last executing test programs:
10.564027241s ago: executing program 0 (id=1094):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010921"], 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006}]})
syz_usb_control_io(r0, &(0x7f00000008c0)={0x2c, 0x0, &(0x7f00000004c0)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000940)={0x18, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="000305"], 0x0, 0x0, 0x0}, 0x0)
8.151488014s ago: executing program 3 (id=1099):
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f00000000c0), 0x4)
syz_emit_ethernet(0x36, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xfffffffffffffe47)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_pidfd_open(0x0, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r2 = dup(0xffffffffffffffff)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, 0x0, 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000008113b0ffbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103600000000001d300500000000004704000001ed00000f030000000000001d44020000000000620a00fe040400007203000000000000e500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a8641aa05a1336b3b4c4becea710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343cccc953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c9102"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
7.124011456s ago: executing program 0 (id=1103):
socket$nl_rdma(0x10, 0x3, 0x14)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
r3 = memfd_create(&(0x7f00000002c0)='D\xa3\xd5Wj\x00\x00\x8b\x14\xc2\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x9b\x12\x0eW\xcf\t\xb0\xa9 +H/\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2y\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xde\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4\x86\xd4\xc9\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg(\x03\xa7\x92\xe5\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xf8A\xaf\\\xaa\xf5u\xde\xfa\xa1\xc0\xf9&gR\x81.\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b\x00'/244, 0x0)
write(r3, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
r4 = dup3(r2, 0xffffffffffffffff, 0x0)
fchdir(r4)
r5 = inotify_init1(0x0)
inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x40000277)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
close(r6)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r6, 0x0, 0x4ffe6, 0x0)
7.031155219s ago: executing program 0 (id=1104):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$PPPIOCDISCONN(r0, 0x7439)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_MSRS(r5, 0xc048aeca, &(0x7f0000000040)=ANY=[@ANYRES16=r1])
6.970089819s ago: executing program 0 (id=1105):
syz_usb_connect(0x0, 0x12c, &(0x7f00000011c0)={{0x12, 0x1, 0x0, 0xa5, 0x25, 0x58, 0x8, 0xf11, 0x1020, 0xa21b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x11a, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x8, 0x52, 0xf2, 0x0, [], [{{0x9, 0x5, 0xe, 0x4, 0x20, 0x8, 0xe, 0x78}}, {{0x9, 0x5, 0x3, 0x4, 0x10, 0x0, 0x9, 0x0, [@generic={0x43, 0x2, "16d2e213d13cac373996ef1c335dfe1e86ce1e9eb410618a20a71e286306b48c6f516b7b7eb0cf270d9aebf9eb7a0747dfa355db0467039ceae8e3fb54a638fa26"}]}}, {{0x9, 0x5, 0x80, 0x1, 0x0, 0x44, 0x7, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x8, 0x81}, @generic={0xa3, 0x22, "cd8fb4be601c38eb627cac7523afc664680912d03939c7d50b244ed811702b73366280eb3e767220674666155b7f43240c0cc407ab59bf54e5b24ba810b0b5a21c6b69f74a846e9135913a032a27f1d1dc9c845aad8f9b5972f990441c29ad067623ccc283421451f174164e887af106604ec61bf187b1cd1447370fa8ab5832875765ee15e563c39e10a1b0d80613bfce91f266c62d93878e447d71df88fe04c9"}]}}]}}]}}]}}, &(0x7f0000000e80)={0x0, 0x0, 0x5, &(0x7f0000000b80)={0x5, 0xf, 0x5}, 0x1, [{0x0, 0x0}]})
6.689706146s ago: executing program 3 (id=1106):
clock_nanosleep(0x2, 0x0, &(0x7f0000000300)={0x0, 0x989680}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_HANDLE(r1, 0x113, 0x3, 0x0, 0x0)
connect$phonet_pipe(r1, &(0x7f0000000140)={0x23, 0xff, 0x0, 0xf0}, 0x10)
socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000001c0)={0x3, "421ae3753795259249214c944122ad063ff47d3bd7a8a45d6b00c78a019a37b2", <r3=>0xffffffffffffffff})
ppoll(&(0x7f0000000040)=[{r3}], 0x1, &(0x7f0000000140), 0x0, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000640), 0x3a0c0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ppoll(&(0x7f00000006c0)=[{}, {r4, 0x44b8}, {0xffffffffffffffff, 0x8048}, {0xffffffffffffffff, 0x1120}, {0xffffffffffffffff, 0xc02f}, {0xffffffffffffffff, 0xbc66a0fa5b6f9da4}, {0xffffffffffffffff, 0x8201}, {r5, 0x80}, {0xffffffffffffffff, 0x18ec}], 0x9, &(0x7f0000000740), &(0x7f00000007c0), 0x8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000005400), 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000043c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}}], 0x1, 0x8c1)
fstat(0xffffffffffffffff, &(0x7f0000000780))
statx(0xffffffffffffff9c, &(0x7f0000000800)='./file0\x00', 0x4000, 0x10, &(0x7f0000000840))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, 0x0)
r7 = getpid()
fcntl$setownex(r6, 0xf, &(0x7f0000000040)={0x0, r7})
ioctl$sock_FIOGETOWN(r6, 0x8903, &(0x7f00000001c0)=<r8=>0x0)
wait4(r8, 0x0, 0x0, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r10=>0x0})
sendto$packet(r0, &(0x7f0000000180)="02033e00420002000000ab5d71acedd7c9560385dcb1080084d7dc039806112405ce811cc352", 0xff88, 0x0, &(0x7f0000000140)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @broadcast}, 0x14)
6.255708645s ago: executing program 3 (id=1109):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async, rerun: 64)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) (rerun: 64)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000001c0)=@security={'security\x00', 0x3a, 0x4, 0x338, 0xffffffff, 0x1a8, 0x0, 0x1a8, 0x90, 0xffffffff, 0x110, 0x2a0, 0x2a0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xb0, 0x110, 0x0, {}, [@common=@set={{0x40}}]}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}, {{@ip={@empty, @private, 0x0, 0x0, 'vlan0\x00', 'vlan0\x00'}, 0x0, 0x98, 0xf8, 0x0, {}, [@common=@ttl={{0x28}}]}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398) (async)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x6) (async, rerun: 64)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) (rerun: 64)
lseek(r3, 0x0, 0x1) (async, rerun: 32)
close(0x4) (rerun: 32)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
listen(r4, 0x0)
io_setup(0x3, &(0x7f0000000180)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000240)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="540000000002050500000000000000000000000004000290380002800c000280050001003a00000014000180080001016401010108000200ffffffff1400018008000100ac1e010108000200e000000204000180f236efd5bc9a48b2debc2e246b298a1107e6da0d6293f7a6f7b1bba926d83af46ca3bc3473e4a60e86358a5f9b97a234981fd92d0dffcb6dee4e"], 0x54}}, 0x0) (async)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x8001, 0x957, 0x1, 0x5, 0x2, {<r7=>0x0, @in={{0x2, 0x4e23, @loopback}}, 0x3, 0x8, 0x1ff, 0x6, 0x1}}, &(0x7f0000000040)=0xb0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r6, 0xb, &(0x7f0000000580)=[@ioring_restriction_sqe_flags_allowed={0x2, 0x18}, @ioring_restriction_sqe_flags_allowed={0x2, 0x19}, @ioring_restriction_register_op={0x0, 0x2}, @ioring_restriction_sqe_flags_required={0x3, 0x2}, @ioring_restriction_register_op={0x0, 0x16}, @ioring_restriction_register_op={0x0, 0x14}, @ioring_restriction_register_op={0x0, 0x4}, @ioring_restriction_sqe_op={0x1, 0x6}], 0x8) (async)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000340)={r7, @in={{0x2, 0x4e24, @local}}, 0x1000, 0x4, 0x5, 0x5, 0xd}, &(0x7f0000000140)=0x98)
6.092066757s ago: executing program 3 (id=1111):
socket$inet_udplite(0x2, 0x2, 0x88)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x83, 0x66, 0x7d, 0x10, 0x2040, 0x264, 0x4ed1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x90, 0xf1, 0x9c}}]}}]}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001940)={'wlan0\x00'})
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}]}, 0x1c}}, 0x0)
5.787459616s ago: executing program 4 (id=1113):
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
ioctl$CAPI_GET_PROFILE(r0, 0xc0104307, &(0x7f0000000040)=0x25)
r2 = socket$tipc(0x1e, 0x4, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10)
getsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f00000000c0), &(0x7f0000000140)=0x4)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f00000004c0)={0x5, 0x0, [{0xd000, 0x8e, &(0x7f0000000280)=""/142}, {0x2, 0xcd, &(0x7f00000003c0)=""/205}, {0xd000, 0x2c, &(0x7f0000000100)=""/44}, {0x5000, 0xf8, &(0x7f00000005c0)=""/248}, {0x2, 0xe5, &(0x7f00000006c0)=""/229}]})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
prlimit64(0x0, 0x0, &(0x7f0000000340)={0x8, 0xde}, 0x0)
setitimer(0x1, &(0x7f0000000580)={{0x77359400}, {0x0, 0xea60}}, 0x0)
prlimit64(0x0, 0xf, &(0x7f0000000140)={0x0, 0xffffffffffffffff}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_buf(r5, 0x1, 0x30, 0xffffffffffffffff, &(0x7f0000000000))
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003d000b08d25a80648c7494f90224fc600b0002400c000400040082c137153e3719ac018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
write(0xffffffffffffffff, &(0x7f00000000c0)="8f2a", 0x2)
syz_clone3(&(0x7f0000000340)={0x200103000, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58)
5.610850905s ago: executing program 4 (id=1114):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@allocspi={0xf8, 0x16, 0x3b5bef62e1571d3d, 0x0, 0x0, {{{@in6=@ipv4={'\x00', '\xff\xff', @empty}, @in=@local}, {@in=@multicast2, 0x0, 0x33}, @in6=@empty}}}, 0xf8}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0xa, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@private, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xa}]}, 0x38}}, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
syz_emit_ethernet(0x48, &(0x7f0000000200)={@broadcast, @local, @void, {@llc_tr={0x11, {@snap={0xab, 0xab, "c861", "de4266", 0x9, "8385226aea0bb406efb2187006124f52f388f0d520afbcc0ec47bea70ed8e6e5a3044a8f0761defdb32b934a58883a4a38"}}}}}, 0x0)
5.411967468s ago: executing program 4 (id=1115):
socket$nl_rdma(0x10, 0x3, 0x14)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
r3 = memfd_create(&(0x7f00000002c0)='D\xa3\xd5Wj\x00\x00\x8b\x14\xc2\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x9b\x12\x0eW\xcf\t\xb0\xa9 +H/\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2y\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xde\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4\x86\xd4\xc9\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg(\x03\xa7\x92\xe5\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xf8A\xaf\\\xaa\xf5u\xde\xfa\xa1\xc0\xf9&gR\x81.\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b\x00'/244, 0x0)
write(r3, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
dup3(r2, r3, 0x0)
fchdir(0xffffffffffffffff)
r4 = inotify_init1(0x0)
inotify_add_watch(r4, &(0x7f0000000040)='.\x00', 0x40000277)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r5, 0x0, 0x4ffe6, 0x0)
5.366738646s ago: executing program 4 (id=1116):
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f00000000c0), 0x4)
syz_emit_ethernet(0x36, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xfffffffffffffe47)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_pidfd_open(0x0, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r2 = dup(0xffffffffffffffff)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, 0x0, 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000008113b0ffbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103600000000001d300500000000004704000001ed00000f030000000000001d44020000000000620a00fe040400007203000000000000e500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a8641aa05a1336b3b4c4becea710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343cccc953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c9102"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
5.277347674s ago: executing program 0 (id=1117):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d3e457201e040b40e73e000000010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x1c, 0x52, 0x1, 0x0, 0x0, {0x1c}, [@typed={0x8, 0x7, 0x0, 0x0, @fd}]}, 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e"], 0x0}, 0x90)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r4, 0x0)
r5 = dup(r3)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@dellinkprop={0x34, 0x6d, 0x1, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'batadv0\x00'}]}, 0x34}}, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0}, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000100))
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000340)={0x0, 0x22, 0x90, {0x90, 0xf, "c7084db12196f252c0f4891ead42d44a6836ce8955452974c93dfbc4d5122a5547254ce3131b4ff898f53d0f0de668553860ef90eb8d3c46a00212983a5821e934fb4ec4cdcead681d6a1103d5f1ecd87c873871eed42246d282607a1829ec894315989ac11771e6a866b222337fddb4fa13c8633de5155c81a25ae1890dc436a9345e390052abfee380777c25c1"}}, &(0x7f0000000180)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x82c}}, &(0x7f0000000200)={0x0, 0x22, 0x2, {[@local=@item_012={0x1, 0x2, 0xc, "f2"}]}}, &(0x7f0000000280)={0x0, 0x21, 0x9, {0x9, 0x21, 0x8d0, 0x3, 0x1, {0x22, 0x9d9}}}}, &(0x7f0000001200)={0x2c, &(0x7f0000000400)={0x40, 0x17, 0xac, "d9016964f9a2daae35d8d7ec0e3809188e0b7cb76cb78fe18c947d1d1b671fd9ebdcfaf1e261b2698adc705bb43e368d1e12000ca40eadf6384770e9c522ce420df2f017dc1dca298d2f2fba82c445bf249d9bed6f39f67d22c948765ccd6bd7cb169200cc5f0da22dc81436c364559aa1cac4a2e9ada157e66de10a166a7012d4b7b4d10dec6db30d619aad3f79b27187e97a9b85e4c49207fddf5b4459fa2ffeccdb5fb6f3c4afbe7372d8"}, &(0x7f00000004c0)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000000500)={0x0, 0x8, 0x1, 0xe4}, &(0x7f0000000540)={0x20, 0x1, 0x7b, "01eeac241e75aa679f3d10eb9d2bae552f378a6c88969403d944c8075cc4c1468ffd0f25c420f7ad9729b0294ed72ead82ef612f51609ea9529110432a4bc9125eed4015ff7a79d15cfa058e4b31341a3b58a8102c31cf938e957f2427811200c862e98df44f5cc04576da827308b65b284c9f08ebb81504378bb7"}, &(0x7f0000000600)={0x20, 0x3, 0x1, 0x32}})
setfsuid(0x0)
4.342748288s ago: executing program 1 (id=1119):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[], [], 0x5c})
set_mempolicy(0x5, &(0x7f00000003c0)=0x3, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x11, 0x38}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000}, 0x70)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000041c0)={0x0, &(0x7f00000020c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e"], 0x7c}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00004b1000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000640)=0x1)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
3.423963776s ago: executing program 2 (id=1120):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000000, 0xe00, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000640)=ANY=[], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
chown(&(0x7f0000000180)='./file0\x00', 0x0, 0xffffffffffffffff)
listxattr(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
chmod(&(0x7f0000000640)='./file0\x00', 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000002085"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='tlb_flush\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0xe, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x90)
socket$inet(0x2, 0x3, 0x6)
ioprio_set$pid(0x1, 0x0, 0x0)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})
3.27707655s ago: executing program 2 (id=1121):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r1 = syz_open_dev$ndb(&(0x7f00000003c0), 0x0, 0x280400)
ioctl$IOC_PR_PREEMPT(r1, 0x401870cb, &(0x7f0000000400)={0x7fa78814, 0x7, 0x1, 0x8})
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, 0x0)
syz_usb_connect(0x4, 0x3d7, &(0x7f00000011c0)={{0x12, 0x1, 0x300, 0xa5, 0x25, 0x58, 0x8, 0xf11, 0x1020, 0xa21b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3c5, 0x1, 0x0, 0x0, 0xc0, 0x0, [{{0x9, 0x4, 0x81, 0x0, 0xd, 0x8, 0x52, 0xf2, 0x0, [], [{{0x9, 0x5, 0xe, 0x4, 0x20, 0x8, 0xe, 0x78}}, {{0x9, 0x5, 0x3, 0x4, 0x10, 0x3, 0x9, 0x0, [@generic={0x83, 0x2, "16d2e213d13cac373996ef1c335dfe1e86ce1e9eb410618a20a71e286306b48c6f516b7b7eb0cf270d9aebf9eb7a0747dfa355db0467039ceae8e3fb54a638fa2606a757f19bb64c816386648c675e1bf83787a7032ad73f063057f014a584e4d0ef2bc9c597e8bfbf5888eaafa3b44328d6166cc12e1b390306a0229b900ff9fa"}]}}, {{0x9, 0x5, 0x80, 0x1, 0x3ff, 0x44, 0x7, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x8, 0x81}, @generic={0xa3, 0x22, "cd8fb4be601c38eb627cac7523afc664680912d03939c7d50b244ed811702b73366280eb3e767220674666155b7f43240c0cc407ab59bf54e5b24ba810b0b5a21c6b69f74a846e9135913a032a27f1d1dc9c845aad8f9b5972f990441c29ad067623ccc283421451f174164e887af106604ec61bf187b1cd1447370fa8ab5832875765ee15e563c39e10a1b0d80613bfce91f266c62d93878e447d71df88fe04c9"}]}}, {{0x9, 0x5, 0x5, 0x8, 0x10, 0x2, 0x4, 0xb3, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x7, 0x4}]}}, {{0x9, 0x5, 0x5, 0x0, 0x8, 0x5, 0x4, 0x3}}, {{0x9, 0x5, 0xf, 0x18, 0x400, 0x4, 0xc0, 0x3}}, {{0x9, 0x5, 0x8, 0xc, 0x3ff, 0x2, 0x9, 0xf5}}, {{0x9, 0x5, 0x7, 0x10, 0x10, 0x5, 0xe, 0xff, [@generic={0x68, 0x8, "6f06383bd768e75fa4cd7519c830aef578563d013f39d4af4fd0013250053254d34c403b1799edd247d01e91933c8ba7d3bf77c0ea7f67eb09038322e27f6f7d8303810bc45ece3d3c2ed7aa7976c7aae827900b3d299f5d1cafbbeb429cf8aea69db8d9e071"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x400, 0x0, 0x6, 0x1b, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x0, 0x6}]}}, {{0x9, 0x5, 0x0, 0x10, 0x3ff, 0x7, 0xc, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x3, 0x1}]}}, {{0x9, 0x5, 0x5, 0x8701413cb03a9205, 0x3ff, 0x1, 0x0, 0xc, [@generic={0x76, 0x8, "afce774ca2fe872e7eb432cd13d0b49a24c80230945d4bf51ef31cae058d2051e0c26fd635c20375ae186790aac43d96ecfa37851f4a064a218eebdf745ae05f50d278729c855bf44f0a62755dc70aaec126560f60f3af1784a7efbbcecce0cb3cc796d8263feeb6cecaf22f241f9f6feb030ee2"}]}}, {{0x9, 0x5, 0xe, 0x1, 0x40, 0x9, 0x3, 0x0, [@generic={0x5f, 0x30, "302ede45623a05dd33e5ce94dc754328653fc741278326a7602f26db0fab5207fb588ac82186e5d3af21d1cda1eb925d42db8b571632334f9dc8f6e7dc1c4d71049173cd1c256c024d45f9683650fee413f7b384a7f9ca532b6d094b83"}]}}, {{0x9, 0x5, 0x4, 0x3, 0x200, 0x81, 0x2, 0x0, [@generic={0xbf, 0x30, "c264d42535f2062b55d6b8b7bf291eb418852213be80f15dc3a78942ad23445b2270c017eb9765802a41aea12fb103f6cd2f936292174026ff4676e88f00ab41d44fe764dfeef43909c9f851a049cb419d30be77734d07acee4e319f2b57da4653eb6d860b438a88425c99150ebac6024e3a9a080bb7c1fa5062b299f1f558d81e8a36fb9a4ebf7182ede2d89caaa6b81343604d2be862aac09601a9abe23bea3adee98e36d203033ee831cefb402c0ef74148ae0dfdc7cdf40fe0daec"}]}}]}}]}}]}}, &(0x7f0000000e80)={0x0, 0x0, 0x5, &(0x7f0000000b80)={0x5, 0xf, 0x5}, 0x1, [{0x0, 0x0}]})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xb}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102372, 0x18fe4}], 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4"], &(0x7f0000000340)='syzkaller\x00'}, 0x90)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000040)={0x3a}, 0x8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0x1c, 0x0, &(0x7f0000000480)="b9ff03076844268cb89e14f088a847", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_io_uring_setup(0x0, &(0x7f00000035c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000040))
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt(r6, 0x0, 0x65, 0x0, 0x0)
2.996657074s ago: executing program 3 (id=1122):
r0 = socket$inet6(0xa, 0x6, 0x0)
listen(r0, 0x0)
r1 = syz_io_uring_setup(0x2705, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000001440)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000001400)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, r0, 0x0})
io_uring_enter(r1, 0xa3d, 0x0, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newlink={0x48, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x40040}}}}}}]}, 0x48}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040)={{{@in=@local, @in6=@private2}}, {{@in6=@empty, 0x0, 0x32}, 0x0, @in6=@empty}}, 0xe8)
r5 = io_uring_setup(0x7058, &(0x7f0000000040))
