last executing test programs:

47.582898856s ago: executing program 3 (id=1473):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x3, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)="180c4552", 0x4)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) (async)
write$tcp_congestion(r1, &(0x7f0000000080)='vegas\x00', 0x6) (async, rerun: 32)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000400)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x204, 0x0, 0x0, 0x0, 0xc, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96004100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d2d458dd4992861ac00", "90be0700551265406c7f306003d8a0f4bd0000000000ffff00"}}) (rerun: 32)

45.916693403s ago: executing program 3 (id=1481):
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x15, 0x5, 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000180), 0x0, 0x900)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000400)={'\x00', 0x8, 0x4, 0x0, 0x12e2, 0x8bd5})
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000000600)=""/102389, &(0x7f0000000000)=0x18ff5)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703100000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84d0f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4014)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000001040500000000000000000003000000050001000200b100"], 0x1c}, 0x1, 0x0, 0x0, 0x9af33139c2c4eaae}, 0x20)
r7 = io_uring_setup(0x74e0, &(0x7f0000000380)={0x0, 0x1c3a, 0x20000, 0x1, 0xe0})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r8, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2)
r9 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x4e20, 0x3000002, @mcast2, 0x1}, 0x1c)
setsockopt$inet6_int(r9, 0x29, 0x11, &(0x7f0000000000)=0x1, 0x4)
close_range(r7, 0xffffffffffffffff, 0x0)
unshare(0x62040200)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000019600)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a90000800000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000008000080400000000000000000080000000000000000000080000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000e58f3716bc8b3d863626753ef5dfe1d94651247fb07f023417e25a473b96b5c5250ff4df6078f6f9736495713469dc572d8b6e41ea959d307adac11e2a78928d59afde86d599d4f3a22a0831147118d37e117e5db74ccda0411fac21be807b8a6bdee5bd50ecc1b8d7"], 0xfc}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

44.75050821s ago: executing program 2 (id=1485):
socket$nl_route(0x10, 0x3, 0x0)
keyctl$KEYCTL_MOVE(0x4, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_clone(0x81000000, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f00006ef000/0x1000)=nil, 0x1000, 0x4000, 0x0, 0x100000000000000, 0x2)
mlock2(&(0x7f000027f000/0x2000)=nil, 0x2000, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$video(0x0, 0x8, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
keyctl$read(0xb, 0x0, &(0x7f0000002e40)=""/72, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r4, 0x80044d0c, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth1_vlan\x00'})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={0x0, 0x68}, 0x1, 0x0, 0x0, 0x400c010}, 0x0)

44.574535122s ago: executing program 4 (id=1487):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
pipe2(&(0x7f0000001040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$P9_RGETLOCK(r2, &(0x7f00000000c0)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r1, r3, 0xfffffffffffffc01, 0x0)
tee(r1, r3, 0x60000000000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r2, 0x1e, &(0x7f0000000500)={r1}, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000006c0)={'\x00', 0xb5, 0x5, 0x0, 0x2, 0xd, <r4=>0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_usb_connect$cdc_ncm(0x2, 0x78, &(0x7f0000000880)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x66, 0x2, 0x1, 0x0, 0x70, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "0dbd2a417aea"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0xcb, 0x4, 0x8, 0xfd}, {0x6, 0x24, 0x1a, 0x0, 0x2a}, [@acm={0x4, 0x24, 0x2, 0xd}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x9, 0xff}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x3, 0x9, 0x2c}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x40, 0x2, 0x6}}}}}}}]}}, &(0x7f0000000a80)={0xa, &(0x7f0000000740)={0xa, 0x6, 0x250, 0xfb, 0x1, 0x6, 0x20, 0x81}, 0x2e, &(0x7f0000000800)={0x5, 0xf, 0x2e, 0x3, [@ssp_cap={0x14, 0x10, 0xa, 0x9, 0x2, 0x8, 0xf00f, 0x8, [0xc00f, 0xff60f0]}, @wireless={0xb, 0x10, 0x1, 0x8, 0x3, 0x2, 0xa4, 0x6}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x2, 0x40, 0x1, 0x7}]}, 0x4, [{0x89, &(0x7f0000000900)=@string={0x89, 0x3, "d94247b8123bde355c294f930cecb1ea984b30a921667693f3ec9c5cfdffc3a6dabe97db95d42de3aac84eee6cbaa78e631b595127611c547c65f7256d13e9a89525564c750fc69805e71f982e74b30bfc1dcce73cd414c0455b93e6938936ae9fee1e77e60393ecc080a4f879d5d0cb8f489295aa814b277d7b6e8e5a67bcf28b413557bc9e82"}}, {0x4, &(0x7f00000009c0)=@lang_id={0x4, 0x3, 0x2401}}, {0x4, &(0x7f0000000a00)=@lang_id={0x4, 0x3, 0x459}}, {0x4, &(0x7f0000000a40)=@lang_id={0x4, 0x3, 0x44b}}]})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)={0x20, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0xc, 0xc, 0x0, 0x0, @u64=0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000804)
sendmsg$rds(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0xfffffffffffffe89}, &(0x7f0000000300)=[{&(0x7f0000002640)=""/102389, 0x18ff5}], 0x1, 0x1903d}}], 0x48, 0x1}, 0x0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x3, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x5}}]}, {0x0, [0x30]}}, &(0x7f0000000580)=""/250, 0x33, 0xfa, 0x1, 0x200}, 0x28)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)={0x1bc, r6, 0x8, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0xe0, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6f0}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xe6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9554}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}]}, @TIPC_NLA_NODE={0x18, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x5, 0x3, "91"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x101}]}, @TIPC_NLA_NODE={0x18, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x9}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x101}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8f13}]}, @TIPC_NLA_MEDIA={0x48, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7f}, @TIPC_NLA_PUBL_LOWER={0x8}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x24000004}, 0x8000)

44.429776308s ago: executing program 0 (id=1488):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000280)={'ipvlan0\x00', {0x2, 0x4e24, @rand_addr=0x64010102}})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000fec000/0x3000)=nil, 0x3000, &(0x7f0000000140)='{(.*+!,\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x201, 0x40, 0x40}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003, r3}, 0x38)
bind$tipc(0xffffffffffffffff, &(0x7f00000001c0)=@id={0x1e, 0x3, 0x1, {0x4e22, 0x2}}, 0x10)

42.656629412s ago: executing program 0 (id=1489):
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r1, 0x0, 0x91, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x3, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/212, 0xd4, 0x1, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0)

42.513690029s ago: executing program 2 (id=1490):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000180)={0x0, <r2=>0x0}, &(0x7f0000000200)=0xc)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@ipv4_delrule={0x28, 0x21, 0x105, 0xfffffffe, 0x25dfdbfd, {0x2, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x8}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc, 0x14, {0x0, r2}}]}, 0x28}}, 0x0)
ptrace(0x10, r0)
ptrace(0x11, r0)

42.510689383s ago: executing program 0 (id=1491):
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r1, 0x0, 0x91, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x3, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00", 0xca, 0x1, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0)

42.508138254s ago: executing program 2 (id=1492):
socket$rds(0x15, 0x5, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000900), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000380)={'vxcan0\x00', <r2=>0x0})
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x4ee59ce4, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7", 0x12, 0x0, 0x0, 0x0)
bind$can_j1939(r3, &(0x7f0000000000)={0x1d, r2, 0x1, {}, 0xfe}, 0x18)
r6 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r6, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
read$msr(r6, 0x0, 0x0)
sendmsg$can_j1939(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r2, 0x0, {}, 0x2}, 0x18, &(0x7f0000000180)={0x0}}, 0xee)
close(r3)
mknod(0x0, 0x1ffa, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x111, 0x70bd27, 0x100000, {0x0, 0x0, 0x74, r2, {0x6, 0x8}, {0x5, 0xffff}, {0xfff1, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4010}, 0xc4)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(r7, 0x6)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452509005ad94a461cdbfee9", 0x39, 0x0, 0x0, 0x0)

42.400999944s ago: executing program 0 (id=1493):
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x15, 0x5, 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000180), 0x0, 0x900)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000400)={'\x00', 0x8, 0x4, 0x0, 0x12e2, 0x8bd5})
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000000600)=""/102389, &(0x7f0000000000)=0x18ff5)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703100000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84d0f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4014)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000001040500000000000000000003000000050001000200b100"], 0x1c}, 0x1, 0x0, 0x0, 0x9af33139c2c4eaae}, 0x20)
r7 = io_uring_setup(0x74e0, &(0x7f0000000380)={0x0, 0x1c3a, 0x20000, 0x1, 0xe0})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r8, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2)
r9 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x4e20, 0x3000002, @mcast2, 0x1}, 0x1c)
setsockopt$inet6_int(r9, 0x29, 0x11, &(0x7f0000000000)=0x1, 0x4)
close_range(r7, 0xffffffffffffffff, 0x0)
unshare(0x62040200)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000019600)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a90000800000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000008000080400000000000000000080000000000000000000080000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000e58f3716bc8b3d863626753ef5dfe1d94651247fb07f023417e25a473b96b5c5250ff4df6078f6f9736495713469dc572d8b6e41ea959d307adac11e2a78928d59afde86d599d4f3a22a0831147118d37e117e5db74ccda0411fac21be807b8a6bdee5bd50ecc1b8d7"], 0xfc}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

42.307760555s ago: executing program 1 (id=1494):
openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='mounts\x00')
socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x8, &(0x7f0000001f80)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x20000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x0, 0x4000000}, 0x28)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r3}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x1e1000, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(0xffffffffffffffff, &(0x7f0000000040)={0x23, 0x14}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syslog(0x4, &(0x7f0000000440)=""/223, 0xdf)
bind$phonet(r1, &(0x7f00000001c0)={0x23, 0x4}, 0x10)
socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000280)={0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r5, r5)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(r6, &(0x7f0000000040)={0x23, 0x4, 0x2}, 0x10)
r7 = syz_open_dev$loop(&(0x7f0000000400), 0x8918, 0x5d7000)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f0000000540)={r8, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x5, 0x0, 0x4, 0x1c, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x400000000000]}})

40.487180935s ago: executing program 4 (id=1495):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r0, 0x6, 0x14, 0x0, &(0x7f0000000040)) (fail_nth: 1)

