
[  400.443103][ T7954] udevd[7954]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  400.464874][T10621] FAULT_INJECTION: forcing a failure.
[  400.464874][T10621] name failslab, interval 1, probability 0, space 0, times 0
[  400.464914][T10621] CPU: 1 UID: 0 PID: 10621 Comm: syz.4.1436 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  400.464935][T10621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  400.464945][T10621] Call Trace:
[  400.464952][T10621]  <TASK>
[  400.464958][T10621]  dump_stack_lvl+0x241/0x360
[  400.464988][T10621]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.465010][T10621]  ? __pfx__printk+0x10/0x10
[  400.465034][T10621]  ? __pfx___might_resched+0x10/0x10
[  400.465049][T10621]  should_fail_ex+0x424/0x570
[  400.465063][T10621]  should_failslab+0xac/0x100
[  400.465078][T10621]  __kmalloc_noprof+0xdf/0x4d0
[  400.465091][T10621]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  400.465105][T10621]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  400.465122][T10621]  tomoyo_realpath_from_path+0xcf/0x5e0
[  400.465143][T10621]  tomoyo_path_perm+0x2be/0x640
[  400.465156][T10621]  ? tomoyo_path_perm+0x28c/0x640
[  400.465168][T10621]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  400.465184][T10621]  ? __break_lease+0x15dc/0x1890
[  400.465207][T10621]  ? __pfx___break_lease+0x10/0x10
[  400.465219][T10621]  ? mnt_get_write_access+0x68/0x2b0
[  400.465234][T10621]  ? __pfx_autoremove_wake_function+0x10/0x10
[  400.465250][T10621]  ? mnt_get_write_access+0x226/0x2b0
[  400.465264][T10621]  security_path_truncate+0x15b/0x330
[  400.465275][T10621]  vfs_truncate+0x454/0x540
[  400.465290][T10621]  ? __pfx_vfs_truncate+0x10/0x10
[  400.465300][T10621]  ? kmem_cache_free+0x197/0x410
[  400.465312][T10621]  ? user_path_at+0x44/0x60
[  400.465326][T10621]  do_sys_truncate+0xd8/0x190
[  400.465338][T10621]  ? __pfx_do_sys_truncate+0x10/0x10
[  400.465357][T10621]  __ia32_compat_sys_truncate+0x5b/0x70
[  400.465369][T10621]  __do_fast_syscall_32+0xb4/0x110
[  400.465382][T10621]  ? exc_page_fault+0x5f8/0x920
[  400.465396][T10621]  do_fast_syscall_32+0x34/0x80
[  400.465409][T10621]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  400.465421][T10621] RIP: 0023:0xf73ed579
[  400.465430][T10621] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  400.465439][T10621] RSP: 002b:00000000f507655c EFLAGS: 00000206 ORIG_RAX: 000000000000005c
[  400.465450][T10621] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000000000
[  400.465457][T10621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  400.465463][T10621] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  400.465469][T10621] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  400.465475][T10621] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  400.465489][T10621]  </TASK>
[  400.465510][T10621] ERROR: Out of memory at tomoyo_realpath_from_path.
[  400.871911][ T5892] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[  401.270188][T10647] FAULT_INJECTION: forcing a failure.
[  401.270188][T10647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.288851][T10647] CPU: 0 UID: 0 PID: 10647 Comm: syz.2.1446 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  401.288880][T10647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  401.288891][T10647] Call Trace:
[  401.288899][T10647]  <TASK>
[  401.288907][T10647]  dump_stack_lvl+0x241/0x360
[  401.288940][T10647]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.288964][T10647]  ? __pfx__printk+0x10/0x10
[  401.289000][T10647]  should_fail_ex+0x424/0x570
[  401.289024][T10647]  _copy_from_iter+0x211/0x1c70
[  401.289052][T10647]  ? __build_skb_around+0x247/0x3d0
[  401.289074][T10647]  ? __alloc_skb+0x298/0x480
[  401.289089][T10647]  ? __pfx__copy_from_iter+0x10/0x10
[  401.289114][T10647]  ? __pfx___alloc_skb+0x10/0x10
[  401.289133][T10647]  ? skb_put+0x114/0x1f0
[  401.289154][T10647]  netlink_sendmsg+0x73c/0xcd0
[  401.289192][T10647]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.289220][T10647]  ? __import_iovec+0x585/0x830
[  401.289241][T10647]  ? aa_sock_msg_perm+0x91/0x160
[  401.289270][T10647]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.289292][T10647]  __sock_sendmsg+0x221/0x270
[  401.289318][T10647]  ____sys_sendmsg+0x523/0x860
[  401.289345][T10647]  ? __pfx_____sys_sendmsg+0x10/0x10
[  401.289380][T10647]  __sys_sendmsg+0x271/0x360
[  401.289404][T10647]  ? __pfx___sys_sendmsg+0x10/0x10
[  401.289466][T10647]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  401.289488][T10647]  ? lockdep_hardirqs_on+0x9d/0x150
[  401.289510][T10647]  __do_fast_syscall_32+0xb4/0x110
[  401.289530][T10647]  ? exc_page_fault+0x5f8/0x920
[  401.289560][T10647]  do_fast_syscall_32+0x34/0x80
[  401.289582][T10647]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  401.289602][T10647] RIP: 0023:0xf7fd5579
[  401.289618][T10647] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  401.289633][T10647] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  401.289653][T10647] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000800002c0
[  401.289665][T10647] RDX: 000000000000c010 RSI: 0000000000000000 RDI: 0000000000000000
[  401.289676][T10647] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  401.289686][T10647] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  401.289696][T10647] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  401.289720][T10647]  </TASK>
[  401.529586][ T5892] usb 2-1: device descriptor read/64, error -71
[  401.773807][ T5892] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[  401.921891][ T5892] usb 2-1: device descriptor read/64, error -71
[  401.952627][ T5924] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[  402.122623][ T5892] usb usb2-port1: attempt power cycle
[  402.292072][ T5924] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  402.317038][ T5924] usb 1-1: unable to read config index 0 descriptor/start: -61
[  402.456671][ T5924] usb 1-1: can't read configurations, error -61
[  402.671740][ T5892] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[  402.712636][ T5892] usb 2-1: device descriptor read/8, error -71
[  402.774108][ T5924] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[  402.962033][ T5892] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[  402.991766][ T5892] usb 2-1: device descriptor read/8, error -71
[  402.998250][ T5924] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  403.021891][ T5924] usb 1-1: unable to read config index 0 descriptor/start: -61
[  403.045050][ T5924] usb 1-1: can't read configurations, error -61
[  403.066211][ T5924] usb usb1-port1: attempt power cycle
[  403.111956][ T5892] usb usb2-port1: unable to enumerate USB device
[  403.321793][    T9] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  403.461816][ T5924] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[  403.500390][ T5924] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  403.522211][ T5924] usb 1-1: unable to read config index 0 descriptor/start: -61
[  403.530076][    T9] usb 5-1: Using ep0 maxpacket: 16
[  403.535373][ T5924] usb 1-1: can't read configurations, error -61
[  403.543649][    T9] usb 5-1: config 1 interface 0 has no altsetting 0
[  403.555936][    T9] usb 5-1: string descriptor 0 read error: -22
[  403.571889][    T9] usb 5-1: New USB device found, idVendor=1532, idProduct=011b, bcdDevice= 0.40
[  403.592666][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.719176][ T5924] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[  403.753230][ T5924] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  403.763583][ T5924] usb 1-1: unable to read config index 0 descriptor/start: -61
[  403.772473][ T5924] usb 1-1: can't read configurations, error -61
[  403.789445][ T5924] usb usb1-port1: unable to enumerate USB device
[  404.093174][T10681] FAULT_INJECTION: forcing a failure.
[  404.093174][T10681] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.148562][T10681] CPU: 0 UID: 0 PID: 10681 Comm: syz.1.1456 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  404.148589][T10681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  404.148604][T10681] Call Trace:
[  404.148614][T10681]  <TASK>
[  404.148622][T10681]  dump_stack_lvl+0x241/0x360
[  404.148654][T10681]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.148678][T10681]  ? __pfx__printk+0x10/0x10
[  404.148714][T10681]  should_fail_ex+0x424/0x570
[  404.148738][T10681]  _copy_from_iter+0x211/0x1c70
[  404.148766][T10681]  ? __build_skb_around+0x247/0x3d0
[  404.148788][T10681]  ? __alloc_skb+0x298/0x480
[  404.148803][T10681]  ? __pfx__copy_from_iter+0x10/0x10
[  404.148828][T10681]  ? __pfx___alloc_skb+0x10/0x10
[  404.148846][T10681]  ? skb_put+0x114/0x1f0
[  404.148868][T10681]  netlink_sendmsg+0x73c/0xcd0
[  404.148905][T10681]  ? __pfx_netlink_sendmsg+0x10/0x10
[  404.148933][T10681]  ? __import_iovec+0x585/0x830
[  404.148954][T10681]  ? aa_sock_msg_perm+0x91/0x160
[  404.148982][T10681]  ? __pfx_netlink_sendmsg+0x10/0x10
[  404.149003][T10681]  __sock_sendmsg+0x221/0x270
[  404.149030][T10681]  ____sys_sendmsg+0x523/0x860
[  404.149057][T10681]  ? __pfx_____sys_sendmsg+0x10/0x10
[  404.149092][T10681]  __sys_sendmsg+0x271/0x360
[  404.149116][T10681]  ? __pfx___sys_sendmsg+0x10/0x10
[  404.149190][T10681]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  404.149211][T10681]  ? lockdep_hardirqs_on+0x9d/0x150
[  404.149234][T10681]  __do_fast_syscall_32+0xb4/0x110
[  404.149255][T10681]  ? exc_page_fault+0x5f8/0x920
[  404.149280][T10681]  do_fast_syscall_32+0x34/0x80
[  404.149301][T10681]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  404.149321][T10681] RIP: 0023:0xf73ad579
[  404.149337][T10681] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  404.149351][T10681] RSP: 002b:00000000f503655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  404.149370][T10681] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  404.149382][T10681] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  404.149393][T10681] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  404.149402][T10681] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  404.149413][T10681] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  404.149440][T10681]  </TASK>
[  404.600545][T10666] netlink: 'syz.3.1451': attribute type 10 has an invalid length.