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x18, 0x200000f0, r6)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000740)=ANY=[@ANYBLOB="05000000000000007111b600000000008510000002000000850000007600000095000000000000009500a50500000000655d66311e294642ccabb40bad95c69ea74489bdcf48fb63990250be73a9e53e4bdba5ea074f460e7131293e6d"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)
2.994866462s ago: executing program 4 (id=1123):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x228, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0x20b, 0x33, @beacon={{{}, {}, @device_b, @device_b}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @void, @val={0x3c, 0x4}, @void, @void, @void, @val={0x76, 0x6}, [{0xdd, 0xb7, "31851c27f0515dccb7554d54162c7b9db37edff2415d5589b53027d4db2f9527a9858f2910b19c7737136d933c4cb8b186a2cb77d33dc186120309d0107aae1822ca939dc88880a147e71f89f5936e8d68041d7e8bcc0f1b2831ed25db982a9cd8fcd5160c5cdc0cbe25dce28dc9925779fc4799284de17406d9ac3b5e35515e37ca5568297e0d3e19d80a5d5addb3184fec9543e41f70eb1bcd9a87da2f4b39e15dca2e549f43749edc5d2150d9349f08894e39ac26f6"}, {0xdd, 0xba, "1cb11f4c9767b25df19d1cb86cc9f4059996ff0021375555251d74cf6f777d24ac2b13bbd9b9d6f27b608e3a58d27ba7b7e16a8e13f0d8f288fa3e9a5e6c9ba0bd7028c0866f7cec56d3e0ae5cb3c8963c4d6e991fbd1547b046152bed86b40dc529d6663ed96a2f54759ca9fd4841407c6fb63f588fed1344890b04c3914826eaa5b022f53aa9fb6bffaa0370be496fc201cd5b33db589eb87730dee906175a89a626342c521f0b18b5cb5ed9de356bf155e503ca39d841b335"}, {0xdd, 0x25, "523a4aa23e4123ca5c555c2b2bf412911511b4b39a758f6e3a496d64414c19f01ba62cf366"}, {0xdd, 0x11, "0941a0e096d40b7d3b60bec79aa8aaa3f5"}, {0xdd, 0x1a, "7b1f666daa2c5732ac642cd918aea5ee68d9287e589b7d5326dd"}]}}]}, 0x228}}, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000540)=ANY=[@ANYBLOB="12010000bd4d9640f0fff0ff78390102030109021b0001000000000904000001ab933b000905"], 0x0)
2.681921909s ago: executing program 3 (id=1124):
r0 = socket(0x0, 0x800000003, 0x0)
r1 = socket$pptp(0x18, 0x1, 0x2)
r2 = dup2(r1, r1)
getsockname$packet(r2, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
execve(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)=[&(0x7f0000000140)='\x00', &(0x7f0000000180)='.^$\x00', &(0x7f00000001c0)='ramfs\x00', &(0x7f0000000200)='index=off'], &(0x7f0000000380)=[&(0x7f0000000280)='index=off', &(0x7f00000002c0)='\x00', &(0x7f0000000300)='j\x00'])
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4d9, 0xa055, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x41}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r4, &(0x7f0000000380), 0x20000000}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r6}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
syz_usb_control_io(r3, &(0x7f0000000ac0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0xae, {0xae, 0x0, "3e064d8211725b8331276f4db437334e738fc7a24e7984a9f18e5b7455ba206b5071a2ba35720118f6472237f7b80e05848e65366389224e4444784286f3e57e4baa670e86168d62b58ef5f084d20f4e0e17b07cca1917e6b34089ef99aa47b16595750123bafa3744270c4a6381180f39e01a93c35f50cbafd5f289ad7b3726ebf9c6f64ad58e9c87bfe332161c2392219a2901f71264f01370a2392502014511f06338239c6695265c401b"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@index_off}]})
r7 = socket(0x10, 0x3, 0x0)
r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_TIOCOUTQ(r8, 0x891e, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d40)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x60, 0x2, {{0x0, [], 0x0, [], [0x0, 0xffff]}, [@TCA_MQPRIO_MODE={0x6, 0x4}]}}}]}, 0x90}}, 0x20000810)
socket$can_raw(0x1d, 0x3, 0x1)
2.416741051s ago: executing program 1 (id=1125):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x2, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_TARGET={0x8}, @TCA_CODEL_LIMIT={0x8, 0x2, 0x4}]}}]}, 0x44}}, 0x0)
2.355993172s ago: executing program 1 (id=1126):
socket$nl_rdma(0x10, 0x3, 0x14)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
r3 = memfd_create(&(0x7f00000002c0)='D\xa3\xd5Wj\x00\x00\x8b\x14\xc2\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x9b\x12\x0eW\xcf\t\xb0\xa9 +H/\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2y\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xde\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4\x86\xd4\xc9\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg(\x03\xa7\x92\xe5\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xf8A\xaf\\\xaa\xf5u\xde\xfa\xa1\xc0\xf9&gR\x81.\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b\x00'/244, 0x0)
write(r3, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
dup3(r2, r3, 0x0)
fchdir(0xffffffffffffffff)
r4 = inotify_init1(0x0)
inotify_add_watch(r4, &(0x7f0000000040)='.\x00', 0x40000277)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r5, 0x0, 0x4ffe6, 0x0)
2.267906946s ago: executing program 1 (id=1127):
syz_emit_ethernet(0x52, &(0x7f0000001b80)={@local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x0, 0x0, {0xa, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private, @local, {[@cipso={0x86, 0xd, 0x0, [{0x0, 0x5, '\x00\x00\x00'}, {0x0, 0x2}]}, @rr={0x7, 0x7, 0x0, [@multicast1]}]}}}}}}}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0)
io_uring_setup(0xfc2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10)
connect$inet(r2, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, &(0x7f0000000040))
dup(0xffffffffffffffff)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_misc(r3, &(0x7f0000000080)=ANY=[], 0x5)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
r5 = add_key$user(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x2}, &(0x7f0000000800)='c', 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r4, r5}, &(0x7f0000001400)=""/86, 0x56, &(0x7f00000000c0)={&(0x7f0000000100)={'crct10dif-generic\x00'}})
2.224123315s ago: executing program 2 (id=1128):
socket$alg(0x26, 0x5, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mknod$loop(0x0, 0x4, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r3, 0x47ba, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000010c0)={0x0, 0x10, &(0x7f0000001040)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000001100)=0x10)
openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000001540)='/sys/fs/smackfs/direct\x00', 0x2, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000000)=""/4103, &(0x7f0000001080)=0x1007)
1.301864162s ago: executing program 2 (id=1129):
socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000100)={@in={{0x2, 0x0, @multicast1}}, 0x0, 0x0, 0x2, 0x0, "954f3b91f54aa78eb1ffb374125cd8327f0e152670040f301c1428c4a8511a8be8955942b32b934c23581ae7ac9b12d3215964a4d640754c467c41f36b02a24b627d26ed282dbd5b496e33585ea60e5e"}, 0xd8)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x22, 0x0, "43cad7b04bde5bbd8035d89034a56bad61a87c614899a37c5d0d7da4d7fc948375f3593dbd21eb7618ffb4ff4984e01eedc37998dd16526edb40eaadabe6cd2bd9f9dfeade7787ea64309c01ae05fb70"}, 0xd8)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
ioctl$EVIOCGKEYCODE(0xffffffffffffffff, 0x80084504, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$hidraw(0x0, 0x0, 0x14a042)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000240)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000000000), 0xd3, 0x4800)
ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x4030582a, 0x0)
syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x14a042)
write$hidraw(0xffffffffffffffff, &(0x7f0000003000), 0x0)
ioctl$HIDIOCGRDESC(r0, 0x40305829, &(0x7f00000002c0)={0xd, "3a82000000130000000000009d"})
1.079787848s ago: executing program 1 (id=1130):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000186800000000000090737c73267beee600000000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
accept(0xffffffffffffffff, &(0x7f00000000c0)=@can, 0x0)
ioctl$TIOCL_PASTESEL(r5, 0x541c, &(0x7f0000000000))
850.543897ms ago: executing program 0 (id=1131):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
dup(r1)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000001, 0x38011, r1, 0x1ef46000)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x1c, &(0x7f0000000100)={&(0x7f0000000080)={0x48, 0x8, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x18)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
pipe(&(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
close(r6)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000000c0), &(0x7f00000001c0)=0x4)
write$UHID_CREATE2(r8, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
getsockopt$llc_int(r7, 0x10c, 0x1, 0x0, &(0x7f0000000000))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005fff000005000000000000000000", @ANYRES32=0x0, @ANYBLOB="0092000000000000280012800a00010076786c616e"], 0x3}}, 0x0)
write$binfmt_misc(r5, &(0x7f0000000000)=ANY=[], 0xfffffecc)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x43}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)
splice(r4, 0x0, r6, 0x0, 0x4ffe2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f00000000c0)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0xff41)
fadvise64(r1, 0x0, 0x0, 0x4)
635.333939ms ago: executing program 4 (id=1132):
socket$inet_udplite(0x2, 0x2, 0x88)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x83, 0x66, 0x7d, 0x10, 0x2040, 0x264, 0x4ed1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x90, 0xf1, 0x9c}}]}}]}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001940)={'wlan0\x00'})
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}]}, 0x1c}}, 0x0)
124.205003ms ago: executing program 2 (id=1133):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
set_mempolicy(0x900, 0x0, 0x0)
89.004974ms ago: executing program 1 (id=1134):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0xa4600, 0x0)
r2 = dup(r1)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4000000020042, 0x0)
r4 = dup(r3)
sendfile(r4, r2, 0x0, 0x89ffc)
getdents64(r2, &(0x7f0000000000)=""/95, 0x5f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r5, 0x800448f0, &(0x7f0000000080)={0x0, 0x0, "9c5952"})
0s ago: executing program 2 (id=1135):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x0, 0x0, 0x3, 0x2, 0x1, 0x74}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000280)={'erspan0\x00', &(0x7f00000003c0)={'ip_vti0\x00', 0x0, 0x10, 0x7800, 0x3, 0x1, {{0x1e, 0x4, 0x0, 0x0, 0x78, 0x67, 0x0, 0x3f, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x20}, @private=0xa010102, {[@noop, @rr={0x7, 0x1b, 0x99, [@initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2d}, @multicast2, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @generic={0x82, 0xb, "c15c43a4edbfedf077"}, @lsrr={0x83, 0xf, 0xbc, [@loopback, @remote, @broadcast]}, @timestamp_prespec={0x44, 0x2c, 0x6a, 0x3, 0xc, [{@dev={0xac, 0x14, 0x14, 0x2e}, 0x401}, {@empty, 0xd62e365e}, {@private=0xa010102, 0x5}, {@local, 0x88}, {@loopback, 0xf886}]}]}}}}})
creat(&(0x7f00000002c0)='./file0\x00', 0x8b)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000200))
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x9, 0x3, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
kernel console output (not intermixed with test programs):
ice= 0.00
[ 242.933499][ T7402] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.667'.
[ 242.943231][ T7402] netlink: zone id is out of range
[ 242.948508][ T7402] netlink: del zone limit has 8 unknown bytes
[ 242.955291][ T785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 242.987220][ T785] usb 3-1: config 0 descriptor??
[ 243.001298][ T5133] usb 5-1: string descriptor 0 read error: -22
[ 243.007541][ T5133] usb 5-1: New USB device found, idVendor=0f11, idProduct=1020, bcdDevice=a2.1b
[ 243.024615][ T5133] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 243.042107][ T5133] usb 5-1: config 0 descriptor??
[ 243.065048][ T5133] ldusb 5-1:0.0: Interrupt in endpoint not found
[ 243.301439][ T25] usb 5-1: USB disconnect, device number 23
[ 243.817554][ T7390] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 243.826612][ T7390] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 243.843690][ T785] hid (null): nested delimiters
[ 243.853248][ T785] hid (null): report_id 24797 is invalid
[ 243.865890][ T785] hid (null): unknown global tag 0xa5
[ 243.873724][ T785] hid (null): unknown global tag 0xd
[ 243.882846][ T785] hid (null): unknown global tag 0xc
[ 243.903551][ T785] hid-generic 0003:0158:0100.0017: unknown main item tag 0x1
[ 243.917989][ T785] hid-generic 0003:0158:0100.0017: unexpected long global item
[ 243.934421][ T785] hid-generic 0003:0158:0100.0017: probe with driver hid-generic failed with error -22
[ 244.057256][ T25] usb 3-1: USB disconnect, device number 35
[ 244.457971][ T5219] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[ 244.727731][ T5219] usb 2-1: Using ep0 maxpacket: 16
[ 244.750464][ T5219] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 244.754741][ T7432] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.675'.
[ 244.767934][ T5219] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 244.771970][ T7432] netlink: del zone limit has 8 unknown bytes
[ 244.850570][ T5219] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 244.907927][ T5219] usb 2-1: config 0 descriptor??
[ 245.659258][ T7427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 245.682856][ T7427] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 245.709136][ T5219] hid (null): nested delimiters
[ 245.726052][ T5219] hid (null): report_id 24797 is invalid
[ 245.769010][ T5219] hid (null): unknown global tag 0xa5
[ 245.788226][ T5219] hid (null): unknown global tag 0xd
[ 245.817860][ T5219] hid (null): unknown global tag 0xc
[ 245.844156][ T5219] hid-generic 0003:0158:0100.0018: unknown main item tag 0x1
[ 245.862015][ T5219] hid-generic 0003:0158:0100.0018: unexpected long global item
[ 245.876609][ T5219] hid-generic 0003:0158:0100.0018: probe with driver hid-generic failed with error -22
[ 245.926300][ T5219] usb 2-1: USB disconnect, device number 27
[ 247.241328][ T7450] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.681'.
[ 247.288090][ T7450] netlink: zone id is out of range
[ 247.295050][ T7450] netlink: del zone limit has 8 unknown bytes
[ 249.057763][ T784] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 249.275628][ T784] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 249.295431][ T784] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 249.306100][ T784] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 249.317668][ T784] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 249.340199][ T784] usb 2-1: config 0 descriptor??
[ 249.434723][ T5133] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[ 249.750100][ T7472] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.685'.
[ 249.779363][ T7476] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.688'.
[ 249.800440][ T7476] netlink: del zone limit has 8 unknown bytes
[ 249.889448][ T5133] usb 4-1: Using ep0 maxpacket: 16
[ 249.977252][ T5133] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 249.978483][ T7472] netlink: zone id is out of range
[ 250.006996][ T7472] netlink: del zone limit has 8 unknown bytes
[ 250.057726][ T5133] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 250.066836][ T5133] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 250.088441][ T5133] usb 4-1: config 0 descriptor??
[ 250.527969][ T785] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 250.665304][ T7473] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 250.832409][ T7473] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 250.974920][ T5133] hid (null): nested delimiters
[ 250.991826][ T5133] hid (null): report_id 24797 is invalid
[ 251.010439][ T785] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 251.027553][ T784] usbhid 2-1:0.0: can't add hid device: -71
[ 251.036493][ T784] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 251.073768][ T5133] hid (null): unknown global tag 0xa5
[ 251.089155][ T5133] hid (null): unknown global tag 0xd
[ 251.094634][ T784] usb 2-1: USB disconnect, device number 28
[ 251.100892][ T785] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 251.116702][ T785] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 251.137848][ T5133] hid (null): unknown global tag 0xc
[ 251.147124][ T5133] hid-generic 0003:0158:0100.0019: unknown main item tag 0x1
[ 251.171130][ T785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 251.187471][ T5133] hid-generic 0003:0158:0100.0019: unexpected long global item
[ 251.209120][ T785] usb 3-1: config 0 descriptor??
[ 251.226269][ T5133] hid-generic 0003:0158:0100.0019: probe with driver hid-generic failed with error -22
[ 251.494359][ T5133] usb 4-1: USB disconnect, device number 42
[ 251.557994][ T5219] usb 1-1: new full-speed USB device number 25 using dummy_hcd
[ 251.788858][ T5219] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 251.798501][ T5219] usb 1-1: config 1 has no interface number 1
[ 251.804951][ T5219] usb 1-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 251.816048][ T5219] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 251.863915][ T5219] usb 1-1: string descriptor 0 read error: -22
[ 251.874391][ T5219] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 251.883687][ T5219] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 251.900299][ T5219] usb 1-1: 2:1 : format type 0 is detected, processed as PCM
[ 251.908318][ T5219] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 251.930078][ T785] holtek_kbd 0003:04D9:A055.001A: item fetching failed at offset 3/5
[ 251.944195][ T785] holtek_kbd 0003:04D9:A055.001A: probe with driver holtek_kbd failed with error -22
[ 251.979852][ T7495] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.694'.
[ 251.990265][ T7495] netlink: zone id is out of range
[ 252.012351][ T7495] netlink: del zone limit has 8 unknown bytes
[ 252.162133][ T5219] usb 1-1: USB disconnect, device number 25
[ 252.319543][ T25] usb 3-1: USB disconnect, device number 36
[ 252.693248][ T5134] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 252.899876][ T5134] usb 5-1: Using ep0 maxpacket: 16
[ 252.943673][ T5134] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 252.970018][ T5134] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 252.991627][ T5134] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 253.016634][ T5134] usb 5-1: config 0 descriptor??
[ 253.174187][ T7517] cgroup: No subsys list or none specified
[ 253.397990][ T5219] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 253.547950][ T7505] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 253.581232][ T7505] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 253.625654][ T5219] usb 3-1: Using ep0 maxpacket: 32
[ 253.759826][ T5219] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 253.829113][ T5219] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 253.842597][ T5134] hid (null): nested delimiters
[ 253.847563][ T5134] hid (null): report_id 24797 is invalid
[ 253.867739][ T5219] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 253.877111][ T5219] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 253.887979][ T5134] hid (null): unknown global tag 0xa5
[ 253.893419][ T5134] hid (null): unknown global tag 0xd
[ 253.915586][ T5134] hid (null): unknown global tag 0xc
[ 253.926571][ T5219] hub 3-1:4.0: USB hub found
[ 253.934714][ T5134] hid-generic 0003:0158:0100.001B: unknown main item tag 0x1
[ 253.998897][ T7522] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.701'.
[ 254.014977][ T7522] netlink: del zone limit has 8 unknown bytes
[ 254.064064][ T5134] hid-generic 0003:0158:0100.001B: unexpected long global item
[ 254.115016][ T5134] hid-generic 0003:0158:0100.001B: probe with driver hid-generic failed with error -22
[ 254.220753][ T5134] usb 5-1: USB disconnect, device number 24
[ 254.356375][ T5219] hub 3-1:4.0: 2 ports detected
[ 255.247977][ T5134] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[ 255.439905][ T5134] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 255.473424][ T5134] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 255.485083][ T5134] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 255.495501][ T5134] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 255.504169][ T784] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 255.530363][ T5134] usb 2-1: config 0 descriptor??