40.472071575s ago: executing program 1 (id=1496):
r0 = socket$kcm(0x29, 0x5, 0x0)
r1 = socket$inet6(0xa, 0x80000, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0x10, &(0x7f0000000000)=@raw=[@alu={0x4, 0x0, 0xd, 0xb, 0xa, 0xffffffffffffffe0, 0x8}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @generic={0x7, 0x2, 0x3, 0x9, 0x3}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}], &(0x7f0000000080)='syzkaller\x00', 0x6ed, 0x42, &(0x7f00000000c0)=""/66, 0x40f00, 0x11, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000180)={0x4, 0x7, 0x6, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1], 0x0, 0x10, 0xd9ab}, 0x94)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f00000002c0)={r1, r2})
read$FUSE(0xffffffffffffffff, &(0x7f0000000300)={0x2020, 0x0, 0x0, <r3=>0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
capget(&(0x7f0000002340)={0x20080522, r5}, &(0x7f0000002380)={0x8, 0xbf60, 0x10001, 0x7ff, 0x5, 0x1c})
r6 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000023c0), 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000002440)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000002400)={<r7=>0xffffffffffffffff}, 0x2e, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000002480)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0xbc9, @mcast2, 0x4}, {0xa, 0x4e23, 0x9, @empty, 0x3}, r7, 0x80000001}}, 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x89e2, &(0x7f0000002500)={<r8=>r6})
r9 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000002540), 0x0, 0x0)
ioctl$FIDEDUPERANGE(r8, 0xc0189436, &(0x7f0000002580)={0x800, 0x9, 0xa, 0x0, 0x0, [{{r0}, 0x3d2}, {{r2}, 0x8b5}, {{r0}, 0xd}, {{r2}, 0x100000000}, {{r9}, 0x2}, {{r6}, 0x3}, {{r1}, 0x3}, {{r0}, 0x6}, {{r6}, 0x81}, {{r1}, 0x7fffffffffffffff}]})
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r6, 0x8982, &(0x7f0000002700)={0x3, 'wg1\x00', {0x21}, 0x1})
r10 = socket$inet(0x2, 0x4, 0x2)
setsockopt$IP_VS_SO_SET_FLUSH(r10, 0x0, 0x485, 0x0, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000002740))
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000002780)={'pcl812\x00', [0x8, 0x2, 0xcc, 0x8, 0x10000, 0x5, 0x2f3d, 0x9, 0x0, 0x90000000, 0xd, 0x9, 0xbfdb, 0x2, 0x0, 0x0, 0x6d22, 0xfff, 0x1, 0xffffffff, 0xfffffff9, 0x4, 0x6, 0x7, 0x9, 0x5, 0x8e, 0x2, 0x2, 0x0, 0x8, 0x200]})
ioctl$sock_SIOCGPGRP(r8, 0x8904, &(0x7f0000002d00)=<r11=>0x0)
r12 = syz_clone(0x800, &(0x7f0000002fc0), 0x0, &(0x7f0000003000), &(0x7f0000003040), &(0x7f0000003080)="35cd9389d2afcb6198237cc62cc2aab560b5cdccf7c35539d61f3a2f623aa8ead755ef069d1621c1e3407da40c7d6a3ec021ca8e68d44cd31cd61411d82831511a8bf778cbf90880ff700e2013f726125556514ccef01db6274af4456c910a047d0d6d96f11e6071cf71b410972038c107015fc7660bf0030c0b63556ab89bb213646542a6de921e734a142981f70c6359ac9ce07a6737a715d92768")
lstat(&(0x7f0000003140)='./file0\x00', &(0x7f0000003180)={0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0})
r14 = accept4(r10, 0x0, &(0x7f0000003200), 0x80800)
ioctl$TIOCGSID(r6, 0x5429, &(0x7f0000003240)=<r15=>0x0)
stat(&(0x7f0000003280)='./file0\x00', &(0x7f00000032c0)={0x0, 0x0, 0x0, 0x0, <r16=>0x0})
sendmsg$netlink(r8, &(0x7f0000003440)={0x0, 0x0, &(0x7f0000002f80)=[{&(0x7f0000002840)={0x284, 0x19, 0x4, 0x0, 0x25dfdbfb, "", [@typed={0x8, 0x91, 0x0, 0x0, @fd=r10}, @generic="c7c785cbf2a0b21272d118eddbf623ea63b471dee7b98f35343308c3199e621bd9720b1a4592450ca8ec9756ff9aefec157f8911bca43e7d6ea7505ce82fedf4c0001928dc99b274cd66d572c9264df007c576a39acec74ab3cc670f0cf3612d7be3f211b09d122670b5", @nested={0x9d, 0xac, 0x0, 0x1, [@generic="a992cc1c8b04994af026f32783cd9c33b0b8d8857677dacffcb0e1204de65030e510489cfc1f3750615d1f93542587b4166dc9a5889eed37440784aef236289e7f082f83cd1b094ee0fc44d0cf321eff3cf16509a53706cfce40a23c1739de8b90abf8fb598bd1844be8336d9646967be5ccfddfdd79d2ecd7", @typed={0xc, 0x131, 0x0, 0x0, @u64=0x5}, @typed={0x8, 0x34, 0x0, 0x0, @fd}, @typed={0x8, 0x56, 0x0, 0x0, @pid=r5}, @nested={0x4, 0xc4}]}, @generic="5580d6572cfe981e0f6e3a606c899882cba5b30f0105a449821c33810466ce7c1e9b2a73a83f5d11a07ca1021c76324501c3b5d7be0babbe3bb5a1a61437b4341eb95224c20132c5d38d6a2020d0eee5b9ec7dab5850f1d782b066240fb0846a368d6fca6b7308a9c24d1afb1daea16e4d61aac6dede984f3e9344b8e32b67c14c768c8893223f5dc96b61b52b453af30b158d48ecf664a9cc2ac86e8b", @generic="2085851dadfee43fb22344c11af610cb8e048db6f896df87a6b98b7df4d14111a870689d52ae2740e1686ea96dc07c5d7a354ab84a360450d96cf8656d09ece0190edbd0505070e60cbc52c5c7a0da12efd485db55dfad7f8e144476adc7c83fc74a51aa2231ccf37b13e830c346f46189a719600463ca3b61f0f284b0cb0204e224e20c7ac8cd2a1474bde6", @generic="e66af9924d5e0cf3ceef8835313750aa3b081b6217f2987db7d88147e7b2bd244b8b1d534110d881bbd79031a99e8e773f41a21b6a9f19"]}, 0x284}, {&(0x7f0000002b00)={0x1ec, 0x30, 0x100, 0x70bd26, 0x25dfdbfb, "", [@typed={0x7d, 0x60, 0x0, 0x0, @binary="921f19b3d564c6c9f2c2acffada5efccbf27a092e137e68a9cf4ae950abfeca865a6fbfdf87dfb9520d3712b114adb21142b01aced48f73da6390db005a8e7aedb4df9068a89f32ec5905ba4d10c3f858dfd0365c198170095a93c2a846d45dd4622b412d71f1fb08949d38ca35331860bea2e10add92a95b2"}, @generic="943da627cb7d0e0955f7968b9760233ceae011379ee0a098f62a22e16036278b7898562f830189a511cd7366d05a21ca7c36f5904c61bc084f08fdd59c202ef11f1a73638417fcf0b4ddfe7b2f94295a79cc61758040a9f6902a11f09d32361142e5f5b21c704362d32833e14e7f675934f507735dfb1784d9fbef5e385879167ccc33311316a017fd410395448e9388ff33e443dcb5072a99565ce2cdd09c8ba9b93dd2f9e2d20e693b0318", @typed={0x8, 0x9f, 0x0, 0x0, @pid=r5}, @typed={0x14, 0x1f, 0x0, 0x0, @ipv6=@loopback}, @typed={0x8, 0x13, 0x0, 0x0, @pid=r5}, @typed={0x4, 0x13b}, @typed={0x14, 0x29, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @generic="40f958dd80b6202bc981d5e4f1726322874f692308a48774277fd37170b2ce1f392e703534ba50bbd1e52b0e3b96644c738263e86eb86a6c1d85b6e4ef6cc7c52e3f75888be421e5c279e30ae457801c96a069353bf366c7012ce53d6e7748e51975c6b74e", @typed={0x4, 0x87}, @typed={0x5, 0x12f, 0x0, 0x0, @str='\x00'}]}, 0x1ec}, {&(0x7f0000002d40)={0x22c, 0x1e, 0x400, 0x70bd27, 0x25dfdbff, "", [@typed={0x8, 0x70, 0x0, 0x0, @pid=r11}, @generic="e6fc533f1babf1f093d97f4726f32cd9d8be723cad262742b1ded8d9f32287521d5f0c5ec939df0c517fa546f91b395ed633eb8c448f6f9ecb080a5dee7e4843fd14a2feadce036ed3147b1909120597620db323908b19ece5861b9f4c0bbcaf004ec73c86ff9ef222f9fba2acdd81a1bc3fa57ecc7fbf55a4ee920fd780ab107dab5e91379a93bf3ae603535d8f62b2726bf55884a21a7c010e79627dcdc8f5add44a964a02b68a4f3beaafb57497913384b9bed3b68d713eee7137cd41", @generic="cf92fbb363209c4835eefab87f705d2dab74920766fdabc7ed131a2638b86c8ac1c2", @generic="b675070642aad49c18f491de0e95478c425e837b647837", @nested={0x8, 0xe8, 0x0, 0x1, [@nested={0x4, 0xc9}]}, @nested={0x100, 0xb9, 0x0, 0x1, [@generic="453590f936acece2f19739b1b17553347cc5393a06c934ba75d6d2cef28859f2dd6ccf1507d49bf3fc4ecbebb377227c788bd698e92b6e3ac1a0f31e04e2fd28f913edb15bd010e43267b380b615631a079e98bbfdc4f7c706912f91a06147d746a5730d2026f42c0caf34cee4658151a20bb23fe3aaf84c434cb56ce2699396bfda59870bee643001b1e7f0d099344872151d74273c1e5b24dd26aacb4b84408ba4ffc5c908a23be4ba312932338d3baf806947100910fb1d3a2e07fb414e91370ceb71e203480aaaba906ef360f188c42ad65524ec50eb5b1f9a5467b8c0666367b07b29d2e5ac850fc07744956ab6b5d89775df41c8dce7024883"]}, @typed={0x14, 0x33, 0x0, 0x0, @ipv6=@local}]}, 0x22c}], 0x3, &(0x7f0000003340)=[@rights={{0x1c, 0x1, 0x1, [r2, r9, r9]}}, @cred={{0x1c, 0x1, 0x2, {r12, r3, r13}}}, @cred={{0x1c, 0x1, 0x2, {r5, r3, r4}}}, @rights={{0x30, 0x1, 0x1, [r14, r2, r0, r9, r2, r2, r2, r8]}}, @cred={{0x1c, 0x1, 0x2, {r15, r3, r4}}}, @cred={{0x1c, 0x1, 0x2, {r5, r16, r4}}}], 0xd0, 0xe06b98ac39109769}, 0x44000)
r17 = syz_open_procfs(r12, &(0x7f0000003480)='net/ip_mr_cache\x00')
setxattr$trusted_overlay_redirect(&(0x7f00000034c0)='./file0\x00', &(0x7f0000003500), &(0x7f0000003540)='./file0\x00', 0x8, 0x0)
ioctl$NBD_DO_IT(r6, 0xab03)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r17, 0x54a3)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r9, 0xf507, 0x0)
ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000004580)=@buf={0x1000, &(0x7f0000003580)="d260093dce114dfdc36e6ee7ff7f8c7b94dfcb7f186cdc8828e38f3dbab70bf62e1092aa1ccae33ee0f122dfe6df299536cc14d04be1646a2ac25e4364c8499ab4122b372d57e4b52a897441248d984e4e714ab6058934f03995b3091def6252b72bf1b650c01d3db4a6a158132f0f46260035ff50730d6a4cbb7ae523f284eee407141cde1050fa33704a5abb4f0ea4889c36bbf636929d80166c198406ef3605445e8abf664d925b362b3acd161ba88d0b392f3ecea9601cc5fbd47680ff0dbd91f0acadb0fe3358bfff43b0a82fa539459ceffa8c99a6025be76f67c4264175b4cdc461db9e8dc90659717fc1e08e5101d329d685c2fd3c8ee08d67103708878e4976c50f668d3ced96e50146c221fbfbe2004a316af999a4e8d61ea79566a2fc52bcfdc2f4540baefe58e8418ad2d78fb5f2821b6bb3f50c7a0e526519438a58862b14685b2a3e665d726bc9326293e8d04166f1ec4a28d039629693360638ca41ade9d322a98c155de151e9471dc075f7cf3d6f06b9f9dbcc1b1e41b5603125676adeacdd5984fab68d79e40e223ada6c8f1992f3562b93b836eb1dcd787a20ed4db403ffe9e40565f5d91f75564f7620ada759e85e99fcb21d846c9e382311797a661de33c51d9dcbc9ca0c0eaf9d97664c8da4fe5aa03afedba31b405af31911d20e23fe21b588ab4887d8f3a3dc5ca4a3a9e48cf1bedb2aeaae7d047bb03d6631115d7f9903cb88d709fb9b7200b0aa85b6c70adc08695bf163670e8abf3cf5c439ae2781218eef6d5152804c7d55329dd7c1e63bd5ecc4e6905de7c0edf2d79ac7df9322d788387394f8953224882e37e3c3f061a45d584c242b005c29c269e52b3eeafb997b739e2230ecae5044a5919c55c4b8c1c5317985cdf762e5320149921aee6ab1bbbb3fa47d6eb2d45f6b34c4316081be33d1a56c37fc235651299e7fd481edfa0d4dcc3846c1beac5d7f3d7e8f4387e970e82e53b712d82412c706ec5969d043a54c54c94b3c5395911caee74882ff8cbbf00ae208ea5f10df5557518d58355f45e6a3cc9d63ca2e5ed8854b380bff887720fba78b3957f9c508ab18830a306472880c5c68f5e53f4321431ba76f4bf8b112e0e6fac764811b8b858599fc96dbfca466846dca92e47e2cae8dc40e5d4f98855bbfb569eb99499b4057c09e76a16d04b0f49932f7ee10804ff6f7b36c10e05ea97715811e16cbf47f3e4c97bf3b12ad7ca8564ab01a49d70d0bcad8854a16ed6e07789b1c638c0471b0d1a68fa8b743b59232eb605e445a22f05d4a4f2252a0d19148a6044b3710a1ba76d556f7956a8e4882512ab06a6788bd44871ee19036b6ff98aa5e52b72c0c6fa92804edc785f6b2d5932a379106ae0747e8f78d155720701f4e4eaa0c4ef77cccd0d29ae5938e5bc43c9805d9d0ee7686e01170d2b4a880941505d9032a18c539d64c45e7d4b2e30ce030b9f4af8e399e6c9a0b964adec63feb370cd6f983214f7c7cd9c48adcecf59a650bf758093a83e4acd1cac84771c4b8bdbc06502ad28bf5c3d5fad11d24a36946484ded4534e4c25d51cc57a32e0914e3354441a19d7690b73799c758a5128791dec151ab463928a018971410e3b6d0f9ed101e00ab334bfa1429843eb097c51861a629ec43a71d7c6c6d9de4038a03d96335df2202937021c75ac635da367ada9c697f0475bae889a44fd18eb958de8aed2a5f92c79840108a652e58e7ec46fa92f848b8623461f9ca1f411bc4ba38885c38daa8b8f5b29ab348450b9dded212ae05310328ed4e9f067c9affc647f782f92f7840c30864ea1ebeaefcef5242b153483098a808c1cfbd3e162879f5e50443810b8bd7a37ea04f47eb141a028370c81975d0cba44f0938c9cf6ce5d744bb34515ea99682b943e2b87e94d4e58ee70c848b9b62de7b8e3b06e688986dfb530b40e905c84f1536cfd9d8a40c23fe443656976d48fcb289784a7abe437c7718ad5a56e74542dff49cbcfd987ebe59b56809beabd4b9809b92997533e41a735e520cf671bcd22dbee9712e927d3681e1f9e375c619b5ff910226044d5b5b4491a690e8bd510d6a139c51cc89e4f408e8d4b4376b5da02d8a2777c325d172f8aa76a77a099a08b40aa11dc4d35eb02a96cca66bdaf60344d4ed6419e64443d32d59cea6fb8a0e343624710ae3722762b7ed50b825854a17467a4575ae9589a0a5788f54a041c00dbf874334d90e0d202ca55a3f12d3b0aafbb596785b2368513d7d0710e29d9c76d9fecc582b31126f5a95054fd53086943a1697610f28f9eb57ea36ad40c5491ac1661fb9d98578aeb557aacf129424d920cd1aa8aee3f76afb1b2fd9b8acc5699c4df32767a3edd183100553816b39efa1cf65047f6d276c15bbc8348127da7d668673a6a9e75d50bb9c4f422b567f3f8f8b31245cab8229b7263b85133caa6d272ad97eb95fe2fd1362f83c3ef689ad72baa062b040b5edf608f2c4e29ea9aa31a3bbb673cd969b6a409083bdb0a78520684ef1d85d52898ddc9bc86e7e76250c3fb399f41ccf1e7f86d8d31ca66287e885f60fb43c50b25fd23cf38fcdd55aa1bb989e5d9adc8443adc147c6d4a3b9d7ced86ef98346857c558002f808865b6e440aa2163a057aff32be1a49dfec3b8d5689bc2e632895587a0d5602dd9560a2f8c58450617bab4ea02adf45499708d80f8c3823df7a8cf246533696c602d52868b82ec2a1776823049100a56cebce92661d500d3ef8a915d46ebeea04247dd26a4df9d954fc1e78aa4753a76fa358b86d6d0c3f17e2b06c0c75450a6a7ba5ff5953e5207099d6500dbda8de1fff33d571a587c225d6fbaa7db9df8171c67e4a3fb848e16eaa7b55ffb79ea99c2f354cdb28efaa9e30f4fd774712309fde666e9196d17f0edf3473715261e2146e07372243f0f55f6160b5007f96242a0086244a528fe4b8354997141998412feb5f82197ece7fd093770aeb17cad1df98ae6af593abbdb9addd5212c16af8fb5d5b48c26df0e65a1d22d4cde9a9944804225ffe516d2e45d5e082b92232eb4ce4ebdaf86e7419da021123de04cb11055746902b34554630ff97324c75760a57710e9acee113522af2a4e53a25839e41e3c5bd6ebe38812fae433e1b2433ef70a85e9479cb5d22d34043f8bf478828e08a64cec8173691b7b6a80806cb97e93f439c631a01f2c927db84e17fe7764593898b81d8991d2bbff75a0bbfc13b4acb61684daf3437a618dab0271e3448b6841985bbc071c2d6f7eefc814cb96278bfcf5de19fb5e38cf138866abef665ae9c81852200a0fd40d84c84c3bd4cae8cbdd78330d4bd02d0aa963b4289d8fc36eaca1d033dcff28c166bfdc7ab7ec58b8954b916a9e76c0910433bb9edeb2fe96f20599afc6c521db5688cb9bda1064ff6dfeca8560e15a98f0825c2cfaca1f0b0a796977386cc0ef66e55bee515cbafb4cf2f15688a3dd88cc66bfcc24f7d8e80b2df529560f74d57a5f1d7a3446f538a7d612c371aecabb9b506bd3b71370174d15b576a0e1bbe9e8e9ef4138e8cd1bfe952644b004b060c44a8ee6b4d626dfc046c051b38c49440900e9982808cd331622bf19f28a65c14590d3e7a6ebb4f7f3933c29ba91d9c9227536a6e61dba869dcd1e328ccb0dab9a84af8f691c3dcf465ceb73584e66416c788942857d485adc06706d788731317d3f6f28d9cce20433c21b2f91d9e717b15fc2b0a188298561006e82c2d6a80cd0b59651ecdbf6559ffb35aad8b667ae844b6ad0c5fdd344776578bdefd51a17f162d9d3943d530407cf4370ad5e2cddec89f39dc57fdd1dc1029a01632069c926d6930d6aff79b38633a24a90437e7866a188ebe3d4868dbebfb91b09657416a8a7abfc14cd8a757accd6f7da4493271aa47bfef7e5c83f650bc43b5de27f5b0bfa26d08ee9f923906797da8a0468c059386f563d147b9df0a9f2ae62e8aff86e57538bf061edeb6f71f8abfd7b9c5fa57872852ae4e2bf7ddddbd8de8cbe0dce61002a1f69abc22deab9a0a6f5e788151a051c49e7b031090d8d8c9385e0e3fabb9087b9ead780f39423f9fe4a4230a61efa6c3b8d78981ab79c0f720b3a75c3b3d0a6f42df06a1dbdbc769eef4626fb98c962e71366f24b7d15310811857a36ebf7593720e69c5dca8682cdc3e39ee03d9dad9e7c08307d3bdd8e41da68d640a1b1912c89ed89bf913677008be1d08803504bfac3b80efe179d41c151d582ab2140679de16b7892586f7fe02a40cb9e7443860c78cdf874455236d934dc83a976d076c816f1d2b8cf82fda71dd1e54067e8782c48e5461681be207d688d35261805944d15fd86cae5d349bed7be29578cd287d1e59995c281356959c73738af114c29989afb30d432547bba9976a6f7bda33813ed84aa58542f6aa55755acd3a401baf26fc77178ca5e4019dcc9e9e4e453b890871deda3b2ae1583640c88c17905a057f0856c2c57e157a14bd55ceaf95ab7c3afb38e373cef4942ab9be0abab28327f25e3ad4e37f16d7f6e52f2f3c02d7dd77f7ac3a2cd37fe09fef560de4f65767a80803bf2996a6e6728f21a350351531a550e4f8a2e13f84ea897b1851f543c26f018570a34c176f728ff59ce15f106647125e2de0b155e55fa42322e7847d8c35f7dd4c8b7b5ff950512c90c9d1496f5a534b3d452d0e61d11e6f8bbd4745377a6fb6b79b8cc4f64fce0f3d7ae04e869d3a2bc468401dcae32ed67d10388e6555c5b1461997910aeecee51dc2b0f440f60d9613b996eb15d39f581a01d8d31220d101512f02eba6f0e17afe543fa3ecf6d0cb81b6b79c129c8d538413770441a7d738d5e9b5dab9120c3b20133ff2f843aaf034a0730bfe35f59a3beea237a206f71e079f1dd953e2a34b1fbb1c7721a2f57edbadbc484f260524dae8347e767ae006e58c5c736494c2f9c7fd8bba104f3199bf38fa8dd7aa19eb5cd05aa46800ac02c0d47a5b2e894cf934a4f823c508de264d52065c9877da33645c66f29274b0d83ac658de3223899226fcc25e554cb90fa10a545f7dafedb536abe2f401fe32ff4440bcad071ffe16ffb0c1f6f1630b5fa8217f98da0397f8c151815a1c9d44c3514b503e107effe8cdb1489955f2255d059b4d052458b7098c7ada2d85b01339131be9615cf2e1f36e98896ba7a08532696d010ac22fc433dc8ead74754ccf4d79eeeb43799e8f12dc513bf422ab413360f9405b672c85873c34e5d98ca806b84369e82ea585906506162233768a51aca34a95c82ec93d60856fc6bb9e1e2a1cfb7181cdd61bc4a3631023cd86f859ba32006db4a9a56d5f116847913928a6045f2d4e64a284ffe88ae28bd6ef53399f869fc90e75e84757a3f72820161343a319cc78de538da7096f6734346a8a20eb051e46497e118997772d5439f65d50682937b14ad20cd181057bc1149962e33ba225803197909b0678f5048465f2f88bf2e448df0b69f934ea2071e7a13efb72b402a1359db4a212c0422ec4cf4dcf71d880fb4655857547c36db43977e8fb408e402a4b426b527da0b5edc0e607674cdde621f74a803f01aecccd2401bf6883a5b9fcb626a864fc2304dfa159e85c875cf88a4b4a3611a359fd3926df8a3e2a71ea450e0244edba76eef94464478ba2cba6263cb900443bc4b503b3a27ee9abc3a31da45a637f48c6ea1465756e312fa3f7eb16d6b5e08d62415b4fd4e428daa4c2293caaa81f3bd72d2a3dddd671313ea4692cf129336712b06e49d31b821f40c604c80458a271e1a3d5b"})

39.984925983s ago: executing program 3 (id=1497):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0xffffffffffffff35, 0x5, 0x0, 0x0, 0x1, 0x400b4c, 0xc, 0x6, 0x0, 0x83}, 0x0)
ftruncate(r2, 0x9)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x8000})
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))
sendmmsg(r3, &(0x7f0000000440)=[{{&(0x7f0000000700)=@ethernet={0x6, @random="1663140100ad"}, 0x80, &(0x7f00000004c0)}}], 0x1, 0x4048814)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r4, r6, &(0x7f00000000c0)=0x58, 0x5)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000840)='{', 0x1}], 0x1}, 0x20048843)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e24, @empty}}, 0x105, 0xf038, 0xf06, 0x109, 0xefd6356a6035ed50, 0x5d, 0x1}, 0x9c)
socket$nl_route(0x10, 0x3, 0x0)
getpid()
socket$inet_mptcp(0x2, 0x1, 0x106)

39.543270102s ago: executing program 4 (id=1498):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x15}, 0x4, 0x1}, 0xe)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), r6)
ioctl$TCSBRKP(r5, 0x5425, 0xffffffffffff0652)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f0000"], 0x50)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000140)="66ba2100ec430f00994798b213b9240a00000f32b885a08d80ef66bafc0cb000ee0f30f3400f09660f38803f8f23c00f21f835020002000f23f8c40279134e9ac4c17b110d010000000f01c5", 0x4c}], 0x1, 0x15, 0x0, 0x0)
r8 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$sock_inet6_tcp_SIOCINQ(r9, 0x541b, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="83f759d9d0c4e3f9df82000000000066b8ed000f00d867640fc730b98c0300000f32b9b1020000b8010000000f01d9ba010000000f302e660f381c27b8cc2600000f23c80f21f835080030000f23f8360f07", 0x52}], 0x1, 0x5c, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22)

39.273575529s ago: executing program 1 (id=1499):
socket$kcm(0x10, 0x400000002, 0x0) (async, rerun: 32)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x200a00, 0x0) (rerun: 32)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000200)={0x0, 0x4000, 0x1})
ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, &(0x7f0000000100)=[0x8, 0x80000000])
r0 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x18, 0x6, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000fb000000000000000000e500020000000000e500fcff00000000060000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x8}, 0x90) (async)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0xfe33)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_VDPA_GET_VRING_GROUP(r1, 0xc008af7b, &(0x7f00000000c0)={0x0, 0x97})

39.140636451s ago: executing program 1 (id=1500):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x880)
prlimit64(0x0, 0xe, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010008000900010073797a30000000006c000000090a010400000000000000000100000008000a4000"], 0xb4}, 0x1, 0x0, 0x0, 0x890}, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(0xffffffffffffffff, 0xc0585605, &(0x7f0000000540)={0x0, 0x1, @stop_pts=0x6f})
bind$phonet(0xffffffffffffffff, &(0x7f0000000000)={0x23, 0x20}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r1}, 0x10)

38.840717311s ago: executing program 1 (id=1501):
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xdb, 0xc2, 0x79, 0x10, 0x84d, 0x3, 0x8658, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x2f, 0x0, 0x0, 0xa0, 0x3c, 0x42}}]}}]}}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect$cdc_ecm(0x2, 0x7b, &(0x7f0000000380)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x69, 0x1, 0x1, 0xf9, 0x70, 0xdc, [{{0x9, 0x4, 0x0, 0x6, 0x3, 0x2, 0x6, 0x0, 0xff, {{0x5}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x800000, 0x3b7, 0x7}, [@dmm={0x7, 0x24, 0x14, 0x3, 0x8001}, @country_functional={0xe, 0x24, 0x7, 0xa0, 0xc7, [0x8d, 0x9, 0x6, 0x0]}, @acm={0x4, 0x24, 0x2, 0x4}, @mdlm={0x15, 0x24, 0x12, 0x70e0}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x1b7, 0x6, 0x7, 0xed}}, {{0x9, 0x5, 0x3, 0x2, 0x1ff, 0x8, 0xf0, 0x9}}}}}]}}]}}, &(0x7f00000005c0)={0xa, &(0x7f00000004c0)={0xa, 0x6, 0x110, 0x6, 0x7f, 0x3, 0x20, 0xff}, 0x4a, &(0x7f0000000500)={0x5, 0xf, 0x4a, 0x5, [@ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x2, 0xd, 0x566d}, @ssp_cap={0x1c, 0x10, 0xa, 0x8, 0x4, 0x6, 0x0, 0x9, [0x0, 0xff0000, 0xc0c0, 0xc03f]}, @ssp_cap={0x1c, 0x10, 0xa, 0x7, 0x4, 0x8, 0xf00, 0x0, [0x7ec00f, 0x30, 0x0, 0xc000]}, @ptm_cap={0x3}]}, 0x1, [{0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x1801}}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r4, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')
syz_extract_tcp_res$synack(&(0x7f0000000180)={<r5=>0x41424344}, 0x1, 0x0)
syz_emit_ethernet(0x62, &(0x7f0000000200)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x24}, @val={@void, {0x8100, 0x5, 0x0, 0x1}}, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x9, 0x50, 0x68, 0x0, 0x0, 0x6, 0x0, @broadcast, @multicast1, {[@timestamp_addr={0x44, 0x1c, 0x53, 0x1, 0x4, [{@broadcast, 0x8c}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0xd4d}]}]}}, {{0x0, 0x4e22, 0x41424344, r5, 0x0, 0x2, 0x8, 0x4, 0x7, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0xc}]}}}}}}}, 0x0)

38.658124915s ago: executing program 0 (id=1502):
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r1, 0x0, 0x91, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x3, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/212, 0xd4, 0x1, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0)

38.655545567s ago: executing program 2 (id=1503):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x3, &(0x7f0000001680)=ANY=[], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f00000002c0), r1)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b"], 0x1c8}}, 0x0)

