last executing test programs:

10.517129007s ago: executing program 4 (id=916):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f0, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)={@private0, @initdev={0xac, 0x1e, 0x0, 0x0}}})
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e00000095000000fdd263e7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x0, 0x7, 0x8, &(0x7f0000000080)="0000ffffffffa0", &(0x7f0000000300)=""/8, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000740)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r5 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1807000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b708000000000080"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r7}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r5}})

10.073928742s ago: executing program 3 (id=920):
timer_settime(0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r4, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7ece1e40ad8871461ab0800", @ANYRES64=r2, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r3, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)

9.277581863s ago: executing program 4 (id=921):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x0, 0x0})

9.184291992s ago: executing program 1 (id=923):
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f80004000000000000002000000000000000000080008000100000000ff", 0x24)

9.16148639s ago: executing program 3 (id=924):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0xd)

9.043979375s ago: executing program 1 (id=927):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
getrlimit(0xc, &(0x7f00000000c0))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mq_open(0x0, 0x0, 0x0, 0x0)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f00000000c0), 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e220e227f000008925aa80013007b0009008000", 0x2c}], 0x1)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000040), 0x8)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x7, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x48}, [@ldst={0x7, 0x3}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x22e, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)

9.027515673s ago: executing program 3 (id=928):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})

8.812896954s ago: executing program 4 (id=929):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000100)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x0, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/233, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/99, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000004c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x20000)
write$eventfd(r2, &(0x7f00000000c0)=0xfffffffffffffffe, 0x8)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="350a0000000000006911d400000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)

8.145140139s ago: executing program 1 (id=931):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000d000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000000)="0f20c06635000004000f22c0360fb0470066b9800000c00f326635000100000f300f30262e66660f3801ce7a780f073e0f5b82776b660f38327e0066b86c8e67040f23d80f21f86635000000e00f23f8", 0x50}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

8.042696768s ago: executing program 3 (id=932):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={0x14, r1, 0x6c04073ee59f7719, 0xf0ff, 0x0, {0x4}}, 0x14}}, 0x0)

3.801118341s ago: executing program 3 (id=934):
unshare(0x68040200)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000480)={'filter\x00'}, &(0x7f00000003c0)=0x54)

3.752172743s ago: executing program 0 (id=935):
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd708", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

3.660333029s ago: executing program 4 (id=937):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0)
write(r0, &(0x7f00000000c0), 0x0)
getpid()
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0xe)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)

3.64688088s ago: executing program 1 (id=938):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
write(r0, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000f00c00000000", 0x14)
recvmmsg(r0, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

3.517129655s ago: executing program 0 (id=939):
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2713, &(0x7f0000019580)=""/102397, &(0x7f0000000040)=0x18ffd)

3.516903878s ago: executing program 2 (id=940):
syz_emit_ethernet(0x6e, &(0x7f0000000340)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd60e4d70000383a00fe880000000000000000000000000001ff020000000000000000000000000001020090780000000060fd906300003a0000000000000000000000004000000000fec0ffff000000000000ffffac1414aa0300000000000000"], 0x0)

3.248163035s ago: executing program 4 (id=941):
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r0, &(0x7f0000000140)={'full'}, 0xfffffdef)
r1 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000002600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x28}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
io_uring_enter(r1, 0x5113, 0x0, 0x0, 0x0, 0x0)

3.227409053s ago: executing program 0 (id=942):
creat(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000200), 0x129082, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f00000000c0)=0x20)
write$binfmt_elf32(r3, 0x0, 0x4cd)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000100)=0x4)
write$dsp(r3, &(0x7f0000000240)="755a5398d512d39077459e67ee110daaf0413bc3deef85b89f2141d512b2c14020e625b0d98e6f09000000ac3c22dbfdebb1ab51524cf9df6f80884a8ab6c1165db5a2034aff8a1bce0b5e3928d4aa605c76fe83be50a4b0ba64896d0020fe6d7b0100000058b323da6238f784a6243e9e97f0f00fee7a3dffffffffffffffffa944c98d62397cf81a19b53f", 0x8c)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000080)=0x40000017)
ppoll(&(0x7f0000000000)=[{}], 0x1, 0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000200)=[{&(0x7f0000000080)="580000001400192340834b00000d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000a0c10000000010000000000", 0x58}], 0x1)

3.154136607s ago: executing program 2 (id=943):
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0406000000000000005872133b22b9441a168f2463fce7e35d03"], 0x1a)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x8000, 0xffffffff, 0x2, 0x8000}, 0x10)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="62000000000000007b0a00ff000000001d0a000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="100000002500000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0xa, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x47, 0x10, 0x0, 0x1e}, 0x2d)
memfd_create(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
syz_emit_ethernet(0xc9, &(0x7f0000000740)=ANY=[@ANYBLOB="a1292cc857f0d8724bf8c60180c200000000006b1fb0aa824a0c17000000008847000000000000000000000000000f0000421400ab0065000001061078ac1414bbffffffff444c5871e0000002000000006401010000000000ac1414aa00000005ac14143500000001ac141432000000050000000000000001ac1414aa00000002ac1e010100000002ac141413000000018608ffffffff0702441c21330000000000000005ac1e010100000008e0000002000000059404010000000000000000000000000000000004"], 0x0)
pipe2(&(0x7f0000000000), 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
gettid()
timer_create(0x0, &(0x7f0000000180), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1004c}, 0x90)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="050003000000000000002100000008000300", @ANYRES32=r5], 0x3c}}, 0x0)

1.905815069s ago: executing program 0 (id=944):
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
io_setup(0x8, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10b8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
io_submit(0x0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0}])
r3 = inotify_init()
inotify_add_watch(r3, &(0x7f0000000140)='.\x00', 0x47000822)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x101141, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001780)=ANY=[@ANYBLOB="b400000000080103000000000000000000000000060002400000000005000300ff00000006000240600400000900012073797a310000000006000240890d00000900010073797a3100000000240004800800064000000009080002400000000208000b4000000101080001"], 0xb4}}, 0x0)
unlink(&(0x7f0000000c00)='./file0\x00')
pwritev(r4, &(0x7f00000000c0)=[{&(0x7f00000001c0)="a4", 0x1}], 0x1, 0x0, 0x0)

1.524251178s ago: executing program 1 (id=945):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18060000000000000000000000000040180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000020000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f00000000c0)="510003000000", 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r7=>0x0})
sendmsg$nl_xfrm(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=@updpolicy={0xc4, 0x19, 0x501, 0x0, 0x0, {{@in6=@private0, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@offload={0xc, 0x1c, {r7, 0x4}}]}, 0xc4}}, 0x0)

1.52367568s ago: executing program 3 (id=946):
r0 = openat$full(0xffffffffffffff9c, &(0x7f00000003c0), 0x402000, 0x0)
r1 = syz_io_uring_setup(0x6591, &(0x7f0000000080)={0x0, 0x100001, 0x800, 0x0, 0x0, 0x0, r0}, &(0x7f0000000000), &(0x7f0000000040))
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a320000000068000000060a010400000000000000000100000008000b4000000000400004803c0001800b000100657874686472004ef41c44002c000280080003400000000008000140000000000800064000006d7cc08bce879f1108993eae0002080004400000000005000200000000000900010073797a3000000000140000001100010000000000000000000000000a"], 0xdc}}, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r3, 0x29, 0x40, 0x0, 0x60)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x8140aecc, &(0x7f0000000140))
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
close(r5)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r3, 0xc0c89425, &(0x7f0000000400)={"2d87195d2ff31e7afe748bdc69f732d6", 0x0, <r8=>0x0, {0x8, 0x9f}, {0x6, 0x1f7}, 0x4, [0x2, 0x9, 0x4b, 0x9, 0x3ff, 0x6, 0xdc, 0x0, 0x21253c03, 0xc, 0x1, 0x9cd, 0xd, 0x4, 0xf9c, 0x2]})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r6, 0x50009418, &(0x7f00000011c0)={{r6}, r8, 0x2, @inherit={0x78, &(0x7f0000000500)={0x1, 0x6, 0xd069, 0x10001, {0x2, 0x9, 0x1, 0xfffffffffffffff2, 0x9}, [0x800, 0x9e, 0x3, 0x0, 0x3, 0xfffffffffffffffe]}}, @name="f036136b37cf5d262de7e662c568e8af5eddeb54a7ea675c1efda7bdc75f1cf43802f381bc934fdead8641fa82817c35369d4f56d0c6b2f0bae7c25702d51ce31e018ed19af058a5e51b53562541400e37ac34524351266ac6d576a27c9107c43b30eba4536ee9aaef4069f4f1be235ec4666e019b89d20f2bd209cfe8f4e9c8d0b904dfc249f82a94605df378a135e45c76818f12a06a5fea501a01c46fee2e6258f0cba245e64b33f81694ac4e61d73419026e494be65f95ea74cd18e86781e2d6d5598a0345135c262c49715b535b2ae2d564191a534dcfc4f8f4940b1ea9d07c313bbe03e2450c4710e93ed11db6229440c7daad0822c79770fef33798f6c321ce415855a9f9de857fc5e5c4ca0554e3b28990c2cf7a6cda8599d3a79087916d3228f4e1a0ef404eb10f31fff8dda15812fb26ac3327c8ea9951243d5f9547e408d6f8df2229d7d4a840d7c9044de68d5c48fc34973ce6a24cf4559fa28ee0d0188140a6dea6833202fdbcdac0fae2b62e602f30d7e1ddc6ece9bf27e725c521fb4e7bc4a4aea3253aa2c6deae9cfb6c13a467c8a00e0298d988f8788998c2e4fe715f5feb6e2a2511b8075a2ec0f380320ac7b76c9fae29ca2d2e8ad59799def7900373f94e531e6aabe8ccdef766689fc201d9afc0183f418af9d75a160fd2d23932605ab70c9f7a95274b17f173be6b4866e457a39f3af207c31967eefd455168e91479b7f34667648fa76c81b933498a49a001d1babd87c8d7242f7e5453de0200f610f9b0455fb65002cd53ea6935c3f7c17ed66b5aae3180832cdac900ac4bcc462255ad4bf38b7a94ba9fca4ac64e89e88d9b92d383f8af0468f484faf99417595bc423cd04125c3e4e006bcc24bf6ca802fda32af0ca5dd8cef8fdd638ebf37f0e84681ec16f6b3b5c1ec31477cb152eb45f96657d3d77e3c2cd9d8a3ead94bf6e862955efffca3986c144f63642c386c9b244a0c88e490e1f69f0df248678b0625cdf181dbceb51e899fd08e09219d58324205ded529fd294afb16b47620cfa0343207532b92c2ebcb68c9061e4d99dc0440826a13f0415797a49648a0e8d4d2f8b9cb5cf9e5525f09c0800b49ab3cf740fa26814804cf6294f588e8cd38d8fb45ef7e706f8232a805a6029b7f71c5343dfbda83af4c16fab9dcf1ba4f3c7da068b1d7b43ec039d3a4f6e09c887f9d469eaec1d49e6c2128b7ec0998c1fa432e16b20119868bd7a0abdd837848a56e7d3c89fa967d8b9edc6e06e9df418a10c98434c553922c956b66f510fd15f9827a6d76f0170e5accad0a402cbeb70ab37578b343ea654067b30a95bfad23ae22bfb55287549449e6cc767915d7877e8a12c4de4469e84680a0902201f3f54b750914022cb02dce3d277adbbf9575c57be84264a5bffb3314e6f901bc40faf2aac0806dcfafe2b32b5c77e9a8b01c044c40cea6a19dea89933d66dfb7c6e51c6faecdeb567e3fd292bbd8a7bff91b70ead1dc72d0c13fd4c2bee90b7f7518eac3c4fcd9d387100d07e408f2c3362ea58760b4f7f383e623fd9601e5c3b630bd81e7da5c60f8307056a8c3795c071b29c738c5d305482d88d2f9445b10923d6c0a6039c28a8da708dedf85e10b639848067e1840efe5fb7da8740b04aa361ecda20e2039efa87baa6f6317f70fe5b9da5ba7c5322628cea7a67699beec91a745838d3ea5fb73755586e70b5a3548fea933ef01f222d87a683ed6d3333b61de41feb9fd077d511fb5d360206d8580b32d3c6d5f95ee33b6d1840f03ac133c56c8b0b1e1a8cc7987697f31b0d1a5a71a46f9933315bcbf9c865b9770c75d1cdc4460e76508b32a728b7b99dc64c1f03e7012856cbf7d223ce4f11c4bb925c92aa8c92d13e241b5fb3cfe1da9ffbff595d88b0807042d0f29d2f8c34cd1f8e183b8818bb137520774277b954aa82e64af15907aa1a5b95aed82cf6079438495b258110822ec545d4cecfb77eecd33edcb0657404fb832fa0fe9b0d475987c8ae56d8c3479f2d49f22127862510ccef9628c6e0ac007fe2e68a57e046a088388554720fa469716b484efd05e629347be8bfa639a4f4fcf820f4cf622b48ec27dee6d267068fc88905419349cedbd128cebff1b82feb26b1f8db5214a55415aab7a3597a9d44fbcfc9e838e9e4f306aca370a4e2975258321b9ef2c79c7607ec9454d06bee5ca7a51098342c200969ed48b666735b5b9729b70f32c0bbbde68c74ba3793687997faaf07a0c7bf80b4e9b8e96911b81b9923cf90013e71f6640aae840a90b65c6a41fc2453f60bcf58214f5c009403262d54c911754d264f26f13710eb45e65f823f93d704ea808393c90069d29fd7b03bd84221fabd4736e325cc89edb541a234f42f717cdb9c748ce9b306cde413c6d86bab32fa88a4814b30fb6e474486721003e9ebf5e418db60faea21c7ff6cd5bdf444d67e924a98335752a865aad6cd9cd668ade1c7c13cff26ac5e4db3eb158e2841e0c8d4fa187e3214a8dfd4bccde5ad6b9ed18393165370475d5dd5cec0a687ba4350a184d3bd2121fca878cdf6099088740d637c40cb97d72892c08a10892e4c9386a15f53bf86d268a20644d331a825144635c79416f1be48800d8dc75dd367c848910180b3795643f4872b45e3329a66841d4b8b50d6af1d1d3ec21228640a61decb0280a026e5956a76e58e58d57c81cb1314736e2ad839394211de32a50de2e9c8a512df25748dfca4ddfbcc9b8b1102d45d42353d8354396d25847326925efdb0a9bc02a5253b1f89f888e64fae23eb4f32276795225476f15ee208bedc16e1fc785024bb206c324a2e311a92c2138dfc7e1ed61008b71d6aa659fc3cd403bb29214804ad7c85229453195e80496966ede4c608145bda898bd53bb0cc37c37f17231c4ed8c5ba6c023f402cefd6b74836cbb84fa5e0c8364d6cc9ee2a8458d739ac6867a97da98f9950539a8f70e0dd547d317b8e45c420d1f26a8429837728ec89dc3ece9418c21e51889626bb9fb12d85082d57e9fa268cd98478fed18c2e21935378e52a7f890c9a69b738fd3f8efed46b6ee9dc4c09c6d17cb80fe4ae4186d0faffe3e410cda1bba9d8e1adaea9a8495afc980edd9eb5c0771f9b2c8d5074cbc24de4c18ee5f0ca90c66f4be655097f01dd520125d022af25ddb0612471119e59199fa60d9a5d51e0219b96e00162800b1a2525f30b09fa690a5cb3bcd1d4326243a399f56c5f0dda4e2cad50df579dad32b8b34969355a2b8509b344f10b6e30f70483a31e10fee53f9ab82da797f2841739fa8cb9d9d7fc3471c5544993cfff10a14d46720c1a08a057d866209875ab8e1408ca5d7baede7bdc6f38b4d76dfb6490372598dc9fd818f0c854fbbc02dc4d862cf2ee90dff80f51690b413500422a4f539272f482e3140172dff0aa615fea4f0dbd40131d239804cc83e1ed5293f240517e524d990224dd242be3081ae7ecbd2b651e5a69187c40a9f53fab29fdd352dc0265c9faa3aab902b0aa9c001b98fd02dfcca702f2f4d0d129b157892027c2e86c9bb5b108fa5a312c3786850d84f2d8df50ac3b83862f7e7fa9a6745f308eb22198e905c604956eb6912e1768a0c7f7d36392e48000e18aab018813a05358f3d3d261be417b332d9e932433d6c61958f9957df306a41bb09a2a1fe8173f38a62cd6e70af28ef7845251c8b2a50f18596bb019651645755b938f41e17a580b992b5eb1950c5fc545d526999e750fbf6ac1b16d184fa450b3476c1fd851b5124098f52dd10ce8e608b2420dee50e70a1789dfdfbe710e995949189c13c80967f99d569167b7b308e4aad75e1fce213804725044b81d2ca7554d176de559b580d5ed836fe3003e37e05b22c5b45754bd4c038f3f4e73a27b4630d13ef07801c27d8beb6610b92bf20f5f2886c3f709040ef1336d316a17df0873b3088084f06803a6800b55136534dd2828f20070f73f6c50d6586024623023bf2a5cf0654c6155ddc32d22aaf04cc7dfb4818af0f2557dc3f582879cf2dd579eb0317e4c766c27f357e65e15a23bfbb2fcaa2b023c652bb236d151144e42b45527832bf549a90ec6cabdf3b342f3c53aeb2def13320c550260b9dc1a16120936e195ca9579936389d1af5257e95c7d5bdf5fa3f08bb09ffa72cd29057dad3a5246110cfef135508a95f9e75ec9e6ff79e28e47a2dd11325718046fe293234199814459835e595d9c4eef1cd10ef4fc51091a4a33dfe173c37e6368f351a84321902307dea6a74fbff711236374145a36db329ddac80f7fbd9f088aa8bdf775f04d7a19b5385b82613fcc7056483c0bec7cceef6d421bcd2100ea24d2530f291dd451efd4c2d442d11ad1fc0bdd64e1cd5b2a7889624e402184c51f177bc17679373ea1b2b3dac21979a78a82f623098f24353e023e4f4b77a09269e54421bba45871095b91ee86c49b3b9856aabdf845843feccbbd417c7158ae3df494cd9fc7c3ffce426b26df28641ffb584d43b19c5b146b90afd28cf807c5b6f7729af7a77ac877e32831dd75e27cbfb8fc01008b1bf8b71b174aa101a3fb102dd424798fbac308a0ae763d9008ad11cfa8d8f9673220ba6943c91a0f0a673fc121c13b6971e26bff461f7a68f14f6f50d95a5a852f7f73efe9bd312f9eb58331fccd5e73d2effba642c2acd64e06bf3db1a2a14d4f6c493bee3ccdd2a5f8ea9cfe9d8923596227a5ee18095191e3ea630a336a4ce288a843910fd7d11168449e862495b30b4ba3794bdfda2b87957f4a098a209efffa36abb6c2ccf587aa11a262ff96bd97a5b92f6b41f5cc83f6a6ce192149e39659e1019bfd3e5d1cfc60fa87cd7c23a275a5382d121e3f9e7a592e405cad54484ef0c097e9ead5aaecbbed35a5e261ced960e2fcd6c6e3de65da59326e4cf351a6cbb34954e3134633910efab057280f47ee00c426106bbe96ae53219a5f65bcaad73bac03799e4ae5c828e2b10fdafcfcb534fca653ebbe5dbe291d9f1d1bc814d3f7b0e51aec361a55ecfe14aca1963b7e65253a47c62986144c17fc4740011991d8b87419c5dbbee95361f23b2391a8efa7944bd91cc2c2c9f891faef933da395068661dc88b4f9d63c0b4d55fb70ea674febe1cecee334cbb8b3e15a70e6a8266c88cb9d7934123e3d427e7b6d1919b06e0738230bc2f70159de6deb138b8712fb4b3963f5b6a7c8fade433f1d34862da4d5ddcf592e19073e5f699bd74e1afe07876d33a205be92d4efb7d5e493ea00a39b5902637c346eb1103f3407960cdc9f31484e6776484b1f7aed12a5645b025ca2d0187f4fde8a3ccbf2f6db67fb12ab414197691afc8b4320c06123648bec43628c2bdebd453d156c934d6aee688d6407899e5ab1755431c4154798e33ff8fb288d5afc69f5d251edfe9fc8994d5795b0c63beac139b3e871918b02040aba404ff5052273ec8e912c5a596e434c113270af5be4830283eabacc646076a9a3db2501cacdd8244ab09666d2847ae4da500c1d106c846666c78612542d5fe14e682e35a1ec7ff44fefdfe4cbcad962559eabd50bc903ad94fff768904575b22c0014558bf4d9a10ad22e488f22a6ddcabfb3adaee0c173b78e62f41ca623f1944ae76199bb3884089c5f0f56d5dfc996b666684f890e8dd6d0b0a7fcccad4f3c47e12614d15d1d176441c3d0a9ff465d9d59e12d357bafd912"})
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0)
sendmmsg(r7, &(0x7f0000000180), 0x3ef, 0x0)
r9 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000640)=ANY=[@ANYBLOB="12010000090000402505a8a440000102030109021b00010100000009040000020701010009050102"], 0x0)
r10 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r10, 0x6, 0x0, 0x0, 0x0)
r11 = fsmount(r10, 0x0, 0x0)
r12 = openat$cgroup_pressure(r11, &(0x7f0000000400)='cpu.pressure\x00', 0x2, 0x0)
io_setup(0x5, &(0x7f0000000480)=<r13=>0x0)
write$cgroup_pressure(r12, &(0x7f0000000040)={'full', 0x20, 0x1, 0x20, 0x7ff}, 0x2f)
io_submit(r13, 0x1, &(0x7f0000000780)=[&(0x7f00000005c0)={0x0, 0x0, 0x0, 0x1, 0x0, r12, &(0x7f00000004c0)=')', 0x1}])
syz_usb_control_io$printer(r9, 0x0, &(0x7f0000000000)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0xfffffffffffffc4a}})