[ 255.722018][ T5092] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[ 255.747983][ T784] usb 5-1: Using ep0 maxpacket: 16
[ 255.757386][ T784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 255.775346][ T784] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 255.784998][ T784] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 255.798515][ T784] usb 5-1: config 0 descriptor??
[ 255.846586][ T5219] hub 3-1:4.0: activate --> -90
[ 255.918645][ T5092] usb 4-1: Using ep0 maxpacket: 32
[ 255.932919][ T5092] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 255.944363][ T5092] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 255.954702][ T5092] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 255.964437][ T5092] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 255.996222][ T5092] hub 4-1:4.0: USB hub found
[ 256.012547][ T5134] holtek_kbd 0003:04D9:A055.001C: item fetching failed at offset 3/5
[ 256.040940][ T5134] holtek_kbd 0003:04D9:A055.001C: probe with driver holtek_kbd failed with error -22
[ 256.158768][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[ 256.165275][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[ 256.190886][ T5092] hub 4-1:4.0: 2 ports detected
[ 256.260263][ T7538] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 256.269724][ T7538] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 256.293108][ T784] hid (null): nested delimiters
[ 256.313431][ T784] hid (null): report_id 24797 is invalid
[ 256.331135][ T784] hid (null): unknown global tag 0xa5
[ 256.338223][ T784] hid (null): unknown global tag 0xd
[ 256.343698][ T784] hid (null): unknown global tag 0xc
[ 256.355254][ T784] hid-generic 0003:0158:0100.001D: unknown main item tag 0x1
[ 256.363300][ T784] hid-generic 0003:0158:0100.001D: unexpected long global item
[ 256.378314][ T784] hid-generic 0003:0158:0100.001D: probe with driver hid-generic failed with error -22
[ 256.515619][ T784] usb 5-1: USB disconnect, device number 25
[ 257.009148][ T5219] usb 3-1-port1: cannot reset (err = -71)
[ 257.016411][ T784] usb 3-1: USB disconnect, device number 37
[ 257.030163][ T5219] usb 3-1-port1: Cannot enable. Maybe the USB cable is bad?
[ 257.040752][ T5219] usb 3-1-port1: attempt power cycle
[ 257.082643][ T5134] usb 2-1: USB disconnect, device number 29
[ 257.509236][ T5092] hub 4-1:4.0: activate --> -90
[ 257.617766][ T25] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[ 257.826889][ T25] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 257.836560][ T25] usb 1-1: config 1 has no interface number 1
[ 257.849999][ T25] usb 1-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 257.877011][ T25] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 257.891581][ T25] usb 1-1: string descriptor 0 read error: -22
[ 257.924356][ T25] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 257.955284][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 257.994316][ T25] usb 1-1: 2:1 : format type 0 is detected, processed as PCM
[ 258.002207][ T25] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 258.308026][ T4479] Bluetooth: hci2: command 0x0406 tx timeout
[ 258.908431][ T25] usb 1-1: USB disconnect, device number 26
[ 259.159637][ T785] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[ 259.177135][ T5092] usb 4-1-port1: cannot reset (err = -71)
[ 259.184402][ T8] usb 4-1: USB disconnect, device number 43
[ 259.194802][ T5623] udevd[5623]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 259.195692][ T5092] usb 4-1-port1: Cannot enable. Maybe the USB cable is bad?
[ 259.284853][ T7572] cgroup: No subsys list or none specified
[ 259.746464][ T785] usb 2-1: config 0 has an invalid interface number: 106 but max is 0
[ 260.008514][ T5092] usb 4-1-port1: attempt power cycle
[ 260.017706][ T785] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 260.049203][ T785] usb 2-1: config 0 has no interface number 0
[ 260.115727][ T785] usb 2-1: config 0 interface 106 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 260.163573][ T785] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[ 260.263762][ T785] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 260.458105][ T25] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 260.567203][ T785] usb 2-1: config 0 descriptor??
[ 260.641807][ T785] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 260.657760][ T25] usb 3-1: Using ep0 maxpacket: 16
[ 260.698152][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 260.785336][ T25] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 260.795143][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 260.811053][ T25] usb 3-1: config 0 descriptor??
[ 260.911775][ T51] usb 2-1: Failed to submit usb control message: -71
[ 260.912270][ T5219] usb 2-1: USB disconnect, device number 30
[ 260.937195][ T51] usb 2-1: unable to send the bmi data to the device: -71
[ 260.946611][ T51] usb 2-1: unable to get target info from device
[ 260.966318][ T51] usb 2-1: could not get target info (-71)
[ 260.973463][ T51] usb 2-1: could not probe fw (-71)
[ 261.077979][ T785] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 261.147755][ T8] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[ 261.287520][ T7575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 261.438796][ T8] usb 4-1: Using ep0 maxpacket: 32
[ 261.519410][ T7592] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.719'.
[ 261.561219][ T7592] netlink: zone id is out of range
[ 261.578947][ T7592] netlink: del zone limit has 8 unknown bytes
[ 261.662435][ T785] usb 5-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 261.748670][ T7575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 261.780144][ T8] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 261.797150][ T785] usb 5-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 261.799840][ T25] hid (null): nested delimiters
[ 261.816897][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 261.824458][ T25] hid (null): report_id 24797 is invalid
[ 261.825477][ T785] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 261.841593][ T785] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 261.851529][ T8] usb 4-1: config 0 descriptor??
[ 261.867465][ T8] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 261.883504][ T25] hid (null): unknown global tag 0xa5
[ 261.896659][ T25] hid (null): unknown global tag 0xd
[ 261.916704][ T25] hid (null): unknown global tag 0xc
[ 261.943867][ T25] hid-generic 0003:0158:0100.001E: unknown main item tag 0x1
[ 261.960819][ T25] hid-generic 0003:0158:0100.001E: unexpected long global item
[ 261.977730][ T25] hid-generic 0003:0158:0100.001E: probe with driver hid-generic failed with error -22
[ 262.020862][ T25] usb 3-1: USB disconnect, device number 42
[ 262.143145][ T29] kauditd_printk_skb: 2 callbacks suppressed
[ 262.143163][ T29] audit: type=1326 audit(1720978863.531:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7587 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb83a175bd9 code=0x7ffc0000
[ 262.171732][ T785] usb 5-1: language id specifier not provided by device, defaulting to English
[ 262.207842][ T29] audit: type=1326 audit(1720978863.531:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7587 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb83a175bd9 code=0x7ffc0000
[ 262.277986][ T29] audit: type=1326 audit(1720978863.531:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7587 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb83a1757db code=0x7ffc0000
[ 262.336686][ T29] audit: type=1326 audit(1720978863.531:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7587 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb83a1757db code=0x7ffc0000
[ 262.399226][ T29] audit: type=1326 audit(1720978863.551:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7587 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb83a1a7bc5 code=0x7ffc0000
[ 262.477888][ T29] audit: type=1326 audit(1720978863.721:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7587 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb83a175bd9 code=0x7ffc0000
[ 262.529737][ T25] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[ 262.534183][ T29] audit: type=1326 audit(1720978863.721:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7587 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb83a1757db code=0x7ffc0000
[ 262.577113][ T29] audit: type=1326 audit(1720978863.721:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7587 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb83a1757db code=0x7ffc0000
[ 262.612773][ T785] usb 5-1: USB disconnect, device number 26
[ 262.614302][ T29] audit: type=1326 audit(1720978863.721:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7587 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb83a175bd9 code=0x7ffc0000
[ 262.648237][ T29] audit: type=1326 audit(1720978863.721:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7587 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb83a175bd9 code=0x7ffc0000
[ 262.742508][ T25] usb 1-1: Using ep0 maxpacket: 16
[ 262.749591][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 262.761538][ T25] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 262.771218][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 262.782286][ T25] usb 1-1: config 0 descriptor??
[ 262.797803][ T5162] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[ 262.997789][ T5162] usb 2-1: Using ep0 maxpacket: 32
[ 263.016320][ T5162] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 263.036791][ T5162] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 263.060260][ T5162] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 263.076568][ T5162] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 263.098768][ T5162] hub 2-1:4.0: USB hub found
[ 263.213784][ T7594] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 263.222924][ T7594] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 263.235822][ T25] hid (null): nested delimiters
[ 263.242204][ T25] hid (null): report_id 24797 is invalid
[ 263.250457][ T25] hid (null): unknown global tag 0xa5
[ 263.256295][ T25] hid (null): unknown global tag 0xd
[ 263.261836][ T25] hid (null): unknown global tag 0xc
[ 263.271285][ T25] hid-generic 0003:0158:0100.001F: unknown main item tag 0x1
[ 263.280311][ T25] hid-generic 0003:0158:0100.001F: unexpected long global item
[ 263.288926][ T25] hid-generic 0003:0158:0100.001F: probe with driver hid-generic failed with error -22
[ 263.309624][ T5162] hub 2-1:4.0: 2 ports detected
[ 263.443804][ T25] usb 1-1: USB disconnect, device number 27
[ 263.739542][ T8] gspca_sunplus: reg_w_riv err -71
[ 263.744832][ T8] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[ 263.790786][ T8] usb 4-1: USB disconnect, device number 48
[ 264.226607][ T7615] cgroup: No subsys list or none specified
[ 265.399208][ T5162] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 265.515349][ T8] hub 2-1:4.0: activate --> -90
[ 265.591258][ T5162] usb 3-1: Using ep0 maxpacket: 32
[ 265.601711][ T5162] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 265.614033][ T5162] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 265.624578][ T5162] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 265.633784][ T5162] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 265.648434][ T5162] hub 3-1:4.0: USB hub found
[ 265.807716][ T25] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[ 265.848975][ T5162] hub 3-1:4.0: 2 ports detected
[ 266.011130][ T25] usb 4-1: config 0 has an invalid interface number: 106 but max is 0
[ 266.035751][ T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 266.046554][ T25] usb 4-1: config 0 has no interface number 0
[ 266.056355][ T25] usb 4-1: config 0 interface 106 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 266.078282][ T25] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[ 266.087503][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 266.141996][ T25] usb 4-1: config 0 descriptor??
[ 266.222409][ T25] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 266.917436][ T2815] usb 4-1: Failed to submit usb control message: -71
[ 266.928143][ T25] usb 4-1: USB disconnect, device number 49
[ 266.966832][ T2815] usb 4-1: unable to send the bmi data to the device: -71
[ 266.989844][ T2815] usb 4-1: unable to get target info from device
[ 267.018125][ T2815] usb 4-1: could not get target info (-71)
[ 267.039972][ T7652] overlay: Unknown parameter '\'
[ 267.046103][ T2815] usb 4-1: could not probe fw (-71)
[ 267.141049][ T8] usb 2-1-port1: cannot reset (err = -71)
[ 267.146876][ T8] usb 2-1-port1: Cannot enable. Maybe the USB cable is bad?
[ 267.163096][ T5092] usb 2-1: USB disconnect, device number 31
[ 267.174487][ T8] usb 2-1-port1: attempt power cycle
[ 267.840712][ T7663] cgroup: No subsys list or none specified
[ 268.518737][ T5092] hub 3-1:4.0: hub_ext_port_status failed (err = -32)
[ 268.556862][ T5219] usb 3-1: USB disconnect, device number 43
[ 268.557151][ T5092] usb 3-1: Failed to suspend device, error -19
[ 268.807850][ T784] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[ 268.928909][ T5134] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[ 269.037312][ T784] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 269.066615][ T784] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 269.170956][ T784] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 269.186727][ T784] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 269.204242][ T5134] usb 5-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 269.303534][ T784] usb 4-1: config 0 descriptor??
[ 269.309418][ T5134] usb 5-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 269.338499][ T5134] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 269.348104][ T5134] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 269.945196][ T7685] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.743'.
[ 269.956900][ T7685] netlink: zone id is out of range
[ 269.962697][ T7685] netlink: del zone limit has 8 unknown bytes
[ 270.081982][ T5134] usb 5-1: language id specifier not provided by device, defaulting to English
[ 270.398900][ T784] holtek_kbd 0003:04D9:A055.0020: item fetching failed at offset 3/5
[ 270.417211][ T784] holtek_kbd 0003:04D9:A055.0020: probe with driver holtek_kbd failed with error -22
[ 270.527935][ T5134] usb 5-1: USB disconnect, device number 27
[ 270.737167][ T5092] usb 4-1: USB disconnect, device number 50
[ 270.775444][ T7696] TCP: MD5 Hash failed for 172.20.20.187.0->255.255.255.255.20002 [RP.] L3 index 0
[ 270.992070][ T4479] Bluetooth: hci3: ACL packet for unknown connection handle 0
[ 271.004170][ T7705] FAULT_INJECTION: forcing a failure.
[ 271.004170][ T7705] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 271.018403][ T7705] CPU: 1 PID: 7705 Comm: syz.2.749 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 271.028498][ T7705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 271.038587][ T7705] Call Trace:
[ 271.041895][ T7705] <TASK>
[ 271.044889][ T7705] dump_stack_lvl+0x241/0x360
[ 271.049616][ T7705] ? __pfx_dump_stack_lvl+0x10/0x10
[ 271.054845][ T7705] ? __pfx__printk+0x10/0x10
[ 271.059468][ T7705] ? __pfx_lock_release+0x10/0x10
[ 271.064534][ T7705] should_fail_ex+0x3b0/0x4e0
[ 271.069261][ T7705] _copy_from_user+0x2f/0xe0
[ 271.073880][ T7705] __sys_bpf+0x1a4/0x810
[ 271.078154][ T7705] ? __pfx___sys_bpf+0x10/0x10
[ 271.083395][ T7705] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 271.089420][ T7705] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 271.095744][ T7705] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 271.102057][ T7705] ? __irq_exit_rcu+0x100/0x1c0
[ 271.106894][ T7705] __x64_sys_bpf+0x7c/0x90
[ 271.111299][ T7705] do_syscall_64+0xf3/0x230
[ 271.115788][ T7705] ? clear_bhb_loop+0x35/0x90
[ 271.120451][ T7705] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 271.126357][ T7705] RIP: 0033:0x7f8c60b75bd9
[ 271.130766][ T7705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 271.150450][ T7705] RSP: 002b:00007f8c618b6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 271.158877][ T7705] RAX: ffffffffffffffda RBX: 00007f8c60d04038 RCX: 00007f8c60b75bd9
[ 271.166846][ T7705] RDX: 000000000000004c RSI: 0000000020000580 RDI: 000000000000000a
[ 271.174805][ T7705] RBP: 00007f8c618b60a0 R08: 0000000000000000 R09: 0000000000000000
[ 271.182857][ T7705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 271.190845][ T7705] R13: 000000000000006e R14: 00007f8c60d04038 R15: 00007fffdc118198
[ 271.198998][ T7705] </TASK>
[ 271.202120][ C1] vkms_vblank_simulate: vblank timer overrun
[ 271.251640][ T7702] delete_channel: no stack
[ 271.263463][ T7702] delete_channel: no stack
[ 271.322495][ T7708] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.750'.
[ 271.343014][ T7708] netlink: zone id is out of range
[ 271.353547][ T7708] netlink: del zone limit has 8 unknown bytes
[ 272.067118][ T7722] netlink: 'syz.2.753': attribute type 10 has an invalid length.
[ 272.111107][ T4479] Bluetooth: hci3: ACL packet for unknown connection handle 201
[ 272.161357][ T7722] bridge0: port 3(team0) entered disabled state
[ 272.171925][ T4479] Bluetooth: hci3: SCO packet for unknown connection handle 201
[ 272.175412][ T7722] team0: left allmulticast mode
[ 272.188361][ T7722] team_slave_0: left allmulticast mode
[ 272.194219][ T7722] team_slave_1: left allmulticast mode
[ 272.199800][ T7722] team0: left promiscuous mode
[ 272.204634][ T7722] team_slave_0: left promiscuous mode
[ 272.211253][ T7722] team_slave_1: left promiscuous mode
[ 272.217211][ T7722] bridge0: port 3(team0) entered disabled state
[ 272.325122][ T7722] batman_adv: batadv0: Adding interface: team0
[ 272.335032][ T7722] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 272.360609][ C1] vkms_vblank_simulate: vblank timer overrun
[ 272.368570][ T7722] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 272.379910][ T7726] netlink: 'syz.2.753': attribute type 10 has an invalid length.
[ 272.388711][ T7726] netlink: 2 bytes leftover after parsing attributes in process `syz.2.753'.
[ 272.398018][ T7726] team0: entered promiscuous mode
[ 272.403365][ T7726] team_slave_0: entered promiscuous mode
[ 272.409690][ T7726] team_slave_1: entered promiscuous mode
[ 272.469855][ T7726] 8021q: adding VLAN 0 to HW filter on device team0
[ 272.585486][ T7726] batman_adv: batadv0: Interface activated: team0
[ 272.597888][ T7726] batman_adv: batadv0: Interface deactivated: team0
[ 272.645547][ T7726] batman_adv: batadv0: Removing interface: team0
[ 272.671228][ T7726] bridge0: port 3(team0) entered blocking state
[ 272.696799][ T7726] bridge0: port 3(team0) entered disabled state
[ 272.709314][ T7726] team0: entered allmulticast mode
[ 272.713231][ T7748] FAULT_INJECTION: forcing a failure.
