last executing test programs:

11.149102795s ago: executing program 1 (id=1092):
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@local, 0x800, 0x0, 0x2, 0x1}, 0x20)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000004, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001400010029bd7000ffdbdf250a1071fe", @ANYBLOB="08000900000080ffe8a600000000000000000008000000000c0231dbe3cb7b"], 0x3c}, 0x1, 0x0, 0x0, 0xb4}, 0x4040)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_PARM(0xffffffffffffffff, 0xc0cc5616, &(0x7f0000000300)={0x9, @output={0x1000, 0x1, {0x3c4, 0x401}, 0x0, 0x5}})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {0xee01, 0xee01}}, './file0\x00'})
r5 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1b96, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST(r6, 0x40383d03, &(0x7f0000000080)={{0x8, 0x6}, {0x8, 0x51f67027}, 0x2, 0x200001})
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={<r8=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000140)=0x10)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@local, 0x1, 0x71c, 0x0, 0x0, 0xa, 0x0, 0xc2ca4bd923256b4d, 0x32}, {@in6=@rand_addr=' \x01\x00', 0x0, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x3f}, {0x0, 0x192, 0x9ba3, 0xffff, 0x251c, 0x3, 0x6, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x21}, {0xffffffff}, 0x80, 0x34ff, 0x2, 0x1}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x2000c002}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="d80100001c0001"], 0x1d8}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x6d, &(0x7f0000000240)={r8, 0x20, "d656c9a61490b7e8773ca55437fa234c0170c8cbe5ebdd2be9"}, &(0x7f0000000180)=0xfc86)

10.442278019s ago: executing program 3 (id=1093):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
dup(0xffffffffffffffff)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
lstat(0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x101001)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000180)={0x2020}, 0x2024)
lseek(r4, 0xfffffffffffffff5, 0x1)
socket$inet6(0xa, 0x40000080806, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)

8.138314596s ago: executing program 0 (id=1096):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x0, 0x6}]}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (fail_nth: 1)

7.853849822s ago: executing program 0 (id=1097):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$audio(0xffffff9c, 0x0, 0x402, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6(0x10, 0x80000, 0x3)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000040)='T', 0x1, 0x8910, &(0x7f0000000280)={0xa, 0xfffc, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r2, &(0x7f0000000080)="b3019c28", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
ioctl$sock_TIOCINQ(r2, 0x541b, &(0x7f0000000040))
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=@newtfilter={0x30, 0x2c, 0xd2b, 0x10000, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x1}, {}, {0xe, 0x1}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x893}, 0x24040084)
socket$rxrpc(0x21, 0x2, 0x2)
r5 = syz_open_dev$dri(0x0, 0x1, 0x101001)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b4050000ffe0f50571104100000000006600000000800080950000000000000072c2f98cb7333011f1cf97f165ac0dc8c84c1ed04a84f6243cec3706bd2d671c2c28c7a0bd13871d815bbc06c2fa221f1a91d63e4bdbf3cbdd4ff4738d969857122ea180b8b25ad6c006c3e4e86dd319c92d683f6d593cb860187c7640045af58adcfc943a215f12b50493e62b5a127771fc659f39d1470e7d85"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

7.147733459s ago: executing program 3 (id=1099):
socket(0x3, 0x4, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000044c0), 0x141802)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r2, 0x40045402, &(0x7f0000004500))
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000002880), 0x2, 0x0)
write$vga_arbiter(r4, &(0x7f00000028c0)=@other={'decodes', ' ', 'io'}, 0xb)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a70000000060a0b040000000000000000020000005c000480580001800a000100696e6e65720000004800028008000204400000000f0800014000000000240005800c0001007061796c6f61640014000280080004400000005608000344000000b9140000001100010000000000000000000300000a00"/152], 0x98}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'bridge_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="5400000010000104000000000200000000000000", @ANYRES32=r7, @ANYBLOB="0000faffffff000034001280110001006272696467655f736c617665000000001c00058005"], 0x54}}, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r8 = socket$alg(0x26, 0x5, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r9, &(0x7f00000007c0)=[{{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='~', 0x1}], 0x1}}, {{&(0x7f00000022c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000600)=[{&(0x7f0000002300)="ef", 0x1}], 0x1}}, {{&(0x7f00000003c0)={0x2, 0x0, @private=0xa010103}, 0x10, &(0x7f0000000780)=[{&(0x7f00000006c0)='o', 0x1}], 0x1}}], 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f0000000280)={0x3, [0x0, 0x0, 0x0]}, &(0x7f0000000300)=0x10)
bind$alg(r8, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4-generic)\x00'}, 0x58)
r10 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r10, 0x8946, &(0x7f00000002c0)={'team_slave_0\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x9, 0x0, 0x0, 0x0, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r10, 0x8946, 0x0)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000100))
io_setup(0xffff0001, &(0x7f00000000c0))
socket$inet6_tcp(0xa, 0x1, 0x0)

6.813845856s ago: executing program 1 (id=1100):
mq_open(0x0, 0x40, 0x9, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x40000)
r0 = syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x38fe, &(0x7f00000005c0)={0x0, 0x1fffff, 0x10100, 0x0, 0xfffffffe}, &(0x7f0000000200)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1})
io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0)
preadv(r0, &(0x7f0000001300)=[{&(0x7f0000000100)=""/200, 0xc8}], 0x1, 0x1000, 0x3f2f0fde)

6.098088355s ago: executing program 2 (id=1101):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_async', 0x40802, 0x0)
write$tcp_mem(r0, &(0x7f0000000200)={0xfffffffffffffffe, 0x20, 0xfffffffffffffffb, 0x20, 0x20000000000005}, 0x48)
socket(0x400000000037, 0x1, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x5)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r1, &(0x7f00000001c0), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
recvfrom$inet(0xffffffffffffffff, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x4e3, &(0x7f0000000480)={0x0, 0x938c, 0x10100, 0x0, 0x0, 0x0, r3}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000897000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000054000/0x3000)=nil)

5.799991974s ago: executing program 1 (id=1102):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000100)={@local, 0x800, 0x0, 0x2, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x2, 0x1}, 0x20)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000004, 0x5d031, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYRES32=0x0], 0x3c}, 0x1, 0x0, 0x0, 0xb4}, 0x4040)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_PARM(0xffffffffffffffff, 0xc0cc5616, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r6 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r7=>r2, {0xee01, 0xee01}}, './file0\x00'})
ioctl$VIDIOC_SUBDEV_S_CROP(r7, 0xc038563c, 0x0)
r8 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1b96, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r8, 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST(0xffffffffffffffff, 0x40383d03, &(0x7f0000000080)={{0x8, 0x6}, {0x8, 0x51f67027}, 0x2, 0x200001})
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000000)={<r10=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000140)=0x10)
r11 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@local, 0x1, 0x71c, 0x0, 0x0, 0xa, 0x0, 0xc2ca4bd923256b4d, 0x32}, {@in6=@rand_addr=' \x01\x00', 0x0, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x3f}, {0x0, 0x192, 0x9ba3, 0xffff, 0x251c, 0x3, 0x6, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x21}, {0xffffffff}, 0x80, 0x34ff, 0x2, 0x1}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x2000c002}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r9, 0x84, 0x6d, &(0x7f0000000240)={r10, 0x20, "d656c9a61490b7e8773ca55437fa234c0170c8cbe5ebdd2be9"}, &(0x7f0000000180)=0xfc86)

5.563024635s ago: executing program 0 (id=1103):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYRES16=r3, @ANYBLOB="2503000000000000000008000000e057e153beb5a75d690024e70047a6ee085aba6046c815a864ce827bcbf9fb86125c817cc00ea0a160e12bd275ed077334981664bf1711217c"], 0x14}}, 0x0)
syz_usb_connect(0x1, 0x2d, &(0x7f0000000340)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582239f"], 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r4, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e24, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8}, 0x1c)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
recvmsg(r8, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x40000061)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a220000000e0a01020000000000000000f7ffff060900010073797a3000000000140000001100040000000000000000000af16de90b1b82e524"], 0x48}, 0x1, 0x0, 0x0, 0x40880}, 0x4000)
r9 = openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r9, 0x0, 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000240000/0x1000)=nil, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r10, 0x8916, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009e173610ef171e7206de01020301090212000100000000090400000002060000a4158cebcd24"], 0x0)

5.232846527s ago: executing program 3 (id=1104):
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902"], 0x0)
socket$vsock_stream(0x28, 0x1, 0x28)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$rxrpc(0x21, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[], 0x0)
socket(0x10, 0x3, 0x0)
socket(0x15, 0x5, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
socket(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000"], 0xc4}}, 0x0)

4.679811856s ago: executing program 2 (id=1107):
r0 = userfaultfd(0x0)
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000000)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x1})
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)={0xb, {'syz0\x00', 'syz1\x00', 'syz1\x00', 0xee, 0x9, 0x2, 0x81, 0x6, 0x9, "29a2ad416ff02471a115634d6c70bf2a2eee3350052351ce66d0a03d08bdb11acad9692917618702da748a96ecb40828df19ec398ced9c4167c0bc8a0bdd6a62eea3979498e2aaf9e5189a93b6f2c378f998ad2b11e7f509e502717eff1e062de3f20e06fc2db1510ecfbb359b7ec1c769334334545ed8a6952fd50c39dc3fef8023b0bb237e30c6d00af8cd0f9bfda9f73e909f0b3859a77b3c46ab1cd03d82204b9ef0aefca0b46d935d2e1c524625ca415134d7f5fc9e084097b3438589a4d89a226a4361de38060a040b71b8599160147842d6fdfde817a7210f09cbd79e4997e7f3ac47b895677d47598e4e"}}, 0x206)
r2 = mmap$KVM_VCPU(&(0x7f0000ffe000/0x2000)=nil, 0x0, 0x3000003, 0x1010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f00000002c0)="e296a2e105d088116d6cb5e0fff6b96611b1099615ac402d51d3042574af7103fe7bc968c3df6bac90d2c498ba5b78c8e8c8e4ad40d0dfbdd7e27ec8441f906e4f8e70e1bfbac976", 0x0, 0x48)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r3=>r1, {0xffff}}, './file0\x00'})
r4 = ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xc)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4)
io_setup(0x10, &(0x7f0000000380))
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@generic={&(0x7f00000003c0)='./file0\x00', r3}, 0x18)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000440)={0xaa, 0x63e1bb320383f246})
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000000480)=<r6=>0x0)
syz_open_procfs$namespace(r6, &(0x7f00000004c0)='ns/ipc\x00')
close_range(r3, r1, 0x2)
lsetxattr$trusted_overlay_origin(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540), &(0x7f0000000580), 0x2, 0x2)
fcntl$getownex(r5, 0x10, &(0x7f00000005c0))
accept4$inet6(r3, 0x0, &(0x7f0000000600), 0x800)
r7 = syz_usb_connect$printer(0x5, 0x36, &(0x7f0000000640)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0xff, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1, 0x20, 0x5, [{{0x9, 0x4, 0x0, 0x1, 0x2, 0x7, 0x1, 0x1, 0xe, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0xd7, 0x1, 0x8}}, [{{0x9, 0x5, 0x82, 0x2, 0x3ff, 0xe7, 0xe, 0x1}}]}}}]}}]}}, &(0x7f0000000800)={0xa, &(0x7f0000000680)={0xa, 0x6, 0x250, 0x88, 0x0, 0x1, 0x40, 0x7}, 0x1a, &(0x7f00000006c0)={0x5, 0xf, 0x1a, 0x2, [@wireless={0xb, 0x10, 0x1, 0xc, 0xdf, 0x6, 0x3, 0x8, 0x10}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xa, 0xdd, 0x34, 0xf7b8}]}, 0x4, [{0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0x44f}}, {0x4, &(0x7f0000000740)=@lang_id={0x4, 0x3, 0x423}}, {0x4, &(0x7f0000000780)=@lang_id={0x4, 0x3, 0xf8a8}}, {0x4, &(0x7f00000007c0)=@lang_id={0x4, 0x3, 0x41b}}]})
syz_usb_control_io$printer(r7, &(0x7f0000000900)={0x14, &(0x7f0000000880)={0x40, 0x31, 0x35, {0x35, 0x4, "24c5555e6694532c75622cc8cd038ffaab94de3e72e63b5f8274bad64b87fb94e11c032bec67e4e80d2e23af861008584ad12f"}}, &(0x7f00000008c0)={0x0, 0x3, 0x9, @string={0x9, 0x3, "cd3a1ebc8e2264"}}}, &(0x7f0000000b80)={0x34, &(0x7f0000000940)={0x20, 0x12, 0x9f, "d0bec1eaffdf960b1dfd866fe0c20ef6f5b3faba351768b70d77694ce2ede410552950c89d35beef7ed3fdb40544558e244e43ba8c5e53c054d4a9c131203c5bc79392e455f58e3a2bb51b3e2d34e96bd12b0e3ed34578fa62c53a46fbe84c2c75241a21cd6be84e58aba201442861badcad74019e3469f4c43a70f7833b4afdb75a1f3f05d46b7e01b67c3e261660659860d1507dac12b14a2e481e7105b2"}, &(0x7f0000000a00)={0x0, 0xa, 0x1}, &(0x7f0000000a40)={0x0, 0x8, 0x1, 0x81}, &(0x7f0000000a80)={0x20, 0x0, 0x5c, {0x5a, "682b955ea877059ae0cdd76afdddab5ac08b77080a7b5268464475c695e55eb2581d1a72d3f7632d6cce00287454ff93af3580b1e1018e0d7538c52019d0daac6cb0c9f0276537c13445ee8359e0ba4656a9be5d5d8e70bab990"}}, &(0x7f0000000b00)={0x20, 0x1, 0x1, 0x9}, &(0x7f0000000b40)={0x20, 0x0, 0x1}})
mkdir(&(0x7f0000000bc0)='./file0\x00', 0x13b)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r8 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$inet6_dccp_buf(r8, 0x21, 0x2, &(0x7f0000000c00)="2e0b703292d560cc45f42c3924c2dd313a9cc4f36c8b636c317860ee42f0441c403e68d7a3aad8ded1a233830517b79bce840d66e40d33e98e4812007d563358d27ae954e2806540d70ae35b725e50bff7a19aec88", 0x55)
bind$inet6(r3, &(0x7f0000000c80)={0xa, 0x4e22, 0x7, @loopback, 0x8}, 0x1c)
sendmsg$AUDIT_USER_AVC(r3, &(0x7f0000000e00)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x80042}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d00)={0x98, 0x453, 0x20, 0x70bd2a, 0x25dfdbfc, "89a35418ad0d30a882728c60ed881b4e98ce78afb4b7c0b6bd59ea8d40275b4d6aed4d8e9ffc13a7fce4b50842a389aafbc151af9100bba627f5dd3aa164584d1d4fb3898a6308b8f7ed96cabeddce8cb8240fb4fce0fa24d41b04fee723cd2b06b5173d0166e58c9096e3aeab39b08d0fc01e1ead191dbd5400a2f067dec13fa44a6196cd8c", ["", "", ""]}, 0x98}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r9 = syz_genetlink_get_family_id$team(&(0x7f0000000e80), r3)
getsockname$packet(r3, &(0x7f0000000ec0)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000f00)=0x14)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000001e40)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001e00)={&(0x7f0000001680)={0x758, r9, 0x800, 0x70bd28, 0x25dfdbfb, {}, [{{0x8}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}]}}, {{0x8}, {0x224, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r10}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0x170, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xa}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x1ac, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}]}}, {{0x8}, {0x168, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8d81}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}]}}]}, 0x758}, 0x1, 0x0, 0x0, 0x40005}, 0x0)

4.550284862s ago: executing program 4 (id=1108):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x84000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000000)={0x1000000, 0x1, 0x4, 0x0, 0x5, 0x2080, 0xffffffff})
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000054000000030a01040000000000000000010000000900030073797a31000000000900010073797a3100000000280004800800014000000005080002401b2fd2c5140003006970366772653000000000000000000028000000000a05000000000000000000010000080900010073797a31000000000800024080000001140000001100010000000000000000000000000a399a3b3a0a831ba27c8f985cd739385fa388b54ba6ddb05dddb4571df1191c971eb80faf4717d89ed35e35614ed01bc3d6f4d234ef48bfc8711baef45b1a66bb2ae9b1f60d3cd219224479160f3dc528de2936cc65dc24976412e23a7d37188887201bfa6590d8"], 0xc4}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000200)={0x40000004})
ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f00000002c0)={0x5})
ioprio_set$pid(0x3, 0x0, 0x0)
syz_clone3(&(0x7f0000000080)={0x1a4060100, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, &(0x7f0000000040)=[0x0], 0x1}, 0x58)

4.296122539s ago: executing program 4 (id=1109):
keyctl$set_reqkey_keyring(0xe, 0xffffffffffffffff)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000180)=0x6, 0x4)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f00000000c0)={"698999ce660000400000000200", 0x0, 0x0, {0x4, 0x61}, {0x7, 0xc00000}, 0x5, [0x5, 0x6, 0x5, 0xfffffffffffffffe, 0x8000000000, 0x10000400, 0x8, 0x2, 0x8, 0x6, 0xfffe, 0x8000081, 0x10, 0x7fff, 0x7]})
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000140)=0x400030, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x336)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
setsockopt$packet_int(r2, 0x107, 0x13, &(0x7f0000000080)=0xfffff001, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000500)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x20, 0x70bd29, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff1, 0xfff2}, {0x1, 0xc}, {0xfff3, 0x8}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_NAT={0x8, 0xb, 0x104}, @TCA_CAKE_MPU={0x8, 0xe, 0xf6}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)

3.909798988s ago: executing program 3 (id=1110):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000040)=0x1, 0x4)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000380)="66b87b0000000f23c00f21f8663501000d000f23f8baa100b061ee66b84fe700000f23d00f21f86635200000010f23f8f2ab0f01dfb850088ee864660ff8342e0f79d40f0f8501009e0f239f", 0x4c}], 0x1, 0x43, 0x0, 0xffffff44)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r3 = syz_open_dev$vim2m(&(0x7f0000001580), 0x57, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000040)={0x34, 0x1, 0x0, "000000000034b52ba75066c27891ca55e21f0000000000b2b60ec400", 0x4e2b395b})
unshare(0x4040600)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r2, 0xc0096616, &(0x7f0000000100)={0x3, [0x0, 0x0, 0x0]})
r4 = socket(0x2b, 0x80801, 0x1)
setsockopt$inet_tcp_int(r4, 0x6, 0x8, &(0x7f00000000c0)=0x100000001, 0x4)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mbind(&(0x7f00000a2000/0x4000)=nil, 0x4000, 0x4002, &(0x7f0000000200)=0x2001000000000008, 0x5, 0x3)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.645843525s ago: executing program 3 (id=1111):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x5}, @local=@item_4={0x3, 0x2, 0x2, "45501821"}, @global=@item_012={0x1, 0x1, 0x9, "f5"}, @global=@item_012={0x1, 0x1, 0x7, "84"}, @main=@item_4={0x3, 0x0, 0xb, "9e3ce079"}]}}, 0x0}, 0x0) (async)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) (async)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$HIDIOCSUSAGE(r1, 0x4018480c, 0x0) (async)
ioctl$HIDIOCGSTRING(r1, 0x81044804, &(0x7f0000001280)) (async)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r2) (async)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000ec0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r2, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000f00)={0x30, r3, 0x1, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_MAC={0xa, 0x6, @random="2b2b9164c499"}]}, 0x30}}, 0x24000000)

3.64507206s ago: executing program 0 (id=1112):
r0 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r0, 0x3)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x8ce, &(0x7f00000000c0)={0x0, 0x0, 0x400, 0x0, 0x34d}, &(0x7f00000002c0)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0}, 0x68)
ptrace(0x10, 0x1)

3.270235614s ago: executing program 4 (id=1113):
r0 = socket$inet6(0xa, 0x80002, 0x0)
pipe2(&(0x7f0000000840)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000011c0)=ANY=[@ANYBLOB="120100008e77e3405c1b0501f101010203010902240001000000000904000002a4d36f00090504090000000000090507"], 0x0)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000001000030400000000ffffffff00000400", @ANYRES32=0x0, @ANYBLOB="0003000000000200300012800c0001006d6163766c616e00200002801c0005800a000400aaaaaaaaaaaa00000a"], 0x50}}, 0x0)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000001080)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r3, 0x84, 0x1, &(0x7f0000000000)=""/4102, &(0x7f0000001480)=0x1006)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000001c0)={0x1, &(0x7f0000000680)=[{0x6}]}, 0x10)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x32, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)

2.933256439s ago: executing program 3 (id=1114):
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
set_mempolicy(0x4003, 0x0, 0x3)
munlockall() (fail_nth: 1)

2.763851917s ago: executing program 0 (id=1115):
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
io_setup(0x5, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000280)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000300)={{}, {0x0, 0x989680}}, 0x0)
timer_create(0x3, 0x0, &(0x7f00000000c0)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00004ae000/0x4000)=nil, 0x4000, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0xf00)
bind$alg(0xffffffffffffffff, &(0x7f0000000440)={0x26, 'hash\x00', 0x0, 0x0, 'sm3-generic\x00'}, 0x58)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/83, 0x53}], 0x1}, 0x0)
recvmmsg(r3, &(0x7f0000000640)=[{{&(0x7f0000000100)=@in={0x2, 0x0, @broadcast}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/51, 0x33}], 0x1, &(0x7f00000004c0)=""/188, 0xbc}, 0x4}, {{&(0x7f00000003c0)=@generic, 0x80, &(0x7f0000000600)=[{&(0x7f0000000700)=""/239, 0xef}], 0x1}, 0x6}], 0x2, 0x2001, &(0x7f00000006c0))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, 0x0, 0x20000040)