[  404.802195][ T5895] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[  405.092288][ T5895] usb 2-1: device descriptor read/64, error -71
[  405.349115][ T5895] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[  405.349150][    T9] usbhid 5-1:1.0: can't add hid device: -71
[  405.419335][    T9] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  405.661724][ T5895] usb 2-1: device descriptor read/64, error -71
[  405.804531][ T5895] usb usb2-port1: attempt power cycle
[  405.814654][    T9] usb 5-1: USB disconnect, device number 64
[  406.162113][ T5895] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[  406.194827][ T5895] usb 2-1: device descriptor read/8, error -71
[  406.312407][ T5894] usb 1-1: new full-speed USB device number 87 using dummy_hcd
[  406.431830][ T5895] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[  406.464926][ T5895] usb 2-1: device descriptor read/8, error -71
[  406.475192][ T5894] usb 1-1: config 5 has an invalid interface number: 187 but max is 0
[  406.484489][ T5894] usb 1-1: config 5 has no interface number 0
[  406.494417][ T5894] usb 1-1: config 5 interface 187 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[  406.528638][ T5894] usb 1-1: config 5 interface 187 altsetting 8 has an endpoint descriptor with address 0x93, changing to 0x83
[  406.560725][ T5894] usb 1-1: config 5 interface 187 altsetting 8 endpoint 0x83 has an invalid bInterval 153, changing to 4
[  406.573932][ T5895] usb usb2-port1: unable to enumerate USB device
[  406.582618][ T5894] usb 1-1: config 5 interface 187 altsetting 8 endpoint 0x83 has invalid maxpacket 57626, setting to 1023
[  406.594509][ T5894] usb 1-1: config 5 interface 187 altsetting 8 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  406.608507][ T5894] usb 1-1: config 5 interface 187 has no altsetting 0
[  406.618377][ T5894] usb 1-1: New USB device found, idVendor=eb1a, idProduct=2801, bcdDevice=21.7a
[  406.627941][ T5894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.640567][ T5894] usb 1-1: Product: syz
[  406.650472][ T5894] usb 1-1: Manufacturer: syz
[  406.661824][ T5894] usb 1-1: SerialNumber: syz
[  406.926039][ T5895] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  407.027483][T10714] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  407.045811][T10714] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  407.071935][ T5895] usb 4-1: device descriptor read/64, error -71
[  407.284626][ T5891] usb 5-1: new low-speed USB device number 65 using dummy_hcd
[  407.321963][ T5895] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  407.424934][ T5891] usb 5-1: device descriptor read/64, error -71
[  407.474594][ T5895] usb 4-1: device descriptor read/64, error -71
[  407.560766][T10738] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1479'.
[  407.583184][ T5895] usb usb4-port1: attempt power cycle
[  407.671948][ T5891] usb 5-1: new low-speed USB device number 66 using dummy_hcd
[  407.811874][ T5891] usb 5-1: device descriptor read/64, error -71
[  407.932099][ T5891] usb usb5-port1: attempt power cycle
[  407.942290][ T5895] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  407.967501][T10749] input: syz0 as /devices/virtual/input/input69
[  408.062751][ T5895] usb 4-1: device descriptor read/8, error -71
[  408.281770][ T5891] usb 5-1: new low-speed USB device number 67 using dummy_hcd
[  408.365776][ T5895] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  408.370917][ T5891] usb 5-1: device descriptor read/8, error -71
[  408.395544][ T5895] usb 4-1: device descriptor read/8, error -71
[  408.522594][ T5895] usb usb4-port1: unable to enumerate USB device
[  408.612551][ T5891] usb 5-1: new low-speed USB device number 68 using dummy_hcd
[  408.652861][ T5891] usb 5-1: device descriptor read/8, error -71
[  408.769012][T10752] ip6erspan0: left promiscuous mode
[  408.773417][ T5891] usb usb5-port1: unable to enumerate USB device
[  408.800797][T10752] bond3: left promiscuous mode
[  409.142463][ T5894] em28xx 1-1:5.187: New device syz syz @ 12 Mbps (eb1a:2801, interface 187, class 187)
[  409.175743][ T5894] em28xx 1-1:5.187: Device initialization failed.
[  409.199278][ T5894] em28xx 1-1:5.187: Device must be connected to a high-speed USB 2.0 port.
[  409.396196][ T5894] usb 1-1: USB disconnect, device number 87
[  409.499675][    T9] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  409.656704][    T9] usb 3-1: config 0 has no interfaces?
[  409.669834][    T9] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  409.689073][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  409.764678][T10769] syz.3.1490(10769): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  409.919660][T10771] FAULT_INJECTION: forcing a failure.
[  409.919660][T10771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  409.951315][T10771] CPU: 1 UID: 0 PID: 10771 Comm: syz.0.1491 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  409.951341][T10771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  409.951352][T10771] Call Trace:
[  409.951359][T10771]  <TASK>
[  409.951367][T10771]  dump_stack_lvl+0x241/0x360
[  409.951398][T10771]  ? __pfx_dump_stack_lvl+0x10/0x10
[  409.951420][T10771]  ? __pfx__printk+0x10/0x10
[  409.951454][T10771]  should_fail_ex+0x424/0x570
[  409.951478][T10771]  _copy_from_iter+0x211/0x1c70
[  409.951502][T10771]  ? __build_skb_around+0x247/0x3d0
[  409.951520][T10771]  ? __alloc_skb+0x298/0x480
[  409.951536][T10771]  ? __pfx__copy_from_iter+0x10/0x10
[  409.951559][T10771]  ? __pfx___alloc_skb+0x10/0x10
[  409.951577][T10771]  ? skb_put+0x114/0x1f0
[  409.951608][T10771]  netlink_sendmsg+0x73c/0xcd0
[  409.951644][T10771]  ? __pfx_netlink_sendmsg+0x10/0x10
[  409.951672][T10771]  ? __import_iovec+0x585/0x830
[  409.951691][T10771]  ? aa_sock_msg_perm+0x91/0x160
[  409.951717][T10771]  ? __pfx_netlink_sendmsg+0x10/0x10
[  409.951737][T10771]  __sock_sendmsg+0x221/0x270
[  409.951760][T10771]  ____sys_sendmsg+0x523/0x860
[  409.951784][T10771]  ? __pfx_____sys_sendmsg+0x10/0x10
[  409.951817][T10771]  __sys_sendmsg+0x271/0x360
[  409.951839][T10771]  ? __pfx___sys_sendmsg+0x10/0x10
[  409.951905][T10771]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  409.951928][T10771]  ? lockdep_hardirqs_on+0x9d/0x150
[  409.951952][T10771]  __do_fast_syscall_32+0xb4/0x110
[  409.951973][T10771]  ? exc_page_fault+0x5f8/0x920
[  409.951997][T10771]  do_fast_syscall_32+0x34/0x80
[  409.952020][T10771]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  409.952040][T10771] RIP: 0023:0xf73fd579
[  409.952056][T10771] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  409.952070][T10771] RSP: 002b:00000000f508655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  409.952089][T10771] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  409.952102][T10771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  409.952112][T10771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  409.952122][T10771] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  409.952133][T10771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  409.952160][T10771]  </TASK>
[  410.185686][    C1] vkms_vblank_simulate: vblank timer overrun
[  410.208570][    T9] usb 3-1: Product: syz
[  410.213166][    T9] usb 3-1: Manufacturer: syz
[  410.217787][    T9] usb 3-1: SerialNumber: syz
[  410.223188][T10773] input: syz0 as /devices/virtual/input/input70
[  410.258516][    T9] usb 3-1: config 0 descriptor??
[  410.416930][T10776] FAULT_INJECTION: forcing a failure.
[  410.416930][T10776] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  410.470140][T10776] CPU: 1 UID: 0 PID: 10776 Comm: syz.4.1493 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  410.470166][T10776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  410.470176][T10776] Call Trace:
[  410.470182][T10776]  <TASK>
[  410.470189][T10776]  dump_stack_lvl+0x241/0x360
[  410.470220][T10776]  ? __pfx_dump_stack_lvl+0x10/0x10
[  410.470242][T10776]  ? __pfx__printk+0x10/0x10
[  410.470278][T10776]  should_fail_ex+0x424/0x570
[  410.470301][T10776]  _copy_from_iter+0x211/0x1c70
[  410.470327][T10776]  ? __build_skb_around+0x247/0x3d0
[  410.470348][T10776]  ? __alloc_skb+0x298/0x480
[  410.470363][T10776]  ? __pfx__copy_from_iter+0x10/0x10
[  410.470387][T10776]  ? __pfx___alloc_skb+0x10/0x10
[  410.470406][T10776]  ? skb_put+0x114/0x1f0
[  410.470426][T10776]  pfkey_sendmsg+0x23b/0x1140
[  410.470450][T10776]  ? __pfx___might_resched+0x10/0x10
[  410.470475][T10776]  ? __lock_acquire+0xad5/0xd80
[  410.470491][T10776]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  410.470517][T10776]  ? aa_sk_perm+0x96f/0xac0
[  410.470546][T10776]  ? __pfx_aa_sk_perm+0x10/0x10
[  410.470581][T10776]  ? __import_iovec+0x585/0x830
[  410.470602][T10776]  ? aa_sock_msg_perm+0x91/0x160
[  410.470631][T10776]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  410.470649][T10776]  __sock_sendmsg+0x221/0x270
[  410.470675][T10776]  ____sys_sendmsg+0x523/0x860
[  410.470702][T10776]  ? __pfx_____sys_sendmsg+0x10/0x10
[  410.470737][T10776]  __sys_sendmmsg+0x4a3/0x7b0
[  410.470767][T10776]  ? __pfx___sys_sendmmsg+0x10/0x10
[  410.470790][T10776]  ? __lock_acquire+0xad5/0xd80
[  410.470844][T10776]  ? vfs_write+0xb29/0xd10
[  410.470881][T10776]  ? __mutex_unlock_slowpath+0x229/0x800
[  410.470912][T10776]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  410.470932][T10776]  ? __fget_files+0x2a/0x420
[  410.470961][T10776]  ? fput+0x9b/0xd0
[  410.470977][T10776]  ? ksys_write+0x275/0x2d0
[  410.471007][T10776]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[  410.471037][T10776]  __do_fast_syscall_32+0xb4/0x110
[  410.471058][T10776]  ? exc_page_fault+0x5f8/0x920
[  410.471084][T10776]  do_fast_syscall_32+0x34/0x80
[  410.471105][T10776]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  410.471126][T10776] RIP: 0023:0xf73ed579
[  410.471141][T10776] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  410.471156][T10776] RSP: 002b:00000000f507655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[  410.471176][T10776] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  410.471188][T10776] RDX: 000000000400008a RSI: 0000000000000000 RDI: 0000000000000000
[  410.471198][T10776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  410.471209][T10776] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  410.471219][T10776] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  410.471246][T10776]  </TASK>
[  410.751653][    C1] vkms_vblank_simulate: vblank timer overrun
[  411.111922][ T5894] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  411.213720][    T9] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[  411.278078][ T5894] usb 4-1: config 0 has no interfaces?
[  411.293493][ T5894] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  411.306181][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.315575][ T5894] usb 4-1: Product: syz
[  411.320019][ T5894] usb 4-1: Manufacturer: syz
[  411.327871][ T5894] usb 4-1: SerialNumber: syz
[  411.342643][ T5894] usb 4-1: config 0 descriptor??
[  411.344538][ T5891] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  411.373872][    T9] usb 1-1: config 0 has no interfaces?
[  411.385028][    T9] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  411.394258][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.405966][    T9] usb 1-1: Product: syz
[  411.414165][    T9] usb 1-1: Manufacturer: syz
[  411.424264][    T9] usb 1-1: SerialNumber: syz
[  411.445085][    T9] usb 1-1: config 0 descriptor??
[  411.511773][ T5891] usb 5-1: Using ep0 maxpacket: 8
[  411.553406][ T5891] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  411.563473][ T5891] usb 5-1: New USB device found, idVendor=28bd, idProduct=1903, bcdDevice= 0.00
[  411.573803][ T5891] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.588910][ T5891] usb 5-1: config 0 descriptor??
