last executing test programs:

24.44600329s ago: executing program 1 (id=2006):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000bc0)=@delpolicy={0x5c, 0x14, 0x1, 0x0, 0x25dfdbfb, {{@in=@multicast1, @in6=@loopback, 0x0, 0x0, 0x407, 0x0, 0x0, 0x80, 0xa0}}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x0, 0x5}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x4004040)
ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, &(0x7f0000000280))
r2 = fsmount(r0, 0x0, 0x0)
fchdir(r2)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
ftruncate(r3, 0x2007ffb)
close(r3)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0xc8a02, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r4)
sendmsg$NL80211_CMD_GET_INTERFACE(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x20, r5, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x200, 0x7c}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x8000)

7.669356464s ago: executing program 0 (id=2100):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
sendmmsg(0xffffffffffffffff, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}}], 0x1, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f00000024c0), 0xffffffffffffffff)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x29e9c934, 0x5, 0x0, 0x1}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000001600010800000000000000000a"], 0x20}, 0x1, 0x0, 0x0, 0x600c8050}, 0x0)

7.264596278s ago: executing program 0 (id=2104):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
read$FUSE(r0, &(0x7f0000006280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file1\x00', 0x40, 0x20)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x800000}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="cab1f92d585917232bcfa47f91900c936355a83b5a41f6f43bd8b0d1a1e13674b6a8596a8376e6851e0b96decd071d92ce4887ddad2b82183858d82c7d11948024607d92ec0f1c23a4e755f29fa557d1353a3ced680f530e822eed64b4d1aaf20d1320f3583cadb9dfde95993487f96bc290dc10cfccc5ec8ea864590fc1678b79b0a36c9668b27ae142d22c305496881af0d0546076ec21e31bdab2465010e779e7140036d2b12f59b971792cfed8d07f0b8ae13ee944268f573ec11c1b14d53880a64fd2fdbe981f4d9af8863191efc03a39d5a3f19badf65dd49443297b38bf0c009eafad5879cb78e63b00e961de7d7180941f0d1e87a2635294bcb4619e9d84be1816784325d23fcb9c66388b586c8e719f3edfa2aa37cc3f6511add854c10fe546d1c11f11eeaff24cecc0d47ec8fd336ec08470f06227e4a9410074a3d715eb6a697b04bdfeda0b6753d880d012ef8fada7f4ed649ca214609e31cace9a33887813012e4c1b787d8f71ce9b495a69e5c8810ff9954b7b96743dcdd7e52ebbf526f339d3c8ad2550326d3a396de5ac90787b352feabe013c4044ca813344c97f836851d6daf2de3a8b07a61d1052bd302a641706af7629a042dc2f0374671b287f1325763e1818beba9f7cab9e25d6f8749f7dea4c5ef684723d33938aca32e19b1c6a6237d899fb397e9023764b3f4d6399885533a802e4d3ca76f2e0234ed6d7257f8cebddc900af88cc21ee2816513045e92f71fc8523894d684678f17b5fdb4adeda98fc019c0ba05efeffeff3bbda1d6d84a98002a74237cb8d13cb30d8a9a7e47e4da8273a47df4e6ea53036b5b154b9597e6eb00fcad29ed04a820b1ce807bf1818344122a6f0aac52d24426feeba0af56925cb4a1e70a84251f2b4d4693e689518a0e159647b5b60a62db699a25275520c208652ce4401bb5dcd633e7c889758d3d213f4dbe69c9bb76e80b6c892bb5f5809e042ee5cb1982a2373b1886711d1e68d0bc3d4c9d69ac605432bf84cd81104e77c71cd7c0708244fc9428edd52f8cc8f3023b4c6d3bbad7a9b874111098c4652b34c428a8f789c5e5f3f84354ab7afec1a7b11d2a34771ebad2f15c169a61b431c8a1cca9ca1596fce65242d03814ebf977da9bbde5707b22b5002cce68bd0f6d196df341c96bd0cf0916b8775e75021663ea82c99a90b844cc5f8b6c56b21b1fbbbf6fb40ed0c29ee4ecc2998df2cbe3a4d75025ef73dd9f3aa5bc7aa694fe573a73453c9ff873d0a8840afd91be319181836de45260b4e252394edae58f840858a9b64f0ff37bb1820031e563250e62ceea5a7c4d2cd4d5d10e57176fcf576e774920db06b36ea02f9cae9c1087bd1866fb4bcf7fbf393093b339860a61c61248000a2a1bbc982fa691e311fa1bf2a38afdf08b574eed0df42bdc30c3db7cdcb71687f48070077f91fef93e8e47e248d3e53e8a79fcb5a8f8aa39b3bfa2dd88d5c5840d517ae8c132d423a37a8be3301d62a99753bc72f674205a11850e045430abbdc4e68223a93c76d6d2f1d646af10a15705793e2fc5a532af3dda88f52063a091f1f79cd5a5b23ea7742b149eab1aa43c21c2f15227a1f94b5580adbb1e1c49ade49d6e8b838cff43aa2426651817f479252c8ef7af9e4a5ad33839be6c15b50016c59f13c26cfca796cfc01207acc69e9d3952f6e71c975bc77d5a001f6f6c044770f54d86a4518a4898e3136988d643dd2de907859f0b4d4de2a2d461ba5e05cff49eda86772799b2e7947fdbb89fc5b0347e87f1b9dbb94842cc1457d07f3e0c41342510f5ccb551cdf0fcac1a758041bff75812de1b2abf341ed5f667c9b0581d2c33e0b17f1b46c2287399c62252edb9c1cf2b80b7a1b4c3c903aa4cf5332a2998b9072f61f589ae5df1168f8d18e98fce2bec1d5d876f9757017b73495a4e8f4f2423cde8875aa8c95a9ce180cac6690657b8a70e5541d5ef46575cd74e063759fe4889f4d9737a6c9732f8b7f7836508814093b9bdac5733938e761b3642910d4df0b646c1b9583a502246988e9ab78de3d011e8590e48eadfcdb70c8aad6dfbe1dbd3ef20d9ba393db4e6cf91e3bb4e84883c60dc20ed974a5decde12d3c5a1c9a00999f8eefc244465f518425820b9713cbfc6027f427b9cd8756edec5b3a0301a01ebbf7c5d412ee3422aeb8b291619f62f4ce41511156f73e54b5097051ea777af7cb73b36e1274ce1a3892007466cc793eb0515b8984acb99c04c7eaa51e175bd73d99bc0c67c8ea84d808a7906a6ad330ba2c9651b2ab82d0781a969873dcddb068c15b7899fd560a1c3d44b34e81cce079c46fd86522052659e2c3151c79a8ccab1dfcdb91f53ca067ea1b2aa507278e4166e817eb0d7dea67cde1598a1bdb76a8caf82add2b43fdd10bf80b0d2f32365849c425d6ac3d2d88a76378d23961eb96c8422e785ea61f33e4daec02393d51f44b177755749fe84b43f5246d20177800af05752af524265f34f62bd5167fa647d2118aa905a1af53f07e7447bee29675cc23f547339af140c0818aa974ca16da33e767d508e4f56726c7076acce57a9957d08348ef84a39188e800ca44682fccaa9ee1b42e1aaf7738dced1dce3ef2dadfcba2863f36b5f8080ed22539b5176bc2c57e52e4cfde659c1ce9e179c79f85d60ca51c7453dad593190b19a1be8f5c5b0249d70079f10f9d0f07f25a98bd95e6e6f71101842b55347ee008d58522e8f7598c1636c58fd20984a6bb17fd47e7db4bc72854054e7900cac4174cf0b4eda2406842955fd8a2ba00ea4d490dbbab02d659cea4c449d9ee37c8f35daa4740b3273693ee2c1b00965a79d18ad98ae92bf2e1ea84ff1e6181937d38765cb353c6223ead1257d88a8844cb0be17aecc2dd56b78dcd6e2999fe695db248dd68275a5ad0f223a4629b17a040a766b2bd2376d77a422371de14a3daaf4fee92f23ca831452826bc66d0cee2049acbde07bdbb6ce228147f9ed4f9437301e8ca9e1ace0684700e9623a1534212d4c557712a3196d86c86077e97172d7e89436e15e1d7e7629d5bc908e346e504839498890210ca15bea51bb2840f1275d36b99490ff0706aa3ca9e89f33fd99df863acc3bca504c15501ba9d987999ee118f47b7737d2dfe73ab257d680f983da1f5fd5975491