38.606528475s ago: executing program 4 (id=1504):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x200202, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a010200001d0000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a140000001100010000"], 0x64}}, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0xfa2a965f22f5f366, 0x0)
r3 = userfaultfd(0x0)
ioctl$UFFDIO_MOVE(r3, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x2000, 0x2})
r4 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000200)={0x2, 0x1, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000000000000070000000000000073797a30000000004c000000090a01040000000000000000070000000900020073797a31000000004900010073797a3000000000080005400000001c08000a40000000000808000f4000000006380000000c0a01030000000000000000070000070900020073797a31000000000900010053797a30000000000c00038008000080040001801400000010000100"/192], 0xcc}}, 0x4000000)

38.516065295s ago: executing program 0 (id=1505):
syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f010203010902120001000000000904"], 0x0)
add_key$user(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = getpid()
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc8)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
rmdir(&(0x7f0000000640)='./file0\x00')
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
process_vm_writev(r1, &(0x7f0000001540)=[{&(0x7f0000001440)=""/184, 0xb8}, {&(0x7f0000001500)=""/10, 0xa}, {&(0x7f00000017c0)=""/99, 0x63}, {&(0x7f000001aa40)=""/162, 0xa2}], 0x4, &(0x7f000001ab40)=[{&(0x7f000001ac40)=""/217, 0xd9}, {&(0x7f000001ad40)=""/119, 0x77}, {&(0x7f000001c500)=""/4096, 0x1000}], 0x3, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xa2)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, 0x0, {0x4}}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {}, 0x2c, {[], [], 0x6b}})
bind$l2tp(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x0, @loopback, 0x4}, 0x10)

38.438379057s ago: executing program 2 (id=1506):
openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='mounts\x00')
socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x8, &(0x7f0000001f80)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x20000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x0, 0x4000000}, 0x28)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r3}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x1e1000, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(0xffffffffffffffff, &(0x7f0000000040)={0x23, 0x14}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syslog(0x4, &(0x7f0000000440)=""/223, 0xdf)
bind$phonet(r1, &(0x7f00000001c0)={0x23, 0x4}, 0x10)
socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000280)={0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r5, r5)
prctl$PR_CAPBSET_DROP(0x18, 0x13)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(r6, &(0x7f0000000040)={0x23, 0x4, 0x2}, 0x10)
r7 = syz_open_dev$loop(&(0x7f0000000400), 0x8918, 0x5d7000)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f0000000540)={r8, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x5, 0x0, 0x4, 0x1c, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x400000000000]}})

38.075169627s ago: executing program 3 (id=1507):
socket$inet6_sctp(0xa, 0x801, 0x84)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000440), 0x180, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7a98, 0x93ce, 0x0, 0x0, 0x0)
syz_io_uring_setup(0xd1, &(0x7f0000000500)={0x0, 0x3bb7, 0x100, 0xa, 0xcc}, &(0x7f0000000100), &(0x7f0000000140))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0xfff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0xfffffed1, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x1, @buffer={0x300, 0x56, &(0x7f0000000440)=""/86}, &(0x7f0000000380)='\x00\x00\x00\x00\x00\x00', 0x0, 0x2, 0x6, 0x0, 0x0})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000006040)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088018000c8014000b80080009000000fa00"], 0x44}}, 0x20000810)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x14, 0x0, 0x701, 0x70bd2b, 0x0, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20004074}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000840)={'wpan0\x00'})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
mount$9p_rdma(0x0, 0x0, &(0x7f0000000280), 0x10, 0x0)

36.597063937s ago: executing program 2 (id=1508):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x42}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x5c}}, 0x0)
sysinfo(&(0x7f0000000000)=""/196)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000040000000040100"})
syz_io_uring_setup(0xd2, 0x0, 0x0, &(0x7f0000000640))
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x151)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x8000)
accept$inet(0xffffffffffffffff, &(0x7f0000001500)={0x2, 0x0, @initdev}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000180)={0x1, 0x1ff, 0x0, 0x8009}, 0x10)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000020000000200000800040001000000", 0x24)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2000004)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
semop(0x0, &(0x7f00000003c0)=[{0x0, 0x7fff, 0x1000}], 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r4, 0x4188aec6, &(0x7f0000000040)={0x7})

36.581568382s ago: executing program 3 (id=1509):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'macvtap0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010025bd5600fddbdf25000000", @ANYRES32=r3, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x4040040)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000026008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f000000028000", 0x2b}], 0x1}, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r6 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r6, 0x0, 0x400c000)
listen(r5, 0xfffffffc)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
openat$uhid(0xffffffffffffff9c, 0x0, 0x802, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x70, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x34, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}, @NFTA_LIMIT_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}]}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb8}}, 0x0)
r9 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240), 0x2e82, 0x0)
ioctl$SNDCTL_MIDI_PRETIME(r9, 0xc0046d00, &(0x7f0000000300)=0x3)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2800000010005fba00"/20, @ANYRES32=0x0, @ANYBLOB="0f761c65e180000008001b0000000000"], 0x28}}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r10, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414aa0800060006"], 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r13, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r14, @ANYBLOB="01000b00000000000000070000000c0001800500020001"], 0x20}}, 0x0)

35.899241257s ago: executing program 1 (id=1510):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x88}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2284, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0xe)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x8031, 0xffffffffffffffff, 0x81442000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setresuid(0x0, 0x0, 0xee00)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)

35.894058166s ago: executing program 4 (id=1511):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_open_dev$vbi(&(0x7f0000002480), 0x0, 0x2)
ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f0000000080)={0x2250, "cf63c173d9daeb4aa4df858bfa36db3e7a9e70eff1a19428fa39bb626dcf489e", 0x1})
ioctl$VIDIOC_ENUM_FREQ_BANDS(r1, 0xc0405665, &(0x7f00000024c0)={0x9, 0x2, 0x1000, 0x1000, 0x4, 0x101, 0x2})
syz_emit_ethernet(0x42, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000340000000000019078ac1e0101ac1414aa03009078030000004500000000000000002f000000e4ffffffffffff0d5b2a27"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0900000004000000e27f00000100000002000000", @ANYRES32, @ANYBLOB="faffff7f000000000000000000000000000080003ebb2810811fb82b4b07aaa29ca08f3f0000009e0000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"/28], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e20, 0xfffffff4, @dev={0xfe, 0x80, '\x00', 0x23}, 0x56}], 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="650a00200000002b73e2004f3a59a100180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x80)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000440)={0x0, 0x3}, 0x8)

35.512189275s ago: executing program 3 (id=1512):
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2284, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0xe)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x8031, 0xffffffffffffffff, 0x81442000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setresuid(0x0, 0x0, 0xee00)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)

33.298447011s ago: executing program 4 (id=1513):
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2284, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0xe)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x8031, 0xffffffffffffffff, 0x81442000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setresuid(0x0, 0x0, 0xee00)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)

0s ago: executing program 32 (id=1505):
syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f010203010902120001000000000904"], 0x0)
add_key$user(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = getpid()
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc8)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
rmdir(&(0x7f0000000640)='./file0\x00')
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
process_vm_writev(r1, &(0x7f0000001540)=[{&(0x7f0000001440)=""/184, 0xb8}, {&(0x7f0000001500)=""/10, 0xa}, {&(0x7f00000017c0)=""/99, 0x63}, {&(0x7f000001aa40)=""/162, 0xa2}], 0x4, &(0x7f000001ab40)=[{&(0x7f000001ac40)=""/217, 0xd9}, {&(0x7f000001ad40)=""/119, 0x77}, {&(0x7f000001c500)=""/4096, 0x1000}], 0x3, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xa2)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, 0x0, {0x4}}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {}, 0x2c, {[], [], 0x6b}})
bind$l2tp(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x0, @loopback, 0x4}, 0x10)

kernel console output (not intermixed with test programs):