1.511289584s ago: executing program 2 (id=947):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x4, 0x4}, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r0}, &(0x7f0000000700), &(0x7f0000000740)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r2, 0xf, 0x0, 0xfffffee8, 0x0, 0x0, 0xdc0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.162507468s ago: executing program 2 (id=948):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="240000001a000f0100000000000000000a0000000000000000"], 0x24}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.log\x00', 0x40641, 0x0)
write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[], 0x1558)
cachestat(r2, &(0x7f0000000040)={0x3f00}, &(0x7f0000000080), 0x0)

484.339213ms ago: executing program 2 (id=949):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00', <r3=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r2, @ANYBLOB="0100000000000000d800010000002400030000000000000000000000000000000000000000000000000000000000000000000800050001000000060006000000000008000100", @ANYRES32=r3, @ANYBLOB="dc000880"], 0x12c}}, 0x0)

429.690476ms ago: executing program 1 (id=950):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x20000000000}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
syz_emit_ethernet(0x159, &(0x7f0000000240)={@local, @multicast, @val={@void, {0x8100, 0x4, 0x0, 0x3}}, {@ipv6={0x86dd, @udp={0x8, 0x6, "08f1a0", 0x11f, 0x11, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, {[@hopopts={0x5e, 0x4, '\x00', [@pad1, @calipso={0x7, 0x18, {0x0, 0x4, 0x8, 0x9, [0xceb1, 0x0]}}, @pad1, @ra={0x5, 0x2, 0x1}]}, @hopopts={0x33, 0x8, '\x00', [@hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x2f}}, @pad1, @ra={0x5, 0x2, 0x2}, @ra={0x5, 0x2, 0xd3}, @jumbo={0xc2, 0x4, 0x8}, @ra, @pad1, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x16}}]}, @hopopts={0x5c, 0xa, '\x00', [@jumbo={0xc2, 0x4, 0xec4}, @ra={0x5, 0x2, 0x9}, @calipso={0x7, 0x38, {0x0, 0xc, 0x7, 0x5, [0x1000, 0x7fffffffffffffff, 0x9, 0x1000, 0x0, 0x8]}}, @pad1, @padn={0x1, 0x2, [0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x8}, @enc_lim={0x4, 0x1, 0x5}, @pad1]}], {0x4e24, 0x4e22, 0x3f, 0x0, @gue={{0x1, 0x0, 0x0, 0x8, 0x0, @void}, "db73e0527206b1cba07737fccbb6650670f391538b07a9fceb9df9ddf847ac5037bee1100a09e74bd3e999524766e62fb693b8"}}}}}}}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0x0, 0x3}, 0x6)
recvmmsg(0xffffffffffffffff, &(0x7f0000004500)=[{{0x0, 0x0, &(0x7f0000000800)}}], 0x1, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r6, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x1}, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0}})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x38, r7, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r9}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x38}}, 0x0)

346.968802ms ago: executing program 2 (id=951):
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="18020000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

321.579121ms ago: executing program 0 (id=952):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000022c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000bc0)="214e57e56ea284b7bc0e4652a406db305ab7a1baca4b7580f286a3f98b4cce05ef674ae416d2c00759f03b7eabc30e1d09134bb3972b87d783cc02b1722558376fb8c0c1bd6156183b35226217a2def2f451e3f51bef111bb0a5ecafed1ae1815e09c5306bc5ce9ffb335f0903dac70bb21858c5cebcfe3c95607fbdbe9f5288c24b5878cd21064a399d02cb3069a307f351533c7cb5daa9bfb2b627fccf5c99707c19f8ac237c291d6a174a57de093c4c6fe01e30a49e409d5cd4e18c4c8504bb75f57a6bb93dc3724d5256cedc3625cc31c2ecc3de4a1f0f8d252de4023a08b710eb37c29813150ccccabf9b86ca674a6a725d3c402677949d219104cd7320754df3920fb4f75a03141a53e62b47fcc9c39f", 0x76}, {&(0x7f0000000240)="e2aa1c752f9a9a097d9543652ef97816fb311ccf4698150a4350051af87389eb5eaa216014bc614bd6285d70f75050e8862540afa952a68022cfe163889bfb3cb95f79e797abc2af21df18a0a9b1e3542e08b5cbd33f52a007541bf4bebd154e1f86bc25dba8f542b027efa1c96ef0f618cf345c347eae561f9ce75bee7c78e633812b000ad05698bf0325bb09d3a3245dd44d03", 0x94}], 0x2, &(0x7f0000000bc0), 0x0, 0x81}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000740)="19af31b448c0e18906f25368866c64fd2a9d09007f3e684f000000000000000000000000d482f687089dcb45218d301991b8ad6abc9f9c6d2a77d231688e93c35ab4f41c3d6bf500b65815818665a7b7a60674d948b30edb6b0b21465ed76e44a22b8f781ab87df22564319d825681ccf08b9a71e1b9eba0113e6908d69058b81eec17e173738878823441ef2e1bfabbfa79635abcfa6622774416034072b34eb1893f0a25b7a7b18ceb38c8d5b2f1b47c8032469c4b47ae9fd4d736b7a06d03cf7112c4048c4ef20692de7fdd2db368da8e0dbbbc1b11f0106fccfd2b1896161e89ec0e1ac8d6cd6b960cd91e4ece2d4560b0796b9257b6e4c34268b89fbd898e6d0602bf0eaf91e8a2f61812779e9d8e09bb0012c1e243d3027b5c940995886beec8060b3de1924e206c5a720fb4b1c7fa81242d40f6d54930781afe1b72d1ceebb98f71e36bf8347686f2282ef0ee9ef831359b03c90fe77893b6a0cee1683942ae7ce96493793df5773573b93ce61676cbcf096b9869d993f3bd98b9166b4242266ee98305442638893161c354187e8a63fe8b43e3a4c184df6374e9342af576d11ee484d90a04716a70fad26f8c123f37ddf9cb86eb91f3919aebc03f8d366448a9f68ed2d4aa0e8051f67dc373aa371d2517bdde4bdad1b509ebb57046029611e561a41b56d619292a8f8f", 0x1ee}, {&(0x7f0000000980)="356785a189bfb0ff9676ef5f87e7", 0xe}, {&(0x7f00000009c0)}, {&(0x7f0000000a00)="bacc1d482f6502720b0d17d47df894ac4f2ef3005179a5a0084da5b6fc54f45b8367e166c9271c98474d38cc45d843c7a837f58693c105db4beb4cc9d462d09eb45f0eacbab1ecdd63711ccb7909f77d77143ba1c411cc40908d37b064095786417bec79dc842d596ad2625271cd5380", 0x70}, {&(0x7f0000000600)="a6a7c0deadeb7b158b90c644def1102b64231914b5b4345cd2f3b90446d783f37af96994f1364f34ebc6918f802553f243a205682a2d73ff70a3e1f8ccd2ec47eb0947b84e781366ec80e20d028ecea47f50fb7caf444682d11d61c7a40c8e477773332dabb00622f3505be77463ce354414d9a3318e4db988d7189da7fef684a914f5eff1a2ecd8bba6ad5ee3ea47a42b0a79359e52cb5ad541aa63e0088b261d28dfc5bbef96935dbc49698a357e67e02c6bc7d457e288dade0bd695663e37660f9e", 0xc3}], 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="1c000000000000400100000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x80, 0x20048814}}, {{&(0x7f0000000a80)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000880), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="cc42cc8fa3234314e9e59d7b600906cdcddc0ed389f0549f51bc1587f71c8bd6b0bfc93f0bdcc06160c6e38905dd6097ca866532fba2bd9b6f2656ba895ada660410eebf2348239f682b10c7509e027e7c32ca0d7b033a10ec1d21ddb41d68"], 0x20, 0x48051}}], 0x400000000000133, 0x4051)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x39000, 0x0)

132.172441ms ago: executing program 4 (id=953):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r4, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r5, 0x10f, 0x81, &(0x7f0000000040)=0x4, 0x4)
sendmsg$tipc(r5, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x0)
close(r4)
setsockopt$inet_int(r3, 0x0, 0x8, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/netstat\x00')
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x3c, r7, 0x1, 0x0, 0x0, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x3c}}, 0x0)

0s ago: executing program 0 (id=954):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000440)={0x4, 0x5e})
syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x10200)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f0000000000)={'batadv_slave_0\x00', {0x2, 0x0, @broadcast}})
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000380)={0x50, 0x0, r2}, 0x50)
write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="28000021dea693b7", @ANYRES64=r2, @ANYBLOB="0300000000000000f7ffffffffffffff0000000003000000"], 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = eventfd2(0x0, 0x0)
io_setup(0x8, &(0x7f00000004c0)=<r4=>0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
r6 = syz_io_uring_setup(0xfffffffd, &(0x7f00000005c0)={0x0, 0x0, 0x1, 0x200000, 0x0, 0x0, r0}, &(0x7f0000000100), 0x0)
syz_io_uring_setup(0x2292, &(0x7f0000000640)={0x0, 0x0, 0x2}, &(0x7f0000000400)=<r7=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r7, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000"], 0x0)
io_uring_enter(r6, 0xb15, 0x0, 0x0, 0x0, 0x0)
io_submit(r4, 0x1, &(0x7f0000001340)=[&(0x7f0000001380)={0x0, 0x0, 0x0, 0x7, 0x0, r5, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x3, r3}])
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="03c900a08d55417553ea7de95e7abd7296d5083a5dd842add8779c253348ec466ab15d98b07678bdcc14a559accb3191b420f9137cdf3ebe44ce86026ad7c9de1f73992937ee32801d0ecfd09198e60b25f8264fd28a43ca9a2c02eb0a1f5a7e27ae68de5815addf5cb7090ab0b3aa5ed64db7b432a931e6fc02a97bba114458f9bf08f4440a2b777f04438917c11141453bf010098004962369be4518e56dc4b75d7c87"], 0xa4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x4a)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r8 = socket(0x3, 0x4, 0x800)
close(r8)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r9, &(0x7f00000002c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)

kernel console output (not intermixed with test programs):