ad966989f7b15e76e4e6b1a2987801adb3b7cd4cb1d2c9d0454429c2955643c8fb82ccf8e93051cc10081f8181af0d143deee686f67ec42db1e9914ed047e4bf0006af01028e3839451fa3e17d33586022c63cafaf6d0fc773c96143473316988d32f9943d7477604a27ae4b8a7093bee2cefe10cc02109c748d0676692a2411e5c3b4c4c1b9ac7f9b71a1a7126dacf4615e8c9c3d38f536e8b32e37f406b3dc44db80a00d6e4a3deec869edb32a411986be1517b6ea45e1f984a6fbd08edb25a305122fe5a90cc46af48ebc36433a1f27f43d85492ea60fd2f43125e7328da93f7aad97f97910112fed7ae7b1785822356a525df1f3ab4637b68d92ecd8d7f234973c686fb11821bb1de5f8459b57892f1dae08aae1924ee60a904d7be6e6611ec3d00002152ab7e0c29c7bf124dbec9a6eff25e619d89c27d187e3ffff63c996c33f4b7e967b607f36a8ac8dba6beb43395c989b2e3e36de29b07f9c2d60cdfd1d02813d4e508c56b99405b752758a01cc25bb5436ea1efd52c536fa1d2fb1cd9b1ee006d42b58600be2c1aba59c480cb6e9224d7a4df920598950634033087d3e356f35cd2f8b021d30f4ba79bc60eb6715c6c9bed84648552395cffa97c8cdb8f562f8f127f0e6f86dc61fab11ff782560d88cf2872d0e07a27f38120a0831a93c377298c2ed4fe180eb078422e5f030540fd21ebd414e6c42f1fa5491b5b8fdcada476376732edbfd66e10a475e2c0a43ccf6a41f7879f4577e987695d8d5097f6920fbe2b9ac2cb424de7afded1b5b7db89f3612c487770d58a7bb7517f1fa7a98ff6db3718587220f900f4a8e867e33e24c1981acb3445de995132d8fcc58f79ddb1475ba69c464071e95c0707c396c0b1b710cceb51efba5f30a271cd456d5f7216d90b412156ecb01dd41f15ac31980649c5eabc7fbb085a38318d43b0683cba055deb9dde4dc4584935473508837c1023993d50b434b311f126df6a0be0653b97a97bbc9b165098dac8dfd6ed6f033ccf7b32cfa3292296222aebfaec4dcd5066b66be45696067dfab907e2984f1bb6067c170e0617e245c9c09a85a061c4b7e2873ce0571b48d557007d5c7ddf5cc2ffa533e2a3975f3687a6d08a09dc1d285cfed129ec887d70bb5aded429b676c242d57c8f36721bf5732b1f25eced0ffedba7254486c9caab3fb3e0ad3b2dc332a06dadd39e5483a314b1d3086cc198b6b6b272fb56e35e0388b1dcddd484fde0ef9d855ca7bd98ebf0f686cec7d5e37f7b5dffbe4ab28c4422adbaef0c45649b0b830dfff90bbea3b7103ea9dd87d856ba7c5bb485319eecc71acc943c733f489ad72e13b1b232cd1eb4ce87917daad4b0405c9905f7a35501c75332d9acb36057715a6abd0958061fda860c00000000bc9aeac4f47acd022927c381012150fed83a99c2d7b268ff2e1c8d162d3feae2c5bdee747aa10566a94f13d4e1a00a4043bd179310e72ec8e4c68659be77907bba82fc416a72c0d2076821f77e8afdbeac769195a01515ab45ba73ec85a2f8a52146dbbc8d585def095aef4e4491362b596a84d2e9fd0131de2c72b71c4bd239146011eaa209957b2bb3f74bf2f42a17440749688d66a18a9d4a7d1e2bbb34dbb2a45460e69a1ec43467665c59438d35fe9b04a94e408ec4bcf7ba1a25bfc287d6189b65711904be9860f8a68d1bab99eed54890f963caef1fa0179224b650f090f67dca59f1241c2a25bc921d522f61e57d2bad88c057d3f7729499a0391fca3a62b27cc0a9b976da3eef333d88ad128ea757697ffdd50633b66b73ea3ddb565bc3d8780f9c0bb2347551969aaa500e7c030da2a92eb3f78d88b91eb547dba2e9be7ab2aa617f0890c39c73c8c2b35ff7ec529f6b8d08e3fcf2630e454bdb6474185ae72ba69310654c9c0b3ba158fe223954e1d46f9d27b0a4e090b0084918b2964bdcee31d258325b89ef96790ed1df4842b482023f1d22fb3e01280f1c8616153035f10bd65de57c1fa7d5a17e77b12e348bd3019092ef548c5249694168dd24df8a7318eccd779da4f547e9f162f484eb3ab9f5bd196f6b68656725d2624b61d09f73586753a1fb7eeb1721973f8e15522487f1dd1412b0f4846801d1abbfe53b755f15047981b162a1de04d52b4d4762ac877e4d718619e8cdba16df688fe95bdc9a1ee99c21004ba7e72985752d89d6892a4169296703fde314457f014ed89c129a4c83b5bee0bb93cb69a83313442837bc03679ee317cf8d1b908b70fae1b1461a398f310ac073642f954ab39e0eda329a94a5c12cf262ca4a25831dbc10aecf82d9d54776c379c230bb488cd6c9295bc31cfab61eb9b5486726f5c854db8aad2642d4468643f3bc8b25cdc9fda7aad04b06b61b185868a44acd46a0bd8debc1e431f19aeddfa3d0e480949bd361f6c988744acafae954c140192306c3066e8e434f70e8cd67b65a59923d166a95ca5e0515e2059e1f1aa9a74bfd49e4e37638bfa6b6117b790c4ec7f536d046c38f8ab6eedac1713bcb8860a18cac43e9add3c68c3ce5d17fbf76e966afcd3ed7795540650e093d39926f5e3719156baa54307b4f5e934f24951b3644a7657e798525d3f1207b28527a5bcdeb33e296c6c0e9e1757941ddd24a0d15c9a21918514a3143ef3fc2e775345ea10aeba6767686e9cfa646da377e88fd759a33ff20c9b258fd37d063d02fe22f090c5e324b507cd3bc42248a7abb2c7d0b1b85ecb5a67bf53a2f25d139ea523808678942e1588fd677df161b67b563a446a2cc69d9126fbf308258a13fcd6f53d92d9947311e3de4fa5acd7c2684d9eb3b4feb024e05bbf090836d92e30b68df6a7619542c9acbbb69dc73c781bdc7ef4b25c2af77186f493a5038a56508cc56b7085e13f4264e02a2a3bb515e15301371520481302f2367c883a5ac503ae4269cbbc8fb2f0f77ecaea7b8af04bc24aa90f677a72bbecfdb225864714344a8fd1c07ef664abaefe53bd76ba12c8bf45860a316812af87348682ee7005ac6a00523f4313102742ee5502d8c61c3321d1b872780192f4d00b12b38d0aedd34619c42f49b81d7bddc4ca481ed8f448bc3ad98b13f7176748838d623e007a24948480e978b80ce67ec952eca613091ad4f81cd521b2851bb8b2a6b1da0420eca80aecac9c0887988e1f29906c9ce65b990a00f22ba6f115a7a0001f511ec35dbcd401130173fded8b2e23365caf3d6d7c8f404383f16fcd76b17c220f88c1fe96211bd92c5803c63d9537a2ceb258508d9b1d74ca43174eaefd677ed6db63bb3d7712c9558c7879fbe67b7396c721407953db9dad13291f96d7d0290ad56cf1f65ccf58d3f5b8ba1f78f81d86ae0ea50926ff352d73629da44a6d31598dcdcf81355faed4f5a6ad8cc39d4a414b97f193c896bd3c270097cc96e4a5e36ca9a56a27c52a03decc4837d7b008acc1fd2724f97e0e9591afb5de3af3ec5fc16e1bee79098cc94d638375d69ae5065bedaed575e11b1b0a4d1189830856e8d48a6c50bf18cb9f8919fd8a55ad0b2f7d8c096c7f549fec8e1522be0de2a69699afe47e899ac6d5405c08e2e374326808ba76259d85b971dcce55aceed11583603dd280fd15c8e7b206e8bade3f6d83c6041838ea8b489fb9f92ab220ad5d3cd2af3f45cb2df7094d550b2cfea314469943a159e12c01897a7cc42904eeb04cc507e7ce7ffb4d22efdcd5cb5d75975582e14960fb0f2b83cb774faea32dfba7ed0e8b6a749785166cb5c77dde7498f67f7f20d0b85a7fe6e7f8a8e3f95bd795165f36440d84434cef17f81697816030e3a86bf003272ca4868ab935fa0d465fb10637a706c9fd04fa4d4eb421e87aa6628a1d6174833af4dbfceab7fc5989550c0847bf27a5243e3b318fffde95d11cf507bc4e092180dd228df9f89d193a160d50c223309eae580a09f2e78855f17f8ad25c1f5814becdfca7948c7045b242e22d5efab676fe717eb34d2f0fcb77289c8b12caadd2377b7ccdcfab61900971b4a2ac132587174117428739ebb109fa133e483956bd499dfa530cbb3d1df42309f6f0755b043d85776807f25c3b4b518a2274671eb38f3e82ad4397377f85201771877a7cc43b838791a4d4d655ecadf03d8c1687e961c83dbb64c4d54d4b745a3abca7e381a00c6f51f48f6f7ce29ec656d89a1fab216675febedfe6b08c35add5aeb8cf6c0b226d309a222e1783e45e560f6ea64bf7706787f199116341f874321b52b1135830ab8979ae5546aad4ecfdac0045d4d15b4ed2fe26e484793db6aa61d40333355fa96ac5d1b8a5b5fc033475cba14f344007bfd82deb64b5c2eda6c0d528e4de0c21802d6b27554c0e2090f2c4ebd19208ce904cc02756b44bb2f8ebc1d37961c0957