2.206059593s ago: executing program 4 (id=1116):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000009000000000000001b00", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000a0400040000000000000000b7080000000000007baaf8ff00000000b5080000000000197b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000004018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000690000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x3, 0xff7, &(0x7f0000001e00)=""/4087, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000001140)={'team0\x00', 0x201})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = getpid()
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r7, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x25}, 0x10000}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="3000000000000000010000000c"], 0x30}, 0x4000010)
ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f00000004c0)={{0xffff0000, 0xeeee8000, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x40}, {0x5002, 0x8080000, 0x0, 0x8, 0x0, 0x0, 0x81, 0x0, 0x44, 0xe, 0x0, 0x3}, {0x100000}, {0x11000, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1a}, {0x100000, 0xd000, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x10, 0x84}, {0xeeee8000, 0x80a0000, 0xf}, {0x6000, 0x0, 0x0, 0x82, 0x72, 0x73}, {0x6000}, {0x8000000, 0xfffe}, 0x10d, 0x0, 0x5000, 0x90, 0x0, 0x100, 0x900, [0x0, 0x0, 0x3, 0x4]})
writev(r6, &(0x7f0000000100)=[{&(0x7f0000000640)="7945107a30f6448b8658ab679e6e4283a503596abdb1295d6306f2887bcc0666e0c478b11225c4d84485fb6922a68ce2c43fb8c1c3087f5a54f77c6c60243f2f86b16df1908d5bd723a4c57f4f00a9bcd18dc72a423a1672c46bc40fc6db13b64f717fe43f80ea8af53761791e87ae5ea6d8edc0447a71f2ebe5c0e85d474c6a1c62121e774986c246bdafe3fa4028f4353f6f76e01a337407e36f42147f69926e0a90d568915af3bd5550a9d115978ef57153a1a42e90e9ea9ee1be81db940530df2a5a9fe2", 0xc6}, {&(0x7f0000000740)="3d018cd77f358739494d6a921a24197c0c4bd837e6bf35a432f46535521ef7b1ef81a720cc475cd783b06618c7d0e15022a6d75ff44c09c3d4e3d23ea9d6e1340652493ee49fa3485d8e33cd10d4caa0527e511ea997fb1bfcc7320d53d2051aa28598c784b9e0ab6f8dfd56ee5b83749dd42a55a7e1f5cc399dbbbbef2f10339a8c4119e3af265cd94d1764499b656b19e738fdf10de2a6a73460915373cfff3d0812e52ed1df9d266eda2ff9a22877d18df66c32fc4669b0fa18d9ab47584fae539832d2f181214da6fdc1f7dc9fa0c5159e5c83507d85f2a16d2156cad39e7f2c47", 0xe3}, {&(0x7f0000000180)="faef7b8db4562c176d05cb85acbf67a3f290f1a8b6b13c1a214c97d6e1111b209f915c8eb85613165d190cc95c8bbfeaef00150685cecc60ad2ef6351a7542a3c1ee7aaa68cff497b17af636e3c31583f062e895a73f", 0x56}, {&(0x7f0000000840)="cffbcc9648fbf2dab9bfa45db2eb401dd7f9deecf8ed2a4490353f044a1340ce89676c222628b99da5f8156aabcc576cc2e447beb2c8b6f1fcfb46150c61a2823d70ebfb1058e4c4da7bb5540e3b5a88e5eeb1bdd591aa296b6d537e0da9d522bd168085a64075b3e5ff12f111bab1d7d6f2c583de", 0x75}], 0x4)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="040100001a0001000000000000000000ac141400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e0101000000000000000000000000000000003c000000e00000020000000000900f00000000000000000000000000000000000000000000000098fe0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f200000000000000000000000000000000000000000000000000000000000a000100200004000000000014000e0020011a0000000000000000000000000038c98e3e628ef32266fea56b6e60cc35"], 0x104}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="580000000000000500"/20, @ANYRES32=0x0, @ANYBLOB="a5fda98800000000280012800a000100767863616e000000fdfe02801400010000000000", @ANYRES32=0x0, @ANYBLOB="20d000000000050008001300", @ANYRES32=r3, @ANYBLOB="08000400e1ff0000"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1.991437308s ago: executing program 1 (id=1117):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x13, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0xfffffffb}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000002c0)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0x1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x13, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0xfffffffb}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000002c0)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)

1.820881968s ago: executing program 1 (id=1118):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_async', 0x40802, 0x0)
write$tcp_mem(r0, &(0x7f0000000200)={0xfffffffffffffffe, 0x20, 0xfffffffffffffffb, 0x20, 0x20000000000005}, 0x48)
socket(0x400000000037, 0x1, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x5)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r1, &(0x7f00000001c0), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
recvfrom$inet(0xffffffffffffffff, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x4e3, &(0x7f0000000480)={0x0, 0x938c, 0x10100, 0x0, 0x0, 0x0, r3}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mremap(&(0x7f0000897000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000054000/0x3000)=nil)

1.720163586s ago: executing program 4 (id=1119):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup\x00', 0x2400, 0x0)
r1 = fanotify_init(0x202, 0x101000)
dup2(r1, r0) (fail_nth: 1)

1.39013758s ago: executing program 4 (id=1120):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x20000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r5=>r4, {0x16}}, './file0\x00'})
syz_kvm_setup_cpu$x86(r1, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0xfffffe1f)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_X2APIC_API(r7, 0x4068aea3, &(0x7f0000000000)={0x81, 0x0, 0x2})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000440)=ANY=[@ANYBLOB="180000002c00010026bd7000fcdbdf250400000004001800a5a800e5f7c2f265380f56d6dc094d74ede88c2f853e26533460bb8902cdd6a46f5b95fb6fef63c517ee2a5fe653aac5edb59b1f6c92736b878a79a67037f6d95b10123ebbcd19a88870809fdae59ab6dc6020c84e69267e4c2e5405f011f189f7640c1ebed722fd7b5b0f3c3454d95561f9092a9f8b8ba78de8e34764ee2cb01ba28982f6ce33088a158efac46343dbe84dac7acaa8326a12ca"], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000540))
r9 = socket$inet(0xa, 0x801, 0x84)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010034"], 0x1c}}, 0x0)
listen(r9, 0x8)
ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f00000006c0)={0x2, 0x0, @ioapic={0xdddd0000, 0x2, 0x5, 0x3, 0x0, [{0x5, 0x4, 0x2}, {0x5, 0x1, 0x6, '\x00', 0x1}, {0x45, 0x4, 0x8, '\x00', 0xd}, {0x6, 0x4, 0xcb, '\x00', 0x5}, {0x9, 0x0, 0xf3, '\x00', 0x6}, {0x5, 0x1, 0x0, '\x00', 0x1}, {0x7, 0x82, 0x1, '\x00', 0x4}, {0xcd, 0x2, 0x81, '\x00', 0x1}, {0x8, 0x2d, 0x4}, {0x8, 0x49, 0x5, '\x00', 0x4}, {0x8, 0x53, 0x9, '\x00', 0x5}, {0xe9, 0xf, 0x9, '\x00', 0x5}, {0x0, 0xc, 0x8, '\x00', 0x6}, {0x2, 0x9, 0x7, '\x00', 0xa0}, {0x49, 0xc, 0x4, '\x00', 0x5}, {0x9, 0xd0, 0xad, '\x00', 0x3}, {0x32, 0x7f, 0x9, '\x00', 0x8f}, {0x4, 0xfa, 0x5, '\x00', 0x1}, {0x7, 0x8, 0xbe, '\x00', 0x9}, {0x3, 0x2, 0xe, '\x00', 0xc9}, {0x91, 0x4, 0xfe}, {0x1, 0x40, 0x1, '\x00', 0x9}, {0x6, 0x7f, 0x6, '\x00', 0x9}, {0x8, 0xa2, 0x7, '\x00', 0xce}]}})
ioctl$sock_SIOCBRADDBR(r5, 0x89a0, &(0x7f00000000c0)='veth0_macvtap\x00')
sendto$inet(0xffffffffffffffff, &(0x7f00000002c0)="cc", 0xff15, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))

1.354014331s ago: executing program 2 (id=1121):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

1.184094606s ago: executing program 2 (id=1122):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@o_path={&(0x7f0000000100)='./file0\x00', 0x0, 0x4000, r0}, 0x18)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
r1 = syz_io_uring_setup(0x9eb, &(0x7f0000000140)={0x0, 0xc621}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000000)=0x2000)
openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885, 0x1000}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r8, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x1, 0xd59f80, 0x19ef, 0x7, 0x19ef, 0x3, 0x6, 0x27ff, 0x2800, 0x2, 0xbb6, 0x28, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}})
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0)
r9 = dup(0xffffffffffffffff)
write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})

873.878468ms ago: executing program 0 (id=1123):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
dup(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x8, 0x14, 0x28b}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)

856.045173ms ago: executing program 1 (id=1124):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
dup(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x8, 0x14, 0x28b}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

281.899072ms ago: executing program 2 (id=1125):
r0 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0xc00)
ioctl$EXT4_IOC_GETFSUUID(r0, 0x8008662c, &(0x7f0000000000))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0x103000, 0x0)
getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000080)={'HL\x00'}, &(0x7f00000000c0)=0x1e)
r2 = accept(r1, 0x0, &(0x7f0000000100))
setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000140)={0x0, 0xa, 0x5, 0x2, 0x1, 0x4, 0x9, 0x1c, 0x4, 0x4, 0x1, 0x80, 0x1, 0xed}, 0xe)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000e40)={<r3=>0x0, 0x2}, &(0x7f0000000e80)=0x8)
sendmmsg$inet_sctp(r2, &(0x7f0000000fc0)=[{&(0x7f0000000180)=@in={0x2, 0x4e23, @local}, 0x10, &(0x7f00000004c0)=[{&(0x7f00000001c0)="c7f1b30428f0317a05e53f", 0xb}, {&(0x7f0000000200)="6e43ad034d156a13251ef5a7119f5182790546b83eccb0fc915ec9697a52a8433fa82d9202e3d28fbb50087d5e232764b1972a6dd577630cdaa2bf166f6ddb44212cdcf07820e5a0da55b55e03335880c7460c713a440e5621e159c664058ddc4fc80b0932d9c3332ec474f38074767271161a5fde889a584d8175eb271a61b45a2ce627839506f48b8898b88192c404a28c2f7f9f58aed599bbdccfefdfb29bfb11e144", 0xa4}, {&(0x7f00000002c0)="434b3b43952342613d632df6", 0xc}, {&(0x7f0000000300)="4d5363dbec33f7e10b240903c4f3103dd7bf1779af200c17df4475fa5c62b1709d12121ac07840571272d93455699b1c4d22084417f0c85146566ba5e3f7b7ef6f1009d3630b262200a43ef06984fee3c213895c17fb263ad06d97e87835b3fb4f31b15ee8448dba40690b332827e3eee4d9215a7abb8060e539f350ef3c031fa16733d88c2ae0a3d3a5b2d853785203b20ee9801169163afb1926ea6f3eacf33c4960e3a3fb081b70e257b13633ccb9b003855c65e860ca", 0xb8}, {&(0x7f00000003c0)="4d8580366b00ad8b5124c831dbf2446ea0b668bcef6f5c4e67702f4573189e9d38ceb1dd7be5392a2547d292dc204a807b6ad2cb9b0b1fca1c98b79bf1709f3b76c113a4e0153028ca5a26c0becac60bc54b471a31a3237b0203df94f3e3a05d4430c3a0c3e2d9506e3526c8e9ec22565fe2c9fab192e9d15a6080ea7b6fbef281f67a6e94ff274d2f2f7da24262e7285d8b903be0ce6e986073703254ae746dea38a178426e00ce557ebc2efdeac484ad8ffceb194dea6369ab", 0xba}, {&(0x7f0000000480)="23dc556dabfbc714ecdc4fb391f6dac9", 0x10}], 0x6, &(0x7f0000000540)=[@prinfo={0x18, 0x84, 0x5, {0x30, 0x800}}, @authinfo={0x18, 0x84, 0x6, {0x2}}], 0x30, 0x4000011}, {&(0x7f0000000580)=@in={0x2, 0x4e22, @empty}, 0x10, &(0x7f00000007c0)=[{&(0x7f00000005c0)="6a74ff7db641614fc5e03b090d97b0e8e0886408fabbfd93cf83ec593fa3dc990d8ce020fb4aff0d7edf9d20b839cb792947d1c31cbf8edf844a05eb5ce7908ceca516daf12c0024e3fdbd28cdc0684680f4ec671443f49cbdda9b37303cdc25242acfb58af0a4f0ed2af9f5a73dcc446cb459a7b76d61e926b6b98dee8eaf86df8122a9862ba4ae2a50609c166acfd4c6e1447ad84a6291c552c0037fc5", 0x9e}, {&(0x7f0000000680)="43498833314984946a523e78b87832dd48de5001857a7e758ad40d415fbfe00f406c882b5f0423e1ec0b54", 0x2b}, {&(0x7f00000006c0)="aad646171537f42166a35947211f146d", 0x10}, {&(0x7f0000000700)="bbe63caf25b8514d80793bf9081bfec9ea3f8d7d40a0ea8c8baefb7651d509a1b8a349b7bf509a196fdac3aa1d0fc54e63e356d79bdc0a4540214201e79f24e3a705702e9489bdb026c0fff27c2f115f8f932ee5cb1177941a9839de243ab8d63a0e0c7da331db8d6676ceb499c7c0b95ec6de7788650d43c8152f870eeec7b65fed149f951965efb68d7b9fdd938ee1193f12d9581420329d119445769bf5492f3ee1e293a8bbb992d9d76e091958ab1d2dc851483d65c541d03c51", 0xbc}], 0x4, 0x0, 0x0, 0x24000014}, {&(0x7f0000000800)=@in={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000dc0)=[{&(0x7f0000000840)="d6fca9f67e0cc12952f4afa53e74c03098bfa1aa0af1ff72fdba65a3cb677a12767e072544db163c842450e4469caa084772f89b959c8954d410982984a12eeea8e340bc770b593f5cd2bf5c198976738023e1d1f4bb058eac216b03db2a93b71817c80b8d6350c0a68a2dd3e40fe8e86a64ec6b9b0f4e58c574bae73747e1d8b06d46368eda8477b7d431625622f90296b213f60cee406f74d32ee775e7055fb652043bbf36140740c64e45494cd5acdf70ee762bbf59a91132649c5148f6315738ea1f6f01158911e7d6f4be52554b60bf9fe3c70c4cfd6fc218f3c1a5", 0xde}, {&(0x7f0000000940)="fbf6be6e850e59c9762b3b22ee0f91a5986185d5d1d69d9f9dd29853bd41c7a6b0b08a34fb00dc509f20775d1e0673ab1a695d4f25c32f8a3b1b655ecc624edf1e9e23cdb3782b16abe5b503687ee5e24a44e969beb3619f15e9a3a4491b6f1d669d3ce51dcfbb9e", 0x68}, {&(0x7f00000009c0)="7bc21a", 0x3}, {&(0x7f0000000a00)="c1899bc70cdeb9db484a3026cbd6336133213e7de76592cf03580f30ad90c8c3ee0f23a39a45e20d2e871b062ffd5575bea827824bfd7e7dc50868b082dae0cc6b1021ce6802b858bebeee051e70546bbcb5afb037f82fc46d47564faaaf7dc618529fa38deba31cd094866a8fd7937f94d11e312f873d9bf014c21148e9ae874a4aaf0230fa55225e6a0e568c34709a77761dd519c9a0a19da55a3773a35a2fbbaf1c356485e22f846f03371e979f936018e4c2e67632b802c14ee138e0a43a3e91a3740dd93464c053146fb34be94710b28d8d06a6c333f7d5", 0xda}, {&(0x7f0000000b00)="d058f9774940fa7cca745311aaf7d4a5cfc67332afabc369b4755ccd6fb42f13a6fb7dcbe4b2d1c97eeeebbdcd61b1a1f0e310d13f955df05fd3688086bef0576395d40c3e133defe520f873cec08942230fcfe832eb39df1e6932f17423c50e776f4e115444b0d7200e17a649a9969f2bbe2089e21b7a0dc4d477b4d84764789f94353cb171b53ee3199ac84971e906c3c746d1a5b5f0643376d1efb5a46f52f93c7f", 0xa3}, {&(0x7f0000000bc0)="6c89f5fcf882275ba3e9f956f5bed925347ae7ce8685b58d085923e7839184645e448e9dce89128c5f9629f55e6b7be5313da44b3175cdbbd8e4fe078d0a8cd73e6cf8a89755540a441390198f59ad92b9fd1fc10b597ea569bb130a892ad7bfd98a7669db26b87ae7f90ccc4eb7e6cf4f544641a08f339906654b6828f808808261095247f4212cf5f6ba57ab0700dfb2ae191e0f631beb68254c0b4c6d2064598d7b9aefcddf52203f368234f8d9f18b68069105ad76373e6e246e53b952f19e9a7f3452d695be3f352bdd0d8af671146b757ab21a220cc37d06067faa25aa", 0xe0}, {&(0x7f0000000cc0)="9f1cc1e5fe133bab00c8577a2e581ad1b31df2d7791e79ce86b556f4494f354641a4580bbbd36ca86ffa2812b22b6a0772c100ead8de7ec9c5c105e0a78d36323f8d4473baac78ad8ea33940359b5674530b16df62360e14f00eb00b1f731ce0c01cc6fb374bb0777d9c5f28bd07c5a99399ac1765522ec11863da09b0c3b45342207668d5329e2cad820047acd9a32b18068080efed8a533c88fdd41b33d43775c50f926bb79e05dfc841dcca67f893c25409430365d69bf4963cab74ed8ce37ede62778b9e", 0xc6}], 0x7, &(0x7f0000000ec0)=[@dstaddrv4={0x18, 0x84, 0x7, @multicast2}, @sndrcv={0x30, 0x84, 0x1, {0xc1b0, 0x4, 0x0, 0x655, 0x2aeb, 0x100, 0xd9, 0x9, r3}}, @init={0x18, 0x84, 0x0, {0x8, 0x0, 0x9, 0xd6}}, @dstaddrv4={0x18, 0x84, 0x7, @multicast1}, @dstaddrv4={0x18, 0x84, 0x7, @rand_addr=0x64010101}, @prinfo={0x18, 0x84, 0x5, {0x20, 0xd2cd}}, @dstaddrv6={0x20, 0x84, 0x8, @private1={0xfc, 0x1, '\x00', 0x1}}, @authinfo={0x18, 0x84, 0x6, {0x6}}, @authinfo={0x18, 0x84, 0x6, {0x7}}], 0xf8, 0x40000}], 0x3, 0x45)
ioctl$F2FS_IOC_GET_FEATURES(r2, 0x8004f50c, &(0x7f0000001080))
sendmsg(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f00000010c0)="8a45ecf768cd3f9447fcc2a115c108bb4e4b84b6d73d003d2aab82d9c7d503702e5585af3f0764a6f16741faa1190ce0861780b1a703e30558d72068eb92cb6b4fb6a692e954191a365fa12a17a8148816f6ef2b4e43cf64720c4deed75d07e147b2be98bef3bfd538e2", 0x6a}, {&(0x7f0000001140)}, {&(0x7f0000001180)="1003bee6e7e04e8728b4977de9d649acb029765d90a984e77764a558d024ed80bb8c3ddbb0a9d1ef7754b169c5536be4f9f9bfad83f723980f16221cfdfff6a0158cfa0578e6f8f62124cf41779d23f1d0e1b1dc58c1dae0c9a8a3f04fc8d7bc05f528ea8077c0802effc62a393b176dfe7e0fbd94744f49b47bf2286cd964a013df4bd53a4683021045338d01f3cea64337808bb0b6fcb630c9e8370abb8d3dd732b4e71f7b7f6bfe4f6f83a2", 0xad}], 0x3}, 0x4008881)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000001300)={0x7, &(0x7f00000012c0)=[{0x5, 0x7, 0x6d, 0x200}, {0x4, 0x8, 0xba, 0x6}, {0x5, 0xa4, 0x6, 0x1}, {0x7, 0x30, 0x6, 0x10000}, {0x81, 0x9, 0x6, 0xd5f4}, {0x0, 0x40, 0x5, 0xfff}, {0x5cf8, 0x0, 0x1, 0x8c000000}]})
r5 = creat(&(0x7f0000001340)='./file0\x00', 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000013c0)={0x4, &(0x7f0000001380)=[{0x2, 0x81, 0x6, 0x6}, {0x21, 0x2, 0x6, 0x2}, {0x7, 0xde, 0x4, 0xfffffff9}, {0xb, 0x6, 0x2, 0x6}]}, 0x10)
r6 = semget(0x2, 0x0, 0x100)
semctl$IPC_STAT(r6, 0x0, 0x2, &(0x7f0000001400)=""/162)
ioctl$RNDADDENTROPY(r5, 0x40085203, &(0x7f00000014c0)={0x7, 0x9f, "164268b0608f04239f48fdac9100b95f9c88b736c044b815e64ac7c0545a7cc815ef57e690b7f048f194b787ab4a81353ea3759c3e494782cf17e8c091cbc94aaaecd31e26bc56a04ccf6c54de71018b9afe1f7027ef5093a3d4d238e31ae37b67483bc99a2a756309fc64a54e9ad83255caa05b4836df124f7baeadb750c4f22652159b08bee20d18dea06d0700f4ffa811c18dc54611ead83ed39b20c510"})
r7 = syz_open_dev$usbfs(&(0x7f0000001580), 0x1, 0x20000)
syz_open_dev$usbfs(&(0x7f00000015c0), 0x9, 0x80000)
sendmsg$nl_route(r2, &(0x7f00000016c0)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001680)={&(0x7f0000001640)=@ipv4_delroute={0x34, 0x19, 0x4, 0x70bd25, 0x25dfdbff, {0x2, 0x0, 0x10, 0x4, 0x7c, 0x3, 0xfd, 0xa}, [@RTA_GATEWAY={0x8, 0x5, @remote}, @RTA_IP_PROTO={0x5, 0x1b, 0x1}, @RTA_IP_PROTO={0x5, 0x1b, 0x3a}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x40000c4)
r8 = geteuid()
r9 = getgid()
fstat(r7, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
fstat(r4, &(0x7f0000001780)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
semctl$IPC_SET(r6, 0x0, 0x1, &(0x7f0000001800)={{0x0, r8, r9, r10, r11, 0x2, 0xe}, 0x6b3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
setsockopt$inet_sctp_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000001880)={0x3, 0x7d0, 0x46e, 0x9}, 0x8)
r12 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r1, 0x4018aee3, &(0x7f0000001900)=@attr_pmu_filter={0x0, 0x1, 0x1, &(0x7f00000018c0)={0xa63, 0x9, 0x1}})
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000001a00)={&(0x7f0000001940)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000019c0)={&(0x7f0000001980)={0x40, 0x3, 0x6, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000001a40)={{0x1, 0x1, 0x18, r12, {0x6}}, './file0\x00'})
getsockopt$sock_buf(r2, 0x1, 0x3b, &(0x7f0000001a80)=""/1, &(0x7f0000001ac0)=0x1)