[  412.024786][ T5891] input: HID 28bd:1903 Mouse as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:28BD:1903.0013/input/input71
[  412.106852][ T5891] uclogic 0003:28BD:1903.0013: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:1903] on usb-dummy_hcd.4-1/input0
[  412.227579][ T5895] usb 5-1: USB disconnect, device number 69
[  412.280527][ T5891] usb 3-1: USB disconnect, device number 62
[  412.823698][ T5894] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  413.290514][ T5894] usb 3-1: config 0 has no interfaces?
[  413.316218][ T5894] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  413.355129][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.364714][T10812] loop6: detected capacity change from 0 to 524287999
[  413.387922][ T5894] usb 3-1: Product: syz
[  413.398184][ T5894] usb 3-1: Manufacturer: syz
[  413.416861][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  413.431292][ T5894] usb 3-1: SerialNumber: syz
[  413.432475][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  413.475524][T10268] loop: Write error at byte offset 1, length 4096.
[  413.490962][ T5892] usb 4-1: USB disconnect, device number 62
[  413.532039][    C0] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  413.541637][    C0] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  413.586063][ T5895] usb 1-1: USB disconnect, device number 88
[  413.782247][ T5942] usb 5-1: new low-speed USB device number 70 using dummy_hcd
[  413.801970][T10813] Invalid logical block size (-9)
[  413.843709][ T5894] usb 3-1: config 0 descriptor??
[  414.114212][ T5942] usb 5-1: Invalid ep0 maxpacket: 32
[  414.269428][T10827] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1511'.
[  414.301824][ T5942] usb 5-1: new low-speed USB device number 71 using dummy_hcd
[  414.438103][T10807] macsec1: entered allmulticast mode
[  414.499086][T10828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  414.508200][T10828] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  414.892392][ T5942] usb 5-1: Invalid ep0 maxpacket: 32
[  414.971975][ T5942] usb usb5-port1: attempt power cycle
[  415.200927][T10836] input: syz0 as /devices/virtual/input/input72
[  415.240634][T10840] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1515'.
[  415.258235][T10838] vlan2: entered promiscuous mode
[  415.273838][T10838] hsr0: entered promiscuous mode
[  415.420647][T10845] input: syz0 as /devices/virtual/input/input73
[  415.430054][ T5942] usb 5-1: new low-speed USB device number 72 using dummy_hcd
[  415.469370][ T5942] usb 5-1: Invalid ep0 maxpacket: 32
[  415.660887][ T5942] usb 5-1: new low-speed USB device number 73 using dummy_hcd
[  415.726685][ T5942] usb 5-1: Invalid ep0 maxpacket: 32
[  415.744530][ T5942] usb usb5-port1: unable to enumerate USB device
[  416.524600][ T5942] usb 3-1: USB disconnect, device number 63
[  416.915596][ T2154] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  417.083795][ T2154] usb 5-1: config 0 has no interfaces?
[  417.103789][ T2154] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  417.141765][ T2154] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.155120][ T2154] usb 5-1: Product: syz
[  417.159333][ T2154] usb 5-1: Manufacturer: syz
[  417.165876][ T2154] usb 5-1: SerialNumber: syz
[  417.174643][ T2154] usb 5-1: config 0 descriptor??
[  417.262295][ T5891] usb 1-1: new high-speed USB device number 89 using dummy_hcd
[  417.421900][ T5892] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[  417.446115][ T5891] usb 1-1: config 0 has no interfaces?
[  417.460209][ T5891] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  417.482670][ T5891] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.490708][ T5891] usb 1-1: Product: syz
[  417.500664][ T5891] usb 1-1: Manufacturer: syz
[  417.510296][ T5891] usb 1-1: SerialNumber: syz
[  417.523070][ T5891] usb 1-1: config 0 descriptor??
[  417.591807][ T5892] usb 2-1: Using ep0 maxpacket: 8
[  417.620513][ T5892] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  417.645968][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.665560][ T5892] usb 2-1: Product: syz
[  417.673493][ T5892] usb 2-1: Manufacturer: syz
[  417.678477][ T5892] usb 2-1: SerialNumber: syz
[  417.688111][ T5892] usb 2-1: config 0 descriptor??
[  417.718243][T10883] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1531'.
[  417.829027][T10866] macsec1: entered allmulticast mode
[  417.886265][T10866] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  417.977148][T10866] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  417.977307][ T5892] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  418.434983][ T5892] usb write operation failed. (-71)
[  418.671928][ T5892] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  418.717221][ T5892] dvbdev: DVB: registering new adapter (Terratec H7)
[  418.731553][ T5892] usb 2-1: media controller created
[  418.761009][ T5892] usb read operation failed. (-71)
[  418.769299][ T5892] usb write operation failed. (-71)
[  418.789699][ T5892] dvb_usb_az6007 2-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  418.858215][ T5892] usb 2-1: USB disconnect, device number 87
[  418.893696][    T9] usb 3-1: new full-speed USB device number 64 using dummy_hcd
[  419.321446][    T9] usb 3-1: not running at top speed; connect to a high speed hub
[  419.348779][    T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  419.506605][ T2154] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  419.529025][    T9] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  419.568129][    T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  419.577315][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.595389][    T9] usb 3-1: Product: syz
[  419.607816][    T9] usb 3-1: Manufacturer: syz
[  419.623787][    T9] usb 3-1: SerialNumber: syz
[  419.672006][ T2154] usb 4-1: config 0 has no interfaces?
[  419.685714][ T5891] usb 5-1: USB disconnect, device number 74
[  419.762680][ T2154] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  419.812165][ T2154] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.860646][ T2154] usb 4-1: Product: syz
[  419.901526][ T2154] usb 4-1: Manufacturer: syz
[  419.988583][ T2154] usb 4-1: SerialNumber: syz
[  419.991792][    T9] usb 1-1: USB disconnect, device number 89
[  420.091549][ T5891] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[  420.145370][ T2154] usb 4-1: config 0 descriptor??
[  420.236084][T10899] xt_hashlimit: max too large, truncated to 1048576
[  420.260983][T10899] xt_hashlimit: overflow, rate too high: 0
[  420.294566][ T5891] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.350734][ T5891] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  420.410936][ T5891] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  420.420982][ T5891] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.515502][ T5891] usb 5-1: config 0 descriptor??
[  421.084711][ T5891] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0
[  421.096260][ T5891] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0
[  421.147132][ T5891] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0
[  421.166534][ T5891] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0
[  421.183707][ T5891] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0
[  421.210134][ T5891] cm6533_jd 0003:0D8C:0022.0014: No inputs registered, leaving
[  421.260760][ T5891] cm6533_jd 0003:0D8C:0022.0014: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0
[  421.635194][T10932] FAULT_INJECTION: forcing a failure.
[  421.635194][T10932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.648502][T10932] CPU: 0 UID: 0 PID: 10932 Comm: syz.0.1547 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  421.648527][T10932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  421.648537][T10932] Call Trace:
[  421.648544][T10932]  <TASK>
[  421.648553][T10932]  dump_stack_lvl+0x241/0x360
[  421.648582][T10932]  ? __pfx_dump_stack_lvl+0x10/0x10
[  421.648605][T10932]  ? __pfx__printk+0x10/0x10
[  421.648638][T10932]  should_fail_ex+0x424/0x570
[  421.648658][T10932]  _copy_to_user+0x31/0xb0
[  421.648683][T10932]  video_usercopy+0xf30/0x1330
[  421.648708][T10932]  ? __pfx___video_do_ioctl+0x10/0x10
[  421.648724][T10932]  ? __pfx_video_usercopy+0x10/0x10
[  421.648756][T10932]  ? __fget_files+0x2a/0x420
[  421.648775][T10932]  v4l2_ioctl+0x189/0x1e0
[  421.648802][T10932]  v4l2_compat_ioctl32+0x1d7/0x260
[  421.648832][T10932]  __se_compat_sys_ioctl+0x50e/0xc30
[  421.648854][T10932]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  421.648885][T10932]  ? __fget_files+0x2a/0x420
[  421.648904][T10932]  ? fput+0x9b/0xd0
[  421.648919][T10932]  ? ksys_write+0x275/0x2d0
[  421.648946][T10932]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  421.648967][T10932]  ? lockdep_hardirqs_on+0x9d/0x150
[  421.648982][T10932]  __do_fast_syscall_32+0xb4/0x110
[  421.649001][T10932]  ? exc_page_fault+0x5f8/0x920
[  421.649024][T10932]  do_fast_syscall_32+0x34/0x80
[  421.649045][T10932]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  421.649065][T10932] RIP: 0023:0xf73fd579
[  421.649080][T10932] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  421.649095][T10932] RSP: 002b:00000000f508655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  421.649114][T10932] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0405602
[  421.649126][T10932] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  421.649137][T10932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  421.649147][T10932] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  421.649158][T10932] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  421.649183][T10932]  </TASK>
[  421.914271][ T5891] usb 3-1: USB disconnect, device number 64
[  422.054430][T10937] sit0: entered promiscuous mode
[  422.062166][T10937] netlink: 'syz.2.1549': attribute type 1 has an invalid length.
[  422.069947][T10937] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1549'.
[  422.089582][T10937] lo: entered promiscuous mode
[  422.097670][T10937] tunl0: entered promiscuous mode
[  422.111363][T10937] gre0: entered promiscuous mode
[  422.122556][T10937] gretap0: entered promiscuous mode
[  422.132447][T10937] erspan0: entered promiscuous mode
[  422.538429][    C0] vcan0: j1939_tp_rxtimer: 0xffff888046b71c00: rx timeout, send abort
[  422.549588][T10937] ip_vti0: entered promiscuous mode
[  422.549732][    C0] vcan0: j1939_tp_rxtimer: 0xffff888046b73400: rx timeout, send abort
[  422.584771][ T5892] usb 4-1: USB disconnect, device number 64
[  422.812252][    T9] usb 5-1: USB disconnect, device number 75
[  422.851756][ T5891] usb 1-1: new high-speed USB device number 90 using dummy_hcd
[  423.029775][ T5891] usb 1-1: config 0 has no interfaces?
[  423.046862][ T5891] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  423.060247][ T5891] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.068661][    C0] vcan0: j1939_tp_rxtimer: 0xffff888046b73400: abort rx timeout. Force session deactivation
[  423.117891][ T5891] usb 1-1: Product: syz
[  423.130255][ T5891] usb 1-1: Manufacturer: syz
[  423.135717][ T5891] usb 1-1: SerialNumber: syz
[  423.358190][ T5891] usb 1-1: config 0 descriptor??
[  424.037524][T10972] FAULT_INJECTION: forcing a failure.