[ 272.713231][ T7748] name failslab, interval 1, probability 0, space 0, times 1
[ 272.727376][ T7748] CPU: 0 PID: 7748 Comm: syz.1.761 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 272.737389][ T7748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 272.747639][ T7748] Call Trace:
[ 272.750922][ T7748] <TASK>
[ 272.753841][ T7748] dump_stack_lvl+0x241/0x360
[ 272.758612][ T7748] ? __pfx_dump_stack_lvl+0x10/0x10
[ 272.763898][ T7748] ? __pfx__printk+0x10/0x10
[ 272.768485][ T7748] ? __pfx___might_resched+0x10/0x10
[ 272.773775][ T7748] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 272.779774][ T7748] should_fail_ex+0x3b0/0x4e0
[ 272.785331][ T7748] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[ 272.791671][ T7748] should_failslab+0x9/0x20
[ 272.797560][ T7748] __kmalloc_noprof+0xd8/0x400
[ 272.803226][ T7748] ? safesetid_security_capable+0xb2/0x1d0
[ 272.809306][ T7748] genl_family_rcv_msg_attrs_parse+0xa3/0x290
[ 272.815404][ T7748] genl_rcv_msg+0x802/0xec0
[ 272.819913][ T7748] ? mark_lock+0x9a/0x350
[ 272.824249][ T7748] ? __pfx_genl_rcv_msg+0x10/0x10
[ 272.829287][ T7748] ? __pfx_lock_acquire+0x10/0x10
[ 272.834305][ T7748] ? __pfx_nl80211_pre_doit+0x10/0x10
[ 272.839671][ T7748] ? __pfx_nl80211_tx_mgmt+0x10/0x10
[ 272.844944][ T7748] ? __pfx_nl80211_post_doit+0x10/0x10
[ 272.850395][ T7748] ? __pfx___might_resched+0x10/0x10
[ 272.855708][ T7748] netlink_rcv_skb+0x1e3/0x430
[ 272.860478][ T7748] ? __pfx_genl_rcv_msg+0x10/0x10
[ 272.865515][ T7748] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 272.870824][ T7748] ? __netlink_deliver_tap+0x77e/0x7c0
[ 272.876286][ T7748] genl_rcv+0x28/0x40
[ 272.880263][ T7748] netlink_unicast+0x7ea/0x980
[ 272.885026][ T7748] ? __pfx_netlink_unicast+0x10/0x10
[ 272.890302][ T7748] ? __virt_addr_valid+0x183/0x530
[ 272.895412][ T7748] ? __check_object_size+0x49c/0x900
[ 272.900691][ T7748] ? bpf_lsm_netlink_send+0x9/0x10
[ 272.905795][ T7748] netlink_sendmsg+0x8db/0xcb0
[ 272.910751][ T7748] ? __pfx_netlink_sendmsg+0x10/0x10
[ 272.916201][ T7748] ? __import_iovec+0x536/0x820
[ 272.921041][ T7748] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 272.926309][ T7748] ? security_socket_sendmsg+0x87/0xb0
[ 272.931763][ T7748] ? __pfx_netlink_sendmsg+0x10/0x10
[ 272.937064][ T7748] __sock_sendmsg+0x221/0x270
[ 272.941746][ T7748] ____sys_sendmsg+0x525/0x7d0
[ 272.946517][ T7748] ? __pfx_____sys_sendmsg+0x10/0x10
[ 272.951837][ T7748] __sys_sendmsg+0x2b0/0x3a0
[ 272.956439][ T7748] ? __pfx___sys_sendmsg+0x10/0x10
[ 272.961551][ T7748] ? vfs_write+0x7c4/0xc90
[ 272.966012][ T7748] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 272.972361][ T7748] ? do_syscall_64+0x100/0x230
[ 272.977119][ T7748] ? do_syscall_64+0xb6/0x230
[ 272.981785][ T7748] do_syscall_64+0xf3/0x230
[ 272.986278][ T7748] ? clear_bhb_loop+0x35/0x90
[ 272.990959][ T7748] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 272.996867][ T7748] RIP: 0033:0x7fce80175bd9
[ 273.001276][ T7748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 273.021227][ T7748] RSP: 002b:00007fce80f8f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 273.029643][ T7748] RAX: ffffffffffffffda RBX: 00007fce80303f60 RCX: 00007fce80175bd9
[ 273.037786][ T7748] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 273.045846][ T7748] RBP: 00007fce80f8f0a0 R08: 0000000000000000 R09: 0000000000000000
[ 273.053817][ T7748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 273.061781][ T7748] R13: 000000000000000b R14: 00007fce80303f60 R15: 00007ffc76f74558
[ 273.069933][ T7748] </TASK>
[ 273.081574][ T7726] team_slave_0: entered allmulticast mode
[ 273.097499][ T7726] team_slave_1: entered allmulticast mode
[ 273.110690][ T7726] bridge0: port 3(team0) entered blocking state
[ 273.117028][ T7726] bridge0: port 3(team0) entered forwarding state
[ 273.239567][ T5092] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[ 273.263515][ T7753] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 273.282819][ T7753] FAULT_INJECTION: forcing a failure.
[ 273.282819][ T7753] name failslab, interval 1, probability 0, space 0, times 0
[ 273.326444][ T7753] CPU: 0 PID: 7753 Comm: syz.1.763 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 273.336478][ T7753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 273.347614][ T7753] Call Trace:
[ 273.351434][ T7753] <TASK>
[ 273.354397][ T7753] dump_stack_lvl+0x241/0x360
[ 273.359649][ T7753] ? __pfx_dump_stack_lvl+0x10/0x10
[ 273.365075][ T7753] ? __pfx__printk+0x10/0x10
[ 273.369711][ T7753] should_fail_ex+0x3b0/0x4e0
[ 273.374415][ T7753] ? __alloc_skb+0x1c3/0x440
[ 273.379029][ T7753] should_failslab+0x9/0x20
[ 273.383561][ T7753] kmem_cache_alloc_node_noprof+0x71/0x320
[ 273.389481][ T7753] __alloc_skb+0x1c3/0x440
[ 273.393923][ T7753] ? __dev_queue_xmit+0x16c9/0x3d30
[ 273.399148][ T7753] ? __pfx___alloc_skb+0x10/0x10
[ 273.404117][ T7753] ? netlink_ack_tlv_len+0x6e/0x200
[ 273.409518][ T7753] netlink_ack+0x13f/0xa30
[ 273.413991][ T7753] netlink_rcv_skb+0x262/0x430
[ 273.418789][ T7753] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 273.424271][ T7753] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 273.429694][ T7753] ? netlink_deliver_tap+0x2e/0x1b0
[ 273.434924][ T7753] netlink_unicast+0x7ea/0x980
[ 273.439721][ T7753] ? __pfx_netlink_unicast+0x10/0x10
[ 273.445024][ T7753] ? __virt_addr_valid+0x183/0x530
[ 273.450410][ T7753] ? __check_object_size+0x49c/0x900
[ 273.455694][ T7753] ? bpf_lsm_netlink_send+0x9/0x10
[ 273.460894][ T7753] netlink_sendmsg+0x8db/0xcb0
[ 273.465709][ T7753] ? __pfx_netlink_sendmsg+0x10/0x10
[ 273.470996][ T7753] ? __import_iovec+0x536/0x820
[ 273.475933][ T7753] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 273.481216][ T7753] ? security_socket_sendmsg+0x87/0xb0
[ 273.486679][ T7753] ? __pfx_netlink_sendmsg+0x10/0x10
[ 273.492134][ T7753] __sock_sendmsg+0x221/0x270
[ 273.496817][ T7753] ____sys_sendmsg+0x525/0x7d0
[ 273.501780][ T7753] ? __pfx_____sys_sendmsg+0x10/0x10
[ 273.508638][ T7753] __sys_sendmsg+0x2b0/0x3a0
[ 273.516937][ T7753] ? __pfx___sys_sendmsg+0x10/0x10
[ 273.522054][ T7753] ? vfs_write+0x7c4/0xc90
[ 273.526502][ T7753] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 273.532828][ T7753] ? do_syscall_64+0x100/0x230
[ 273.537601][ T7753] ? do_syscall_64+0xb6/0x230
[ 273.542276][ T7753] do_syscall_64+0xf3/0x230
[ 273.546770][ T7753] ? clear_bhb_loop+0x35/0x90
[ 273.551437][ T7753] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 273.557327][ T7753] RIP: 0033:0x7fce80175bd9
[ 273.561736][ T7753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 273.581770][ T7753] RSP: 002b:00007fce80f8f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 273.590876][ T7753] RAX: ffffffffffffffda RBX: 00007fce80303f60 RCX: 00007fce80175bd9
[ 273.599829][ T7753] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004
[ 273.608712][ T7753] RBP: 00007fce80f8f0a0 R08: 0000000000000000 R09: 0000000000000000
[ 273.616856][ T7753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 273.625098][ T7753] R13: 000000000000000b R14: 00007fce80303f60 R15: 00007ffc76f74558
[ 273.633535][ T7753] </TASK>
[ 273.829601][ T5092] usb 4-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 274.000598][ T5092] usb 4-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 274.116117][ T7764] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.766'.
[ 274.129472][ T7764] netlink: zone id is out of range
[ 274.136170][ T7764] netlink: del zone limit has 8 unknown bytes
[ 274.273343][ T5092] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 274.317157][ T5092] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 274.548682][ T5092] usb 4-1: language id specifier not provided by device, defaulting to English
[ 274.968002][ T5092] usb 4-1: USB disconnect, device number 51
[ 275.439783][ T8] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[ 275.738508][ T8] usb 1-1: Using ep0 maxpacket: 16
[ 275.771231][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 275.800328][ T8] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 275.812914][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 275.829259][ T8] usb 1-1: config 0 descriptor??
[ 275.873366][ T7790] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.774'.
[ 275.906642][ T7790] netlink: zone id is out of range
[ 275.916143][ T7790] netlink: del zone limit has 8 unknown bytes
[ 276.294018][ T7786] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 276.305558][ T7786] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 276.308968][ T7809] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.779'.
[ 276.383922][ T8] hid (null): nested delimiters
[ 276.390041][ T7809] netlink: zone id is out of range
[ 276.417442][ T7809] netlink: del zone limit has 8 unknown bytes
[ 276.603610][ T8] hid (null): report_id 24797 is invalid
[ 276.632522][ T7807] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 276.664532][ T8] hid (null): unknown global tag 0xa5
[ 276.675456][ T8] hid (null): unknown global tag 0xd
[ 276.699581][ T8] hid (null): unknown global tag 0xc
[ 276.715782][ T8] hid-generic 0003:0158:0100.0021: unknown main item tag 0x1
[ 276.726317][ T8] hid-generic 0003:0158:0100.0021: unexpected long global item
[ 276.750533][ T8] hid-generic 0003:0158:0100.0021: probe with driver hid-generic failed with error -22
[ 276.778597][ T8] usb 1-1: USB disconnect, device number 28
[ 277.735788][ T25] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[ 277.980644][ T25] usb 1-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 278.005246][ T4479] Bluetooth: hci4: command 0x0406 tx timeout
[ 278.026775][ T25] usb 1-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 278.115221][ T25] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 278.159350][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 278.328228][ T7842] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.790'.
[ 278.338033][ T7842] netlink: zone id is out of range
[ 278.343241][ T7842] netlink: del zone limit has 8 unknown bytes
[ 278.494594][ T25] usb 1-1: language id specifier not provided by device, defaulting to English
[ 278.686061][ T7853] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 278.925876][ T25] usb 1-1: USB disconnect, device number 29
[ 279.317906][ T785] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 279.508803][ T785] usb 2-1: Using ep0 maxpacket: 16
[ 279.571368][ T785] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 279.596561][ T785] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 279.606726][ T785] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 279.649973][ T785] usb 2-1: config 0 descriptor??
[ 279.932085][ T25] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[ 280.106928][ T7864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 280.128224][ T7864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 280.140155][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 280.156456][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 280.164984][ T785] hid (null): nested delimiters
[ 280.166814][ T25] usb 1-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 280.180881][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 280.188132][ T785] hid (null): report_id 24797 is invalid
[ 280.211380][ T25] usb 1-1: config 0 descriptor??
[ 280.215949][ T785] hid (null): unknown global tag 0xa5
[ 280.244552][ T785] hid (null): unknown global tag 0xd
[ 280.263188][ T785] hid (null): unknown global tag 0xc
[ 280.475833][ T7889] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.804'.
[ 280.487251][ T7889] netlink: zone id is out of range
[ 280.493166][ T7889] netlink: del zone limit has 8 unknown bytes
[ 280.837103][ T785] hid-generic 0003:0158:0100.0022: unknown main item tag 0x1
[ 280.866953][ T785] hid-generic 0003:0158:0100.0022: unexpected long global item
[ 280.897467][ T785] hid-generic 0003:0158:0100.0022: probe with driver hid-generic failed with error -22
[ 280.931031][ T785] usb 2-1: USB disconnect, device number 36
[ 281.100381][ T25] holtek_kbd 0003:04D9:A055.0023: item fetching failed at offset 3/5
[ 281.136579][ T25] holtek_kbd 0003:04D9:A055.0023: probe with driver holtek_kbd failed with error -22
[ 281.454643][ T784] usb 1-1: USB disconnect, device number 30
[ 281.991006][ T7909] netlink: 4 bytes leftover after parsing attributes in process `syz.4.807'.
[ 282.001271][ T7909] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 282.577705][ T784] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[ 282.792532][ T784] usb 1-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 282.808492][ T784] usb 1-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 282.835234][ T784] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 282.849288][ T784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 282.879029][ T25] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 283.080558][ T25] usb 2-1: Using ep0 maxpacket: 8
[ 283.096879][ T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 283.116049][ T784] usb 1-1: language id specifier not provided by device, defaulting to English
[ 283.132810][ T25] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 283.156410][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 283.193506][ T25] usb 2-1: config 0 descriptor??
[ 283.237111][ T25] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 283.495766][ T7933] overlay: Unknown parameter '\'
[ 283.546199][ T784] usb 1-1: USB disconnect, device number 31
[ 283.649087][ T7919] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 283.694563][ T7919] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 283.958362][ T25] gspca_vc032x: reg_w err -110
[ 284.158583][ T25] vc032x 2-1:0.0: probe with driver vc032x failed with error -110
[ 284.627900][ T4479] Bluetooth: hci4: command 0x0406 tx timeout
[ 284.798903][ T7955] overlay: Unknown parameter '\'
[ 285.306037][ T7970] netlink: 'syz.4.827': attribute type 7 has an invalid length.
[ 285.316713][ T7970] FAULT_INJECTION: forcing a failure.
[ 285.316713][ T7970] name failslab, interval 1, probability 0, space 0, times 0
[ 285.334960][ T7970] CPU: 0 PID: 7970 Comm: syz.4.827 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 285.345077][ T7970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 285.355248][ T7970] Call Trace:
[ 285.358568][ T7970] <TASK>
[ 285.362207][ T7970] dump_stack_lvl+0x241/0x360
[ 285.367007][ T7970] ? __pfx_dump_stack_lvl+0x10/0x10
[ 285.372323][ T7970] ? __pfx__printk+0x10/0x10
[ 285.376956][ T7970] ? nla_get_range_unsigned+0x2ec/0x490
[ 285.382542][ T7970] should_fail_ex+0x3b0/0x4e0
[ 285.387245][ T7970] ? __alloc_skb+0x1c3/0x440
[ 285.391860][ T7970] should_failslab+0x9/0x20
[ 285.396384][ T7970] kmem_cache_alloc_node_noprof+0x71/0x320
[ 285.402213][ T7970] __alloc_skb+0x1c3/0x440
[ 285.406656][ T7970] ? __pfx___alloc_skb+0x10/0x10
[ 285.411626][ T7970] ovs_dp_cmd_new+0x169/0xc10
[ 285.416335][ T7970] ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 285.421556][ T7970] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[ 285.427908][ T7970] genl_rcv_msg+0xb14/0xec0
[ 285.432441][ T7970] ? mark_lock+0x9a/0x350
[ 285.436803][ T7970] ? __pfx_genl_rcv_msg+0x10/0x10
[ 285.441876][ T7970] ? __pfx_lock_acquire+0x10/0x10
[ 285.446921][ T7970] ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 285.452121][ T7970] ? __pfx___might_resched+0x10/0x10
[ 285.457419][ T7970] netlink_rcv_skb+0x1e3/0x430
[ 285.462196][ T7970] ? __pfx_genl_rcv_msg+0x10/0x10
[ 285.467236][ T7970] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 285.472892][ T7970] ? __netlink_deliver_tap+0x77e/0x7c0
[ 285.478374][ T7970] genl_rcv+0x28/0x40
[ 285.482354][ T7970] netlink_unicast+0x7ea/0x980
[ 285.487135][ T7970] ? __pfx_netlink_unicast+0x10/0x10
[ 285.492425][ T7970] ? __virt_addr_valid+0x183/0x530
[ 285.497538][ T7970] ? __check_object_size+0x49c/0x900
[ 285.503252][ T7970] ? bpf_lsm_netlink_send+0x9/0x10
[ 285.508710][ T7970] netlink_sendmsg+0x8db/0xcb0
[ 285.513588][ T7970] ? __pfx_netlink_sendmsg+0x10/0x10
[ 285.519000][ T7970] ? __import_iovec+0x536/0x820
[ 285.524288][ T7970] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 285.531009][ T7970] ? security_socket_sendmsg+0x87/0xb0
[ 285.537915][ T7970] ? __pfx_netlink_sendmsg+0x10/0x10
[ 285.546238][ T7970] __sock_sendmsg+0x221/0x270
[ 285.550925][ T7970] ____sys_sendmsg+0x525/0x7d0
[ 285.555700][ T7970] ? __pfx_____sys_sendmsg+0x10/0x10
[ 285.560995][ T7970] __sys_sendmsg+0x2b0/0x3a0
[ 285.565781][ T7970] ? __pfx___sys_sendmsg+0x10/0x10
[ 285.570906][ T7970] ? vfs_write+0x7c4/0xc90
[ 285.575626][ T7970] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 285.582847][ T7970] ? do_syscall_64+0x100/0x230
[ 285.587709][ T7970] ? do_syscall_64+0xb6/0x230
[ 285.592419][ T7970] do_syscall_64+0xf3/0x230
[ 285.597000][ T7970] ? clear_bhb_loop+0x35/0x90
[ 285.602081][ T7970] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 285.608245][ T7970] RIP: 0033:0x7fb83a175bd9
[ 285.612757][ T7970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 285.632360][ T7970] RSP: 002b:00007fb83aedd048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 285.640918][ T7970] RAX: ffffffffffffffda RBX: 00007fb83a303f60 RCX: 00007fb83a175bd9
[ 285.649077][ T7970] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[ 285.658793][ T7970] RBP: 00007fb83aedd0a0 R08: 0000000000000000 R09: 0000000000000000
[ 285.669621][ T7970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 285.677594][ T7970] R13: 000000000000000b R14: 00007fb83a303f60 R15: 00007fffeeb8d348
[ 285.685587][ T7970] </TASK>
[ 285.877848][ T785] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[ 286.089407][ T785] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 286.119128][ T785] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 286.155963][ T785] usb 1-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 286.177691][ T785] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 286.211420][ T785] usb 1-1: config 0 descriptor??
[ 286.225456][ T784] usb 2-1: USB disconnect, device number 37
[ 286.320781][ T7979] FAULT_INJECTION: forcing a failure.