0s ago: executing program 2 (id=1126):
socket(0x10, 0x3, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getuid()
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

00000 R14: 00007fb79ada5fa0 R15: 00007fb79aecfa28
[  243.161411][ T8665]  </TASK>
[  243.306963][  T974] usb 4-1: Product: syz
[  243.768257][ T5886] usb 3-1: config 0 has no interfaces?
[  243.777879][ T5834] usb 1-1: USB disconnect, device number 33
[  243.890574][ T5886] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  243.936701][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.978153][ T5886] usb 3-1: Product: syz
[  244.052578][ T5886] usb 3-1: Manufacturer: syz
[  244.063201][ T5886] usb 3-1: SerialNumber: syz
[  244.091088][  T974] usb 4-1: Manufacturer: syz
[  244.096887][ T5886] usb 3-1: config 0 descriptor??
[  244.104182][  T974] usb 4-1: SerialNumber: syz
[  244.293213][ T5834] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  244.410864][  T974] usb 4-1: 0:2 : does not exist
[  244.419527][  T974] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  244.436338][  T974] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[  244.448463][  T974] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[  244.456871][   T10] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  244.475823][  T974] usb 4-1: 5:0: failed to get current value for ch 1 (-22)
[  244.524653][  T974] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[  244.543951][ T5834] usb 1-1: Using ep0 maxpacket: 16
[  244.551652][  T974] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[  244.566299][  T974] usb 4-1: USB disconnect, device number 31
[  244.587636][ T5834] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  244.606112][ T5834] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  244.616465][   T10] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  244.619507][ T5834] usb 1-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  244.633583][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.664694][ T5834] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.668292][   T10] usb 5-1: Product: syz
[  244.692524][   T10] usb 5-1: Manufacturer: syz
[  244.698557][ T5834] usb 1-1: config 0 descriptor??
[  244.702097][   T10] usb 5-1: SerialNumber: syz
[  244.739573][   T10] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  244.754468][ T5886] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  244.936963][ T8678] fuse: Bad value for 'fd'
[  244.964976][ T8685] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.978410][ T8685] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.145233][ T5834] usb 5-1: USB disconnect, device number 39
[  245.609619][   T10] usb 3-1: USB disconnect, device number 38
[  245.846993][ T5886] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  245.862329][ T5886] ath9k_htc: Failed to initialize the device
[  245.875737][ T5834] usb 5-1: ath9k_htc: USB layer deinitialized
[  246.039958][ T8713] netlink: 12 bytes leftover after parsing attributes in process `syz.1.853'.
[  247.443159][   T10] usb 1-1: USB disconnect, device number 34
[  247.747744][ T8733] netlink: 'syz.3.859': attribute type 13 has an invalid length.
[  247.872737][ T8733] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  248.310252][ T8742] netlink: 36 bytes leftover after parsing attributes in process `syz.4.862'.
[  248.434243][ T5886] usb 3-1: new low-speed USB device number 39 using dummy_hcd
[  248.617048][ T5834] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  248.663160][ T5886] usb 3-1: Invalid ep0 maxpacket: 64
[  248.815198][ T5886] usb 3-1: new low-speed USB device number 40 using dummy_hcd
[  248.906555][ T5834] usb 5-1: Using ep0 maxpacket: 16
[  248.983092][ T5886] usb 3-1: Invalid ep0 maxpacket: 64
[  248.995108][ T5886] usb usb3-port1: attempt power cycle
[  249.069116][ T5834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.093436][ T5834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.118641][ T5834] usb 5-1: New USB device found, idVendor=1b96, idProduct=0007, bcdDevice= 0.00
[  249.138725][ T5834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.161791][ T5834] usb 5-1: config 0 descriptor??
[  249.533106][ T5886] usb 3-1: new low-speed USB device number 41 using dummy_hcd
[  249.568866][ T5886] usb 3-1: Invalid ep0 maxpacket: 64
[  249.713377][ T5886] usb 3-1: new low-speed USB device number 42 using dummy_hcd
[  249.743664][ T5886] usb 3-1: Invalid ep0 maxpacket: 64
[  249.750566][ T5886] usb usb3-port1: unable to enumerate USB device
[  249.878960][ T8779] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  251.133371][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.146934][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.150479][ T8824] netlink: 8 bytes leftover after parsing attributes in process `syz.1.888'.
[  251.155457][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.186263][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.250267][ T8826] dccp_invalid_packet: P.type (CLOSE) not Data || [Data]Ack, while P.X == 0
[  251.267637][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.274535][   T24] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  251.288758][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.310406][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.326843][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.366957][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.381547][ T8828] FAULT_INJECTION: forcing a failure.
[  251.381547][ T8828] name failslab, interval 1, probability 0, space 0, times 0
[  251.428702][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.439446][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.443205][   T24] usb 4-1: Using ep0 maxpacket: 16
[  251.456028][ T8828] CPU: 0 UID: 0 PID: 8828 Comm: syz.2.891 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  251.456052][ T8828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  251.456063][ T8828] Call Trace:
[  251.456070][ T8828]  <TASK>
[  251.456076][ T8828]  dump_stack_lvl+0x241/0x360
[  251.456103][ T8828]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.456121][ T8828]  ? __pfx__printk+0x10/0x10
[  251.456136][ T8828]  ? nfnetlink_rcv_msg+0xdfe/0x1190
[  251.456154][ T8828]  ? __pfx___might_resched+0x10/0x10
[  251.456172][ T8828]  should_fail_ex+0x424/0x570
[  251.456188][ T8828]  should_failslab+0xac/0x100
[  251.456207][ T8828]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  251.456224][ T8828]  ? __alloc_skb+0x1c2/0x480
[  251.456235][ T8828]  ? stack_trace_save+0x11a/0x1d0
[  251.456251][ T8828]  __alloc_skb+0x1c2/0x480
[  251.456264][ T8828]  ? __pfx___alloc_skb+0x10/0x10
[  251.456279][ T8828]  ? netlink_ack_tlv_len+0x6e/0x200
[  251.456301][ T8828]  netlink_ack+0x147/0xa70
[  251.456316][ T8828]  ? netlink_sendmsg+0x8e8/0xce0
[  251.456331][ T8828]  ? __sock_sendmsg+0x221/0x270
[  251.456347][ T8828]  ? __sys_sendmsg+0x271/0x360
[  251.456365][ T8828]  netlink_rcv_skb+0x296/0x480
[  251.456382][ T8828]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  251.456395][ T8828]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  251.456417][ T8828]  ? apparmor_capable+0x13b/0x1b0
[  251.456438][ T8828]  ? bpf_lsm_capable+0x9/0x10
[  251.456449][ T8828]  ? security_capable+0x7e/0x2d0
[  251.456464][ T8828]  nfnetlink_rcv+0x296/0x28f0
[  251.456478][ T8828]  ? __dev_queue_xmit+0x2f9/0x3f60
[  251.456492][ T8828]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  251.456511][ T8828]  ? __dev_queue_xmit+0x2f9/0x3f60
[  251.456525][ T8828]  ? __dev_queue_xmit+0x2f9/0x3f60
[  251.456538][ T8828]  ? __dev_queue_xmit+0x1780/0x3f60
[  251.456551][ T8828]  ? kasan_save_track+0x3f/0x80
[  251.456568][ T8828]  ? __kasan_slab_alloc+0x66/0x80
[  251.456585][ T8828]  ? do_syscall_64+0xf3/0x230
[  251.456603][ T8828]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  251.456615][ T8828]  ? __dev_queue_xmit+0x2f9/0x3f60
[  251.456630][ T8828]  ? __pfx___dev_queue_xmit+0x10/0x10
[  251.456651][ T8828]  ? ref_tracker_free+0x63e/0x7e0
[  251.456666][ T8828]  ? __asan_memcpy+0x40/0x70
[  251.456678][ T8828]  ? __pfx_ref_tracker_free+0x10/0x10
[  251.456692][ T8828]  ? __skb_clone+0x5c/0x6d0
[  251.456715][ T8828]  ? skb_clone+0x240/0x390
[  251.456734][ T8828]  ? netlink_deliver_tap+0x2e/0x1b0
[  251.456751][ T8828]  ? netlink_deliver_tap+0x2e/0x1b0
[  251.456768][ T8828]  netlink_unicast+0x7f8/0x9a0
[  251.456786][ T8828]  ? __pfx_netlink_unicast+0x10/0x10
[  251.456799][ T8828]  ? __virt_addr_valid+0x45f/0x530
[  251.456814][ T8828]  ? __phys_addr_symbol+0x2f/0x70
[  251.456829][ T8828]  ? __check_object_size+0x478/0x720
[  251.456852][ T8828]  netlink_sendmsg+0x8e8/0xce0
[  251.456874][ T8828]  ? __pfx_netlink_sendmsg+0x10/0x10
[  251.456892][ T8828]  ? aa_sock_msg_perm+0x91/0x160
[  251.456907][ T8828]  ? __pfx_netlink_sendmsg+0x10/0x10
[  251.456922][ T8828]  __sock_sendmsg+0x221/0x270
[  251.456945][ T8828]  ____sys_sendmsg+0x53c/0x870
[  251.456965][ T8828]  ? __pfx_____sys_sendmsg+0x10/0x10
[  251.456980][ T8828]  ? __fget_files+0x2a/0x420
[  251.456997][ T8828]  ? __fget_files+0x2a/0x420
[  251.457012][ T8828]  __sys_sendmsg+0x271/0x360
[  251.457027][ T8828]  ? __pfx___sys_sendmsg+0x10/0x10
[  251.457062][ T8828]  ? do_syscall_64+0xb6/0x230
[  251.457079][ T8828]  do_syscall_64+0xf3/0x230
[  251.457094][ T8828]  ? clear_bhb_loop+0x45/0xa0
[  251.457109][ T8828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.457122][ T8828] RIP: 0033:0x7fca8358d169
[  251.457137][ T8828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.457148][ T8828] RSP: 002b:00007fca844cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  251.457164][ T8828] RAX: ffffffffffffffda RBX: 00007fca837a5fa0 RCX: 00007fca8358d169
[  251.457173][ T8828] RDX: 0000000000000080 RSI: 0000200000000640 RDI: 0000000000000003
[  251.457181][ T8828] RBP: 00007fca844cc090 R08: 0000000000000000 R09: 0000000000000000
[  251.457189][ T8828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.457198][ T8828] R13: 0000000000000000 R14: 00007fca837a5fa0 R15: 00007fca838cfa28
[  251.457213][ T8828]  </TASK>
[  251.457667][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.467021][   T24] usb 4-1: New USB device found, idVendor=0471, idProduct=030c, bcdDevice=ba.e9
[  251.906279][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.919364][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.965037][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.980293][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.990113][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  251.998273][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  252.007468][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  252.015601][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  252.043625][ T5834] usbhid 5-1:0.0: can't add hid device: -71
[  252.051661][ T8832] FAULT_INJECTION: forcing a failure.
[  252.051661][ T8832] name failslab, interval 1, probability 0, space 0, times 0
[  252.065124][ T5834] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  252.083078][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  252.093681][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  252.111385][ T8832] CPU: 0 UID: 0 PID: 8832 Comm: syz.2.893 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  252.111409][ T8832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  252.111418][ T8832] Call Trace:
[  252.111424][ T8832]  <TASK>
[  252.111430][ T8832]  dump_stack_lvl+0x241/0x360
[  252.111456][ T8832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  252.111473][ T8832]  ? __pfx__printk+0x10/0x10
[  252.111493][ T8832]  ? __pfx___might_resched+0x10/0x10
[  252.111511][ T8832]  should_fail_ex+0x424/0x570
[  252.111531][ T8832]  should_failslab+0xac/0x100
[  252.111552][ T8832]  kmem_cache_alloc_noprof+0x78/0x390
[  252.111572][ T8832]  ? alloc_pid+0xa2/0xaa0
[  252.111587][ T8832]  ? copy_thread+0x4b4/0x980
[  252.111606][ T8832]  alloc_pid+0xa2/0xaa0
[  252.111621][ T8832]  ? copy_thread+0x72d/0x980
[  252.111639][ T8832]  copy_process+0x1c50/0x3d10
[  252.111661][ T8832]  ? copy_process+0xa07/0x3d10
[  252.111680][ T8832]  ? __pfx_copy_process+0x10/0x10
[  252.111697][ T8832]  ? __raw_spin_lock_init+0x45/0x100
[  252.111720][ T8832]  vhost_task_create+0x244/0x320
[  252.111754][ T8832]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  252.111770][ T8832]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  252.111791][ T8832]  ? __pfx_vhost_task_create+0x10/0x10
[  252.111807][ T8832]  ? stack_trace_save+0x11a/0x1d0
[  252.111830][ T8832]  ? __pfx_vhost_task_fn+0x10/0x10
[  252.111854][ T8832]  ? kasan_save_track+0x51/0x80
[  252.111870][ T8832]  ? kasan_save_free_info+0x40/0x50
[  252.111884][ T8832]  ? __kasan_slab_free+0x59/0x70
[  252.111902][ T8832]  ? kfree+0x198/0x430
[  252.111926][ T8832]  ? tomoyo_path_number_perm+0x5fd/0x790
[  252.111936][ T5834] usb 5-1: USB disconnect, device number 40
[  252.111948][ T8832]  ? security_file_ioctl+0xc6/0x2a0
[  252.111971][ T8832]  kvm_mmu_post_init_vm+0x14e/0x2c0
[  252.111988][ T8832]  kvm_arch_vcpu_ioctl_run+0xed/0x1910
[  252.112011][ T8832]  ? __lock_acquire+0xad5/0xd80
[  252.112035][ T8832]  ? __mutex_trylock_common+0x184/0x2e0
[  252.112054][ T8832]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  252.112074][ T8832]  ? __pfx___mutex_trylock_common+0x10/0x10
[  252.112094][ T8832]  ? rcu_is_watching+0x15/0xb0
[  252.112111][ T8832]  ? look_up_lock_class+0x7b/0x170
[  252.112133][ T8832]  ? register_lock_class+0x54/0x330
[  252.112157][ T8832]  ? __lock_acquire+0xad5/0xd80
[  252.112179][ T8832]  ? do_raw_write_lock+0x14a/0x4f0
[  252.112209][ T8832]  kvm_vcpu_ioctl+0xa24/0x1030
[  252.112233][ T8832]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  252.112250][ T8832]  ? __lock_acquire+0xad5/0xd80
[  252.112282][ T8832]  ? __fget_files+0x2a/0x420
[  252.112297][ T8832]  ? __fget_files+0x2a/0x420
[  252.112313][ T8832]  ? __fget_files+0x2a/0x420
[  252.112329][ T8832]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  252.112349][ T8832]  __se_sys_ioctl+0xf1/0x160
[  252.112368][ T8832]  do_syscall_64+0xf3/0x230
[  252.112387][ T8832]  ? clear_bhb_loop+0x45/0xa0
[  252.112406][ T8832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.112421][ T8832] RIP: 0033:0x7fca8358d169
[  252.112437][ T8832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.112451][ T8832] RSP: 002b:00007fca844cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  252.112469][ T8832] RAX: ffffffffffffffda RBX: 00007fca837a5fa0 RCX: 00007fca8358d169
[  252.112481][ T8832] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  252.112492][ T8832] RBP: 00007fca844cc090 R08: 0000000000000000 R09: 0000000000000000
[  252.112502][ T8832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.112512][ T8832] R13: 0000000000000000 R14: 00007fca837a5fa0 R15: 00007fca838cfa28
[  252.112532][ T8832]  </TASK>
[  252.119026][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  252.130553][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.493150][   T24] usb 4-1: Product: syz
[  252.497355][   T24] usb 4-1: Manufacturer: syz
[  252.501960][   T24] usb 4-1: SerialNumber: syz
[  252.509181][   T24] usb 4-1: config 0 descriptor??
[  252.517310][   T24] pwc: Philips PCVC690K (Vesta Pro Scan) USB webcam detected.
[  252.564803][ T8835] netlink: 8 bytes leftover after parsing attributes in process `syz.1.894'.
[  252.582782][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  252.604519][ T8835] netlink: 32 bytes leftover after parsing attributes in process `syz.1.894'.
[  252.623167][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  252.630601][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  252.906396][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  252.976064][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.051656][ T8849] netlink: 40 bytes leftover after parsing attributes in process `syz.1.897'.
[  253.073177][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.080615][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.098704][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.108825][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.135506][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.216342][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.241958][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.262216][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.625027][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.763927][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.843674][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.851116][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.900325][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.913174][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.920944][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.928886][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.936633][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.944497][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.952005][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  253.978819][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.034525][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.053654][ T8865] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=581841746 (37237871744 ns) > initial count (1894560576 ns). Using initial count to start timer.
[  254.068414][ T8870] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.103847][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.111334][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.125348][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.133626][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.141768][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.151414][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.158891][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.173277][ T8870] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  254.207525][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.207561][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.207588][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.207613][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.207638][  T974] hid-generic 0000:0004:0008.0004: unknown main item tag 0x0
[  254.226852][  T974] hid-generic 0000:0004:0008.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  254.227962][ T8876] FAULT_INJECTION: forcing a failure.
[  254.227962][ T8876] name failslab, interval 1, probability 0, space 0, times 0
[  254.227990][ T8876] CPU: 1 UID: 0 PID: 8876 Comm: syz.0.901 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  254.228006][ T8876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  254.228014][ T8876] Call Trace:
[  254.228020][ T8876]  <TASK>
[  254.228026][ T8876]  dump_stack_lvl+0x241/0x360
[  254.228054][ T8876]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.228081][ T8876]  ? __pfx__printk+0x10/0x10
[  254.228102][ T8876]  ? __pfx___might_resched+0x10/0x10
[  254.228120][ T8876]  should_fail_ex+0x424/0x570
[  254.228140][ T8876]  should_failslab+0xac/0x100
[  254.228161][ T8876]  __kmalloc_noprof+0xdf/0x4d0
[  254.228181][ T8876]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  254.228198][ T8876]  ? apparmor_capable+0x13b/0x1b0
[  254.228219][ T8876]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  254.228236][ T8876]  genl_rcv_msg+0x819/0xf00
[  254.228255][ T8876]  ? __pfx_genl_rcv_msg+0x10/0x10
[  254.228268][ T8876]  ? __dev_queue_xmit+0x1780/0x3f60
[  254.228285][ T8876]  ? kasan_save_track+0x3f/0x80
[  254.228299][ T8876]  ? __kasan_slab_alloc+0x66/0x80
[  254.228320][ T8876]  ? do_syscall_64+0xf3/0x230
[  254.228350][ T8876]  ? __lock_acquire+0xad5/0xd80
[  254.228372][ T8876]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  254.228391][ T8876]  ? __pfx_nl80211_join_mesh+0x10/0x10
[  254.228405][ T8876]  ? __pfx_nl80211_post_doit+0x10/0x10
[  254.228432][ T8876]  netlink_rcv_skb+0x208/0x480
[  254.228454][ T8876]  ? __pfx_genl_rcv_msg+0x10/0x10
[  254.228471][ T8876]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  254.228497][ T8876]  ? netlink_deliver_tap+0x2e/0x1b0
[  254.228519][ T8876]  genl_rcv+0x28/0x40
[  254.228532][ T8876]  netlink_unicast+0x7f8/0x9a0