a4815487cbf76fdbe1f2b77b563a5663a00952c92579399f7acc1d41d9289ea0345f02f6f760ced802c8e0b14760a43dd04e6c371ceab9f5cb3617cd7ab31457b6821c6a4f34b243fba61f5c553e58ca253d5723382cf5d3f8357347ee2af2d48d86367f993e4b80b849dd3f50b2a89338af97e11b9a796ae2548856cce01334bca0c558e160f16e74699c7eaefd699acdf4d5019bf70f2d9c083f62b5254262f05c01dba59b1779502d3ad310a3039447d730a2cebb1242331a9849921c07336e985a844c55ce6129a650b3fd7cbda52a0cfdf0ef566f24adb8c959e442e9d5663fa16561b185cfb18355863d9b9f91c3829c4b0ba580668402a7a100fcd4a4e901b660863a9537f46e4f36446945e8f62e53e8282ccd7cfe14fca161d7daf592188eb2e11e275f616f4e692db8f318e8fb635d1a2582a3c8ad3050995f4cd810c04b23aaa6b26a2276133b443280f0526c9b1c016a7fdc052eff91d167b2813ec4f868c2da5fd9568da148e0ced0229f415716c1caddba880efa2017a82829125e734b96333da0b15340c149b50be86e3017bdaae3d80ae51c35df37e67684e81b5933cc7bfbe7ef0486d57e3901f9ae3eb1d592eb3fc244ce6555d3d69922dd3dcefecbba207fcbd5144a5ff97bf2216c046348a633284db59c10662350c74844ed762f353cd01a971c88d0eabb68eef856d585e8f5a684dc948b094754362ba8d606f85a755a27895ff5b6b4ea0387574afdf362a43b5535a2838b3f00f24612b9ae47e95f15d8b828efe56152d77871cfda0e0ff9936db3fe9c49f0d0f5ef9b71b81efd2e92d0166a4970254950a51235b66866d5402740adaa584e892572a6f46714704660cfbcaa56cc27cb538a908d1ee2fc7adaa674ce7a717f6e0481a2374f768fa3df8368bf4281bce6f9777f958f36502908d7c921ba745d0cc16b8a9a67f15c26d4b005788b1e90b19cc13f3e925fc14ef31d624c7500710d8f80e5bd4b14dd6bf70c210db6077c69d2d1751fe999442502d3542be12b732e3793e6c5e5c33a15a792ea344b0ed0be1ebb1d4e896e3e62d8d85afad2ae134dabc4f0d3fc719c6245d3bfafa42f0cdc9c0d5c4ba5c20b9da975bfd2f211bee8589ce1dc9652c2c3cee2a5e8a00049e42afe4403a905b60e0dcda1120d32ce36b91719d6308c93dfaa16c23a3b37e88194778be77d5e9e64b39477b76b4644ca32525b73bcf1fd9dc9af7776f2149e368053c58e1c93e1ec4575cb5e0b2da61d5e6b19436f3c095cdb4af4ddfc3364975700e5ff5275f9336b8cb3b959a1cd94f6b9c3a33f35e9ba4b7fea0466edf54e5e2e06a79bd170392c02b09749f3d111ef60baa8016dbf9ba581beab2c43d094add0d7fb7e16f198f3050641255f30a57c3045c1b51dd6e5d65613167596365b9c67aaa36fc89c44fbc4c8c96c328554a63a15511b04692651dd5e30780caf0dfce976c665e7b05fa6143914837bc82fb9d9dc5a1660e28a697e8a0a32eb8db109c5a045243d86ea11847fb64ec450112d77ecba32de418629a4ea2ae3f7ed3625b26def5c19813a6386ab4e43838c1fad3d4e92dfd7d3f98b3cf46d6e20304851899c59661e9639f3ff52fa023114907d930d74d605f3f7c5fd9ebb446d807e96cf3bf3517e369dc98f489026ec035a86f3719e1e50a48c0381f7fd2a7eea1d3a09ef7a0ba50b2ae28c2c955db4761ac005226ebc0c18d108e8ac066371be249b80eed88afee799411a50381cacb2d5164f0827720eb9d11b5cc548c2e145291dfbc5d4f70646dfbca077ce8ad3a3f8c627021295cbef70f5013c53e8fce32116e678a7b1dc535d43b429d330e9193f8de1a6c1da4353a86bc722ef1cffe59a012ff9c5f45b85e55ebdaa6b36a519c544ef8a86095e522d7dfbb9cac41e826fcc4bc676297141195f839ebcd8f64599fb15856960f97bc70d2336507d5060282d0988f354eb757c6f4b0ee77e2c0889e5336633ac28e2651c98e7f2fa4c163f8fc196b6798c1400c46710abed12a33a95afa56c7fe55de0b48cc984c80f6d98d212daeefdbcb457217b3962436e481d70967cab6b0943d5da59021ea9fbebf66e86943e029ef95d46d347b834098e1c8fb4c35d15945bc2e336f74c6c80430ad5fc4f5b9c6b41245ecf151eea90763ce3e09e050ae1c0925fa7a5ddbb7f210226cdcf9ee406041b73a5988646b90ed382d08e7a147078f9de025f5617017ec70f65dd25d7ccdb47ad7209474f4ca461ca46f0afe3cb405c3b72d320016d01b62def93fa4fa5a34df145c526fc497329a9e29ce17a929893f7beb417c88804418271dbeb51115821db4737b9cc467f190209649f543675defbf95640d20cdd124e85788b703213f4e99b4f36b74b5d44b67b7bc995ba133da4ae92f3a3db49c9ec039e0285001fc16760da0d07552e1ad621a4bac6d0b6409316e8a78273b79aa70df0e3ca024336d42c530550be8c68897bfa6a44f595bf5be48f8b25b48825ebcba815db4b3124522bc71e3970dbcafd479a6dab40f745a655cc3f9dd5aeb046d25baaaa160ba21f8b3c0292329ae107483c8caafcd70d041facfbf705dda95370a91879fc0ab9132e3b7b02cad69417178c4f34909df7a373bacb289476c25c901be7b52aabfdfcb3415ef3a565c7de2f0128c63e16984e2e98ad23e06b890f22894ebeceefdb472192e501e2c791232933b52ea4b9c4e9fe3654b8b1e08048fbcf58fada1cd49ca6658ce6ecd12102d90c81eac26090efa36514553abb298f7cf1a43bd6d473c1436b6be9e87445de726cfffb00c72de49db0585d677d5b245e15f9a53b4c258ba2fd67d38afd9ccd0d409c0bad675fcfbc1f4e5166fd1b29203274f758f55a266b8f7c9ec8ef1dd4913727fa392ce6b11baf902ea708adddd836982a609718c1dfb810aee6f21e47c27dc6b4eeebe5fc21aae6fe7d2908679c873e2aa45a1ee14cd7e10586216d5e17cdbfacd4bfedf00b7ba7fc46d4ac90667329ba76b4fcc6b991a55c9ed159a2fb9525c975bc0aa4a291fdde14a78b95adcde52fcb5a893ee7b4df6631b3ed5a9d9d9ebe36c7cedea777a9e67faad7f7004f0a820aeb6636f24685a15d12abc639aab2233b36584670c667f9e7a3fe1195d35b268d1052d5b4c9625dc963640c2c5e6c37d36acc31755b34f3ee2af7b7ba5dbe105322a3741c567c9edd817f6488fe69301b19481fe2e2cf74b19d4b224598b0ce1fa151fa1ef3d69aaeaab397a5eac72e0b969a09b85e3258e891db207393bc281afa93468b29b7e55cc2decf8292fc68e1a02b2faa873a846680992b37a548c8f724c0125027faa58be5b2836206cc34c063b50270d7fc968dab0d38072ca90bdef91119b72ab417d811d2f32bd41e6ab2bc5b5293f92f7a0a4f172bfea5403cd418db95e1a4232f78f6afd3d13978e206d85fa9ebe2abe444db065d03b6169bc9f0dbfc19237a74bd13c1ef844f839b20018fdaf1be6f1a171f6f3ce2205fdcce38330b88ceba0c5eae812e12be99993d265f806e61ec42c9527287967a1c3b27afb1edc35a5d17bb7f4d20ea708c62c9170ba2ab710f2d7f5dca7b33e0f9434cf0b6ee846fc8bc45d39f252ec682732fb090f46032491155d83a30894a259e037e57de7523481bcc2d704d8d728fbdf048df30f7e4861f62b8e63de47b3838b5062ccd2c125bc581024ea76bd4b1f53057f37d329f7861a2a70fd3b6d6fe252a1b892192ed75c585ab809f702e27e237c4aa2dc947585c2086eeaa29c3ff7e02cb7d3a0aa3a8156d2897daa9c45a2e28ba14fd40c8a3a058805e4b5b10641c3c25b9ab80cce83206b13a1e2bc362eb5ab7e0e677c01fc0486aa32862ad0afa4f1cc8496b961a0eec71c26ad107ead599d8ddd59d85adceb3ea442efcf8ed64f4c66547344dc81ef5b6ac102434395203f58d59656d41dcc192774d70f4f2964e304efde831126d402a240325e603347aa43626b5eb69b000", 0x2000, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x90, 0x0, 0xfffffffffffffffd, {0x1, 0x1, 0x0, 0x200000000003, 0x237, 0x0, {0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xd, 0x10000, 0x2, 0x2, 0x3, 0x6000, 0x0, 0x0, 0xee01, 0x0, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
umount2(&(0x7f0000000040)='./file0\x00', 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000700)={0x20, r3, 0x801, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_TX_RATES={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4008004}, 0xc0010)