[ 286.320781][ T7979] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 286.357786][ T7979] CPU: 0 PID: 7979 Comm: syz.3.829 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 286.368085][ T7979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 286.378731][ T7979] Call Trace:
[ 286.382113][ T7979] <TASK>
[ 286.385056][ T7979] dump_stack_lvl+0x241/0x360
[ 286.390244][ T7979] ? __pfx_dump_stack_lvl+0x10/0x10
[ 286.395470][ T7979] ? __pfx__printk+0x10/0x10
[ 286.400084][ T7979] ? __lock_acquire+0x1346/0x1fd0
[ 286.405159][ T7979] should_fail_ex+0x3b0/0x4e0
[ 286.409888][ T7979] prepare_alloc_pages+0x1da/0x5d0
[ 286.415035][ T7979] __alloc_pages_noprof+0x166/0x6c0
[ 286.420259][ T7979] ? __pfx___alloc_pages_noprof+0x10/0x10
[ 286.426019][ T7979] alloc_pages_mpol_noprof+0x3e8/0x680
[ 286.431503][ T7979] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 286.437520][ T7979] vma_alloc_folio_noprof+0xf3/0x1f0
[ 286.442834][ T7979] ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 286.448753][ T7979] ? do_raw_spin_unlock+0x13c/0x8b0
[ 286.453981][ T7979] folio_prealloc+0x31/0x170
[ 286.458593][ T7979] do_wp_page+0x11cc/0x52f0
[ 286.463128][ T7979] ? __pfx_do_wp_page+0x10/0x10
[ 286.468001][ T7979] ? __pfx_lock_acquire+0x10/0x10
[ 286.473045][ T7979] ? do_raw_spin_lock+0x14f/0x370
[ 286.478109][ T7979] handle_pte_fault+0x117e/0x7090
[ 286.483152][ T7979] ? cgroup_rstat_updated+0x13b/0xc60
[ 286.488541][ T7979] ? __pfx_validate_chain+0x10/0x10
[ 286.493761][ T7979] ? __pfx_cgroup_rstat_updated+0x10/0x10
[ 286.499513][ T7979] ? mark_lock+0x9a/0x350
[ 286.503966][ T7979] ? __pfx_handle_pte_fault+0x10/0x10
[ 286.509356][ T7979] ? __lock_acquire+0x1346/0x1fd0
[ 286.514442][ T7979] ? mt_find+0x226/0x850
[ 286.518799][ T7979] handle_mm_fault+0xfb0/0x19d0
[ 286.524509][ T7979] ? __pfx_handle_mm_fault+0x10/0x10
[ 286.532119][ T7979] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 286.539980][ T7979] ? lock_mm_and_find_vma+0x9c/0x2f0
[ 286.545391][ T7979] exc_page_fault+0x2b9/0x8c0
[ 286.551098][ T7979] asm_exc_page_fault+0x26/0x30
[ 286.557034][ T7979] RIP: 0010:rep_movs_alternative+0x4a/0x70
[ 286.563843][ T7979] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[ 286.588623][ T7979] RSP: 0018:ffffc900133e7738 EFLAGS: 00050206
[ 286.594724][ T7979] RAX: ffff88805f660001 RBX: 00000000200105d0 RCX: 000000000000c5d0
[ 286.602723][ T7979] RDX: 0000000000000000 RSI: ffff88805f663ce8 RDI: 0000000020004000
[ 286.610714][ T7979] RBP: ffffc900133e78b8 R08: ffff88805f6702b7 R09: 1ffff1100bece056
[ 286.618708][ T7979] R10: dffffc0000000000 R11: ffffed100bece057 R12: dffffc0000000000
[ 286.626717][ T7979] R13: 1ffff9200267cefc R14: 00000000000101d0 R15: ffff88805f6600e8
[ 286.634743][ T7979] _copy_to_iter+0x4c0/0x1960
[ 286.639449][ T7979] ? __virt_addr_valid+0x183/0x530
[ 286.644602][ T7979] ? __pfx__copy_to_iter+0x10/0x10
[ 286.649732][ T7979] ? remove_wait_queue+0x33/0x130
[ 286.651570][ T7984] cgroup: No subsys list or none specified
[ 286.654845][ T7979] ? __virt_addr_valid+0x183/0x530
[ 286.665762][ T7979] ? __virt_addr_valid+0x183/0x530
[ 286.670890][ T7979] ? __virt_addr_valid+0x45f/0x530
[ 286.676008][ T7979] ? __phys_addr_symbol+0x2f/0x70
[ 286.681025][ T7979] ? __check_object_size+0x49c/0x900
[ 286.686307][ T7979] __skb_datagram_iter+0x112/0x890
[ 286.691425][ T7979] ? __pfx_simple_copy_to_iter+0x10/0x10
[ 286.697053][ T7979] ? __pfx_tipc_sk_anc_data_recv+0x10/0x10
[ 286.702856][ T7979] skb_copy_datagram_iter+0xd1/0x250
[ 286.708142][ T7979] tipc_recvstream+0x7a8/0xf80
[ 286.712910][ T7979] ? __pfx_tipc_recvstream+0x10/0x10
[ 286.718186][ T7979] ? iovec_from_user+0x1b0/0x240
[ 286.723121][ T7979] ? bpf_lsm_socket_recvmsg+0x9/0x10
[ 286.728394][ T7979] ? security_socket_recvmsg+0x90/0xb0
[ 286.733846][ T7979] ? __pfx_tipc_recvstream+0x10/0x10
[ 286.739122][ T7979] sock_recvmsg+0x22f/0x280
[ 286.743620][ T7979] ____sys_recvmsg+0x1db/0x470
[ 286.748387][ T7979] ? __pfx_____sys_recvmsg+0x10/0x10
[ 286.753684][ T7979] __sys_recvmsg+0x2f0/0x3e0
[ 286.758271][ T7979] ? __pfx___sys_recvmsg+0x10/0x10
[ 286.763397][ T7979] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 286.769717][ T7979] ? do_syscall_64+0x100/0x230
[ 286.774470][ T7979] ? do_syscall_64+0xb6/0x230
[ 286.779135][ T7979] do_syscall_64+0xf3/0x230
[ 286.783628][ T7979] ? clear_bhb_loop+0x35/0x90
[ 286.788559][ T7979] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 286.794539][ T7979] RIP: 0033:0x7fc621d75bd9
[ 286.799098][ T7979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 286.820784][ T7979] RSP: 002b:00007fc622aa9048 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 286.829193][ T7979] RAX: ffffffffffffffda RBX: 00007fc621f03f60 RCX: 00007fc621d75bd9
[ 286.837153][ T7979] RDX: 0000000000001f00 RSI: 0000000020000500 RDI: 0000000000000003
[ 286.846438][ T7979] RBP: 00007fc622aa90a0 R08: 0000000000000000 R09: 0000000000000000
[ 286.854853][ T7979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 286.862825][ T7979] R13: 000000000000000b R14: 00007fc621f03f60 R15: 00007ffe75ac0258
[ 286.870806][ T7979] </TASK>
[ 286.888513][ T4479] Bluetooth: hci4: command 0x0406 tx timeout
[ 287.583983][ T785] holtek_kbd 0003:04D9:A055.0024: item fetching failed at offset 3/5
[ 287.621775][ T785] holtek_kbd 0003:04D9:A055.0024: probe with driver holtek_kbd failed with error -22
[ 288.039657][ T8005] overlay: Unknown parameter '\'
[ 288.057836][ T784] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[ 288.092594][ T5092] usb 1-1: USB disconnect, device number 32
[ 288.159994][ T8008] process 'syz.2.838' launched './file1' with NULL argv: empty string added
[ 288.259863][ T784] usb 5-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 288.270897][ T25] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[ 288.287718][ T784] usb 5-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 288.297137][ T784] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 288.308642][ T784] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 288.489948][ T25] usb 4-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[ 288.501949][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 288.519969][ T25] usb 4-1: config 0 descriptor??
[ 288.542658][ T784] usb 5-1: language id specifier not provided by device, defaulting to English
[ 289.006589][ T784] usb 5-1: USB disconnect, device number 28
[ 289.472660][ T8021] overlay: Unknown parameter '\'
[ 289.800829][ T784] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 289.893457][ T8002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 289.908180][ T8002] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 289.979168][ T8002] set match dimension is over the limit!
[ 290.000685][ T25] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 290.022807][ T25] asix 4-1:0.0: probe with driver asix failed with error -71
[ 290.030430][ T784] usb 2-1: Using ep0 maxpacket: 32
[ 290.047798][ T784] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 290.065390][ T25] usb 4-1: USB disconnect, device number 52
[ 290.080002][ T784] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 290.118886][ T784] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 290.150631][ T784] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 290.191728][ T784] hub 2-1:4.0: USB hub found
[ 290.227946][ T5134] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[ 290.388352][ T784] hub 2-1:4.0: 2 ports detected
[ 290.441904][ T5134] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x26, changing to 0x6
[ 290.455131][ T5134] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 290.484098][ T5134] usb 5-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=39.78
[ 290.493554][ T5134] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 290.501787][ T5134] usb 5-1: Product: syz
[ 290.506211][ T5134] usb 5-1: Manufacturer: syz
[ 290.510937][ T5134] usb 5-1: SerialNumber: syz
[ 290.524167][ T5134] usb 5-1: config 0 descriptor??
[ 290.536965][ T5134] usbtest 5-1:0.0: couldn't get endpoints, -22
[ 290.549199][ T5134] usbtest 5-1:0.0: probe with driver usbtest failed with error -22
[ 290.768275][ T5134] usb 5-1: USB disconnect, device number 29
[ 290.979628][ T8039] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.844'.
[ 291.003343][ T8039] netlink: del zone limit has 8 unknown bytes
[ 291.725497][ T784] hub 2-1:4.0: activate --> -90
[ 291.838001][ T45] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[ 292.057709][ T45] usb 1-1: Using ep0 maxpacket: 16
[ 292.062830][ T785] usb 5-1: new full-speed USB device number 30 using dummy_hcd
[ 292.072044][ T45] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 292.083299][ T45] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 292.092429][ T5134] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 292.100132][ T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 292.111344][ T45] usb 1-1: config 0 descriptor??
[ 292.167794][ T5092] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 292.243020][ T785] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 292.252982][ T785] usb 5-1: config 1 has no interface number 1
[ 292.259324][ T785] usb 5-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 292.270722][ T5134] usb 4-1: device descriptor read/64, error -71
[ 292.272206][ T785] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 292.291562][ T785] usb 5-1: string descriptor 0 read error: -22
[ 292.297930][ T785] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 292.306981][ T785] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 292.334034][ T785] usb 5-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[ 292.351140][ T785] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 292.361511][ T5092] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 292.376808][ T5092] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 292.389419][ T5092] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 292.400196][ T5092] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 292.413861][ T5092] usb 3-1: config 0 descriptor??
[ 292.549930][ T5134] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[ 292.561657][ T8042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 292.568146][ T785] usb 5-1: USB disconnect, device number 30
[ 292.574114][ T8042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 292.607281][ T45] hid (null): nested delimiters
[ 292.619404][ T45] hid (null): report_id 24797 is invalid
[ 292.648150][ T45] hid (null): unknown global tag 0xa5
[ 292.653639][ T45] hid (null): unknown global tag 0xd
[ 292.659794][ T45] hid (null): unknown global tag 0xc
[ 292.668743][ T45] hid-generic 0003:0158:0100.0025: unknown main item tag 0x1
[ 292.676374][ T45] hid-generic 0003:0158:0100.0025: unexpected long global item
[ 292.685607][ T45] hid-generic 0003:0158:0100.0025: probe with driver hid-generic failed with error -22
[ 292.747964][ T5134] usb 4-1: device descriptor read/64, error -71
[ 292.792388][ T784] usb 2-1-port1: cannot reset (err = -71)
[ 292.792867][ T8] usb 2-1: USB disconnect, device number 38
[ 292.800011][ T784] usb 2-1-port1: Cannot enable. Maybe the USB cable is bad?
[ 292.820374][ T784] usb 2-1-port1: attempt power cycle
[ 292.850478][ T5093] udevd[5093]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 292.875715][ T5134] usb usb4-port1: attempt power cycle
[ 292.892077][ T45] usb 1-1: USB disconnect, device number 33
[ 292.933352][ T5092] holtek_kbd 0003:04D9:A055.0026: item fetching failed at offset 3/5
[ 292.949773][ T5092] holtek_kbd 0003:04D9:A055.0026: probe with driver holtek_kbd failed with error -22
[ 293.318138][ T5134] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[ 293.381331][ T5134] usb 4-1: device descriptor read/8, error -71
[ 293.609163][ T8] usb 3-1: USB disconnect, device number 44
[ 293.667751][ T5134] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[ 293.718650][ T5134] usb 4-1: device descriptor read/8, error -71
[ 293.848291][ T5134] usb usb4-port1: unable to enumerate USB device
[ 293.854857][ T784] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 294.027775][ T5133] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[ 294.057989][ T784] usb 2-1: Using ep0 maxpacket: 32
[ 294.079074][ T784] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 294.097657][ T784] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 294.150148][ T784] usb 2-1: config 0 descriptor??
[ 294.159486][ T784] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 294.219093][ T5133] usb 1-1: config 1 has an invalid descriptor of length 24, skipping remainder of the config
[ 294.237066][ T5133] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 294.255424][ T5133] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 294.271257][ T5133] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 294.297723][ T5133] usb 1-1: SerialNumber: syz
[ 294.712363][ T5133] usb 1-1: 0:2 : does not exist
[ 294.868645][ T784] gspca_sunplus: reg_w_riv err -110
[ 294.875314][ T784] sunplus 2-1:0.0: probe with driver sunplus failed with error -110
[ 295.040959][ T8077] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.860'.
[ 295.066195][ T8077] netlink: del zone limit has 8 unknown bytes
[ 295.167228][ T5133] usb 1-1: USB disconnect, device number 34
[ 295.268639][ T4479] Bluetooth: hci4: command 0x0406 tx timeout
[ 295.588113][ T5133] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 295.737771][ T5131] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[ 295.777744][ T5133] usb 1-1: Using ep0 maxpacket: 16
[ 295.796623][ T5133] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 295.813809][ T5133] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 295.824339][ T5092] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[ 295.837698][ T5133] usb 1-1: Product: syz
[ 295.841893][ T5133] usb 1-1: Manufacturer: syz
[ 295.846502][ T5133] usb 1-1: SerialNumber: syz
[ 295.863277][ T5133] usb 1-1: config 0 descriptor??
[ 295.882506][ T5623] udevd[5623]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 295.979888][ T5131] usb 5-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 296.001603][ T5131] usb 5-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 296.030180][ T5131] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 296.037894][ T5092] usb 4-1: Using ep0 maxpacket: 32
[ 296.040180][ T5131] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 296.053494][ T5092] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 296.077654][ T5092] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 296.087453][ T5092] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 296.123916][ T5092] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 296.142575][ T5092] hub 4-1:4.0: USB hub found
[ 296.347440][ T5092] hub 4-1:4.0: 2 ports detected
[ 296.552985][ T5131] usb 5-1: language id specifier not provided by device, defaulting to English
[ 297.375913][ T5133] usb 2-1: USB disconnect, device number 43
[ 297.481376][ T5131] usb 5-1: USB disconnect, device number 31
[ 298.035749][ T785] hub 4-1:4.0: activate --> -90
[ 298.798826][ T5133] usb 1-1: USB disconnect, device number 35
[ 298.853275][ T8122] mmap: syz.4.873 (8122): VmData 25841664 exceed data ulimit 7. Update limits or use boot option ignore_rlimit_data.
[ 298.870930][ T8128] overlay: Unknown parameter '\'
[ 299.088989][ T785] usb 4-1-port1: cannot reset (err = -71)
[ 299.092684][ T5134] usb 4-1: USB disconnect, device number 57
[ 299.543465][ T785] usb 4-1-port1: Cannot enable. Maybe the USB cable is bad?
[ 299.551480][ T785] usb 4-1-port1: attempt power cycle
[ 299.854338][ T5092] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 300.057929][ T5092] usb 2-1: Using ep0 maxpacket: 32
[ 300.069551][ T5092] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 300.078901][ T5092] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 300.098864][ T5092] usb 2-1: config 0 descriptor??
[ 300.112923][ T5092] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 301.910134][ T5092] gspca_sunplus: reg_w_riv err -71
[ 301.944180][ T5092] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[ 301.971071][ T5092] usb 2-1: USB disconnect, device number 44
[ 302.302997][ T8180] netlink: 'syz.0.890': attribute type 10 has an invalid length.
[ 302.315286][ T8180] bridge0: port 3(team0) entered disabled state
[ 302.322911][ T8180] team0: left allmulticast mode
[ 302.328062][ T8180] team_slave_0: left allmulticast mode
[ 302.333614][ T8180] team_slave_1: left allmulticast mode
[ 302.339151][ T8180] team0: left promiscuous mode
[ 302.344009][ T8180] team_slave_0: left promiscuous mode
[ 302.349868][ T8180] team_slave_1: left promiscuous mode
[ 302.357261][ T8180] bridge0: port 3(team0) entered disabled state
[ 302.372138][ T8180] batman_adv: batadv0: Adding interface: team0
[ 302.378486][ T8180] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 302.404192][ T8180] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 302.416004][ T8181] netlink: 'syz.0.890': attribute type 10 has an invalid length.
[ 302.423932][ T8181] netlink: 2 bytes leftover after parsing attributes in process `syz.0.890'.
[ 302.433014][ T8181] team0: entered promiscuous mode
[ 302.438182][ T8181] team_slave_0: entered promiscuous mode
[ 302.444153][ T8181] team_slave_1: entered promiscuous mode
[ 302.452781][ T8181] 8021q: adding VLAN 0 to HW filter on device team0
[ 302.461620][ T8181] batman_adv: batadv0: Interface activated: team0
[ 302.468585][ T8181] batman_adv: batadv0: Interface deactivated: team0
[ 302.475312][ T8181] batman_adv: batadv0: Removing interface: team0
[ 302.577887][ T4479] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 302.621911][ T4479] Bluetooth: hci2: SCO packet for unknown connection handle 201
[ 302.636846][ T8181] bridge0: port 3(team0) entered blocking state
[ 302.651238][ T8181] bridge0: port 3(team0) entered disabled state
[ 302.657861][ T8181] team0: entered allmulticast mode
[ 302.664337][ T8181] team_slave_0: entered allmulticast mode
[ 302.670312][ T8181] team_slave_1: entered allmulticast mode
[ 302.679377][ T8181] bridge0: port 3(team0) entered blocking state
[ 302.685845][ T8181] bridge0: port 3(team0) entered forwarding state
[ 303.809432][ T5131] usb 4-1: new full-speed USB device number 62 using dummy_hcd
[ 304.032267][ T5131] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 304.044246][ T5131] usb 4-1: config 1 has no interface number 1
[ 304.051733][ T5131] usb 4-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 304.069014][ T5131] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 304.095333][ T5131] usb 4-1: string descriptor 0 read error: -22
[ 304.107575][ T5131] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 304.118071][ T5131] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 304.137352][ T5131] usb 4-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[ 304.147176][ T5131] usb 4-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 304.197733][ T5133] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 304.212464][ T4479] Bluetooth: hci1: ISO packet for unknown connection handle 0
[ 304.212969][ T8219] netlink: 25 bytes leftover after parsing attributes in process `syz.1.903'.
[ 304.366225][ T5131] usb 4-1: USB disconnect, device number 62
[ 304.377882][ T5133] usb 1-1: Using ep0 maxpacket: 8
[ 304.419071][ T5133] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[ 304.437265][ T5133] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 304.487782][ T5133] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 304.510962][ T5133] usb 1-1: string descriptor 0 read error: -22
[ 304.517441][ T5133] usb 1-1: New USB device found, idVendor=0f11, idProduct=1020, bcdDevice=a2.1b
[ 304.553342][ T5133] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 304.595353][ T5133] usb 1-1: config 0 descriptor??
[ 304.610714][ T5133] ldusb 1-1:0.0: Interrupt in endpoint not found
[ 304.638080][ T5623] udevd[5623]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 304.820290][ T5092] usb 1-1: USB disconnect, device number 36
[ 305.020013][ T8232] netlink: 'syz.4.908': attribute type 10 has an invalid length.
[ 305.113242][ T8232] batman_adv: batadv0: Adding interface: team0
[ 305.120618][ T8232] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 305.147234][ T8232] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 305.530712][ T8232] netlink: 'syz.4.908': attribute type 10 has an invalid length.
[ 305.541089][ T8232] netlink: 2 bytes leftover after parsing attributes in process `syz.4.908'.
[ 305.550896][ T8232] team0: entered promiscuous mode
[ 305.556612][ T8232] team_slave_0: entered promiscuous mode
[ 305.565159][ T8232] team_slave_1: entered promiscuous mode
[ 305.577267][ T8232] 8021q: adding VLAN 0 to HW filter on device team0
[ 305.584758][ T8232] batman_adv: batadv0: Interface activated: team0
[ 305.592465][ T8232] batman_adv: batadv0: Interface deactivated: team0
[ 305.600021][ T8232] batman_adv: batadv0: Removing interface: team0
[ 305.922586][ T4479] Bluetooth: hci4: ACL packet for unknown connection handle 201
[ 305.999347][ T8232] bridge0: port 3(team0) entered blocking state
[ 306.048561][ T8232] bridge0: port 3(team0) entered disabled state
[ 306.055350][ T8232] team0: entered allmulticast mode
[ 306.063388][ T8232] team_slave_0: entered allmulticast mode
[ 306.071486][ T8232] team_slave_1: entered allmulticast mode
[ 306.080936][ T8232] bridge0: port 3(team0) entered blocking state
[ 306.087446][ T8232] bridge0: port 3(team0) entered forwarding state
[ 306.103225][ T4479] Bluetooth: hci4: SCO packet for unknown connection handle 201
[ 306.670858][ T5219] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 306.916446][ T5219] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 306.964311][ T5219] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 10
[ 306.971009][ T8262] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.915'.