=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7239 comm="syz.3.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faafc56cc27 code=0x7ffc0000
[  225.176592][ T7216] can0 (unregistered): slcan off ptm0.
[  225.201733][   T29] audit: type=1326 audit(1720126893.333:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7239 comm="syz.3.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faafc5115c9 code=0x7ffc0000
[  225.235181][   T29] audit: type=1326 audit(1720126893.333:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7239 comm="syz.3.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faafc56cc27 code=0x7ffc0000
[  225.260268][   T29] audit: type=1326 audit(1720126893.333:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7239 comm="syz.3.479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faafc5115c9 code=0x7ffc0000
[  225.450303][ T4478] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  227.258302][ T5131] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  227.492771][ T5131] usb 3-1: Using ep0 maxpacket: 16
[  227.503210][ T5131] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  227.525424][ T5209] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  227.533126][ T5131] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  227.564480][ T5131] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.586015][ T5131] usb 3-1: config 0 descriptor??
[  227.743707][ T5209] usb 2-1: Using ep0 maxpacket: 32
[  227.760851][ T5209] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.08
[  227.780314][ T5209] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.797279][ T7280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  227.800370][ T5209] usb 2-1: Product: syz
[  227.822616][ T5209] usb 2-1: Manufacturer: syz
[  227.824117][ T7280] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  227.833273][ T5209] usb 2-1: SerialNumber: syz
[  227.855111][ T5209] usb 2-1: config 0 descriptor??
[  227.869267][ T5209] go7007 2-1:0.0: probe with driver go7007 failed with error -12
[  228.090471][ T5209] usb 2-1: USB disconnect, device number 16
[  228.149441][ T7270] kexec: Could not allocate control_code_buffer
[  228.165379][ T7280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  228.193883][ T7280] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  228.221142][ T5131] hid (null): invalid report_count 983040256
[  228.233891][ T5131] hid (null): unknown global tag 0xc
[  228.251503][ T5131] hid (null): invalid report_count 7155259
[  228.275490][ T5131] hid-generic 0003:0158:0100.0009: unknown main item tag 0x0
[  228.282947][ T5131] hid-generic 0003:0158:0100.0009: invalid report_count 983040256
[  228.301330][ T5131] hid-generic 0003:0158:0100.0009: item 0 4 1 9 parsing failed
[  228.324097][ T5131] hid-generic 0003:0158:0100.0009: probe with driver hid-generic failed with error -22
[  228.419558][  T784] usb 3-1: USB disconnect, device number 13
[  228.543885][ T6858] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  229.003895][ T6858] usb 4-1: Using ep0 maxpacket: 16
[  229.028088][ T6858] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  229.039971][ T6858] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  229.050337][ T6858] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.099085][ T6858] usb 4-1: config 0 descriptor??
[  229.294419][ T4478] Bluetooth: hci4: command tx timeout
[  229.443588][ T7292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.483778][ T7292] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  229.837110][ T7323] netlink: 324 bytes leftover after parsing attributes in process `syz.4.505'.
[  229.866846][ T7292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.903778][  T784] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  229.915551][ T7292] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  229.992995][ T6858] hid (null): invalid report_count 983040256
[  230.000930][ T6858] hid (null): unknown global tag 0xc
[  230.016450][ T6858] hid (null): invalid report_count 7155259
[  230.034575][ T6858] hid-generic 0003:0158:0100.000A: unknown main item tag 0x0
[  230.053025][ T6858] hid-generic 0003:0158:0100.000A: invalid report_count 983040256
[  230.080980][ T6858] hid-generic 0003:0158:0100.000A: item 0 4 1 9 parsing failed
[  230.100659][ T6858] hid-generic 0003:0158:0100.000A: probe with driver hid-generic failed with error -22
[  230.155910][  T784] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  230.167400][  T784] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  230.179011][  T784] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  230.193042][  T784] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  230.203856][  T784] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.223535][  T784] hub 3-1:1.0: bad descriptor, ignoring hub
[  230.227664][ T5130] usb 4-1: USB disconnect, device number 15
[  230.245160][  T784] hub 3-1:1.0: probe with driver hub failed with error -5
[  230.274545][  T784] cdc_wdm 3-1:1.0: skipping garbage
[  230.281009][  T784] cdc_wdm 3-1:1.0: skipping garbage
[  230.292888][  T784] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22
[  230.376048][ T5131] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  230.564548][ T5131] usb 5-1: too many configurations: 65, using maximum allowed: 8
[  230.585107][  T784] usb 3-1: USB disconnect, device number 14
[  230.596847][ T5131] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  230.617460][ T5131] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.933749][  T784] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  231.093915][ T7327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.132387][ T7327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.228409][ T5131] usb 5-1: string descriptor 0 read error: -71
[  231.250849][ T5131] usb 5-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  231.264089][ T5131] usb 5-1: No valid video chain found.
[  231.273416][ T5131] usb 5-1: USB disconnect, device number 17
[  231.357180][  T784] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  231.401825][  T784] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  231.426642][  T784] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.441943][  T784] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  231.470522][  T784] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.512737][  T784] hub 3-1:1.0: bad descriptor, ignoring hub
[  231.528509][  T784] hub 3-1:1.0: probe with driver hub failed with error -5
[  231.544676][  T784] cdc_wdm 3-1:1.0: skipping garbage
[  231.555530][  T784] cdc_wdm 3-1:1.0: skipping garbage
[  231.572299][  T784] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22
[  232.144165][  T784] usb 3-1: USB disconnect, device number 15
[  232.192755][ T7364] netlink: 24 bytes leftover after parsing attributes in process `syz.3.518'.
[  232.784002][  T784] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  233.124308][ T5131] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  233.484792][ T5131] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  233.535027][ T5131] usb 4-1: config 1 has an invalid descriptor of length 144, skipping remainder of the config
[  233.579427][ T5131] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  233.636300][ T5131] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 18, changing to 8
[  233.647956][ T5131] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8279, setting to 1024
[  233.662119][ T5131] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  233.676794][ T5131] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  233.731766][ T5131] usb 4-1: Product: syz
[  233.747331][  T784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.753550][ T5131] usb 4-1: Manufacturer: syz
[  233.776058][  T784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.793792][  T784] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  233.794305][ T5131] cdc_wdm 4-1:1.0: skipping garbage
[  233.823255][  T784] usb 5-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  233.823576][ T5131] cdc_wdm 4-1:1.0: skipping garbage
[  233.840919][ T5131] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  233.846945][ T5131] cdc_wdm 4-1:1.0: Unknown control protocol
[  233.863756][  T784] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.878930][  T784] usb 5-1: config 0 descriptor??
[  234.046232][  T932] usb 4-1: USB disconnect, device number 16
[  234.303849][ T5209] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  234.329910][  T784] wacom 0003:056A:0043.000B: Unknown device_type for 'HID 056a:0043'. Assuming pen.
[  234.378970][  T784] wacom 0003:056A:0043.000B: hidraw0: USB HID v0.00 Device [HID 056a:0043] on usb-dummy_hcd.4-1/input0
[  234.414869][  T784] input: Wacom Intuos2 9x12 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:0043.000B/input/input5
[  234.554488][ T5209] usb 3-1: too many configurations: 65, using maximum allowed: 8
[  234.591409][ T5209] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  234.607210][ T5209] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.026329][ T7405] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.058696][ T7405] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.136219][ T5209] usb 3-1: string descriptor 0 read error: -71
[  235.152973][ T7422] program syz.3.535 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  235.169504][ T5209] usb 3-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  235.210292][ T7381] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.218284][ T5209] usb 3-1: No valid video chain found.
[  235.219108][ T7381] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.246728][ T5209] usb 3-1: USB disconnect, device number 16
[  235.628400][ T7421] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.754896][ T7421] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.879412][ T6858] usb 5-1: reset high-speed USB device number 18 using dummy_hcd
[  236.583066][ T7443] FAULT_INJECTION: forcing a failure.
[  236.583066][ T7443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.619359][ T7443] CPU: 1 PID: 7443 Comm: syz.4.541 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  236.629357][ T7443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  236.639443][ T7443] Call Trace:
[  236.642714][ T7443]  <TASK>
[  236.645636][ T7443]  dump_stack_lvl+0x241/0x360
[  236.650339][ T7443]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.655558][ T7443]  ? __pfx__printk+0x10/0x10
[  236.660160][ T7443]  ? __pfx_lock_release+0x10/0x10
[  236.665177][ T7443]  should_fail_ex+0x3b0/0x4e0
[  236.669849][ T7443]  _copy_from_iter+0x1f6/0x1960
[  236.674690][ T7443]  ? __virt_addr_valid+0x183/0x520
[  236.679805][ T7443]  ? __pfx_lock_release+0x10/0x10
[  236.684831][ T7443]  ? __alloc_skb+0x28f/0x440
[  236.689409][ T7443]  ? __pfx__copy_from_iter+0x10/0x10
[  236.694685][ T7443]  ? __virt_addr_valid+0x183/0x520
[  236.699789][ T7443]  ? __virt_addr_valid+0x183/0x520
[  236.704889][ T7443]  ? __virt_addr_valid+0x44e/0x520
[  236.709991][ T7443]  ? __check_object_size+0x49c/0x900
[  236.715267][ T7443]  netlink_sendmsg+0x743/0xcb0
[  236.720030][ T7443]  ? __pfx_netlink_sendmsg+0x10/0x10
[  236.725319][ T7443]  ? tomoyo_socket_sendmsg_permission+0x12e/0x420
[  236.731756][ T7443]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  236.737029][ T7443]  ? security_socket_sendmsg+0x87/0xb0
[  236.742487][ T7443]  ? __pfx_netlink_sendmsg+0x10/0x10
[  236.747773][ T7443]  __sock_sendmsg+0x221/0x270
[  236.752456][ T7443]  ____sys_sendmsg+0x525/0x7d0
[  236.757227][ T7443]  ? __pfx_____sys_sendmsg+0x10/0x10
[  236.762508][ T7443]  __sys_sendmsg+0x2b0/0x3a0
[  236.767088][ T7443]  ? __pfx___sys_sendmsg+0x10/0x10
[  236.772186][ T7443]  ? vfs_write+0x7c4/0xc90
[  236.776618][ T7443]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  236.782935][ T7443]  ? do_syscall_64+0x100/0x230
[  236.787703][ T7443]  ? do_syscall_64+0xb6/0x230
[  236.792387][ T7443]  do_syscall_64+0xf3/0x230
[  236.796894][ T7443]  ? clear_bhb_loop+0x35/0x90
[  236.801562][ T7443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.807441][ T7443] RIP: 0033:0x7fb515575bd9
[  236.811841][ T7443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.831545][ T7443] RSP: 002b:00007fb5162e3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  236.839951][ T7443] RAX: ffffffffffffffda RBX: 00007fb515703f60 RCX: 00007fb515575bd9
[  236.847935][ T7443] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[  236.855895][ T7443] RBP: 00007fb5162e30a0 R08: 0000000000000000 R09: 0000000000000000
[  236.863855][ T7443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.871820][ T7443] R13: 000000000000000b R14: 00007fb515703f60 R15: 00007ffc1c963cc8
[  236.879807][ T7443]  </TASK>
[  236.888063][  T932] usb 5-1: USB disconnect, device number 18
[  237.229012][ T7451] No such timeout policy "syz1"
[  237.400884][ T7456] FAULT_INJECTION: forcing a failure.
[  237.400884][ T7456] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.442824][ T7456] CPU: 1 PID: 7456 Comm: syz.4.545 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  237.452851][ T7456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  237.462930][ T7456] Call Trace:
[  237.466227][ T7456]  <TASK>
[  237.469175][ T7456]  dump_stack_lvl+0x241/0x360
[  237.473895][ T7456]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.479119][ T7456]  ? __pfx__printk+0x10/0x10
[  237.483725][ T7456]  ? __pfx_lock_release+0x10/0x10
[  237.488761][ T7456]  should_fail_ex+0x3b0/0x4e0
[  237.493436][ T7456]  _copy_from_iter+0x1f6/0x1960
[  237.498278][ T7456]  ? __virt_addr_valid+0x183/0x520
[  237.503384][ T7456]  ? __pfx_lock_release+0x10/0x10
[  237.508401][ T7456]  ? __alloc_skb+0x28f/0x440
[  237.512980][ T7456]  ? __pfx__copy_from_iter+0x10/0x10
[  237.518254][ T7456]  ? __virt_addr_valid+0x183/0x520
[  237.523368][ T7456]  ? __virt_addr_valid+0x183/0x520
[  237.528507][ T7456]  ? __virt_addr_valid+0x44e/0x520
[  237.533657][ T7456]  ? __check_object_size+0x49c/0x900
[  237.538969][ T7456]  netlink_sendmsg+0x743/0xcb0
[  237.543770][ T7456]  ? __pfx_netlink_sendmsg+0x10/0x10
[  237.549082][ T7456]  ? __import_iovec+0x536/0x820
[  237.553948][ T7456]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  237.559245][ T7456]  ? security_socket_sendmsg+0x87/0xb0
[  237.564726][ T7456]  ? __pfx_netlink_sendmsg+0x10/0x10
[  237.570031][ T7456]  __sock_sendmsg+0x221/0x270
[  237.574720][ T7456]  ____sys_sendmsg+0x525/0x7d0
[  237.579518][ T7456]  ? __pfx_____sys_sendmsg+0x10/0x10
[  237.584836][ T7456]  __sys_sendmsg+0x2b0/0x3a0
[  237.589448][ T7456]  ? __pfx___sys_sendmsg+0x10/0x10
[  237.594574][ T7456]  ? vfs_write+0x7c4/0xc90
[  237.599050][ T7456]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  237.605395][ T7456]  ? do_syscall_64+0x100/0x230
[  237.610184][ T7456]  ? do_syscall_64+0xb6/0x230
[  237.614892][ T7456]  do_syscall_64+0xf3/0x230
[  237.619427][ T7456]  ? clear_bhb_loop+0x35/0x90
[  237.624137][ T7456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.630062][ T7456] RIP: 0033:0x7fb515575bd9
[  237.634492][ T7456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.654118][ T7456] RSP: 002b:00007fb5162e3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  237.662554][ T7456] RAX: ffffffffffffffda RBX: 00007fb515703f60 RCX: 00007fb515575bd9
[  237.670545][ T7456] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  237.678526][ T7456] RBP: 00007fb5162e30a0 R08: 0000000000000000 R09: 0000000000000000
[  237.686596][ T7456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.694574][ T7456] R13: 000000000000000b R14: 00007fb515703f60 R15: 00007ffc1c963cc8
[  237.702577][ T7456]  </TASK>
[  238.473727][  T785] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  238.539443][ T7482] netlink: 4079 bytes leftover after parsing attributes in process `syz.1.553'.
[  238.655680][ T7488] No such timeout policy "syz1"
[  238.684175][  T785] usb 5-1: too many configurations: 65, using maximum allowed: 8
[  238.718335][  T785] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  238.756442][  T785] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.776548][ T7492] No such timeout policy "syz1"
[  238.836245][ T7494] FAULT_INJECTION: forcing a failure.
[  238.836245][ T7494] name failslab, interval 1, probability 0, space 0, times 0
[  238.849517][ T7494] CPU: 1 PID: 7494 Comm: syz.1.558 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  238.859515][ T7494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  238.869558][ T7494] Call Trace:
[  238.872821][ T7494]  <TASK>
[  238.875740][ T7494]  dump_stack_lvl+0x241/0x360
[  238.880417][ T7494]  ? __pfx_dump_stack_lvl+0x10/0x10
[  238.885625][ T7494]  ? __pfx__printk+0x10/0x10
[  238.890228][ T7494]  should_fail_ex+0x3b0/0x4e0
[  238.894916][ T7494]  ? __alloc_skb+0x1c3/0x440
[  238.899491][ T7494]  should_failslab+0x9/0x20
[  238.903987][ T7494]  kmem_cache_alloc_node_noprof+0x71/0x320
[  238.909803][ T7494]  __alloc_skb+0x1c3/0x440
[  238.914211][ T7494]  ? __pfx___alloc_skb+0x10/0x10
[  238.919136][ T7494]  ? security_socket_getpeersec_dgram+0x96/0xb0
[  238.925362][ T7494]  netlink_sendmsg+0x631/0xcb0
[  238.930119][ T7494]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.935391][ T7494]  ? __import_iovec+0x536/0x820
[  238.940222][ T7494]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  238.945490][ T7494]  ? security_socket_sendmsg+0x87/0xb0
[  238.950934][ T7494]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.956202][ T7494]  __sock_sendmsg+0x221/0x270
[  238.960864][ T7494]  ____sys_sendmsg+0x525/0x7d0
[  238.965618][ T7494]  ? __pfx_____sys_sendmsg+0x10/0x10
[  238.970893][ T7494]  __sys_sendmsg+0x2b0/0x3a0
[  238.975469][ T7494]  ? __pfx___sys_sendmsg+0x10/0x10
[  238.980564][ T7494]  ? vfs_write+0x7c4/0xc90
[  238.984991][ T7494]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  238.991304][ T7494]  ? do_syscall_64+0x100/0x230
[  238.996067][ T7494]  ? do_syscall_64+0xb6/0x230
[  239.000772][ T7494]  do_syscall_64+0xf3/0x230
[  239.005287][ T7494]  ? clear_bhb_loop+0x35/0x90
[  239.009954][ T7494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.015837][ T7494] RIP: 0033:0x7f34ff775bd9
[  239.020238][ T7494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.039831][ T7494] RSP: 002b:00007f35005d3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  239.048231][ T7494] RAX: ffffffffffffffda RBX: 00007f34ff903f60 RCX: 00007f34ff775bd9
[  239.056209][ T7494] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  239.064164][ T7494] RBP: 00007f35005d30a0 R08: 0000000000000000 R09: 0000000000000000
[  239.072114][ T7494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.080074][ T7494] R13: 000000000000000b R14: 00007f34ff903f60 R15: 00007ffdfaa15e48
[  239.088063][ T7494]  </TASK>
[  239.218959][ T7499] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.310919][ T7467] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  239.373961][ T7467] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  239.456587][  T785] usb 5-1: string descriptor 0 read error: -71
[  239.465775][  T785] usb 5-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  239.472645][  T785] usb 5-1: No valid video chain found.
[  239.492570][  T785] usb 5-1: USB disconnect, device number 19
[  239.573761][ T5130] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  239.764126][ T5130] usb 2-1: Using ep0 maxpacket: 32
[  239.805564][ T5130] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  239.822322][ T5130] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  239.843063][ T5130] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  239.873874][ T5130] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  239.887734][ T5130] usb 2-1: config 0 interface 0 has no altsetting 0
[  239.903123][ T5130] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  239.914866][ T5130] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  239.937589][ T5130] usb 2-1: Product: syz
[  239.941796][ T5130] usb 2-1: Manufacturer: syz
[  239.950308][ T5130] usb 2-1: SerialNumber: syz
[  239.966851][ T5130] usb 2-1: config 0 descriptor??
[  239.989557][ T5130] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  240.018752][ T5130] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  240.254439][ T7529] No such timeout policy "syz1"
[  240.328683][  T784] usb 2-1: USB disconnect, device number 17
[  240.346214][  T784] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  241.110878][ T7538] FAULT_INJECTION: forcing a failure.
[  241.110878][ T7538] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.139890][ T7497] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.179316][ T7538] CPU: 1 PID: 7538 Comm: syz.4.569 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  241.189342][ T7538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  241.199418][ T7538] Call Trace:
[  241.202709][ T7538]  <TASK>
[  241.205655][ T7538]  dump_stack_lvl+0x241/0x360
[  241.210362][ T7538]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.215592][ T7538]  ? __pfx__printk+0x10/0x10
[  241.220214][ T7538]  ? snprintf+0xda/0x120
[  241.224482][ T7538]  should_fail_ex+0x3b0/0x4e0
[  241.229188][ T7538]  _copy_to_user+0x2f/0xb0
[  241.233625][ T7538]  simple_read_from_buffer+0xca/0x150
[  241.239029][ T7538]  proc_fail_nth_read+0x1e9/0x250
[  241.244081][ T7538]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  241.249656][ T7538]  ? rw_verify_area+0x520/0x6b0
[  241.254532][ T7538]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  241.260109][ T7538]  vfs_read+0x204/0xbc0
[  241.264290][ T7538]  ? __pfx_lock_release+0x10/0x10
[  241.269341][ T7538]  ? __pfx_vfs_read+0x10/0x10
[  241.274040][ T7538]  ? __up_read+0x2c2/0x6b0