6.131890355s ago: executing program 0 (id=2107):
syz_usb_connect(0x3, 0x1b, &(0x7f0000000500)={{0x12, 0x1, 0x300, 0x61, 0x27, 0x48, 0x10, 0x5ac, 0x12ab, 0xe4ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9, 0x0, 0xd0, 0x7, 0x80}}]}}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x6, [{0x4d, &(0x7f0000000000)=@string={0x4d, 0x3, "4108d4930e9cb46578915caedff123e84da66757ebe7e27cdccc0cfac824b0cd1d248f0b446acd7b08b3a6879e399ebe21a583cb412deb4ff46fcf3d3f5bf98fff8184022c79e664a5532c"}}, {0x9, &(0x7f0000000080)=@string={0x9, 0x3, "bcc35db896570b"}}, {0x9c, &(0x7f00000000c0)=@string={0x9c, 0x3, "db62dabb61f26d3cd5239071021439a76a339e8eb86f8153e08a04b047c46a37a56d74f28e1d23b11d82f8e8e3218f037645da11809908576ef0fddba08120543d43cb99c84d693d3eeccdb4c370b6e0d95ec8b6216b94b6fc9b97949680e39df758506ba675e74ca83f03094e1c3b7dda1d5c74627f664d413b68a0bb7bf521a428297e0ce2906c558ed82055a4707447ef8035351b0a7cf160"}}, {0xbe, &(0x7f0000000180)=@string={0xbe, 0x3, "69a9f0a24266e2746e48ef98e053c0d54c4ac2eeacc8a8936fbb905f65d89edde2f9d7a61fe79261563f197194cab02b566dfd0861f6d7f73b129f267d437c9a9e976b17841a49cc1ef8e3d6f70164282a9ae60b58b6268c1f5e0ea6256683993b23006e971514b8e785ce717e1065a46bdb93841fb33783be9d23e61c1265c070b5e2546f23e02792f051ce4bfa30af2e7d1942e104cf6ac84c79570e1e6cad21a5962376c4e922161b4bab6a26ac0dc799958f6427c9fb0e92b810"}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x458}}, {0x1a, &(0x7f0000000280)=@string={0x1a, 0x3, "dbc0538f2062ad27b585a9d4aa09d674ac1c78a17d98d3b0"}}]})
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="090000000000feffffff0a00000008000300", @ANYRES32=r2, @ANYBLOB="140050800500090002000000050002"], 0x3c}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x98c5ec229560959}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x28, 0x140f, 0x400, 0x70bd29, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x4011}, 0x4008004)
setsockopt$sock_int(r3, 0x1, 0xa, &(0x7f0000000000)=0x3, 0x4)
ioctl$sock_TIOCINQ(r3, 0x541b, &(0x7f00000001c0))
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f00000004c0)={'gre0\x00', &(0x7f00000003c0)={'syztnl2\x00', 0x0, 0x700, 0x708, 0x400, 0x1, {{0x2d, 0x4, 0x1, 0x8, 0xb4, 0x65, 0x0, 0x1, 0x4, 0x0, @remote, @remote, {[@cipso={0x86, 0xa, 0x0, [{0x4, 0x4, "c231"}]}, @noop, @ssrr={0x89, 0x1f, 0x4, [@loopback, @private=0xa010102, @loopback, @multicast2, @private=0xa010100, @empty, @broadcast]}, @noop, @generic={0x88, 0x2}, @ssrr={0x89, 0xf, 0x9a, [@multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x29}]}, @cipso={0x86, 0x63, 0x2, [{0x2, 0x6, "7451f157"}, {0x0, 0x8, "29122a493213"}, {0x2, 0xc, "bb4a583f6727185e5bf3"}, {0x6, 0x11, "9e718a61ba63b413c1120194141e36"}, {0x6, 0xc, "0ba88e8ac13756f6049d"}, {0x2, 0xb, "cf5dbb15d7713bea57"}, {0x2, 0x6, "93659091"}, {0x7, 0x9, "6c1ea10f324263"}, {0x0, 0xc, "43630d3f1aba42d84427"}]}, @end]}}}}})
sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x1c, 0x52, 0x1, 0x70bd04, 0x24dfdbfc, {0xa}, [@typed={0x8, 0x1, 0x0, 0x0, @fd}]}, 0x1c}}, 0x8800)
r6 = fcntl$getown(0xffffffffffffffff, 0x9)
ioctl$XFS_IOC_FSGROWFSLOG(r5, 0x4008586f, &(0x7f0000000380)={0x8})
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2\x00', 0x1ff)
mount$binderfs(0x0, &(0x7f0000000400)='./binderfs2\x00', &(0x7f0000000440), 0x1, &(0x7f0000000480)=ANY=[@ANYBLOB='stats=global,max=00000000000016524001756,max=00000000000000000000011,stats=global,max=00000000000000000000007,fowner'])
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r7, 0x0, 0x21, &(0x7f0000000300)=0xffffffff, 0x4)
getpgrp(r6)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000340)='ns/pid_for_children\x00')