[  424.037524][T10972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  424.083999][T10972] CPU: 0 UID: 0 PID: 10972 Comm: syz.1.1559 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  424.084025][T10972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  424.084035][T10972] Call Trace:
[  424.084043][T10972]  <TASK>
[  424.084050][T10972]  dump_stack_lvl+0x241/0x360
[  424.084080][T10972]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.084102][T10972]  ? __pfx__printk+0x10/0x10
[  424.084136][T10972]  should_fail_ex+0x424/0x570
[  424.084159][T10972]  _copy_from_user+0x2d/0xb0
[  424.084185][T10972]  sg_new_write+0x5d9/0x880
[  424.084211][T10972]  ? __pfx_sg_new_write+0x10/0x10
[  424.084265][T10972]  sg_ioctl+0x18cd/0x2ea0
[  424.084294][T10972]  ? __pfx_sg_ioctl+0x10/0x10
[  424.084316][T10972]  ? __fget_files+0x2a/0x420
[  424.084331][T10972]  ? __fget_files+0x2a/0x420
[  424.084349][T10972]  ? __fget_files+0x2a/0x420
[  424.084374][T10972]  __se_compat_sys_ioctl+0x50e/0xc30
[  424.084398][T10972]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  424.084419][T10972]  ? __fget_files+0x2a/0x420
[  424.084473][T10972]  ? fput+0x9b/0xd0
[  424.084490][T10972]  ? ksys_write+0x275/0x2d0
[  424.084516][T10972]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  424.084538][T10972]  ? lockdep_hardirqs_on+0x9d/0x150
[  424.084560][T10972]  __do_fast_syscall_32+0xb4/0x110
[  424.084581][T10972]  ? exc_page_fault+0x5f8/0x920
[  424.084604][T10972]  do_fast_syscall_32+0x34/0x80
[  424.084626][T10972]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  424.084646][T10972] RIP: 0023:0xf73ad579
[  424.084662][T10972] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  424.084676][T10972] RSP: 002b:00000000f503655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  424.084694][T10972] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000002285
[  424.084706][T10972] RDX: 00000000800005c0 RSI: 0000000000000000 RDI: 0000000000000000
[  424.084717][T10972] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  424.084726][T10972] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  424.084737][T10972] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  424.084763][T10972]  </TASK>
[  424.432582][ T5942] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  424.601831][ T5942] usb 4-1: Using ep0 maxpacket: 16
[  424.608641][ T5942] usb 4-1: config index 0 descriptor too short (expected 69, got 36)
[  424.616873][ T5942] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.627199][ T5942] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  424.638912][ T5942] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  424.648726][ T5942] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  424.664936][ T5942] usb 4-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89
[  424.677615][ T5942] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.686005][ T5942] usb 4-1: Product: syz
[  424.690532][ T5942] usb 4-1: Manufacturer: syz
[  424.697310][ T5942] usb 4-1: SerialNumber: syz
[  424.704091][ T5942] usb 4-1: config 0 descriptor??
[  424.714203][ T5942] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[  425.157769][ T5894] usb 1-1: USB disconnect, device number 90
[  425.430878][T10990] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1567'.
[  425.536822][ T5942] input: gspca_pac7302 as /devices/platform/dummy_hcd.3/usb4/4-1/input/input74
[  425.685351][T11002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  425.704477][T11002] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  425.751934][ T5891] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[  425.917248][T11010] FAULT_INJECTION: forcing a failure.
[  425.917248][T11010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  425.921843][ T5891] usb 1-1: device descriptor read/64, error -71
[  425.953213][T11010] CPU: 1 UID: 0 PID: 11010 Comm: syz.1.1571 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  425.953241][T11010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  425.953252][T11010] Call Trace:
[  425.953259][T11010]  <TASK>
[  425.953268][T11010]  dump_stack_lvl+0x241/0x360
[  425.953307][T11010]  ? __pfx_dump_stack_lvl+0x10/0x10
[  425.953331][T11010]  ? __pfx__printk+0x10/0x10
[  425.953365][T11010]  should_fail_ex+0x424/0x570
[  425.953389][T11010]  strncpy_from_user+0x36/0x280
[  425.953410][T11010]  getname_flags+0xf1/0x530
[  425.953440][T11010]  __ia32_sys_rename+0x69/0x90
[  425.953464][T11010]  __do_fast_syscall_32+0xb4/0x110
[  425.953485][T11010]  ? exc_page_fault+0x5f8/0x920
[  425.953510][T11010]  do_fast_syscall_32+0x34/0x80
[  425.953531][T11010]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  425.953551][T11010] RIP: 0023:0xf73ad579
[  425.953566][T11010] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  425.953580][T11010] RSP: 002b:00000000f4ff455c EFLAGS: 00000206 ORIG_RAX: 0000000000000026
[  425.953598][T11010] RAX: ffffffffffffffda RBX: 0000000080000100 RCX: 00000000800005c0
[  425.953611][T11010] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  425.953622][T11010] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  425.953632][T11010] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  425.953642][T11010] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  425.953669][T11010]  </TASK>
[  426.111249][    C1] vkms_vblank_simulate: vblank timer overrun
[  426.351842][ T5891] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[  426.403850][T11021] bridge_slave_1: left allmulticast mode
[  426.414183][T11021] bridge_slave_1: left promiscuous mode
[  426.420867][T11021] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.447130][T11021] bridge_slave_0: left allmulticast mode
[  426.458562][T11021] bridge_slave_0: left promiscuous mode
[  426.468584][T11021] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.481959][ T5891] usb 1-1: device descriptor read/64, error -71
[  426.602178][ T5891] usb usb1-port1: attempt power cycle
[  426.631841][    T9] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[  426.876465][    T9] usb 3-1: config 0 has no interfaces?
[  426.964826][ T5891] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[  426.998078][T11030] input: syz0 as /devices/virtual/input/input75
[  427.077277][ T5892] usb 4-1: USB disconnect, device number 65
[  427.103229][ T5891] usb 1-1: device descriptor read/8, error -71
[  427.118569][    T9] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  427.127997][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.141348][    T9] usb 3-1: Product: syz
[  427.281084][T11033] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1580'.
[  427.302030][    T9] usb 3-1: Manufacturer: syz
[  427.306677][    T9] usb 3-1: SerialNumber: syz
[  427.326795][    T9] usb 3-1: config 0 descriptor??
[  427.413290][ T5891] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[  427.443211][ T5891] usb 1-1: device descriptor read/8, error -71
[  427.553456][ T5891] usb usb1-port1: unable to enumerate USB device
[  428.562733][ T5894] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  428.744103][ T5894] usb 4-1: Using ep0 maxpacket: 32
[  428.754833][ T5894] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  428.766082][ T5894] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  428.777371][ T5894] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  428.793424][ T5894] usb 4-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=75.9e
[  428.803137][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.812112][ T5894] usb 4-1: Product: syz
[  428.816621][ T5894] usb 4-1: Manufacturer: syz
[  428.821333][ T5894] usb 4-1: SerialNumber: syz
[  428.833888][ T5894] usb 4-1: config 0 descriptor??
[  428.847107][ T5894] iguanair 4-1:0.0: probe with driver iguanair failed with error -12
[  428.891756][ T5891] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  429.021834][ T5891] usb 5-1: device descriptor read/64, error -71
[  429.046036][ T5894] usb 4-1: USB disconnect, device number 66
[  429.261953][ T5891] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[  429.393199][ T5891] usb 5-1: device descriptor read/64, error -71
[  429.431922][ T5892] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[  429.503320][ T5891] usb usb5-port1: attempt power cycle
[  429.691850][ T5892] usb 2-1: Using ep0 maxpacket: 8
[  429.699172][ T5892] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  429.708485][ T5892] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.718411][ T5892] usb 2-1: config 0 descriptor??
[  429.754090][T11070] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1592'.
[  429.952340][ T5891] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  429.973396][ T5891] usb 5-1: device descriptor read/8, error -71
[  430.081348][    T9] usb 3-1: USB disconnect, device number 65
[  430.221891][ T5891] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  430.279691][ T5891] usb 5-1: device descriptor read/8, error -71
[  430.392570][ T5891] usb usb5-port1: unable to enumerate USB device
[  431.296949][ T5892] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  431.310565][ T5892] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  431.343775][ T5892] asix 2-1:0.0: probe with driver asix failed with error -71
[  431.380907][ T5892] usb 2-1: USB disconnect, device number 88
[  433.136036][T11106] netlink: 'syz.1.1602': attribute type 4 has an invalid length.
[  434.067225][T11147] FAULT_INJECTION: forcing a failure.
[  434.067225][T11147] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  434.113875][T11147] CPU: 0 UID: 0 PID: 11147 Comm: syz.3.1613 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  434.113904][T11147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  434.113915][T11147] Call Trace:
[  434.113923][T11147]  <TASK>
[  434.113931][T11147]  dump_stack_lvl+0x241/0x360
[  434.113963][T11147]  ? __pfx_dump_stack_lvl+0x10/0x10
[  434.113988][T11147]  ? __pfx__printk+0x10/0x10
[  434.114026][T11147]  should_fail_ex+0x424/0x570
[  434.114050][T11147]  _copy_from_user+0x2d/0xb0
[  434.114076][T11147]  kstrtouint_from_user+0xce/0x1a0
[  434.114100][T11147]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  434.114125][T11147]  ? __lock_acquire+0xad5/0xd80
[  434.114155][T11147]  proc_fail_nth_write+0xac/0x2d0
[  434.114174][T11147]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  434.114199][T11147]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  434.114224][T11147]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  434.114244][T11147]  vfs_write+0x2bc/0xd10
[  434.114270][T11147]  ? fdget_pos+0x247/0x310
[  434.114290][T11147]  ? __pfx_vfs_write+0x10/0x10
[  434.114313][T11147]  ? __fget_files+0x2a/0x420
[  434.114329][T11147]  ? __fget_files+0x39d/0x420
[  434.114344][T11147]  ? __fget_files+0x2a/0x420
[  434.114370][T11147]  ksys_write+0x19d/0x2d0
[  434.114392][T11147]  ? __pfx_ksys_write+0x10/0x10
[  434.114415][T11147]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  434.114436][T11147]  ? lockdep_hardirqs_on+0x9d/0x150
[  434.114460][T11147]  __do_fast_syscall_32+0xb4/0x110
[  434.114480][T11147]  ? exc_page_fault+0x5f8/0x920
[  434.114505][T11147]  do_fast_syscall_32+0x34/0x80
[  434.114527][T11147]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  434.114547][T11147] RIP: 0023:0xf73dd579
[  434.114567][T11147] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  434.114581][T11147] RSP: 002b:00000000f5066590 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[  434.114607][T11147] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5066620
[  434.114619][T11147] RDX: 0000000000000001 RSI: 00000000f73cdff4 RDI: 0000000000000000
[  434.114630][T11147] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  434.114640][T11147] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  434.114650][T11147] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  434.114678][T11147]  </TASK>
[  434.416800][ T5894] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  434.717991][ T5894] usb 3-1: Using ep0 maxpacket: 16
[  434.745814][ T5894] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  434.745873][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  434.745901][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  434.745921][ T5894] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  434.745943][ T5894] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  434.758228][ T5894] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  434.758259][ T5894] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  434.758277][ T5894] usb 3-1: Manufacturer: syz
[  434.768256][ T5894] usb 3-1: config 0 descriptor??
[  435.119238][ T5894] rc_core: IR keymap rc-hauppauge not found
[  435.119258][ T5894] Registered IR keymap rc-empty
[  435.119647][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.134220][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.161966][ T5894] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  435.164229][ T5894] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input78
[  435.187269][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.208752][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.222050][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.241896][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.262693][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.295601][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.321943][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.340012][T11171] netlink: 'syz.3.1622': attribute type 2 has an invalid length.
[  435.363178][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.391927][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.421883][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  435.444377][T11142] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1612'.