[  241.278482][ T7538]  ? __fget_files+0x29/0x470
[  241.283093][ T7538]  ? __fget_files+0x3f6/0x470
[  241.287804][ T7538]  ksys_read+0x1a0/0x2c0
[  241.292078][ T7538]  ? __pfx_ksys_read+0x10/0x10
[  241.296866][ T7538]  ? do_syscall_64+0x100/0x230
[  241.301661][ T7538]  ? do_syscall_64+0xb6/0x230
[  241.306368][ T7538]  do_syscall_64+0xf3/0x230
[  241.310896][ T7538]  ? clear_bhb_loop+0x35/0x90
[  241.315605][ T7538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.321528][ T7538] RIP: 0033:0x7fb5155746bc
[  241.325966][ T7538] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  241.345601][ T7538] RSP: 002b:00007fb5162e3040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  241.354044][ T7538] RAX: ffffffffffffffda RBX: 00007fb515703f60 RCX: 00007fb5155746bc
[  241.362036][ T7538] RDX: 000000000000000f RSI: 00007fb5162e30b0 RDI: 0000000000000008
[  241.370029][ T7538] RBP: 00007fb5162e30a0 R08: 0000000000000000 R09: 0000000000000000
[  241.378023][ T7538] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  241.386018][ T7538] R13: 000000000000000b R14: 00007fb515703f60 R15: 00007ffc1c963cc8
[  241.394013][ T7538]  </TASK>
[  241.916334][ T7581] FAULT_INJECTION: forcing a failure.
[  241.916334][ T7581] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.929809][ T7581] CPU: 1 PID: 7581 Comm: syz.1.582 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  241.939816][ T7581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  241.949969][ T7581] Call Trace:
[  241.953237][ T7581]  <TASK>
[  241.956157][ T7581]  dump_stack_lvl+0x241/0x360
[  241.960833][ T7581]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.966044][ T7581]  ? __pfx__printk+0x10/0x10
[  241.970650][ T7581]  ? __pfx_lock_release+0x10/0x10
[  241.975678][ T7581]  should_fail_ex+0x3b0/0x4e0
[  241.980362][ T7581]  _copy_from_iter+0x1f6/0x1960
[  241.985209][ T7581]  ? __virt_addr_valid+0x183/0x520
[  241.990322][ T7581]  ? __pfx_lock_release+0x10/0x10
[  241.995365][ T7581]  ? __alloc_skb+0x28f/0x440
[  241.999970][ T7581]  ? __pfx__copy_from_iter+0x10/0x10
[  242.005259][ T7581]  ? __virt_addr_valid+0x183/0x520
[  242.010394][ T7581]  ? __virt_addr_valid+0x183/0x520
[  242.015515][ T7581]  ? __virt_addr_valid+0x44e/0x520
[  242.020633][ T7581]  ? __check_object_size+0x49c/0x900
[  242.025923][ T7581]  netlink_sendmsg+0x743/0xcb0
[  242.030697][ T7581]  ? __pfx_netlink_sendmsg+0x10/0x10
[  242.035983][ T7581]  ? __import_iovec+0x536/0x820
[  242.040828][ T7581]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  242.046103][ T7581]  ? security_socket_sendmsg+0x87/0xb0
[  242.051558][ T7581]  ? __pfx_netlink_sendmsg+0x10/0x10
[  242.056835][ T7581]  __sock_sendmsg+0x221/0x270
[  242.061507][ T7581]  ____sys_sendmsg+0x525/0x7d0
[  242.066276][ T7581]  ? __pfx_____sys_sendmsg+0x10/0x10
[  242.071567][ T7581]  __sys_sendmsg+0x2b0/0x3a0
[  242.076157][ T7581]  ? __pfx___sys_sendmsg+0x10/0x10
[  242.081264][ T7581]  ? vfs_write+0x7c4/0xc90
[  242.085709][ T7581]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  242.092026][ T7581]  ? do_syscall_64+0x100/0x230
[  242.096789][ T7581]  ? do_syscall_64+0xb6/0x230
[  242.101467][ T7581]  do_syscall_64+0xf3/0x230
[  242.105969][ T7581]  ? clear_bhb_loop+0x35/0x90
[  242.110651][ T7581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.116535][ T7581] RIP: 0033:0x7f34ff775bd9
[  242.120942][ T7581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.140558][ T7581] RSP: 002b:00007f35005d3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  242.148977][ T7581] RAX: ffffffffffffffda RBX: 00007f34ff903f60 RCX: 00007f34ff775bd9
[  242.156948][ T7581] RDX: 0000000000000000 RSI: 0000000020001180 RDI: 0000000000000005
[  242.164917][ T7581] RBP: 00007f35005d30a0 R08: 0000000000000000 R09: 0000000000000000
[  242.172886][ T7581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  242.180855][ T7581] R13: 000000000000000b R14: 00007f34ff903f60 R15: 00007ffdfaa15e48
[  242.188835][ T7581]  </TASK>
[  242.273761][ T6858] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  242.464486][ T6858] usb 1-1: too many configurations: 65, using maximum allowed: 8
[  242.493946][ T6858] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  242.509588][ T6858] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.929930][ T7572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  242.938902][ T7572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  242.958975][ T6858] usb 1-1: string descriptor 0 read error: -71
[  242.973462][ T6858] usb 1-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  242.982501][ T6858] usb 1-1: No valid video chain found.
[  242.998678][ T6858] usb 1-1: USB disconnect, device number 22
[  244.053456][ T5130] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  244.238032][ T7637] FAULT_INJECTION: forcing a failure.
[  244.238032][ T7637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.273919][ T5130] usb 2-1: Using ep0 maxpacket: 16
[  244.278334][ T7637] CPU: 0 PID: 7637 Comm: syz.0.600 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  244.289047][ T7637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  244.299121][ T7637] Call Trace:
[  244.302418][ T7637]  <TASK>
[  244.305363][ T7637]  dump_stack_lvl+0x241/0x360
[  244.310068][ T7637]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.315287][ T7637]  ? __pfx__printk+0x10/0x10
[  244.319902][ T7637]  ? __pfx_lock_release+0x10/0x10
[  244.320179][ T5130] usb 2-1: no configurations
[  244.324929][ T7637]  should_fail_ex+0x3b0/0x4e0
[  244.324965][ T7637]  _copy_from_iter+0x1f6/0x1960
[  244.324984][ T7637]  ? __virt_addr_valid+0x183/0x520
[  244.325009][ T7637]  ? __pfx_lock_release+0x10/0x10
[  244.325035][ T7637]  ? __alloc_skb+0x28f/0x440
[  244.325056][ T7637]  ? __pfx__copy_from_iter+0x10/0x10
[  244.325077][ T7637]  ? __virt_addr_valid+0x183/0x520
[  244.325099][ T7637]  ? __virt_addr_valid+0x183/0x520
[  244.325120][ T7637]  ? __virt_addr_valid+0x44e/0x520
[  244.325146][ T7637]  ? __check_object_size+0x49c/0x900
[  244.325171][ T7637]  netlink_sendmsg+0x743/0xcb0
[  244.325204][ T7637]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.333923][ T5130] usb 2-1: can't read configurations, error -22
[  244.334449][ T7637]  ? __import_iovec+0x536/0x820
[  244.400931][ T7637]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  244.406235][ T7637]  ? security_socket_sendmsg+0x87/0xb0
[  244.411722][ T7637]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.417032][ T7637]  __sock_sendmsg+0x221/0x270
[  244.421735][ T7637]  ____sys_sendmsg+0x525/0x7d0
[  244.426530][ T7637]  ? __pfx_____sys_sendmsg+0x10/0x10
[  244.431856][ T7637]  __sys_sendmsg+0x2b0/0x3a0
[  244.436472][ T7637]  ? __pfx___sys_sendmsg+0x10/0x10
[  244.441604][ T7637]  ? vfs_write+0x7c4/0xc90
[  244.446083][ T7637]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  244.452426][ T7637]  ? do_syscall_64+0x100/0x230
[  244.457214][ T7637]  ? do_syscall_64+0xb6/0x230
[  244.461917][ T7637]  do_syscall_64+0xf3/0x230
[  244.466443][ T7637]  ? clear_bhb_loop+0x35/0x90
[  244.471150][ T7637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.477064][ T7637] RIP: 0033:0x7f383f575bd9
[  244.481479][ T7644] netlink: 44 bytes leftover after parsing attributes in process `syz.2.601'.
[  244.490307][ T7637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.490327][ T7637] RSP: 002b:00007f3840386048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  244.490349][ T7637] RAX: ffffffffffffffda RBX: 00007f383f703f60 RCX: 00007f383f575bd9
[  244.490363][ T7637] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000004
[  244.490375][ T7637] RBP: 00007f38403860a0 R08: 0000000000000000 R09: 0000000000000000
[  244.490387][ T7637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.490398][ T7637] R13: 000000000000000b R14: 00007f383f703f60 R15: 00007fff9657b458
[  244.490425][ T7637]  </TASK>
[  244.572944][ T5130] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  244.593773][ T7644] netlink: 4 bytes leftover after parsing attributes in process `syz.2.601'.
[  244.646332][ T7650] No such timeout policy "syz1"
[  244.763723][ T5130] usb 2-1: Using ep0 maxpacket: 16
[  244.775624][ T5130] usb 2-1: no configurations
[  244.780353][ T5130] usb 2-1: can't read configurations, error -22
[  244.792584][ T5130] usb usb2-port1: attempt power cycle
[  244.894035][ T5209] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  244.933737][  T785] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  244.983742][ T5126] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  245.095298][ T5209] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  245.105290][ T5209] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  245.115031][ T5209] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  245.118565][  T785] usb 5-1: config 0 has an invalid interface number: 182 but max is 1
[  245.130206][ T5209] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  245.145888][  T785] usb 5-1: config 0 has no interface number 1
[  245.150857][ T5209] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.156367][  T785] usb 5-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=9c.af
[  245.161026][ T5209] usb 3-1: Product: syz
[  245.174811][ T5126] usb 4-1: too many configurations: 65, using maximum allowed: 8
[  245.176271][ T5209] usb 3-1: Manufacturer: syz
[  245.187227][  T785] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.195702][ T5209] usb 3-1: SerialNumber: syz
[  245.196553][  T785] usb 5-1: config 0 descriptor??
[  245.204155][ T5209] hub 3-1:1.0: bad descriptor, ignoring hub
[  245.211320][ T5126] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  245.216517][ T5209] hub 3-1:1.0: probe with driver hub failed with error -5
[  245.220679][ T5130] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  245.236234][ T5126] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.287746][ T5130] usb 2-1: Using ep0 maxpacket: 16
[  245.293843][ T5130] usb 2-1: no configurations
[  245.298680][ T5130] usb 2-1: can't read configurations, error -22
[  245.411348][ T5209] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 17 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  245.450334][ T5131] usb 5-1: USB disconnect, device number 20
[  245.456712][ T5130] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  245.504487][ T5130] usb 2-1: Using ep0 maxpacket: 16
[  245.510190][ T5130] usb 2-1: no configurations
[  245.519024][ T5130] usb 2-1: can't read configurations, error -22
[  245.525829][ T5130] usb usb2-port1: unable to enumerate USB device
[  245.673799][ T7659] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.682380][ T7659] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.701899][ T5126] usb 4-1: string descriptor 0 read error: -71
[  245.708515][ T5126] usb 4-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  245.715684][ T5126] usb 4-1: No valid video chain found.
[  245.723191][ T5126] usb 4-1: USB disconnect, device number 17
[  245.734010][ T5130] usb 3-1: USB disconnect, device number 17
[  245.746394][ T5130] usblp0: removed
[  246.026930][ T7673] Cannot find add_set index 0 as target
[  246.497705][ T7689] tipc: Started in network mode
[  246.503334][ T7689] tipc: Node identity 2007ff, cluster identity 4711
[  246.513444][ T7689] tipc: Node number set to 2099199
[  246.604292][ T7694] No such timeout policy "syz1"
[  247.134197][ T7706] capability: warning: `syz.3.621' uses deprecated v2 capabilities in a way that may be insecure
[  247.279806][ T7717] FAULT_INJECTION: forcing a failure.
[  247.279806][ T7717] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.312684][ T7717] CPU: 0 PID: 7717 Comm: syz.0.622 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  247.322710][ T7717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  247.332864][ T7717] Call Trace:
[  247.336141][ T7717]  <TASK>
[  247.339065][ T7717]  dump_stack_lvl+0x241/0x360
[  247.343750][ T7717]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.348948][ T7717]  ? __pfx__printk+0x10/0x10
[  247.353535][ T7717]  ? __pfx_lock_release+0x10/0x10
[  247.358558][ T7717]  should_fail_ex+0x3b0/0x4e0
[  247.363234][ T7717]  _copy_from_iter+0x1f6/0x1960
[  247.368079][ T7717]  ? __virt_addr_valid+0x183/0x520
[  247.373187][ T7717]  ? __pfx_lock_release+0x10/0x10
[  247.378208][ T7717]  ? __alloc_skb+0x28f/0x440
[  247.382791][ T7717]  ? __pfx__copy_from_iter+0x10/0x10
[  247.388071][ T7717]  ? __virt_addr_valid+0x183/0x520
[  247.393178][ T7717]  ? __virt_addr_valid+0x183/0x520
[  247.398285][ T7717]  ? __virt_addr_valid+0x44e/0x520
[  247.403396][ T7717]  ? __check_object_size+0x49c/0x900
[  247.408678][ T7717]  netlink_sendmsg+0x743/0xcb0
[  247.413448][ T7717]  ? __pfx_netlink_sendmsg+0x10/0x10
[  247.418727][ T7717]  ? __import_iovec+0x536/0x820
[  247.423574][ T7717]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  247.428849][ T7717]  ? security_socket_sendmsg+0x87/0xb0
[  247.434307][ T7717]  ? __pfx_netlink_sendmsg+0x10/0x10
[  247.439586][ T7717]  __sock_sendmsg+0x221/0x270
[  247.444255][ T7717]  ____sys_sendmsg+0x525/0x7d0
[  247.449021][ T7717]  ? __pfx_____sys_sendmsg+0x10/0x10
[  247.454311][ T7717]  __sys_sendmsg+0x2b0/0x3a0
[  247.458898][ T7717]  ? __pfx___sys_sendmsg+0x10/0x10
[  247.464001][ T7717]  ? vfs_write+0x7c4/0xc90
[  247.468442][ T7717]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  247.474762][ T7717]  ? do_syscall_64+0x100/0x230
[  247.479523][ T7717]  ? do_syscall_64+0xb6/0x230
[  247.484201][ T7717]  do_syscall_64+0xf3/0x230
[  247.488701][ T7717]  ? clear_bhb_loop+0x35/0x90
[  247.493376][ T7717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.499267][ T7717] RIP: 0033:0x7f383f575bd9
[  247.503675][ T7717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.523271][ T7717] RSP: 002b:00007f3840365048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  247.531677][ T7717] RAX: ffffffffffffffda RBX: 00007f383f704038 RCX: 00007f383f575bd9
[  247.539641][ T7717] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000006
[  247.547601][ T7717] RBP: 00007f38403650a0 R08: 0000000000000000 R09: 0000000000000000
[  247.555569][ T7717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.563527][ T7717] R13: 000000000000006e R14: 00007f383f704038 R15: 00007fff9657b458
[  247.571501][ T7717]  </TASK>
[  247.574629][    C0] vkms_vblank_simulate: vblank timer overrun
[  247.605988][ T7722] Invalid ELF section name index: 32768 || e_shstrndx (32768) >= e_shnum (0)
[  247.913822][ T5126] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  247.963945][  T784] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  247.975178][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  247.975191][   T29] audit: type=1326 audit(1720126916.463:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7705 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafc575bd9 code=0x7fc00000
[  248.026497][   T29] audit: type=1326 audit(1720126916.463:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7705 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faafc575bd9 code=0x7fc00000
[  248.047882][    C0] vkms_vblank_simulate: vblank timer overrun
[  248.056795][   T29] audit: type=1326 audit(1720126916.463:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7705 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafc575bd9 code=0x7fc00000
[  248.057804][ T7734] No such timeout policy "syz1"
[  248.078187][    C0] vkms_vblank_simulate: vblank timer overrun
[  248.091430][   T29] audit: type=1326 audit(1720126916.463:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7705 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafc575bd9 code=0x7fc00000
[  248.121960][   T29] audit: type=1326 audit(1720126916.463:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7705 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafc575bd9 code=0x7fc00000
[  248.154823][   T29] audit: type=1326 audit(1720126916.463:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7705 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafc575bd9 code=0x7fc00000
[  248.155013][ T5126] usb 3-1: too many configurations: 65, using maximum allowed: 8
[  248.184809][   T29] audit: type=1326 audit(1720126916.463:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7705 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafc575bd9 code=0x7fc00000
[  248.193700][  T784] usb 1-1: Using ep0 maxpacket: 32
[  248.215460][   T29] audit: type=1326 audit(1720126916.463:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7705 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafc575bd9 code=0x7fc00000
[  248.235682][  T784] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  248.246341][   T29] audit: type=1326 audit(1720126916.463:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7705 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafc575bd9 code=0x7fc00000
[  248.256811][  T784] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  248.291145][   T29] audit: type=1326 audit(1720126916.463:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7705 comm="syz.3.621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faafc575bd9 code=0x7fc00000
[  248.293682][  T784] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  248.315345][ T5126] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  248.334613][ T5126] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.342795][  T784] usb 1-1: Product: syz
[  248.348873][  T784] usb 1-1: Manufacturer: syz
[  248.353680][  T784] usb 1-1: SerialNumber: syz
[  248.360913][  T784] usb 1-1: config 0 descriptor??
[  248.376414][ T7727] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  248.422582][ T7744] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  248.613318][  T784] usb 1-1: USB disconnect, device number 23
[  248.772758][ T7723] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  248.783068][ T7723] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  248.797539][ T5126] usb 3-1: string descriptor 0 read error: -71
[  248.804115][ T5126] usb 3-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  248.811015][ T5126] usb 3-1: No valid video chain found.
[  248.813923][ T5209] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  248.820248][ T5126] usb 3-1: USB disconnect, device number 18
[  249.013706][ T5209] usb 2-1: Using ep0 maxpacket: 16
[  249.020228][ T5209] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  249.033116][ T5209] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  249.042307][ T5209] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.052103][ T5209] usb 2-1: config 0 descriptor??
[  249.514572][ T7764] No such timeout policy "syz1"
[  249.608977][ T7750] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.651458][ T7750] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.689148][ T5209] hid (null): invalid report_count 983040256
[  249.698431][ T5209] hid (null): unknown global tag 0xc
[  249.720857][ T5209] hid-generic 0003:0158:0100.000C: unknown main item tag 0x0
[  249.749402][ T5209] hid-generic 0003:0158:0100.000C: invalid report_count 983040256
[  249.765988][ T5209] hid-generic 0003:0158:0100.000C: item 0 4 1 9 parsing failed
[  249.782951][ T5209] hid-generic 0003:0158:0100.000C: probe with driver hid-generic failed with error -22
[  249.991688][ T5209] usb 2-1: USB disconnect, device number 22
[  250.164427][ T7792] 9pnet_fd: Insufficient options for proto=fd
[  251.143778][ T5131] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  251.173755][ T5130] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  251.203881][ T7810] warning: `syz.3.655' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  251.215412][ T7810] FAULT_INJECTION: forcing a failure.
[  251.215412][ T7810] name failslab, interval 1, probability 0, space 0, times 0
[  251.263686][ T7810] CPU: 1 PID: 7810 Comm: syz.3.655 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  251.273706][ T7810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  251.283762][ T7810] Call Trace:
[  251.287046][ T7810]  <TASK>
[  251.289989][ T7810]  dump_stack_lvl+0x241/0x360
[  251.294696][ T7810]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.299925][ T7810]  ? __pfx__printk+0x10/0x10
[  251.304533][ T7810]  ? preempt_schedule+0xe1/0xf0
[  251.309384][ T7810]  ? _printk+0xd5/0x120
[  251.313542][ T7810]  ? _printk+0xd5/0x120
[  251.317926][ T7810]  should_fail_ex+0x3b0/0x4e0
[  251.322636][ T7810]  ? ioctl_standard_iw_point+0x4ae/0xcb0
[  251.328280][ T7810]  should_failslab+0x9/0x20
[  251.332795][ T7810]  __kmalloc_noprof+0xd8/0x400
[  251.337564][ T7810]  ioctl_standard_iw_point+0x4ae/0xcb0
[  251.343024][ T7810]  ? __pfx_cfg80211_wext_giwscan+0x10/0x10
[  251.348823][ T7810]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  251.354796][ T7810]  ? _printk+0xd5/0x120
[  251.358949][ T7810]  ? __pfx__printk+0x10/0x10
[  251.363537][ T7810]  ioctl_standard_call+0xc7/0x290
[  251.368569][ T7810]  ? __pfx_cfg80211_wext_giwscan+0x10/0x10
[  251.374389][ T7810]  ? __pfx_cfg80211_wext_giwscan+0x10/0x10
[  251.380193][ T7810]  wext_ioctl_dispatch+0x58e/0x640
[  251.385300][ T7810]  ? __pfx_ioctl_standard_call+0x10/0x10
[  251.390921][ T7810]  ? __pfx_ioctl_private_call+0x10/0x10
[  251.396457][ T7810]  ? __pfx_wext_ioctl_dispatch+0x10/0x10
[  251.402079][ T7810]  ? __might_fault+0xc6/0x120
[  251.406755][ T7810]  wext_handle_ioctl+0x15f/0x270
[  251.411696][ T7810]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  251.417177][ T7810]  ? __asan_memset+0x23/0x50
[  251.421867][ T7810]  ? smack_file_ioctl+0x2a1/0x3a0
[  251.426885][ T7810]  sock_ioctl+0x17f/0x8e0
[  251.431207][ T7810]  ? __pfx_sock_ioctl+0x10/0x10
[  251.436051][ T7810]  ? __fget_files+0x3f6/0x470
[  251.440713][ T7810]  ? __fget_files+0x29/0x470