[  254.228555][ T8876]  ? __pfx_netlink_unicast+0x10/0x10
[  254.228571][ T8876]  ? __virt_addr_valid+0x45f/0x530
[  254.228590][ T8876]  ? __phys_addr_symbol+0x2f/0x70
[  254.228606][ T8876]  ? __check_object_size+0x478/0x720
[  254.228629][ T8876]  netlink_sendmsg+0x8e8/0xce0
[  254.228653][ T8876]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.228676][ T8876]  ? aa_sock_msg_perm+0x91/0x160
[  254.228694][ T8876]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.228712][ T8876]  __sock_sendmsg+0x221/0x270
[  254.228734][ T8876]  ____sys_sendmsg+0x53c/0x870
[  254.228755][ T8876]  ? __pfx_____sys_sendmsg+0x10/0x10
[  254.228769][ T8876]  ? __fget_files+0x2a/0x420
[  254.228785][ T8876]  ? __fget_files+0x2a/0x420
[  254.228804][ T8876]  __sys_sendmsg+0x271/0x360
[  254.228821][ T8876]  ? __pfx___sys_sendmsg+0x10/0x10
[  254.228863][ T8876]  ? do_syscall_64+0xb6/0x230
[  254.228885][ T8876]  do_syscall_64+0xf3/0x230
[  254.228905][ T8876]  ? clear_bhb_loop+0x45/0xa0
[  254.228922][ T8876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.228936][ T8876] RIP: 0033:0x7fb03798d169
[  254.228950][ T8876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.228963][ T8876] RSP: 002b:00007fb03881e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.228981][ T8876] RAX: ffffffffffffffda RBX: 00007fb037ba5fa0 RCX: 00007fb03798d169
[  254.228993][ T8876] RDX: 0000000000040000 RSI: 0000200000000000 RDI: 0000000000000003
[  254.229003][ T8876] RBP: 00007fb03881e090 R08: 0000000000000000 R09: 0000000000000000
[  254.229013][ T8876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.229022][ T8876] R13: 0000000000000000 R14: 00007fb037ba5fa0 R15: 00007fb037ccfa28
[  254.229043][ T8876]  </TASK>
[  254.259789][   T24] pwc: send_video_command error -71
[  254.259809][   T24] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  254.259892][   T24] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71
[  254.285290][   T24] usb 4-1: USB disconnect, device number 32
[  254.906625][ T8907] FAULT_INJECTION: forcing a failure.
[  254.906625][ T8907] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  254.906711][ T8907] CPU: 1 UID: 0 PID: 8907 Comm: syz.1.907 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  254.906731][ T8907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  254.906742][ T8907] Call Trace:
[  254.906748][ T8907]  <TASK>
[  254.906755][ T8907]  dump_stack_lvl+0x241/0x360
[  254.906782][ T8907]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.906802][ T8907]  ? __pfx__printk+0x10/0x10
[  254.906829][ T8907]  should_fail_ex+0x424/0x570
[  254.906850][ T8907]  prepare_alloc_pages+0x1dd/0x5c0
[  254.906874][ T8907]  __alloc_frozen_pages_noprof+0x181/0x7b0
[  254.906894][ T8907]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  254.906926][ T8907]  alloc_pages_mpol+0x339/0x690
[  254.906957][ T8907]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  254.906976][ T8907]  ? __dev_queue_xmit+0x2f9/0x3f60
[  254.907001][ T8907]  vma_alloc_folio_noprof+0x12d/0x260
[  254.907023][ T8907]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  254.907050][ T8907]  folio_prealloc+0x2e/0x170
[  254.907068][ T8907]  __handle_mm_fault+0x32e8/0x6ef0
[  254.907082][ T8907]  ? __lock_acquire+0xad5/0xd80
[  254.907121][ T8907]  ? __pfx___handle_mm_fault+0x10/0x10
[  254.907145][ T8907]  ? mtree_range_walk+0x700/0x8e0
[  254.907170][ T8907]  ? mt_find+0x28a/0x8f0
[  254.907189][ T8907]  ? mt_find+0x28a/0x8f0
[  254.907208][ T8907]  ? mt_find+0x699/0x8f0
[  254.907229][ T8907]  ? mt_find+0x28a/0x8f0
[  254.907250][ T8907]  ? __pfx_mt_find+0x10/0x10
[  254.907282][ T8907]  ? find_vma+0xfa/0x170
[  254.907297][ T8907]  ? __pfx_find_vma+0x10/0x10
[  254.907314][ T8907]  handle_mm_fault+0x3fa/0x900
[  254.907335][ T8907]  exc_page_fault+0x2bb/0x8b0
[  254.907359][ T8907]  asm_exc_page_fault+0x26/0x30
[  254.907375][ T8907] RIP: 0010:rep_movs_alternative+0x4a/0x70
[  254.907392][ T8907] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[  254.907406][ T8907] RSP: 0018:ffffc9000d13f4d8 EFLAGS: 00050206
[  254.907422][ T8907] RAX: ffff88802a630001 RBX: 0000000000000d6d RCX: 0000000000000d6d
[  254.907434][ T8907] RDX: 0000000000000000 RSI: ffff88802a6300ff RDI: 0000200000001b00
[  254.907446][ T8907] RBP: ffffc9000d13f650 R08: ffff88802a630e6b R09: 1ffff110054c61cd
[  254.907458][ T8907] R10: dffffc0000000000 R11: ffffed10054c61ce R12: 0000000000000000
[  254.907470][ T8907] R13: ffffc9000d13fd10 R14: ffff88802a6300ff R15: 000020000000286d
[  254.907495][ T8907]  _copy_to_iter+0x4d2/0x1c90
[  254.907525][ T8907]  ? __pfx__copy_to_iter+0x10/0x10
[  254.907547][ T8907]  ? __virt_addr_valid+0x183/0x530
[  254.907565][ T8907]  ? __virt_addr_valid+0x183/0x530
[  254.907583][ T8907]  ? __virt_addr_valid+0x45f/0x530
[  254.907601][ T8907]  ? __phys_addr_symbol+0x2f/0x70
[  254.907620][ T8907]  ? __check_object_size+0x478/0x720
[  254.907640][ T8907]  ? skb_recv_datagram+0x26e/0x310
[  254.907660][ T8907]  __skb_datagram_iter+0x111/0x940
[  254.907681][ T8907]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  254.907702][ T8907]  skb_copy_datagram_iter+0xd1/0x250
[  254.907721][ T8907]  netlink_recvmsg+0x2d4/0x1180
[  254.907741][ T8907]  ? __lock_acquire+0xad5/0xd80
[  254.907768][ T8907]  ? __pfx_netlink_recvmsg+0x10/0x10
[  254.907791][ T8907]  ? __pfx_aa_sk_perm+0x10/0x10
[  254.907816][ T8907]  ? aa_sock_msg_perm+0x91/0x160
[  254.907834][ T8907]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  254.907852][ T8907]  ? __pfx_netlink_recvmsg+0x10/0x10
[  254.907874][ T8907]  sock_recvmsg+0x22f/0x280
[  254.907896][ T8907]  ____sys_recvmsg+0x1c8/0x480
[  254.907919][ T8907]  ? __pfx_____sys_recvmsg+0x10/0x10
[  254.907956][ T8907]  do_recvmmsg+0x428/0xab0
[  254.907981][ T8907]  ? __pfx_do_recvmmsg+0x10/0x10
[  254.908010][ T8907]  ? rcu_read_lock_any_held+0xbb/0x160
[  254.908028][ T8907]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  254.908047][ T8907]  ? vfs_write+0xb29/0xd10
[  254.908072][ T8907]  ? ksys_write+0x24e/0x2d0
[  254.908092][ T8907]  ? __mutex_unlock_slowpath+0x229/0x800
[  254.908119][ T8907]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  254.908138][ T8907]  ? __fget_files+0x2a/0x420
[  254.908163][ T8907]  __x64_sys_recvmmsg+0x1ab/0x260
[  254.908183][ T8907]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  254.908205][ T8907]  ? do_syscall_64+0xb6/0x230
[  254.908227][ T8907]  do_syscall_64+0xf3/0x230
[  254.908246][ T8907]  ? clear_bhb_loop+0x45/0xa0
[  254.908264][ T8907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.908279][ T8907] RIP: 0033:0x7fb79ab8d169
[  254.908293][ T8907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.908307][ T8907] RSP: 002b:00007fb79b90c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  254.908324][ T8907] RAX: ffffffffffffffda RBX: 00007fb79ada5fa0 RCX: 00007fb79ab8d169
[  254.908336][ T8907] RDX: 0000000000000007 RSI: 00002000000006c0 RDI: 0000000000000003
[  254.908346][ T8907] RBP: 00007fb79b90c090 R08: 0000000000000000 R09: 0000000000000000
[  254.908357][ T8907] R10: 0000000040000000 R11: 0000000000000246 R12: 0000000000000001
[  254.908367][ T8907] R13: 0000000000000000 R14: 00007fb79ada5fa0 R15: 00007fb79aecfa28
[  254.908389][ T8907]  </TASK>
[  255.283355][ T1065] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  255.366783][   T24] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  255.395728][ T8922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  255.395926][ T8922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  255.443132][ T1065] usb 4-1: Using ep0 maxpacket: 16
[  255.462691][ T1065] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  255.462725][ T1065] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.462752][ T1065] usb 4-1: New USB device found, idVendor=1b96, idProduct=0007, bcdDevice= 0.00
[  255.462764][ T1065] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.466172][ T1065] usb 4-1: config 0 descriptor??
[  255.535671][   T24] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[  255.535697][   T24] usb 1-1: config 0 has no interface number 0
[  255.535711][   T24] usb 1-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  255.535727][   T24] usb 1-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  255.535741][   T24] usb 1-1: config 0 interface 255 has no altsetting 0
[  255.535774][   T24] usb 1-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  255.535786][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.537010][   T24] usb 1-1: config 0 descriptor??
[  255.538309][   T24] ums-realtek 1-1:0.255: USB Mass Storage device detected
[  255.665470][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  255.665553][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  255.741236][   T24] usb 1-1: USB disconnect, device number 35
[  256.385552][ T8937] FAULT_INJECTION: forcing a failure.
[  256.385552][ T8937] name failslab, interval 1, probability 0, space 0, times 0
[  256.385587][ T8937] CPU: 1 UID: 0 PID: 8937 Comm: syz.0.912 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  256.385611][ T8937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  256.385621][ T8937] Call Trace:
[  256.385626][ T8937]  <TASK>
[  256.385633][ T8937]  dump_stack_lvl+0x241/0x360
[  256.385660][ T8937]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.385680][ T8937]  ? __pfx__printk+0x10/0x10
[  256.385699][ T8937]  ? nfnetlink_rcv_msg+0xdfe/0x1190
[  256.385719][ T8937]  ? __pfx___might_resched+0x10/0x10
[  256.385739][ T8937]  should_fail_ex+0x424/0x570
[  256.385760][ T8937]  should_failslab+0xac/0x100
[  256.385782][ T8937]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  256.385803][ T8937]  ? __alloc_skb+0x1c2/0x480
[  256.385815][ T8937]  ? stack_trace_save+0x11a/0x1d0
[  256.385847][ T8937]  __alloc_skb+0x1c2/0x480
[  256.385864][ T8937]  ? __pfx___alloc_skb+0x10/0x10
[  256.385883][ T8937]  ? netlink_ack_tlv_len+0x6e/0x200
[  256.385905][ T8937]  netlink_ack+0x147/0xa70
[  256.385922][ T8937]  ? netlink_sendmsg+0x8e8/0xce0
[  256.385941][ T8937]  ? __sock_sendmsg+0x221/0x270
[  256.385960][ T8937]  ? __sys_sendmsg+0x271/0x360
[  256.385983][ T8937]  netlink_rcv_skb+0x296/0x480
[  256.386005][ T8937]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  256.386023][ T8937]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  256.386049][ T8937]  ? apparmor_capable+0x13b/0x1b0
[  256.386070][ T8937]  ? bpf_lsm_capable+0x9/0x10
[  256.386083][ T8937]  ? security_capable+0x7e/0x2d0
[  256.386103][ T8937]  nfnetlink_rcv+0x296/0x28f0
[  256.386121][ T8937]  ? __dev_queue_xmit+0x2f9/0x3f60
[  256.386139][ T8937]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  256.386164][ T8937]  ? __dev_queue_xmit+0x2f9/0x3f60
[  256.386180][ T8937]  ? __dev_queue_xmit+0x2f9/0x3f60
[  256.386198][ T8937]  ? __dev_queue_xmit+0x1780/0x3f60
[  256.386213][ T8937]  ? kasan_save_track+0x3f/0x80
[  256.386229][ T8937]  ? __kasan_slab_alloc+0x66/0x80
[  256.386251][ T8937]  ? do_syscall_64+0xf3/0x230
[  256.386273][ T8937]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  256.386289][ T8937]  ? __dev_queue_xmit+0x2f9/0x3f60
[  256.386309][ T8937]  ? __pfx___dev_queue_xmit+0x10/0x10
[  256.386337][ T8937]  ? ref_tracker_free+0x63e/0x7e0
[  256.386357][ T8937]  ? __pfx_ref_tracker_free+0x10/0x10
[  256.386393][ T8937]  ? netlink_deliver_tap+0x2e/0x1b0
[  256.386414][ T8937]  ? netlink_deliver_tap+0x2e/0x1b0
[  256.386435][ T8937]  netlink_unicast+0x7f8/0x9a0
[  256.386459][ T8937]  ? __pfx_netlink_unicast+0x10/0x10
[  256.386476][ T8937]  ? __virt_addr_valid+0x45f/0x530
[  256.386496][ T8937]  ? __phys_addr_symbol+0x2f/0x70
[  256.386513][ T8937]  ? __check_object_size+0x478/0x720
[  256.386537][ T8937]  netlink_sendmsg+0x8e8/0xce0
[  256.386565][ T8937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  256.386585][ T8937]  ? aa_sock_msg_perm+0x91/0x160
[  256.386605][ T8937]  ? __pfx_netlink_sendmsg+0x10/0x10
[  256.386622][ T8937]  __sock_sendmsg+0x221/0x270
[  256.386643][ T8937]  ____sys_sendmsg+0x53c/0x870
[  256.386665][ T8937]  ? __pfx_____sys_sendmsg+0x10/0x10
[  256.386679][ T8937]  ? __fget_files+0x2a/0x420
[  256.386695][ T8937]  ? __fget_files+0x2a/0x420
[  256.386714][ T8937]  __sys_sendmsg+0x271/0x360
[  256.386734][ T8937]  ? __pfx___sys_sendmsg+0x10/0x10
[  256.386780][ T8937]  ? do_syscall_64+0xb6/0x230
[  256.386800][ T8937]  do_syscall_64+0xf3/0x230
[  256.386820][ T8937]  ? clear_bhb_loop+0x45/0xa0
[  256.386846][ T8937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.386862][ T8937] RIP: 0033:0x7fb03798d169
[  256.386877][ T8937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.386890][ T8937] RSP: 002b:00007fb03881e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  256.386906][ T8937] RAX: ffffffffffffffda RBX: 00007fb037ba5fa0 RCX: 00007fb03798d169
[  256.386917][ T8937] RDX: 0000000000000080 RSI: 00002000000001c0 RDI: 0000000000000003
[  256.386926][ T8937] RBP: 00007fb03881e090 R08: 0000000000000000 R09: 0000000000000000
[  256.386936][ T8937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.386944][ T8937] R13: 0000000000000000 R14: 00007fb037ba5fa0 R15: 00007fb037ccfa28
[  256.386964][ T8937]  </TASK>
[  257.802650][ T1065] usbhid 4-1:0.0: can't add hid device: -71
[  257.803386][ T1065] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  257.808558][ T1065] usb 4-1: USB disconnect, device number 33
[  257.970349][   T30] kauditd_printk_skb: 1397 callbacks suppressed
[  257.970366][   T30] audit: type=1326 audit(1743170974.260:3216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe0a78d169 code=0x7ffc0000
[  257.977933][ T8957] futex_wake_op: syz.3.915 tries to shift op by 36; fix this program
[  257.978342][   T30] audit: type=1326 audit(1743170974.270:3217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe0a78d169 code=0x7ffc0000
[  257.978381][   T30] audit: type=1326 audit(1743170974.270:3218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe0a78d169 code=0x7ffc0000
[  257.978540][   T30] audit: type=1326 audit(1743170974.270:3219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7efe0a78d169 code=0x7ffc0000
[  257.979096][   T30] audit: type=1326 audit(1743170974.270:3220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe0a78d169 code=0x7ffc0000
[  257.989151][   T30] audit: type=1326 audit(1743170974.280:3221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe0a78d169 code=0x7ffc0000
[  257.989190][   T30] audit: type=1326 audit(1743170974.280:3222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efe0a78d169 code=0x7ffc0000
[  257.989221][   T30] audit: type=1326 audit(1743170974.280:3223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe0a78d169 code=0x7ffc0000
[  257.989250][   T30] audit: type=1326 audit(1743170974.280:3224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe0a78d169 code=0x7ffc0000
[  258.134054][   T30] audit: type=1326 audit(1743170974.420:3225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8956 comm="syz.3.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7efe0a78d169 code=0x7ffc0000
[  258.549111][ T8973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  258.549282][ T8973] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  258.673053][ T5888] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  258.823047][ T5888] usb 1-1: Using ep0 maxpacket: 16
[  258.824635][ T5888] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.824673][ T5888] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.824704][ T5888] usb 1-1: New USB device found, idVendor=1b96, idProduct=0007, bcdDevice= 0.00
[  258.824725][ T5888] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.827178][ T5888] usb 1-1: config 0 descriptor??
[  260.566748][ T1065] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  260.743142][ T1065] usb 3-1: Using ep0 maxpacket: 16
[  260.762837][ T1065] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.762862][ T1065] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.762875][ T1065] usb 3-1: config 0 interface 0 has no altsetting 0
[  260.762891][ T1065] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  260.762906][ T1065] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.766978][ T1065] usb 3-1: config 0 descriptor??
[  261.385691][ T5888] usbhid 1-1:0.0: can't add hid device: -71
[  261.385776][ T5888] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  261.387031][ T5888] usb 1-1: USB disconnect, device number 36
[  262.763087][ T5890] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  262.913266][ T5890] usb 4-1: Using ep0 maxpacket: 16
[  262.915183][ T5890] usb 4-1: unable to get BOS descriptor or descriptor too short
[  262.916090][ T5890] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  262.916120][ T5890] usb 4-1: config 1 has no interface number 1
[  262.916147][ T5890] usb 4-1: too many endpoints for config 1 interface 2 altsetting 6: 223, using maximum allowed: 30
[  262.916199][ T5890] usb 4-1: config 1 interface 2 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 223
[  262.916230][ T5890] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 99, changing to 7
[  262.916253][ T5890] usb 4-1: config 1 interface 2 has no altsetting 2
[  262.918010][ T5890] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  263.373161][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.373190][ T5890] usb 4-1: Product: syz
[  263.373205][ T5890] usb 4-1: Manufacturer: syz
[  263.373219][ T5890] usb 4-1: SerialNumber: syz
[  263.535230][ T1065] usbhid 3-1:0.0: can't add hid device: -71
[  263.541388][ T1065] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  263.596031][ T9034] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.613396][ T9034] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.644996][ T1065] usb 3-1: USB disconnect, device number 43
[  263.740144][ T5890] usb 4-1: USB disconnect, device number 34
[  264.183153][   T24] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  264.453018][   T24] usb 5-1: Using ep0 maxpacket: 16
[  264.501350][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.532180][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  264.593126][   T24] usb 5-1: New USB device found, idVendor=1b96, idProduct=0007, bcdDevice= 0.00
[  264.614406][ T9060] netlink: 16 bytes leftover after parsing attributes in process `syz.1.932'.
[  264.643163][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.644193][ T9060] program syz.1.932 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  264.678889][ T9063] FAULT_INJECTION: forcing a failure.
[  264.678889][ T9063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.719956][   T24] usb 5-1: config 0 descriptor??
[  264.773025][ T5890] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  264.799261][ T9063] CPU: 0 UID: 0 PID: 9063 Comm: syz.3.934 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  264.799287][ T9063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  264.799297][ T9063] Call Trace:
[  264.799303][ T9063]  <TASK>
[  264.799310][ T9063]  dump_stack_lvl+0x241/0x360
[  264.799337][ T9063]  ? __pfx_dump_stack_lvl+0x10/0x10
[  264.799358][ T9063]  ? __pfx__printk+0x10/0x10
[  264.799384][ T9063]  should_fail_ex+0x424/0x570
[  264.799403][ T9063]  _copy_from_user+0x2d/0xb0
[  264.799418][ T9063]  move_addr_to_kernel+0x8c/0x170
[  264.799439][ T9063]  __sys_bind+0x12e/0x290
[  264.799461][ T9063]  ? __pfx___sys_bind+0x10/0x10
[  264.799497][ T9063]  __x64_sys_bind+0x7a/0x90
[  264.799518][ T9063]  do_syscall_64+0xf3/0x230
[  264.799539][ T9063]  ? clear_bhb_loop+0x45/0xa0
[  264.799557][ T9063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.799572][ T9063] RIP: 0033:0x7efe0a78d169
[  264.799586][ T9063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.799599][ T9063] RSP: 002b:00007efe0b54c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  264.799615][ T9063] RAX: ffffffffffffffda RBX: 00007efe0a9a5fa0 RCX: 00007efe0a78d169
[  264.799627][ T9063] RDX: 000000000000001c RSI: 0000200000000140 RDI: 0000000000000004
[  264.799637][ T9063] RBP: 00007efe0b54c090 R08: 0000000000000000 R09: 0000000000000000
[  264.799647][ T9063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.799657][ T9063] R13: 0000000000000000 R14: 00007efe0a9a5fa0 R15: 00007efe0aacfa28
[  264.799678][ T9063]  </TASK>
[  265.208387][ T5890] usb 1-1: Using ep0 maxpacket: 16