ate: vblank timer overrun
[  413.967926][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  413.992646][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  414.511213][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  414.526054][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  414.533018][   T30] audit: type=1326 audit(1755246800.461:2285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10226 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cf298ebe9 code=0x7ffc0000
[  414.557626][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  414.566854][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  414.578254][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  414.621990][ T2150] usb 2-1: USB disconnect, device number 42
[  414.633189][   T30] audit: type=1326 audit(1755246800.461:2286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10226 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6cf298ebe9 code=0x7ffc0000
[  414.660925][   T30] audit: type=1326 audit(1755246800.461:2287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10226 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cf298ebe9 code=0x7ffc0000
[  414.748339][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  414.769090][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  414.822808][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  414.858264][   T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  414.868307][   T10] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  414.890524][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  414.923395][   T30] audit: type=1326 audit(1755246800.461:2288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10226 comm="syz.4.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cf298ebe9 code=0x7ffc0000
[  414.946830][    C0] vkms_vblank_simulate: vblank timer overrun
[  415.055734][T10249] netlink: 830 bytes leftover after parsing attributes in process `syz.1.1013'.
[  415.141149][ T5966] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  415.342101][T10250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1013'.
[  415.371819][ T5966] usb 5-1: Using ep0 maxpacket: 32
[  415.383056][ T5966] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  415.391596][ T5966] usb 5-1: config 0 has no interface number 0
[  415.412279][T10250] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1013'.
[  415.423329][ T5966] usb 5-1: config 0 interface 51 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  415.485076][   T10] usb 4-1: unable to read config index 5 descriptor/start: -71
[  415.498345][ T5966] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  415.563396][ T5966] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  415.585906][ T2150] usb 1-1: USB disconnect, device number 43
[  415.595865][ T2150] yurex 1-1:0.0: USB YUREX #0 now disconnected
[  415.660567][   T10] usb 4-1: can't read configurations, error -71
[  415.671963][ T5966] usb 5-1: Product: syz
[  415.682727][ T5966] usb 5-1: Manufacturer: syz
[  415.715375][ T5966] usb 5-1: SerialNumber: syz
[  415.735462][ T5966] usb 5-1: config 0 descriptor??
[  415.772208][ T5966] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  415.973067][ T5966] usb 5-1: qt2_setup_urbs - submit read urb failed -8
[  415.980576][ T5966] quatech2 5-1:0.51: probe with driver quatech2 failed with error -8
[  416.190660][ T5925] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  416.359021][ T2150] usb 5-1: USB disconnect, device number 49
[  416.580157][ T5925] usb 2-1: Using ep0 maxpacket: 8
[  416.625857][ T5925] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  416.635678][ T5925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.717506][ T5925] usb 2-1: Product: syz
[  416.903954][T10284] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1022'.
[  416.935558][ T5925] usb 2-1: Manufacturer: syz
[  416.950657][ T5925] usb 2-1: SerialNumber: syz
[  416.986349][ T5925] usb 2-1: config 0 descriptor??
[  417.006094][ T5925] gspca_main: se401-2.14.0 probing 047d:5003
[  417.346119][T10292] 9pnet_fd: Insufficient options for proto=fd
[  418.811523][ T5925] gspca_se401: read req failed req 0x06 error -19
[  418.856095][ T5925] usb 2-1: USB disconnect, device number 43
[  419.663100][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  419.663118][   T30] audit: type=1400 audit(1755246807.731:2310): avc:  denied  { getopt } for  pid=10320 comm="syz.3.1031" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  419.982238][T10330] syzkaller0: entered promiscuous mode
[  420.007987][T10330] syzkaller0: entered allmulticast mode
[  420.112024][T10332] syzkaller0: entered promiscuous mode
[  420.139970][T10332] syzkaller0: entered allmulticast mode
[  420.435135][   T30] audit: type=1400 audit(1755246808.841:2311): avc:  denied  { ioctl } for  pid=10336 comm="syz.2.1036" path="socket:[26858]" dev="sockfs" ino=26858 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  420.620699][T10338] 
: renamed from bridge_slave_0 (while UP)
[  421.922825][   T30] audit: type=1326 audit(1755246809.301:2312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10346 comm="syz.0.1038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  421.990036][   T30] audit: type=1326 audit(1755246809.301:2313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10346 comm="syz.0.1038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  422.080528][   T30] audit: type=1326 audit(1755246809.301:2314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10346 comm="syz.0.1038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  422.134609][T10362] overlayfs: failed to resolve './file0': -2
[  422.158880][   T30] audit: type=1326 audit(1755246809.311:2315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10346 comm="syz.0.1038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  422.188215][   T30] audit: type=1326 audit(1755246809.311:2316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10346 comm="syz.0.1038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  422.216027][   T30] audit: type=1326 audit(1755246809.331:2317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10346 comm="syz.0.1038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  422.329539][   T30] audit: type=1326 audit(1755246809.331:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10346 comm="syz.0.1038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  422.356614][   T30] audit: type=1326 audit(1755246809.331:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10346 comm="syz.0.1038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  422.497699][T10369] [U] ���1WT`8�����H$�0�����9\
[  422.506068][T10369] [U] ;2}u��gV�ĥ��#�O9��ե>-�����S�ݢ��p
[  422.516846][T10369] [U] 4��XZ^Y����)��ഴ�m�c��.�o���p�O��W
[  422.524813][T10369] [U] ��%�Z
[  422.528007][T10369] [U] �8`�}�[T��j#Z�~��3µݥI~�D�%8@7j���|{9d��c���e+�O�k?%�6
[  422.736002][T10367] [U] ��p>BЍ��Z%
[  422.796933][T10371] tipc: Started in network mode
[  422.802816][T10371] tipc: Node identity c291be23f3a5, cluster identity 4711
[  422.810418][T10371] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  422.825133][T10371] tipc: Resetting bearer <eth:syzkaller0>
[  422.831321][   T10] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  422.848553][T10370] tipc: Disabling bearer <eth:syzkaller0>
[  422.938955][ T5859] Bluetooth: hci3: unexpected event for opcode 0x0804
[  422.990540][   T10] usb 1-1: Using ep0 maxpacket: 8
[  422.998720][   T10] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  423.008411][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.017285][   T10] usb 1-1: Product: syz
[  423.021898][   T10] usb 1-1: Manufacturer: syz
[  423.027249][   T10] usb 1-1: SerialNumber: syz
[  423.040871][   T10] usb 1-1: config 0 descriptor??
[  423.053252][   T10] gspca_main: se401-2.14.0 probing 047d:5003
[  423.847721][T10386] 9pnet_fd: Insufficient options for proto=fd
[  424.761814][   T10] gspca_se401: read req failed req 0x06 error -19
[  424.774965][   T10] usb 1-1: USB disconnect, device number 44
[  427.747999][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  427.748015][   T30] audit: type=1400 audit(1755246815.341:2347): avc:  denied  { bind } for  pid=10418 comm="syz.1.1058" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  427.874099][T10428] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1063'.
[  428.122870][T10438] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1063'.
[  428.162213][T10438] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1063'.
[  428.969130][   T10] IPVS: starting estimator thread 0...
[  429.081080][T10449] IPVS: using max 38 ests per chain, 91200 per kthread
[  430.346124][T10464] futex_wake_op: syz.3.1065 tries to shift op by 32; fix this program
[  430.482956][T10463] netlink: 'syz.4.1070': attribute type 9 has an invalid length.
[  430.549773][T10463] netlink: 'syz.4.1070': attribute type 9 has an invalid length.
[  431.202885][T10469] syzkaller0: entered promiscuous mode
[  431.212710][T10469] syzkaller0: entered allmulticast mode
[  432.219260][ T2150] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  432.427664][ T2150] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  432.436908][ T2150] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.448417][T10497] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1081'.
[  432.571352][ T2150] usb 1-1: Product: syz
[  432.580531][ T2150] usb 1-1: Manufacturer: syz
[  432.585224][ T2150] usb 1-1: SerialNumber: syz
[  432.598503][ T2150] usb 1-1: config 0 descriptor??
[  432.626665][   T10] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  432.628465][ T2150] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  432.802398][   T10] usb 4-1: Using ep0 maxpacket: 32
[  432.809172][   T10] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  432.828434][ T2150] gspca_sunplus: reg_r err -71
[  432.836755][ T2150] usb 1-1: USB disconnect, device number 45
[  432.856508][   T10] usb 4-1: config 0 has no interface number 0
[  432.880237][   T10] usb 4-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  433.280379][   T10] usb 4-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  433.322916][   T10] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  433.352734][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.460578][   T10] usb 4-1: Product: syz
[  433.468092][   T10] usb 4-1: Manufacturer: syz
[  433.502874][   T10] usb 4-1: SerialNumber: syz
[  433.514616][   T10] usb 4-1: config 0 descriptor??
[  433.532700][   T10] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  433.738588][   T10] usb 4-1: qt2_setup_urbs - submit read urb failed -90
[  433.772471][   T10] quatech2 4-1:0.51: probe with driver quatech2 failed with error -90
[  433.773089][T10512] vcan0: tx drop: invalid sa for name 0xffffffffffffffff
[  433.819454][T10512] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1086'.
[  433.856834][T10512] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1086'.
[  433.942549][   T10] usb 4-1: USB disconnect, device number 44
[  434.230018][ T5960] usb 1-1: new full-speed USB device number 46 using dummy_hcd
[  434.410119][ T5960] usb 1-1: device descriptor read/64, error -71
[  434.435156][T10525] netlink: 'syz.1.1090': attribute type 9 has an invalid length.
[  434.511694][T10524] netlink: 'syz.1.1090': attribute type 9 has an invalid length.
[  434.670413][ T5960] usb 1-1: new full-speed USB device number 47 using dummy_hcd
[  434.809983][ T5960] usb 1-1: device descriptor read/64, error -71
[  434.862652][   T30] audit: type=1400 audit(1755246823.271:2348): avc:  denied  { read } for  pid=10530 comm="syz.3.1092" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  434.965212][ T5960] usb usb1-port1: attempt power cycle
[  435.091772][T10536] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1094'.
[  435.244809][T10538] futex_wake_op: syz.4.1089 tries to shift op by 32; fix this program
[  435.295240][T10539] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1094'.
[  435.304176][T10539] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1094'.
[  435.324634][   T30] audit: type=1400 audit(1755246823.671:2349): avc:  denied  { create } for  pid=10519 comm="syz.4.1089" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  435.514389][T10544] [U] ���1WT`8�����H$�0�����9\
[  435.523052][T10544] [U] ;2}u��gV�ĥ��#�O9��ե>-�����S�ݢ��p
[  435.529659][T10544] [U] 4��XZ^Y����)��ഴ�m�c��.�o���p�O��W
[  435.537357][T10544] [U] ��%�Z
[  435.540553][T10544] [U] �8`�}�[T��j#Z�~��3µݥI~�D�%8@7j���|{9d��c���e+�O�k?%�6
[  435.680313][T10540] [U] ��p>BЍ��Z%
[  435.810007][ T5960] usb 1-1: new full-speed USB device number 48 using dummy_hcd
[  435.860563][ T5960] usb 1-1: device descriptor read/8, error -71
[  436.294851][T10551] netlink: 'syz.2.1096': attribute type 9 has an invalid length.
[  436.326140][ T5960] usb 1-1: new full-speed USB device number 49 using dummy_hcd
[  436.392107][T10551] netlink: 'syz.2.1096': attribute type 9 has an invalid length.
[  436.462908][ T5960] usb 1-1: device descriptor read/8, error -71
[  436.571755][ T5960] usb usb1-port1: unable to enumerate USB device
[  437.925841][   T30] audit: type=1326 audit(1755246825.331:2350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10558 comm="syz.3.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  437.942035][T10557] netlink: 'syz.1.1099': attribute type 9 has an invalid length.
[  438.049228][T10557] netlink: 'syz.1.1099': attribute type 9 has an invalid length.
[  438.139227][   T30] audit: type=1326 audit(1755246825.331:2351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10558 comm="syz.3.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  438.164254][   T30] audit: type=1326 audit(1755246825.331:2352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10558 comm="syz.3.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  438.189338][   T30] audit: type=1326 audit(1755246825.341:2353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10558 comm="syz.3.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  438.268669][   T30] audit: type=1326 audit(1755246825.341:2354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10558 comm="syz.3.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  438.404238][   T30] audit: type=1326 audit(1755246825.351:2355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10558 comm="syz.3.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  438.488537][   T30] audit: type=1326 audit(1755246825.351:2356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10558 comm="syz.3.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  438.489564][T10571] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1104'.
[  438.583556][   T30] audit: type=1326 audit(1755246825.351:2357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10558 comm="syz.3.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  438.612962][ T5917] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  438.710837][ T2150] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  438.780666][ T5917] usb 5-1: Using ep0 maxpacket: 32
[  438.787210][ T5917] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  438.797578][ T5917] usb 5-1: config 0 has no interface number 0
[  438.809229][ T5917] usb 5-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  438.819768][ T5917] usb 5-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  438.838523][ T5917] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  438.849197][ T5917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  438.859818][ T5917] usb 5-1: Product: syz
[  438.866370][ T5917] usb 5-1: Manufacturer: syz
[  438.872378][ T5917] usb 5-1: SerialNumber: syz
[  438.882106][ T2150] usb 4-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.882204][ T5917] usb 5-1: config 0 descriptor??
[  438.905202][ T2150] usb 4-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  438.924347][ T2150] usb 4-1: config 0 interface 0 has no altsetting 0
[  438.936102][ T5917] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  438.946727][ T2150] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  438.962448][ T2150] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.980061][ T5960] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  439.000161][ T2150] usb 4-1: config 0 descriptor??
[  439.171467][ T5960] usb 2-1: Using ep0 maxpacket: 8
[  439.175361][T10577] [U] ���1WT`8�����H$�0�����9\
[  439.182806][T10577] [U] ;2}u��gV�ĥ��#�O9��ե>-�����S�ݢ��p
[  439.189588][T10577] [U] 4��XZ^Y����)��ഴ�m�c��.�o���p�O��W
[  439.197418][T10577] [U] ��%�Z
[  439.200605][T10577] [U] �8`�}�[T��j#Z�~��3µݥI~�D�%8@7j���|{9d��c���e+�O�k?%�6
[  439.213650][ T5917] usb 5-1: qt2_setup_urbs - submit read urb failed -90
[  439.215192][ T5960] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  439.221377][ T5917] quatech2 5-1:0.51: probe with driver quatech2 failed with error -90
[  439.459550][ T5960] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.465026][T10575] [U] ��p>BЍ��Z%
[  439.477759][ T5960] usb 2-1: Product: syz
[  439.481550][ T5917] usb 5-1: USB disconnect, device number 50
[  439.487850][ T5960] usb 2-1: Manufacturer: syz
[  439.497954][ T5960] usb 2-1: SerialNumber: syz
[  439.516767][ T5960] usb 2-1: config 0 descriptor??
[  439.534611][ T5960] gspca_main: se401-2.14.0 probing 047d:5003
[  439.543005][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  439.549303][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  440.683747][T10587] 9pnet_fd: Insufficient options for proto=fd
[  440.804835][ T5960] usb 2-1: reset high-speed USB device number 44 using dummy_hcd
[  441.040052][ T5960] usb 2-1: device descriptor read/64, error -32
[  441.463827][T10593] tmpfs: Bad value for 'mpol'
[  441.475525][   T30] kauditd_printk_skb: 28 callbacks suppressed
[  441.475582][   T30] audit: type=1400 audit(1755246829.881:2386): avc:  denied  { append } for  pid=10592 comm="syz.4.1111" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  442.239058][ T2150] usbhid 4-1:0.0: can't add hid device: -71
[  442.249142][ T2150] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  442.377327][ T2150] usb 4-1: USB disconnect, device number 45
[  442.583318][ T5960] gspca_se401: read req failed req 0x06 error -19
[  442.619081][ T5960] usb 2-1: USB disconnect, device number 44
[  442.818784][   T30] audit: type=1400 audit(1755246831.061:2387): avc:  denied  { create } for  pid=10605 comm="syz.2.1115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  442.889995][ T2150] usb 4-1: new full-speed USB device number 46 using dummy_hcd
[  443.076838][ T2150] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  443.814737][ T2150] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  443.827677][ T2150] usb 4-1: Product: syz
[  443.856057][ T2150] usb 4-1: Manufacturer: syz
[  443.865975][ T2150] usb 4-1: SerialNumber: syz
[  443.916672][ T2150] usb 4-1: config 0 descriptor??
[  443.924120][ T2150] gspca_main: sq930x-2.14.0 probing 2770:930c
[  445.140198][ T2150] gspca_sq930x: reg_w 0305 fd00 failed -110
[  445.221546][T10627] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1119'.
[  445.231425][T10627] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1119'.
[  445.479350][ T2150] gspca_sq930x: Sensor ov9630 not yet treated
[  445.493136][ T2150] sq930x 4-1:0.0: probe with driver sq930x failed with error -22
[  445.509881][ T2150] usb 4-1: USB disconnect, device number 46
[  446.440751][   T30] audit: type=1400 audit(1755246834.181:2388): avc:  denied  { connect } for  pid=10633 comm="syz.0.1121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  447.771878][T10656] [U] ���1WT`8�����H$�0�����9\
[  447.776847][T10656] [U] ;2}u��gV�ĥ��#�O9��ե>-�����S�ݢ��p
[  447.786185][T10656] [U] 4��XZ^Y����)��ഴ�m�c��.�o���p�O��W
[  447.794148][T10656] [U] ��%�Z
[  447.797343][T10656] [U] �8`�}�[T��j#Z�~��3µݥI~�D�%8@7j���|{9d��c���e+�O�k?%�6
[  448.003978][T10654] [U] ��p>BЍ��Z%
[  448.660148][ T5971] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  449.350006][ T5971] usb 5-1: Using ep0 maxpacket: 16
[  449.358832][ T5971] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  449.368559][ T5971] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  449.382698][ T5971] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  449.406554][ T5971] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  449.445021][ T5971] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.595933][ T5971] usb 5-1: Product: syz
[  449.618344][ T5971] usb 5-1: Manufacturer: syz
[  449.632658][ T5971] usb 5-1: SerialNumber: syz
[  450.214333][T10664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  450.253896][T10664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  450.262306][T10685] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1130'.
[  450.272023][T10685] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1130'.
[  450.343869][ T5971] usb 5-1: 0:2 : does not exist
[  450.981349][ T5971] usb 5-1: 1:0: cannot get min/max values for control 2 (id 1)
[  451.150496][ T5971] usb 5-1: USB disconnect, device number 51
[  451.290006][   T30] audit: type=1400 audit(1755246839.661:2389): avc:  denied  { name_bind } for  pid=10695 comm="syz.3.1137" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  451.677401][ T5843] udevd[5843]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  452.190505][ T5971] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  452.370431][ T5971] usb 5-1: Using ep0 maxpacket: 8
[  452.395877][ T5971] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  452.427713][ T5971] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.437854][ T5971] usb 5-1: Product: syz
[  452.497012][ T5971] usb 5-1: Manufacturer: syz
[  452.516956][ T5971] usb 5-1: SerialNumber: syz
[  452.553703][ T5971] usb 5-1: config 0 descriptor??
[  452.577194][ T5971] gspca_main: se401-2.14.0 probing 047d:5003
[  453.269592][T10720] 9pnet_fd: Insufficient options for proto=fd
[  454.430008][ T5971] gspca_se401: read req failed req 0x06 error -19
[  454.486603][ T5971] usb 5-1: USB disconnect, device number 52
[  455.388687][T10743] FAULT_INJECTION: forcing a failure.
[  455.388687][T10743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  455.404728][T10743] CPU: 1 UID: 0 PID: 10743 Comm: syz.0.1150 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(full) 
[  455.404752][T10743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  455.404759][T10743] Call Trace:
[  455.404763][T10743]  <TASK>
[  455.404767][T10743]  dump_stack_lvl+0x16c/0x1f0
[  455.404783][T10743]  should_fail_ex+0x512/0x640
[  455.404799][T10743]  _copy_from_user+0x2e/0xd0
[  455.404814][T10743]  copy_msghdr_from_user+0x98/0x160
[  455.404826][T10743]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  455.404840][T10743]  ? kfree+0x24f/0x4d0
[  455.404855][T10743]  ? __lock_acquire+0x62e/0x1ce0
[  455.404876][T10743]  ___sys_recvmsg+0xdb/0x1a0
[  455.404888][T10743]  ? __pfx____sys_recvmsg+0x10/0x10
[  455.404906][T10743]  ? __pfx___might_resched+0x10/0x10
[  455.404923][T10743]  do_recvmmsg+0x2fe/0x750
[  455.404940][T10743]  ? __pfx_do_recvmmsg+0x10/0x10
[  455.404951][T10743]  ? ksys_write+0x190/0x250
[  455.404965][T10743]  ? __mutex_unlock_slowpath+0x163/0x800
[  455.404982][T10743]  ? __fget_files+0x20e/0x3c0
[  455.404998][T10743]  __x64_sys_recvmmsg+0x22a/0x280
[  455.405010][T10743]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  455.405027][T10743]  do_syscall_64+0xcd/0x4c0
[  455.405040][T10743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.405051][T10743] RIP: 0033:0x7f428298ebe9
[  455.405060][T10743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  455.405071][T10743] RSP: 002b:00007f4283827038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  455.405082][T10743] RAX: ffffffffffffffda RBX: 00007f4282bb6180 RCX: 00007f428298ebe9
[  455.405089][T10743] RDX: 0000000000000a0d RSI: 00002000000066c0 RDI: 0000000000000003
[  455.405096][T10743] RBP: 00007f4283827090 R08: 0000000000000000 R09: 0000000000000000
[  455.405103][T10743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  455.405109][T10743] R13: 00007f4282bb6218 R14: 00007f4282bb6180 R15: 00007ffe81e1aa28
[  455.405123][T10743]  </TASK>
[  456.271836][T10742] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  456.586636][T10742] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  456.745233][T10742] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  456.787316][T10751] [U] ���1WT`8�����H$�0�����9\
[  456.794116][T10751] [U] ;2}u��gV�ĥ��#�O9��ե>-�����S�ݢ��p
[  456.802803][T10751] [U] 4��XZ^Y����)��ഴ�m�c��.�o���p�O��W
[  456.809475][T10751] [U] ��%�Z
[  456.812664][T10751] [U] �8`�}�[T��j#Z�~��3µݥI~�D�%8@7j���|{9d��c���e+�O�k?%�6
[  456.979687][T10742] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  457.042336][T10742] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  457.049068][T10742] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  457.059622][T10748] [U] ��p>BЍ��Z%