[  435.465086][ T5894] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  435.501761][ T5894] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  435.655444][T11178] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  435.920536][T11186] syzkaller1: entered promiscuous mode
[  435.926491][T11186] syzkaller1: entered allmulticast mode
[  436.207946][T11197] input: syz0 as /devices/virtual/input/input79
[  436.253440][ T5892] usb 3-1: USB disconnect, device number 66
[  436.851810][ T2154] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  437.023024][ T2154] usb 3-1: Using ep0 maxpacket: 16
[  437.030048][ T2154] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  437.042492][ T2154] usb 3-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=9c.25
[  437.291262][ T2154] usb 3-1: New USB device strings: Mfr=0, Product=251, SerialNumber=3
[  437.316787][ T2154] usb 3-1: Product: syz
[  437.332180][ T2154] usb 3-1: SerialNumber: syz
[  437.399793][ T2154] usb 3-1: config 0 descriptor??
[  437.576971][T11222] gtp0: entered promiscuous mode
[  437.668205][ T2154] usb 3-1: USB disconnect, device number 67
[  437.851915][ T5891] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[  437.952309][ T5894] usb 1-1: new full-speed USB device number 95 using dummy_hcd
[  438.004056][ T5891] usb 2-1: Using ep0 maxpacket: 16
[  438.021077][ T5891] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.032396][ T5891] usb 2-1: New USB device found, idVendor=05ac, idProduct=0237, bcdDevice= 0.00
[  438.041453][ T5891] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.091802][ T5891] usb 2-1: config 0 descriptor??
[  438.116021][ T5894] usb 1-1: config 0 has an invalid interface number: 138 but max is 0
[  438.118741][ T5891] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input80
[  438.131722][ T5894] usb 1-1: config 0 has no interface number 0
[  438.138372][T11231] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1643'.
[  438.149485][ T5894] usb 1-1: config 0 interface 138 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[  438.176934][ T5894] usb 1-1: New USB device found, idVendor=1f25, idProduct=a4a0, bcdDevice=c8.66
[  438.199096][T11233] FAULT_INJECTION: forcing a failure.
[  438.199096][T11233] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  438.211715][ T5894] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.258639][ T5894] usb 1-1: config 0 descriptor??
[  438.259379][T11233] CPU: 0 UID: 0 PID: 11233 Comm: syz.3.1644 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  438.259404][T11233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  438.259416][T11233] Call Trace:
[  438.259423][T11233]  <TASK>
[  438.259430][T11233]  dump_stack_lvl+0x241/0x360
[  438.259475][T11233]  ? __pfx_dump_stack_lvl+0x10/0x10
[  438.259504][T11233]  ? __pfx__printk+0x10/0x10
[  438.259550][T11233]  should_fail_ex+0x424/0x570
[  438.259578][T11233]  _copy_to_user+0x31/0xb0
[  438.259609][T11233]  drm_ioctl+0x6b1/0xbb0
[  438.259640][T11233]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  438.259669][T11233]  ? __pfx_drm_ioctl+0x10/0x10
[  438.259712][T11233]  ? __fget_files+0x2a/0x420
[  438.259731][T11233]  ? drm_compat_ioctl+0x11c/0x340
[  438.259757][T11233]  __se_compat_sys_ioctl+0x50e/0xc30
[  438.259784][T11233]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  438.259806][T11233]  ? __fget_files+0x2a/0x420
[  438.259827][T11233]  ? fput+0x9b/0xd0
[  438.259843][T11233]  ? ksys_write+0x275/0x2d0
[  438.259869][T11233]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  438.259890][T11233]  ? lockdep_hardirqs_on+0x9d/0x150
[  438.259912][T11233]  __do_fast_syscall_32+0xb4/0x110
[  438.259933][T11233]  ? exc_page_fault+0x5f8/0x920
[  438.259956][T11233]  do_fast_syscall_32+0x34/0x80
[  438.259978][T11233]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  438.259998][T11233] RIP: 0023:0xf73dd579
[  438.260012][T11233] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  438.260030][T11233] RSP: 002b:00000000f506655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  438.260048][T11233] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c00c642e
[  438.260060][T11233] RDX: 0000000080000300 RSI: 0000000000000000 RDI: 0000000000000000
[  438.260071][T11233] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  438.260081][T11233] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  438.260091][T11233] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  438.260117][T11233]  </TASK>
[  438.421991][T11219] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1640'.
[  438.505114][T11223] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.518460][T11223] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  438.557523][ T5197] bcm5974 2-1:0.0: could not read from device
[  438.565415][ T5197] bcm5974 2-1:0.0: could not read from device
[  438.577742][ T5197] bcm5974 2-1:0.0: could not read from device
[  438.608824][ T5891] usb 2-1: USB disconnect, device number 89
[  438.658052][T11240] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1647'.
[  438.811559][T11240] tty tty1: ldisc open failed (-12), clearing slot 0
[  438.993258][T11241] tty tty1: ldisc open failed (-12), clearing slot 0
[  439.071865][   T30] kauditd_printk_skb: 26 callbacks suppressed
[  439.071884][   T30] audit: type=1326 audit(1744688271.075:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1641" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  439.278545][   T30] audit: type=1326 audit(1744688271.075:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1641" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  439.300615][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.372441][T11249] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1648'.
[  439.458716][   T30] audit: type=1326 audit(1744688271.075:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1641" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  439.582525][   T30] audit: type=1326 audit(1744688271.075:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1641" exe="/root/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  439.638473][   T30] audit: type=1326 audit(1744688271.075:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1641" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  439.750035][T11258] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1650'.
[  439.771863][   T30] audit: type=1326 audit(1744688271.075:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1641" exe="/root/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  439.859402][   T30] audit: type=1326 audit(1744688271.075:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1641" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  439.961096][T11262] gtp0: entered promiscuous mode
[  439.995105][   T30] audit: type=1326 audit(1744688271.075:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1641" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  440.043910][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  440.050388][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  440.150258][   T30] audit: type=1326 audit(1744688271.095:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1641" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  440.165406][ T5894] usb 1-1: string descriptor 0 read error: -71
[  440.313183][   T30] audit: type=1326 audit(1744688271.095:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.0.1641" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x7ffc0000
[  440.337534][ T5894] usb 1-1: USB disconnect, device number 95
[  440.848581][T11271] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1655'.
[  440.900454][T11271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1655'.
[  441.253726][T11279] kvm: kvm [11278]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x40000004) = 0x0
[  441.854952][ T5892] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  441.875982][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802178f000: rx timeout, send abort
[  442.033233][ T5892] usb 5-1: config 0 has no interfaces?
[  442.038922][T11295] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1661'.
[  442.060187][ T5892] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  442.111823][ T5892] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  442.145008][ T5892] usb 5-1: Product: syz
[  442.158042][ T5892] usb 5-1: Manufacturer: syz
[  442.185078][ T5892] usb 5-1: SerialNumber: syz
[  442.226569][ T5892] usb 5-1: config 0 descriptor??
[  442.384304][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802178f000: abort rx timeout. Force session deactivation
[  442.481124][T11304] FAULT_INJECTION: forcing a failure.
[  442.481124][T11304] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  442.506421][T11304] CPU: 1 UID: 0 PID: 11304 Comm: syz.0.1665 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  442.506448][T11304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  442.506459][T11304] Call Trace:
[  442.506466][T11304]  <TASK>
[  442.506475][T11304]  dump_stack_lvl+0x241/0x360
[  442.506507][T11304]  ? __pfx_dump_stack_lvl+0x10/0x10
[  442.506530][T11304]  ? __pfx__printk+0x10/0x10
[  442.506565][T11304]  should_fail_ex+0x424/0x570
[  442.506588][T11304]  _copy_from_iter+0x211/0x1c70
[  442.506617][T11304]  ? __build_skb_around+0x247/0x3d0
[  442.506639][T11304]  ? __alloc_skb+0x298/0x480
[  442.506655][T11304]  ? __pfx__copy_from_iter+0x10/0x10
[  442.506678][T11304]  ? __pfx___alloc_skb+0x10/0x10
[  442.506696][T11304]  ? skb_put+0x114/0x1f0
[  442.506717][T11304]  pfkey_sendmsg+0x23b/0x1140
[  442.506740][T11304]  ? __pfx___might_resched+0x10/0x10
[  442.506768][T11304]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  442.506794][T11304]  ? aa_sk_perm+0x96f/0xac0
[  442.506824][T11304]  ? __pfx_aa_sk_perm+0x10/0x10
[  442.506848][T11304]  ? __import_iovec+0x585/0x830
[  442.506869][T11304]  ? aa_sock_msg_perm+0x91/0x160
[  442.506896][T11304]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  442.506914][T11304]  __sock_sendmsg+0x221/0x270
[  442.506938][T11304]  ____sys_sendmsg+0x523/0x860
[  442.506966][T11304]  ? __pfx_____sys_sendmsg+0x10/0x10
[  442.506999][T11304]  __sys_sendmsg+0x271/0x360
[  442.507022][T11304]  ? __pfx___sys_sendmsg+0x10/0x10
[  442.507086][T11304]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  442.507105][T11304]  ? lockdep_hardirqs_on+0x9d/0x150
[  442.507126][T11304]  __do_fast_syscall_32+0xb4/0x110
[  442.507144][T11304]  ? exc_page_fault+0x5f8/0x920
[  442.507165][T11304]  do_fast_syscall_32+0x34/0x80
[  442.507196][T11304]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  442.507216][T11304] RIP: 0023:0xf73fd579
[  442.507231][T11304] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  442.507245][T11304] RSP: 002b:00000000f508655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  442.507264][T11304] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000140
[  442.507276][T11304] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  442.507287][T11304] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  442.507296][T11304] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  442.507307][T11304] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  442.507334][T11304]  </TASK>
[  442.759036][    C1] vkms_vblank_simulate: vblank timer overrun
[  442.871764][ T2154] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  443.033563][ T2154] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  443.042899][ T2154] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.055352][ T2154] usb 3-1: config 0 descriptor??
[  443.085467][T11319] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1669'.
[  443.094942][T11319] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1669'.
[  443.296713][ T2154] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[  443.315152][ T2154] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  443.330878][ T2154] [drm:udl_init] *ERROR* Selecting channel failed
[  443.397633][ T2154] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[  443.397662][ T2154] [drm] Initialized udl on minor 2
[  443.424887][ T2154] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  443.445859][ T2154] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  443.454361][ T5942] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  443.454628][ T5942] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  443.469145][ T2154] usb 3-1: USB disconnect, device number 68
[  444.370435][ T2154] usb 5-1: USB disconnect, device number 80
[  444.800416][    T9] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[  444.956738][T11358] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1682'.
[  445.029880][T11360] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1683'.
[  445.039354][T11360] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1683'.
[  445.076758][    T9] usb 2-1: config 0 has no interfaces?
[  445.094349][    T9] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  445.112407][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.124856][    T9] usb 2-1: Product: syz
[  445.129079][    T9] usb 2-1: Manufacturer: syz
[  445.140012][    T9] usb 2-1: SerialNumber: syz
[  445.212221][    T9] usb 2-1: config 0 descriptor??
[  445.892280][T11383] input: syz0 as /devices/virtual/input/input81
[  445.927023][T11384] input: syz0 as /devices/virtual/input/input82
[  445.975184][T11389] FAULT_INJECTION: forcing a failure.