[  251.445322][ T7810]  ? bpf_lsm_file_ioctl+0x9/0x10
[  251.450260][ T7810]  ? security_file_ioctl+0x87/0xb0
[  251.455368][ T7810]  ? __pfx_sock_ioctl+0x10/0x10
[  251.460217][ T7810]  __se_sys_ioctl+0xfc/0x170
[  251.464813][ T7810]  do_syscall_64+0xf3/0x230
[  251.469339][ T7810]  ? clear_bhb_loop+0x35/0x90
[  251.474036][ T7810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.479921][ T7810] RIP: 0033:0x7faafc575bd9
[  251.484332][ T7810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.503963][ T7810] RSP: 002b:00007faafd33d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  251.512384][ T7810] RAX: ffffffffffffffda RBX: 00007faafc703f60 RCX: 00007faafc575bd9
[  251.520461][ T7810] RDX: 0000000020000000 RSI: 0000000000008b19 RDI: 0000000000000003
[  251.528512][ T7810] RBP: 00007faafd33d0a0 R08: 0000000000000000 R09: 0000000000000000
[  251.536493][ T7810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.544455][ T7810] R13: 000000000000000b R14: 00007faafc703f60 R15: 00007ffe71041f88
[  251.552456][ T7810]  </TASK>
[  251.592021][ T5131] usb 3-1: too many configurations: 65, using maximum allowed: 8
[  251.610798][ T5131] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  251.621690][ T5131] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.646705][ T7816] netlink: 'syz.1.658': attribute type 10 has an invalid length.
[  251.674056][ T5130] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  251.685220][ T7816] 8021q: adding VLAN 0 to HW filter on device team0
[  251.713365][ T5130] usb 5-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=39.78
[  251.714143][ T7816] bond0: (slave team0): Enslaving as an active interface with an up link
[  251.732752][ T5130] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.752375][ T5130] usb 5-1: Product: syz
[  251.764233][ T5130] usb 5-1: Manufacturer: syz
[  251.772686][ T5130] usb 5-1: SerialNumber: syz
[  251.803158][ T5130] usb 5-1: config 0 descriptor??
[  251.812191][ T5130] usbtest 5-1:0.0: couldn't get endpoints, -22
[  251.823079][ T5130] usbtest 5-1:0.0: probe with driver usbtest failed with error -22
[  251.879332][ T7824] sock: sock_timestamping_bind_phc: sock not bind to device
[  252.048276][ T7798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.064076][ T7798] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  252.087408][ T5131] usb 3-1: string descriptor 0 read error: -71
[  252.102540][ T5131] usb 3-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  252.109773][ T5131] usb 3-1: No valid video chain found.
[  252.144076][ T5131] usb 3-1: USB disconnect, device number 19
[  252.258937][ T4478] Bluetooth: hci3: unknown advertising packet type: 0x65
[  252.258981][ T4478] Bluetooth: hci3: unknown advertising packet type: 0x09
[  252.269228][ T4478] Bluetooth: hci3: unknown advertising packet type: 0x05
[  252.276812][ T4478] Bluetooth: hci3: unknown advertising packet type: 0x25
[  252.284052][ T4478] Bluetooth: hci3: Malformed LE Event: 0x02
[  252.626863][ T5126] usb 5-1: USB disconnect, device number 21
[  252.644420][ T7852] syz.0.669[7852] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  252.644565][ T7852] syz.0.669[7852] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  253.371470][ T7870] netlink: 'syz.1.674': attribute type 1 has an invalid length.
[  253.436567][ T7870] FAULT_INJECTION: forcing a failure.
[  253.436567][ T7870] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.472725][ T7870] CPU: 1 PID: 7870 Comm: syz.1.674 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  253.482757][ T7870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  253.492833][ T7870] Call Trace:
[  253.496132][ T7870]  <TASK>
[  253.499083][ T7870]  dump_stack_lvl+0x241/0x360
[  253.503789][ T7870]  ? __pfx_dump_stack_lvl+0x10/0x10
[  253.509012][ T7870]  ? __pfx__printk+0x10/0x10
[  253.513617][ T7870]  ? __pfx_lock_release+0x10/0x10
[  253.518659][ T7870]  should_fail_ex+0x3b0/0x4e0
[  253.523360][ T7870]  _copy_from_iter+0x1f6/0x1960
[  253.528225][ T7870]  ? __virt_addr_valid+0x183/0x520
[  253.533357][ T7870]  ? __pfx_lock_release+0x10/0x10
[  253.538411][ T7870]  ? __alloc_skb+0x28f/0x440
[  253.543012][ T7870]  ? __pfx__copy_from_iter+0x10/0x10
[  253.548312][ T7870]  ? __virt_addr_valid+0x183/0x520
[  253.553437][ T7870]  ? __virt_addr_valid+0x183/0x520
[  253.558565][ T7870]  ? __virt_addr_valid+0x44e/0x520
[  253.563692][ T7870]  ? __check_object_size+0x49c/0x900
[  253.568996][ T7870]  netlink_sendmsg+0x743/0xcb0
[  253.573785][ T7870]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.579084][ T7870]  ? __import_iovec+0x536/0x820
[  253.583934][ T7870]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  253.589207][ T7870]  ? security_socket_sendmsg+0x87/0xb0
[  253.594662][ T7870]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.599939][ T7870]  __sock_sendmsg+0x221/0x270
[  253.604609][ T7870]  ____sys_sendmsg+0x525/0x7d0
[  253.609376][ T7870]  ? __pfx_____sys_sendmsg+0x10/0x10
[  253.614666][ T7870]  __sys_sendmsg+0x2b0/0x3a0
[  253.619250][ T7870]  ? __pfx___sys_sendmsg+0x10/0x10
[  253.624354][ T7870]  ? vfs_write+0x7c4/0xc90
[  253.628797][ T7870]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  253.635126][ T7870]  ? do_syscall_64+0x100/0x230
[  253.639902][ T7870]  ? do_syscall_64+0xb6/0x230
[  253.644578][ T7870]  do_syscall_64+0xf3/0x230
[  253.649079][ T7870]  ? clear_bhb_loop+0x35/0x90
[  253.653755][ T7870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.659641][ T7870] RIP: 0033:0x7f34ff775bd9
[  253.664046][ T7870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.683644][ T7870] RSP: 002b:00007f35005d3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.692050][ T7870] RAX: ffffffffffffffda RBX: 00007f34ff903f60 RCX: 00007f34ff775bd9
[  253.700012][ T7870] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  253.707977][ T7870] RBP: 00007f35005d30a0 R08: 0000000000000000 R09: 0000000000000000
[  253.715939][ T7870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.723899][ T7870] R13: 000000000000000b R14: 00007f34ff903f60 R15: 00007ffdfaa15e48
[  253.731874][ T7870]  </TASK>
[  254.593892][ T5130] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  254.854673][ T5130] usb 4-1: too many configurations: 65, using maximum allowed: 8
[  254.909720][ T5130] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  254.930601][ T5130] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.382915][ T7884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  255.393222][ T7884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  255.419498][ T5130] usb 4-1: string descriptor 0 read error: -71
[  255.430257][ T5130] usb 4-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  255.450811][ T5130] usb 4-1: No valid video chain found.
[  255.470394][ T5130] usb 4-1: USB disconnect, device number 18
[  255.613911][ T5126] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  255.820533][ T5126] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  255.853833][ T5126] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  255.883268][ T5126] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  255.895791][ T5126] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.904266][ T5126] usb 5-1: Product: syz
[  255.908705][ T5126] usb 5-1: Manufacturer: syz
[  255.915073][ T5126] usb 5-1: SerialNumber: syz
[  255.928037][ T5126] cdc_ncm 5-1:1.0: skipping garbage
[  256.016192][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  256.024027][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  256.033560][ T7926] netdevsim netdevsim2: Direct firmware load for ng failed with error -2
[  256.050591][ T7926] netdevsim netdevsim2: Falling back to sysfs fallback for: ng
[  256.114739][    T9] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  256.324271][    T9] usb 1-1: Using ep0 maxpacket: 16
[  256.342549][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  256.355028][    T9] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  256.371409][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.410086][    T9] usb 1-1: config 0 descriptor??
[  256.576943][ T7944] FAULT_INJECTION: forcing a failure.
[  256.576943][ T7944] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.591181][ T7944] CPU: 1 PID: 7944 Comm: syz.3.696 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  256.601187][ T7944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  256.611251][ T7944] Call Trace:
[  256.614540][ T7944]  <TASK>
[  256.617480][ T7944]  dump_stack_lvl+0x241/0x360
[  256.622159][ T7944]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.627371][ T7944]  ? __pfx__printk+0x10/0x10
[  256.631972][ T7944]  ? __pfx_lock_release+0x10/0x10
[  256.637004][ T7944]  should_fail_ex+0x3b0/0x4e0
[  256.641690][ T7944]  _copy_from_iter+0x1f6/0x1960
[  256.646541][ T7944]  ? __virt_addr_valid+0x183/0x520
[  256.651664][ T7944]  ? __pfx_lock_release+0x10/0x10
[  256.656701][ T7944]  ? __pfx__copy_from_iter+0x10/0x10
[  256.661983][ T7944]  ? __virt_addr_valid+0x183/0x520
[  256.667111][ T7944]  ? __virt_addr_valid+0x183/0x520
[  256.672233][ T7944]  ? __virt_addr_valid+0x44e/0x520
[  256.677347][ T7944]  ? __check_object_size+0x49c/0x900
[  256.682647][ T7944]  raw_sendmsg+0x40d/0xa10
[  256.687083][ T7944]  ? __pfx_raw_sendmsg+0x10/0x10
[  256.692036][ T7944]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  256.697331][ T7944]  ? security_socket_sendmsg+0x87/0xb0
[  256.702795][ T7944]  ? __pfx_ieee802154_sock_sendmsg+0x10/0x10
[  256.708791][ T7944]  __sock_sendmsg+0x221/0x270
[  256.713472][ T7944]  ____sys_sendmsg+0x525/0x7d0
[  256.718506][ T7944]  ? __pfx_____sys_sendmsg+0x10/0x10
[  256.723808][ T7944]  __sys_sendmmsg+0x3b2/0x740
[  256.728506][ T7944]  ? __pfx___sys_sendmmsg+0x10/0x10
[  256.733747][ T7944]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  256.739651][ T7944]  ? ksys_write+0x23e/0x2c0
[  256.744150][ T7944]  ? __pfx_lock_release+0x10/0x10
[  256.749186][ T7944]  ? vfs_write+0x7c4/0xc90
[  256.753645][ T7944]  ? __mutex_unlock_slowpath+0x21d/0x750
[  256.759306][ T7944]  ? __pfx_vfs_write+0x10/0x10
[  256.764119][ T7944]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  256.770107][ T7944]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  256.776436][ T7944]  ? do_syscall_64+0x100/0x230
[  256.781221][ T7944]  __x64_sys_sendmmsg+0xa0/0xb0
[  256.786089][ T7944]  do_syscall_64+0xf3/0x230
[  256.790613][ T7944]  ? clear_bhb_loop+0x35/0x90
[  256.795312][ T7944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.801208][ T7944] RIP: 0033:0x7faafc575bd9
[  256.805628][ T7944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.825253][ T7944] RSP: 002b:00007faafd33d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  256.833676][ T7944] RAX: ffffffffffffffda RBX: 00007faafc703f60 RCX: 00007faafc575bd9
[  256.841653][ T7944] RDX: 0000000004000270 RSI: 00000000200020c0 RDI: 0000000000000004
[  256.849627][ T7944] RBP: 00007faafd33d0a0 R08: 0000000000000000 R09: 0000000000000000
[  256.857603][ T7944] R10: 0000000024008050 R11: 0000000000000246 R12: 0000000000000001
[  256.865565][ T7944] R13: 000000000000000b R14: 00007faafc703f60 R15: 00007ffe71041f88
[  256.873545][ T7944]  </TASK>
[  256.917143][ T7920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  256.945149][ T7920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  257.182732][ T5126] cdc_ncm 5-1:1.0: bind() failure
[  257.200954][ T5126] usbtest 5-1:1.1: probe with driver usbtest failed with error -71
[  257.233269][ T5126] usb 5-1: USB disconnect, device number 22
[  257.370588][ T7950] syz.3.697[7950] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  257.371272][ T7950] syz.3.697[7950] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  257.413781][ T5209] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  257.427095][ T7920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  257.447233][ T7920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  257.469864][    T9] hid (null): invalid report_count 983040256
[  257.478416][    T9] hid (null): unknown global tag 0xc
[  257.485331][    T9] hid (null): invalid report_count 7155259
[  257.500030][    T9] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[  257.508224][    T9] hid-generic 0003:0158:0100.000D: invalid report_count 983040256
[  257.516161][    T9] hid-generic 0003:0158:0100.000D: item 0 4 1 9 parsing failed
[  257.529855][    T9] hid-generic 0003:0158:0100.000D: probe with driver hid-generic failed with error -22
[  257.653457][ T5209] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.664799][ T5209] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  257.674256][ T5126] usb 1-1: USB disconnect, device number 24
[  257.683741][ T5209] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  257.696691][ T5209] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  257.708806][ T5209] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.717388][ T5209] usb 3-1: Product: syz
[  257.721734][ T5209] usb 3-1: Manufacturer: syz
[  257.732062][ T5209] usb 3-1: SerialNumber: syz
[  257.926668][ T4478] Bluetooth: hci1: command 0x0406 tx timeout
[  258.171293][ T7948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  258.189588][ T7948] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  258.419739][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  258.419757][   T29] audit: type=1326 audit(1720126926.913:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7957 comm="syz.0.701" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f383f575bd9 code=0x0
[  258.803091][ T5209] cdc_ncm 3-1:1.0: bind() failure
[  258.840758][ T5209] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71
[  258.871487][ T5209] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71
[  258.890190][ T5209] usbtest 3-1:1.1: probe with driver usbtest failed with error -71
[  258.911389][ T5209] usb 3-1: USB disconnect, device number 20
[  259.501718][ T7974] netlink: 'syz.2.705': attribute type 2 has an invalid length.
[  259.635248][ T7982] FAULT_INJECTION: forcing a failure.
[  259.635248][ T7982] name failslab, interval 1, probability 0, space 0, times 0
[  259.672898][ T7982] CPU: 1 PID: 7982 Comm: syz.4.707 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  259.682909][ T7982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  259.693081][ T7982] Call Trace:
[  259.696379][ T7982]  <TASK>
[  259.699330][ T7982]  dump_stack_lvl+0x241/0x360
[  259.704040][ T7982]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.709264][ T7982]  ? __pfx__printk+0x10/0x10
[  259.713952][ T7982]  should_fail_ex+0x3b0/0x4e0
[  259.718659][ T7982]  ? __alloc_skb+0x1c3/0x440
[  259.723271][ T7982]  should_failslab+0x9/0x20
[  259.727798][ T7982]  kmem_cache_alloc_node_noprof+0x71/0x320
[  259.733633][ T7982]  ? br_get_link_af_size_filtered+0xdb/0xd30
[  259.739638][ T7982]  __alloc_skb+0x1c3/0x440
[  259.744079][ T7982]  ? __pfx___alloc_skb+0x10/0x10
[  259.749032][ T7982]  ? if_nlmsg_size+0x74f/0x7a0
[  259.753824][ T7982]  ? if_nlmsg_size+0x53a/0x7a0
[  259.758617][ T7982]  rtmsg_ifinfo_build_skb+0x84/0x260
[  259.763938][ T7982]  ? netpoll_poll_enable+0x1c/0x220
[  259.769157][ T7982]  rtmsg_ifinfo+0x91/0x1b0
[  259.773601][ T7982]  __dev_notify_flags+0xf7/0x400
[  259.778562][ T7982]  ? dev_set_rx_mode+0x233/0x2e0
[  259.783524][ T7982]  ? __pfx___dev_notify_flags+0x10/0x10
[  259.789090][ T7982]  ? __dev_change_flags+0x515/0x6f0
[  259.794302][ T7982]  ? __pfx___dev_change_flags+0x10/0x10
[  259.799841][ T7982]  ? rcu_is_watching+0x15/0xb0
[  259.804606][ T7982]  ? trace_contention_end+0x3c/0x120
[  259.809892][ T7982]  ? __mutex_lock+0x2ef/0xd70
[  259.814572][ T7982]  dev_change_flags+0xf0/0x1a0
[  259.819333][ T7982]  dev_ifsioc+0x7c8/0xe70
[  259.823667][ T7982]  ? __pfx_dev_ifsioc+0x10/0x10
[  259.828520][ T7982]  ? dev_load+0x21/0x1f0
[  259.832761][ T7982]  dev_ioctl+0x719/0x1340
[  259.837090][ T7982]  sock_do_ioctl+0x240/0x460
[  259.841682][ T7982]  ? __pfx_sock_do_ioctl+0x10/0x10
[  259.846806][ T7982]  ? __asan_memset+0x23/0x50
[  259.851397][ T7982]  ? smack_file_ioctl+0x2a1/0x3a0
[  259.856429][ T7982]  sock_ioctl+0x629/0x8e0
[  259.860762][ T7982]  ? __pfx_sock_ioctl+0x10/0x10
[  259.865628][ T7982]  ? __fget_files+0x3f6/0x470
[  259.870306][ T7982]  ? __fget_files+0x29/0x470
[  259.874894][ T7982]  ? bpf_lsm_file_ioctl+0x9/0x10
[  259.879836][ T7982]  ? security_file_ioctl+0x87/0xb0
[  259.884949][ T7982]  ? __pfx_sock_ioctl+0x10/0x10
[  259.889808][ T7982]  __se_sys_ioctl+0xfc/0x170
[  259.894399][ T7982]  do_syscall_64+0xf3/0x230
[  259.898902][ T7982]  ? clear_bhb_loop+0x35/0x90
[  259.903579][ T7982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.909473][ T7982] RIP: 0033:0x7fb515575bd9
[  259.913881][ T7982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.933572][ T7982] RSP: 002b:00007fb5162e3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.941987][ T7982] RAX: ffffffffffffffda RBX: 00007fb515703f60 RCX: 00007fb515575bd9
[  259.949970][ T7982] RDX: 0000000020000280 RSI: 0000000000008914 RDI: 0000000000000004
[  259.957942][ T7982] RBP: 00007fb5162e30a0 R08: 0000000000000000 R09: 0000000000000000
[  259.965908][ T7982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.973876][ T7982] R13: 000000000000000b R14: 00007fb515703f60 R15: 00007ffc1c963cc8
[  259.981872][ T7982]  </TASK>
[  259.992363][ T5126] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  260.113224][ T7987] FAULT_INJECTION: forcing a failure.
[  260.113224][ T7987] name failslab, interval 1, probability 0, space 0, times 0
[  260.125961][ T7987] CPU: 1 PID: 7987 Comm: syz.4.709 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  260.135949][ T7987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  260.145998][ T7987] Call Trace:
[  260.149263][ T7987]  <TASK>
[  260.152191][ T7987]  dump_stack_lvl+0x241/0x360
[  260.156889][ T7987]  ? __pfx_dump_stack_lvl+0x10/0x10
[  260.162085][ T7987]  ? __pfx__printk+0x10/0x10
[  260.166669][ T7987]  ? nf_ct_pernet+0x45/0x270
[  260.171249][ T7987]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  260.177243][ T7987]  ? __pfx_lock_release+0x10/0x10
[  260.182324][ T7987]  should_fail_ex+0x3b0/0x4e0
[  260.187008][ T7987]  ? __nf_conntrack_alloc+0x8f/0x380
[  260.192291][ T7987]  should_failslab+0x9/0x20
[  260.196804][ T7987]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  260.202192][ T7987]  __nf_conntrack_alloc+0x8f/0x380
[  260.207303][ T7987]  init_conntrack+0x3c3/0x1310
[  260.212061][ T7987]  ? __pfx_init_conntrack+0x10/0x10
[  260.217253][ T7987]  ? __pfx___nf_conntrack_find_get+0x10/0x10
[  260.223223][ T7987]  ? __local_bh_enable_ip+0x168/0x200
[  260.228587][ T7987]  nf_conntrack_in+0xd59/0x1880
[  260.233454][ T7987]  ? __pfx_nf_conntrack_in+0x10/0x10
[  260.238743][ T7987]  ? ipt_do_table+0x312/0x1860
[  260.243505][ T7987]  ? __pfx_ipt_do_table+0x10/0x10
[  260.248523][ T7987]  ? ipv4_conntrack_defrag+0x2a2/0x5a0
[  260.253973][ T7987]  ? ip_sabotage_in+0x55/0x290
[  260.258727][ T7987]  ? __pfx_ipv4_conntrack_in+0x10/0x10
[  260.264191][ T7987]  nf_hook_slow+0xc3/0x220
[  260.268597][ T7987]  ? __pfx_ip_rcv_finish+0x10/0x10
[  260.273795][ T7987]  ? __pfx_ip_rcv_finish+0x10/0x10
[  260.278924][ T7987]  NF_HOOK+0x29e/0x450
[  260.282987][ T7987]  ? NF_HOOK+0x9a/0x450
[  260.287135][ T7987]  ? __pfx_NF_HOOK+0x10/0x10
[  260.291723][ T7987]  ? ip_rcv_core+0x7ff/0xd10
[  260.296419][ T7987]  ? __pfx_ip_rcv_finish+0x10/0x10
[  260.301527][ T7987]  ? __pfx_ip_rcv+0x10/0x10
[  260.306028][ T7987]  __netif_receive_skb+0x2bf/0x650
[  260.311130][ T7987]  ? __pfx_lock_acquire+0x10/0x10
[  260.316140][ T7987]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  260.322383][ T7987]  ? __pfx___netif_receive_skb+0x10/0x10
[  260.328008][ T7987]  ? __kasan_slab_alloc+0x66/0x80
[  260.333024][ T7987]  ? read_tsc+0x9/0x20
[  260.337084][ T7987]  ? timekeeping_get_ns+0x2c0/0x420
[  260.342291][ T7987]  ? netif_receive_skb+0x131/0x890
[  260.347401][ T7987]  ? netif_receive_skb+0x131/0x890
[  260.352504][ T7987]  netif_receive_skb+0x1e8/0x890
[  260.357434][ T7987]  ? tun_rx_batched+0x160/0x8f0
[  260.362274][ T7987]  ? __pfx_netif_receive_skb+0x10/0x10
[  260.367728][ T7987]  ? tun_rx_batched+0x160/0x8f0
[  260.372567][ T7987]  tun_rx_batched+0x1b7/0x8f0
[  260.377237][ T7987]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  260.383557][ T7987]  ? __pfx_lock_acquire+0x10/0x10
[  260.388586][ T7987]  ? __pfx_tun_rx_batched+0x10/0x10
[  260.393830][ T7987]  tun_get_user+0x2f35/0x4560
[  260.398524][ T7987]  ? tun_get_user+0x2a2f/0x4560
[  260.403377][ T7987]  ? __pfx_tun_get_user+0x10/0x10
[  260.408393][ T7987]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  260.413843][ T7987]  ? tun_get+0x1e/0x2f0
[  260.417997][ T7987]  ? tun_get+0x1e/0x2f0
[  260.422142][ T7987]  ? tun_get+0x27d/0x2f0
[  260.426377][ T7987]  tun_chr_write_iter+0x113/0x1f0
[  260.431390][ T7987]  vfs_write+0xa72/0xc90
[  260.435630][ T7987]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  260.441168][ T7987]  ? __pfx_vfs_write+0x10/0x10
[  260.445969][ T7987]  ksys_write+0x1a0/0x2c0
[  260.450311][ T7987]  ? __pfx_ksys_write+0x10/0x10
[  260.455154][ T7987]  ? do_syscall_64+0x100/0x230
[  260.459911][ T7987]  ? do_syscall_64+0xb6/0x230
[  260.464578][ T7987]  do_syscall_64+0xf3/0x230
[  260.469073][ T7987]  ? clear_bhb_loop+0x35/0x90
[  260.473746][ T7987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.479633][ T7987] RIP: 0033:0x7fb51557475f
[  260.484041][ T7987] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  260.503660][ T7987] RSP: 002b:00007fb5162e3010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  260.512063][ T7987] RAX: ffffffffffffffda RBX: 00007fb515703f60 RCX: 00007fb51557475f