[  457.149882][T10742] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  457.437224][T10742] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  457.669584][T10766] futex_wake_op: syz.1.1147 tries to shift op by 32; fix this program
[  459.153913][   T30] audit: type=1400 audit(1755246847.561:2390): avc:  denied  { read } for  pid=10782 comm="syz.0.1161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  459.229839][T10784] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1160'.
[  459.239174][T10784] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1160'.
[  459.370620][   T10] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  459.545782][   T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  459.576722][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  459.593389][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  459.614385][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  459.627863][   T10] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  459.638178][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.656592][   T10] usb 2-1: config 0 descriptor??
[  459.673710][T10780] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  460.096500][   T10] plantronics 0003:047F:FFFF.0018: reserved main item tag 0xd
[  460.125803][   T10] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  460.949276][   T10] usb 2-1: USB disconnect, device number 45
[  461.237518][T10798] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1165'.
[  461.287697][T10778] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1160'.
[  465.117714][T10838] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1173'.
[  465.360191][ T5971] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  465.510591][ T5971] usb 4-1: device descriptor read/64, error -71
[  465.521761][T10841] [U] ���1WT`8�����H$�0�����9\
[  465.526706][T10841] [U] ;2}u��gV�ĥ��#�O9��ե>-�����S�ݢ��p
[  465.533179][T10841] [U] 4��XZ^Y����)��ഴ�m�c��.�o���p�O��W
[  465.539393][T10841] [U] ��%�Z
[  465.542561][T10841] [U] �8`�}�[T��j#Z�~��3µݥI~�D�%8@7j���|{9d��c���e+�O�k?%�6
[  465.556587][T10840] [U] ��p>BЍ��Z%
[  465.770926][ T5971] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  465.940162][ T5971] usb 4-1: device descriptor read/64, error -71
[  466.060266][ T5971] usb usb4-port1: attempt power cycle
[  466.469962][ T5971] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  466.640583][ T5971] usb 4-1: device descriptor read/8, error -71
[  467.489972][ T5971] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  467.530723][ T5971] usb 4-1: device descriptor read/8, error -71
[  467.614967][T10863] FAULT_INJECTION: forcing a failure.
[  467.614967][T10863] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  467.663674][ T5971] usb usb4-port1: unable to enumerate USB device
[  467.730575][T10863] CPU: 0 UID: 0 PID: 10863 Comm: syz.4.1183 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(full) 
[  467.730602][T10863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  467.730611][T10863] Call Trace:
[  467.730617][T10863]  <TASK>
[  467.730623][T10863]  dump_stack_lvl+0x16c/0x1f0
[  467.730647][T10863]  should_fail_ex+0x512/0x640
[  467.730670][T10863]  copy_fpstate_to_sigframe+0x854/0xaf0
[  467.730701][T10863]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  467.730724][T10863]  ? posixtimer_deliver_signal+0x105/0x6b0
[  467.730753][T10863]  ? posixtimer_deliver_signal+0x1c7/0x6b0
[  467.730770][T10863]  ? x86_task_fpu+0x5f/0x90
[  467.730793][T10863]  get_sigframe+0x4a8/0x9c0
[  467.730819][T10863]  ? __pfx_get_sigframe+0x10/0x10
[  467.730842][T10863]  ? _raw_spin_unlock_irq+0x23/0x50
[  467.730867][T10863]  ? siginfo_layout+0x177/0x290
[  467.730891][T10863]  x64_setup_rt_frame+0x12e/0xcf0
[  467.730919][T10863]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  467.730940][T10863]  ? __mutex_unlock_slowpath+0x163/0x800
[  467.730965][T10863]  arch_do_signal_or_restart+0x5e4/0x7d0
[  467.730987][T10863]  ? __fget_files+0x20e/0x3c0
[  467.731007][T10863]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  467.731034][T10863]  ? ksys_write+0x1ac/0x250
[  467.731052][T10863]  ? __pfx_ksys_write+0x10/0x10
[  467.731074][T10863]  exit_to_user_mode_loop+0x84/0x110
[  467.731094][T10863]  do_syscall_64+0x3f6/0x4c0
[  467.731115][T10863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.731133][T10863] RIP: 0033:0x7f6cf298d69f
[  467.731147][T10863] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  467.731164][T10863] RSP: 002b:00007f6cf3739030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  467.731181][T10863] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 00007f6cf298d69f
[  467.731192][T10863] RDX: 0000000000000001 RSI: 00007f6cf3739090 RDI: 0000000000000003
[  467.731202][T10863] RBP: 00007f6cf3739090 R08: 0000000000000000 R09: 00007f6cf3738df7
[  467.731213][T10863] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  467.731223][T10863] R13: 00007f6cf2bb6038 R14: 00007f6cf2bb5fa0 R15: 00007fff4dae4438
[  467.731246][T10863]  </TASK>
[  468.961481][T10877] netlink: 'syz.0.1185': attribute type 10 has an invalid length.
[  468.969430][T10877] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1185'.
[  469.287145][   T10] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  469.790867][   T10] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  469.803725][   T10] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  469.814394][   T10] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  469.840723][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  469.866285][   T10] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  469.878358][   T10] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  469.889853][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  470.503234][   T10] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  470.512569][   T10] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  470.524257][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  470.536907][   T10] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  470.554660][   T10] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  470.566495][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  470.588800][   T10] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  470.877213][   T10] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  470.941239][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  470.967098][   T10] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  470.996292][   T10] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  471.202568][T10908] vlan2: entered allmulticast mode
[  471.207737][T10908] erspan0: entered allmulticast mode
[  471.426470][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  471.529770][T10909] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1191'.
[  471.539510][T10909] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1191'.
[  472.895324][   T10] usb 1-1: unable to read config index 6 descriptor/start: -71
[  472.944015][   T10] usb 1-1: can't read configurations, error -71
[  473.760681][ T5925] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  473.824047][ T5917] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  474.410630][ T5917] usb 5-1: device descriptor read/64, error -71
[  474.420547][ T5925] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  474.440935][ T5925] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  474.461180][ T5925] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  474.484614][ T5925] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  474.509712][ T5925] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  474.528413][ T5925] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  474.550635][ T5925] usb 4-1: config 0 descriptor??
[  474.556067][T10924] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  474.670726][ T5917] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  474.810577][ T5917] usb 5-1: device descriptor read/64, error -71
[  474.921725][ T5917] usb usb5-port1: attempt power cycle
[  475.122133][ T5925] plantronics 0003:047F:FFFF.0019: reserved main item tag 0xd
[  475.131907][T10941] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1203'.
[  475.253463][ T5925] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  475.269962][ T2150] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  475.320318][ T5927] usb 4-1: USB disconnect, device number 51
[  475.450101][ T2150] usb 1-1: Using ep0 maxpacket: 8
[  475.457858][T10945] fido_id[10945]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  475.480529][ T5917] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  475.490258][ T2150] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  475.497996][ T2150] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  475.514370][ T5917] usb 5-1: device descriptor read/8, error -71
[  475.518257][ T2150] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  475.781826][ T2150] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  475.818491][ T2150] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  475.820434][ T5917] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  476.451315][ T5917] usb 5-1: device descriptor read/8, error -71
[  476.472515][ T2150] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  476.492048][ T2150] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  476.560502][ T5917] usb usb5-port1: unable to enumerate USB device
[  476.640252][ T2150] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  476.662705][ T2150] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  476.677807][ T2150] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  476.739021][ T2150] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  476.749333][ T2150] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  476.769959][ T2150] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  476.831788][ T2150] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  476.852690][ T2150] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  476.869287][ T2150] usb 1-1: string descriptor 0 read error: -22
[  476.876981][ T2150] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  476.895054][ T2150] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.017294][ T2150] adutux 1-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  477.400312][ T2150] usb 1-1: USB disconnect, device number 52
[  478.697315][T10981] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1213'.
[  480.070692][T10990] [U] ���1WT`8�����H$�0�����9\
[  480.075888][T10990] [U] ;2}u��gV�ĥ��#�O9��ե>-�����S�ݢ��p
[  480.086188][T10990] [U] 4��XZ^Y����)��ഴ�m�c��.�o���p�O��W
[  480.093571][T10990] [U] ��%�Z
[  480.096771][T10990] [U] �8`�}�[T��j#Z�~��3µݥI~�D�%8@7j���|{9d��c���e+�O�k?%�6
[  480.566450][T10988] [U] ��p>BЍ��Z%
[  480.778515][   T30] audit: type=1400 audit(1755246869.181:2391): avc:  denied  { mounton } for  pid=11003 comm="syz.2.1223" path="/proc/882/task" dev="proc" ino=29778 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  480.801200][    C1] vkms_vblank_simulate: vblank timer overrun
[  481.934114][T11019] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1225'.
[  481.950071][   T43] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  482.129985][   T43] usb 2-1: Using ep0 maxpacket: 32
[  482.148712][   T43] usb 2-1: config 0 interface 0 has no altsetting 0
[  482.178376][   T43] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  482.219631][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.228419][   T43] usb 2-1: Product: syz
[  482.274619][   T43] usb 2-1: Manufacturer: syz
[  482.307146][   T43] usb 2-1: SerialNumber: syz
[  482.359973][   T43] usb 2-1: config 0 descriptor??
[  483.115254][   T43] gs_usb 2-1:0.0: Configuring for 88 interfaces
[  483.122360][   T43] gs_usb 2-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  483.130278][   T43] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -22
[  484.030197][ T2150] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  484.448321][   T43] usb 2-1: USB disconnect, device number 46
[  484.566551][T11060] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1236'.
[  484.600002][ T2150] usb 3-1: Using ep0 maxpacket: 32
[  484.608847][ T2150] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  484.618511][ T2150] usb 3-1: config 0 has no interface number 0
[  484.749386][ T2150] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  484.779042][ T2150] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.787557][ T2150] usb 3-1: Product: syz
[  484.792084][ T2150] usb 3-1: Manufacturer: syz
[  484.796717][ T2150] usb 3-1: SerialNumber: syz
[  484.813022][ T2150] usb 3-1: config 0 descriptor??
[  484.861028][ T2150] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  485.003654][T11064] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1236'.
[  485.418154][T11070] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  485.439278][ T2150] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  485.444823][T11064] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1236'.
[  485.482669][ T2150] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  485.601949][T11074] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1238'.
[  485.663128][    C1] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[  485.664000][ T5917] usb 3-1: USB disconnect, device number 36
[  485.728152][ T5917] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  485.916647][ T5917] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  486.064065][ T5917] quatech2 3-1:0.51: device disconnected
[  486.070504][T11081] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1544 sclass=netlink_route_socket pid=11081 comm=syz.1.1241
[  487.564402][T11113] random: crng reseeded on system resumption
[  487.598104][   T30] audit: type=1400 audit(1755246876.001:2392): avc:  denied  { mount } for  pid=11112 comm="syz.0.1248" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  487.623730][T11113] netlink: 'syz.0.1248': attribute type 2 has an invalid length.
[  488.380776][   T30] audit: type=1400 audit(1755246876.761:2393): avc:  denied  { getopt } for  pid=11120 comm="syz.2.1250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  489.083595][   T30] audit: type=1400 audit(1755246877.481:2394): avc:  denied  { mount } for  pid=11120 comm="syz.2.1250" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  489.121616][T11133] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1252'.
[  489.144994][T11133] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1252'.
[  489.985600][T11143] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1256'.
[  490.009128][T11145] virtio-fs: tag </dev/md0> not found
[  490.018190][   T30] audit: type=1400 audit(1755246878.431:2395): avc:  denied  { write } for  pid=11144 comm="syz.4.1257" name="sg0" dev="devtmpfs" ino=765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  491.017001][   T10] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  491.092127][T11162] netlink: 'syz.2.1261': attribute type 9 has an invalid length.
[  491.181991][   T10] usb 2-1: config 66 has an invalid interface number: 195 but max is 0
[  491.205855][   T10] usb 2-1: config 66 has no interface number 0
[  491.215236][T11163] vlan2: entered promiscuous mode
[  491.222119][T11164] netlink: 'syz.2.1261': attribute type 9 has an invalid length.
[  491.254260][T11163] bond0: entered promiscuous mode
[  491.259801][T11163] bond_slave_0: entered promiscuous mode
[  491.261437][   T10] usb 2-1: New USB device found, idVendor=1bcf, idProduct=0b40, bcdDevice=56.49
[  491.282107][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.481632][T11163] bond_slave_1: entered promiscuous mode
[  491.554181][T11169] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  491.588832][   T10] usb 2-1: Product: syz
[  491.602033][   T10] usb 2-1: Manufacturer: syz
[  491.612798][   T10] usb 2-1: SerialNumber: syz
[  491.638042][T11169] Bluetooth: hci1: Opcode 0x0401 failed: -22
[  493.067532][T11175] netlink: 'syz.3.1264': attribute type 16 has an invalid length.
[  493.075372][T11175] netlink: 'syz.3.1264': attribute type 17 has an invalid length.
[  493.699985][ T5859] Bluetooth: hci1: command tx timeout
[  494.572363][   T10] usb 2-1: USB disconnect, device number 47
[  495.456505][T11202] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1273'.
[  496.416936][   T10] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  496.760681][   T10] usb 2-1: Using ep0 maxpacket: 32
[  496.764907][   T10] usb 2-1: config 0 has an invalid interface number: 219 but max is 0
[  496.764931][   T10] usb 2-1: config 0 has no interface number 0
[  496.764965][   T10] usb 2-1: config 0 interface 219 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  496.764989][   T10] usb 2-1: config 0 interface 219 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  496.775051][   T10] usb 2-1: New USB device found, idVendor=257a, idProduct=261f, bcdDevice= 8.ee
[  496.775069][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.775081][   T10] usb 2-1: Product: syz
[  496.775091][   T10] usb 2-1: Manufacturer: syz
[  496.775099][   T10] usb 2-1: SerialNumber: syz
[  496.776341][   T10] usb 2-1: config 0 descriptor??
[  496.776776][T11192] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  496.776826][T11192] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  497.012415][   T30] audit: type=1400 audit(1755246885.211:2396): avc:  denied  { getopt } for  pid=11199 comm="syz.4.1272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  498.504158][T11223] netlink: 'syz.0.1276': attribute type 1 has an invalid length.
[  498.554857][T11209] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1273'.
[  498.554877][T11209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1273'.
[  498.656343][T11210] tty tty28: ldisc open failed (-12), clearing slot 27
[  498.865464][   T10] hub 2-1:0.219: bad descriptor, ignoring hub
[  498.865480][   T10] hub 2-1:0.219: probe with driver hub failed with error -5
[  498.866010][   T10] option 2-1:0.219: GSM modem (1-port) converter detected
[  498.868383][   T10] usb 2-1: GSM modem (1-port) converter now attached to ttyUSB0
[  498.893995][   T10] usb 2-1: USB disconnect, device number 48
[  498.898294][   T10] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0
[  498.898835][   T10] option 2-1:0.219: device disconnected
[  499.760955][T11212] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  500.250506][ T5925] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  500.560776][ T5925] usb 4-1: Using ep0 maxpacket: 16
[  500.593577][ T5925] usb 4-1: config 0 has no interfaces?
[  500.607598][T11266] netlink: 'syz.4.1287': attribute type 10 has an invalid length.
[  500.656024][ T5925] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  500.675666][T11266] team0: left allmulticast mode
[  500.681594][T11266] team_slave_0: left allmulticast mode
[  500.688019][T11266] team_slave_1: left allmulticast mode
[  500.695468][T11266] team0: left promiscuous mode
[  500.700625][T11266] team_slave_0: left promiscuous mode
[  500.706799][T11266] team_slave_1: left promiscuous mode
[  500.713456][T11266] bridge0: port 3(team0) entered disabled state
[  500.720694][   T10] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  500.735101][ T5925] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.741234][T11266] batman_adv: batadv0: Adding interface: team0
[  500.751506][T11266] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  500.788854][ T5925] usb 4-1: Product: syz
[  500.800489][ T5925] usb 4-1: Manufacturer: syz
[  500.883457][ T5925] usb 4-1: SerialNumber: syz
[  500.988343][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  500.993509][ T5925] usb 4-1: config 0 descriptor??
[  500.999747][   T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  501.001024][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  501.017646][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  501.181230][T11266] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  501.182300][T11270] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1287'.
[  501.217275][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  501.232077][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  501.262049][   T10] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  501.307345][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.516886][   T10] usb 2-1: config 0 descriptor??
[  501.533575][T11264] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  502.114114][   T10] plantronics 0003:047F:FFFF.001A: reserved main item tag 0xd
[  502.152558][   T10] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  502.368891][ T5927] usb 2-1: USB disconnect, device number 49
[  502.823053][T11283] overlayfs: overlapping lowerdir path
[  503.269490][ T5927] usb 4-1: USB disconnect, device number 52
[  503.499143][T11296] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[11296]
[  503.736657][T11295] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1296'.
[  504.033565][   T10] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  504.436253][   T10] usb 3-1: Using ep0 maxpacket: 32
[  504.574228][   T10] usb 3-1: config 0 has an invalid interface number: 136 but max is 0
[  504.589029][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  504.666056][T11307] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1296'.
[  504.715650][   T10] usb 3-1: config 0 has no interface number 0
[  504.730503][T11307] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1296'.
[  504.885401][   T10] usb 3-1: config 0 interface 136 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  504.924893][   T10] usb 3-1: New USB device found, idVendor=0763, idProduct=1021, bcdDevice=8e.c0
[  504.950433][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.017279][   T10] usb 3-1: config 0 descriptor??
[  505.064636][   T10] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  505.199709][   T10] snd-usb-audio 3-1:0.136: probe with driver snd-usb-audio failed with error -2
[  505.645356][ T5995] udevd[5995]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.136/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  505.667908][   T10] usb 3-1: USB disconnect, device number 37
[  505.778888][T11309] bond1: entered promiscuous mode
[  505.787018][T11309] bond1: entered allmulticast mode
[  505.890511][T11309] 8021q: adding VLAN 0 to HW filter on device bond1
[  506.777418][T11309] bond1 (unregistering): Released all slaves
[  506.959390][T11339] tmpfs: Bad value for 'mpol'
[  507.647912][   T30] audit: type=1400 audit(1755246896.041:2397): avc:  denied  { view } for  pid=11327 comm="syz.3.1302" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  507.920986][T11341] [U] ���1WT`8�����H$�0�����9\
[  507.925928][T11341] [U] ;2}u��gV�ĥ��#�O9��ե>-�����S�ݢ��p
[  507.932693][T11341] [U] 4��XZ^Y����)��ഴ�m�c��.�o���p�O��W
[  507.938907][T11341] [U] ��%�Z
[  507.942073][T11341] [U] �8`�}�[T��j#Z�~��3µݥI~�D�%8@7j���|{9d��c���e+�O�k?%�6
[  507.950706][T11340] [U] ��p>BЍ��Z%
[  508.349938][ T5927] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  508.780061][ T5927] usb 3-1: Using ep0 maxpacket: 8
[  508.790917][ T5927] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.801234][ T5927] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  508.813202][ T5927] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.247445][ T5927] usb 3-1: config 0 descriptor??
[  509.301945][ T5927] gspca_main: vc032x-2.14.0 probing 046d:0892
[  509.970775][T11366] FAULT_INJECTION: forcing a failure.
[  509.970775][T11366] name failslab, interval 1, probability 0, space 0, times 0
[  510.015023][T11366] CPU: 1 UID: 0 PID: 11366 Comm: syz.0.1313 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(full) 
[  510.015049][T11366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  510.015060][T11366] Call Trace:
[  510.015066][T11366]  <TASK>
[  510.015073][T11366]  dump_stack_lvl+0x16c/0x1f0
[  510.015100][T11366]  should_fail_ex+0x512/0x640
[  510.015119][T11366]  ? fs_reclaim_acquire+0xae/0x150
[  510.015144][T11366]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  510.015169][T11366]  should_failslab+0xc2/0x120
[  510.015189][T11366]  __kmalloc_noprof+0xd2/0x510
[  510.015213][T11366]  tomoyo_realpath_from_path+0xc2/0x6e0
[  510.015240][T11366]  ? tomoyo_profile+0x47/0x60
[  510.015259][T11366]  tomoyo_path_number_perm+0x245/0x580
[  510.015280][T11366]  ? tomoyo_path_number_perm+0x237/0x580
[  510.015303][T11366]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  510.015326][T11366]  ? find_held_lock+0x2b/0x80
[  510.015372][T11366]  ? find_held_lock+0x2b/0x80
[  510.015392][T11366]  ? hook_file_ioctl_common+0x145/0x410
[  510.015416][T11366]  ? __fget_files+0x20e/0x3c0