[  445.975184][T11389] name failslab, interval 1, probability 0, space 0, times 0
[  445.994509][T11389] CPU: 0 UID: 0 PID: 11389 Comm: syz.4.1692 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  445.994534][T11389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  445.994545][T11389] Call Trace:
[  445.994553][T11389]  <TASK>
[  445.994561][T11389]  dump_stack_lvl+0x241/0x360
[  445.994593][T11389]  ? __pfx_dump_stack_lvl+0x10/0x10
[  445.994617][T11389]  ? __pfx__printk+0x10/0x10
[  445.994645][T11389]  ? __pfx___might_resched+0x10/0x10
[  445.994681][T11389]  should_fail_ex+0x424/0x570
[  445.994703][T11389]  should_failslab+0xac/0x100
[  445.994727][T11389]  kmem_cache_alloc_noprof+0x78/0x390
[  445.994749][T11389]  ? alloc_empty_file+0x56/0x1d0
[  445.994778][T11389]  alloc_empty_file+0x56/0x1d0
[  445.994805][T11389]  path_openat+0x10d/0x35d0
[  445.994827][T11389]  ? stack_trace_save+0x11a/0x1d0
[  445.994851][T11389]  ? __pfx_stack_trace_save+0x10/0x10
[  445.994876][T11389]  ? stack_depot_save_flags+0x44/0x940
[  445.994902][T11389]  ? kasan_save_track+0x51/0x80
[  445.994920][T11389]  ? kasan_save_track+0x3f/0x80
[  445.994936][T11389]  ? __kasan_slab_alloc+0x66/0x80
[  445.994954][T11389]  ? kmem_cache_alloc_noprof+0x1e1/0x390
[  445.994974][T11389]  ? getname_flags+0xb7/0x530
[  445.994997][T11389]  ? __pfx_path_openat+0x10/0x10
[  445.995013][T11389]  ? do_fast_syscall_32+0x34/0x80
[  445.995034][T11389]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  445.995071][T11389]  do_filp_open+0x284/0x4e0
[  445.995092][T11389]  ? __pfx_do_filp_open+0x10/0x10
[  445.995107][T11389]  ? do_raw_spin_lock+0x151/0x370
[  445.995168][T11389]  do_sys_openat2+0x12b/0x1d0
[  445.995192][T11389]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  445.995215][T11389]  ? __pfx_do_sys_openat2+0x10/0x10
[  445.995240][T11389]  ? __fget_files+0x2a/0x420
[  445.995265][T11389]  __ia32_sys_creat+0x124/0x170
[  445.995282][T11389]  ? __pfx___ia32_sys_creat+0x10/0x10
[  445.995305][T11389]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  445.995325][T11389]  ? lockdep_hardirqs_on+0x9d/0x150
[  445.995349][T11389]  __do_fast_syscall_32+0xb4/0x110
[  445.995369][T11389]  ? exc_page_fault+0x5f8/0x920
[  445.995393][T11389]  do_fast_syscall_32+0x34/0x80
[  445.995414][T11389]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  445.995433][T11389] RIP: 0023:0xf73ed579
[  445.995449][T11389] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  445.995463][T11389] RSP: 002b:00000000f4ff055c EFLAGS: 00000206 ORIG_RAX: 0000000000000008
[  445.995482][T11389] RAX: ffffffffffffffda RBX: 0000000080000280 RCX: 00000000d53049cc
[  445.995494][T11389] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  445.995504][T11389] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  445.995514][T11389] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  445.995524][T11389] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  445.995548][T11389]  </TASK>
[  446.621920][    T9] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[  446.693291][T11397] input: syz0 as /devices/virtual/input/input83
[  446.992130][    T9] usb 3-1: Using ep0 maxpacket: 16
[  447.001734][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  447.013044][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  447.181925][    T9] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  447.210022][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.244056][    T9] usb 3-1: config 0 descriptor??
[  447.255001][    T9] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  447.387457][T11404] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1696'.
[  447.399876][T11404] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1696'.
[  447.574183][    T9] usb 2-1: USB disconnect, device number 90
[  447.575633][ T5894] usb 3-1: USB disconnect, device number 69
[  447.916281][T11415] sit0: entered promiscuous mode
[  447.962432][T11415] netlink: 'syz.1.1700': attribute type 1 has an invalid length.
[  447.991047][T11415] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1700'.
[  448.215366][T11424] input: syz0 as /devices/virtual/input/input84
[  448.253421][ T5894] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[  448.290069][ T5851] Bluetooth: hci3: unexpected event for opcode 0x0000
[  448.362073][ T5942] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[  448.442041][ T5894] usb 2-1: device descriptor read/64, error -71
[  448.580418][ T5942] usb 4-1: config 0 has no interfaces?
[  448.649857][ T5942] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  448.746024][ T5942] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.761139][ T5942] usb 4-1: Product: syz
[  448.765536][ T5942] usb 4-1: Manufacturer: syz
[  448.776441][ T5942] usb 4-1: SerialNumber: syz
[  448.821920][ T5894] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[  448.835355][ T5942] usb 4-1: config 0 descriptor??
[  448.961850][ T5894] usb 2-1: device descriptor read/64, error -71
[  449.073831][ T5894] usb usb2-port1: attempt power cycle
[  449.387524][   T30] kauditd_printk_skb: 33 callbacks suppressed
[  449.387543][   T30] audit: type=1800 audit(1744688281.415:446): pid=11434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1704" name="/" dev="fuse" ino=18446744073709551612 res=0 errno=0
[  449.771820][ T5894] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[  449.803016][ T5894] usb 2-1: device descriptor read/8, error -71
[  450.041761][ T5894] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[  450.066244][T11445] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  450.092721][ T5894] usb 2-1: device descriptor read/8, error -71
[  450.212030][ T5894] usb usb2-port1: unable to enumerate USB device
[  450.292437][    T9] usb 5-1: new full-speed USB device number 81 using dummy_hcd
[  450.486648][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  450.496541][    T9] usb 5-1: not running at top speed; connect to a high speed hub
[  450.515318][    T9] usb 5-1: config 12 has an invalid interface number: 187 but max is 0
[  450.528277][    T9] usb 5-1: config 12 has no interface number 0
[  450.799199][    T9] usb 5-1: config 12 interface 187 altsetting 64 endpoint 0xA has invalid maxpacket 1024, setting to 64
[  450.884052][    T9] usb 5-1: config 12 interface 187 has no altsetting 0
[  450.910932][    T9] usb 5-1: New USB device found, idVendor=110a, idProduct=1130, bcdDevice=4e.fa
[  450.931062][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.978592][    T9] usb 5-1: Product: syz
[  451.013250][    T9] usb 5-1: Manufacturer: syz
[  451.054901][    T9] usb 5-1: SerialNumber: syz
[  451.138583][ T5942] usb 4-1: USB disconnect, device number 67
[  451.165561][T11443] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  451.407951][    T9] ti_usb_3410_5052 5-1:12.187: TI USB 3410 1 port adapter converter detected
[  451.408084][    T9] ti_usb_3410_5052 5-1:12.187: missing endpoints
[  451.427135][    T9] usb 5-1: USB disconnect, device number 81
[  451.532087][T11464] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1710'.
[  451.915829][T11487] input: syz0 as /devices/virtual/input/input85
[  452.346075][ T5851] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  452.354931][ T5851] Bluetooth: hci3: Injecting HCI hardware error event
[  452.363276][   T56] Bluetooth: hci3: hardware error 0x00
[  452.426376][T11494] FAULT_INJECTION: forcing a failure.
[  452.426376][T11494] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  452.515095][T11494] CPU: 1 UID: 0 PID: 11494 Comm: syz.4.1716 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  452.515123][T11494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  452.515133][T11494] Call Trace:
[  452.515140][T11494]  <TASK>
[  452.515147][T11494]  dump_stack_lvl+0x241/0x360
[  452.515190][T11494]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.515213][T11494]  ? __pfx__printk+0x10/0x10
[  452.515249][T11494]  should_fail_ex+0x424/0x570
[  452.515271][T11494]  _copy_from_iter+0x211/0x1c70
[  452.515299][T11494]  ? __build_skb_around+0x247/0x3d0
[  452.515320][T11494]  ? __alloc_skb+0x298/0x480
[  452.515334][T11494]  ? __pfx__copy_from_iter+0x10/0x10
[  452.515357][T11494]  ? __pfx___alloc_skb+0x10/0x10
[  452.515375][T11494]  ? skb_put+0x114/0x1f0
[  452.515395][T11494]  netlink_sendmsg+0x73c/0xcd0
[  452.515431][T11494]  ? __pfx_netlink_sendmsg+0x10/0x10
[  452.515456][T11494]  ? __import_iovec+0x585/0x830
[  452.515475][T11494]  ? aa_sock_msg_perm+0x91/0x160
[  452.515500][T11494]  ? __pfx_netlink_sendmsg+0x10/0x10
[  452.515519][T11494]  __sock_sendmsg+0x221/0x270
[  452.515545][T11494]  ____sys_sendmsg+0x523/0x860
[  452.515571][T11494]  ? __pfx_____sys_sendmsg+0x10/0x10
[  452.515603][T11494]  __sys_sendmsg+0x271/0x360
[  452.515626][T11494]  ? __pfx___sys_sendmsg+0x10/0x10
[  452.515689][T11494]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  452.515710][T11494]  ? lockdep_hardirqs_on+0x9d/0x150
[  452.515731][T11494]  __do_fast_syscall_32+0xb4/0x110
[  452.515751][T11494]  ? exc_page_fault+0x5f8/0x920
[  452.515775][T11494]  do_fast_syscall_32+0x34/0x80
[  452.515795][T11494]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  452.515814][T11494] RIP: 0023:0xf73ed579
[  452.515829][T11494] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  452.515843][T11494] RSP: 002b:00000000f507655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  452.515861][T11494] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800007c0
[  452.515872][T11494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  452.515881][T11494] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  452.515890][T11494] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  452.515899][T11494] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  452.515924][T11494]  </TASK>
[  452.755089][    C1] vkms_vblank_simulate: vblank timer overrun
[  453.009975][T11504] FAULT_INJECTION: forcing a failure.
[  453.009975][T11504] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  453.055960][T11504] CPU: 0 UID: 0 PID: 11504 Comm: syz.4.1720 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  453.055990][T11504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  453.056001][T11504] Call Trace:
[  453.056009][T11504]  <TASK>
[  453.056017][T11504]  dump_stack_lvl+0x241/0x360
[  453.056050][T11504]  ? __pfx_dump_stack_lvl+0x10/0x10
[  453.056101][T11504]  ? __pfx__printk+0x10/0x10
[  453.056137][T11504]  should_fail_ex+0x424/0x570
[  453.056161][T11504]  _copy_from_user+0x2d/0xb0
[  453.056186][T11504]  get_compat_msghdr+0xb3/0x730
[  453.056215][T11504]  ? __fget_files+0x2a/0x420
[  453.056233][T11504]  ? __pfx_get_compat_msghdr+0x10/0x10
[  453.056270][T11504]  __sys_sendmsg+0x23b/0x360
[  453.056295][T11504]  ? __pfx___sys_sendmsg+0x10/0x10
[  453.056358][T11504]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  453.056380][T11504]  ? lockdep_hardirqs_on+0x9d/0x150
[  453.056403][T11504]  __do_fast_syscall_32+0xb4/0x110
[  453.056425][T11504]  ? exc_page_fault+0x5f8/0x920
[  453.056447][T11504]  do_fast_syscall_32+0x34/0x80
[  453.056469][T11504]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  453.056489][T11504] RIP: 0023:0xf73ed579
[  453.056504][T11504] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  453.056519][T11504] RSP: 002b:00000000f507655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  453.056537][T11504] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  453.056549][T11504] RDX: 000000002000400c RSI: 0000000000000000 RDI: 0000000000000000
[  453.056559][T11504] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  453.056569][T11504] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  453.056579][T11504] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  453.056604][T11504]  </TASK>
[  453.721773][ T5942] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[  453.738169][T11525] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1723'.