[ 306.993262][ T8262] netlink: zone id is out of range
[ 307.000370][ T8262] netlink: del zone limit has 8 unknown bytes
[ 307.218999][ T5219] usb 1-1: New USB device found, idVendor=054c, idProduct=0374, bcdDevice= 0.40
[ 307.228214][ T5219] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 307.236326][ T5219] usb 1-1: Product: syz
[ 307.240753][ T5219] usb 1-1: Manufacturer: syz
[ 307.251126][ T5219] usb 1-1: SerialNumber: syz
[ 307.534609][ T8245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 307.570953][ T8245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 307.648378][ T5219] usbhid 1-1:1.0: can't add hid device: -22
[ 307.683505][ T5219] usbhid 1-1:1.0: probe with driver usbhid failed with error -22
[ 307.715755][ T5219] usb 1-1: USB disconnect, device number 37
[ 308.943651][ T8274] netlink: 203516 bytes leftover after parsing attributes in process `syz.4.918'.
[ 308.953638][ T8274] netlink: del zone limit has 8 unknown bytes
[ 309.377691][ T5092] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[ 309.567718][ T5092] usb 5-1: Using ep0 maxpacket: 16
[ 309.583022][ T5092] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 309.601753][ T5092] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 309.627795][ T5092] usb 5-1: Product: syz
[ 309.690763][ T8312] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 309.691263][ T5092] usb 5-1: Manufacturer: syz
[ 309.704108][ T8312] FAULT_INJECTION: forcing a failure.
[ 309.704108][ T8312] name failslab, interval 1, probability 0, space 0, times 0
[ 309.704774][ T5092] usb 5-1: SerialNumber: syz
[ 309.721880][ T8312] CPU: 1 PID: 8312 Comm: syz.2.927 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 309.730728][ T5092] usb 5-1: config 0 descriptor??
[ 309.731864][ T8312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 309.746865][ T8312] Call Trace:
[ 309.750160][ T8312] <TASK>
[ 309.753101][ T8312] dump_stack_lvl+0x241/0x360
[ 309.758067][ T8312] ? __pfx_dump_stack_lvl+0x10/0x10
[ 309.763280][ T8312] ? __pfx__printk+0x10/0x10
[ 309.767965][ T8312] should_fail_ex+0x3b0/0x4e0
[ 309.772642][ T8312] ? tomoyo_encode+0x26f/0x540
[ 309.777396][ T8312] should_failslab+0x9/0x20
[ 309.781909][ T8312] __kmalloc_noprof+0xd8/0x400
[ 309.786731][ T8312] tomoyo_encode+0x26f/0x540
[ 309.791339][ T8312] tomoyo_realpath_from_path+0x59e/0x5e0
[ 309.796993][ T8312] tomoyo_path_number_perm+0x23a/0x880
[ 309.802462][ T8312] ? tomoyo_path_number_perm+0x208/0x880
[ 309.808279][ T8312] ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 309.814572][ T8312] ? __fget_files+0x29/0x470
[ 309.819171][ T8312] ? __fget_files+0x3f6/0x470
[ 309.823856][ T8312] ? __fget_files+0x29/0x470
[ 309.828455][ T8312] security_file_ioctl+0x75/0xb0
[ 309.833396][ T8312] __se_sys_ioctl+0x47/0x170
[ 309.838175][ T8312] do_syscall_64+0xf3/0x230
[ 309.842770][ T8312] ? clear_bhb_loop+0x35/0x90
[ 309.847437][ T8312] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 309.853327][ T8312] RIP: 0033:0x7f8c60b75bd9
[ 309.857734][ T8312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 309.877330][ T8312] RSP: 002b:00007f8c618b6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 309.885736][ T8312] RAX: ffffffffffffffda RBX: 00007f8c60d04038 RCX: 00007f8c60b75bd9
[ 309.893871][ T8312] RDX: 0000000020000080 RSI: 0000000000003ba0 RDI: 0000000000000004
[ 309.901828][ T8312] RBP: 00007f8c618b60a0 R08: 0000000000000000 R09: 0000000000000000
[ 309.909793][ T8312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 309.917754][ T8312] R13: 000000000000006e R14: 00007f8c60d04038 R15: 00007fffdc118198
[ 309.925726][ T8312] </TASK>
[ 309.933440][ T8312] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 310.703067][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 310.919066][ T8323] syz_tun: entered promiscuous mode
[ 310.943076][ T8323] vlan2: entered promiscuous mode
[ 310.970964][ T8323] vlan2: entered allmulticast mode
[ 311.007859][ T8323] syz_tun: entered allmulticast mode
[ 311.029912][ T8323] syz_tun: left allmulticast mode
[ 311.035321][ T8323] syz_tun: left promiscuous mode
[ 312.275239][ T8344] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 313.158660][ T5219] usb 5-1: USB disconnect, device number 32
[ 313.410853][ T8359] FAULT_INJECTION: forcing a failure.
[ 313.410853][ T8359] name failslab, interval 1, probability 0, space 0, times 0
[ 313.444942][ T8359] CPU: 1 PID: 8359 Comm: syz.1.942 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 313.454975][ T8359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 313.465028][ T8359] Call Trace:
[ 313.468301][ T8359] <TASK>
[ 313.471315][ T8359] dump_stack_lvl+0x241/0x360
[ 313.476021][ T8359] ? __pfx_dump_stack_lvl+0x10/0x10
[ 313.481492][ T8359] ? __pfx__printk+0x10/0x10
[ 313.486226][ T8359] ? __pfx___might_resched+0x10/0x10
[ 313.492047][ T8359] ? __debug_object_init+0x26c/0x400
[ 313.497623][ T8359] should_fail_ex+0x3b0/0x4e0
[ 313.502314][ T8359] ? can_rx_register+0x16b/0x720
[ 313.507248][ T8359] should_failslab+0x9/0x20
[ 313.511747][ T8359] kmem_cache_alloc_noprof+0x6c/0x2a0
[ 313.517131][ T8359] can_rx_register+0x16b/0x720
[ 313.521906][ T8359] ? __pfx_bcm_rx_handler+0x10/0x10
[ 313.527106][ T8359] ? __hrtimer_init+0x170/0x250
[ 313.531956][ T8359] bcm_rx_setup+0xfe8/0x18f0
[ 313.536557][ T8359] bcm_sendmsg+0x2d5/0x7a0
[ 313.540975][ T8359] ? __pfx_bcm_sendmsg+0x10/0x10
[ 313.545904][ T8359] ? iovec_from_user+0x1b0/0x240
[ 313.550838][ T8359] ? __import_iovec+0x361/0x820
[ 313.555681][ T8359] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 313.560956][ T8359] ? security_socket_sendmsg+0x87/0xb0
[ 313.566411][ T8359] ? __pfx_bcm_sendmsg+0x10/0x10
[ 313.571340][ T8359] __sock_sendmsg+0x221/0x270
[ 313.576017][ T8359] ____sys_sendmsg+0x525/0x7d0
[ 313.580782][ T8359] ? __pfx_____sys_sendmsg+0x10/0x10
[ 313.586073][ T8359] __sys_sendmmsg+0x3b2/0x740
[ 313.590752][ T8359] ? __pfx___sys_sendmmsg+0x10/0x10
[ 313.595970][ T8359] ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 313.601875][ T8359] ? ksys_write+0x23e/0x2c0
[ 313.606391][ T8359] ? __pfx_lock_release+0x10/0x10
[ 313.611418][ T8359] ? vfs_write+0x7c4/0xc90
[ 313.615840][ T8359] ? __mutex_unlock_slowpath+0x21d/0x750
[ 313.621474][ T8359] ? __pfx_vfs_write+0x10/0x10
[ 313.626257][ T8359] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 313.632235][ T8359] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 313.638558][ T8359] ? do_syscall_64+0x100/0x230
[ 313.643318][ T8359] __x64_sys_sendmmsg+0xa0/0xb0
[ 313.648166][ T8359] do_syscall_64+0xf3/0x230
[ 313.652659][ T8359] ? clear_bhb_loop+0x35/0x90
[ 313.657326][ T8359] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 313.663231][ T8359] RIP: 0033:0x7fce80175bd9
[ 313.667661][ T8359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 313.687279][ T8359] RSP: 002b:00007fce80f8f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 313.695963][ T8359] RAX: ffffffffffffffda RBX: 00007fce80303f60 RCX: 00007fce80175bd9
[ 313.703928][ T8359] RDX: 040000000000003a RSI: 0000000020001b00 RDI: 0000000000000003
[ 313.711893][ T8359] RBP: 00007fce80f8f0a0 R08: 0000000000000000 R09: 0000000000000000
[ 313.719856][ T8359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 313.728089][ T8359] R13: 000000000000000b R14: 00007fce80303f60 R15: 00007ffc76f74558
[ 313.736080][ T8359] </TASK>
[ 313.739219][ C1] vkms_vblank_simulate: vblank timer overrun
[ 314.148273][ T5219] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 314.400978][ T5219] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 314.412092][ T5219] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 314.447778][ T5219] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 314.456904][ T5219] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 314.505140][ T5219] usb 4-1: config 0 descriptor??
[ 314.578088][ T8368] syz_tun: entered promiscuous mode
[ 314.599303][ T8368] vlan2: entered promiscuous mode
[ 314.604597][ T8368] vlan2: entered allmulticast mode
[ 314.628986][ T8368] syz_tun: entered allmulticast mode
[ 314.657837][ T8368] syz_tun: left allmulticast mode
[ 314.663100][ T8368] syz_tun: left promiscuous mode
[ 315.184953][ T5219] holtek_kbd 0003:04D9:A055.0027: item fetching failed at offset 3/5
[ 315.421768][ T8357] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 315.432799][ T5219] holtek_kbd 0003:04D9:A055.0027: probe with driver holtek_kbd failed with error -22
[ 315.470095][ T8357] overlayfs: failed to set xattr on upper
[ 315.669605][ T8357] overlayfs: ...falling back to redirect_dir=nofollow.
[ 315.677172][ T8357] overlayfs: ...falling back to uuid=null.
[ 315.857767][ T5092] usb 5-1: new full-speed USB device number 33 using dummy_hcd
[ 315.998872][ T5133] usb 4-1: USB disconnect, device number 63
[ 316.044310][ T5092] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 316.061385][ T5092] usb 5-1: config 1 has no interface number 1
[ 316.072189][ T5092] usb 5-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 316.099098][ T5092] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 316.132913][ T5092] usb 5-1: string descriptor 0 read error: -22
[ 316.156907][ T5092] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 316.180490][ T5092] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 316.226032][ T5092] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[ 316.239130][ T5092] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 316.471567][ T5092] usb 5-1: USB disconnect, device number 33
[ 316.744502][ T5623] udevd[5623]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 317.134635][ T8420] FAULT_INJECTION: forcing a failure.
[ 317.134635][ T8420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 317.181423][ T8420] CPU: 0 PID: 8420 Comm: syz.4.959 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 317.191456][ T8420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 317.203113][ T8420] Call Trace:
[ 317.206427][ T8420] <TASK>
[ 317.209421][ T8420] dump_stack_lvl+0x241/0x360
[ 317.214330][ T8420] ? __pfx_dump_stack_lvl+0x10/0x10
[ 317.219568][ T8420] ? __pfx__printk+0x10/0x10
[ 317.224168][ T8420] ? __pfx_lock_release+0x10/0x10
[ 317.229193][ T8420] should_fail_ex+0x3b0/0x4e0
[ 317.233874][ T8420] _copy_from_user+0x2f/0xe0
[ 317.238461][ T8420] copy_msghdr_from_user+0xae/0x680
[ 317.243656][ T8420] ? __pfx___might_resched+0x10/0x10
[ 317.248938][ T8420] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 317.254738][ T8420] ? __might_fault+0xaa/0x120
[ 317.259474][ T8420] __sys_sendmmsg+0x374/0x740
[ 317.264191][ T8420] ? __pfx___sys_sendmmsg+0x10/0x10
[ 317.269494][ T8420] ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 317.275390][ T8420] ? ksys_write+0x23e/0x2c0
[ 317.279891][ T8420] ? __pfx_lock_release+0x10/0x10
[ 317.284910][ T8420] ? vfs_write+0x7c4/0xc90
[ 317.289331][ T8420] ? __mutex_unlock_slowpath+0x21d/0x750
[ 317.294956][ T8420] ? __pfx_vfs_write+0x10/0x10
[ 317.299732][ T8420] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 317.305709][ T8420] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 317.312034][ T8420] ? do_syscall_64+0x100/0x230
[ 317.316793][ T8420] __x64_sys_sendmmsg+0xa0/0xb0
[ 317.321640][ T8420] do_syscall_64+0xf3/0x230
[ 317.326134][ T8420] ? clear_bhb_loop+0x35/0x90
[ 317.330802][ T8420] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 317.336687][ T8420] RIP: 0033:0x7fb83a175bd9
[ 317.341092][ T8420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 317.360687][ T8420] RSP: 002b:00007fb83aedd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 317.369090][ T8420] RAX: ffffffffffffffda RBX: 00007fb83a303f60 RCX: 00007fb83a175bd9
[ 317.377053][ T8420] RDX: 0000000000000300 RSI: 0000000020000740 RDI: 0000000000000003
[ 317.385019][ T8420] RBP: 00007fb83aedd0a0 R08: 0000000000000000 R09: 0000000000000000
[ 317.392983][ T8420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 317.400944][ T8420] R13: 000000000000000b R14: 00007fb83a303f60 R15: 00007fffeeb8d348
[ 317.408918][ T8420] </TASK>
[ 317.571979][ T5092] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 317.605408][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[ 317.622289][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[ 317.786139][ T5092] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 318.035265][ T5092] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 318.117935][ T5092] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 318.164819][ T5092] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 318.221540][ T5092] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 318.277732][ T5092] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 318.340027][ T5092] usb 2-1: config 0 descriptor??
[ 318.383158][ T8422] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 318.659645][ T5219] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[ 319.123346][ T5092] plantronics 0003:047F:FFFF.0028: unknown main item tag 0x0
[ 319.231404][ T5092] plantronics 0003:047F:FFFF.0028: unknown main item tag 0x0
[ 319.452066][ T5092] plantronics 0003:047F:FFFF.0028: unknown main item tag 0x0
[ 319.507958][ T5092] plantronics 0003:047F:FFFF.0028: unknown main item tag 0x0
[ 319.555372][ T5092] plantronics 0003:047F:FFFF.0028: unknown main item tag 0x0
[ 319.601680][ T5092] plantronics 0003:047F:FFFF.0028: unknown main item tag 0x0
[ 319.625401][ T5092] plantronics 0003:047F:FFFF.0028: No inputs registered, leaving
[ 319.650572][ T5219] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 319.670199][ T5219] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 319.700466][ T5219] usb 5-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 319.705002][ T5092] plantronics 0003:047F:FFFF.0028: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 319.730354][ T5219] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 319.779613][ T5092] usb 2-1: USB disconnect, device number 45
[ 319.780279][ T5219] usb 5-1: config 0 descriptor??
[ 320.306293][ T5219] holtek_kbd 0003:04D9:A055.0029: item fetching failed at offset 3/5
[ 320.324699][ T5219] holtek_kbd 0003:04D9:A055.0029: probe with driver holtek_kbd failed with error -22
[ 320.371849][ T5133] usb 4-1: new full-speed USB device number 64 using dummy_hcd
[ 320.601647][ T5133] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 320.632498][ T5133] usb 4-1: config 1 has no interface number 1
[ 320.655716][ T5133] usb 4-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 320.682387][ T5133] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 320.696837][ T8441] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 320.719775][ T5133] usb 4-1: string descriptor 0 read error: -22
[ 320.725701][ T8441] overlayfs: failed to set xattr on upper
[ 320.730627][ T5133] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 320.741041][ T8441] overlayfs: ...falling back to redirect_dir=nofollow.
[ 320.762340][ T5133] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 320.763320][ T8441] overlayfs: ...falling back to uuid=null.
[ 320.801184][ T5133] usb 4-1: 2:1 : format type 0 is detected, processed as PCM
[ 320.824932][ T5133] usb 4-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 321.344091][ T5133] usb 4-1: USB disconnect, device number 64
[ 321.426716][ T5219] usb 5-1: USB disconnect, device number 34
[ 321.668703][ T5623] udevd[5623]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 321.691328][ T8482] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.980'.
[ 321.710657][ T8482] netlink: zone id is out of range
[ 321.722176][ T8482] netlink: del zone limit has 8 unknown bytes
[ 323.477002][ T29] kauditd_printk_skb: 9 callbacks suppressed
[ 323.477020][ T29] audit: type=1326 audit(1720978924.861:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc621d75bd9 code=0x7ffc0000
[ 323.512247][ T8512] binder: 8510:8512 ioctl c0306201 0 returned -14
[ 323.550701][ T29] audit: type=1326 audit(1720978924.901:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7fc621d75bd9 code=0x7ffc0000
[ 323.637230][ T29] audit: type=1326 audit(1720978924.901:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc621d75bd9 code=0x7ffc0000
[ 323.713641][ T29] audit: type=1326 audit(1720978924.901:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc621d75bd9 code=0x7ffc0000
[ 323.758119][ T785] usb 5-1: new full-speed USB device number 35 using dummy_hcd
[ 323.799950][ T29] audit: type=1326 audit(1720978924.901:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc621d75bd9 code=0x7ffc0000
[ 323.851909][ T29] audit: type=1326 audit(1720978924.901:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc621d75bd9 code=0x7ffc0000
[ 323.920331][ T29] audit: type=1326 audit(1720978924.901:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc621d75bd9 code=0x7ffc0000
[ 323.983787][ T29] audit: type=1326 audit(1720978924.901:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc621d75bd9 code=0x7ffc0000
[ 324.045816][ T785] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 324.055690][ T785] usb 5-1: config 1 has no interface number 1
[ 324.067722][ T29] audit: type=1326 audit(1720978924.911:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc621d75bd9 code=0x7ffc0000
[ 324.097703][ T785] usb 5-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 324.139981][ T785] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 324.178868][ T29] audit: type=1326 audit(1720978924.911:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8510 comm="syz.3.991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc621d75bd9 code=0x7ffc0000
[ 324.207841][ T785] usb 5-1: string descriptor 0 read error: -22
[ 324.214172][ T785] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 324.247640][ T785] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 324.300847][ T785] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[ 324.337745][ T785] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 324.546576][ T785] usb 5-1: USB disconnect, device number 35
[ 324.819708][ T5623] udevd[5623]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 325.217868][ T5134] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 325.570321][ T5134] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 325.583887][ T5134] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 325.602222][ T5134] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 325.612387][ T5134] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 325.625275][ T5134] usb 4-1: config 0 descriptor??
[ 326.482205][ T8541] FAULT_INJECTION: forcing a failure.