[  510.015440][T11366]  security_file_ioctl+0x9b/0x240
[  510.015465][T11366]  __x64_sys_ioctl+0xb7/0x210
[  510.015495][T11366]  do_syscall_64+0xcd/0x4c0
[  510.015516][T11366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.015534][T11366] RIP: 0033:0x7f428298ebe9
[  510.015548][T11366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  510.015563][T11366] RSP: 002b:00007f4283869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  510.015582][T11366] RAX: ffffffffffffffda RBX: 00007f4282bb5fa0 RCX: 00007f428298ebe9
[  510.015593][T11366] RDX: 0000200000000040 RSI: 00000000000089e0 RDI: 0000000000000003
[  510.015604][T11366] RBP: 00007f4283869090 R08: 0000000000000000 R09: 0000000000000000
[  510.015614][T11366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.015624][T11366] R13: 00007f4282bb6038 R14: 00007f4282bb5fa0 R15: 00007ffe81e1aa28
[  510.015649][T11366]  </TASK>
[  510.015673][T11366] ERROR: Out of memory at tomoyo_realpath_from_path.
[  510.107939][T11368] syz.4.1314: attempt to access beyond end of device
[  510.107939][T11368] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  510.859960][T11378] tmpfs: Bad value for 'mpol'
[  512.223212][   T30] audit: type=1400 audit(1755246900.631:2398): avc:  denied  { mount } for  pid=11384 comm="syz.0.1317" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  512.244875][    C1] vkms_vblank_simulate: vblank timer overrun
[  512.642645][   T30] audit: type=1400 audit(1755246901.041:2399): avc:  denied  { bind } for  pid=11384 comm="syz.0.1317" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  512.660811][T11387] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  512.662084][    C1] vkms_vblank_simulate: vblank timer overrun
[  512.688135][T11387] batman_adv: batadv0: Removing interface: batadv_slave_0
[  512.703570][T11387] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  512.714111][   T30] audit: type=1400 audit(1755246901.091:2400): avc:  denied  { execute } for  pid=11384 comm="syz.0.1317" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  512.752493][T11387] batman_adv: batadv0: Removing interface: batadv_slave_1
[  513.019319][T11396] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1320'.
[  513.098021][ T5927] usb 3-1: USB disconnect, device number 38
[  513.891147][   T10] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  514.130732][   T10] usb 1-1: Using ep0 maxpacket: 8
[  514.139291][   T10] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  514.148793][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  514.169316][   T10] usb 1-1: Product: syz
[  514.177242][   T10] usb 1-1: Manufacturer: syz
[  514.183752][   T10] usb 1-1: SerialNumber: syz
[  514.199432][   T10] usb 1-1: config 0 descriptor??
[  514.241639][   T10] gspca_main: se401-2.14.0 probing 047d:5003
[  514.390362][   T43] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  514.551733][   T43] usb 5-1: config index 0 descriptor too short (expected 7768, got 18)
[  514.562752][   T43] usb 5-1: New USB device found, idVendor=0483, idProduct=3747, bcdDevice=52.4d
[  514.579749][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.598038][   T43] usb 5-1: config 0 descriptor??
[  514.607888][   T43] ftdi_sio 5-1:0.0: Ignoring interface reserved for JTAG
[  514.950952][T11420] [U] ���1WT`8�����H$�0�����9\
[  514.955914][T11420] [U] ;2}u��gV�ĥ��#�O9��ե>-�����S�ݢ��p
[  514.975813][T11421] netlink: 'syz.2.1327': attribute type 9 has an invalid length.
[  515.037834][T11424] netlink: 'syz.2.1327': attribute type 9 has an invalid length.
[  515.055935][T11420] [U] 4��XZ^Y����)��ഴ�m�c��.�o���p�O��W
[  516.258810][T11420] [U] ��%�Z
[  516.262030][T11420] [U] �8`�}�[T��j#Z�~��3µݥI~�D�%8@7j���|{9d��c���e+�O�k?%�6
[  516.314845][   T30] audit: type=1326 audit(1755246903.531:2401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  516.347447][   T30] audit: type=1326 audit(1755246903.531:2402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  516.426005][ T5927] usb 5-1: USB disconnect, device number 57
[  516.432183][   T30] audit: type=1326 audit(1755246903.531:2403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  516.464886][   T10] gspca_se401: read req failed req 0x06 error -19
[  516.489368][   T30] audit: type=1326 audit(1755246903.561:2404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  516.589990][   T30] audit: type=1326 audit(1755246903.561:2405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  516.613493][   T10] usb 1-1: USB disconnect, device number 53
[  516.666471][   T30] audit: type=1326 audit(1755246903.651:2406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  516.691913][T11413] [U] ��p>BЍ��Z%
[  516.826052][   T30] audit: type=1326 audit(1755246903.651:2407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  517.030448][T11432] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1333'.
[  517.110619][T11441] netlink: 'syz.1.1332': attribute type 10 has an invalid length.
[  517.118593][T11441] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1332'.
[  517.178267][   T30] audit: type=1326 audit(1755246903.661:2408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  517.420516][   T10] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  517.570485][   T30] audit: type=1326 audit(1755246903.661:2409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  517.801645][   T30] audit: type=1326 audit(1755246903.661:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  517.906865][   T10] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  517.972250][   T10] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  517.997214][   T30] audit: type=1326 audit(1755246903.661:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  518.034743][   T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  518.129176][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[  518.180583][   T30] audit: type=1326 audit(1755246903.661:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  518.182217][   T10] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  518.250006][   T30] audit: type=1326 audit(1755246903.661:2413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  518.321648][   T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  518.333228][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[  518.342498][   T30] audit: type=1326 audit(1755246903.661:2414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  518.371612][   T30] audit: type=1326 audit(1755246903.661:2415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  518.411689][   T30] audit: type=1326 audit(1755246903.661:2416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  518.734391][ T5927] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  518.899274][   T10] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  518.908816][   T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  518.921029][   T30] audit: type=1326 audit(1755246903.661:2417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  518.929198][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[  518.944483][    C1] vkms_vblank_simulate: vblank timer overrun
[  518.945301][   T30] audit: type=1326 audit(1755246903.661:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  518.981291][    C1] vkms_vblank_simulate: vblank timer overrun
[  519.051032][ T5927] usb 3-1: Using ep0 maxpacket: 8
[  519.056982][   T10] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  519.066450][   T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  519.080505][   T30] audit: type=1326 audit(1755246903.661:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11422 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f428298ebe9 code=0x7ffc0000
[  519.122710][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[  519.377254][ T5927] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  519.422780][ T5927] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.181501][ T5857] Bluetooth: hci5: command 0xfc11 tx timeout
[  520.716358][ T5859] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  520.774049][ T5927] usb 3-1: Product: syz
[  520.778225][ T5927] usb 3-1: Manufacturer: syz
[  520.786285][T11453] sp0: Synchronizing with TNC
[  520.831537][ T5927] usb 3-1: SerialNumber: syz
[  520.857489][ T5927] usb 3-1: config 0 descriptor??
[  520.902859][ T5927] gspca_main: se401-2.14.0 probing 047d:5003
[  521.208134][   T10] usb 2-1: unable to read config index 4 descriptor/start: -71
[  521.233348][   T10] usb 2-1: can't read configurations, error -71
[  521.907243][T11485] usb usb8: usbfs: process 11485 (syz.1.1345) did not claim interface 0 before use
[  522.270831][ T5927] gspca_se401: read req failed req 0x06 error -19
[  522.283673][ T5927] usb 3-1: USB disconnect, device number 39
[  522.287834][T11492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1348'.
[  522.672642][T11497] FAULT_INJECTION: forcing a failure.
[  522.672642][T11497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  522.690587][T11497] CPU: 0 UID: 0 PID: 11497 Comm: syz.0.1350 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(full) 
[  522.690612][T11497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  522.690623][T11497] Call Trace:
[  522.690629][T11497]  <TASK>
[  522.690636][T11497]  dump_stack_lvl+0x16c/0x1f0
[  522.690658][T11497]  should_fail_ex+0x512/0x640
[  522.690682][T11497]  _copy_from_iter+0x29f/0x16f0
[  522.690719][T11497]  ? __pfx__copy_from_iter+0x10/0x10
[  522.690741][T11497]  ? rcu_is_watching+0x12/0xc0
[  522.690762][T11497]  ? trace_kmalloc+0x2b/0xd0
[  522.690783][T11497]  ? __kvmalloc_node_noprof+0x298/0x620
[  522.690800][T11497]  ? __pfx_net_ctl_permissions+0x10/0x10
[  522.690820][T11497]  ? proc_sys_call_handler+0x281/0x570
[  522.690851][T11497]  proc_sys_call_handler+0x3ad/0x570
[  522.690878][T11497]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  522.690912][T11497]  vfs_write+0x7d3/0x11d0
[  522.690931][T11497]  ? __pfx_proc_sys_write+0x10/0x10
[  522.690957][T11497]  ? __pfx___mutex_lock+0x10/0x10
[  522.690976][T11497]  ? __pfx_vfs_write+0x10/0x10
[  522.691013][T11497]  ksys_write+0x12a/0x250
[  522.691030][T11497]  ? __pfx_ksys_write+0x10/0x10
[  522.691056][T11497]  do_syscall_64+0xcd/0x4c0
[  522.691077][T11497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.691095][T11497] RIP: 0033:0x7f428298ebe9
[  522.691110][T11497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.691127][T11497] RSP: 002b:00007f4283869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  522.691144][T11497] RAX: ffffffffffffffda RBX: 00007f4282bb5fa0 RCX: 00007f428298ebe9
[  522.691155][T11497] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 0000000000000003
[  522.691166][T11497] RBP: 00007f4283869090 R08: 0000000000000000 R09: 0000000000000000
[  522.691177][T11497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.691187][T11497] R13: 00007f4282bb6038 R14: 00007f4282bb5fa0 R15: 00007ffe81e1aa28
[  522.691212][T11497]  </TASK>
[  523.216779][   T30] kauditd_printk_skb: 49 callbacks suppressed
[  523.216794][   T30] audit: type=1326 audit(1755246911.631:2469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11500 comm="syz.0.1352" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f428298ebe9 code=0x0
[  523.246024][    C1] vkms_vblank_simulate: vblank timer overrun
[  523.336159][T11503] overlayfs: missing 'lowerdir'
[  523.925484][T11502] netlink: 'syz.0.1352': attribute type 1 has an invalid length.
[  523.968886][T11502] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1352'.
[  524.135708][T11513] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1353'.
[  524.242653][T11516] netlink: 'syz.2.1355': attribute type 10 has an invalid length.
[  524.254547][T11516] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1355'.
[  524.640232][   T10] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  524.979938][ T5927] usb 5-1: new full-speed USB device number 58 using dummy_hcd
[  525.154795][ T5927] usb 5-1: config 9 interface 0 altsetting 10 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  525.257691][ T5927] usb 5-1: config 9 interface 0 has no altsetting 0
[  525.656254][   T10] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  525.681375][ T5927] usb 5-1: New USB device found, idVendor=147a, idProduct=e03e, bcdDevice= 8.f4
[  525.713843][ T5927] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.774450][   T10] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  525.783820][   T10] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  525.800222][   T30] audit: type=1400 audit(1755246914.121:2470): avc:  denied  { listen } for  pid=11521 comm="syz.3.1358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  525.838835][   T10] usb 3-1: config 0 interface 0 has no altsetting 0
[  525.885744][ T5927] usb 5-1: Product: syz
[  525.894450][ T5927] usb 5-1: Manufacturer: syz
[  525.899045][ T5927] usb 5-1: SerialNumber: syz
[  525.921049][T11526] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  525.984550][   T10] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  526.512452][   T10] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  526.549502][   T10] usb 3-1: config 0 interface 0 has no altsetting 0
[  527.489761][ T5927] usb 5-1: USB disconnect, device number 58
[  527.510925][   T10] usb 3-1: unable to read config index 2 descriptor/all
[  527.538190][   T10] usb 3-1: can't read configurations, error -71
[  527.850508][T11559] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1368'.
[  528.297989][T11567] overlayfs: overlapping lowerdir path
[  528.305635][ T5925] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  528.883660][ T5925] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  528.973477][ T5925] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  529.030790][ T5925] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  529.063209][ T5925] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  529.090647][ T5925] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  529.140887][ T5925] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  529.209766][ T5925] usb 1-1: config 0 descriptor??
[  529.424624][   T30] audit: type=1326 audit(1755246917.771:2471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.3.1372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7fc00000
[  529.448066][    C0] vkms_vblank_simulate: vblank timer overrun
[  529.470335][T11564] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  529.493738][   T30] audit: type=1400 audit(1755246917.871:2472): avc:  denied  { map } for  pid=11569 comm="syz.3.1372" path="/dev/sg0" dev="devtmpfs" ino=765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  529.679335][   T30] audit: type=1326 audit(1755246918.081:2473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11578 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  529.728620][   T30] audit: type=1326 audit(1755246918.081:2474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11578 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  529.768777][   T30] audit: type=1326 audit(1755246918.081:2475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11578 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  529.796716][   T10] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  529.797001][   T30] audit: type=1326 audit(1755246918.081:2476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11578 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  529.840492][   T30] audit: type=1326 audit(1755246918.081:2477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11578 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  529.864348][   T30] audit: type=1326 audit(1755246918.081:2478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11578 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  529.889082][   T30] audit: type=1326 audit(1755246918.081:2479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11578 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  529.950001][   T30] audit: type=1326 audit(1755246918.081:2480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11578 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  529.988720][   T10] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  530.011761][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  530.027663][   T10] usb 4-1: Product: syz
[  530.038798][   T10] usb 4-1: Manufacturer: syz
[  530.048322][   T10] usb 4-1: SerialNumber: syz
[  530.051347][ T5925] plantronics 0003:047F:FFFF.001B: reserved main item tag 0xd
[  530.070672][   T10] usb 4-1: config 0 descriptor??
[  530.098628][   T10] ch341 4-1:0.0: ch341-uart converter detected
[  530.107159][ T5925] plantronics 0003:047F:FFFF.001B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  530.376347][ T5925] usb 1-1: USB disconnect, device number 54
[  531.230005][ T5927] usb 3-1: new full-speed USB device number 42 using dummy_hcd
[  531.384616][   T10] usb 4-1: failed to send control message: -110
[  531.398667][   T10] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[  531.403658][ T5927] usb 3-1: config 9 interface 0 altsetting 10 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  531.422476][ T5927] usb 3-1: config 9 interface 0 has no altsetting 0
[  531.439427][ T5927] usb 3-1: New USB device found, idVendor=147a, idProduct=e03e, bcdDevice= 8.f4
[  531.461622][ T5927] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  531.474607][ T5927] usb 3-1: Product: syz
[  531.478929][ T5927] usb 3-1: Manufacturer: syz
[  531.483690][ T5927] usb 3-1: SerialNumber: syz
[  531.525463][T11588] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  531.590136][   T43] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  531.748812][ T5927] usb 3-1: USB disconnect, device number 42
[  531.755290][   T43] usb 2-1: Using ep0 maxpacket: 8
[  531.779171][   T43] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  531.813578][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  531.826551][   T43] usb 2-1: Product: syz
[  531.832063][   T43] usb 2-1: Manufacturer: syz
[  531.838155][   T43] usb 2-1: SerialNumber: syz
[  531.858657][   T43] usb 2-1: config 0 descriptor??
[  531.866424][   T43] gspca_main: se401-2.14.0 probing 047d:5003
[  532.527159][ T5927] usb 4-1: USB disconnect, device number 53
[  532.542551][ T5927] ch341 4-1:0.0: device disconnected
[  533.529992][ T5927] usb 4-1: new full-speed USB device number 54 using dummy_hcd
[  533.593773][T11624] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1387'.
[  533.725230][   T43] gspca_se401: read req failed req 0x06 error -19
[  534.018102][   T43] usb 2-1: USB disconnect, device number 52
[  534.244715][ T5927] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  534.269506][ T5927] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  534.280814][ T5927] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 65535, setting to 64
[  534.291823][ T5927] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  534.306371][ T5927] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.343953][T11615] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  534.369141][T11615] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  534.390602][T11629] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1391'.
[  534.509345][ T5927] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  534.850186][   T43] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  535.062674][   T43] usb 2-1: Using ep0 maxpacket: 8
[  535.104034][   T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  535.133626][   T43] usb 2-1: config 0 has no interfaces?
[  535.157030][   T43] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  535.166578][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.174973][   T43] usb 2-1: Product: syz
[  535.179126][   T43] usb 2-1: Manufacturer: syz
[  535.319023][   T43] usb 2-1: SerialNumber: syz
[  535.339012][   T43] usb 2-1: config 0 descriptor??
[  535.510361][ T5917] usb 3-1: new full-speed USB device number 43 using dummy_hcd
[  535.723018][ T5917] usb 3-1: config 9 interface 0 altsetting 10 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  535.747545][ T5917] usb 3-1: config 9 interface 0 has no altsetting 0
[  535.982514][   T10] usb 2-1: USB disconnect, device number 53
[  535.999428][ T5917] usb 3-1: New USB device found, idVendor=147a, idProduct=e03e, bcdDevice= 8.f4
[  536.025048][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  536.047503][ T5917] usb 3-1: Product: syz
[  536.056943][   T43] usb 4-1: USB disconnect, device number 54
[  536.063644][ T5917] usb 3-1: Manufacturer: syz
[  536.068558][ T5917] usb 3-1: SerialNumber: syz
[  536.097359][T11644] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  536.299823][T11653] netlink: 'syz.0.1396': attribute type 10 has an invalid length.
[  536.311997][T11653] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1396'.
[  536.425313][ T5917] usb 3-1: USB disconnect, device number 43
[  536.631810][ T5927] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  536.644278][ T5927] hid-generic 0000:0000:0000.001C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  536.653893][ T5925] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  536.661505][   T43] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  536.879931][   T43] usb 4-1: Using ep0 maxpacket: 8
[  537.090354][ T5925] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  537.111412][   T43] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  537.196876][   T43] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  537.197122][ T5925] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  537.241587][   T43] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  537.263558][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  537.267007][ T5925] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  537.289986][   T43] usb 4-1: Product: syz
[  537.308258][   T43] usb 4-1: Manufacturer: syz
[  537.314979][ T5925] usb 1-1: config 0 interface 0 has no altsetting 0
[  537.335973][   T43] usb 4-1: SerialNumber: syz
[  537.364690][   T43] usb 4-1: config 0 descriptor??
[  537.508842][ T5925] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  537.734344][ T5925] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  537.768213][ T5925] usb 1-1: config 0 interface 0 has no altsetting 0
[  538.022462][T11652] 9pnet_fd: Insufficient options for proto=fd
[  538.033366][   T43] usb 4-1: USB disconnect, device number 55
[  538.041074][T11667] tmpfs: Bad value for 'mpol'
[  538.055653][ T5925] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  538.072721][ T5925] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  538.109259][ T5925] usb 1-1: config 0 interface 0 has no altsetting 0
[  538.168870][ T5925] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  538.177994][ T5925] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  538.194078][ T5925] usb 1-1: config 0 interface 0 has no altsetting 0
[  538.220854][ T5925] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  538.235029][ T5925] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  538.258806][ T5925] usb 1-1: config 0 interface 0 has no altsetting 0
[  538.325863][ T5925] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  538.339464][ T5925] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  538.352940][ T5925] usb 1-1: config 0 interface 0 has no altsetting 0
[  538.382643][ T5925] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  538.395026][ T5925] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  538.406692][ T5925] usb 1-1: config 0 interface 0 has no altsetting 0
[  538.417865][ T5925] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  538.584982][ T5925] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  538.614209][T11682] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1405'.
[  539.316593][ T5925] usb 1-1: config 0 interface 0 has no altsetting 0
[  539.674299][ T5925] usb 1-1: string descriptor 0 read error: -71
[  539.680562][ T5925] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  539.689601][ T5925] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  539.739160][ T5925] usb 1-1: config 0 descriptor??
[  539.772709][ T5925] usb 1-1: can't set config #0, error -71
[  539.815591][ T5925] usb 1-1: USB disconnect, device number 55
[  539.840598][   T10] usb 5-1: new full-speed USB device number 59 using dummy_hcd
[  539.962425][T11698] [U] ���1WT`8�����H$�0�����9\
[  539.969128][T11698] [U] ;2}u��gV�ĥ��#�O9��ե>-�����S�ݢ��p
[  539.976986][T11698] [U] 4��XZ^Y����)��ഴ�m�c��.�o���p�O��W
[  539.984845][T11698] [U] ��%�Z
[  539.988026][T11698] [U] �8`�}�[T��j#Z�~��3µݥI~�D�%8@7j���|{9d��c���e+�O�k?%�6
[  540.205395][   T10] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  540.215956][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.232733][T11696] [U] ��p>BЍ��Z%
[  540.258558][   T10] usb 5-1: config 0 descriptor??