[  453.969949][ T5942] usb 4-1: config 0 has no interfaces?
[  454.037959][ T5942] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  454.047358][ T5942] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.055513][ T5942] usb 4-1: Product: syz
[  454.059766][ T5942] usb 4-1: Manufacturer: syz
[  454.447873][   T56] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  454.453195][ T5942] usb 4-1: SerialNumber: syz
[  454.467672][ T5942] usb 4-1: config 0 descriptor??
[  454.506686][T11541] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1726'.
[  454.525839][    T9] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[  454.838800][    T9] usb 5-1: config 0 has no interfaces?
[  454.852893][    T9] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  454.863885][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.871927][    T9] usb 5-1: Product: syz
[  454.877828][    T9] usb 5-1: Manufacturer: syz
[  454.887623][    T9] usb 5-1: SerialNumber: syz
[  454.992161][    T9] usb 5-1: config 0 descriptor??
[  455.539361][T11553] input: syz0 as /devices/virtual/input/input87
[  455.822422][T11558] loop9: detected capacity change from 0 to 8
[  455.844534][T11558]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  455.866179][T11558] loop9: partition table partially beyond EOD, truncated
[  455.884008][T11558] loop9: p1 size 81768186 extends beyond EOD, truncated
[  455.931613][T11559] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1728'.
[  456.070761][ T7954] udevd[7954]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[  456.358379][ T5942] usb 4-1: USB disconnect, device number 68
[  456.402038][ T5894] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[  456.541947][ T5894] usb 1-1: device descriptor read/64, error -71
[  456.848654][ T5894] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[  457.003166][ T5894] usb 1-1: device descriptor read/64, error -71
[  457.128960][    T9] usb 5-1: USB disconnect, device number 82
[  457.155463][ T5894] usb usb1-port1: attempt power cycle
[  457.336868][T11592] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1736'.
[  457.431194][T11598] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1737'.
[  457.521798][ T5894] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[  457.542619][ T5894] usb 1-1: device descriptor read/8, error -71
[  457.635729][T11603] input: syz0 as /devices/virtual/input/input89
[  457.792611][ T5894] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[  457.852133][ T5894] usb 1-1: device descriptor read/8, error -71
[  458.089290][ T5894] usb usb1-port1: unable to enumerate USB device
[  458.901351][T11641] FAULT_INJECTION: forcing a failure.
[  458.901351][T11641] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  459.006135][T11641] CPU: 1 UID: 0 PID: 11641 Comm: syz.1.1744 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  459.006164][T11641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  459.006175][T11641] Call Trace:
[  459.006182][T11641]  <TASK>
[  459.006190][T11641]  dump_stack_lvl+0x241/0x360
[  459.006222][T11641]  ? __pfx_dump_stack_lvl+0x10/0x10
[  459.006247][T11641]  ? __pfx__printk+0x10/0x10
[  459.006283][T11641]  should_fail_ex+0x424/0x570
[  459.006307][T11641]  _copy_from_user+0x2d/0xb0
[  459.006332][T11641]  __se_sys_mount+0x190/0x400
[  459.006364][T11641]  ? __pfx___se_sys_mount+0x10/0x10
[  459.006393][T11641]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  459.006413][T11641]  ? lockdep_hardirqs_on+0x9d/0x150
[  459.006430][T11641]  ? __ia32_sys_mount+0x20/0xc0
[  459.006455][T11641]  __do_fast_syscall_32+0xb4/0x110
[  459.006475][T11641]  ? exc_page_fault+0x5f8/0x920
[  459.006500][T11641]  do_fast_syscall_32+0x34/0x80
[  459.006522][T11641]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  459.006541][T11641] RIP: 0023:0xf73ad579
[  459.006557][T11641] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  459.006572][T11641] RSP: 002b:00000000f4fb055c EFLAGS: 00000206 ORIG_RAX: 0000000000000015
[  459.006591][T11641] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800020c0
[  459.006603][T11641] RDX: 0000000080002100 RSI: 0000000000000000 RDI: 0000000080000200
[  459.006615][T11641] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  459.006625][T11641] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  459.006636][T11641] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  459.006663][T11641]  </TASK>
[  459.957412][T11659] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1748'.
[  460.158325][T11667] netlink: 5300 bytes leftover after parsing attributes in process `syz.3.1750'.
[  461.728203][T11701] fuse: Bad value for 'fd'
[  461.853044][T11703] vlan2: entered promiscuous mode
[  461.899578][T11705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1754'.
[  461.925176][T11706] FAULT_INJECTION: forcing a failure.
[  461.925176][T11706] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  461.942269][T11703] bridge0: entered promiscuous mode
[  461.961172][T11703] vlan2: entered allmulticast mode
[  461.984002][T11706] CPU: 0 UID: 0 PID: 11706 Comm: syz.0.1758 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  461.984055][T11706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  461.984080][T11706] Call Trace:
[  461.984096][T11706]  <TASK>
[  461.984115][T11706]  dump_stack_lvl+0x241/0x360
[  461.984174][T11706]  ? __pfx_dump_stack_lvl+0x10/0x10
[  461.984199][T11706]  ? __pfx__printk+0x10/0x10
[  461.984233][T11706]  should_fail_ex+0x424/0x570
[  461.984256][T11706]  _copy_from_iter+0x211/0x1c70
[  461.984284][T11706]  ? __build_skb_around+0x247/0x3d0
[  461.984305][T11706]  ? __alloc_skb+0x298/0x480
[  461.984320][T11706]  ? __pfx__copy_from_iter+0x10/0x10
[  461.984343][T11706]  ? __pfx___alloc_skb+0x10/0x10
[  461.984361][T11706]  ? skb_put+0x114/0x1f0
[  461.984388][T11706]  netlink_sendmsg+0x73c/0xcd0
[  461.984426][T11706]  ? __pfx_netlink_sendmsg+0x10/0x10
[  461.984455][T11706]  ? __import_iovec+0x585/0x830
[  461.984476][T11706]  ? aa_sock_msg_perm+0x91/0x160
[  461.984506][T11706]  ? __pfx_netlink_sendmsg+0x10/0x10
[  461.984528][T11706]  __sock_sendmsg+0x221/0x270
[  461.984556][T11706]  ____sys_sendmsg+0x523/0x860
[  461.984583][T11706]  ? __pfx_____sys_sendmsg+0x10/0x10
[  461.984618][T11706]  __sys_sendmsg+0x271/0x360
[  461.984641][T11706]  ? __pfx___sys_sendmsg+0x10/0x10
[  461.984710][T11706]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  461.984731][T11706]  ? lockdep_hardirqs_on+0x9d/0x150
[  461.984754][T11706]  __do_fast_syscall_32+0xb4/0x110
[  461.984776][T11706]  ? exc_page_fault+0x5f8/0x920
[  461.984801][T11706]  do_fast_syscall_32+0x34/0x80
[  461.984822][T11706]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  461.984843][T11706] RIP: 0023:0xf73fd579
[  461.984858][T11706] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  461.984871][T11706] RSP: 002b:00000000f506555c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  461.984890][T11706] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000380
[  461.984902][T11706] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  461.984913][T11706] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  461.984924][T11706] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  461.984935][T11706] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  461.984962][T11706]  </TASK>
[  462.219000][    C0] vkms_vblank_simulate: vblank timer overrun
[  462.251794][T11703] bridge0: entered allmulticast mode
[  462.469518][T11712] IPVS: set_ctl: invalid protocol: 0 172.20.20.46:20002
[  462.749199][T11718] FAULT_INJECTION: forcing a failure.
[  462.749199][T11718] name failslab, interval 1, probability 0, space 0, times 0
[  462.831817][T11718] CPU: 1 UID: 0 PID: 11718 Comm: syz.3.1762 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  462.831843][T11718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  462.831855][T11718] Call Trace:
[  462.831863][T11718]  <TASK>
[  462.831871][T11718]  dump_stack_lvl+0x241/0x360
[  462.831902][T11718]  ? __pfx_dump_stack_lvl+0x10/0x10
[  462.831924][T11718]  ? __pfx__printk+0x10/0x10
[  462.831950][T11718]  ? __pfx___might_resched+0x10/0x10
[  462.831974][T11718]  should_fail_ex+0x424/0x570
[  462.831997][T11718]  should_failslab+0xac/0x100
[  462.832021][T11718]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  462.832046][T11718]  ? __alloc_skb+0x1c2/0x480
[  462.832066][T11718]  __alloc_skb+0x1c2/0x480
[  462.832089][T11718]  ? __pfx___alloc_skb+0x10/0x10
[  462.832108][T11718]  ? netlink_autobind+0xd6/0x2f0
[  462.832131][T11718]  ? netlink_autobind+0x2b0/0x2f0
[  462.832160][T11718]  netlink_sendmsg+0x638/0xcd0
[  462.832197][T11718]  ? __pfx_netlink_sendmsg+0x10/0x10
[  462.832220][T11718]  ? __import_iovec+0x585/0x830
[  462.832240][T11718]  ? aa_sock_msg_perm+0x91/0x160
[  462.832267][T11718]  ? __pfx_netlink_sendmsg+0x10/0x10
[  462.832287][T11718]  __sock_sendmsg+0x221/0x270
[  462.832311][T11718]  ____sys_sendmsg+0x523/0x860
[  462.832340][T11718]  ? __pfx_____sys_sendmsg+0x10/0x10
[  462.832385][T11718]  __sys_sendmsg+0x271/0x360
[  462.832409][T11718]  ? __pfx___sys_sendmsg+0x10/0x10
[  462.832478][T11718]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  462.832499][T11718]  ? lockdep_hardirqs_on+0x9d/0x150
[  462.832523][T11718]  __do_fast_syscall_32+0xb4/0x110
[  462.832543][T11718]  ? exc_page_fault+0x5f8/0x920
[  462.832568][T11718]  do_fast_syscall_32+0x34/0x80
[  462.832591][T11718]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  462.832610][T11718] RIP: 0023:0xf73dd579
[  462.832624][T11718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  462.832639][T11718] RSP: 002b:00000000f506655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  462.832658][T11718] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  462.832671][T11718] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  462.832681][T11718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  462.832692][T11718] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  462.832702][T11718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  462.832728][T11718]  </TASK>
[  463.801026][    T9] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[  464.011805][    T9] usb 5-1: Using ep0 maxpacket: 8
[  464.021212][    T9] usb 5-1: config 1 has an invalid descriptor of length 190, skipping remainder of the config
[  464.036403][    T9] usb 5-1: too many endpoints for config 1 interface 0 altsetting 0: 128, using maximum allowed: 30
[  464.050758][    T9] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 128
[  464.066039][    T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  464.076387][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  464.086871][    T9] usb 5-1: SerialNumber: syz
[  464.115831][    T9] usb 5-1: bad CDC descriptors
[  464.324304][    T9] usb 5-1: USB disconnect, device number 83
[  464.951925][ T5895] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  465.000345][T11761] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1769'.