[  260.520020][ T7987] RDX: 0000000000000036 RSI: 0000000020001800 RDI: 00000000000000c8
[  260.527979][ T7987] RBP: 00007fb5162e30a0 R08: 0000000000000000 R09: 0000000000000000
[  260.535940][ T7987] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  260.543899][ T7987] R13: 000000000000000b R14: 00007fb515703f60 R15: 00007ffc1c963cc8
[  260.551867][ T7987]  </TASK>
[  260.570284][ T7983] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  260.586591][ T7983] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  260.684381][ T5126] usb 2-1: too many configurations: 65, using maximum allowed: 8
[  260.709158][ T5126] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  260.730679][ T5126] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.184157][ T7994] syz.4.710[7994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  261.184301][ T7994] syz.4.710[7994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  261.219289][ T7967] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.246474][ T7967] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.284589][ T7992] FAULT_INJECTION: forcing a failure.
[  261.284589][ T7992] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.310150][ T5126] usb 2-1: string descriptor 0 read error: -71
[  261.326090][ T5126] usb 2-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  261.350366][ T7992] CPU: 1 PID: 7992 Comm: syz.0.711 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  261.360392][ T7992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  261.370473][ T7992] Call Trace:
[  261.373768][ T7992]  <TASK>
[  261.376708][ T7992]  dump_stack_lvl+0x241/0x360
[  261.381417][ T7992]  ? __pfx_dump_stack_lvl+0x10/0x10
[  261.386646][ T7992]  ? __pfx__printk+0x10/0x10
[  261.391263][ T7992]  ? snprintf+0xda/0x120
[  261.395523][ T7992]  should_fail_ex+0x3b0/0x4e0
[  261.400226][ T7992]  _copy_to_user+0x2f/0xb0
[  261.404667][ T7992]  simple_read_from_buffer+0xca/0x150
[  261.410066][ T7992]  proc_fail_nth_read+0x1e9/0x250
[  261.415113][ T7992]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  261.420685][ T7992]  ? rw_verify_area+0x520/0x6b0
[  261.425560][ T7992]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  261.431126][ T7992]  vfs_read+0x204/0xbc0
[  261.435300][ T7992]  ? __pfx_lock_release+0x10/0x10
[  261.440344][ T7992]  ? __pfx_vfs_read+0x10/0x10
[  261.445038][ T7992]  ? __fget_files+0x29/0x470
[  261.449643][ T7992]  ? __fget_files+0x3f6/0x470
[  261.454344][ T7992]  ksys_read+0x1a0/0x2c0
[  261.458612][ T7992]  ? __pfx_ksys_read+0x10/0x10
[  261.463395][ T7992]  ? do_syscall_64+0x100/0x230
[  261.468184][ T7992]  ? do_syscall_64+0xb6/0x230
[  261.472879][ T7992]  do_syscall_64+0xf3/0x230
[  261.477400][ T7992]  ? clear_bhb_loop+0x35/0x90
[  261.482102][ T7992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.488009][ T7992] RIP: 0033:0x7f383f5746bc
[  261.492440][ T7992] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  261.512067][ T7992] RSP: 002b:00007f3840386040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  261.520504][ T7992] RAX: ffffffffffffffda RBX: 00007f383f703f60 RCX: 00007f383f5746bc
[  261.528498][ T7992] RDX: 000000000000000f RSI: 00007f38403860b0 RDI: 0000000000000006
[  261.536487][ T7992] RBP: 00007f38403860a0 R08: 0000000000000000 R09: 0000000000000000
[  261.544474][ T7992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.552460][ T7992] R13: 000000000000000b R14: 00007f383f703f60 R15: 00007fff9657b458
[  261.560472][ T7992]  </TASK>
[  261.564906][ T5126] usb 2-1: No valid video chain found.
[  261.577948][ T5126] usb 2-1: USB disconnect, device number 23
[  261.610779][ T7995] netlink: 32 bytes leftover after parsing attributes in process `syz.3.712'.
[  262.383794][  T784] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  262.681983][  T784] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  262.773659][  T784] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.809994][  T784] usb 2-1: Product: syz
[  262.843790][  T784] usb 2-1: Manufacturer: syz
[  262.848427][  T784] usb 2-1: SerialNumber: syz
[  262.938514][  T784] usb 2-1: config 0 descriptor??
[  262.993707][ T5126] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  263.112963][ T8013] hub 6-0:1.0: USB hub found
[  263.145140][ T8013] hub 6-0:1.0: 1 port detected
[  263.197763][ T5126] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  263.213491][    T9] usb 2-1: USB disconnect, device number 24
[  263.214013][ T5126] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.243735][ T5126] usb 4-1: Product: syz
[  263.247939][ T5126] usb 4-1: Manufacturer: syz
[  263.255749][ T5126] usb 4-1: SerialNumber: syz
[  263.266576][ T5126] usb 4-1: config 0 descriptor??
[  263.500327][ T5131] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  263.515536][ T5209] usb 4-1: USB disconnect, device number 19
[  263.706361][ T5131] usb 3-1: Using ep0 maxpacket: 32
[  263.862247][ T5131] usb 3-1: New USB device found, idVendor=199e, idProduct=8102, bcdDevice=33.4f
[  263.929466][ T5131] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.028825][ T5131] usb 3-1: Product: syz
[  264.093485][ T5131] usb 3-1: Manufacturer: syz
[  264.148632][ T5131] usb 3-1: SerialNumber: syz
[  264.245111][ T5131] usb 3-1: config 0 descriptor??
[  265.136578][ T8041] syz.0.724: attempt to access beyond end of device
[  265.136578][ T8041] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  265.456621][ T4478] Bluetooth: hci1: command 0x0406 tx timeout
[  265.810863][ T8015] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.843128][ T8015] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.859244][ T8037] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  265.925107][   T29] audit: type=1326 audit(1720126934.413:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8045 comm="syz.3.726" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7faafc56cc27 code=0x0
[  266.143737][ T6858] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  266.153822][ T5131] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  266.358267][ T5131] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  266.372580][ T5131] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.383913][ T5131] usb 5-1: config 0 descriptor??
[  266.387993][ T6858] usb 2-1: too many configurations: 65, using maximum allowed: 8
[  266.415593][ T8053] netlink: 80 bytes leftover after parsing attributes in process `syz.0.727'.
[  266.433232][ T6858] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  266.448992][ T6858] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.581292][ T5130] usb 3-1: USB disconnect, device number 21
[  266.801915][ T8055] FAULT_INJECTION: forcing a failure.
[  266.801915][ T8055] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.830656][ T8055] CPU: 1 PID: 8055 Comm: syz.3.728 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  266.840680][ T8055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  266.850742][ T8055] Call Trace:
[  266.854031][ T8055]  <TASK>
[  266.856969][ T8055]  dump_stack_lvl+0x241/0x360
[  266.861662][ T8055]  ? __pfx_dump_stack_lvl+0x10/0x10
[  266.866863][ T8055]  ? __pfx__printk+0x10/0x10
[  266.871474][ T8055]  ? snprintf+0xda/0x120
[  266.875730][ T8055]  should_fail_ex+0x3b0/0x4e0
[  266.880434][ T8055]  _copy_to_user+0x2f/0xb0
[  266.884862][ T8055]  simple_read_from_buffer+0xca/0x150
[  266.890262][ T8055]  proc_fail_nth_read+0x1e9/0x250
[  266.895309][ T8055]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  266.900866][ T8055]  ? rw_verify_area+0x520/0x6b0
[  266.905725][ T8055]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  266.911283][ T8055]  vfs_read+0x204/0xbc0
[  266.915460][ T8055]  ? __pfx_vfs_read+0x10/0x10
[  266.920152][ T8055]  ? __pfx_do_sys_openat2+0x10/0x10
[  266.925370][ T8055]  ksys_read+0x1a0/0x2c0
[  266.929631][ T8055]  ? __pfx_ksys_read+0x10/0x10
[  266.934392][ T8055]  ? do_syscall_64+0x100/0x230
[  266.939175][ T8055]  ? do_syscall_64+0xb6/0x230
[  266.943873][ T8055]  do_syscall_64+0xf3/0x230
[  266.948392][ T8055]  ? clear_bhb_loop+0x35/0x90
[  266.953092][ T8055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.958991][ T8055] RIP: 0033:0x7faafc5746bc
[  266.963415][ T8055] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  266.983027][ T8055] RSP: 002b:00007faafd33d040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  266.991452][ T8055] RAX: ffffffffffffffda RBX: 00007faafc703f60 RCX: 00007faafc5746bc
[  266.999419][ T8055] RDX: 000000000000000f RSI: 00007faafd33d0b0 RDI: 0000000000000004
[  267.007390][ T8055] RBP: 00007faafd33d0a0 R08: 0000000000000000 R09: 0000000000000000
[  267.015361][ T8055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.023325][ T8055] R13: 000000000000000b R14: 00007faafc703f60 R15: 00007ffe71041f88
[  267.031312][ T8055]  </TASK>
[  267.046750][ T8044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.058617][ T8044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.087784][ T6858] usb 2-1: string descriptor 0 read error: -71
[  267.109731][ T6858] usb 2-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  267.117309][ T6858] usb 2-1: No valid video chain found.
[  267.139135][ T6858] usb 2-1: USB disconnect, device number 25
[  267.472303][ T8062] syz.3.729[8062] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  267.472413][ T8062] syz.3.729[8062] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  267.535960][ T8033] netlink: 16 bytes leftover after parsing attributes in process `syz.4.723'.
[  267.757404][ T8033] netlink: 24 bytes leftover after parsing attributes in process `syz.4.723'.
[  267.776504][ T5131] pegasus 5-1:0.0: probe with driver pegasus failed with error -71
[  267.819858][ T5131] usb 5-1: USB disconnect, device number 23
[  268.583359][ T4478] Bluetooth: hci5: unexpected event 0x06 length: 4 > 3
[  268.604811][ T8071] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  268.898235][ T8081] netlink: 4 bytes leftover after parsing attributes in process `syz.2.737'.
[  268.918042][ T8083] FAULT_INJECTION: forcing a failure.
[  268.918042][ T8083] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.981559][ T8083] CPU: 1 PID: 8083 Comm: syz.1.736 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  268.991578][ T8083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  269.001650][ T8083] Call Trace:
[  269.004925][ T8083]  <TASK>
[  269.007872][ T8083]  dump_stack_lvl+0x241/0x360
[  269.012542][ T8083]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.017735][ T8083]  ? __pfx__printk+0x10/0x10
[  269.022340][ T8083]  ? __pfx_lock_release+0x10/0x10
[  269.027357][ T8083]  should_fail_ex+0x3b0/0x4e0
[  269.032118][ T8083]  _copy_from_iter+0x1f6/0x1960
[  269.036971][ T8083]  ? __virt_addr_valid+0x183/0x520
[  269.042116][ T8083]  ? __pfx_lock_release+0x10/0x10
[  269.047153][ T8083]  ? __alloc_skb+0x28f/0x440
[  269.051729][ T8083]  ? __pfx__copy_from_iter+0x10/0x10
[  269.057017][ T8083]  ? __virt_addr_valid+0x183/0x520
[  269.062116][ T8083]  ? __virt_addr_valid+0x183/0x520
[  269.067216][ T8083]  ? __virt_addr_valid+0x44e/0x520
[  269.072310][ T8083]  ? __check_object_size+0x49c/0x900
[  269.077581][ T8083]  netlink_sendmsg+0x743/0xcb0
[  269.082342][ T8083]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.087617][ T8083]  ? __import_iovec+0x536/0x820
[  269.092457][ T8083]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  269.097734][ T8083]  ? security_socket_sendmsg+0x87/0xb0
[  269.103202][ T8083]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.108478][ T8083]  __sock_sendmsg+0x221/0x270
[  269.113139][ T8083]  ____sys_sendmsg+0x525/0x7d0
[  269.117897][ T8083]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.123171][ T8083]  __sys_sendmsg+0x2b0/0x3a0
[  269.127747][ T8083]  ? __pfx___sys_sendmsg+0x10/0x10
[  269.132841][ T8083]  ? vfs_write+0x7c4/0xc90
[  269.137302][ T8083]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  269.143647][ T8083]  ? do_syscall_64+0x100/0x230
[  269.148434][ T8083]  ? do_syscall_64+0xb6/0x230
[  269.153130][ T8083]  do_syscall_64+0xf3/0x230
[  269.157657][ T8083]  ? clear_bhb_loop+0x35/0x90
[  269.162362][ T8083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.168288][ T8083] RIP: 0033:0x7f34ff775bd9
[  269.172701][ T8083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.192309][ T8083] RSP: 002b:00007f35005d3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.200725][ T8083] RAX: ffffffffffffffda RBX: 00007f34ff903f60 RCX: 00007f34ff775bd9
[  269.208693][ T8083] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  269.216656][ T8083] RBP: 00007f35005d30a0 R08: 0000000000000000 R09: 0000000000000000
[  269.224616][ T8083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.232579][ T8083] R13: 000000000000000b R14: 00007f34ff903f60 R15: 00007ffdfaa15e48
[  269.240554][ T8083]  </TASK>
[  269.264530][ T8087] FAULT_INJECTION: forcing a failure.
[  269.264530][ T8087] name failslab, interval 1, probability 0, space 0, times 0
[  269.277431][ T8087] CPU: 0 PID: 8087 Comm: syz.4.739 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  269.287407][ T8087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  269.297462][ T8087] Call Trace:
[  269.300726][ T8087]  <TASK>
[  269.303664][ T8087]  dump_stack_lvl+0x241/0x360
[  269.308345][ T8087]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.313526][ T8087]  ? __pfx__printk+0x10/0x10
[  269.318107][ T8087]  ? __pfx_lock_acquire+0x10/0x10
[  269.323114][ T8087]  ? __sigqueue_alloc+0x2f/0x540
[  269.328041][ T8087]  should_fail_ex+0x3b0/0x4e0
[  269.332709][ T8087]  ? __sigqueue_alloc+0x42e/0x540
[  269.337723][ T8087]  should_failslab+0x9/0x20
[  269.342214][ T8087]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  269.347573][ T8087]  __sigqueue_alloc+0x42e/0x540
[  269.352412][ T8087]  __send_signal_locked+0x22f/0xdc0
[  269.357606][ T8087]  ? __lock_task_sighand+0x29/0x2d0
[  269.362818][ T8087]  group_send_sig_info+0x292/0x310
[  269.367927][ T8087]  ? __pfx_group_send_sig_info+0x10/0x10
[  269.373566][ T8087]  bpf_send_signal_common+0x2dd/0x430
[  269.378941][ T8087]  ? __pfx_bpf_send_signal_common+0x10/0x10
[  269.384834][ T8087]  ? bpf_trace_run2+0x1fc/0x540
[  269.389684][ T8087]  bpf_send_signal_thread+0x16/0x20
[  269.394879][ T8087]  bpf_prog_b7be628660dc1b90+0x22/0x28
[  269.400328][ T8087]  bpf_trace_run2+0x2ec/0x540
[  269.405012][ T8087]  ? __pfx_bpf_trace_run2+0x10/0x10
[  269.410206][ T8087]  ? tomoyo_encode+0x26f/0x540
[  269.414965][ T8087]  ? rcu_is_watching+0x15/0xb0
[  269.419725][ T8087]  ? tomoyo_realpath_from_path+0x5a9/0x5e0
[  269.425525][ T8087]  ? tomoyo_encode+0x26f/0x540
[  269.430281][ T8087]  ? trace_kmalloc+0x1f/0xd0
[  269.434872][ T8087]  ? tomoyo_realpath_from_path+0x5a9/0x5e0
[  269.440675][ T8087]  kfree+0x2bb/0x360
[  269.444569][ T8087]  tomoyo_realpath_from_path+0x5a9/0x5e0
[  269.450204][ T8087]  tomoyo_path_number_perm+0x23a/0x880
[  269.455675][ T8087]  ? tomoyo_path_number_perm+0x208/0x880
[  269.461304][ T8087]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  269.467313][ T8087]  ? __fget_files+0x29/0x470
[  269.471894][ T8087]  ? __fget_files+0x3f6/0x470
[  269.476562][ T8087]  ? __fget_files+0x29/0x470
[  269.481149][ T8087]  security_file_ioctl+0x75/0xb0
[  269.486081][ T8087]  __se_sys_ioctl+0x47/0x170
[  269.490671][ T8087]  do_syscall_64+0xf3/0x230
[  269.495177][ T8087]  ? clear_bhb_loop+0x35/0x90
[  269.499858][ T8087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.505748][ T8087] RIP: 0033:0x7fb515575bd9
[  269.510157][ T8087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.529772][ T8087] RSP: 002b:00007fb5162e3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  269.538183][ T8087] RAX: ffffffffffffffda RBX: 00007fb515703f60 RCX: 00007fb515575bd9
[  269.546236][ T8087] RDX: 0000000020000240 RSI: 00000000400448de RDI: 0000000000000006
[  269.554198][ T8087] RBP: 00007fb5162e30a0 R08: 0000000000000000 R09: 0000000000000000
[  269.562157][ T8087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.570116][ T8087] R13: 000000000000000b R14: 00007fb515703f60 R15: 00007ffc1c963cc8
[  269.578093][ T8087]  </TASK>
[  269.612799][ T8088] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  269.813678][ T8091] netlink: 80 bytes leftover after parsing attributes in process `syz.1.740'.
[  270.344029][ T5130] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  270.626892][ T5130] usb 3-1: too many configurations: 65, using maximum allowed: 8
[  270.877455][ T5130] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  270.907096][ T5130] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.984567][ T8106] netlink: 'syz.4.746': attribute type 10 has an invalid length.
[  271.005984][ T8111] cgroup: noprefix used incorrectly
[  271.016977][ T8106] 8021q: adding VLAN 0 to HW filter on device team0
[  271.037487][ T8106] bond0: (slave team0): Enslaving as an active interface with an up link
[  271.141802][ T8118] FAULT_INJECTION: forcing a failure.
[  271.141802][ T8118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.163036][ T8116] can0: slcan on ttyS3.
[  271.173563][ T8118] CPU: 1 PID: 8118 Comm: syz.4.750 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  271.183660][ T8118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  271.193710][ T8118] Call Trace:
[  271.196984][ T8118]  <TASK>
[  271.199906][ T8118]  dump_stack_lvl+0x241/0x360
[  271.204589][ T8118]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.209788][ T8118]  ? __pfx__printk+0x10/0x10
[  271.214378][ T8118]  ? snprintf+0xda/0x120
[  271.218617][ T8118]  should_fail_ex+0x3b0/0x4e0
[  271.223295][ T8118]  _copy_to_user+0x2f/0xb0
[  271.227708][ T8118]  simple_read_from_buffer+0xca/0x150
[  271.233081][ T8118]  proc_fail_nth_read+0x1e9/0x250
[  271.238105][ T8118]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  271.243646][ T8118]  ? rw_verify_area+0x520/0x6b0
[  271.248502][ T8118]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  271.254061][ T8118]  vfs_read+0x204/0xbc0
[  271.258214][ T8118]  ? __pfx_lock_release+0x10/0x10
[  271.263227][ T8118]  ? fd_install+0x9c/0x5d0
[  271.267637][ T8118]  ? __pfx_vfs_read+0x10/0x10
[  271.272312][ T8118]  ? __fget_files+0x29/0x470
[  271.276899][ T8118]  ? __fget_files+0x3f6/0x470
[  271.281577][ T8118]  ksys_read+0x1a0/0x2c0
[  271.285825][ T8118]  ? __pfx_ksys_read+0x10/0x10
[  271.290585][ T8118]  ? do_syscall_64+0x100/0x230
[  271.295351][ T8118]  ? do_syscall_64+0xb6/0x230
[  271.300026][ T8118]  do_syscall_64+0xf3/0x230
[  271.304526][ T8118]  ? clear_bhb_loop+0x35/0x90
[  271.309202][ T8118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.315087][ T8118] RIP: 0033:0x7fb5155746bc
[  271.319495][ T8118] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  271.339094][ T8118] RSP: 002b:00007fb5162e3040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  271.347502][ T8118] RAX: ffffffffffffffda RBX: 00007fb515703f60 RCX: 00007fb5155746bc
[  271.355468][ T8118] RDX: 000000000000000f RSI: 00007fb5162e30b0 RDI: 0000000000000003
[  271.363430][ T8118] RBP: 00007fb5162e30a0 R08: 0000000000000000 R09: 0000000000000000
[  271.371390][ T8118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.379368][ T8118] R13: 000000000000000b R14: 00007fb515703f60 R15: 00007ffc1c963cc8
[  271.387345][ T8118]  </TASK>
[  271.495024][ T8116] can0 (unregistered): slcan off ttyS3.
[  271.640782][ T8099] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  271.666729][ T8099] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  271.669251][ T8124] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  271.772108][ T5130] usb 3-1: string descriptor 0 read error: -71
[  271.785541][ T5130] usb 3-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  271.851316][ T5130] usb 3-1: No valid video chain found.
[  271.887069][ T5130] usb 3-1: USB disconnect, device number 22
[  271.917740][ T8129] netlink: 80 bytes leftover after parsing attributes in process `syz.0.752'.
[  272.053794][  T784] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  272.235554][  T784] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  272.247681][  T784] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  272.266995][  T784] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  272.277178][  T784] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.287060][  T784] usb 4-1: Product: syz
[  272.291442][  T784] usb 4-1: Manufacturer: syz
[  272.298726][  T784] usb 4-1: SerialNumber: syz
[  272.317595][  T784] cdc_ncm 4-1:1.0: skipping garbage
[  272.373762][ T5126] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  272.570469][ T5126] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  272.669241][ T5126] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  272.716412][ T5126] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  272.725615][ T4478] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  272.725722][ T4478] Bluetooth: hci4: Injecting HCI hardware error event
[  272.727501][   T53] Bluetooth: hci4: hardware error 0x00
[  272.768466][ T8141] syz.2.755[8141] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  272.768658][ T8141] syz.2.755[8141] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  272.803119][ T5126] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.910319][ T5126] usb 2-1: Product: syz
[  272.939678][ T5126] usb 2-1: Manufacturer: syz
[  272.961911][ T5126] usb 2-1: SerialNumber: syz
[  273.020921][ T5126] cdc_ncm 2-1:1.0: skipping garbage
[  273.065858][  T784] cdc_ncm 4-1:1.0: failed GET_NTB_PARAMETERS
[  273.075318][  T784] cdc_ncm 4-1:1.0: bind() failure
[  273.087982][  T784] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  273.098259][  T784] cdc_ncm 4-1:1.1: bind() failure
[  273.109532][  T784] usb 4-1: USB disconnect, device number 20