4.910666366s ago: executing program 3 (id=2110):
r0 = memfd_create(&(0x7f0000000500)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x1c\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x83\x11\v}k+\xeb\xc3\xc0O\xae\xd2\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb901nEy\x82\x83\x80\xd3O\x00|hP\x00\x00\x00\x00\x00\x00\x00\x05\x86\xfe\xd9\xa5\xc6\nSy\xa3N\xba-]\'q\xc6\xfb\x02\x9a\xa9Z\xa8\x80Bx\xbd74\xcf\"\xa5\xea$\x95\xfd\x06T\xef\x89\xe4j\x06\xdc\x15\xe7\xc3\xb5H\xf7\xdc\xee\x182\xab\xe2?\"\xbewm\x9d\xd8x\xd92\xeeS/\xd2\xcd[\x9dcO1\xcb\x12lZ$\xa7\x9d\xf8b\xf6}\xc5``\xfe0\x8a\'v-\x99`?\x97\x8c\xdd\xd6\xfa\xa2\x06>\xf3\xe2uI\xe65C\xdb\x84\xe6eU\xe8RK\xd6=s\xcd\x9d\x1f#3\xc5\x16\xd0\xbbD\xc5\xde\xc8/\v\xa5W\xbep\x87\x15\x10\xcdm\xa7\x93\x01\x1c,9V8\xdc\xfd\xb7\xc0\xfc\x04\x00p\xad\x12\xb2\xbf\xfbFZ\x1a\f\x99\x05\xe4\x1eP\xed\x87\x89\xbeo\xfbv\xb6\x8a\xee\xf6Oc8\xaf\x11[\xc3\x98w-\xf0\xb2z\xc7\xaf;\x92\xad4\x1b\x92L\x97<\xbdh\x80\xf2\xc0\xd0n)K\xf2#Ncp\xe4\xb4\xfb\x94\x18\xc2-TWA\x13\xfe\xea\xad\v\xc4\xa5\x02\xf9\xed]\xf4\\\x01\xab\xdc\xb6\xcdP\x93\xf2\xc3\x96\xf2\xc0\xd6-x\xd5\xd6\xc7\x9d\xa5\x1f\xd2t\xd7\x8f}b\x9749\xd4a7\x18\xe0\x91KV7[\xb8\x8dL\xc8\xc8\x8f>sbE\xf5\xa7\xdb|\xb0m\x16c\x84\r\"\xf2\x92s\xeb\xaf\x1c\x00\xf4\x8dL\xa5\x10\x89FB\xfb8\xf9\x9d\xcbm\x1c\x91\xe9fd$5\xdc\xad\xec\xef\x90\xd9\xefX\xd2m\x9e\xec\x94w\xb3\xf9\xd9\x0eu-z\x81\xbb\xa6\xc0\x00\xa1\xd9\xcbI\xda\xa3\b\x9e@\xb8\xc8k\xdeQ/\xb8X\x9c\xff4Np~\xc4\xc1_\x1c#zX\a\xd41\x1c\x7fH\x91\xd9k\x05\x1f\n\b\b\x88\xd6\xcf4i\xa0B\xe7\x9c\x9c\xe6\xcax\xca\xa1E#6\xe9\xf31W\xd0\x1bY3/\x00I#\xfa\xb0\f\xd5!\x9fR[\x0e\xdb`\xdb\x82M\'k\x16(\xfa\xc2\xec\x96e\\Q\xe9\x19\xe1u\x86\xcb\xc3\xb0\xb8\x19\xb9l\x1fk!R\xb1P\x8b\xda\xffE\x89\x97\n\x17m\xd10\x1a\xe7Qz\xd8\bi\x8dRw+\xa1^N\xaf\x1b\x1dg\x8f$\xbe\x93\x8d\x8b\xfd\r\xee<\x84\x95\x82)TH\xcac9\x98\x13WW@;\xb4\xd5\x0f\xa1\xb3xX(\x80\xe8\x89\xed e.\xe04\xba\x9c=\xc6\x04\f\xbf\x06\xce5\xf99GD8@\xd2\r\xd0\xdf@\xe3\xbe\"qq#]\x86W\tA\xa7\x91\x85\xae\x9c\x8dO\xa6\xa3\xf9i\x83\xc5\xa8C\x164\xef\xa4\\\a\xaa%\x94!3k]\xd5\xbe\'U\xf17', 0x1)
r1 = dup(r0)
write$binfmt_elf64(r1, &(0x7f0000000800)=ANY=[@ANYBLOB="7f454c4606fd78833e0200000000000002003e"], 0x40)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