[  265.223074][ T5890] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.242791][ T5890] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  265.264674][ T5890] usb 1-1: New USB device found, idVendor=1b96, idProduct=0007, bcdDevice= 0.00
[  265.287993][ T5890] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.455437][ T5890] usb 1-1: config 0 descriptor??
[  267.219995][   T24] usbhid 5-1:0.0: can't add hid device: -71
[  267.226192][   T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  267.269344][   T24] usb 5-1: USB disconnect, device number 41
[  267.548219][ T9098] netlink: 12 bytes leftover after parsing attributes in process `syz.4.948'.
[  267.933081][   T24] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  268.241016][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  268.241033][   T30] audit: type=1326 audit(1743170984.530:3231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79ab8d169 code=0x7ffc0000
[  268.269357][    C1] vkms_vblank_simulate: vblank timer overrun
[  268.337885][ T9111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  268.353874][ T5890] usbhid 1-1:0.0: can't add hid device: -71
[  268.363190][ T5890] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  268.374399][ T9111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.384988][ T5890] usb 1-1: USB disconnect, device number 37
[  268.406211][   T30] audit: type=1326 audit(1743170984.570:3232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79ab8d169 code=0x7ffc0000
[  268.472650][   T30] audit: type=1326 audit(1743170984.620:3233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fb79ab8d169 code=0x7ffc0000
[  268.501292][   T30] audit: type=1326 audit(1743170984.620:3234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79ab8d169 code=0x7ffc0000
[  268.525981][   T24] usb 3-1: Using ep0 maxpacket: 16
[  268.532262][   T30] audit: type=1326 audit(1743170984.620:3235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79ab8d169 code=0x7ffc0000
[  268.554739][    C1] vkms_vblank_simulate: vblank timer overrun
[  268.561445][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.576599][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  268.603264][   T24] usb 3-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00
[  268.619229][   T30] audit: type=1326 audit(1743170984.620:3236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb79ab8bad0 code=0x7ffc0000
[  268.641817][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.686767][   T24] usb 3-1: config 0 descriptor??
[  268.720764][   T30] audit: type=1326 audit(1743170984.620:3237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb79ab8cd6b code=0x7ffc0000
[  268.756385][   T30] audit: type=1326 audit(1743170984.620:3238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb79ab8cd6b code=0x7ffc0000
[  268.806669][   T30] audit: type=1326 audit(1743170984.710:3239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79ab8d169 code=0x7ffc0000
[  268.877006][   T30] audit: type=1326 audit(1743170984.710:3240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9110 comm="syz.1.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79ab8d169 code=0x7ffc0000
[  269.110030][ T9122] FAULT_INJECTION: forcing a failure.
[  269.110030][ T9122] name failslab, interval 1, probability 0, space 0, times 0
[  269.110840][   T24] nzxt-kraken2 0003:1E71:170E.0005: unknown main item tag 0x0
[  269.126950][ T9122] CPU: 0 UID: 0 PID: 9122 Comm: syz.4.956 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  269.126976][ T9122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  269.126986][ T9122] Call Trace:
[  269.126994][ T9122]  <TASK>
[  269.127001][ T9122]  dump_stack_lvl+0x241/0x360
[  269.127028][ T9122]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.127047][ T9122]  ? __pfx__printk+0x10/0x10
[  269.127070][ T9122]  ? __pfx___might_resched+0x10/0x10
[  269.127089][ T9122]  should_fail_ex+0x424/0x570
[  269.127109][ T9122]  should_failslab+0xac/0x100
[  269.127131][ T9122]  kmem_cache_alloc_noprof+0x78/0x390
[  269.127151][ T9122]  ? mas_alloc_nodes+0x25b/0x7e0
[  269.127172][ T9122]  mas_alloc_nodes+0x25b/0x7e0
[  269.127196][ T9122]  mas_preallocate+0x5ea/0x950
[  269.127216][ T9122]  ? __pfx_mas_preallocate+0x10/0x10
[  269.127238][ T9122]  ? __lock_acquire+0xad5/0xd80
[  269.127261][ T9122]  ? __mas_set_range+0x133/0x3c0
[  269.127284][ T9122]  commit_merge+0x467/0x800
[  269.127307][ T9122]  ? __pfx_commit_merge+0x10/0x10
[  269.127329][ T9122]  ? dup_anon_vma+0x76/0x2b0
[  269.127351][ T9122]  vma_merge_existing_range+0x1431/0x1770
[  269.127383][ T9122]  ? __pfx_vma_merge_existing_range+0x10/0x10
[  269.127411][ T9122]  vma_modify+0x76/0x390
[  269.127431][ T9122]  vma_modify_flags+0x3a7/0x430
[  269.127453][ T9122]  ? __pfx_vma_modify_flags+0x10/0x10
[  269.127485][ T9122]  mlock_fixup+0x21d/0x350
[  269.127510][ T9122]  apply_mlockall_flags+0x309/0x410
[  269.127533][ T9122]  ? __pfx_apply_mlockall_flags+0x10/0x10
[  269.127557][ T9122]  ? __do_sys_munlockall+0x5a/0x220
[  269.127583][ T9122]  __do_sys_munlockall+0x10a/0x220
[  269.127605][ T9122]  do_syscall_64+0xf3/0x230
[  269.127624][ T9122]  ? clear_bhb_loop+0x45/0xa0
[  269.127642][ T9122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.127657][ T9122] RIP: 0033:0x7fa75e78d169
[  269.127671][ T9122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.127684][ T9122] RSP: 002b:00007fa75f571038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[  269.127703][ T9122] RAX: ffffffffffffffda RBX: 00007fa75e9a5fa0 RCX: 00007fa75e78d169
[  269.127723][ T9122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  269.127733][ T9122] RBP: 00007fa75f571090 R08: 0000000000000000 R09: 0000000000000000
[  269.127743][ T9122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.127753][ T9122] R13: 0000000000000000 R14: 00007fa75e9a5fa0 R15: 00007fa75eacfa28
[  269.127773][ T9122]  </TASK>
[  269.169311][ T9128] FAULT_INJECTION: forcing a failure.
[  269.169311][ T9128] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.172397][ T5890] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  269.187123][ T9128] CPU: 0 UID: 0 PID: 9128 Comm: syz.1.958 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  269.187147][ T9128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  269.187157][ T9128] Call Trace:
[  269.187163][ T9128]  <TASK>
[  269.187170][ T9128]  dump_stack_lvl+0x241/0x360
[  269.187196][ T9128]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.187216][ T9128]  ? __pfx__printk+0x10/0x10
[  269.187242][ T9128]  should_fail_ex+0x424/0x570
[  269.187263][ T9128]  _copy_from_user+0x2d/0xb0
[  269.187279][ T9128]  copy_msghdr_from_user+0xb3/0x580
[  269.187302][ T9128]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  269.187320][ T9128]  ? __fget_files+0x2a/0x420
[  269.187337][ T9128]  ? __fget_files+0x2a/0x420
[  269.187357][ T9128]  __sys_sendmsg+0x20a/0x360
[  269.187376][ T9128]  ? __pfx___sys_sendmsg+0x10/0x10
[  269.187422][ T9128]  ? do_syscall_64+0xb6/0x230
[  269.187446][ T9128]  do_syscall_64+0xf3/0x230
[  269.187466][ T9128]  ? clear_bhb_loop+0x45/0xa0
[  269.187484][ T9128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.187500][ T9128] RIP: 0033:0x7fb79ab8d169
[  269.187515][ T9128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.187529][ T9128] RSP: 002b:00007fb79b90c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.187547][ T9128] RAX: ffffffffffffffda RBX: 00007fb79ada5fa0 RCX: 00007fb79ab8d169
[  269.187559][ T9128] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  269.187570][ T9128] RBP: 00007fb79b90c090 R08: 0000000000000000 R09: 0000000000000000
[  269.187581][ T9128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.187592][ T9128] R13: 0000000000000000 R14: 00007fb79ada5fa0 R15: 00007fb79aecfa28
[  269.187614][ T9128]  </TASK>
[  269.592186][   T24] nzxt-kraken2 0003:1E71:170E.0005: unknown main item tag 0x0
[  269.599839][   T24] nzxt-kraken2 0003:1E71:170E.0005: unknown main item tag 0x0
[  269.607468][   T24] nzxt-kraken2 0003:1E71:170E.0005: unknown main item tag 0x0
[  269.615202][   T24] nzxt-kraken2 0003:1E71:170E.0005: unknown main item tag 0x0
[  269.653659][   T24] nzxt-kraken2 0003:1E71:170E.0005: hidraw0: USB HID v0.00 Device [HID 1e71:170e] on usb-dummy_hcd.2-1/input0
[  269.812398][   T24] usb 3-1: USB disconnect, device number 44
[  269.993509][ T5890] usb 4-1: Using ep0 maxpacket: 16
[  270.000155][ T5890] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  270.012000][ T5890] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  270.021960][ T5890] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  270.040494][ T5890] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  270.140145][ T5890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.172436][ T5890] usb 4-1: config 0 descriptor??
[  270.765524][ T9156] fuse: Bad value for 'fd'
[  270.783144][ T5890] usbhid 4-1:0.0: can't add hid device: -32
[  270.790649][ T5890] usbhid 4-1:0.0: probe with driver usbhid failed with error -32
[  270.904802][ T5890] usb 4-1: USB disconnect, device number 35
[  273.163069][   T24] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  273.323697][   T24] usb 5-1: too many configurations: 184, using maximum allowed: 8
[  273.391855][   T24] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  273.411034][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.445982][   T24] usb 5-1: Product: syz
[  273.450234][   T24] usb 5-1: Manufacturer: syz
[  273.465068][   T24] usb 5-1: SerialNumber: syz
[  273.533831][   T24] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  273.565406][ T5890] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  273.654334][ T9238] FAULT_INJECTION: forcing a failure.
[  273.654334][ T9238] name failslab, interval 1, probability 0, space 0, times 0
[  273.684605][ T9238] CPU: 0 UID: 0 PID: 9238 Comm: syz.0.992 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  273.684631][ T9238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  273.684641][ T9238] Call Trace:
[  273.684647][ T9238]  <TASK>
[  273.684655][ T9238]  dump_stack_lvl+0x241/0x360
[  273.684681][ T9238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.684701][ T9238]  ? __pfx__printk+0x10/0x10
[  273.684722][ T9238]  ? __pfx___might_resched+0x10/0x10
[  273.684741][ T9238]  should_fail_ex+0x424/0x570
[  273.684763][ T9238]  should_failslab+0xac/0x100
[  273.684785][ T9238]  __kmalloc_noprof+0xdf/0x4d0
[  273.684804][ T9238]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  273.684822][ T9238]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  273.684843][ T9238]  tomoyo_realpath_from_path+0xcf/0x5e0
[  273.684869][ T9238]  tomoyo_path_number_perm+0x245/0x790
[  273.684894][ T9238]  ? tomoyo_path_number_perm+0x215/0x790
[  273.684918][ T9238]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  273.684946][ T9238]  ? ksys_write+0x24e/0x2d0
[  273.684967][ T9238]  ? __lock_acquire+0xad5/0xd80
[  273.684996][ T9238]  ? __fget_files+0x2a/0x420
[  273.685011][ T9238]  ? __fget_files+0x2a/0x420
[  273.685027][ T9238]  ? __fget_files+0x2a/0x420
[  273.685045][ T9238]  security_file_ioctl+0xc6/0x2a0
[  273.685068][ T9238]  __se_sys_ioctl+0x46/0x160
[  273.685089][ T9238]  do_syscall_64+0xf3/0x230
[  273.685109][ T9238]  ? clear_bhb_loop+0x45/0xa0
[  273.685127][ T9238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.685142][ T9238] RIP: 0033:0x7fb03798d169
[  273.685157][ T9238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.685171][ T9238] RSP: 002b:00007fb03881e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  273.685189][ T9238] RAX: ffffffffffffffda RBX: 00007fb037ba5fa0 RCX: 00007fb03798d169
[  273.685202][ T9238] RDX: 0000200000000100 RSI: 000000000000890b RDI: 0000000000000003
[  273.685213][ T9238] RBP: 00007fb03881e090 R08: 0000000000000000 R09: 0000000000000000
[  273.685223][ T9238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.685233][ T9238] R13: 0000000000000000 R14: 00007fb037ba5fa0 R15: 00007fb037ccfa28
[  273.685254][ T9238]  </TASK>
[  273.685262][ T9238] ERROR: Out of memory at tomoyo_realpath_from_path.
[  273.742283][ T9240] netlink: 'syz.1.993': attribute type 10 has an invalid length.
[  273.866356][ T9246] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  273.942310][ T9240] netlink: 40 bytes leftover after parsing attributes in process `syz.1.993'.
[  273.980916][ T9240] team0: Port device geneve0 added
[  274.041202][ T9252] ALSA: mixer_oss: invalid OSS volume ':'
[  274.047662][ T9252] ALSA: mixer_oss: invalid OSS volume '010000E0'
[  274.054159][ T9252] ALSA: mixer_oss: invalid OSS volume '3'
[  274.123828][ T9252] ALSA: mixer_oss: invalid OSS volume '010000E0'
[  274.148768][ T9252] ALSA: mixer_oss: invalid OSS volume '4'
[  274.169498][ T9252] ALSA: mixer_oss: invalid OSS volume '010000E0'
[  274.176437][ T9252] ALSA: mixer_oss: invalid OSS volume '5'
[  274.208735][ T9256] ALSA: mixer_oss: invalid OSS volume ''
[  274.668466][ T5890] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  274.711721][ T5890] ath9k_htc: Failed to initialize the device
[  274.762811][ T5890] usb 5-1: ath9k_htc: USB layer deinitialized
[  275.441159][ T9269] FAULT_INJECTION: forcing a failure.
[  275.441159][ T9269] name failslab, interval 1, probability 0, space 0, times 0
[  275.487658][ T9269] CPU: 0 UID: 0 PID: 9269 Comm: syz.3.1000 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  275.487685][ T9269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  275.487695][ T9269] Call Trace:
[  275.487702][ T9269]  <TASK>
[  275.487709][ T9269]  dump_stack_lvl+0x241/0x360
[  275.487739][ T9269]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.487760][ T9269]  ? __pfx__printk+0x10/0x10
[  275.487780][ T9269]  ? __pfx___might_resched+0x10/0x10
[  275.487793][ T9269]  should_fail_ex+0x424/0x570
[  275.487806][ T9269]  should_failslab+0xac/0x100
[  275.487820][ T9269]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  275.487840][ T9269]  ? __alloc_skb+0x1c2/0x480
[  275.487857][ T9269]  __alloc_skb+0x1c2/0x480
[  275.487877][ T9269]  ? __pfx___alloc_skb+0x10/0x10
[  275.487899][ T9269]  qrtr_port_remove+0x119/0x520
[  275.487924][ T9269]  ? __pfx_qrtr_port_remove+0x10/0x10
[  275.487940][ T9269]  qrtr_release+0x1ea/0x2b0
[  275.487953][ T9269]  sock_close+0xbc/0x240
[  275.487964][ T9269]  ? __pfx_sock_close+0x10/0x10
[  275.487976][ T9269]  __fput+0x3e9/0x9f0
[  275.487997][ T9269]  task_work_run+0x251/0x310
[  275.488022][ T9269]  ? __pfx_task_work_run+0x10/0x10
[  275.488049][ T9269]  get_signal+0x15db/0x1730
[  275.488072][ T9269]  ? __pfx_task_work_add+0x10/0x10
[  275.488084][ T9269]  ? __pfx___file_ref_put+0x10/0x10
[  275.488098][ T9269]  ? __pfx_get_signal+0x10/0x10
[  275.488113][ T9269]  arch_do_signal_or_restart+0x98/0x840
[  275.488128][ T9269]  ? __pfx___sys_getpeername+0x10/0x10
[  275.488144][ T9269]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  275.488175][ T9269]  ? syscall_exit_to_user_mode+0xa3/0x340
[  275.488197][ T9269]  syscall_exit_to_user_mode+0xce/0x340
[  275.488238][ T9269]  do_syscall_64+0x100/0x230
[  275.488250][ T9269]  ? clear_bhb_loop+0x45/0xa0
[  275.488261][ T9269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.488270][ T9269] RIP: 0033:0x7efe0a78d169
[  275.488282][ T9269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.488296][ T9269] RSP: 002b:00007efe0b52b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000034
[  275.488315][ T9269] RAX: 0000000000000000 RBX: 00007efe0a9a6080 RCX: 00007efe0a78d169
[  275.488326][ T9269] RDX: 0000200000000200 RSI: 0000000000000000 RDI: 0000000000000003
[  275.488343][ T9269] RBP: 00007efe0b52b090 R08: 0000000000000000 R09: 0000000000000000
[  275.488357][ T9269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  275.488367][ T9269] R13: 0000000000000000 R14: 00007efe0a9a6080 R15: 00007efe0aacfa28
[  275.488382][ T9269]  </TASK>
[  276.266518][ T5890] usb 5-1: USB disconnect, device number 42
[  276.508948][ T9282] fuse: Unknown parameter 'group_i00000000000000000000'
[  276.538547][  T974] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  276.875053][  T974] usb 1-1: config 0 has no interfaces?
[  276.899873][  T974] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  276.954973][  T974] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.989114][  T974] usb 1-1: Product: syz
[  277.010307][  T974] usb 1-1: Manufacturer: syz
[  277.032875][  T974] usb 1-1: SerialNumber: syz
[  277.051032][  T974] usb 1-1: config 0 descriptor??
[  277.863037][ T5890] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  277.923052][  T974] usb 4-1: new low-speed USB device number 36 using dummy_hcd
[  278.035151][ T5890] usb 3-1: config 0 has no interfaces?
[  278.050864][ T5890] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  278.070369][ T5890] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.074583][  T974] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  278.093214][  T974] usb 4-1: config 0 has no interface number 0
[  278.097516][ T5890] usb 3-1: Product: syz
[  278.109250][ T5890] usb 3-1: Manufacturer: syz
[  278.109282][  T974] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  278.146979][ T5890] usb 3-1: SerialNumber: syz
[  278.160014][ T5890] usb 3-1: config 0 descriptor??
[  278.208308][  T974] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  278.266447][  T974] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  278.318162][  T974] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.343767][  T974] usb 4-1: config 0 descriptor??
[  278.353811][ T9294] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  278.406979][  T974] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  278.773563][ T9294] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1006'.
[  278.793747][ T9294] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  278.884492][ T9294] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  279.108471][  T974] usb 1-1: USB disconnect, device number 38
[  279.459924][    T9] usb 4-1: USB disconnect, device number 36
[  279.545697][ T9316] FAULT_INJECTION: forcing a failure.
[  279.545697][ T9316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  279.588338][ T9316] CPU: 0 UID: 0 PID: 9316 Comm: syz.3.1012 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  279.588365][ T9316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  279.588372][ T9316] Call Trace:
[  279.588376][ T9316]  <TASK>
[  279.588381][ T9316]  dump_stack_lvl+0x241/0x360
[  279.588399][ T9316]  ? __pfx_dump_stack_lvl+0x10/0x10
[  279.588411][ T9316]  ? __pfx__printk+0x10/0x10
[  279.588427][ T9316]  should_fail_ex+0x424/0x570
[  279.588440][ T9316]  _copy_to_user+0x31/0xb0
[  279.588449][ T9316]  simple_read_from_buffer+0xdc/0x170
[  279.588465][ T9316]  proc_fail_nth_read+0x1ef/0x260
[  279.588476][ T9316]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  279.588486][ T9316]  ? rw_verify_area+0x246/0x630
[  279.588497][ T9316]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  279.588506][ T9316]  vfs_read+0x21f/0xb90
[  279.588518][ T9316]  ? __pfx___mutex_lock+0x10/0x10
[  279.588531][ T9316]  ? __pfx_vfs_read+0x10/0x10
[  279.588542][ T9316]  ? __fget_files+0x2a/0x420
[  279.588551][ T9316]  ? __fget_files+0x39d/0x420
[  279.588558][ T9316]  ? __fget_files+0x2a/0x420
[  279.588569][ T9316]  ksys_read+0x19d/0x2d0
[  279.588580][ T9316]  ? __pfx_ksys_read+0x10/0x10
[  279.588592][ T9316]  ? do_syscall_64+0xb6/0x230
[  279.588606][ T9316]  do_syscall_64+0xf3/0x230
[  279.588617][ T9316]  ? clear_bhb_loop+0x45/0xa0
[  279.588627][ T9316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.588636][ T9316] RIP: 0033:0x7efe0a78bb7c
[  279.588645][ T9316] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  279.588653][ T9316] RSP: 002b:00007efe0b54c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  279.588665][ T9316] RAX: ffffffffffffffda RBX: 00007efe0a9a5fa0 RCX: 00007efe0a78bb7c
[  279.588672][ T9316] RDX: 000000000000000f RSI: 00007efe0b54c0a0 RDI: 0000000000000004
[  279.588677][ T9316] RBP: 00007efe0b54c090 R08: 0000000000000000 R09: 0000000000000000
[  279.588683][ T9316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.588689][ T9316] R13: 0000000000000000 R14: 00007efe0a9a5fa0 R15: 00007efe0aacfa28
[  279.588706][ T9316]  </TASK>