[  274.289837][ T5126] cdc_ncm 2-1:1.0: bind() failure
[  274.308761][ T5126] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  274.332885][ T5126] cdc_ncm 2-1:1.1: bind() failure
[  274.352150][ T5126] usb 2-1: USB disconnect, device number 26
[  274.440031][ T8156] cgroup: noprefix used incorrectly
[  274.582138][ T8163] can0: slcan on ttyS3.
[  274.695211][ T8156] can0 (unregistered): slcan off ttyS3.
[  274.803901][   T53] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  274.855931][ T5126] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  274.906502][ T8167] veth0_macvtap: entered allmulticast mode
[  274.962049][ T8172] netlink: 80 bytes leftover after parsing attributes in process `syz.2.767'.
[  275.044401][ T5126] usb 4-1: too many configurations: 65, using maximum allowed: 8
[  275.071183][ T5126] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  275.089210][ T5126] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.530883][ T8165] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.542587][ T8165] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.559111][ T5126] usb 4-1: string descriptor 0 read error: -71
[  275.567017][ T5126] usb 4-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  275.574120][ T5130] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  275.581809][ T5126] usb 4-1: No valid video chain found.
[  275.592456][ T5126] usb 4-1: USB disconnect, device number 21
[  275.614189][ T8175] veth0_macvtap: left allmulticast mode
[  275.776663][ T5130] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  275.792094][ T5130] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  275.840729][ T5130] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  275.850289][ T5130] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.859844][ T5130] usb 1-1: Product: syz
[  275.866787][ T5130] usb 1-1: Manufacturer: syz
[  275.871414][ T5130] usb 1-1: SerialNumber: syz
[  275.887402][ T5130] cdc_ncm 1-1:1.0: skipping garbage
[  276.204189][ T8193] Bluetooth: MGMT ver 1.22
[  276.364348][ T5130] cdc_ncm 1-1:1.0: bind() failure
[  276.384709][ T5130] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[  276.400413][ T5130] usb 1-1: USB disconnect, device number 25
[  276.451489][ T8197] syz.3.776 (8197): attempted to duplicate a private mapping with mremap.  This is not supported.
[  277.223717][    T9] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  277.253042][ T8213] syz.2.777[8213] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  277.253237][ T8213] syz.2.777[8213] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  277.437723][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  277.471354][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  277.480731][    T9] usb 2-1: config 1 has no interface number 0
[  277.493703][    T9] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.533674][    T9] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  277.542827][    T9] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  277.576781][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  277.594519][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.623444][    T9] usb 2-1: Product: syz
[  277.640811][    T9] usb 2-1: Manufacturer: syz
[  277.657286][    T9] usb 2-1: SerialNumber: syz
[  278.022154][ T8233] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  278.193840][ T5127] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  278.286173][ T8207] netlink: 168 bytes leftover after parsing attributes in process `syz.1.778'.
[  278.296577][ T8207] netlink: 'syz.1.778': attribute type 2 has an invalid length.
[  278.304577][ T8207] netlink: 60 bytes leftover after parsing attributes in process `syz.1.778'.
[  278.315686][ T5126] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  278.394417][ T5127] usb 1-1: too many configurations: 65, using maximum allowed: 8
[  278.437462][ T5127] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  278.448867][ T5127] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.505821][ T5126] usb 4-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  278.523776][ T5126] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.538527][ T5126] usb 4-1: config 0 descriptor??
[  278.734946][    T9] cdc_ncm 2-1:1.1: bind() failure
[  278.744074][    T9] usb 2-1: USB disconnect, device number 27
[  278.878423][ T8232] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  278.887326][ T8232] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  278.906458][ T5127] usb 1-1: string descriptor 0 read error: -71
[  278.913489][ T5127] usb 1-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  278.920699][ T5127] usb 1-1: No valid video chain found.
[  278.929117][ T5127] usb 1-1: USB disconnect, device number 26
[  279.631921][ T8252] Cannot find add_set index 0 as target
[  279.659228][ T8228] netlink: 16 bytes leftover after parsing attributes in process `syz.3.783'.
[  279.679144][ T8228] netlink: 24 bytes leftover after parsing attributes in process `syz.3.783'.
[  279.730132][ T5126] pegasus 4-1:0.0: probe with driver pegasus failed with error -71
[  279.745683][ T5126] usb 4-1: USB disconnect, device number 22
[  279.843837][    T9] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  280.058244][    T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  280.087495][    T9] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  280.136783][    T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  280.170138][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.200704][    T9] usb 3-1: Product: syz
[  280.209761][    T9] usb 3-1: Manufacturer: syz
[  280.221598][    T9] usb 3-1: SerialNumber: syz
[  280.269845][    T9] cdc_ncm 3-1:1.0: skipping garbage
[  280.549777][    T9] cdc_ncm 3-1:1.0: bind() failure
[  280.552989][    T9] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  280.553033][    T9] cdc_ncm 3-1:1.1: bind() failure
[  280.565321][    T9] usb 3-1: USB disconnect, device number 23
[  281.215910][ T8271] syz.3.796[8271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  281.224712][ T8271] syz.3.796[8271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  281.600798][ T8274] netlink: 'syz.2.797': attribute type 48 has an invalid length.
[  281.714996][ T8271] pty pty26: ldisc open failed (-12), clearing slot 26
[  281.843884][   T53] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  281.853922][   T53] Bluetooth: hci5: Injecting HCI hardware error event
[  281.862760][ T4478] Bluetooth: hci5: hardware error 0x00
[  281.994639][ T8286] fuse: Unknown parameter '0x0000000000000004'
[  282.133777][ T5130] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  282.235245][ T8289] FAULT_INJECTION: forcing a failure.
[  282.235245][ T8289] name failslab, interval 1, probability 0, space 0, times 0
[  282.249927][ T8289] CPU: 0 PID: 8289 Comm: syz.3.802 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  282.259931][ T8289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  282.269977][ T8289] Call Trace:
[  282.273248][ T8289]  <TASK>
[  282.276200][ T8289]  dump_stack_lvl+0x241/0x360
[  282.280873][ T8289]  ? __pfx_dump_stack_lvl+0x10/0x10
[  282.286075][ T8289]  ? __pfx__printk+0x10/0x10
[  282.290698][ T8289]  should_fail_ex+0x3b0/0x4e0
[  282.295400][ T8289]  ? subflow_ulp_init+0xcb/0x560
[  282.300384][ T8289]  should_failslab+0x9/0x20
[  282.304886][ T8289]  kmalloc_trace_noprof+0x6c/0x2c0
[  282.310019][ T8289]  ? do_syscall_64+0xf3/0x230
[  282.314712][ T8289]  subflow_ulp_init+0xcb/0x560
[  282.319471][ T8289]  tcp_set_ulp+0x537/0x5f0
[  282.323892][ T8289]  mptcp_subflow_create_socket+0x761/0xdf0
[  282.329711][ T8289]  ? look_up_lock_class+0x77/0x160
[  282.334395][ T5130] usb 2-1: too many configurations: 65, using maximum allowed: 8
[  282.334834][ T8289]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  282.348870][ T8289]  ? __pfx_register_lock_class+0x10/0x10
[  282.354535][ T8289]  ? mark_lock+0x9a/0x350
[  282.356651][ T5130] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  282.358870][ T8289]  __mptcp_nmpc_sk+0x178/0x800
[  282.358899][ T8289]  ? __lock_acquire+0x1346/0x1fd0
[  282.372767][ T5130] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.377657][ T8289]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[  282.377693][ T8289]  mptcp_connect+0x6f/0x920
[  282.377717][ T8289]  ? mark_lock+0x9a/0x350
[  282.377741][ T8289]  __inet_stream_connect+0x262/0xf30
[  282.377765][ T8289]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  282.377790][ T8289]  ? __local_bh_enable_ip+0x168/0x200
[  282.377807][ T8289]  ? lockdep_hardirqs_on+0x99/0x150
[  282.377829][ T8289]  ? __pfx___inet_stream_connect+0x10/0x10
[  282.377847][ T8289]  ? __local_bh_enable_ip+0x168/0x200
[  282.433281][ T8289]  ? inet_stream_connect+0x50/0xa0
[  282.438407][ T8289]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  282.444154][ T8289]  inet_stream_connect+0x65/0xa0
[  282.449107][ T8289]  __sys_connect+0x2df/0x310
[  282.453716][ T8289]  ? __pfx___sys_connect+0x10/0x10
[  282.458858][ T8289]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  282.465189][ T8289]  ? do_syscall_64+0x100/0x230
[  282.469968][ T8289]  __x64_sys_connect+0x7a/0x90
[  282.474751][ T8289]  do_syscall_64+0xf3/0x230
[  282.479270][ T8289]  ? clear_bhb_loop+0x35/0x90
[  282.483959][ T8289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.489870][ T8289] RIP: 0033:0x7faafc575bd9
[  282.494299][ T8289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.513927][ T8289] RSP: 002b:00007faafd31c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  282.522362][ T8289] RAX: ffffffffffffffda RBX: 00007faafc704038 RCX: 00007faafc575bd9
[  282.530345][ T8289] RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003
[  282.538337][ T8289] RBP: 00007faafd31c0a0 R08: 0000000000000000 R09: 0000000000000000
[  282.546328][ T8289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.554323][ T8289] R13: 000000000000006e R14: 00007faafc704038 R15: 00007ffe71041f88
[  282.562323][ T8289]  </TASK>
[  282.580587][ T5209] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  282.608627][ T8291] cgroup: No subsys list or none specified
[  282.618075][ T8291] netlink: 592 bytes leftover after parsing attributes in process `syz.2.803'.
[  282.769144][ T5209] usb 1-1: Using ep0 maxpacket: 16
[  282.776044][ T5209] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  282.792658][ T5209] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  282.800519][ T8284] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  282.805010][ T5209] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  282.811628][ T8284] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.823630][ T5209] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.840859][ T5130] usb 2-1: string descriptor 0 read error: -71
[  282.843572][ T5209] usb 1-1: config 0 descriptor??
[  282.848838][ T5130] usb 2-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  282.859952][ T5130] usb 2-1: No valid video chain found.
[  282.867410][ T5130] usb 2-1: USB disconnect, device number 28
[  282.953725][ T6858] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  283.077779][ T5209] usbhid 1-1:0.0: can't add hid device: -71
[  283.084099][ T5209] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  283.093412][ T5209] usb 1-1: USB disconnect, device number 27
[  283.160091][ T6858] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  283.175943][ T6858] usb 3-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=39.78
[  283.191320][ T6858] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.199700][ T6858] usb 3-1: Product: syz
[  283.208892][ T6858] usb 3-1: Manufacturer: syz
[  283.213523][ T6858] usb 3-1: SerialNumber: syz
[  283.225140][ T6858] usb 3-1: config 0 descriptor??
[  283.241716][ T6858] usbtest 3-1:0.0: couldn't get endpoints, -22
[  283.248315][ T6858] usbtest 3-1:0.0: probe with driver usbtest failed with error -22
[  283.934058][ T4478] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  285.651356][ T8338] syz.3.817 (8338): drop_caches: 2
[  285.736036][ T4478] Bluetooth: hci1: unknown advertising packet type: 0x65
[  285.736081][ T4478] Bluetooth: hci1: unknown advertising packet type: 0x09
[  285.743314][ T4478] Bluetooth: hci1: unknown advertising packet type: 0x05
[  285.750585][ T4478] Bluetooth: hci1: Malformed LE Event: 0x02
[  285.836423][ T5130] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  286.028004][ T8349] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  286.086486][ T8352] FAULT_INJECTION: forcing a failure.
[  286.086486][ T8352] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  286.101785][ T8352] CPU: 1 PID: 8352 Comm: syz.3.822 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  286.111813][ T8352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  286.121979][ T8352] Call Trace:
[  286.125273][ T8352]  <TASK>
[  286.128213][ T8352]  dump_stack_lvl+0x241/0x360
[  286.132907][ T8352]  ? __pfx_dump_stack_lvl+0x10/0x10
[  286.138114][ T8352]  ? __pfx__printk+0x10/0x10
[  286.142738][ T8352]  ? snprintf+0xda/0x120
[  286.146990][ T8352]  should_fail_ex+0x3b0/0x4e0
[  286.151673][ T8352]  _copy_to_user+0x2f/0xb0
[  286.156122][ T8352]  simple_read_from_buffer+0xca/0x150
[  286.161499][ T8352]  proc_fail_nth_read+0x1e9/0x250
[  286.166525][ T8352]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  286.172065][ T8352]  ? rw_verify_area+0x520/0x6b0
[  286.176919][ T8352]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  286.182513][ T8352]  vfs_read+0x204/0xbc0
[  286.186688][ T8352]  ? __pfx_lock_release+0x10/0x10
[  286.191715][ T8352]  ? __pfx_vfs_read+0x10/0x10
[  286.196389][ T8352]  ? __fget_files+0x29/0x470
[  286.200975][ T8352]  ? __fget_files+0x3f6/0x470
[  286.205655][ T8352]  ksys_read+0x1a0/0x2c0
[  286.209903][ T8352]  ? __pfx_ksys_read+0x10/0x10
[  286.214663][ T8352]  ? do_syscall_64+0x100/0x230
[  286.219426][ T8352]  ? do_syscall_64+0xb6/0x230
[  286.224152][ T8352]  do_syscall_64+0xf3/0x230
[  286.228651][ T8352]  ? clear_bhb_loop+0x35/0x90
[  286.233324][ T8352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.239215][ T8352] RIP: 0033:0x7faafc5746bc
[  286.243648][ T8352] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  286.263247][ T8352] RSP: 002b:00007faafd33d040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  286.271692][ T8352] RAX: ffffffffffffffda RBX: 00007faafc703f60 RCX: 00007faafc5746bc
[  286.279657][ T8352] RDX: 000000000000000f RSI: 00007faafd33d0b0 RDI: 0000000000000006
[  286.287617][ T8352] RBP: 00007faafd33d0a0 R08: 0000000000000000 R09: 0000000000000000
[  286.295580][ T8352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  286.303543][ T8352] R13: 000000000000000b R14: 00007faafc703f60 R15: 00007ffe71041f88
[  286.311523][ T8352]  </TASK>
[  286.323711][ T5130] usb 1-1: Using ep0 maxpacket: 32
[  286.345865][ T5130] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.08
[  286.355416][ T5130] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.371207][ T5130] usb 1-1: Product: syz
[  286.398867][ T5130] usb 1-1: Manufacturer: syz
[  286.427532][ T5130] usb 1-1: SerialNumber: syz
[  286.469477][ T5130] usb 1-1: config 0 descriptor??
[  286.482749][ T5130] go7007 1-1:0.0: probe with driver go7007 failed with error -12
[  286.507972][ T5209] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  286.558047][ T6858] usb 3-1: USB disconnect, device number 24
[  286.734581][ T5127] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  286.843940][ T5130] usb 1-1: USB disconnect, device number 28
[  286.983723][ T5127] usb 4-1: device descriptor read/64, error -71
[  287.263776][ T5127] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  287.264442][ T5209] usb 5-1: too many configurations: 65, using maximum allowed: 8
[  287.290033][ T5209] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  287.299210][ T5209] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.427749][ T5127] usb 4-1: device descriptor read/64, error -71
[  287.452262][ T8365] netlink: 4 bytes leftover after parsing attributes in process `syz.0.825'.
[  287.556830][ T5127] usb usb4-port1: attempt power cycle
[  287.735651][ T8342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  287.750453][ T8342] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  287.771451][ T5209] usb 5-1: string descriptor 0 read error: -71
[  287.779591][ T5209] usb 5-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  287.791134][ T5209] usb 5-1: No valid video chain found.
[  287.807073][ T5209] usb 5-1: USB disconnect, device number 24
[  287.983828][ T5127] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  288.024322][ T5127] usb 4-1: device descriptor read/8, error -71
[  288.044119][ T6858] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  288.249340][ T6858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  288.260454][ T6858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  288.270352][ T6858] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  288.285647][ T6858] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  288.293852][ T5127] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  288.294871][ T6858] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.334030][ T6858] usb 1-1: config 0 descriptor??
[  288.334416][ T5127] usb 4-1: device descriptor read/8, error -71
[  288.466586][ T5127] usb usb4-port1: unable to enumerate USB device
[  288.749163][ T6858] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  288.757263][ T6858] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  288.776028][ T6858] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  288.798574][ T6858] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  289.900106][ T8378] netlink: 64 bytes leftover after parsing attributes in process `syz.0.830'.
[  289.999678][ T5126] usb 1-1: USB disconnect, device number 29
[  290.715219][ T8402] netlink: 80 bytes leftover after parsing attributes in process `syz.4.836'.
[  290.947471][    T9] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  291.133885][    T9] usb 4-1: Using ep0 maxpacket: 32
[  291.152602][    T9] usb 4-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.08
[  291.165903][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.179150][    T9] usb 4-1: Product: syz
[  291.183544][    T9] usb 4-1: Manufacturer: syz
[  291.211646][    T9] usb 4-1: SerialNumber: syz
[  291.239402][    T9] usb 4-1: config 0 descriptor??
[  291.250799][    T9] go7007 4-1:0.0: probe with driver go7007 failed with error -12
[  291.343740][ T6858] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  291.482411][ T5126] usb 4-1: USB disconnect, device number 27
[  291.571988][ T6858] usb 3-1: too many configurations: 65, using maximum allowed: 8
[  291.610658][ T6858] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  291.620090][ T6858] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.121032][ T8416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.134098][ T8416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.180528][ T6858] usb 3-1: string descriptor 0 read error: -71
[  293.191709][ T6858] usb 3-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  293.203753][ T6858] usb 3-1: No valid video chain found.
[  293.212603][ T6858] usb 3-1: USB disconnect, device number 25
[  293.484210][    T9] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  293.623829][ T5127] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  293.705498][    T9] usb 4-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af
[  293.723736][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.747449][    T9] usb 4-1: config 0 descriptor??
[  293.762387][    T9] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  293.818699][ T5127] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  293.853939][ T5127] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  293.885658][ T5127] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  293.902165][ T5127] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  293.914946][ T5127] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.925643][ T5127] usb 2-1: config 0 descriptor??
[  294.125332][    T9] gspca_sonixj: reg_r err -32
[  294.130122][    T9] sonixj 4-1:0.0: probe with driver sonixj failed with error -32
[  294.875300][ T8438] netlink: 64 bytes leftover after parsing attributes in process `syz.1.848'.
[  294.928044][    T9] usb 4-1: USB disconnect, device number 28
[  294.985783][ T5127] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  294.993235][ T5127] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  295.003966][ T5127] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[  295.016546][ T5127] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  295.036304][ T5127] usb 2-1: USB disconnect, device number 29
[  296.453753][    T9] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  296.524642][ T8496] netlink: 20 bytes leftover after parsing attributes in process `syz.2.864'.
[  296.655963][    T9] usb 2-1: too many configurations: 65, using maximum allowed: 8
[  296.680706][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  296.690260][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.130423][ T8480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.142652][ T8480] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.150899][ T8501] netlink: 80 bytes leftover after parsing attributes in process `syz.4.866'.
[  297.169698][    T9] usb 2-1: string descriptor 0 read error: -71
[  297.176041][    T9] usb 2-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  297.182922][    T9] usb 2-1: No valid video chain found.
[  297.193375][    T9] usb 2-1: USB disconnect, device number 30