4.284782105s ago: executing program 3 (id=2113):
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x145})
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000390000/0x1000)=nil)

3.965611416s ago: executing program 3 (id=2114):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
r1 = syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000080e372208c106801b284010203110902240001000010000904020002f8fd00000905060200020d000609058202"], 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x4000010, r0, 0x8d0cf000)
syz_usb_control_io$uac3(r1, 0x0, 0x0)

2.710547241s ago: executing program 0 (id=2118):
mlockall(0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="30000000410007012bbd700000000000047c00000400c2800c00018006000600843b00000c000280080017"], 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r1 = shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil)
r2 = openat$comedi(0xffffff9c, &(0x7f0000000100)='/dev/comedi0\x00', 0x101001, 0x0)
mlockall(0x7)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f0000000300)={'pcl730\x00', [0x3, 0x2, 0x7fffffff, 0x8, 0x2f, 0x2005, 0xed, 0x8, 0x80ffa, 0x2, 0x8, 0x8500, 0x102f, 0x1000004, 0xf, 0x9, 0xfff7ffa8, 0x7ffffffd, 0x1ff, 0x9ea, 0x3, 0xb, 0x8, 0x6, 0x1, 0x8, 0x3, 0x8, 0x8, 0x2000004, 0x7ffd]})
shmat(r1, &(0x7f0000ffd000/0x1000)=nil, 0x7000)

2.438929435s ago: executing program 1 (id=2008):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000300)="a6", 0x1, 0x24000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @private2, 0x9}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='nv', 0x2)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0x1ff}}, './file0\x00'})
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x94, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x40, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0xe}}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x9}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x14}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010101}]}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x5a}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'ovf\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1}}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x5c}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7ff}]}, 0x94}, 0x1, 0x0, 0x0, 0x4004808}, 0x4000800)
shutdown(r0, 0x1)

2.237116084s ago: executing program 0 (id=2120):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f616400340002800800044000000000080005400000000008000340000000570800024000000001080006400000000208000840000000000900010073797a30000000000900020073797a32"], 0x9c}}, 0x4)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0})
r3 = syz_open_dev$loop(&(0x7f00000001c0), 0xfffffffffffffff9, 0x100)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000380)={0xc, 0x0, &(0x7f0000002dc0)=[@free_buffer={0x40086303, r5}], 0x0, 0x0, 0x0})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r7 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
r8 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x0, 0x10000, @loopback, 0x1}, 0x1c)
syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="230100004106cd40cd060f011bd50000000109022400010000800009040bfd02337761000905070200148140060905870308"], 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000000a01040000000000000000010000032c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000048000000060a010400000000000004000000000308000b4000000000200004801c0001800b00010072656a65637400000c000280080001400000000009000100730000001100010000000000000000000000000a0000000000000000"], 0xb0}}, 0x0)
shutdown(r8, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000380)={0xc, 0x0, &(0x7f0000002dc0)=[@free_buffer={0x40086303, r7}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000540)={0xd0, 0x0, &(0x7f0000000840)=[@exit_looper, @increfs_done={0x40106308, 0x3}, @request_death={0x400c630e, 0x1}, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000340)={@fda={0x66646185, 0x4, 0x2, 0xf}, @fd={0x66642a85, 0x0, r3}, @fda={0x66646185, 0x7, 0x0, 0x16}}, &(0x7f00000003c0)={0x0, 0x20, 0x38}}, 0x40}, @register_looper, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000600)={@fda={0x66646185, 0x3, 0x0, 0xb}, @flat=@weak_handle={0x77682a85, 0x100, 0x3}, @flat=@handle={0x73682a85, 0xb, 0x3}}, &(0x7f00000006c0)={0x0, 0x20, 0x38}}}, @free_buffer={0x40086303, r7}, @enter_looper, @enter_looper], 0x80, 0x0, &(0x7f00000004c0)="e01c3d1936c7e94d0d74cf2bc39bb23e339859fd118529ad839eca4b02fcf7af5de3217df9eeb3121c69021d1a7136c1092cb81d22a14bb03a3667267ba04b591102df97e527ed2cd832ab91fff4af82f3b930cb9b957cd6a328d2e320d3c3425f067ad65d8b69cb9535893c1a52785e82ad51895135c2070590a5cee02a5dc0"})
ioctl$BLKSSZGET(r3, 0x1268, &(0x7f0000000200))
r10 = open(&(0x7f0000000180)='.\x00', 0x10000, 0x0)
flock(r10, 0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r11=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r10, &(0x7f00000005c0)={0xf, 0x8, 0xfa00, {r11, 0x8}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r12=>0x0})
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r0)
sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="893928bd7000fcdbdf250b00000008000300", @ANYRES32=r12, @ANYBLOB="0a000600ffffffffffff00003c005080090001007e7dbbe5520000000800070000000000050002000000000011000100e0cae0577b10282f3712d00bd1000000040005000400060035d65bf515845fd1e7a668464b683679a27151bc3d2da2649847d05030ff0e37d3282eb5f0d89e64d6f1da4a90d8b63b8cc107cedf4cdb3ab243345b07093a3fbbd23e5ef3da85a46ff24f57ccf5ed941532edeeddc8e1219e747876"], 0x64}, 0x1, 0x0, 0x0, 0x48015}, 0x54)