[ 326.482205][ T8541] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 326.497817][ T8541] CPU: 0 PID: 8541 Comm: syz.2.1001 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 326.507905][ T8541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 326.517964][ T8541] Call Trace:
[ 326.521254][ T8541] <TASK>
[ 326.524196][ T8541] dump_stack_lvl+0x241/0x360
[ 326.528985][ T8541] ? __pfx_dump_stack_lvl+0x10/0x10
[ 326.534375][ T8541] ? __pfx__printk+0x10/0x10
[ 326.538971][ T8541] ? stack_depot_save_flags+0x29/0x830
[ 326.544427][ T8541] should_fail_ex+0x3b0/0x4e0
[ 326.549195][ T8541] prepare_alloc_pages+0x1da/0x5d0
[ 326.554314][ T8541] __alloc_pages_noprof+0x166/0x6c0
[ 326.559517][ T8541] ? __pfx___alloc_pages_noprof+0x10/0x10
[ 326.565245][ T8541] ? lockdep_init_map_type+0xa1/0x910
[ 326.570610][ T8541] alloc_pages_mpol_noprof+0x3e8/0x680
[ 326.576068][ T8541] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 326.582042][ T8541] ? __init_waitqueue_head+0xae/0x150
[ 326.587404][ T8541] ? alloc_pages_noprof+0xef/0x170
[ 326.592528][ T8541] get_zeroed_page_noprof+0x17/0x40
[ 326.597745][ T8541] rds_cong_from_addr+0xce/0x380
[ 326.602689][ T8541] ? rds_cong_get_maps+0x1f/0xb0
[ 326.607642][ T8541] rds_cong_get_maps+0x28/0xb0
[ 326.612412][ T8541] __rds_conn_create+0x9d6/0x1ed0
[ 326.617434][ T8541] ? __rds_conn_create+0x2d1/0x1ed0
[ 326.622634][ T8541] ? __pfx___rds_conn_create+0x10/0x10
[ 326.628104][ T8541] rds_conn_create_outgoing+0x43/0x60
[ 326.633482][ T8541] rds_sendmsg+0x1251/0x2270
[ 326.638611][ T8541] ? __pfx_rds_sendmsg+0x10/0x10
[ 326.643722][ T8541] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[ 326.652744][ T8541] ? __pfx_lock_release+0x10/0x10
[ 326.658561][ T8541] ? iovec_from_user+0x61/0x240
[ 326.663535][ T8541] ? __import_iovec+0x361/0x820
[ 326.668411][ T8541] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 326.673715][ T8541] ? security_socket_sendmsg+0x87/0xb0
[ 326.679791][ T8541] ? __pfx_rds_sendmsg+0x10/0x10
[ 326.684740][ T8541] __sock_sendmsg+0x221/0x270
[ 326.689414][ T8541] ____sys_sendmsg+0x525/0x7d0
[ 326.694179][ T8541] ? __pfx_____sys_sendmsg+0x10/0x10
[ 326.699474][ T8541] __sys_sendmsg+0x2b0/0x3a0
[ 326.704060][ T8541] ? __pfx___sys_sendmsg+0x10/0x10
[ 326.709192][ T8541] ? __pfx___schedule+0x10/0x10
[ 326.714129][ T8541] ? trace_irq_disable+0x2c/0x120
[ 326.719161][ T8541] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 326.725500][ T8541] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 326.731844][ T8541] ? do_syscall_64+0xb6/0x230
[ 326.736519][ T8541] do_syscall_64+0xf3/0x230
[ 326.741018][ T8541] ? clear_bhb_loop+0x35/0x90
[ 326.745693][ T8541] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 326.751592][ T8541] RIP: 0033:0x7f8c60b75bd9
[ 326.756009][ T8541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 326.775901][ T8541] RSP: 002b:00007f8c61895048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 326.784833][ T8541] RAX: ffffffffffffffda RBX: 00007f8c60d04110 RCX: 00007f8c60b75bd9
[ 326.792918][ T8541] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000009
[ 326.801056][ T8541] RBP: 00007f8c618950a0 R08: 0000000000000000 R09: 0000000000000000
[ 326.809025][ T8541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 326.816987][ T8541] R13: 000000000000006e R14: 00007f8c60d04110 R15: 00007fffdc118198
[ 326.824960][ T8541] </TASK>
[ 327.173897][ T5134] holtek_kbd 0003:04D9:A055.002A: item fetching failed at offset 3/5
[ 327.183124][ T5134] holtek_kbd 0003:04D9:A055.002A: probe with driver holtek_kbd failed with error -22
[ 328.066610][ T8524] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 328.088228][ T8524] overlayfs: failed to set xattr on upper
[ 328.105351][ T8524] overlayfs: ...falling back to redirect_dir=nofollow.
[ 328.137752][ T8524] overlayfs: ...falling back to uuid=null.
[ 328.515025][ T5219] usb 4-1: USB disconnect, device number 65
[ 329.059686][ T5219] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[ 329.297854][ T5219] usb 5-1: Using ep0 maxpacket: 32
[ 329.313996][ T5133] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[ 329.346305][ T5219] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 329.355861][ T5219] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 329.598249][ T5133] usb 3-1: Using ep0 maxpacket: 16
[ 329.741589][ T5219] usb 5-1: config 0 descriptor??
[ 329.837297][ T5219] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 329.884354][ T5133] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 329.917758][ T5133] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 329.939800][ T5133] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 329.989625][ T5133] usb 3-1: config 0 descriptor??
[ 330.440983][ T8567] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 330.488251][ T8567] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 330.510621][ T8578] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1013'.
[ 330.519410][ T5133] hid (null): nested delimiters
[ 330.524627][ T5133] hid (null): report_id 24797 is invalid
[ 330.539611][ T5133] hid (null): unknown global tag 0xa5
[ 330.545072][ T5133] hid (null): unknown global tag 0xd
[ 330.551138][ T5133] hid (null): unknown global tag 0xc
[ 330.569265][ T5133] hid-generic 0003:0158:0100.002B: unknown main item tag 0x1
[ 330.598695][ T8] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 330.607194][ T5133] hid-generic 0003:0158:0100.002B: unexpected long global item
[ 330.629456][ T5133] hid-generic 0003:0158:0100.002B: probe with driver hid-generic failed with error -22
[ 330.742135][ T5133] usb 3-1: USB disconnect, device number 45
[ 330.807983][ T8] usb 4-1: Using ep0 maxpacket: 16
[ 330.834325][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 330.867947][ T8] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 330.927683][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 330.951113][ T8] usb 4-1: config 0 descriptor??
[ 331.410067][ T8575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 331.443943][ T8575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 331.493703][ T8] hid (null): nested delimiters
[ 331.527837][ T8] hid (null): report_id 24797 is invalid
[ 331.596650][ T8] hid (null): report_id 2838798905 is invalid
[ 331.647260][ T8] hid (null): unknown global tag 0xc
[ 331.698076][ T8] hid (null): unknown global tag 0xa5
[ 331.723150][ T8] hid (null): unknown global tag 0xd
[ 331.748923][ T5219] gspca_sunplus: reg_w_riv err -71
[ 331.751209][ T8] hid (null): unknown global tag 0xc
[ 331.766298][ T5219] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[ 331.808688][ T8] hid-generic 0003:0158:0100.002C: unknown main item tag 0x1
[ 331.847769][ T5219] usb 5-1: USB disconnect, device number 36
[ 331.848661][ T8] hid-generic 0003:0158:0100.002C: unexpected long global item
[ 331.945251][ T8] hid-generic 0003:0158:0100.002C: probe with driver hid-generic failed with error -22
[ 332.066290][ T8] usb 4-1: USB disconnect, device number 66
[ 333.118061][ T8609] FAULT_INJECTION: forcing a failure.
[ 333.118061][ T8609] name failslab, interval 1, probability 0, space 0, times 0
[ 333.131303][ T8609] CPU: 1 PID: 8609 Comm: syz.4.1022 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 333.141386][ T8609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 333.151448][ T8609] Call Trace:
[ 333.154732][ T8609] <TASK>
[ 333.157667][ T8609] dump_stack_lvl+0x241/0x360
[ 333.162368][ T8609] ? __pfx_dump_stack_lvl+0x10/0x10
[ 333.167577][ T8609] ? __pfx__printk+0x10/0x10
[ 333.172185][ T8609] ? do_raw_spin_lock+0x14f/0x370
[ 333.177229][ T8609] should_fail_ex+0x3b0/0x4e0
[ 333.181931][ T8609] ? __inet_hash_connect+0xa2e/0x2170
[ 333.187321][ T8609] should_failslab+0x9/0x20
[ 333.191836][ T8609] kmem_cache_alloc_noprof+0x6c/0x2a0
[ 333.197229][ T8609] __inet_hash_connect+0xa2e/0x2170
[ 333.202444][ T8609] ? __pfx___inet_check_established+0x10/0x10
[ 333.208541][ T8609] ? __pfx___inet_hash_connect+0x10/0x10
[ 333.214211][ T8609] ? inet_hash_connect+0xac/0x140
[ 333.219248][ T8609] tcp_v4_connect+0xd04/0x1ba0
[ 333.224046][ T8609] ? __pfx_tcp_v4_connect+0x10/0x10
[ 333.229262][ T8609] ? preempt_schedule_common+0x84/0xd0
[ 333.234731][ T8609] ? preempt_schedule+0xe1/0xf0
[ 333.239593][ T8609] __inet_stream_connect+0x262/0xf30
[ 333.244893][ T8609] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 333.251234][ T8609] ? preempt_schedule_thunk+0x1a/0x30
[ 333.256612][ T8609] ? mark_lock+0x9a/0x350
[ 333.260949][ T8609] ? __pfx___inet_stream_connect+0x10/0x10
[ 333.266766][ T8609] ? __local_bh_enable_ip+0x179/0x200
[ 333.272231][ T8609] ? inet_stream_connect+0x50/0xa0
[ 333.277349][ T8609] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 333.283091][ T8609] inet_stream_connect+0x65/0xa0
[ 333.288050][ T8609] kernel_connect+0x10b/0x160
[ 333.292747][ T8609] ? __pfx_kernel_connect+0x10/0x10
[ 333.297972][ T8609] ? smc_connect+0x1f2/0xde0
[ 333.302586][ T8609] smc_connect+0x72c/0xde0
[ 333.307109][ T8609] __sys_connect+0x2df/0x310
[ 333.311717][ T8609] ? __pfx___sys_connect+0x10/0x10
[ 333.316850][ T8609] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 333.323185][ T8609] ? do_syscall_64+0x100/0x230
[ 333.327962][ T8609] __x64_sys_connect+0x7a/0x90
[ 333.332738][ T8609] do_syscall_64+0xf3/0x230
[ 333.337333][ T8609] ? clear_bhb_loop+0x35/0x90
[ 333.342022][ T8609] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 333.347935][ T8609] RIP: 0033:0x7fb83a175bd9
[ 333.352359][ T8609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 333.371972][ T8609] RSP: 002b:00007fb83ae9b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 333.380402][ T8609] RAX: ffffffffffffffda RBX: 00007fb83a304110 RCX: 00007fb83a175bd9
[ 333.388383][ T8609] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000005
[ 333.396363][ T8609] RBP: 00007fb83ae9b0a0 R08: 0000000000000000 R09: 0000000000000000
[ 333.404349][ T8609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 333.412410][ T8609] R13: 000000000000006e R14: 00007fb83a304110 R15: 00007fffeeb8d348
[ 333.420380][ T8609] </TASK>
[ 334.362489][ T8632] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1029'.
[ 335.395377][ T8646] netlink: 'syz.1.1035': attribute type 6 has an invalid length.
[ 335.431158][ T784] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 335.469492][ T8648] capability: warning: `syz.1.1035' uses deprecated v2 capabilities in a way that may be insecure
[ 335.631646][ T784] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 335.671669][ T784] usb 4-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=39.78
[ 335.685401][ T784] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 335.699360][ T784] usb 4-1: Product: syz
[ 335.703676][ T784] usb 4-1: Manufacturer: syz
[ 335.708624][ T784] usb 4-1: SerialNumber: syz
[ 335.715950][ T784] usb 4-1: config 0 descriptor??
[ 335.724731][ T784] usbtest 4-1:0.0: couldn't get endpoints, -22
[ 335.731394][ T784] usbtest 4-1:0.0: probe with driver usbtest failed with error -22
[ 335.932229][ T784] usb 4-1: USB disconnect, device number 67
[ 336.875668][ T8662] capability: warning: `syz.4.1039' uses 32-bit capabilities (legacy support in use)
[ 337.183811][ T784] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 337.205555][ T8671] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1042'.
[ 337.997743][ T784] usb 1-1: Using ep0 maxpacket: 32
[ 338.054904][ T784] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 338.072369][ T784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 338.095798][ T784] usb 1-1: config 0 descriptor??
[ 338.128439][ T784] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 338.513967][ T8665] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.1040'.
[ 338.523778][ T8665] netlink: zone id is out of range
[ 338.529077][ T8665] netlink: del zone limit has 8 unknown bytes
[ 339.098981][ T8686] evm: overlay not supported
[ 339.222539][ T8693] cgroup: No subsys list or none specified
[ 339.426925][ T5133] IPVS: starting estimator thread 0...
[ 339.547908][ T8695] IPVS: using max 22 ests per chain, 52800 per kthread
[ 340.428567][ T784] gspca_sunplus: reg_w_riv err -110
[ 340.520738][ T784] sunplus 1-1:0.0: probe with driver sunplus failed with error -110
[ 340.603461][ T784] usb 1-1: USB disconnect, device number 38
[ 341.117130][ T8713] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.1052'.
[ 341.129615][ T8713] netlink: zone id is out of range
[ 341.135581][ T8713] netlink: del zone limit has 8 unknown bytes
[ 341.291945][ T8710] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1053'.
[ 341.357741][ T8] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[ 341.579512][ T8] usb 3-1: Using ep0 maxpacket: 16
[ 341.610038][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 341.654616][ T8] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 341.681802][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 341.705627][ T8] usb 3-1: config 0 descriptor??
[ 342.119931][ T8704] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 342.144637][ T8704] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 342.172639][ T8] hid (null): nested delimiters
[ 342.194011][ T8] hid (null): report_id 24797 is invalid
[ 342.235374][ T8] hid (null): unknown global tag 0xa5
[ 342.261815][ T8] hid (null): unknown global tag 0xd
[ 342.272682][ T8] hid (null): unknown global tag 0xc
[ 342.295201][ T8] hid-generic 0003:0158:0100.002D: unknown main item tag 0x1
[ 342.347329][ T8] hid-generic 0003:0158:0100.002D: unexpected long global item
[ 342.365281][ T29] kauditd_printk_skb: 36 callbacks suppressed
[ 342.365302][ T29] audit: type=1326 audit(1720978943.731:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8732 comm="syz.0.1061" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb74e375bd9 code=0x0
[ 342.365724][ T8] hid-generic 0003:0158:0100.002D: probe with driver hid-generic failed with error -22
[ 342.418018][ T784] IPVS: starting estimator thread 0...
[ 342.495277][ T8] usb 3-1: USB disconnect, device number 46
[ 342.537912][ T8735] IPVS: using max 21 ests per chain, 50400 per kthread
[ 344.478136][ T784] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 344.567497][ T5133] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[ 344.692025][ T8760] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.1064'.
[ 344.717661][ T784] usb 1-1: Using ep0 maxpacket: 32
[ 344.727234][ T8760] netlink: zone id is out of range
[ 344.738564][ T8760] netlink: del zone limit has 8 unknown bytes
[ 344.748069][ T784] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 344.766619][ T784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 344.787792][ T5133] usb 3-1: Using ep0 maxpacket: 8
[ 344.794321][ T5133] usb 3-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[ 344.806611][ T784] usb 1-1: config 0 descriptor??
[ 344.813890][ T5133] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 344.826899][ T784] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 344.847794][ T5133] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 344.896581][ T5133] usb 3-1: string descriptor 0 read error: -22
[ 344.904031][ T5133] usb 3-1: New USB device found, idVendor=0f11, idProduct=1020, bcdDevice=a2.1b
[ 344.945792][ T5133] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 344.988504][ T5133] usb 3-1: config 0 descriptor??
[ 345.004995][ T5133] ldusb 3-1:0.0: Interrupt in endpoint not found
[ 345.159444][ T5134] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[ 345.229559][ T45] usb 3-1: USB disconnect, device number 47
[ 345.374566][ T5134] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 345.395055][ T5134] usb 5-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=39.78
[ 345.411987][ T5134] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 345.422088][ T5134] usb 5-1: Product: syz
[ 345.426494][ T5134] usb 5-1: Manufacturer: syz
[ 345.432303][ T5134] usb 5-1: SerialNumber: syz
[ 345.543935][ T5134] usb 5-1: config 0 descriptor??
[ 345.551749][ T784] gspca_sunplus: reg_w_riv err -110
[ 345.595667][ T784] sunplus 1-1:0.0: probe with driver sunplus failed with error -110
[ 345.688709][ T5134] usbtest 5-1:0.0: couldn't get endpoints, -22
[ 345.791401][ T5134] usbtest 5-1:0.0: probe with driver usbtest failed with error -22
[ 346.222602][ T784] usb 5-1: USB disconnect, device number 37
[ 346.587696][ T5134] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[ 346.638255][ T8787] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1077'.
[ 346.887698][ T5134] usb 3-1: Using ep0 maxpacket: 16
[ 346.937678][ T5134] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 346.966596][ T5134] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 346.978239][ T5134] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 346.997634][ T5134] usb 3-1: config 0 descriptor??
[ 347.429846][ T8783] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 347.446585][ T8783] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 347.462151][ T5134] hid (null): nested delimiters
[ 347.508996][ T5134] hid (null): report_id 24797 is invalid
[ 347.538416][ T5134] hid (null): unknown global tag 0xa5
[ 347.550049][ T5134] hid (null): unknown global tag 0xd
[ 347.563895][ T5134] hid (null): unknown global tag 0xc
[ 347.581142][ T5134] hid-generic 0003:0158:0100.002E: unknown main item tag 0x1
[ 347.589356][ T5134] hid-generic 0003:0158:0100.002E: unexpected long global item
[ 347.600055][ T5134] hid-generic 0003:0158:0100.002E: probe with driver hid-generic failed with error -22
[ 347.674410][ T5133] usb 3-1: USB disconnect, device number 48
[ 348.135918][ T5134] usb 1-1: USB disconnect, device number 39
[ 349.237785][ T5219] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[ 349.657680][ T5219] usb 5-1: Using ep0 maxpacket: 8
[ 349.666715][ T5219] usb 5-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[ 350.373228][ T8830] netlink: 'syz.3.1091': attribute type 46 has an invalid length.
[ 350.402709][ T8830] netlink: 'syz.3.1091': attribute type 46 has an invalid length.
[ 350.403885][ T5219] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 350.439807][ T5219] usb 5-1: string descriptor 0 read error: -22
[ 350.446179][ T5219] usb 5-1: New USB device found, idVendor=0f11, idProduct=1020, bcdDevice=a2.1b
[ 350.463594][ T5219] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 350.471756][ T5134] usb 3-1: new full-speed USB device number 49 using dummy_hcd
[ 350.498601][ T5219] usb 5-1: config 0 descriptor??
[ 350.517296][ T5219] ldusb 5-1:0.0: Interrupt in endpoint not found
[ 350.669417][ T5134] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 350.682473][ T5134] usb 3-1: config 1 has no interface number 1
[ 350.689924][ T5134] usb 3-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 350.700886][ T5134] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 350.725619][ T784] usb 5-1: USB disconnect, device number 38
[ 350.755638][ T5134] usb 3-1: string descriptor 0 read error: -22
[ 350.766272][ T5134] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 350.775620][ T5134] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 350.802965][ T5134] usb 3-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[ 350.817034][ T5134] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 350.854653][ T8830] ip6tnl0: entered promiscuous mode
[ 350.917923][ T5133] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 350.927851][ T5219] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 351.038149][ T5134] usb 3-1: USB disconnect, device number 49
[ 351.098287][ T5133] usb 2-1: Using ep0 maxpacket: 16
[ 351.110573][ T5133] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 351.119911][ T5133] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 351.128349][ T5133] usb 2-1: Product: syz
[ 351.131398][ T5219] usb 1-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 351.134097][ T5133] usb 2-1: Manufacturer: syz
[ 351.149005][ T5133] usb 2-1: SerialNumber: syz
[ 351.149394][ T5219] usb 1-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 351.156551][ T5133] usb 2-1: config 0 descriptor??
[ 351.170111][ T5219] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 351.185069][ T5219] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 351.188847][ T8829] ip6tnl0: left promiscuous mode
[ 351.646726][ T29] audit: type=1326 audit(1720978953.031:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8836 comm="syz.0.1094" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb74e375bd9 code=0x0
[ 352.832061][ T8847] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.1096'.
[ 352.850514][ T8847] netlink: zone id is out of range
[ 352.858866][ T8847] netlink: del zone limit has 8 unknown bytes
[ 353.309129][ T5133] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[ 353.510754][ T5133] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 353.523764][ T5133] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 353.536063][ T5133] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 353.547176][ T5133] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 353.586295][ T5133] usb 5-1: config 0 descriptor??