[  280.394773][ T9323] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1016'.
[  280.545948][    T9] usb 3-1: USB disconnect, device number 45
[  280.613030][   T24] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  280.683481][ T5890] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  280.763852][   T24] usb 5-1: too many configurations: 184, using maximum allowed: 8
[  280.791783][   T24] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  280.811386][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.830206][   T24] usb 5-1: Product: syz
[  280.836401][   T24] usb 5-1: Manufacturer: syz
[  280.841067][   T24] usb 5-1: SerialNumber: syz
[  280.850430][   T24] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  280.860992][ T5890] usb 1-1: Using ep0 maxpacket: 16
[  280.871872][ T5890] usb 1-1: unable to get BOS descriptor or descriptor too short
[  280.890499][ T1065] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  280.906600][ T5890] usb 1-1: config 7 has an invalid interface number: 79 but max is 0
[  280.932580][ T5890] usb 1-1: config 7 has no interface number 0
[  280.943697][ T5890] usb 1-1: config 7 interface 79 altsetting 6 endpoint 0xF has invalid maxpacket 512, setting to 64
[  280.956099][ T5890] usb 1-1: config 7 interface 79 altsetting 6 endpoint 0x7 has an invalid bInterval 64, changing to 10
[  280.970250][ T5890] usb 1-1: config 7 interface 79 has no altsetting 0
[  280.988958][ T5890] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=f4.98
[  280.998867][ T5890] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.007383][ T5890] usb 1-1: Product: syz
[  281.019163][ T5890] usb 1-1: Manufacturer: syz
[  281.038019][ T5890] usb 1-1: SerialNumber: syz
[  281.041578][ T9342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.073665][ T9342] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  281.131789][ T9345] FAULT_INJECTION: forcing a failure.
[  281.131789][ T9345] name failslab, interval 1, probability 0, space 0, times 0
[  281.144887][ T9345] CPU: 1 UID: 0 PID: 9345 Comm: syz.3.1023 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  281.144912][ T9345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  281.144925][ T9345] Call Trace:
[  281.144932][ T9345]  <TASK>
[  281.144939][ T9345]  dump_stack_lvl+0x241/0x360
[  281.144965][ T9345]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.144985][ T9345]  ? __pfx__printk+0x10/0x10
[  281.145007][ T9345]  ? __pfx___might_resched+0x10/0x10
[  281.145025][ T9345]  should_fail_ex+0x424/0x570
[  281.145047][ T9345]  should_failslab+0xac/0x100
[  281.145068][ T9345]  __kmalloc_noprof+0xdf/0x4d0
[  281.145088][ T9345]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  281.145105][ T9345]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  281.145126][ T9345]  tomoyo_realpath_from_path+0xcf/0x5e0
[  281.145149][ T9345]  tomoyo_path_number_perm+0x245/0x790
[  281.145170][ T9345]  ? tomoyo_path_number_perm+0x215/0x790
[  281.145193][ T9345]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  281.145218][ T9345]  ? ksys_write+0x24e/0x2d0
[  281.145241][ T9345]  ? __lock_acquire+0xad5/0xd80
[  281.145274][ T9345]  ? __fget_files+0x2a/0x420
[  281.145288][ T9345]  ? __fget_files+0x2a/0x420
[  281.145305][ T9345]  ? __fget_files+0x2a/0x420
[  281.145322][ T9345]  security_file_ioctl+0xc6/0x2a0
[  281.145344][ T9345]  __se_sys_ioctl+0x46/0x160
[  281.145365][ T9345]  do_syscall_64+0xf3/0x230
[  281.145385][ T9345]  ? clear_bhb_loop+0x45/0xa0
[  281.145403][ T9345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.145419][ T9345] RIP: 0033:0x7efe0a78d169
[  281.145433][ T9345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.145447][ T9345] RSP: 002b:00007efe0b54c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  281.145465][ T9345] RAX: ffffffffffffffda RBX: 00007efe0a9a5fa0 RCX: 00007efe0a78d169
[  281.145477][ T9345] RDX: 0000200000000040 RSI: 0000000040383d0c RDI: 0000000000000003
[  281.145488][ T9345] RBP: 00007efe0b54c090 R08: 0000000000000000 R09: 0000000000000000
[  281.145498][ T9345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.145507][ T9345] R13: 0000000000000000 R14: 00007efe0a9a5fa0 R15: 00007efe0aacfa28
[  281.145534][ T9345]  </TASK>
[  281.146160][ T9345] ERROR: Out of memory at tomoyo_realpath_from_path.
[  281.412034][ T5890] usb 1-1: USB disconnect, device number 39
[  281.471802][ T9342] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1022'.
[  281.533564][ T9342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  281.544059][ T9342] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.030927][ T1065] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  282.103337][ T1065] ath9k_htc: Failed to initialize the device
[  282.238753][ T1065] usb 5-1: ath9k_htc: USB layer deinitialized
[  282.500712][ T9373] netlink: 'syz.0.1030': attribute type 1 has an invalid length.
[  282.532412][ T9373] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1030'.
[  282.732387][ T9372] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  282.743073][ T9372] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.785805][    T9] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  282.933253][    T9] usb 3-1: device descriptor read/64, error -71
[  283.173105][    T9] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  283.301494][ T5886] usb 5-1: USB disconnect, device number 43
[  283.310380][    T9] usb 3-1: device descriptor read/64, error -71
[  283.423439][    T9] usb usb3-port1: attempt power cycle
[  283.808084][ T9391] FAULT_INJECTION: forcing a failure.
[  283.808084][ T9391] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.821894][ T9391] CPU: 1 UID: 0 PID: 9391 Comm: syz.4.1037 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  283.821911][ T9391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  283.821918][ T9391] Call Trace:
[  283.821922][ T9391]  <TASK>
[  283.821926][ T9391]  dump_stack_lvl+0x241/0x360
[  283.821945][ T9391]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.821956][ T9391]  ? __pfx__printk+0x10/0x10
[  283.821972][ T9391]  should_fail_ex+0x424/0x570
[  283.821985][ T9391]  _copy_from_user+0x2d/0xb0
[  283.821994][ T9391]  copy_msghdr_from_user+0xb3/0x580
[  283.822009][ T9391]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  283.822020][ T9391]  ? __fget_files+0x2a/0x420
[  283.822030][ T9391]  ? __fget_files+0x2a/0x420
[  283.822041][ T9391]  __sys_sendmsg+0x20a/0x360
[  283.822052][ T9391]  ? __pfx___sys_sendmsg+0x10/0x10
[  283.822078][ T9391]  ? do_syscall_64+0xb6/0x230
[  283.822092][ T9391]  do_syscall_64+0xf3/0x230
[  283.822103][ T9391]  ? clear_bhb_loop+0x45/0xa0
[  283.822114][ T9391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.822123][ T9391] RIP: 0033:0x7fa75e78d169
[  283.822132][ T9391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.822140][ T9391] RSP: 002b:00007fa75f571038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.822151][ T9391] RAX: ffffffffffffffda RBX: 00007fa75e9a5fa0 RCX: 00007fa75e78d169
[  283.822158][ T9391] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000009
[  283.822164][ T9391] RBP: 00007fa75f571090 R08: 0000000000000000 R09: 0000000000000000
[  283.822170][ T9391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.822175][ T9391] R13: 0000000000000000 R14: 00007fa75e9a5fa0 R15: 00007fa75eacfa28
[  283.822187][ T9391]  </TASK>
[  283.853030][    T9] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  284.083615][ T9392] netlink: 'syz.3.1036': attribute type 39 has an invalid length.
[  284.167061][ T9384] dccp_close: ABORT with 32 bytes unread
[  284.504854][    T9] usb 3-1: device descriptor read/8, error -71
[  284.563081][ T5886] usb 4-1: new low-speed USB device number 37 using dummy_hcd
[  284.714667][ T5886] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  284.733760][ T5886] usb 4-1: config 0 has no interface number 0
[  284.973015][    T9] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  285.021805][    T9] usb 3-1: device descriptor read/8, error -71
[  285.032657][ T5886] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  285.078286][ T9408] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1043'.
[  285.081903][ T5886] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  285.153510][    T9] usb usb3-port1: unable to enumerate USB device
[  285.180583][ T5886] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  285.215279][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.244211][ T5886] usb 4-1: config 0 descriptor??
[  285.253082][ T9397] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  285.270582][ T5886] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  285.724533][ T9422] FAULT_INJECTION: forcing a failure.
[  285.724533][ T9422] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.743276][ T5886] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  285.786887][ T9422] CPU: 0 UID: 0 PID: 9422 Comm: syz.2.1046 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  285.786913][ T9422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  285.786923][ T9422] Call Trace:
[  285.786929][ T9422]  <TASK>
[  285.786936][ T9422]  dump_stack_lvl+0x241/0x360
[  285.786964][ T9422]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.786984][ T9422]  ? __pfx__printk+0x10/0x10
[  285.787010][ T9422]  should_fail_ex+0x424/0x570
[  285.787027][ T9422]  _copy_from_user+0x2d/0xb0
[  285.787040][ T9422]  copy_msghdr_from_user+0xb3/0x580
[  285.787060][ T9422]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  285.787074][ T9422]  ? __fget_files+0x2a/0x420
[  285.787087][ T9422]  ? __fget_files+0x2a/0x420
[  285.787102][ T9422]  __sys_sendmmsg+0x361/0x7b0
[  285.787125][ T9422]  ? __pfx___sys_sendmmsg+0x10/0x10
[  285.787154][ T9422]  ? rcu_read_lock_any_held+0xbb/0x160
[  285.787169][ T9422]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  285.787185][ T9422]  ? vfs_write+0xb29/0xd10
[  285.787202][ T9422]  ? ksys_write+0x24e/0x2d0
[  285.787217][ T9422]  ? __mutex_unlock_slowpath+0x229/0x800
[  285.787246][ T9422]  ? ksys_write+0x275/0x2d0
[  285.787265][ T9422]  __x64_sys_sendmmsg+0xa0/0xb0
[  285.787279][ T9422]  do_syscall_64+0xf3/0x230
[  285.787295][ T9422]  ? clear_bhb_loop+0x45/0xa0
[  285.787309][ T9422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.787321][ T9422] RIP: 0033:0x7fca8358d169
[  285.787333][ T9422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.787343][ T9422] RSP: 002b:00007fca844cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  285.787358][ T9422] RAX: ffffffffffffffda RBX: 00007fca837a5fa0 RCX: 00007fca8358d169
[  285.787368][ T9422] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000003
[  285.787377][ T9422] RBP: 00007fca844cc090 R08: 0000000000000000 R09: 0000000000000000
[  285.787385][ T9422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.787392][ T9422] R13: 0000000000000000 R14: 00007fca837a5fa0 R15: 00007fca838cfa28
[  285.787409][ T9422]  </TASK>
[  286.031988][ T9425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.040549][ T9425] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  286.100293][ T9423] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1039'.
[  286.109687][ T5886] usb 5-1: too many configurations: 184, using maximum allowed: 8
[  286.136936][ T5886] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  286.146208][ T5886] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.154325][ T5886] usb 5-1: Product: syz
[  286.158576][ T5886] usb 5-1: Manufacturer: syz
[  286.163252][ T5886] usb 5-1: SerialNumber: syz
[  286.182673][ T5886] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  286.208701][ T5886] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  286.692751][    T9] usb 4-1: USB disconnect, device number 37
[  286.967043][ T9435] fuse: Unknown parameter 'group_id00000000000000000000'
[  287.263059][ T5886] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  287.286732][ T5886] ath9k_htc: Failed to initialize the device
[  287.325246][ T5886] usb 5-1: ath9k_htc: USB layer deinitialized
[  287.393413][ T9440] FAULT_INJECTION: forcing a failure.
[  287.393413][ T9440] name failslab, interval 1, probability 0, space 0, times 0
[  287.607829][ T9440] CPU: 0 UID: 0 PID: 9440 Comm: syz.0.1051 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  287.607856][ T9440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  287.607866][ T9440] Call Trace:
[  287.607873][ T9440]  <TASK>
[  287.607880][ T9440]  dump_stack_lvl+0x241/0x360
[  287.607906][ T9440]  ? __pfx_dump_stack_lvl+0x10/0x10
[  287.607926][ T9440]  ? __pfx__printk+0x10/0x10
[  287.607948][ T9440]  ? __pfx___might_resched+0x10/0x10
[  287.607969][ T9440]  should_fail_ex+0x424/0x570
[  287.607990][ T9440]  should_failslab+0xac/0x100
[  287.608012][ T9440]  __kmalloc_noprof+0xdf/0x4d0
[  287.608031][ T9440]  ? tomoyo_realpath_from_path+0xc2/0x5e0
[  287.608049][ T9440]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  287.608070][ T9440]  tomoyo_realpath_from_path+0xcf/0x5e0
[  287.608095][ T9440]  tomoyo_path_number_perm+0x245/0x790
[  287.608120][ T9440]  ? tomoyo_path_number_perm+0x215/0x790
[  287.608144][ T9440]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  287.608171][ T9440]  ? ksys_write+0x24e/0x2d0
[  287.608194][ T9440]  ? __lock_acquire+0xad5/0xd80
[  287.608227][ T9440]  ? __fget_files+0x2a/0x420
[  287.608241][ T9440]  ? __fget_files+0x2a/0x420
[  287.608257][ T9440]  ? __fget_files+0x2a/0x420
[  287.608275][ T9440]  security_file_ioctl+0xc6/0x2a0
[  287.608298][ T9440]  __se_sys_ioctl+0x46/0x160
[  287.608325][ T9440]  do_syscall_64+0xf3/0x230
[  287.608353][ T9440]  ? clear_bhb_loop+0x45/0xa0
[  287.608374][ T9440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.608389][ T9440] RIP: 0033:0x7fb03798d169
[  287.608403][ T9440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.608416][ T9440] RSP: 002b:00007fb03881e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  287.608434][ T9440] RAX: ffffffffffffffda RBX: 00007fb037ba5fa0 RCX: 00007fb03798d169
[  287.608447][ T9440] RDX: 0000200000000000 RSI: 0000000040085112 RDI: 0000000000000003
[  287.608457][ T9440] RBP: 00007fb03881e090 R08: 0000000000000000 R09: 0000000000000000
[  287.608468][ T9440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.608477][ T9440] R13: 0000000000000000 R14: 00007fb037ba5fa0 R15: 00007fb037ccfa28
[  287.608498][ T9440]  </TASK>
[  287.886799][ T9440] ERROR: Out of memory at tomoyo_realpath_from_path.
[  288.262042][ T9444] FAULT_INJECTION: forcing a failure.
[  288.262042][ T9444] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.305302][ T9444] CPU: 0 UID: 0 PID: 9444 Comm: syz.0.1053 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  288.305319][ T9444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  288.305326][ T9444] Call Trace:
[  288.305330][ T9444]  <TASK>
[  288.305335][ T9444]  dump_stack_lvl+0x241/0x360
[  288.305353][ T9444]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.305365][ T9444]  ? __pfx__printk+0x10/0x10
[  288.305383][ T9444]  should_fail_ex+0x424/0x570
[  288.305397][ T9444]  _copy_from_user+0x2d/0xb0
[  288.305406][ T9444]  copy_msghdr_from_user+0xb3/0x580
[  288.305420][ T9444]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  288.305431][ T9444]  ? __fget_files+0x2a/0x420
[  288.305441][ T9444]  ? __fget_files+0x2a/0x420
[  288.305452][ T9444]  __sys_sendmsg+0x20a/0x360
[  288.305463][ T9444]  ? __pfx___sys_sendmsg+0x10/0x10
[  288.305489][ T9444]  ? do_syscall_64+0xb6/0x230
[  288.305502][ T9444]  do_syscall_64+0xf3/0x230
[  288.305516][ T9444]  ? clear_bhb_loop+0x45/0xa0
[  288.305527][ T9444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.305537][ T9444] RIP: 0033:0x7fb03798d169
[  288.305545][ T9444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.305553][ T9444] RSP: 002b:00007fb03881e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  288.305564][ T9444] RAX: ffffffffffffffda RBX: 00007fb037ba5fa0 RCX: 00007fb03798d169
[  288.305571][ T9444] RDX: 0000000020004090 RSI: 0000200000000180 RDI: 0000000000000004
[  288.305577][ T9444] RBP: 00007fb03881e090 R08: 0000000000000000 R09: 0000000000000000
[  288.305583][ T9444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.305589][ T9444] R13: 0000000000000000 R14: 00007fb037ba5fa0 R15: 00007fb037ccfa28
[  288.305600][ T9444]  </TASK>
[  288.560357][    T9] usb 5-1: USB disconnect, device number 44
[  288.989258][ T9455] tipc: Resetting bearer <eth:team0>
[  289.111411][ T9455] veth1_vlan: left allmulticast mode
[  289.204164][ T9455] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  289.213815][ T9455] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  289.222769][ T9455] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  289.231736][ T9455] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  289.593975][ T9462] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.612725][ T9462] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.998104][ T9474] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1059'.
[  290.116776][ T9462] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  290.133209][ T9462] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  290.181831][ T9473] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1061'.
[  290.191403][ T9473] bridge_slave_1: left allmulticast mode
[  290.197326][ T9473] bridge_slave_1: left promiscuous mode
[  290.206510][ T9473] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.240410][ T9473] bridge_slave_0: left allmulticast mode
[  290.248506][ T9473] bridge_slave_0: left promiscuous mode
[  290.261212][ T9473] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.915708][ T9479] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  290.943723][ T9479] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.232592][ T9488] fuse: Unknown parameter 'group_id00000000000000000000'
[  291.250730][ T9490] FAULT_INJECTION: forcing a failure.
[  291.250730][ T9490] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  291.284553][ T9490] CPU: 1 UID: 0 PID: 9490 Comm: syz.1.1065 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  291.284570][ T9490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  291.284576][ T9490] Call Trace:
[  291.284580][ T9490]  <TASK>
[  291.284584][ T9490]  dump_stack_lvl+0x241/0x360
[  291.284602][ T9490]  ? __pfx_dump_stack_lvl+0x10/0x10
[  291.284615][ T9490]  ? __pfx__printk+0x10/0x10
[  291.284629][ T9490]  should_fail_ex+0x424/0x570
[  291.284643][ T9490]  prepare_alloc_pages+0x1dd/0x5c0
[  291.284656][ T9490]  __alloc_frozen_pages_noprof+0x181/0x7b0
[  291.284668][ T9490]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  291.284677][ T9490]  ? is_bpf_text_address+0x26/0x2a0
[  291.284693][ T9490]  alloc_pages_mpol+0x339/0x690
[  291.284707][ T9490]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  291.284719][ T9490]  ? __lock_acquire+0xad5/0xd80
[  291.284736][ T9490]  vma_alloc_folio_noprof+0x12d/0x260
[  291.284749][ T9490]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  291.284764][ T9490]  folio_prealloc+0x2e/0x170
[  291.284775][ T9490]  __handle_mm_fault+0x32e8/0x6ef0
[  291.284793][ T9490]  ? __pfx___handle_mm_fault+0x10/0x10
[  291.284801][ T9490]  ? ima_get_action+0x75/0xb0
[  291.284816][ T9490]  ? mtree_range_walk+0x700/0x8e0
[  291.284831][ T9490]  ? mt_find+0x28a/0x8f0
[  291.284842][ T9490]  ? mt_find+0x28a/0x8f0
[  291.284853][ T9490]  ? mt_find+0x699/0x8f0
[  291.284865][ T9490]  ? mt_find+0x28a/0x8f0
[  291.284877][ T9490]  ? __pfx_mt_find+0x10/0x10
[  291.284894][ T9490]  ? find_vma+0xfa/0x170
[  291.284903][ T9490]  ? __pfx_find_vma+0x10/0x10
[  291.284912][ T9490]  handle_mm_fault+0x3fa/0x900
[  291.284924][ T9490]  exc_page_fault+0x2bb/0x8b0
[  291.284937][ T9490]  asm_exc_page_fault+0x26/0x30
[  291.284946][ T9490] RIP: 0010:rep_stos_alternative+0x40/0x80
[  291.284956][ T9490] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  291.284964][ T9490] RSP: 0018:ffffc9000fab7938 EFLAGS: 00050202
[  291.284973][ T9490] RAX: 0000000000000000 RBX: 0000200000002380 RCX: 0000000000000380
[  291.284980][ T9490] RDX: 0000000000000001 RSI: ffffffff8e4d4c3e RDI: 0000200000002000
[  291.284986][ T9490] RBP: ffffc9000fab7aa0 R08: 0000000000000001 R09: 0000000000000000
[  291.284992][ T9490] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000