2.227973493s ago: executing program 1 (id=2121):
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x145})
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000390000/0x1000)=nil)

2.029541615s ago: executing program 1 (id=2123):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0500000000000000000021"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}, 0x1, 0x3000000000000}, 0x0)

1.858819584s ago: executing program 1 (id=2125):
r0 = syz_open_dev$dvb_frontend(0x0, 0x0, 0x0)
ioctl$FE_GET_FRONTEND(r0, 0x80246f4d, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007f, 0x0)
capset(0x0, &(0x7f0000000040)={0x200003, 0x40200003, 0x4, 0x2, 0xf8, 0x40})
ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001)
r3 = dup3(r1, r2, 0x0)
ioctl$MON_IOCG_STATS(r3, 0xc0109207, &(0x7f0000000040))
capget(&(0x7f00000000c0)={0x300312b7, 0xffffffffffffffff}, &(0x7f0000000100)={0x7ad, 0x3, 0x5, 0x7, 0x81, 0x42dc})
ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000240)={&(0x7f0000000140), &(0x7f0000000180)=""/156, 0x9c})

1.732640776s ago: executing program 3 (id=2126):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000000)={'bond_slave_0\x00'})
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$RTC_AIE_OFF(r1, 0x7002)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)={0x14, r2, 0x709, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x2004084}, 0x10)

1.656309742s ago: executing program 1 (id=2127):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="600000000206010100000000000000000100ffff14000780080012000100000508000b400000cd200500010006000000050005000a00000005000400010000000900020073797a310000000011000300686173683a69702c6d61726b"], 0x60}, 0x1, 0x0, 0x0, 0x4044081}, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x44, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x6, 0x0, 0x0, "", [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x1, 0x3, 0x9, {0x9, 0x21, 0x90, 0x9, 0x1, {0x22, 0x93}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0xb, 0x1, 0x8}}}}}]}}]}}, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0xa483b7d200b1a116}}, {0x0, 0x0}]})
r2 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4f28, 0x3, 'nq\x00', 0x5, 0x8, 0x78}, {@dev={0xac, 0x14, 0x14, 0x30}, 0x4e23, 0x10003, 0xcd, 0x1}}, 0x44)
sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e20, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

1.574883364s ago: executing program 3 (id=2128):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = getpid()
fcntl$lock(r0, 0x24, &(0x7f0000000000)={0x0, 0x3, 0x4, 0x2, r1})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f00000001c0)={0x28, 0x2, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6})
time(0xffffffffffffffff)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='oom_score_adj\x00')
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001200), 0x8a400, 0x0)
ioctl$TUNSETOFFLOAD(r9, 0xc004743e, 0x110e22fff6)
r10 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r10, 0x4004743d, 0x110e22fff6)
poll(&(0x7f0000000000)=[{r10, 0xf1c3}], 0x1, 0x9)
write$cgroup_devices(r8, 0x0, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(r8, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0xd4, r6, 0x200, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x12, 0xbd, [0x7, 0xfc, 0x2, 0xa1d, 0xfb1f, 0x4, 0x3]}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xa9, 0xbe, "8f4fb79a74a0d7738254ca85a21927a538123a18ac4a67cd814fb44f1586c5a47c1f88b2feb49ac202f730c8b02ff0c3089c3196a370c4f36cc78f7c0d6f61f218addb01ced712afc9777b006b2e0ae08bb9a39873f04f4c5b337456aefcf128f5f075e2156e4d7828c0378db79634f36d3c50f544a9bab45785feea0d8fef48789ca32654cd1f9137971165b3b05fca6147fd9b288f51a938d7d7202320e440285e1b8150"}]}, 0xd4}, 0x1, 0x0, 0x0, 0x20000080}, 0x80)
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={0x2c, r6, 0x1, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_FLAGS={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4044000}, 0x0)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r11, 0x29, 0x21, &(0x7f0000000280)=0x1800009, 0x48)
sendmmsg$inet6(r11, &(0x7f00000008c0)=[{{&(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback, 0x8}, 0x1c, 0x0}}], 0x1, 0x20080081)