[  465.161197][T11764] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1770'.
[  465.208451][ T5895] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  465.311720][ T5895] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  465.363067][    T9] usb 2-1: new high-speed USB device number 95 using dummy_hcd
[  465.401747][ T5895] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  465.410834][ T5895] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.534020][    T9] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  465.566841][    T9] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  465.597080][    T9] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  465.615626][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.777012][T11747] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  465.852593][ T5895] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  465.897657][T11763] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  466.007026][T11773] capability: warning: `syz.0.1773' uses 32-bit capabilities (legacy support in use)
[  466.114181][    T9] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  467.057362][T11777] team0: Port device bond0 removed
[  467.078227][T11777] bridge_slave_0: left allmulticast mode
[  467.092630][T11777] bridge_slave_0: left promiscuous mode
[  467.114235][T11777] bridge0: port 1(bridge_slave_0) entered disabled state
[  467.134821][T11777] bridge_slave_1: left allmulticast mode
[  467.151368][T11777] bridge_slave_1: left promiscuous mode
[  467.193842][T11777] bridge0: port 2(bridge_slave_1) entered disabled state
[  467.219676][T11777] bond0: (slave bond_slave_0): Releasing backup interface
[  467.237682][T11777] bond0: (slave bond_slave_1): Releasing backup interface
[  467.290457][T11777] team0: Port device team_slave_0 removed
[  467.321365][T11777] team0: Port device team_slave_1 removed
[  467.339441][T11777] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  467.389637][T11777] batman_adv: batadv0: Removing interface: batadv_slave_0
[  467.434816][ T5895] usb 4-1: USB disconnect, device number 69
[  467.488544][T11777] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  467.554135][T11777] batman_adv: batadv0: Removing interface: batadv_slave_1
[  467.685064][T11777] bond1: (slave ip6erspan0): Releasing active interface
[  467.733016][T11777] bond5: (slave bond6): Releasing backup interface
[  467.739787][T11777] bond6: left promiscuous mode
[  467.931499][T11777] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  467.941008][T11777] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  467.950223][T11777] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  468.008449][ T5894] usb 2-1: USB disconnect, device number 95
[  468.029483][T11777] team0: Port device vxlan0 removed
[  468.120498][T11785] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1778'.
[  468.312671][T11795] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1780'.
[  468.362579][T11799] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1782'.
[  468.371119][T11798] netlink: 'syz.1.1781': attribute type 16 has an invalid length.
[  468.401252][T11798] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000055: 0000 [#1] SMP KASAN PTI
[  468.413186][T11798] KASAN: null-ptr-deref in range [0x00000000000002a8-0x00000000000002af]
[  468.421617][T11798] CPU: 0 UID: 0 PID: 11798 Comm: syz.1.1781 Not tainted 6.15.0-rc2-syzkaller-00037-g834a4a689699 #0 PREEMPT(full) 
[  468.433700][T11798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  468.443777][T11798] RIP: 0010:rtnl_create_link+0x6af/0xea0
[  468.449442][T11798] Code: 24 20 42 80 3c 28 00 74 08 48 89 df e8 ea fa 3a f8 4c 89 64 24 28 bd a8 02 00 00 48 89 5c 24 08 48 03 2b 48 89 e8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 ef e8 c2 fa 3a f8 45 31 e4 48 83 7d 00
[  468.469071][T11798] RSP: 0018:ffffc9000c5c6e50 EFLAGS: 00010206
[  468.475165][T11798] RAX: 0000000000000055 RBX: ffff88805c348008 RCX: 0000000000080000
[  468.483165][T11798] RDX: ffffc90005203000 RSI: 0000000000006854 RDI: 0000000000006855
[  468.491155][T11798] RBP: 00000000000002a8 R08: ffffffff89f29319 R09: 1ffff920018b8df6
[  468.499149][T11798] R10: dffffc0000000000 R11: fffff520018b8df7 R12: ffff88807e682080
[  468.507140][T11798] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88805c348000
[  468.515130][T11798] FS:  0000000000000000(0000) GS:ffff888124f93000(0063) knlGS:00000000f5036b40
[  468.524077][T11798] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  468.530676][T11798] CR2: 000000000c3a984c CR3: 00000000349ee000 CR4: 00000000003526f0
[  468.538753][T11798] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  468.546740][T11798] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  468.554729][T11798] Call Trace:
[  468.558020][T11798]  <TASK>
[  468.560963][T11798]  rtnl_newlink_create+0x2f2/0xcb0
[  468.566096][T11798]  ? __mutex_lock+0x380/0x10c0
[  468.570885][T11798]  ? __pfx_aa_get_newest_label+0x10/0x10
[  468.576554][T11798]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  468.576583][T11798]  ? __pfx___mutex_lock+0x10/0x10
[  468.576612][T11798]  ? ns_capable+0x8a/0xf0
[  468.576633][T11798]  rtnl_newlink+0x18b0/0x1fe0
[  468.576660][T11798]  ? stack_depot_save_flags+0x44/0x940
[  468.576685][T11798]  ? __pfx_rtnl_newlink+0x10/0x10
[  468.576709][T11798]  ? __netlink_deliver_tap+0x561/0x7f0
[  468.576734][T11798]  ? netlink_deliver_tap+0x19d/0x1b0
[  468.576758][T11798]  ? netlink_unicast+0x7c6/0x9a0
[  468.576778][T11798]  ? netlink_sendmsg+0x8c3/0xcd0
[  468.576802][T11798]  ? __sock_sendmsg+0x221/0x270
[  468.576831][T11798]  ? ____sys_sendmsg+0x523/0x860
[  468.576848][T11798]  ? __sys_sendmsg+0x271/0x360
[  468.576866][T11798]  ? __do_fast_syscall_32+0xb4/0x110
[  468.576890][T11798]  ? do_fast_syscall_32+0x34/0x80
[  468.576912][T11798]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  468.576947][T11798]  ? kasan_quarantine_put+0xdc/0x230
[  468.576967][T11798]  ? lockdep_hardirqs_on+0x9d/0x150
[  468.576989][T11798]  ? nlmon_xmit+0xaf/0x100
[  468.577018][T11798]  ? __local_bh_enable_ip+0x168/0x200
[  468.577035][T11798]  ? lockdep_hardirqs_on+0x9d/0x150
[  468.577059][T11798]  ? aa_get_newest_label+0x101/0x6f0
[  468.577085][T11798]  ? __lock_acquire+0xad5/0xd80
[  468.577112][T11798]  ? __pfx_rtnl_newlink+0x10/0x10
[  468.577138][T11798]  rtnetlink_rcv_msg+0x80f/0xd70
[  468.577161][T11798]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  468.577187][T11798]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  468.577215][T11798]  ? ref_tracker_free+0x63e/0x7e0
[  468.577237][T11798]  netlink_rcv_skb+0x208/0x480
[  468.577262][T11798]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  468.577287][T11798]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  468.577319][T11798]  ? netlink_deliver_tap+0x2e/0x1b0
[  468.577344][T11798]  ? netlink_deliver_tap+0x2e/0x1b0
[  468.577370][T11798]  netlink_unicast+0x7f8/0x9a0
[  468.577395][T11798]  ? __pfx_netlink_unicast+0x10/0x10
[  468.577419][T11798]  ? skb_put+0x114/0x1f0
[  468.577438][T11798]  netlink_sendmsg+0x8c3/0xcd0
[  468.577468][T11798]  ? __pfx_netlink_sendmsg+0x10/0x10
[  468.577494][T11798]  ? __import_iovec+0x585/0x830
[  468.577518][T11798]  ? aa_sock_msg_perm+0x91/0x160
[  468.577545][T11798]  ? __pfx_netlink_sendmsg+0x10/0x10
[  468.577569][T11798]  __sock_sendmsg+0x221/0x270
[  468.577594][T11798]  ____sys_sendmsg+0x523/0x860
[  468.577616][T11798]  ? __pfx_____sys_sendmsg+0x10/0x10
[  468.577641][T11798]  __sys_sendmsg+0x271/0x360
[  468.577660][T11798]  ? __pfx_futex_wake+0x10/0x10
[  468.577680][T11798]  ? __pfx___sys_sendmsg+0x10/0x10
[  468.577718][T11798]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  468.577740][T11798]  ? lockdep_hardirqs_on+0x9d/0x150
[  468.577762][T11798]  __do_fast_syscall_32+0xb4/0x110
[  468.577785][T11798]  ? ret_from_fork_asm+0x1a/0x30
[  468.577802][T11798]  ? lockdep_hardirqs_on+0x9d/0x150
[  468.577830][T11798]  do_fast_syscall_32+0x34/0x80
[  468.577853][T11798]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  468.577876][T11798] RIP: 0023:0xf73ad579
[  468.577893][T11798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  468.577909][T11798] RSP: 002b:00000000f503655c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  468.577930][T11798] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000800000c0
[  468.577943][T11798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  468.577954][T11798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  468.577965][T11798] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  468.577975][T11798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  468.577977][T11803] detected fb_set_par error, error code: -16
[  468.577991][T11798]  </TASK>
[  468.578012][T11798] Modules linked in:
[  468.938093][T11798] ---[ end trace 0000000000000000 ]---
[  468.948248][T11798] RIP: 0010:rtnl_create_link+0x6af/0xea0
[  468.954496][T11798] Code: 24 20 42 80 3c 28 00 74 08 48 89 df e8 ea fa 3a f8 4c 89 64 24 28 bd a8 02 00 00 48 89 5c 24 08 48 03 2b 48 89 e8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 ef e8 c2 fa 3a f8 45 31 e4 48 83 7d 00
[  468.978427][T11798] RSP: 0018:ffffc9000c5c6e50 EFLAGS: 00010206
[  468.988677][T11798] RAX: 0000000000000055 RBX: ffff88805c348008 RCX: 0000000000080000
[  468.999906][T11798] RDX: ffffc90005203000 RSI: 0000000000006854 RDI: 0000000000006855
[  469.008119][T11798] RBP: 00000000000002a8 R08: ffffffff89f29319 R09: 1ffff920018b8df6
[  469.078142][T11798] R10: dffffc0000000000 R11: fffff520018b8df7 R12: ffff88807e682080
[  469.088976][T11798] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88805c348000
[  469.097493][T11798] FS:  0000000000000000(0000) GS:ffff888125093000(0063) knlGS:00000000f5036b40
[  469.108557][T11798] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  469.115626][T11798] CR2: 0000000056f2d99c CR3: 00000000349ee000 CR4: 00000000003526f0
[  469.124528][T11798] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  469.132988][T11798] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  469.141182][T11798] Kernel panic - not syncing: Fatal exception
[  469.147575][T11798] Kernel Offset: disabled
[  469.151925][T11798] Rebooting in 86400 seconds..