[  291.284997][ T9490] R13: 0000000000001000 R14: 0000200000001380 R15: 1ffff92001f56f38
[  291.285010][ T9490]  iov_iter_zero+0x3f8/0x1ad0
[  291.285028][ T9490]  ? __pfx_iov_iter_zero+0x10/0x10
[  291.285042][ T9490]  ? __pfx_aa_file_perm+0x10/0x10
[  291.285056][ T9490]  read_iter_zero+0x88/0x290
[  291.285072][ T9490]  do_iter_readv_writev+0x71f/0x9d0
[  291.285085][ T9490]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  291.285098][ T9490]  ? bpf_lsm_file_permission+0x9/0x10
[  291.285117][ T9490]  ? rw_verify_area+0x246/0x630
[  291.285128][ T9490]  vfs_readv+0x2b5/0xa80
[  291.285141][ T9490]  ? __pfx_vfs_readv+0x10/0x10
[  291.285160][ T9490]  ? __fget_files+0x2a/0x420
[  291.285170][ T9490]  ? __fget_files+0x39d/0x420
[  291.285177][ T9490]  ? __fget_files+0x2a/0x420
[  291.285188][ T9490]  __se_sys_preadv2+0x1b8/0x2d0
[  291.285200][ T9490]  ? __pfx___se_sys_preadv2+0x10/0x10
[  291.285213][ T9490]  ? __x64_sys_preadv2+0x21/0xf0
[  291.285225][ T9490]  do_syscall_64+0xf3/0x230
[  291.285237][ T9490]  ? clear_bhb_loop+0x45/0xa0
[  291.285247][ T9490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.285255][ T9490] RIP: 0033:0x7fb79ab8d169
[  291.285263][ T9490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.285271][ T9490] RSP: 002b:00007fb79b90c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147
[  291.285280][ T9490] RAX: ffffffffffffffda RBX: 00007fb79ada5fa0 RCX: 00007fb79ab8d169
[  291.285287][ T9490] RDX: 0000000000000002 RSI: 0000200000001540 RDI: 0000000000000005
[  291.285292][ T9490] RBP: 00007fb79b90c090 R08: 0000000000000000 R09: 0000000000000000
[  291.285298][ T9490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.285303][ T9490] R13: 0000000000000000 R14: 00007fb79ada5fa0 R15: 00007fb79aecfa28
[  291.285314][ T9490]  </TASK>
[  292.281829][ T9497] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.322495][ T9497] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  292.433034][    T9] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  292.453103][ T1065] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  292.583241][    T9] usb 3-1: Using ep0 maxpacket: 16
[  292.596775][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.607788][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  292.617520][ T1065] usb 5-1: too many configurations: 184, using maximum allowed: 8
[  292.626207][    T9] usb 3-1: New USB device found, idVendor=1b96, idProduct=0007, bcdDevice= 0.00
[  292.635317][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.644985][    T9] usb 3-1: config 0 descriptor??
[  292.656174][ T1065] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  292.665484][ T1065] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.676442][ T1065] usb 5-1: Product: syz
[  292.680625][ T1065] usb 5-1: Manufacturer: syz
[  292.685280][ T1065] usb 5-1: SerialNumber: syz
[  292.695215][ T1065] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  292.714654][   T24] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  292.753180][ T5886] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  292.903161][ T5886] usb 1-1: Using ep0 maxpacket: 16
[  292.914448][ T5886] usb 1-1: config 0 has an invalid interface number: 161 but max is 0
[  292.927574][ T5886] usb 1-1: config 0 has no interface number 0
[  292.936945][ T9505] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1071'.
[  292.953072][ T5886] usb 1-1: config 0 interface 161 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 64
[  292.977435][ T5886] usb 1-1: New USB device found, idVendor=0bfd, idProduct=0102, bcdDevice=9a.fd
[  292.998772][ T5886] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.017213][ T5886] usb 1-1: Product: syz
[  293.028233][ T5886] usb 1-1: Manufacturer: syz
[  293.039546][ T5886] usb 1-1: SerialNumber: syz
[  293.045395][ T9507] FAULT_INJECTION: forcing a failure.
[  293.045395][ T9507] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.060258][ T9507] CPU: 0 UID: 0 PID: 9507 Comm: syz.1.1072 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  293.060283][ T9507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  293.060294][ T9507] Call Trace:
[  293.060300][ T9507]  <TASK>
[  293.060309][ T9507]  dump_stack_lvl+0x241/0x360
[  293.060335][ T9507]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.060353][ T9507]  ? __pfx__printk+0x10/0x10
[  293.060378][ T9507]  should_fail_ex+0x424/0x570
[  293.060397][ T9507]  _copy_from_user+0x2d/0xb0
[  293.060412][ T9507]  move_addr_to_kernel+0x8c/0x170
[  293.060434][ T9507]  __sys_sendto+0x26a/0x4c0
[  293.060452][ T9507]  ? __pfx___sys_sendto+0x10/0x10
[  293.060472][ T9507]  ? __fget_files+0x2a/0x420
[  293.060492][ T9507]  ? ksys_write+0x275/0x2d0
[  293.060514][ T9507]  __x64_sys_sendto+0xde/0x100
[  293.060530][ T9507]  do_syscall_64+0xf3/0x230
[  293.060550][ T9507]  ? clear_bhb_loop+0x45/0xa0
[  293.060566][ T9507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.060581][ T9507] RIP: 0033:0x7fb79ab8d169
[  293.060596][ T9507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.060609][ T9507] RSP: 002b:00007fb79b90c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  293.060626][ T9507] RAX: ffffffffffffffda RBX: 00007fb79ada5fa0 RCX: 00007fb79ab8d169
[  293.060639][ T9507] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000003
[  293.060649][ T9507] RBP: 00007fb79b90c090 R08: 00002000000000c0 R09: 0000000000000010
[  293.060661][ T9507] R10: 00000000040048c4 R11: 0000000000000246 R12: 0000000000000001
[  293.060671][ T9507] R13: 0000000000000000 R14: 00007fb79ada5fa0 R15: 00007fb79aecfa28
[  293.060693][ T9507]  </TASK>
[  293.061527][ T5886] usb 1-1: config 0 descriptor??
[  293.284462][ T9503] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  293.300277][ T5886] kvaser_usb 1-1:0.161: error -ENODEV: Cannot get usb endpoint(s)
[  293.511756][ T5886] usb 1-1: USB disconnect, device number 40
[  293.645076][ T9519] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.653918][ T9519] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.753092][   T24] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  293.760728][   T24] ath9k_htc: Failed to initialize the device
[  293.786944][   T24] usb 5-1: ath9k_htc: USB layer deinitialized
[  294.546231][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  294.570668][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  294.580214][ T9529] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1081'.
[  294.615793][    T9] usb 3-1: USB disconnect, device number 50
[  294.636702][ T9530] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1081'.
[  294.774168][ T1065] usb 5-1: USB disconnect, device number 45
[  294.983036][ T9536] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1083'.
[  294.992671][ T9536] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1083'.
[  295.003059][ T5886] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  295.005372][ T9536] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1083'.
[  295.020492][ T9536] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1083'.
[  295.127388][ T9536] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1083'.
[  295.233484][ T5886] usb 4-1: device descriptor read/64, error -71
[  295.493451][ T5886] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  295.653120][ T5886] usb 4-1: device descriptor read/64, error -71
[  295.653753][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  295.653768][   T30] audit: type=1326 audit(1743171011.950:3252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9548 comm="syz.4.1087" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa75e78d169 code=0x0
[  295.744379][ T9550] bridge_slave_0: left allmulticast mode
[  295.750065][ T9550] bridge_slave_0: left promiscuous mode
[  295.755840][ T9550] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.786438][ T5886] usb usb4-port1: attempt power cycle
[  295.951340][ T9550] bridge_slave_1: left allmulticast mode
[  295.973420][ T9550] bridge_slave_1: left promiscuous mode
[  296.002831][ T9550] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.037574][ T9550] bond0: (slave bond_slave_0): Releasing backup interface
[  296.096196][ T9550] bond0: (slave bond_slave_1): Releasing backup interface
[  296.118304][ T9550] team0: Port device team_slave_0 removed
[  296.132171][ T9550] team0: Port device team_slave_1 removed
[  296.144030][ T9550] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  296.163282][ T9550] batman_adv: batadv0: Removing interface: batadv_slave_0
[  296.172255][ T9550] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  296.180749][ T9550] batman_adv: batadv0: Removing interface: batadv_slave_1
[  296.195202][ T9550] bond1: (slave gretap1): Releasing active interface
[  296.443783][ T5886] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  296.533847][ T5886] usb 4-1: device descriptor read/8, error -71
[  296.783159][ T5886] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  296.909732][   T24] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  296.913166][ T5886] usb 4-1: device descriptor read/8, error -71
[  297.033607][ T5886] usb usb4-port1: unable to enumerate USB device
[  297.073240][   T24] usb 1-1: Using ep0 maxpacket: 32
[  297.082407][   T24] usb 1-1: config 0 has no interfaces?
[  297.111221][   T24] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  297.143102][    T9] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  297.160712][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.190181][   T24] usb 1-1: config 0 descriptor??
[  297.233192][  T974] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  297.315157][    T9] usb 5-1: Using ep0 maxpacket: 16
[  297.332080][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  297.356266][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  297.366244][    T9] usb 5-1: New USB device found, idVendor=1b96, idProduct=0007, bcdDevice= 0.00
[  297.379068][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.392727][    T9] usb 5-1: config 0 descriptor??
[  297.410526][  T974] usb 3-1: Using ep0 maxpacket: 32
[  297.429341][  T974] usb 3-1: config 0 has no interfaces?
[  297.442641][  T974] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  297.456501][ T9561] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.467672][ T9561] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.479659][ T9570] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.491540][  T974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.522187][  T974] usb 3-1: config 0 descriptor??
[  297.562842][ T9570] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.686903][ T1065] usb 1-1: USB disconnect, device number 41
[  297.795100][ T9566] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.807100][ T9566] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.916624][ T1065] usb 3-1: USB disconnect, device number 51
[  298.921042][   T30] audit: type=1326 audit(1743171015.030:3253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  299.153047][ T5886] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  299.163209][   T30] audit: type=1326 audit(1743171015.030:3254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  299.266515][   T30] audit: type=1326 audit(1743171015.030:3255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  299.315067][ T5886] usb 3-1: Using ep0 maxpacket: 16
[  299.366286][ T5886] usb 3-1: unable to get BOS descriptor or descriptor too short
[  299.400014][ T5886] usb 3-1: config 1 has an invalid descriptor of length 186, skipping remainder of the config
[  299.417056][   T30] audit: type=1326 audit(1743171015.030:3256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  299.480453][ T5886] usb 3-1: config 1 interface 0 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  299.516313][ T5886] usb 3-1: config 1 interface 0 has no altsetting 0
[  299.527617][   T30] audit: type=1326 audit(1743171015.030:3257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  299.615435][ T5886] usb 3-1: string descriptor 0 read error: -22
[  299.625036][ T5886] usb 3-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40
[  299.723189][   T30] audit: type=1326 audit(1743171015.030:3258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  299.766324][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.036454][   T30] audit: type=1326 audit(1743171015.040:3259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  300.071104][ T5886] usbhid 3-1:1.0: couldn't find an input interrupt endpoint
[  300.112450][   T30] audit: type=1326 audit(1743171015.040:3260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  300.205606][ T9590] FAULT_INJECTION: forcing a failure.
[  300.205606][ T9590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  300.248945][ T9590] CPU: 1 UID: 0 PID: 9590 Comm: syz.0.1096 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  300.248972][ T9590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  300.248982][ T9590] Call Trace:
[  300.248986][ T9590]  <TASK>
[  300.248991][ T9590]  dump_stack_lvl+0x241/0x360
[  300.249011][ T9590]  ? __pfx_dump_stack_lvl+0x10/0x10
[  300.249022][ T9590]  ? __pfx__printk+0x10/0x10
[  300.249045][ T9590]  should_fail_ex+0x424/0x570
[  300.249066][ T9590]  _copy_from_user+0x2d/0xb0
[  300.249083][ T9590]  __sys_bpf+0x1cb/0x850
[  300.249105][ T9590]  ? __pfx___sys_bpf+0x10/0x10
[  300.249132][ T9590]  ? ksys_write+0x275/0x2d0
[  300.249148][ T9590]  __x64_sys_bpf+0x7c/0x90
[  300.249159][ T9590]  do_syscall_64+0xf3/0x230
[  300.249172][ T9590]  ? clear_bhb_loop+0x45/0xa0
[  300.249183][ T9590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.249197][ T9590] RIP: 0033:0x7fb03798d169
[  300.249212][ T9590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.249226][ T9590] RSP: 002b:00007fb03881e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  300.249244][ T9590] RAX: ffffffffffffffda RBX: 00007fb037ba5fa0 RCX: 00007fb03798d169
[  300.249256][ T9590] RDX: 0000000000000094 RSI: 0000200000000180 RDI: 0000000000000005
[  300.249267][ T9590] RBP: 00007fb03881e090 R08: 0000000000000000 R09: 0000000000000000
[  300.249278][ T9590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.249285][ T9590] R13: 0000000000000001 R14: 00007fb037ba5fa0 R15: 00007fb037ccfa28
[  300.249297][ T9590]  </TASK>
[  300.462120][   T30] audit: type=1326 audit(1743171015.040:3261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  300.610499][ T9586] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.643677][ T9586] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.689413][   T30] kauditd_printk_skb: 26 callbacks suppressed
[  300.689430][   T30] audit: type=1326 audit(1743171016.980:3288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  300.854641][   T30] audit: type=1326 audit(1743171017.050:3289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  300.888370][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  300.895581][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  300.916374][    T9] usb 5-1: USB disconnect, device number 46
[  301.036099][   T30] audit: type=1326 audit(1743171017.080:3290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fca8358cd6b code=0x7ffc0000
[  301.148471][   T30] audit: type=1326 audit(1743171017.090:3291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  301.450825][ T9606] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  301.474747][   T30] audit: type=1326 audit(1743171017.090:3292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  301.636413][   T30] audit: type=1326 audit(1743171017.200:3293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  301.701507][   T30] audit: type=1326 audit(1743171017.200:3294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  301.729096][   T30] audit: type=1326 audit(1743171017.200:3295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  301.752969][   T30] audit: type=1326 audit(1743171017.200:3296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fca8358cd6b code=0x7ffc0000
[  301.775736][   T30] audit: type=1326 audit(1743171017.200:3297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9583 comm="syz.2.1095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca8358d169 code=0x7ffc0000
[  302.104215][ T9608] "syz.3.1099" (9608) uses obsolete ecb(arc4) skcipher
[  302.129924][ T1065] usb 3-1: USB disconnect, device number 52
[  302.971184][ T9626] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.985591][ T9626] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  303.183384][ T5890] usb 1-1: new low-speed USB device number 42 using dummy_hcd
[  303.303096][  T974] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  303.355951][ T5890] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  303.393883][ T5890] usb 1-1: config 0 has no interface number 0
[  303.420610][ T5890] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  303.463223][  T974] usb 4-1: Using ep0 maxpacket: 32
[  303.469955][  T974] usb 4-1: config 0 has no interfaces?
[  303.475710][ T5890] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  303.489567][  T974] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  303.499640][  T974] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.512541][  T974] usb 4-1: config 0 descriptor??
[  303.537822][ T9633] netlink: 'syz.4.1106': attribute type 1 has an invalid length.
[  303.547031][ T5890] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  303.550978][ T9633] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1106'.
[  303.573112][ T9633] netlink: 'syz.4.1106': attribute type 1 has an invalid length.
[  303.621208][ T5890] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.638342][ T5890] usb 1-1: config 0 descriptor??
[  303.648261][ T9625] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  303.669989][ T5890] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  303.692531][    T9] hid (null): global environment stack underflow
[  303.706947][    T9] hid-generic 0009:0002:0081.0006: unknown main item tag 0x7
[  303.719806][    T9] hid-generic 0009:0002:0081.0006: unknown main item tag 0x5
[  303.732499][ T9628] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  303.749821][ T9628] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  303.757893][    T9] hid-generic 0009:0002:0081.0006: unknown main item tag 0x5
[  303.772737][    T9] hid-generic 0009:0002:0081.0006: global environment stack underflow
[  303.786148][    T9] hid-generic 0009:0002:0081.0006: item 0 0 1 11 parsing failed
[  303.803751][    T9] hid-generic 0009:0002:0081.0006: probe with driver hid-generic failed with error -22
[  303.837374][    T9] usb 4-1: USB disconnect, device number 42
[  303.953069][  T974] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  304.039632][ T9625] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1103'.
[  304.062566][ T9625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  304.078447][ T9625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  304.093101][  T974] usb 3-1: device descriptor read/64, error -71
[  304.187617][ T9641] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1109'.
[  304.199543][ T9641] netlink: 'syz.4.1109': attribute type 11 has an invalid length.
[  304.218321][ T9641] netlink: 'syz.4.1109': attribute type 14 has an invalid length.
[  304.343095][  T974] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  304.493061][  T974] usb 3-1: device descriptor read/64, error -71
[  304.603448][  T974] usb usb3-port1: attempt power cycle
[  304.623552][    T9] usb 1-1: USB disconnect, device number 42
[  304.788638][ T9651] ptrace attach of "./syz-executor exec"[5851] was attempted by ""[9651]
[  304.893265][ T5886] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  304.953128][  T974] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  304.983723][  T974] usb 3-1: device descriptor read/8, error -71
[  305.056549][ T5886] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  305.068313][ T5886] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  305.078435][ T5886] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  305.091694][ T5886] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  305.100804][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.111488][ T5886] usb 4-1: config 0 descriptor??