[ 353.798006][ T785] usb 2-1: USB disconnect, device number 46
[ 353.832172][ T8854] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 353.849761][ T8854] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 353.938417][ T8864] netlink: 'syz.1.1101': attribute type 1 has an invalid length.
[ 353.946263][ T8864] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.1101'.
[ 354.043127][ T5219] usb 1-1: string descriptor 0 read error: -71
[ 354.063543][ T5219] usb 1-1: USB disconnect, device number 40
[ 354.400600][ T8869] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[ 354.515849][ T8876] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1098'.
[ 354.552767][ T8876] 0�: renamed from bond_slave_0 (while UP)
[ 354.629889][ T8876] 0�: entered allmulticast mode
[ 354.701783][ T5133] usb 5-1: string descriptor 0 read error: -71
[ 354.716870][ T5133] uclogic 0003:256C:006D.002F: failed retrieving string descriptor #200: -71
[ 354.727744][ T5219] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 354.865460][ T5133] uclogic 0003:256C:006D.002F: failed retrieving pen parameters: -71
[ 354.874543][ T5133] uclogic 0003:256C:006D.002F: failed probing pen v2 parameters: -71
[ 354.890095][ T5133] uclogic 0003:256C:006D.002F: failed probing parameters: -71
[ 354.907885][ T5133] uclogic 0003:256C:006D.002F: probe with driver uclogic failed with error -71
[ 354.925637][ T5133] usb 5-1: USB disconnect, device number 39
[ 354.938380][ T784] usb 2-1: new full-speed USB device number 47 using dummy_hcd
[ 354.991399][ T5219] usb 1-1: Using ep0 maxpacket: 8
[ 355.009054][ T5219] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[ 355.031170][ T5219] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 355.034774][ T8887] x_tables: duplicate entry at hook 3
[ 355.052172][ T5219] usb 1-1: string descriptor 0 read error: -22
[ 355.062295][ T5219] usb 1-1: New USB device found, idVendor=0f11, idProduct=1020, bcdDevice=a2.1b
[ 355.080124][ T5219] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 355.103378][ T5219] usb 1-1: config 0 descriptor??
[ 355.132752][ T5219] ldusb 1-1:0.0: Interrupt in endpoint not found
[ 355.158587][ T784] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 355.158617][ T784] usb 2-1: config 1 has no interface number 1
[ 355.158656][ T784] usb 2-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 355.158676][ T784] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 355.159602][ T784] usb 2-1: string descriptor 0 read error: -22
[ 355.251067][ T784] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 355.251100][ T784] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 355.262930][ T784] usb 2-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[ 355.262952][ T784] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 355.352547][ T5133] usb 1-1: USB disconnect, device number 41
[ 355.417762][ T8] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 355.497975][ T784] usb 2-1: USB disconnect, device number 47
[ 355.528896][ T8898] netlink: 'syz.4.1113': attribute type 1 has an invalid length.
[ 355.536708][ T8898] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.1113'.
[ 355.638488][ T8] usb 4-1: Using ep0 maxpacket: 16
[ 355.648410][ T8] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 355.661295][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 355.676546][ T8] usb 4-1: Product: syz
[ 355.691445][ T8] usb 4-1: Manufacturer: syz
[ 355.696098][ T8] usb 4-1: SerialNumber: syz
[ 355.722967][ T8] usb 4-1: config 0 descriptor??
[ 355.808766][ T5623] udevd[5623]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 356.923250][ T8916] overlay: Unknown parameter '\'
[ 356.948222][ T785] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 357.819995][ T785] usb 1-1: Using ep0 maxpacket: 32
[ 357.842495][ T785] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 357.931818][ T785] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 357.973422][ T785] usb 1-1: config 0 descriptor??
[ 357.994783][ T785] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 358.210932][ T45] usb 4-1: USB disconnect, device number 68
[ 358.597995][ T784] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[ 358.812933][ T784] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xDD, changing to 0x8D
[ 358.824620][ T784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[ 358.838019][ T784] usb 5-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=39.78
[ 358.847499][ T784] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 358.856285][ T784] usb 5-1: Product: syz
[ 358.860845][ T784] usb 5-1: Manufacturer: syz
[ 358.865558][ T784] usb 5-1: SerialNumber: syz
[ 358.873567][ T784] usb 5-1: config 0 descriptor??
[ 358.888500][ T784] usbtest 5-1:0.0: couldn't get endpoints, -22
[ 358.894868][ T784] usbtest 5-1:0.0: probe with driver usbtest failed with error -22
[ 358.908588][ T45] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 359.097753][ T784] usb 5-1: USB disconnect, device number 40
[ 359.165995][ T45] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 359.668174][ T785] gspca_sunplus: reg_w_riv err -110
[ 359.905475][ T785] sunplus 1-1:0.0: probe with driver sunplus failed with error -110
[ 359.913484][ T45] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 359.913535][ T45] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 359.913557][ T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 359.949341][ T45] usb 4-1: config 0 descriptor??
[ 360.345140][ T784] usb 1-1: USB disconnect, device number 42
[ 361.149630][ T45] holtek_kbd 0003:04D9:A055.0030: item fetching failed at offset 3/5
[ 361.160546][ T45] holtek_kbd 0003:04D9:A055.0030: probe with driver holtek_kbd failed with error -22
[ 361.263547][ T5133] usb 4-1: USB disconnect, device number 69
[ 361.353398][ T8967] ==================================================================
[ 361.361511][ T8967] BUG: KASAN: slab-use-after-free in skb_release_head_state+0x39/0x250
[ 361.369870][ T8967] Read of size 8 at addr ffff88807dd70198 by task syz.1.1134/8967
[ 361.377730][ T8967]
[ 361.380087][ T8967] CPU: 1 PID: 8967 Comm: syz.1.1134 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 361.390157][ T8967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 361.400223][ T8967] Call Trace:
[ 361.403625][ T8967] <TASK>
[ 361.406576][ T8967] dump_stack_lvl+0x241/0x360
[ 361.411465][ T8967] ? __pfx_dump_stack_lvl+0x10/0x10
[ 361.416697][ T8967] ? __pfx__printk+0x10/0x10
[ 361.421313][ T8967] ? _printk+0xd5/0x120
[ 361.425491][ T8967] ? __virt_addr_valid+0x183/0x530
[ 361.430621][ T8967] ? __virt_addr_valid+0x183/0x530
[ 361.435751][ T8967] print_report+0x169/0x550
[ 361.440277][ T8967] ? __virt_addr_valid+0x183/0x530
[ 361.445414][ T8967] ? __virt_addr_valid+0x183/0x530
[ 361.450545][ T8967] ? __virt_addr_valid+0x45f/0x530
[ 361.455683][ T8967] ? __phys_addr+0xba/0x170
[ 361.460209][ T8967] ? skb_release_head_state+0x39/0x250
[ 361.465789][ T8967] kasan_report+0x143/0x180
[ 361.470318][ T8967] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 361.476685][ T8967] ? skb_release_head_state+0x39/0x250
[ 361.482509][ T8967] skb_release_head_state+0x39/0x250
[ 361.487826][ T8967] ? __hci_req_sync+0x62f/0x950
[ 361.492692][ T8967] kfree_skb_reason+0x16d/0x3b0
[ 361.497563][ T8967] __hci_req_sync+0x62f/0x950
[ 361.502255][ T8967] ? __pfx___hci_req_sync+0x10/0x10
[ 361.507467][ T8967] ? trace_contention_end+0x3c/0x120
[ 361.512783][ T8967] ? __pfx___mutex_lock+0x10/0x10
[ 361.517843][ T8967] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 361.523857][ T8967] ? __pfx_hci_inq_req+0x10/0x10
[ 361.528798][ T8967] hci_req_sync+0xa9/0xd0
[ 361.533128][ T8967] hci_inquiry+0x3e1/0x7d0
[ 361.537538][ T8967] ? do_raw_spin_unlock+0x13c/0x8b0
[ 361.542755][ T8967] ? __pfx_hci_inquiry+0x10/0x10
[ 361.547780][ T8967] ? hci_sock_ioctl+0x55c/0xa40
[ 361.552640][ T8967] sock_do_ioctl+0x158/0x460
[ 361.557223][ T8967] ? __pfx_smack_log+0x10/0x10
[ 361.561986][ T8967] ? __pfx_sock_do_ioctl+0x10/0x10
[ 361.567091][ T8967] ? smk_tskacc+0x300/0x370
[ 361.571590][ T8967] ? smack_file_ioctl+0x2fa/0x3a0
[ 361.576615][ T8967] sock_ioctl+0x629/0x8e0
[ 361.580936][ T8967] ? __pfx_sock_ioctl+0x10/0x10
[ 361.585786][ T8967] ? __fget_files+0x3f6/0x470
[ 361.590458][ T8967] ? __fget_files+0x29/0x470
[ 361.595040][ T8967] ? bpf_lsm_file_ioctl+0x9/0x10
[ 361.600199][ T8967] ? security_file_ioctl+0x87/0xb0
[ 361.605325][ T8967] ? __pfx_sock_ioctl+0x10/0x10
[ 361.610192][ T8967] __se_sys_ioctl+0xfc/0x170
[ 361.614787][ T8967] do_syscall_64+0xf3/0x230
[ 361.619292][ T8967] ? clear_bhb_loop+0x35/0x90
[ 361.623968][ T8967] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 361.629863][ T8967] RIP: 0033:0x7fce80175bd9
[ 361.634273][ T8967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 361.653878][ T8967] RSP: 002b:00007fce80f8f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 361.662379][ T8967] RAX: ffffffffffffffda RBX: 00007fce80303f60 RCX: 00007fce80175bd9
[ 361.670346][ T8967] RDX: 0000000020000080 RSI: 00000000800448f0 RDI: 000000000000000a
[ 361.678306][ T8967] RBP: 00007fce801e4e60 R08: 0000000000000000 R09: 0000000000000000
[ 361.686270][ T8967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 361.694754][ T8967] R13: 000000000000000b R14: 00007fce80303f60 R15: 00007ffc76f74558
[ 361.702727][ T8967] </TASK>
[ 361.705734][ T8967]
[ 361.708058][ T8967] Allocated by task 4479:
[ 361.712369][ T8967] kasan_save_track+0x3f/0x80
[ 361.717044][ T8967] __kasan_slab_alloc+0x66/0x80
[ 361.721881][ T8967] kmem_cache_alloc_noprof+0x135/0x2a0
[ 361.727330][ T8967] skb_clone+0x20c/0x390
[ 361.731568][ T8967] hci_cmd_work+0x29e/0x670
[ 361.736066][ T8967] process_scheduled_works+0xa2c/0x1830
[ 361.741603][ T8967] worker_thread+0x86d/0xd50
[ 361.746182][ T8967] kthread+0x2f0/0x390
[ 361.750245][ T8967] ret_from_fork+0x4b/0x80
[ 361.754695][ T8967] ret_from_fork_asm+0x1a/0x30
[ 361.759629][ T8967]
[ 361.761970][ T8967] Freed by task 4479:
[ 361.765933][ T8967] kasan_save_track+0x3f/0x80
[ 361.770604][ T8967] kasan_save_free_info+0x40/0x50
[ 361.776333][ T8967] poison_slab_object+0xe0/0x150
[ 361.781282][ T8967] __kasan_slab_free+0x37/0x60
[ 361.786054][ T8967] kmem_cache_free+0x145/0x350
[ 361.790817][ T8967] hci_cmd_work+0x273/0x670
[ 361.795441][ T8967] process_scheduled_works+0xa2c/0x1830
[ 361.800981][ T8967] worker_thread+0x86d/0xd50
[ 361.805561][ T8967] kthread+0x2f0/0x390
[ 361.809622][ T8967] ret_from_fork+0x4b/0x80
[ 361.814033][ T8967] ret_from_fork_asm+0x1a/0x30
[ 361.818802][ T8967]
[ 361.821120][ T8967] The buggy address belongs to the object at ffff88807dd70140
[ 361.821120][ T8967] which belongs to the cache skbuff_head_cache of size 240
[ 361.835692][ T8967] The buggy address is located 88 bytes inside of
[ 361.835692][ T8967] freed 240-byte region [ffff88807dd70140, ffff88807dd70230)
[ 361.849397][ T8967]
[ 361.851720][ T8967] The buggy address belongs to the physical page:
[ 361.858126][ T8967] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7dd70
[ 361.866973][ T8967] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 361.874074][ T8967] page_type: 0xffffefff(slab)
[ 361.878849][ T8967] raw: 00fff00000000000 ffff8880196a4780 dead000000000100 dead000000000122
[ 361.887422][ T8967] raw: 0000000000000000 00000000000c000c 00000001ffffefff 0000000000000000
[ 361.896249][ T8967] page dumped because: kasan: bad access detected
[ 361.903090][ T8967] page_owner tracks the page as allocated
[ 361.908967][ T8967] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5228, tgid 5228 (syz.2.26), ts 73543882603, free_ts 73512844007
[ 361.930595][ T8967] post_alloc_hook+0x1f3/0x230
[ 361.935352][ T8967] get_page_from_freelist+0x2e4c/0x2f10
[ 361.940891][ T8967] __alloc_pages_noprof+0x256/0x6c0
[ 361.946080][ T8967] alloc_slab_page+0x5f/0x120
[ 361.950839][ T8967] allocate_slab+0x5a/0x2f0
[ 361.955341][ T8967] ___slab_alloc+0xcd1/0x14b0
[ 361.960022][ T8967] __slab_alloc+0x58/0xa0
[ 361.964346][ T8967] kmem_cache_alloc_node_noprof+0x1fe/0x320
[ 361.970232][ T8967] __alloc_skb+0x1c3/0x440
[ 361.974686][ T8967] __tcp_send_ack+0xa2/0x600
[ 361.979440][ T8967] tcp_rcv_established+0x107e/0x2020
[ 361.984719][ T8967] tcp_v4_do_rcv+0x965/0xc60
[ 361.989303][ T8967] tcp_v4_rcv+0x2d90/0x37b0
[ 361.993803][ T8967] ip_protocol_deliver_rcu+0x225/0x430
[ 361.999342][ T8967] ip_local_deliver_finish+0x33f/0x5f0
[ 362.004794][ T8967] NF_HOOK+0x3a4/0x450
[ 362.008855][ T8967] page last free pid 5229 tgid 5229 stack trace:
[ 362.015164][ T8967] free_unref_page+0xd19/0xea0
[ 362.019918][ T8967] tlb_finish_mmu+0x11f/0x200
[ 362.024582][ T8967] exit_mmap+0x44f/0xc80
[ 362.028820][ T8967] __mmput+0x115/0x3c0
[ 362.032876][ T8967] exit_mm+0x220/0x310
[ 362.036935][ T8967] do_exit+0x9aa/0x27e0
[ 362.041083][ T8967] do_group_exit+0x207/0x2c0
[ 362.045664][ T8967] __x64_sys_exit_group+0x3f/0x40
[ 362.050681][ T8967] do_syscall_64+0xf3/0x230
[ 362.055180][ T8967] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 362.061074][ T8967]
[ 362.063384][ T8967] Memory state around the buggy address:
[ 362.069007][ T8967] ffff88807dd70080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[ 362.078100][ T8967] ffff88807dd70100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 362.086237][ T8967] >ffff88807dd70180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 362.094284][ T8967] ^
[ 362.099212][ T8967] ffff88807dd70200: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[ 362.107435][ T8967] ffff88807dd70280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 362.115483][ T8967] ==================================================================
[ 362.127711][ T785] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[ 362.140653][ T8967] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 362.147881][ T8967] CPU: 0 PID: 8967 Comm: syz.1.1134 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[ 362.157967][ T8967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 362.168037][ T8967] Call Trace:
[ 362.171310][ T8967] <TASK>
[ 362.174235][ T8967] dump_stack_lvl+0x241/0x360
[ 362.178916][ T8967] ? __pfx_dump_stack_lvl+0x10/0x10
[ 362.184110][ T8967] ? __pfx__printk+0x10/0x10
[ 362.188695][ T8967] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 362.194669][ T8967] ? vscnprintf+0x5d/0x90
[ 362.198995][ T8967] panic+0x349/0x860
[ 362.202888][ T8967] ? check_panic_on_warn+0x21/0xb0
[ 362.207995][ T8967] ? __pfx_panic+0x10/0x10
[ 362.212408][ T8967] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 362.218379][ T8967] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 362.224698][ T8967] check_panic_on_warn+0x86/0xb0
[ 362.229629][ T8967] ? skb_release_head_state+0x39/0x250
[ 362.235080][ T8967] end_report+0x77/0x160
[ 362.239314][ T8967] kasan_report+0x154/0x180
[ 362.243806][ T8967] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 362.250130][ T8967] ? skb_release_head_state+0x39/0x250
[ 362.255588][ T8967] skb_release_head_state+0x39/0x250
[ 362.260870][ T8967] ? __hci_req_sync+0x62f/0x950
[ 362.265714][ T8967] kfree_skb_reason+0x16d/0x3b0
[ 362.270567][ T8967] __hci_req_sync+0x62f/0x950
[ 362.275239][ T8967] ? __pfx___hci_req_sync+0x10/0x10
[ 362.280426][ T8967] ? trace_contention_end+0x3c/0x120
[ 362.285712][ T8967] ? __pfx___mutex_lock+0x10/0x10
[ 362.290733][ T8967] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 362.296712][ T8967] ? __pfx_hci_inq_req+0x10/0x10
[ 362.301646][ T8967] hci_req_sync+0xa9/0xd0
[ 362.305970][ T8967] hci_inquiry+0x3e1/0x7d0
[ 362.310378][ T8967] ? do_raw_spin_unlock+0x13c/0x8b0
[ 362.315574][ T8967] ? __pfx_hci_inquiry+0x10/0x10
[ 362.320502][ T8967] ? hci_sock_ioctl+0x55c/0xa40
[ 362.325345][ T8967] sock_do_ioctl+0x158/0x460
[ 362.329926][ T8967] ? __pfx_smack_log+0x10/0x10
[ 362.334686][ T8967] ? __pfx_sock_do_ioctl+0x10/0x10
[ 362.339791][ T8967] ? smk_tskacc+0x300/0x370
[ 362.344290][ T8967] ? smack_file_ioctl+0x2fa/0x3a0
[ 362.349312][ T8967] sock_ioctl+0x629/0x8e0
[ 362.353634][ T8967] ? __pfx_sock_ioctl+0x10/0x10
[ 362.358481][ T8967] ? __fget_files+0x3f6/0x470
[ 362.363153][ T8967] ? __fget_files+0x29/0x470
[ 362.367748][ T8967] ? bpf_lsm_file_ioctl+0x9/0x10
[ 362.372690][ T8967] ? security_file_ioctl+0x87/0xb0
[ 362.377797][ T8967] ? __pfx_sock_ioctl+0x10/0x10
[ 362.382646][ T8967] __se_sys_ioctl+0xfc/0x170
[ 362.387233][ T8967] do_syscall_64+0xf3/0x230
[ 362.391735][ T8967] ? clear_bhb_loop+0x35/0x90
[ 362.396401][ T8967] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 362.402933][ T8967] RIP: 0033:0x7fce80175bd9
[ 362.407348][ T8967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 362.427119][ T8967] RSP: 002b:00007fce80f8f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 362.435545][ T8967] RAX: ffffffffffffffda RBX: 00007fce80303f60 RCX: 00007fce80175bd9
[ 362.443524][ T8967] RDX: 0000000020000080 RSI: 00000000800448f0 RDI: 000000000000000a
[ 362.451495][ T8967] RBP: 00007fce801e4e60 R08: 0000000000000000 R09: 0000000000000000
[ 362.459461][ T8967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 362.467462][ T8967] R13: 000000000000000b R14: 00007fce80303f60 R15: 00007ffc76f74558
[ 362.475643][ T8967] </TASK>
[ 362.480567][ T8967] Kernel Offset: disabled
[ 362.486576][ T8967] Rebooting in 86400 seconds..