[  541.813354][   T10] pegasus 5-1:0.0: probe with driver pegasus failed with error -121
[  542.424813][T11728] overlayfs: overlapping lowerdir path
[  542.987276][T11735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1418'.
[  543.577237][ T2150] usb 5-1: USB disconnect, device number 59
[  543.871162][   T43] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  544.030129][   T43] usb 3-1: Using ep0 maxpacket: 16
[  544.037653][   T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  544.088262][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  544.286405][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  544.611166][   T43] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  544.660028][   T43] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  544.679808][   T43] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  544.697145][   T43] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  544.718187][   T43] usb 3-1: Manufacturer: syz
[  544.729369][   T43] usb 3-1: config 0 descriptor??
[  544.959933][ T2150] usb 2-1: new full-speed USB device number 54 using dummy_hcd
[  545.038471][T11762] FAULT_INJECTION: forcing a failure.
[  545.038471][T11762] name failslab, interval 1, probability 0, space 0, times 0
[  545.059888][   T43] rc_core: IR keymap rc-hauppauge not found
[  545.076942][   T43] Registered IR keymap rc-empty
[  545.089941][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  545.100559][T11762] CPU: 0 UID: 0 PID: 11762 Comm: syz.0.1425 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(full) 
[  545.100575][T11762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  545.100582][T11762] Call Trace:
[  545.100586][T11762]  <TASK>
[  545.100590][T11762]  dump_stack_lvl+0x16c/0x1f0
[  545.100606][T11762]  should_fail_ex+0x512/0x640
[  545.100619][T11762]  ? __kmalloc_noprof+0xbf/0x510
[  545.100631][T11762]  ? iovec_from_user+0x108/0x140
[  545.100645][T11762]  should_failslab+0xc2/0x120
[  545.100658][T11762]  __kmalloc_noprof+0xd2/0x510
[  545.100669][T11762]  ? __lock_acquire+0x62e/0x1ce0
[  545.100689][T11762]  iovec_from_user+0x108/0x140
[  545.100705][T11762]  __import_iovec+0x88/0x650
[  545.100720][T11762]  ? find_held_lock+0x2b/0x80
[  545.100735][T11762]  import_iovec+0x109/0x140
[  545.100751][T11762]  vfs_writev+0x19b/0xde0
[  545.100763][T11762]  ? __lock_acquire+0x62e/0x1ce0
[  545.100781][T11762]  ? __pfx_vfs_writev+0x10/0x10
[  545.100790][T11762]  ? find_held_lock+0x2b/0x80
[  545.100812][T11762]  ? __fget_files+0x20e/0x3c0
[  545.100823][T11762]  ? __fget_files+0x140/0x3c0
[  545.100838][T11762]  ? do_writev+0x132/0x340
[  545.100847][T11762]  do_writev+0x132/0x340
[  545.100856][T11762]  ? __pfx_do_writev+0x10/0x10
[  545.100870][T11762]  do_syscall_64+0xcd/0x4c0
[  545.100883][T11762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.100895][T11762] RIP: 0033:0x7f428298ebe9
[  545.100904][T11762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.100914][T11762] RSP: 002b:00007f4283869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  545.100925][T11762] RAX: ffffffffffffffda RBX: 00007f4282bb5fa0 RCX: 00007f428298ebe9
[  545.100932][T11762] RDX: 000000000000000e RSI: 0000200000000c40 RDI: 0000000000000003
[  545.100939][T11762] RBP: 00007f4283869090 R08: 0000000000000000 R09: 0000000000000000
[  545.100945][T11762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  545.100951][T11762] R13: 00007f4282bb6038 R14: 00007f4282bb5fa0 R15: 00007ffe81e1aa28
[  545.100965][T11762]  </TASK>
[  545.360938][ T2150] usb 2-1: config 9 interface 0 altsetting 10 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  545.393911][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  545.413105][T11765] bridge2: entered promiscuous mode
[  545.428492][ T2150] usb 2-1: config 9 interface 0 has no altsetting 0
[  545.458316][ T2150] usb 2-1: New USB device found, idVendor=147a, idProduct=e03e, bcdDevice= 8.f4
[  545.470731][   T43] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  545.512760][ T2150] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  545.513188][T11770] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1429'.
[  545.544266][   T43] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input35
[  545.559004][ T2150] usb 2-1: Product: syz
[  545.569100][ T2150] usb 2-1: Manufacturer: syz
[  545.711348][ T2150] usb 2-1: SerialNumber: syz
[  546.329931][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  546.347372][   T30] kauditd_printk_skb: 32 callbacks suppressed
[  546.347392][   T30] audit: type=1326 audit(1755246934.751:2513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.3.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  547.575158][T11781] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1429'.
[  547.575766][   T30] audit: type=1326 audit(1755246934.791:2514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.3.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  547.588512][ T2150] usb 2-1: can't set config #9, error -71
[  547.613428][   T30] audit: type=1326 audit(1755246934.801:2515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.3.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  547.642534][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  547.652147][   T30] audit: type=1326 audit(1755246934.811:2516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.3.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  547.676685][   T30] audit: type=1326 audit(1755246934.851:2517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.3.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  547.728591][T11781] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1429'.
[  547.796056][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  547.832092][ T2150] usb 2-1: USB disconnect, device number 54
[  548.306836][   T30] audit: type=1326 audit(1755246934.851:2518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.3.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  548.340653][   T30] audit: type=1326 audit(1755246934.851:2519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.3.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  548.374162][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  548.377127][   T30] audit: type=1326 audit(1755246934.851:2520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.3.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  548.416413][   T30] audit: type=1326 audit(1755246934.851:2521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.3.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  548.444908][   T30] audit: type=1326 audit(1755246934.851:2522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11772 comm="syz.3.1430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  548.452228][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  548.570069][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  548.590119][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  548.658979][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  548.699921][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  548.759977][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  548.760349][   T10] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  548.830331][   T43] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  548.888505][   T43] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  548.940506][   T10] usb 5-1: Using ep0 maxpacket: 8
[  548.946437][   T43] usb 3-1: USB disconnect, device number 44
[  548.991724][   T10] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  549.065082][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.112176][   T10] usb 5-1: Product: syz
[  549.132872][   T10] usb 5-1: Manufacturer: syz
[  549.144434][   T10] usb 5-1: SerialNumber: syz
[  549.160683][   T10] usb 5-1: config 0 descriptor??
[  549.171109][   T10] gspca_main: se401-2.14.0 probing 047d:5003
[  550.120260][ T5966] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  550.318101][ T5966] usb 1-1: too many configurations: 194, using maximum allowed: 8
[  550.328201][T11815] netlink: 'syz.1.1441': attribute type 9 has an invalid length.
[  550.339447][ T5966] usb 1-1: unable to read config index 0 descriptor/start: -61
[  550.348881][ T5966] usb 1-1: can't read configurations, error -61
[  550.475610][T11823] netlink: 'syz.1.1441': attribute type 9 has an invalid length.
[  550.513918][   T10] gspca_se401: read req failed req 0x06 error -19
[  550.620514][ T5966] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  550.694832][   T10] usb 5-1: USB disconnect, device number 60
[  550.791604][ T5925] usb 3-1: new full-speed USB device number 45 using dummy_hcd
[  550.852355][T11831] FAULT_INJECTION: forcing a failure.
[  550.852355][T11831] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  550.879434][T11831] CPU: 0 UID: 0 PID: 11831 Comm: syz.3.1445 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(full) 
[  550.879460][T11831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  550.879470][T11831] Call Trace:
[  550.879475][T11831]  <TASK>
[  550.879480][T11831]  dump_stack_lvl+0x16c/0x1f0
[  550.879496][T11831]  should_fail_ex+0x512/0x640
[  550.879511][T11831]  _copy_from_user+0x2e/0xd0
[  550.879526][T11831]  memdup_user+0x6b/0xe0
[  550.879539][T11831]  snd_ctl_ioctl+0x1c8/0xf80
[  550.879551][T11831]  ? __pfx_snd_ctl_ioctl+0x10/0x10
[  550.879565][T11831]  ? selinux_file_ioctl+0x180/0x270
[  550.879581][T11831]  ? selinux_file_ioctl+0xb4/0x270
[  550.879597][T11831]  ? __pfx_snd_ctl_ioctl+0x10/0x10
[  550.879609][T11831]  __x64_sys_ioctl+0x18b/0x210
[  550.879628][T11831]  do_syscall_64+0xcd/0x4c0
[  550.879643][T11831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.879654][T11831] RIP: 0033:0x7fc52d58ebe9
[  550.879664][T11831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  550.879674][T11831] RSP: 002b:00007fc52b7cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  550.879685][T11831] RAX: ffffffffffffffda RBX: 00007fc52d7b6090 RCX: 00007fc52d58ebe9
[  550.879692][T11831] RDX: 0000200000000b00 RSI: 00000000c4c85513 RDI: 0000000000000007
[  550.879699][T11831] RBP: 00007fc52b7cd090 R08: 0000000000000000 R09: 0000000000000000
[  550.879705][T11831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  550.879712][T11831] R13: 00007fc52d7b6128 R14: 00007fc52d7b6090 R15: 00007ffe31f8fb28
[  550.879725][T11831]  </TASK>
[  551.055980][ T5966] usb 1-1: too many configurations: 194, using maximum allowed: 8
[  551.074621][ T5966] usb 1-1: unable to read config index 0 descriptor/start: -61
[  551.082560][ T5966] usb 1-1: can't read configurations, error -61
[  551.089661][ T5966] usb usb1-port1: attempt power cycle
[  551.134130][ T5925] usb 3-1: config 9 interface 0 altsetting 10 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  551.145415][ T5925] usb 3-1: config 9 interface 0 has no altsetting 0
[  551.157317][ T5925] usb 3-1: New USB device found, idVendor=147a, idProduct=e03e, bcdDevice= 8.f4
[  551.166482][ T5925] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  551.175674][ T5925] usb 3-1: Product: syz
[  551.180396][ T5925] usb 3-1: Manufacturer: syz
[  551.184977][ T5925] usb 3-1: SerialNumber: syz
[  551.193038][T11824] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  551.298474][T11832] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1445'.
[  551.382893][T11837] overlayfs: overlapping lowerdir path
[  551.900124][ T5966] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  552.035404][ T5966] usb 1-1: too many configurations: 194, using maximum allowed: 8
[  552.090788][ T5966] usb 1-1: unable to read config index 0 descriptor/start: -61
[  552.098646][ T5966] usb 1-1: can't read configurations, error -61
[  552.233643][ T5966] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  552.307680][ T5966] usb 1-1: too many configurations: 194, using maximum allowed: 8
[  552.337935][ T5966] usb 1-1: unable to read config index 0 descriptor/start: -61
[  552.406409][ T5966] usb 1-1: can't read configurations, error -61
[  552.475089][ T5966] usb usb1-port1: unable to enumerate USB device
[  553.847640][ T5925] usb 3-1: USB disconnect, device number 45
[  553.901576][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  553.901587][   T30] audit: type=1400 audit(1755246942.191:2550): avc:  denied  { ioctl } for  pid=11851 comm="syz.1.1449" path="socket:[33519]" dev="sockfs" ino=33519 ioctlcmd=0xf50d scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  554.965556][T11876] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1457'.
[  555.591618][T11894] netlink: 'syz.1.1460': attribute type 9 has an invalid length.
[  555.786450][T11898] netlink: 'syz.1.1460': attribute type 9 has an invalid length.
[  556.876013][T11907] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1464'.
[  557.809334][T11907] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1464'.
[  557.838784][T11907] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1464'.
[  558.122908][T11923] FAULT_INJECTION: forcing a failure.
[  558.122908][T11923] name failslab, interval 1, probability 0, space 0, times 0
[  558.181558][T11923] CPU: 1 UID: 0 PID: 11923 Comm: syz.1.1470 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(full) 
[  558.181584][T11923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  558.181591][T11923] Call Trace:
[  558.181595][T11923]  <TASK>
[  558.181600][T11923]  dump_stack_lvl+0x16c/0x1f0
[  558.181616][T11923]  should_fail_ex+0x512/0x640
[  558.181629][T11923]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  558.181648][T11923]  should_failslab+0xc2/0x120
[  558.181661][T11923]  __kmalloc_cache_noprof+0x6a/0x3e0
[  558.181678][T11923]  ? find_held_lock+0x2b/0x80
[  558.181691][T11923]  ? syslog_print_all+0xeb/0x400
[  558.181703][T11923]  syslog_print_all+0xeb/0x400
[  558.181715][T11923]  ? __pfx_syslog_print_all+0x10/0x10
[  558.181736][T11923]  do_syslog+0x32c/0x6c0
[  558.181748][T11923]  ? __pfx_do_syslog+0x10/0x10
[  558.181759][T11923]  ? __fget_files+0x20e/0x3c0
[  558.181776][T11923]  ? ksys_write+0x1ac/0x250
[  558.181787][T11923]  ? __pfx_ksys_write+0x10/0x10
[  558.181801][T11923]  __x64_sys_syslog+0x74/0xb0
[  558.181813][T11923]  ? lockdep_hardirqs_on+0x7c/0x110
[  558.181824][T11923]  do_syscall_64+0xcd/0x4c0
[  558.181836][T11923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.181848][T11923] RIP: 0033:0x7f1639b8ebe9
[  558.181858][T11923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  558.181869][T11923] RSP: 002b:00007f163a945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000067
[  558.181880][T11923] RAX: ffffffffffffffda RBX: 00007f1639db5fa0 RCX: 00007f1639b8ebe9
[  558.181887][T11923] RDX: 00000000000000df RSI: 0000200000000440 RDI: 0000000000000004
[  558.181894][T11923] RBP: 00007f163a945090 R08: 0000000000000000 R09: 0000000000000000
[  558.181901][T11923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  558.181907][T11923] R13: 00007f1639db6038 R14: 00007f1639db5fa0 R15: 00007fff0a7d6c78
[  558.181921][T11923]  </TASK>
[  559.658888][   T30] audit: type=1326 audit(1755246947.181:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11935 comm="syz.3.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  559.786584][   T30] audit: type=1326 audit(1755246947.181:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11935 comm="syz.3.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  559.999065][T11931] mkiss: ax0: crc mode is auto.
[  560.023573][   T30] audit: type=1326 audit(1755246947.191:2553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11935 comm="syz.3.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  560.262153][   T30] audit: type=1326 audit(1755246947.191:2554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11935 comm="syz.3.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  560.290276][   T30] audit: type=1326 audit(1755246947.191:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11935 comm="syz.3.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  560.763622][   T30] audit: type=1326 audit(1755246947.191:2556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11935 comm="syz.3.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  560.803433][   T30] audit: type=1326 audit(1755246947.191:2557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11935 comm="syz.3.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  560.810182][T11946] loop3: detected capacity change from 0 to 1
[  560.827606][   T30] audit: type=1326 audit(1755246947.191:2558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11935 comm="syz.3.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  560.862568][   T30] audit: type=1326 audit(1755246947.191:2559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11935 comm="syz.3.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  560.893888][   T30] audit: type=1326 audit(1755246947.201:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11935 comm="syz.3.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fc52d58ebe9 code=0x7ffc0000
[  560.994964][T11946] Dev loop3: unable to read RDB block 1
[  561.003791][T11946]  loop3: unable to read partition table
[  561.009706][T11946] loop3: partition table beyond EOD, truncated
[  561.016829][T11946] loop_reread_partitions: partition scan of loop3 (�被x������ ) failed (rc=-5)
[  561.156057][T11949] netlink: 180 bytes leftover after parsing attributes in process `syz.4.1477'.
[  561.224845][T11951] FAULT_INJECTION: forcing a failure.
[  561.224845][T11951] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  561.241692][T11951] CPU: 0 UID: 0 PID: 11951 Comm: syz.2.1476 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(full) 
[  561.241718][T11951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  561.241728][T11951] Call Trace:
[  561.241734][T11951]  <TASK>
[  561.241741][T11951]  dump_stack_lvl+0x16c/0x1f0
[  561.241764][T11951]  should_fail_ex+0x512/0x640
[  561.241786][T11951]  _copy_from_iter+0x29f/0x16f0
[  561.241811][T11951]  ? __alloc_skb+0x200/0x380
[  561.241839][T11951]  ? __pfx__copy_from_iter+0x10/0x10
[  561.241859][T11951]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[  561.241883][T11951]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  561.241917][T11951]  netlink_sendmsg+0x829/0xdd0
[  561.241941][T11951]  ? __pfx_netlink_sendmsg+0x10/0x10
[  561.241971][T11951]  ____sys_sendmsg+0xa98/0xc70
[  561.241994][T11951]  ? copy_msghdr_from_user+0x10a/0x160
[  561.242012][T11951]  ? __pfx_____sys_sendmsg+0x10/0x10
[  561.242047][T11951]  ___sys_sendmsg+0x134/0x1d0
[  561.242067][T11951]  ? __pfx____sys_sendmsg+0x10/0x10
[  561.242108][T11951]  ? __mutex_unlock_slowpath+0x100/0x800
[  561.242141][T11951]  __sys_sendmsg+0x16d/0x220
[  561.242160][T11951]  ? __pfx___sys_sendmsg+0x10/0x10
[  561.242195][T11951]  do_syscall_64+0xcd/0x4c0
[  561.242217][T11951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  561.242235][T11951] RIP: 0033:0x7fe76418ebe9
[  561.242250][T11951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  561.242267][T11951] RSP: 002b:00007fe76505c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  561.242285][T11951] RAX: ffffffffffffffda RBX: 00007fe7643b5fa0 RCX: 00007fe76418ebe9
[  561.242297][T11951] RDX: 0000000004000000 RSI: 0000200000000800 RDI: 0000000000000004
[  561.242308][T11951] RBP: 00007fe76505c090 R08: 0000000000000000 R09: 0000000000000000
[  561.242318][T11951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  561.242328][T11951] R13: 00007fe7643b6038 R14: 00007fe7643b5fa0 R15: 00007fffdf075cc8
[  561.242353][T11951]  </TASK>
[  561.717054][T11958] netlink: 'syz.4.1480': attribute type 9 has an invalid length.
[  561.770152][T11960] netlink: 'syz.4.1480': attribute type 9 has an invalid length.
[  561.867281][ T5966] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  562.051967][ T5966] usb 2-1: Using ep0 maxpacket: 8
[  562.058677][ T5966] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  562.068263][T11970] netlink: 'syz.3.1481': attribute type 10 has an invalid length.
[  562.077038][T11970] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1481'.
[  562.088022][ T5966] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  562.095344][T11966] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1482'.
[  562.106363][ T5966] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.143480][ T5966] usb 2-1: config 0 descriptor??
[  562.192556][ T5966] gspca_main: vc032x-2.14.0 probing 046d:0892
[  562.400048][ T5927] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  562.421938][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  562.432926][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  562.580775][ T5927] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  562.601237][ T5927] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  562.618903][ T5927] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  562.659476][ T5927] usb 4-1: config 0 interface 0 has no altsetting 0
[  562.714151][ T5927] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  562.728603][ T5927] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  562.871384][ T5927] usb 4-1: config 0 interface 0 has no altsetting 0
[  562.885683][ T5927] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  562.907440][ T5927] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  562.942403][ T5927] usb 4-1: config 0 interface 0 has no altsetting 0
[  562.971207][ T5927] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  562.981026][ T5927] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  563.011817][ T5927] usb 4-1: config 0 interface 0 has no altsetting 0
[  563.026796][ T5927] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  563.037879][ T5927] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  563.169142][ T5927] usb 4-1: config 0 interface 0 has no altsetting 0
[  563.250205][ T5927] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  563.259282][ T5927] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  563.276306][ T5927] usb 4-1: config 0 interface 0 has no altsetting 0
[  563.417394][ T5927] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  563.687614][ T5927] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  563.709621][ T5927] usb 4-1: config 0 interface 0 has no altsetting 0
[  563.974589][ T5927] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  563.984772][ T5927] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  564.011577][ T5927] usb 4-1: config 0 interface 0 has no altsetting 0
[  564.040583][ T5966] usb 5-1: new full-speed USB device number 61 using dummy_hcd
[  564.041973][ T5927] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  564.065879][ T5927] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  564.075558][ T5927] usb 4-1: Product: syz
[  564.092748][ T5927] usb 4-1: Manufacturer: syz
[  564.113376][ T5927] usb 4-1: SerialNumber: syz
[  564.262071][ T5927] usb 4-1: config 0 descriptor??
[  564.325988][ T5927] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  564.341351][ T5966] usb 5-1: device descriptor read/64, error -71
[  564.739493][T11972] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1481'.
[  564.749660][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  564.749674][   T30] audit: type=1400 audit(1755246953.141:2588): avc:  denied  { write } for  pid=11963 comm="syz.3.1481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  564.810461][ T5966] usb 5-1: new full-speed USB device number 62 using dummy_hcd
[  564.810481][   T30] audit: type=1400 audit(1755246953.141:2589): avc:  denied  { nlmsg_write } for  pid=11963 comm="syz.3.1481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  564.990452][ T5966] usb 5-1: device descriptor read/64, error -71
[  565.141112][ T5966] usb usb5-port1: attempt power cycle
[  565.341941][ T5925] usb 2-1: USB disconnect, device number 55
[  565.500399][ T5966] usb 5-1: new full-speed USB device number 63 using dummy_hcd
[  566.589100][   T30] audit: type=1326 audit(1755246953.871:2590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12014 comm="syz.1.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1639b8ebe9 code=0x7ffc0000
[  566.798908][   T30] audit: type=1326 audit(1755246953.871:2591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12014 comm="syz.1.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1639b8ebe9 code=0x7ffc0000
[  566.824799][   T30] audit: type=1326 audit(1755246953.871:2592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12014 comm="syz.1.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f1639b8ebe9 code=0x7ffc0000
[  566.858429][   T30] audit: type=1326 audit(1755246953.881:2593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12014 comm="syz.1.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1639b8ebe9 code=0x7ffc0000