[  305.233128][  T974] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  305.253036][   T24] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  305.253715][  T974] usb 3-1: device descriptor read/8, error -71
[  305.322481][ T5886] plantronics 0003:047F:FFFF.0007: ignoring exceeding usage max
[  305.334921][ T5886] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  305.351629][ T5886] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  305.372326][ T5886] usb 4-1: USB disconnect, device number 43
[  305.378788][  T974] usb usb3-port1: unable to enumerate USB device
[  305.425244][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  305.443633][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  305.469316][   T24] usb 5-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1
[  305.482983][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.495704][   T24] usb 5-1: Product: syz
[  305.502459][   T24] usb 5-1: Manufacturer: syz
[  305.524525][   T24] usb 5-1: SerialNumber: syz
[  305.540072][   T24] usb 5-1: config 0 descriptor??
[  305.552836][ T9658] FAULT_INJECTION: forcing a failure.
[  305.552836][ T9658] name failslab, interval 1, probability 0, space 0, times 0
[  305.571280][   T24] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  305.590131][   T24] usb 5-1: Detected SIO
[  305.595908][   T24] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 4
[  305.603363][ T9658] CPU: 1 UID: 0 PID: 9658 Comm: syz.3.1114 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  305.603384][ T9658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  305.603403][ T9658] Call Trace:
[  305.603409][ T9658]  <TASK>
[  305.603415][ T9658]  dump_stack_lvl+0x241/0x360
[  305.603440][ T9658]  ? __pfx_dump_stack_lvl+0x10/0x10
[  305.603457][ T9658]  ? __pfx__printk+0x10/0x10
[  305.603477][ T9658]  ? __pfx___might_resched+0x10/0x10
[  305.603496][ T9658]  should_fail_ex+0x424/0x570
[  305.603518][ T9658]  should_failslab+0xac/0x100
[  305.603541][ T9658]  kmem_cache_alloc_noprof+0x78/0x390
[  305.603561][ T9658]  ? mas_alloc_nodes+0x25b/0x7e0
[  305.603583][ T9658]  mas_alloc_nodes+0x25b/0x7e0
[  305.603606][ T9658]  mas_preallocate+0x5ea/0x950
[  305.603629][ T9658]  ? __pfx_mas_preallocate+0x10/0x10
[  305.603651][ T9658]  ? __lock_acquire+0xad5/0xd80
[  305.603675][ T9658]  ? __mas_set_range+0x133/0x3c0
[  305.603699][ T9658]  commit_merge+0x467/0x800
[  305.603723][ T9658]  ? __pfx_commit_merge+0x10/0x10
[  305.603746][ T9658]  ? dup_anon_vma+0x76/0x2b0
[  305.603768][ T9658]  vma_merge_existing_range+0x1431/0x1770
[  305.603792][ T9658]  ? vma_merge_existing_range+0x751/0x1770
[  305.603814][ T9658]  ? vma_merge_existing_range+0x751/0x1770
[  305.603842][ T9658]  ? __pfx_vma_merge_existing_range+0x10/0x10
[  305.603871][ T9658]  vma_modify+0x76/0x390
[  305.603892][ T9658]  vma_modify_flags+0x3a7/0x430
[  305.603915][ T9658]  ? __pfx_vma_modify_flags+0x10/0x10
[  305.603949][ T9658]  mlock_fixup+0x21d/0x350
[  305.603974][ T9658]  apply_mlockall_flags+0x309/0x410
[  305.603997][ T9658]  ? __pfx_apply_mlockall_flags+0x10/0x10
[  305.604023][ T9658]  ? __do_sys_munlockall+0x5a/0x220
[  305.604051][ T9658]  __do_sys_munlockall+0x10a/0x220
[  305.604073][ T9658]  do_syscall_64+0xf3/0x230
[  305.604093][ T9658]  ? clear_bhb_loop+0x45/0xa0
[  305.604111][ T9658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.604133][ T9658] RIP: 0033:0x7efe0a78d169
[  305.604147][ T9658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.604161][ T9658] RSP: 002b:00007efe0b54c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[  305.604180][ T9658] RAX: ffffffffffffffda RBX: 00007efe0a9a5fa0 RCX: 00007efe0a78d169
[  305.604193][ T9658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  305.604202][ T9658] RBP: 00007efe0b54c090 R08: 0000000000000000 R09: 0000000000000000
[  305.604211][ T9658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.604221][ T9658] R13: 0000000000000000 R14: 00007efe0a9a5fa0 R15: 00007efe0aacfa28
[  305.604243][ T9658]  </TASK>
[  305.604263][ T9658] vmg ffffc9001b99fc40 dumped because: VM_WARN_ON_VMG(prev && start <= prev->vm_start)
[  305.893063][   T24] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 7
[  305.928036][ T9658] vmg ffffc9001b99fc40 state: mm ffff888022ae8a00 pgoff 200000000
[  305.928036][ T9658] vmi ffffc9001b99fde0 [200000000000,200000800000)
[  305.928036][ T9658] prev ffff88805d2ffc98 next 0000000000000000 vma ffff88805d2ffc98
[  305.928036][ T9658] start 200000000000 end 200000800000 flags 8100077
[  305.928036][ T9658] file 0000000000000000 anon_vma ffff88802e871aa0 policy 0000000000000000
[  305.928036][ T9658] uffd_ctx 0000000000000000
[  305.928036][ T9658] anon_name 0000000000000000
[  305.928036][ T9658] merge_flags 0 state 0
[  305.993340][   T24] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  306.031618][ T9658] vmg ffffc9001b99fc40 mm:
[  306.044576][ T9658] mm ffff888022ae8a00 task_size 140737488351232
[  306.044576][ T9658] mmap_base 139629576933376 mmap_legacy_base 48003218235392
[  306.044576][ T9658] pgd ffff888079108000 mm_users 3 mm_count 1 pgtables_bytes 135168 map_count 36
[  306.044576][ T9658] hiwater_rss 14e7 hiwater_vm 5f85 total_vm 5fc7 locked_vm 800
[  306.044576][ T9658] pinned_vm 0 data_vm 23da exec_vm 1a4 stack_vm 21
[  306.044576][ T9658] start_code 7efe0a648000 end_code 7efe0a7e9529 start_data 7efe0a980000 end_data 7efe0a980000
[  306.044576][ T9658] start_brk 55556cb16000 brk 55556cb4a000 start_stack 7fff22d52ed0
[  306.044576][ T9658] arg_start 7fff22d53f6d arg_end 7fff22d53f81 env_start 7fff22d53f81 env_end 7fff22d53fe9
[  306.044576][ T9658] binfmt ffffffff8eead160 flags 800007fd
[  306.044576][ T9658] ioctx_table 0000000000000000
[  306.044576][ T9658] owner ffff88802eff5a00 exe_file ffff8880277f3dc0
[  306.044576][ T9658] notifier_subscriptions 0000000000000000
[  306.044576][ T9658] numa_next_scan 4294967762 numa_scan_offset 0 numa_scan_seq 0
[  306.044576][ T9658] tlb_flush_pending 0
[  306.044576][ T9658] def_flags: 0x0()
[  306.198278][   T24] usb 5-1: USB disconnect, device number 47
[  306.207414][ T9658] vmg ffffc9001b99fc40 vma:
[  306.212050][ T9658] vma ffff88805d2ffc98 start 0000200000000000 end 0000200000800000 mm ffff888022ae8a00
[  306.212050][ T9658] prot 25 anon_vma ffff88802e871aa0 vm_ops 0000000000000000
[  306.212050][ T9658] pgoff 200000000 file 0000000000000000 private_data 0000000000000000
[  306.212050][ T9658] flags: 0x8102077(read|write|exec|mayread|maywrite|mayexec|locked|account|softdirty)
[  306.233396][   T24] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  306.270779][   T24] ftdi_sio 5-1:0.0: device disconnected
[  306.487082][ T9658] vmg ffffc9001b99fc40 prev:
[  306.492123][ T9658] vma ffff88805d2ffc98 start 0000200000000000 end 0000200000800000 mm ffff888022ae8a00
[  306.492123][ T9658] prot 25 anon_vma ffff88802e871aa0 vm_ops 0000000000000000
[  306.492123][ T9658] pgoff 200000000 file 0000000000000000 private_data 0000000000000000
[  306.492123][ T9658] flags: 0x8102077(read|write|exec|mayread|maywrite|mayexec|locked|account|softdirty)
[  306.583997][ T9658] vmg ffffc9001b99fc40 next: (NULL)
[  306.597247][ T9658] vmg ffffc9001b99fc40 vmi:
[  306.601870][ T9658] MAS: tree=ffff888022ae8a40 enode=ffff888024ab740c 
[  306.601891][ T9658] (ma_active)
[  306.610712][ T9658] Store Type: 
[  306.617388][ T9658] node_store
[  306.627528][ T9658] [6/10] index=200000000000 last=2000007fffff
[  306.642089][ T9658]      min=0 max=55556cb37fff alloc=0000000000000000, depth=1, flags=0
[  306.712281][ T9658] maple_tree(ffff888022ae8a40) flags 30B, height 2 root ffff888024ab6a1e
[  306.723368][ T9658] 0-ffffffffffffffff: node ffff888024ab6a00 depth 0 type 3 parent ffff888022ae8a41 contents: 35556bb15000 29a89baad000 1000 ffff8000dd2ac000 0 0 0 0 0 0 | 03 03| ffff888024ab740c 55556CB37FFF ffff888024fa700c 7EFE0A5FFFFF ffff888024ab7e0c 7EFE0B4DDFFF ffff88801c6f920c FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000
[  306.803322][ T9658]   0-55556cb37fff: node ffff888024ab7400 depth 1 type 1 parent ffff888024ab6a06 contents: 0000000000000000 110C22FFFF ffff88805d2ff3e0 110E22FFFF 0000000000000000 1B3011FFFF ffff88805d2ff0f8 1B3015FFFF 0000000000000000 1FFFFFFFEFFF ffff88805d2ffe88 1FFFFFFFFFFF ffff88805d2ffc98 2000007FFFFF ffff88807af459b0 200000FFFFFF ffff88805d2ffd90 200001000FFF 0000000000000000 55556CB15FFF ffff88805d2ff9b0 55556CB37FFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 000000000000000a
[  306.897690][ T9658]     0-110c22ffff: 0000000000000000
[  306.934103][ T9658]     110c230000-110e22ffff: ffff88805d2ff3e0
[  306.973372][ T9658]     110e230000-1b3011ffff: 0000000000000000
[  306.979962][ T9658]     1b30120000-1b3015ffff: ffff88805d2ff0f8
[  306.986850][ T9658]     1b30160000-1fffffffefff: 0000000000000000
[  306.993355][ T9658]     1ffffffff000-1fffffffffff: ffff88805d2ffe88
[  306.999873][ T9658]     200000000000-2000007fffff: ffff88805d2ffc98
[  307.006526][ T9658]     200000800000-200000ffffff: ffff88807af459b0
[  307.013096][ T9658]     200001000000-200001000fff: ffff88805d2ffd90
[  307.019716][ T9658]     200001001000-55556cb15fff: 0000000000000000
[  307.026419][ T9658]     55556cb16000-55556cb37fff: ffff88805d2ff9b0
[  307.032993][ T9658]   55556cb38000-7efe0a5fffff: node ffff888024fa7000 depth 1 type 1 parent ffff888024ab6a0e contents: ffff88805d2ff6c8 55556CB49FFF 0000000000000000 7EFE085F6FFF ffff88805d2ff1f0 7EFE085F7FFF ffff88805d2ff2e8 7EFE08DF7FFF ffff88805d2ff000 7EFE08DF8FFF ffff88807eac9e88 7EFE095F8FFF ffff888078d2dba0 7EFE095FAFFF ffff888078d2daa8 7EFE099FAFFF ffff888078d2d8b8 7EFE099FCFFF ffff888078d2d6c8 7EFE09DFCFFF ffff888078d2dc98 7EFE09DFEFFF ffff888078d2dd90 7EFE0A1FEFFF ffff888078d2de88 7EFE0A1FFFFF ffff88807d635d90 7EFE0A5FFFFF 0000000000000000 0 000000000000000d
[  307.112166][ T9658]     55556cb38000-55556cb49fff: ffff88805d2ff6c8
[  307.126227][ T9658]     55556cb4a000-7efe085f6fff: 0000000000000000
[  307.162241][ T9658]     7efe085f7000-7efe085f7fff: ffff88805d2ff1f0
[  307.197587][ T9658]     7efe085f8000-7efe08df7fff: ffff88805d2ff2e8
[  307.278730][ T9658]     7efe08df8000-7efe08df8fff: ffff88805d2ff000
[  307.395347][ T9658]     7efe08df9000-7efe095f8fff: ffff88807eac9e88
[  307.511618][ T9658]     7efe095f9000-7efe095fafff: ffff888078d2dba0
[  307.521047][ T9658]     7efe095fb000-7efe099fafff: ffff888078d2daa8
[  307.530023][ T9658]     7efe099fb000-7efe099fcfff: ffff888078d2d8b8
[  307.536601][ T9658]     7efe099fd000-7efe09dfcfff: ffff888078d2d6c8
[  307.553855][ T9658]     7efe09dfd000-7efe09dfefff: ffff888078d2dc98
[  307.568783][ T9658]     7efe09dff000-7efe0a1fefff: ffff888078d2dd90
[  307.628615][ T9658]     7efe0a1ff000-7efe0a1fffff: ffff888078d2de88
[  307.655525][ T9658]     7efe0a200000-7efe0a5fffff: ffff88807d635d90
[  307.671403][ T9658]   7efe0a600000-7efe0b4ddfff: node ffff888024ab7e00 depth 1 type 1 parent ffff888024ab6a16 contents: ffff88807d6355d0 7EFE0A647FFF ffff88807d6350f8 7EFE0A7E9FFF ffff88805f3769b0 7EFE0A895FFF ffff88805f3763e0 7EFE0A975FFF ffff88805f3768b8 7EFE0A97EFFF 0000000000000000 7EFE0A97FFFF ffff88805f376d90 7EFE0A9CFFFF ffff88805f3766c8 7EFE0A9D0FFF ffff88805f376ba0 7EFE0B4DDFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000008
[  308.037516][ T9658]     7efe0a600000-7efe0a647fff: ffff88807d6355d0
[  308.091154][ T9658]     7efe0a648000-7efe0a7e9fff: ffff88807d6350f8
[  308.253227][ T9658]     7efe0a7ea000-7efe0a895fff: ffff88805f3769b0
[  308.273165][ T9658]     7efe0a896000-7efe0a975fff: ffff88805f3763e0
[  308.279599][ T9658]     7efe0a976000-7efe0a97efff: ffff88805f3768b8
[  308.307886][ T9658]     7efe0a97f000-7efe0a97ffff: 0000000000000000
[  308.328423][ T9658]     7efe0a980000-7efe0a9cffff: ffff88805f376d90
[  308.349635][ T9658]     7efe0a9d0000-7efe0a9d0fff: ffff88805f3766c8
[  308.356948][ T9658]     7efe0a9d1000-7efe0b4ddfff: ffff88805f376ba0
[  308.365631][ T9658]   7efe0b4de000-ffffffffffffffff: node ffff88801c6f9200 depth 1 type 1 parent ffff888024ab6a1e contents: 0000000000000000 7EFE0B50AFFF ffff8880283a6000 7EFE0B50BFFF ffff88802f83a9b0 7EFE0B52BFFF ffff8880283a64d8 7EFE0B52CFFF ffff88802f83ac98 7EFE0B54CFFF ffff88805f3764d8 7EFE0B550FFF ffff88805f3765d0 7EFE0B552FFF ffff88805f376c98 7EFE0B554FFF 0000000000000000 7FFF22D32FFF ffff88805f376e88 7FFF22D53FFF 0000000000000000 FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 000000000000000a
[  308.455216][ T9658]     7efe0b4de000-7efe0b50afff: 0000000000000000
[  308.468949][ T9658]     7efe0b50b000-7efe0b50bfff: ffff8880283a6000
[  308.482797][ T9658]     7efe0b50c000-7efe0b52bfff: ffff88802f83a9b0
[  308.540845][ T9658]     7efe0b52c000-7efe0b52cfff: ffff8880283a64d8
[  308.671183][ T9658]     7efe0b52d000-7efe0b54cfff: ffff88802f83ac98
[  308.822854][ T9658]     7efe0b54d000-7efe0b550fff: ffff88805f3764d8
[  308.865694][ T9658]     7efe0b551000-7efe0b552fff: ffff88805f3765d0
[  308.886363][ T9658]     7efe0b553000-7efe0b554fff: ffff88805f376c98
[  308.892882][ T9658]     7efe0b555000-7fff22d32fff: 0000000000000000
[  308.903592][ T9658]     7fff22d33000-7fff22d53fff: ffff88805f376e88
[  308.916308][ T9658]     7fff22d54000-ffffffffffffffff: 0000000000000000
[  308.925239][ T9658] ------------[ cut here ]------------
[  308.930727][ T9658] WARNING: CPU: 0 PID: 9658 at mm/vma.c:734 vma_merge_existing_range+0x11ca/0x1770
[  308.940134][ T9658] Modules linked in:
[  308.944160][ T9658] CPU: 0 UID: 0 PID: 9658 Comm: syz.3.1114 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  308.955850][ T9658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  308.965958][ T9658] RIP: 0010:vma_merge_existing_range+0x11ca/0x1770
[  308.972481][ T9658] Code: 48 c7 c6 20 31 56 8c e8 d4 48 f2 ff 90 0f 0b 90 e9 fd f0 ff ff e8 c6 da a6 ff 4c 89 f7 48 c7 c6 a0 31 56 8c e8 b7 48 f2 ff 90 <0f> 0b 90 e9 61 f1 ff ff e8 a9 da a6 ff e9 7b f2 ff ff e8 9f da a6
[  308.992192][ T9658] RSP: 0018:ffffc9001b99fa40 EFLAGS: 00010282
[  308.998424][ T9658] RAX: ffffffff8c1d3d15 RBX: 0000200000000000 RCX: ffff888025318000
[  309.006617][ T9658] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff
[  309.014639][ T9658] RBP: ffffc9001b99fb90 R08: ffffffff8c1d3c10 R09: 1ffff92003733eb0
[  309.022600][ T9658] R10: dffffc0000000000 R11: fffff52003733eb1 R12: 0000200000800000
[  309.030764][ T9658] R13: 0000200000000000 R14: ffffc9001b99fc40 R15: ffff88805d2ffc98
[  309.038781][ T9658] FS:  00007efe0b54c6c0(0000) GS:ffff888124ff1000(0000) knlGS:0000000000000000
[  309.047738][ T9658] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  309.054345][ T9658] CR2: 0000200000300030 CR3: 0000000079108000 CR4: 00000000003526f0
[  309.062306][ T9658] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  309.070327][ T9658] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  309.078331][ T9658] Call Trace:
[  309.081594][ T9658]  <TASK>
[  309.084541][ T9658]  ? __warn+0x165/0x4d0
[  309.088680][ T9658]  ? vma_merge_existing_range+0x11ca/0x1770
[  309.094582][ T9658]  ? report_bug+0x2b3/0x500
[  309.099066][ T9658]  ? vma_merge_existing_range+0x11ca/0x1770
[  309.105042][ T9658]  ? vma_merge_existing_range+0x11ca/0x1770
[  309.110940][ T9658]  ? vma_merge_existing_range+0x11cc/0x1770
[  309.116914][ T9658]  ? handle_bug+0x89/0x170
[  309.121320][ T9658]  ? exc_invalid_op+0x1a/0x50
[  309.126017][ T9658]  ? asm_exc_invalid_op+0x1a/0x20
[  309.131030][ T9658]  ? mt_dump_node+0x1860/0x2290
[  309.135901][ T9658]  ? mt_dump_node+0x1965/0x2290
[  309.140740][ T9658]  ? vma_merge_existing_range+0x11ca/0x1770
[  309.146644][ T9658]  ? __pfx_vma_merge_existing_range+0x10/0x10
[  309.152696][ T9658]  vma_modify+0x76/0x390
[  309.156962][ T9658]  vma_modify_flags+0x3a7/0x430
[  309.161800][ T9658]  ? __pfx_vma_modify_flags+0x10/0x10
[  309.167202][ T9658]  mlock_fixup+0x21d/0x350
[  309.171604][ T9658]  apply_mlockall_flags+0x309/0x410
[  309.176881][ T9658]  ? __pfx_apply_mlockall_flags+0x10/0x10
[  309.182608][ T9658]  ? __do_sys_munlockall+0x5a/0x220
[  309.187853][ T9658]  __do_sys_munlockall+0x10a/0x220
[  309.192980][ T9658]  do_syscall_64+0xf3/0x230
[  309.197491][ T9658]  ? clear_bhb_loop+0x45/0xa0
[  309.202150][ T9658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.208073][ T9658] RIP: 0033:0x7efe0a78d169
[  309.212476][ T9658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.232131][ T9658] RSP: 002b:00007efe0b54c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[  309.240562][ T9658] RAX: ffffffffffffffda RBX: 00007efe0a9a5fa0 RCX: 00007efe0a78d169
[  309.248545][ T9658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  309.256521][ T9658] RBP: 00007efe0b54c090 R08: 0000000000000000 R09: 0000000000000000
[  309.264526][ T9658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  309.272485][ T9658] R13: 0000000000000000 R14: 00007efe0a9a5fa0 R15: 00007efe0aacfa28
[  309.280485][ T9658]  </TASK>
[  309.283561][ T9658] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  309.290828][ T9658] CPU: 0 UID: 0 PID: 9658 Comm: syz.3.1114 Not tainted 6.14.0-syzkaller-07422-gacb4f33713b9 #0 PREEMPT(full) 
[  309.302434][ T9658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  309.312472][ T9658] Call Trace:
[  309.315734][ T9658]  <TASK>
[  309.318656][ T9658]  dump_stack_lvl+0x241/0x360
[  309.323319][ T9658]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.328498][ T9658]  ? __pfx__printk+0x10/0x10
[  309.333071][ T9658]  ? vscnprintf+0x5d/0x90
[  309.337380][ T9658]  panic+0x349/0x880
[  309.341288][ T9658]  ? __warn+0x174/0x4d0
[  309.345432][ T9658]  ? __pfx_panic+0x10/0x10
[  309.349838][ T9658]  __warn+0x344/0x4d0
[  309.353802][ T9658]  ? vma_merge_existing_range+0x11ca/0x1770
[  309.359681][ T9658]  report_bug+0x2b3/0x500
[  309.363995][ T9658]  ? vma_merge_existing_range+0x11ca/0x1770
[  309.369873][ T9658]  ? vma_merge_existing_range+0x11ca/0x1770
[  309.375753][ T9658]  ? vma_merge_existing_range+0x11cc/0x1770
[  309.381632][ T9658]  handle_bug+0x89/0x170
[  309.385860][ T9658]  exc_invalid_op+0x1a/0x50
[  309.390380][ T9658]  asm_exc_invalid_op+0x1a/0x20
[  309.395211][ T9658] RIP: 0010:vma_merge_existing_range+0x11ca/0x1770
[  309.401698][ T9658] Code: 48 c7 c6 20 31 56 8c e8 d4 48 f2 ff 90 0f 0b 90 e9 fd f0 ff ff e8 c6 da a6 ff 4c 89 f7 48 c7 c6 a0 31 56 8c e8 b7 48 f2 ff 90 <0f> 0b 90 e9 61 f1 ff ff e8 a9 da a6 ff e9 7b f2 ff ff e8 9f da a6
[  309.421289][ T9658] RSP: 0018:ffffc9001b99fa40 EFLAGS: 00010282
[  309.427339][ T9658] RAX: ffffffff8c1d3d15 RBX: 0000200000000000 RCX: ffff888025318000
[  309.435295][ T9658] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff
[  309.443250][ T9658] RBP: ffffc9001b99fb90 R08: ffffffff8c1d3c10 R09: 1ffff92003733eb0
[  309.451205][ T9658] R10: dffffc0000000000 R11: fffff52003733eb1 R12: 0000200000800000
[  309.459157][ T9658] R13: 0000200000000000 R14: ffffc9001b99fc40 R15: ffff88805d2ffc98
[  309.467116][ T9658]  ? mt_dump_node+0x1860/0x2290
[  309.471954][ T9658]  ? mt_dump_node+0x1965/0x2290
[  309.476798][ T9658]  ? __pfx_vma_merge_existing_range+0x10/0x10
[  309.482885][ T9658]  vma_modify+0x76/0x390
[  309.487118][ T9658]  vma_modify_flags+0x3a7/0x430
[  309.491952][ T9658]  ? __pfx_vma_modify_flags+0x10/0x10
[  309.497315][ T9658]  mlock_fixup+0x21d/0x350
[  309.501722][ T9658]  apply_mlockall_flags+0x309/0x410
[  309.506910][ T9658]  ? __pfx_apply_mlockall_flags+0x10/0x10
[  309.512618][ T9658]  ? __do_sys_munlockall+0x5a/0x220
[  309.517803][ T9658]  __do_sys_munlockall+0x10a/0x220
[  309.522897][ T9658]  do_syscall_64+0xf3/0x230
[  309.527391][ T9658]  ? clear_bhb_loop+0x45/0xa0
[  309.532051][ T9658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.537923][ T9658] RIP: 0033:0x7efe0a78d169
[  309.542324][ T9658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.561920][ T9658] RSP: 002b:00007efe0b54c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[  309.570328][ T9658] RAX: ffffffffffffffda RBX: 00007efe0a9a5fa0 RCX: 00007efe0a78d169
[  309.578288][ T9658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  309.586245][ T9658] RBP: 00007efe0b54c090 R08: 0000000000000000 R09: 0000000000000000
[  309.594204][ T9658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  309.602163][ T9658] R13: 0000000000000000 R14: 00007efe0a9a5fa0 R15: 00007efe0aacfa28
[  309.610135][ T9658]  </TASK>
[  309.613452][ T9658] Kernel Offset: disabled
[  309.617883][ T9658] Rebooting in 86400 seconds..