[  297.575636][  T932] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  298.504090][  T932] usb 3-1: Using ep0 maxpacket: 16
[  298.524343][  T932] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  298.554299][  T932] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  298.581345][  T932] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  298.601094][  T932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.611914][  T932] usb 3-1: config 0 descriptor??
[  298.874108][ T8535] fuse: Unknown parameter 'fd0x0000000000000004'
[  299.000950][ T8540] FAULT_INJECTION: forcing a failure.
[  299.000950][ T8540] name failslab, interval 1, probability 0, space 0, times 0
[  299.016348][ T8540] CPU: 1 PID: 8540 Comm: syz.0.879 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  299.026380][ T8540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  299.036550][ T8540] Call Trace:
[  299.039847][ T8540]  <TASK>
[  299.042793][ T8540]  dump_stack_lvl+0x241/0x360
[  299.047500][ T8540]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.052733][ T8540]  ? __pfx__printk+0x10/0x10
[  299.057357][ T8540]  ? __pfx___might_resched+0x10/0x10
[  299.062761][ T8540]  should_fail_ex+0x3b0/0x4e0
[  299.067466][ T8540]  ? io_ring_ctx_alloc+0x54/0x1810
[  299.072626][ T8540]  should_failslab+0x9/0x20
[  299.077140][ T8540]  kmalloc_trace_noprof+0x6c/0x2c0
[  299.082256][ T8540]  ? __pfx___might_resched+0x10/0x10
[  299.087545][ T8540]  io_ring_ctx_alloc+0x54/0x1810
[  299.092614][ T8540]  ? __mutex_unlock_slowpath+0x21d/0x750
[  299.098246][ T8540]  io_uring_create+0x2c0/0x12e0
[  299.103102][ T8540]  __se_sys_io_uring_setup+0x2ba/0x330
[  299.108562][ T8540]  ? __pfx___se_sys_io_uring_setup+0x10/0x10
[  299.114549][ T8540]  ? do_syscall_64+0x100/0x230
[  299.119321][ T8540]  ? do_syscall_64+0xb6/0x230
[  299.123996][ T8540]  do_syscall_64+0xf3/0x230
[  299.128496][ T8540]  ? clear_bhb_loop+0x35/0x90
[  299.133177][ T8540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.139067][ T8540] RIP: 0033:0x7f383f575bd9
[  299.143473][ T8540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.163075][ T8540] RSP: 002b:00007f3840364fd8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  299.171487][ T8540] RAX: ffffffffffffffda RBX: 00007f383f704038 RCX: 00007f383f575bd9
[  299.179461][ T8540] RDX: 0000000020000280 RSI: 0000000020000080 RDI: 0000000000001f87
[  299.187423][ T8540] RBP: 0000000020000080 R08: 0000000000000000 R09: 0000000020000280
[  299.195391][ T8540] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  299.203355][ T8540] R13: 0000000020000040 R14: 0000000000001f87 R15: 0000000020000280
[  299.211346][ T8540]  </TASK>
[  299.293826][ T5209] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  299.506932][ T5209] usb 2-1: Using ep0 maxpacket: 16
[  299.519164][  T932] usbhid 3-1:0.0: can't add hid device: -71
[  299.535338][ T5209] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  299.548225][ T8549] FAULT_INJECTION: forcing a failure.
[  299.548225][ T8549] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.554594][  T932] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  299.576397][ T5209] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  299.603975][ T5209] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  299.616403][  T932] usb 3-1: USB disconnect, device number 26
[  299.621834][ T8549] CPU: 1 PID: 8549 Comm: syz.2.881 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  299.632390][ T8549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  299.642707][ T8549] Call Trace:
[  299.645975][ T8549]  <TASK>
[  299.648889][ T8549]  dump_stack_lvl+0x241/0x360
[  299.653555][ T8549]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.658745][ T8549]  ? __pfx__printk+0x10/0x10
[  299.663320][ T8549]  ? __pfx_lock_release+0x10/0x10
[  299.668332][ T8549]  should_fail_ex+0x3b0/0x4e0
[  299.673001][ T8549]  _copy_from_user+0x2f/0xe0
[  299.677591][ T8549]  copy_msghdr_from_user+0xae/0x680
[  299.682818][ T8549]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  299.686492][ T5209] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.688642][ T8549]  __sys_sendmsg+0x23d/0x3a0
[  299.701211][ T8549]  ? __pfx___sys_sendmsg+0x10/0x10
[  299.706346][ T8549]  ? vfs_write+0x7c4/0xc90
[  299.710829][ T8549]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  299.715695][ T5209] usb 2-1: config 0 descriptor??
[  299.717157][ T8549]  ? do_syscall_64+0x100/0x230
[  299.717192][ T8549]  ? do_syscall_64+0xb6/0x230
[  299.731627][ T8549]  do_syscall_64+0xf3/0x230
[  299.736159][ T8549]  ? clear_bhb_loop+0x35/0x90
[  299.740862][ T8549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.746776][ T8549] RIP: 0033:0x7f406ff75bd9
[  299.751201][ T8549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.770824][ T8549] RSP: 002b:00007f4070c8f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  299.779262][ T8549] RAX: ffffffffffffffda RBX: 00007f4070103f60 RCX: 00007f406ff75bd9
[  299.787263][ T8549] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  299.795260][ T8549] RBP: 00007f4070c8f0a0 R08: 0000000000000000 R09: 0000000000000000
[  299.803247][ T8549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.811233][ T8549] R13: 000000000000000b R14: 00007f4070103f60 R15: 00007ffff78142f8
[  299.819251][ T8549]  </TASK>
[  299.986349][ T5209] usbhid 2-1:0.0: can't add hid device: -71
[  300.002735][ T5209] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  300.037169][ T5209] usb 2-1: USB disconnect, device number 31
[  300.072721][ T8560] netlink: 48 bytes leftover after parsing attributes in process `syz.2.883'.
[  300.374578][  T932] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  300.567979][  T932] usb 4-1: too many configurations: 65, using maximum allowed: 8
[  300.604048][  T932] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  300.621172][  T932] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.811101][  T784] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  300.996773][  T784] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  301.025532][  T784] usb 5-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=39.78
[  301.038513][  T784] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.053434][  T784] usb 5-1: Product: syz
[  301.059832][  T784] usb 5-1: Manufacturer: syz
[  301.066228][  T784] usb 5-1: SerialNumber: syz
[  301.076387][ T8552] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  301.101000][ T8552] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  301.115120][  T784] usb 5-1: config 0 descriptor??
[  301.128316][  T784] usbtest 5-1:0.0: couldn't get endpoints, -22
[  301.142952][  T784] usbtest 5-1:0.0: probe with driver usbtest failed with error -22
[  301.164832][  T932] usb 4-1: string descriptor 0 read error: -71
[  301.177694][  T932] usb 4-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  301.187050][  T932] usb 4-1: No valid video chain found.
[  301.206819][  T932] usb 4-1: USB disconnect, device number 29
[  301.881050][ T4478] Bluetooth: hci3: unknown advertising packet type: 0x65
[  301.881079][ T4478] Bluetooth: hci3: unknown advertising packet type: 0x09
[  301.888426][ T4478] Bluetooth: hci3: unknown advertising packet type: 0x05
[  301.896021][ T4478] Bluetooth: hci3: unknown advertising packet type: 0x25
[  301.903160][ T4478] Bluetooth: hci3: Malformed LE Event: 0x02
[  302.125048][   T45] usb 5-1: USB disconnect, device number 25
[  302.988854][ T8616] syz.2.899[8616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  302.988991][ T8616] syz.2.899[8616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  303.058726][ T8620] pim6reg1: entered promiscuous mode
[  303.100878][ T8620] pim6reg1: entered allmulticast mode
[  305.470173][   T29] audit: type=1326 audit(1720126973.963:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8613 comm="syz.0.898" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f383f575bd9 code=0x0
[  305.827001][ T8663] input: syz1 as /devices/virtual/input/input8
[  306.034513][ T8663] netlink: 'syz.3.907': attribute type 8 has an invalid length.
[  306.273113][ T8681] netlink: 'syz.0.914': attribute type 10 has an invalid length.
[  306.842682][ T8695] 9pnet_fd: Insufficient options for proto=fd
[  310.013591][    C1] sched: RT throttling activated
[  311.035254][ T8732] input: syz1 as /devices/virtual/input/input9
[  314.542193][ T4478] Bluetooth: hci1: unexpected event 0x06 length: 23 > 3
[  315.143974][ T8768] netlink: 32 bytes leftover after parsing attributes in process `syz.2.943'.
[  315.575519][ T8772] netlink: 68 bytes leftover after parsing attributes in process `syz.0.944'.
[  315.699241][ T8781] netlink: 44 bytes leftover after parsing attributes in process `syz.3.946'.
[  315.711181][ T8781] netlink: 4 bytes leftover after parsing attributes in process `syz.3.946'.
[  316.533885][ T5126] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  316.828064][ T8800] ------------[ cut here ]------------
[  316.834117][ T8800] WARNING: CPU: 1 PID: 8800 at net/mac80211/chan.c:501 _ieee80211_change_chanctx+0x34b/0x1240
[  316.844443][ T8800] Modules linked in:
[  316.848354][ T8800] CPU: 1 PID: 8800 Comm: syz.1.950 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  316.858380][ T8800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  316.868540][ T8800] RIP: 0010:_ieee80211_change_chanctx+0x34b/0x1240
[  316.875170][ T8800] Code: 05 74 1a 83 fd 0d 75 1c e8 72 c8 98 f6 eb 25 e8 6b c8 98 f6 eb 1e e8 64 c8 98 f6 eb 17 e8 5d c8 98 f6 eb 10 e8 56 c8 98 f6 90 <0f> 0b 90 eb 05 e8 4b c8 98 f6 48 8b 2c 24 4c 89 7c 24 60 4c 89 ff
[  316.895290][ T8800] RSP: 0018:ffffc9000e566ba8 EFLAGS: 00010283
[  316.901470][ T8800] RAX: ffffffff8afd5e0a RBX: ffff88807e6ab0f6 RCX: 0000000000040000
[  316.909688][ T8800] RDX: ffffc90012c9c000 RSI: 00000000000008b5 RDI: 00000000000008b6
[  316.918461][ T8800] RBP: 0000000000000006 R08: 0000000000000005 R09: ffffffff8afd5daf
[  316.927146][ T8800] R10: 0000000000000007 R11: ffff888020e70000 R12: dffffc0000000000
[  316.935310][ T8800] R13: ffff88807e6ab000 R14: ffff88807e6ab000 R15: ffff888071c30e20
[  316.944736][ T8800] FS:  00007f35005916c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  316.954082][ T8800] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  316.960872][ T8800] CR2: 000000110c2cc8fe CR3: 000000002b1ca000 CR4: 00000000003526f0
[  316.969000][ T8800] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  316.977102][ T8800] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  316.985225][ T8800] Call Trace:
[  316.988570][ T8800]  <TASK>
[  316.991555][ T8800]  ? __warn+0x163/0x4e0
[  316.995862][ T8800]  ? _ieee80211_change_chanctx+0x34b/0x1240
[  317.001785][ T8800]  ? report_bug+0x2b3/0x500
[  317.006435][ T8800]  ? _ieee80211_change_chanctx+0x34b/0x1240
[  317.012412][ T8800]  ? handle_bug+0x3e/0x70
[  317.016894][ T8800]  ? exc_invalid_op+0x1a/0x50
[  317.023001][ T8800]  ? asm_exc_invalid_op+0x1a/0x20
[  317.028224][ T8800]  ? _ieee80211_change_chanctx+0x2ef/0x1240
[  317.034260][ T8800]  ? _ieee80211_change_chanctx+0x34a/0x1240
[  317.040235][ T8800]  ? _ieee80211_change_chanctx+0x34b/0x1240
[  317.046718][ T8800]  ? _ieee80211_change_chanctx+0x34a/0x1240
[  317.053183][ T8800]  ieee80211_recalc_chanctx_chantype+0xf27/0xfb0
[  317.059696][ T8800]  ? __pfx_ieee80211_recalc_chanctx_chantype+0x10/0x10
[  317.067613][ T8800]  ? ieee80211_link_update_chanreq+0x8c/0x2f0
[  317.073856][ T8800]  ? __asan_memcpy+0x40/0x70
[  317.079443][ T8800]  ? ieee80211_link_update_chanreq+0x299/0x2f0
[  317.085916][ T8800]  ieee80211_link_change_chanreq+0x11a6/0x1470
[  317.092544][ T8800]  ? __pfx_ieee80211_link_change_chanreq+0x10/0x10
[  317.099192][ T8800]  ? cfg80211_get_chans_dfs_required+0xae2/0xb60
[  317.105656][ T8800]  ieee80211_set_ap_chanwidth+0x1d5/0x2f0
[  317.111462][ T8800]  ? ieee80211_get_channel_khz+0x173/0x920
[  317.117448][ T8800]  ? __pfx_ieee80211_set_ap_chanwidth+0x10/0x10
[  317.125239][ T8800]  rdev_set_ap_chanwidth+0x118/0x2b0
[  317.130845][ T8800]  __nl80211_set_channel+0x528/0x660
[  317.136367][ T8800]  ? nl80211_set_wiphy+0x279/0x2c80
[  317.141658][ T8800]  ? __pfx___nl80211_set_channel+0x10/0x10
[  317.147586][ T8800]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  317.153716][ T8800]  ? __pfx___mutex_trylock_common+0x10/0x10
[  317.159704][ T8800]  nl80211_set_wiphy+0x1215/0x2c80
[  317.164963][ T8800]  ? __rtnl_unlock+0xca/0xe0
[  317.169651][ T8800]  ? nl80211_pre_doit+0x5f/0x8b0
[  317.174745][ T8800]  ? __pfx_netdev_run_todo+0x10/0x10
[  317.180144][ T8800]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  317.185716][ T8800]  ? __nla_parse+0x40/0x60
[  317.190229][ T8800]  genl_rcv_msg+0xb14/0xec0
[  317.194889][ T8800]  ? mark_lock+0x9a/0x350
[  317.199306][ T8800]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.204908][ T8800]  ? __pfx_lock_acquire+0x10/0x10
[  317.210011][ T8800]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  317.215540][ T8800]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  317.221110][ T8800]  ? __pfx_nl80211_post_doit+0x10/0x10
[  317.227389][ T8800]  ? __pfx___might_resched+0x10/0x10
[  317.233425][ T8800]  netlink_rcv_skb+0x1e3/0x430
[  317.238443][ T8800]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.243485][ T8800]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  317.248928][ T8800]  ? __netlink_deliver_tap+0x77e/0x7c0
[  317.254657][ T8800]  genl_rcv+0x28/0x40
[  317.258730][ T8800]  netlink_unicast+0x7ea/0x980
[  317.263626][ T8800]  ? __pfx_netlink_unicast+0x10/0x10
[  317.268991][ T8800]  ? __virt_addr_valid+0x183/0x520
[  317.274266][ T8800]  ? __check_object_size+0x49c/0x900
[  317.279658][ T8800]  ? bpf_lsm_netlink_send+0x9/0x10
[  317.285441][ T8800]  netlink_sendmsg+0x8db/0xcb0
[  317.290309][ T8800]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.295758][ T8800]  ? __import_iovec+0x536/0x820
[  317.300715][ T8800]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  317.306118][ T8800]  ? security_socket_sendmsg+0x87/0xb0
[  317.311674][ T8800]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.317120][ T8800]  __sock_sendmsg+0x221/0x270
[  317.321905][ T8800]  ____sys_sendmsg+0x525/0x7d0
[  317.326813][ T8800]  ? __pfx_____sys_sendmsg+0x10/0x10
[  317.332972][ T8800]  __sys_sendmsg+0x2b0/0x3a0
[  317.338445][ T8800]  ? __pfx___sys_sendmsg+0x10/0x10
[  317.343668][ T8800]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  317.350017][ T8800]  ? do_syscall_64+0x100/0x230
[  317.355038][ T8800]  ? do_syscall_64+0xb6/0x230
[  317.359793][ T8800]  do_syscall_64+0xf3/0x230
[  317.364521][ T8800]  ? clear_bhb_loop+0x35/0x90
[  317.369260][ T8800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.375275][ T8800] RIP: 0033:0x7f34ff775bd9
[  317.379825][ T8800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.399544][ T8800] RSP: 002b:00007f3500591048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.408070][ T8800] RAX: ffffffffffffffda RBX: 00007f34ff904110 RCX: 00007f34ff775bd9
[  317.416156][ T8800] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 000000000000000c
[  317.424214][ T8800] RBP: 00007f34ff7e4aa1 R08: 0000000000000000 R09: 0000000000000000
[  317.432858][ T8800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  317.433833][  T932] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  317.441432][ T8800] R13: 000000000000006e R14: 00007f34ff904110 R15: 00007ffdfaa15e48
[  317.454474][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  317.462240][ T8800]  </TASK>
[  317.462701][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  317.467019][ T8800] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  317.467033][ T8800] CPU: 1 PID: 8800 Comm: syz.1.950 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  317.467053][ T8800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  317.467064][ T8800] Call Trace:
[  317.467071][ T8800]  <TASK>
[  317.467079][ T8800]  dump_stack_lvl+0x241/0x360
[  317.467111][ T8800]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.467136][ T8800]  ? __pfx__printk+0x10/0x10
[  317.467166][ T8800]  ? vscnprintf+0x5d/0x90
[  317.467187][ T8800]  panic+0x349/0x860
[  317.467219][ T8800]  ? __warn+0x172/0x4e0
[  317.467241][ T8800]  ? __pfx_panic+0x10/0x10
[  317.467282][ T8800]  __warn+0x346/0x4e0
[  317.467303][ T8800]  ? _ieee80211_change_chanctx+0x34b/0x1240
[  317.467327][ T8800]  report_bug+0x2b3/0x500
[  317.467348][ T8800]  ? _ieee80211_change_chanctx+0x34b/0x1240
[  317.467373][ T8800]  handle_bug+0x3e/0x70
[  317.467389][ T8800]  exc_invalid_op+0x1a/0x50
[  317.467407][ T8800]  asm_exc_invalid_op+0x1a/0x20
[  317.467429][ T8800] RIP: 0010:_ieee80211_change_chanctx+0x34b/0x1240
[  317.467450][ T8800] Code: 05 74 1a 83 fd 0d 75 1c e8 72 c8 98 f6 eb 25 e8 6b c8 98 f6 eb 1e e8 64 c8 98 f6 eb 17 e8 5d c8 98 f6 eb 10 e8 56 c8 98 f6 90 <0f> 0b 90 eb 05 e8 4b c8 98 f6 48 8b 2c 24 4c 89 7c 24 60 4c 89 ff
[  317.467466][ T8800] RSP: 0018:ffffc9000e566ba8 EFLAGS: 00010283
[  317.467484][ T8800] RAX: ffffffff8afd5e0a RBX: ffff88807e6ab0f6 RCX: 0000000000040000
[  317.467498][ T8800] RDX: ffffc90012c9c000 RSI: 00000000000008b5 RDI: 00000000000008b6
[  317.467510][ T8800] RBP: 0000000000000006 R08: 0000000000000005 R09: ffffffff8afd5daf
[  317.467523][ T8800] R10: 0000000000000007 R11: ffff888020e70000 R12: dffffc0000000000
[  317.467536][ T8800] R13: ffff88807e6ab000 R14: ffff88807e6ab000 R15: ffff888071c30e20
[  317.467555][ T8800]  ? _ieee80211_change_chanctx+0x2ef/0x1240
[  317.467574][ T8800]  ? _ieee80211_change_chanctx+0x34a/0x1240
[  317.467599][ T8800]  ? _ieee80211_change_chanctx+0x34a/0x1240
[  317.467647][ T8800]  ieee80211_recalc_chanctx_chantype+0xf27/0xfb0
[  317.467686][ T8800]  ? __pfx_ieee80211_recalc_chanctx_chantype+0x10/0x10
[  317.467723][ T8800]  ? ieee80211_link_update_chanreq+0x8c/0x2f0
[  317.467744][ T8800]  ? __asan_memcpy+0x40/0x70
[  317.467772][ T8800]  ? ieee80211_link_update_chanreq+0x299/0x2f0
[  317.467795][ T8800]  ieee80211_link_change_chanreq+0x11a6/0x1470
[  317.467827][ T8800]  ? __pfx_ieee80211_link_change_chanreq+0x10/0x10
[  317.467845][ T8800]  ? cfg80211_get_chans_dfs_required+0xae2/0xb60
[  317.467885][ T8800]  ieee80211_set_ap_chanwidth+0x1d5/0x2f0
[  317.467905][ T8800]  ? ieee80211_get_channel_khz+0x173/0x920
[  317.467927][ T8800]  ? __pfx_ieee80211_set_ap_chanwidth+0x10/0x10
[  317.467964][ T8800]  rdev_set_ap_chanwidth+0x118/0x2b0
[  317.467989][ T8800]  __nl80211_set_channel+0x528/0x660
[  317.468008][ T8800]  ? nl80211_set_wiphy+0x279/0x2c80
[  317.468035][ T8800]  ? __pfx___nl80211_set_channel+0x10/0x10
[  317.468058][ T8800]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  317.468079][ T8800]  ? __pfx___mutex_trylock_common+0x10/0x10
[  317.468106][ T8800]  nl80211_set_wiphy+0x1215/0x2c80
[  317.468136][ T8800]  ? __rtnl_unlock+0xca/0xe0
[  317.468159][ T8800]  ? nl80211_pre_doit+0x5f/0x8b0
[  317.468185][ T8800]  ? __pfx_netdev_run_todo+0x10/0x10
[  317.468210][ T8800]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  317.468236][ T8800]  ? __nla_parse+0x40/0x60
[  317.468267][ T8800]  genl_rcv_msg+0xb14/0xec0
[  317.468285][ T8800]  ? mark_lock+0x9a/0x350
[  317.468312][ T8800]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.468354][ T8800]  ? __pfx_lock_acquire+0x10/0x10
[  317.468372][ T8800]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  317.468395][ T8800]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[  317.468415][ T8800]  ? __pfx_nl80211_post_doit+0x10/0x10
[  317.468440][ T8800]  ? __pfx___might_resched+0x10/0x10
[  317.468472][ T8800]  netlink_rcv_skb+0x1e3/0x430
[  317.468496][ T8800]  ? __pfx_genl_rcv_msg+0x10/0x10
[  317.468516][ T8800]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  317.468552][ T8800]  ? __netlink_deliver_tap+0x77e/0x7c0
[  317.468588][ T8800]  genl_rcv+0x28/0x40
[  317.468604][ T8800]  netlink_unicast+0x7ea/0x980
[  317.468634][ T8800]  ? __pfx_netlink_unicast+0x10/0x10
[  317.468653][ T8800]  ? __virt_addr_valid+0x183/0x520
[  317.468679][ T8800]  ? __check_object_size+0x49c/0x900
[  317.468699][ T8800]  ? bpf_lsm_netlink_send+0x9/0x10
[  317.468725][ T8800]  netlink_sendmsg+0x8db/0xcb0
[  317.468763][ T8800]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.468789][ T8800]  ? __import_iovec+0x536/0x820
[  317.468812][ T8800]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  317.468828][ T8800]  ? security_socket_sendmsg+0x87/0xb0
[  317.468854][ T8800]  ? __pfx_netlink_sendmsg+0x10/0x10
[  317.468876][ T8800]  __sock_sendmsg+0x221/0x270
[  317.468897][ T8800]  ____sys_sendmsg+0x525/0x7d0
[  317.468927][ T8800]  ? __pfx_____sys_sendmsg+0x10/0x10
[  317.468964][ T8800]  __sys_sendmsg+0x2b0/0x3a0
[  317.468989][ T8800]  ? __pfx___sys_sendmsg+0x10/0x10
[  317.469051][ T8800]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  317.469072][ T8800]  ? do_syscall_64+0x100/0x230
[  317.469098][ T8800]  ? do_syscall_64+0xb6/0x230
[  317.469124][ T8800]  do_syscall_64+0xf3/0x230
[  317.469148][ T8800]  ? clear_bhb_loop+0x35/0x90
[  317.469174][ T8800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.469196][ T8800] RIP: 0033:0x7f34ff775bd9
[  317.469212][ T8800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.469227][ T8800] RSP: 002b:00007f3500591048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.469246][ T8800] RAX: ffffffffffffffda RBX: 00007f34ff904110 RCX: 00007f34ff775bd9
[  317.469260][ T8800] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 000000000000000c
[  317.469272][ T8800] RBP: 00007f34ff7e4aa1 R08: 0000000000000000 R09: 0000000000000000
[  317.469283][ T8800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  317.469294][ T8800] R13: 000000000000006e R14: 00007f34ff904110 R15: 00007ffdfaa15e48
[  317.469323][ T8800]  </TASK>
[  317.472185][ T8800] Kernel Offset: disabled