[  566.908592][   T30] audit: type=1326 audit(1755246953.881:2594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12014 comm="syz.1.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1639b8ebe9 code=0x7ffc0000
[  566.932917][   T30] audit: type=1326 audit(1755246953.881:2595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12014 comm="syz.1.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f1639b8ebe9 code=0x7ffc0000
[  566.971263][T12019] netlink: 'syz.0.1493': attribute type 10 has an invalid length.
[  566.979226][T12019] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1493'.
[  567.050229][   T30] audit: type=1326 audit(1755246953.881:2596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12014 comm="syz.1.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1639b8ebe9 code=0x7ffc0000
[  567.116875][ T5966] usb 5-1: device descriptor read/8, error -71
[  567.141593][   T30] audit: type=1326 audit(1755246953.881:2597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12014 comm="syz.1.1494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1639b8ebe9 code=0x7ffc0000
[  567.318335][ T5925] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  567.358889][T12022] vxcan0: tx drop: invalid sa for name 0x0000000000000001
[  567.385952][T12022] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1492'.
[  567.447474][    T9] usb 4-1: USB disconnect, device number 56
[  567.610580][    T9] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  567.710972][T12028] FAULT_INJECTION: forcing a failure.
[  567.710972][T12028] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  567.772914][T12028] CPU: 1 UID: 0 PID: 12028 Comm: syz.4.1495 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(full) 
[  567.772942][T12028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  567.772951][T12028] Call Trace:
[  567.772957][T12028]  <TASK>
[  567.772964][T12028]  dump_stack_lvl+0x16c/0x1f0
[  567.772986][T12028]  should_fail_ex+0x512/0x640
[  567.773008][T12028]  _copy_from_user+0x2e/0xd0
[  567.773030][T12028]  do_sock_getsockopt+0x3ca/0x440
[  567.773052][T12028]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  567.773070][T12028]  ? __fget_files+0x204/0x3c0
[  567.773101][T12028]  __sys_getsockopt+0x12f/0x260
[  567.773123][T12028]  __x64_sys_getsockopt+0xbd/0x160
[  567.773138][T12028]  ? do_syscall_64+0x91/0x4c0
[  567.773154][T12028]  ? lockdep_hardirqs_on+0x7c/0x110
[  567.773170][T12028]  do_syscall_64+0xcd/0x4c0
[  567.773188][T12028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.773205][T12028] RIP: 0033:0x7f6cf298ebe9
[  567.773219][T12028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  567.773235][T12028] RSP: 002b:00007f6cf3739038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  567.773252][T12028] RAX: ffffffffffffffda RBX: 00007f6cf2bb5fa0 RCX: 00007f6cf298ebe9
[  567.773263][T12028] RDX: 0000000000000014 RSI: 0000000000000006 RDI: 0000000000000003
[  567.773273][T12028] RBP: 00007f6cf3739090 R08: 0000200000000040 R09: 0000000000000000
[  567.773292][T12028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  567.773302][T12028] R13: 00007f6cf2bb6038 R14: 00007f6cf2bb5fa0 R15: 00007fff4dae4438
[  567.773327][T12028]  </TASK>
[  568.040427][ T5925] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  568.140519][ T5925] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  568.222852][ T5925] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  568.337366][ T5925] usb 1-1: config 0 interface 0 has no altsetting 0
[  568.571810][T12048] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1500'.
[  568.953021][ T5925] usb 1-1: unable to read config index 1 descriptor/start: -71
[  568.971006][ T5925] usb 1-1: can't read configurations, error -71
[  569.070018][ T5966] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  569.124803][T12058] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1503'.
[  569.174316][T12060] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1504'.
[  569.220255][ T5966] usb 2-1: Using ep0 maxpacket: 16
[  569.232808][ T5966] usb 2-1: config 0 has an invalid interface number: 47 but max is 0
[  569.406032][ T5966] usb 2-1: config 0 has no interface number 0
[  569.415014][ T5966] usb 2-1: New USB device found, idVendor=084d, idProduct=0003, bcdDevice=86.58
[  569.415133][ T5966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  569.415199][ T5966] usb 2-1: Product: syz
[  569.415259][ T5966] usb 2-1: Manufacturer: syz
[  569.415347][ T5966] usb 2-1: SerialNumber: syz
[  569.438040][ T5966] usb 2-1: config 0 descriptor??
[  569.443421][ T5966] gspca_main: spca500-2.14.0 probing 084d:0003
[  570.314554][   T30] kauditd_printk_skb: 98 callbacks suppressed
[  570.314578][   T30] audit: type=1326 audit(1755246958.101:2697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  570.588770][T12052] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  570.598496][T12052] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  570.610767][   T30] audit: type=1326 audit(1755246958.101:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  570.610785][ T5925] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  570.638355][   T30] audit: type=1326 audit(1755246958.101:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  570.681266][   T30] audit: type=1326 audit(1755246958.101:2700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz.2.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe76418ebe9 code=0x7ffc0000
[  571.008167][   T30] audit: type=1400 audit(1755246958.091:2696): avc:  denied  { name_bind } for  pid=12051 comm="syz.1.1501" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  571.035118][ T5927] usb 2-1: USB disconnect, device number 56
[  571.184834][   T30] audit: type=1400 audit(1755246958.991:2701): avc:  denied  { map_read map_write } for  pid=12051 comm="syz.1.1501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  571.210861][T12076] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1509'.
[  571.221413][ T5925] usb 1-1: Using ep0 maxpacket: 8
[  571.236326][   T30] audit: type=1400 audit(1755246959.081:2702): avc:  denied  { read } for  pid=12068 comm="syz.3.1507" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  571.480709][   T30] audit: type=1400 audit(1755246959.081:2703): avc:  denied  { open } for  pid=12068 comm="syz.3.1507" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  571.483411][ T5925] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  571.523009][T12078] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  571.538834][   T30] audit: type=1400 audit(1755246959.081:2704): avc:  denied  { allowed } for  pid=12068 comm="syz.3.1507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  571.673844][ T5925] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.690381][ T5925] usb 1-1: Product: syz
[  571.694697][ T5925] usb 1-1: Manufacturer: syz
[  571.731770][ T5925] usb 1-1: SerialNumber: syz
[  571.788334][   T30] audit: type=1400 audit(1755246959.081:2705): avc:  denied  { create } for  pid=12068 comm="syz.3.1507" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  571.816240][ T5925] usb 1-1: config 0 descriptor??
[  571.881529][ T5925] gspca_main: se401-2.14.0 probing 047d:5003
[  573.360999][ T5925] usb 1-1: reset high-speed USB device number 61 using dummy_hcd
[  574.578547][ T5925] usb 1-1: device descriptor read/64, error -32
[  574.913481][ T5925] usb 1-1: reset high-speed USB device number 61 using dummy_hcd
[  575.175749][ T5925] usb 1-1: device descriptor read/64, error -32
[  575.544128][ T5925] usb 1-1: reset high-speed USB device number 61 using dummy_hcd
[  575.712299][ T5925] usb 1-1: device descriptor read/8, error -32
[  576.037521][ T5925] usb 1-1: reset high-speed USB device number 61 using dummy_hcd
[  576.100134][ T5925] usb 1-1: device descriptor read/8, error -32
[  576.307419][ T5925] raw-gadget.0 gadget.0: failed to queue suspend event
[  576.337077][ T5925] gspca_se401: read req failed req 0x06 error -19
[  576.794730][ T5925] usb 1-1: USB disconnect, device number 61
[  591.296230][T12095] sched: DL replenish lagged too much
[  593.998159][ T5925] raw-gadget.0 gadget.0: failed to queue reset event
[  603.625769][ T5925] raw-gadget.0 gadget.0: failed to queue resume event
[  609.505646][ T5925] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  640.449837][    C0] raw-gadget.0 gadget.0: ignoring, device is not running
[  640.700404][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  705.452670][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  706.720521][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  706.735615][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  711.842311][ T5925] raw-gadget.0 gadget.0: failed to queue reset event
[  751.238015][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  751.910040][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  817.699658][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  817.706610][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P2/1:b..l P5830/1:b..l P5586/1:b..l
[  817.716862][    C1] rcu: 	(detected by 1, t=10503 jiffies, g=52881, q=524 ncpus=2)
[  817.724571][    C1] task:crond           state:R  running task     stack:25512 pid:5586  tgid:5586  ppid:1      task_flags:0x400000 flags:0x00004002
[  817.738956][    C1] Call Trace:
[  817.742219][    C1]  <TASK>
[  817.745145][    C1]  __schedule+0x1190/0x5de0
[  817.749660][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  817.755034][    C1]  ? __pfx___schedule+0x10/0x10
[  817.759883][    C1]  ? kasan_save_stack+0x33/0x60
[  817.764723][    C1]  ? kmem_cache_free+0x16d/0x4d0
[  817.769654][    C1]  ? mark_held_locks+0x49/0x80
[  817.774415][    C1]  preempt_schedule_irq+0x51/0x90
[  817.779428][    C1]  irqentry_exit+0x36/0x90
[  817.783824][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  817.789802][    C1] RIP: 0010:lock_acquire+0x62/0x350
[  817.794998][    C1] Code: 77 3e 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 62 6d 13 0f 0f 82 74 02 00 00 8b 35 2a 9f 13 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 b9 76 3e 12 0f 85 c7 02 00 00 48 83 c4
[  817.814600][    C1] RSP: 0018:ffffc9000359f848 EFLAGS: 00000206
[  817.820671][    C1] RAX: 0000000000000046 RBX: ffffffff8e5c11e0 RCX: 000000006481f9f7
[  817.828628][    C1] RDX: 0000000000000000 RSI: ffffffff8de29da0 RDI: ffffffff8c162580
[  817.836580][    C1] RBP: 0000000000000002 R08: 9e0ff3f8210f2cbc R09: 0000000000000000
[  817.844540][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[  817.852502][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  817.860480][    C1]  ? unwind_next_frame+0x3f4/0x20a0
[  817.865677][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  817.871829][    C1]  is_module_text_address+0x33/0x220
[  817.877104][    C1]  ? is_module_text_address+0x1f/0x220
[  817.882550][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  817.888694][    C1]  kernel_text_address+0x81/0x100
[  817.893701][    C1]  __kernel_text_address+0xd/0x40
[  817.898715][    C1]  unwind_get_return_address+0x59/0xa0
[  817.904165][    C1]  arch_stack_walk+0xa6/0x100
[  817.908848][    C1]  stack_trace_save+0x8e/0xc0
[  817.913505][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  817.918873][    C1]  ? __lock_acquire+0x62e/0x1ce0
[  817.923812][    C1]  save_stack+0x160/0x1f0
[  817.928133][    C1]  ? __pfx_save_stack+0x10/0x10
[  817.932965][    C1]  ? __free_frozen_pages+0x7d5/0x10f0
[  817.938333][    C1]  ? __put_partials+0x165/0x1c0
[  817.943177][    C1]  ? qlist_free_all+0x4d/0x120
[  817.947927][    C1]  ? kasan_quarantine_reduce+0x195/0x1e0
[  817.953529][    C1]  ? __kasan_slab_alloc+0x69/0x90
[  817.958546][    C1]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[  817.964167][    C1]  ? getname_flags.part.0+0x4c/0x550
[  817.969443][    C1]  ? getname_flags+0x93/0xf0
[  817.974006][    C1]  ? do_sys_openat2+0xb8/0x1d0
[  817.978766][    C1]  ? __x64_sys_openat+0x174/0x210
[  817.983784][    C1]  ? do_syscall_64+0xcd/0x4c0
[  817.988449][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.994490][    C1]  ? page_ext_put+0x3e/0xd0
[  817.998985][    C1]  __reset_page_owner+0x84/0x1a0
[  818.003914][    C1]  __free_frozen_pages+0x7d5/0x10f0
[  818.009109][    C1]  __put_partials+0x165/0x1c0
[  818.013773][    C1]  qlist_free_all+0x4d/0x120
[  818.018354][    C1]  kasan_quarantine_reduce+0x195/0x1e0
[  818.023801][    C1]  __kasan_slab_alloc+0x69/0x90
[  818.028645][    C1]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  818.034078][    C1]  ? getname_flags.part.0+0x4c/0x550
[  818.039362][    C1]  getname_flags.part.0+0x4c/0x550
[  818.044469][    C1]  getname_flags+0x93/0xf0
[  818.048869][    C1]  do_sys_openat2+0xb8/0x1d0
[  818.053436][    C1]  ? __pfx_do_sys_openat2+0x10/0x10
[  818.058639][    C1]  ? __rseq_handle_notify_resume+0x681/0x10e0
[  818.064704][    C1]  __x64_sys_openat+0x174/0x210
[  818.069545][    C1]  ? __pfx___x64_sys_openat+0x10/0x10
[  818.074904][    C1]  do_syscall_64+0xcd/0x4c0
[  818.079404][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.085288][    C1] RIP: 0033:0x7f860b7ebc3a
[  818.089695][    C1] RSP: 002b:00007ffc27897a18 EFLAGS: 00000206 ORIG_RAX: 0000000000000101
[  818.098093][    C1] RAX: ffffffffffffffda RBX: 0000561af814d300 RCX: 00007f860b7ebc3a
[  818.106054][    C1] RDX: 0000000000080000 RSI: 00007f860b88845a RDI: 00000000ffffff9c
[  818.114016][    C1] RBP: 0000000000000008 R08: 0000000000000008 R09: 0000000000000001
[  818.121977][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f860b8867f4
[  818.129934][    C1] R13: 00007f860b8867f4 R14: 0000000000000001 R15: 0000000000000033
[  818.137905][    C1]  </TASK>
[  818.140909][    C1] task:syz-executor    state:R  running task     stack:22184 pid:5830  tgid:5830  ppid:5829   task_flags:0x400100 flags:0x00004002
[  818.154385][    C1] Call Trace:
[  818.157649][    C1]  <TASK>
[  818.160569][    C1]  __schedule+0x1190/0x5de0
[  818.165073][    C1]  ? find_held_lock+0x2b/0x80
[  818.169748][    C1]  ? bpf_ksym_find+0x127/0x1c0
[  818.174505][    C1]  ? is_bpf_text_address+0x94/0x1a0
[  818.179700][    C1]  ? __pfx___schedule+0x10/0x10
[  818.184559][    C1]  ? mark_held_locks+0x49/0x80
[  818.189317][    C1]  preempt_schedule_irq+0x51/0x90
[  818.194317][    C1]  irqentry_exit+0x36/0x90
[  818.198726][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  818.204698][    C1] RIP: 0010:write_comp_data+0x3c/0x90
[  818.210059][    C1] Code: 8b 05 58 b3 1a 12 a9 00 01 ff 00 74 1d f6 c4 01 74 67 a9 00 00 0f 00 75 60 a9 00 00 f0 00 75 59 8b 82 3c 16 00 00 85 c0 74 4f <8b> 82 18 16 00 00 83 f8 03 75 44 48 8b 82 20 16 00 00 8b 92 1c 16
[  818.229669][    C1] RSP: 0018:ffffc9000377faf0 EFLAGS: 00000246
[  818.235728][    C1] RAX: 0000000080000000 RBX: 0000000000000001 RCX: ffffffff822dc021
[  818.243686][    C1] RDX: ffff888077dc4880 RSI: 0000000000000000 RDI: 0000000000000005
[  818.251643][    C1] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[  818.259598][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88801f55a4a0
[  818.267554][    C1] R13: ffff88801f55a49c R14: 0000000000000000 R15: dffffc0000000000
[  818.275510][    C1]  ? __page_table_check_zero+0x321/0x5d0
[  818.281140][    C1]  __page_table_check_zero+0x321/0x5d0
[  818.286593][    C1]  ? __pfx___page_table_check_zero+0x10/0x10
[  818.292576][    C1]  ? __reset_page_owner+0x137/0x1a0
[  818.297774][    C1]  __free_frozen_pages+0x7b7/0x10f0
[  818.302975][    C1]  ? mod_node_page_state+0x90/0x150
[  818.308180][    C1]  __put_partials+0x165/0x1c0
[  818.312864][    C1]  qlist_free_all+0x4d/0x120
[  818.317460][    C1]  kasan_quarantine_reduce+0x195/0x1e0
[  818.322912][    C1]  __kasan_slab_alloc+0x69/0x90
[  818.327755][    C1]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  818.333192][    C1]  ? security_file_alloc+0x34/0x2b0
[  818.338407][    C1]  security_file_alloc+0x34/0x2b0
[  818.343436][    C1]  init_file+0x93/0x4c0
[  818.347585][    C1]  alloc_empty_file+0x73/0x1e0
[  818.352329][    C1]  alloc_file_clone+0x5f/0x110
[  818.357092][    C1]  create_pipe_files+0x412/0x9a0
[  818.362025][    C1]  do_pipe2+0xaf/0x1c0
[  818.366087][    C1]  ? __pfx_do_pipe2+0x10/0x10
[  818.370760][    C1]  ? xfd_validate_state+0x61/0x180
[  818.375879][    C1]  __x64_sys_pipe2+0x54/0x80
[  818.380463][    C1]  do_syscall_64+0xcd/0x4c0
[  818.384960][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.390848][    C1] RIP: 0033:0x7fb65f38d909
[  818.395253][    C1] RSP: 002b:00007ffc1f77d538 EFLAGS: 00000246 ORIG_RAX: 0000000000000125
[  818.403655][    C1] RAX: ffffffffffffffda RBX: 000055557fc2cb20 RCX: 00007fb65f38d909
[  818.411615][    C1] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 00007ffc1f77d548
[  818.419571][    C1] RBP: 00007ffc1f77d900 R08: 0000000000000007 R09: 000055557fc2bf40
[  818.427517][    C1] R10: 30fba8b0b7a2a731 R11: 0000000000000246 R12: 00007ffc1f77d960
[  818.435478][    C1] R13: 000055557fc311c0 R14: 00007ffc1f77d680 R15: 000055557fc34798
[  818.443453][    C1]  </TASK>
[  818.446463][    C1] task:kthreadd        state:R  running task     stack:26600 pid:2     tgid:2     ppid:0      task_flags:0x208040 flags:0x00004000
[  818.459939][    C1] Call Trace:
[  818.463202][    C1]  <TASK>
[  818.466124][    C1]  __schedule+0x1190/0x5de0
[  818.470645][    C1]  ? __pfx___schedule+0x10/0x10
[  818.475506][    C1]  ? mark_held_locks+0x49/0x80
[  818.480273][    C1]  preempt_schedule_irq+0x51/0x90
[  818.485290][    C1]  irqentry_exit+0x36/0x90
[  818.489693][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  818.495671][    C1] RIP: 0010:lock_release+0x3b/0x2f0
[  818.500866][    C1] Code: 89 fb 48 83 ec 18 65 48 8b 05 b9 7d 3e 12 48 89 44 24 10 31 c0 0f 1f 44 00 00 65 8b 05 d2 7d 3e 12 83 f8 07 0f 87 38 02 00 00 <89> c0 48 0f a3 05 1b 74 13 0f 0f 82 b1 01 00 00 8b 3d e3 a5 13 0f
[  818.520464][    C1] RSP: 0018:ffffc900000775b8 EFLAGS: 00000297
[  818.526527][    C1] RAX: 0000000000000000 RBX: ffffffff8e5c11e0 RCX: ffffc90000078001
[  818.534487][    C1] RDX: 0000000000000000 RSI: ffffffff816ae8a4 RDI: ffffffff8e5c11e0
[  818.542448][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  818.550413][    C1] R10: 0000000000000001 R11: 0000000000012be5 R12: ffffffff816ae8a4
[  818.558375][    C1] R13: ffffc90000077670 R14: ffffc900000778b0 R15: ffffc900000776a4
[  818.566331][    C1]  ? unwind_next_frame+0x3f4/0x20a0
[  818.571536][    C1]  ? unwind_next_frame+0x3f4/0x20a0
[  818.576735][    C1]  unwind_next_frame+0x3f9/0x20a0
[  818.581750][    C1]  ? save_stack+0x160/0x1f0
[  818.586257][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  818.592406][    C1]  arch_stack_walk+0x94/0x100
[  818.597074][    C1]  ? __reset_page_owner+0x84/0x1a0
[  818.602162][    C1]  stack_trace_save+0x8e/0xc0
[  818.606834][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  818.612201][    C1]  ? __lock_acquire+0x62e/0x1ce0
[  818.617140][    C1]  save_stack+0x160/0x1f0
[  818.621455][    C1]  ? __pfx_save_stack+0x10/0x10
[  818.626315][    C1]  ? page_ext_put+0x3e/0xd0
[  818.630811][    C1]  __reset_page_owner+0x84/0x1a0
[  818.635745][    C1]  __free_frozen_pages+0x7d5/0x10f0
[  818.640950][    C1]  __put_partials+0x165/0x1c0
[  818.645630][    C1]  qlist_free_all+0x4d/0x120
[  818.650209][    C1]  kasan_quarantine_reduce+0x195/0x1e0
[  818.655660][    C1]  __kasan_slab_alloc+0x69/0x90
[  818.660502][    C1]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  818.665876][    C1]  ? set_kthread_struct+0xcb/0x380
[  818.670978][    C1]  set_kthread_struct+0xcb/0x380
[  818.675905][    C1]  copy_process+0x3107/0x7690
[  818.680581][    C1]  ? find_held_lock+0x2b/0x80
[  818.685263][    C1]  ? __pfx_copy_process+0x10/0x10
[  818.690287][    C1]  ? __pfx_wake_up_new_task+0x10/0x10
[  818.695658][    C1]  kernel_clone+0xfc/0x930
[  818.700067][    C1]  ? finish_task_switch.isra.0+0x221/0xc10
[  818.705865][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  818.710897][    C1]  ? __pfx_kthread+0x10/0x10
[  818.715476][    C1]  kernel_thread+0xd4/0x120
[  818.719976][    C1]  ? __pfx_kernel_thread+0x10/0x10
[  818.725090][    C1]  ? __pfx_kthread+0x10/0x10
[  818.729672][    C1]  ? find_held_lock+0x2b/0x80
[  818.734348][    C1]  ? kthreadd+0x495/0x800
[  818.738667][    C1]  kthreadd+0x503/0x800
[  818.742806][    C1]  ? __pfx_kthreadd+0x10/0x10
[  818.747473][    C1]  ret_from_fork+0x5d7/0x6f0
[  818.752052][    C1]  ? __pfx_kthreadd+0x10/0x10
[  818.756716][    C1]  ret_from_fork_asm+0x1a/0x30
[  818.761486][    C1]  </TASK>
[  818.764492][    C1] rcu: rcu_preempt kthread starved for 6120 jiffies! g52881 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  818.775583][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  818.785535][    C1] rcu: RCU grace-period kthread stack dump:
[  818.791408][    C1] task:rcu_preempt     state:R  running task     stack:27784 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  818.804891][    C1] Call Trace:
[  818.808171][    C1]  <TASK>
[  818.811084][    C1]  __schedule+0x1190/0x5de0
[  818.815604][    C1]  ? __pfx___schedule+0x10/0x10
[  818.820472][    C1]  ? find_held_lock+0x2b/0x80
[  818.825150][    C1]  ? schedule+0x2d7/0x3a0
[  818.829476][    C1]  schedule+0xe7/0x3a0
[  818.833534][    C1]  schedule_timeout+0x123/0x290
[  818.838387][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  818.843756][    C1]  ? __pfx_process_timeout+0x10/0x10
[  818.849039][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  818.854832][    C1]  ? prepare_to_swait_event+0xf5/0x480
[  818.860295][    C1]  rcu_gp_fqs_loop+0x1ea/0xb00
[  818.865050][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  818.870333][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  818.875523][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  818.880451][    C1]  ? rcu_gp_cleanup+0x7c1/0xd90
[  818.885295][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  818.891106][    C1]  rcu_gp_kthread+0x270/0x380
[  818.895773][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  818.900964][    C1]  ? rcu_is_watching+0x12/0xc0
[  818.905719][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  818.910909][    C1]  ? __kthread_parkme+0x19e/0x250
[  818.915931][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  818.921121][    C1]  kthread+0x3c5/0x780
[  818.925183][    C1]  ? __pfx_kthread+0x10/0x10
[  818.929767][    C1]  ? rcu_is_watching+0x12/0xc0
[  818.934522][    C1]  ? __pfx_kthread+0x10/0x10
[  818.939103][    C1]  ret_from_fork+0x5d7/0x6f0
[  818.943683][    C1]  ? __pfx_kthread+0x10/0x10
[  818.948257][    C1]  ret_from_fork_asm+0x1a/0x30
[  818.953011][    C1]  </TASK>
[  818.956019][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  818.962324][    C1] Sending NMI from CPU 1 to CPUs 0:
[  818.967516][    C0] NMI backtrace for cpu 0
[  818.967526][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.17.0-rc1-syzkaller-00111-g24ea63ea3877 #0 PREEMPT(full) 
[  818.967543][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  818.967551][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  818.967568][    C0] Code: 8c 62 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 a2 16 00 fb f4 <e9> 4c 0d 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  818.967580][    C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 000002c2
[  818.967591][    C0] RAX: 0000000002ca1efd RBX: 0000000000000000 RCX: ffffffff8b936c29
[  818.967600][    C0] RDX: 0000000000000000 RSI: ffffffff8de4f295 RDI: ffffffff8c162580
[  818.967607][    C0] RBP: fffffbfff1c52ef8 R08: 0000000000000001 R09: ffffed1017086655
[  818.967616][    C0] R10: ffff8880b84332ab R11: 0000000000000000 R12: 0000000000000000
[  818.967624][    C0] R13: ffffffff8e2977c0 R14: ffffffff90ab3690 R15: 0000000000000000
[  818.967632][    C0] FS:  0000000000000000(0000) GS:ffff8881246bc000(0000) knlGS:0000000000000000
[  818.967645][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  818.967654][    C0] CR2: 000055557541f5c8 CR3: 000000005d145000 CR4: 00000000003526f0
[  818.967662][    C0] Call Trace:
[  818.967666][    C0]  <TASK>
[  818.967670][    C0]  default_idle+0x13/0x20
[  818.967684][    C0]  default_idle_call+0x6d/0xb0
[  818.967698][    C0]  do_idle+0x391/0x510
[  818.967714][    C0]  ? __pfx_do_idle+0x10/0x10
[  818.967729][    C0]  ? trace_sched_exit_tp+0x2f/0x120
[  818.967744][    C0]  cpu_startup_entry+0x4f/0x60
[  818.967759][    C0]  rest_init+0x16b/0x2b0
[  818.967773][    C0]  ? acpi_subsystem_init+0x133/0x180
[  818.967791][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  818.967810][    C0]  start_kernel+0x3ee/0x4d0
[  818.967828][    C0]  x86_64_start_reservations+0x18/0x30
[  818.967845][    C0]  x86_64_start_kernel+0x130/0x190
[  818.967863][    C0]  common_startup_64+0x13e/0x148
[  818.967881][    C0]  </TASK>
[  820.832446][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  821.364828][ T1299] ieee802154 phy1 wpan1: encryption failed: -22