1.460838178s ago: executing program 2 (id=2129):
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0xfffffffffffffffa)
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
r1 = syz_usb_connect$uac1(0x3, 0xa9, &(0x7f0000000800)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x97, 0x3, 0x1, 0x2f, 0x40, 0x0, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x9, 0x25}, [@processing_unit={0x9, 0x24, 0x7, 0x1, 0x3, 0x9, "1117"}, @mixer_unit={0x7, 0x24, 0x4, 0x1, 0x5, "24be"}, @mixer_unit={0xb, 0x24, 0x4, 0x4, 0x1, "409fcee8c496"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x9, 0x2, 0x15, 0x2, "fb", "cf8b"}, @as_header={0x7, 0x24, 0x1, 0x0, 0x0, 0x3}]}, {{0x9, 0x5, 0x1, 0x9, 0x3af, 0x28, 0x9, 0x80, {0x7, 0x25, 0x1, 0xfabb286c912be8c6, 0x7, 0x10}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x9, 0xf, 0x2b, 0x4}]}, {{0x9, 0x5, 0x82, 0x9, 0x400, 0x7, 0x40, 0x1, {0x7, 0x25, 0x1, 0xc, 0x6, 0x4}}}}}}}}]}}, &(0x7f0000000a80)={0xa, &(0x7f00000008c0)={0xa, 0x6, 0x110, 0x6, 0x5, 0xc, 0xff, 0x6}, 0x37, &(0x7f0000000900)={0x5, 0xf, 0x37, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0xe, 0x8, 0x8, 0x8}, @ssp_cap={0x24, 0x10, 0xa, 0x3b, 0x6, 0xf10b, 0xf00, 0xfff9, [0xc00f, 0x0, 0xff003f, 0x0, 0xff3fc0, 0xff3fc0]}, @ext_cap={0x7, 0x10, 0x2, 0xa, 0x9, 0xa, 0x925}]}, 0x2, [{0x61, &(0x7f0000000940)=@string={0x61, 0x3, "a9e12b41326b0a1ab7118b852a8934b9ea8febcbb7db0ac9c507f056064dc5d5902daffa609f109fd47eecadc1506c7231073af510becc43c3391b269654e7b7d3b5955f6859706a7e6e2cb6cc154422330d0191097d6985ba55e7cc59cf54"}}, {0xaf, &(0x7f00000009c0)=@string={0xaf, 0x3, "e8380cafc3b0546752314bb887fc8f5ac266f781a34702e3e0fb3300e616fbf8faefb664454dcacc03dd36d6c56b489b69dd91b457b6c98074254c5a9608d678349848fd61b4699cd3db69ab0f566c0bb2081f550a33c84e7f451327e9269e521bb4721258ae75a510c9a33bff62711384699136a27591d1b7d77f29742d56f9f140a05e49cb2d87bab4464e69a6277cffe231398244ff8c75cf354c59c830942a977d99d01c651d8264a604a6"}}]})
syz_usb_control_io(r1, &(0x7f0000000d00)={0x2c, &(0x7f0000000ac0)={0x0, 0x2, 0xbb, {0xbb, 0x21, "9b60fb73279fc4dde3ab26914165ee276376c026104f54c2b9f6c30e54f2180e78b85b402793f7f4334af780685e3c87b1880b44ea28a5458e99a5954557ceebc38c40fb909f19b3c049a4af5a3af843c57883892ad344d07acf460fe24758ec1d8025036ae4a36ab8ee63b6417f868197573fea7899d65dec71bb3410449f86610835be81c5f3cf30d87ac9a900246a799a969c54034d1bc356a01e2359eb0d4b16806d8d26c43a6b2780c10f8de4939630daf38dd8892558"}}, &(0x7f0000000bc0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x459}}, &(0x7f0000000c00)={0x0, 0xf, 0x6e, {0x5, 0xf, 0x6e, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0x0, 0x1, 0x0, 0x8000}, @generic={0x5f, 0x10, 0xa, "8afde520e868d186cdb9c35ad34fd1b41111379d55bb0cfdb1eaa289f2205a584098d0620315c433303c7323749e9676fc123f67c8e3f4165fa13931cab822d94e30e7b9b67b674ac455a70a09c7966985ea68a73d26189328ff5130"}, @ptm_cap={0x3}]}}, &(0x7f0000000c80)={0x20, 0x29, 0xf, {0xf, 0x29, 0xd8, 0x8, 0x0, 0x5, "e0ffb1af", "0314b887"}}, &(0x7f0000000cc0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x0, 0x3, 0x0, 0xb, 0x6, 0x3, 0x4}}}, &(0x7f0000001240)={0x84, &(0x7f0000000dc0)={0x0, 0xf, 0xa5, "665a80a82688dd8e85e63e38daa256293615f8635e0b1065c1e2fadd9584861bb3072d80e1e115301a1aceecfb35a5ef6be5f2960a1f505645bca8cd3c22928529071d9010989f889c9469b20cc05883efde95bcd34554fd4fb160b05b67e3fc3444c838b853de12290830d098e64b148796201db838b49c38ed467ff6e92ffec155a6b209c9648c9a925e044da191a5d9449b1c6059ac353cef4b6f854bb554fd109e6bf3"}, &(0x7f0000000e80)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000000ec0)={0x0, 0x8, 0x1, 0xe5}, &(0x7f0000000f00)={0x20, 0x0, 0x4, {0x2, 0x3}}, &(0x7f0000000f40)={0x20, 0x0, 0x8, {0x200, 0x10, [0xb8d6d7303e4997c5]}}, &(0x7f0000000f80)={0x40, 0x7, 0x2, 0x3fac}, &(0x7f0000000fc0)={0x40, 0x9, 0x1, 0x9}, &(0x7f0000001000)={0x40, 0xb, 0x2, "3bd1"}, &(0x7f0000001040)={0x40, 0xf, 0x2, 0xc}, &(0x7f0000001080)={0x40, 0x13, 0x6, @local}, &(0x7f00000010c0)={0x40, 0x17, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, &(0x7f0000001100)={0x40, 0x19, 0x2, "957e"}, &(0x7f0000001140)={0x40, 0x1a, 0x2, 0x100}, &(0x7f0000001180)={0x40, 0x1c, 0x1, 0x9}, &(0x7f00000011c0)={0x40, 0x1e, 0x1, 0x8}, &(0x7f0000001200)={0x40, 0x21, 0x1, 0x8}})
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x541b, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r2 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x401)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYBLOB="04010000180001"], 0x104}, 0x1, 0x0, 0x0, 0x24000014}, 0x0)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000100)={0x53, 0xffffffffffffffff, 0x6, 0xfd, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000640)="3ffe7be3907c", 0x0, 0xfffffffb, 0x5dbcc8c695e4f439, 0xffffffff, 0x0})
syz_usb_connect(0x3, 0x34, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b5e67420ac0592027388010203010902220001000000440904770001039a02000905000100000000000705e37e1b"], 0x0)
syz_open_dev$evdev(&(0x7f0000003880), 0x4, 0x2)
syz_usb_connect$uac3(0x0, 0xd3, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x20, 0x582, 0x582, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc1, 0x3, 0x1, 0x40, 0x80, 0x8, {0x8, 0xb, 0x1, 0x1, 0x1, 0x26, 0x30, 0xe}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x3, 0x21, 0x6}, [@source_unit={0xc, 0x24, 0xb, 0x1, 0x1, 0xb2, 0x3, 0x7}, @multiply_unit={0xb, 0x24, 0xd, 0x0, 0x7, 0x8, 0x9}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x0, 0x1000, 0xc, 0x4}, @format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0x6, 0xd, 0x2, 0x8, 0xa}]}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x5, 0x1, 0xd, {0xa, 0x25, 0x25, 0x0, 0x2, 0x8}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0x4, 0x4, 0x40, "8c04e589d130d0f580"}, @as_header={0x17, 0x24, 0x1, 0xb, 0xfff, 0x4, 0x1, 0x5, 0x4, 0x4c88, 0x5}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x15, 0x8, 0x6, {0xa, 0x25, 0x25, 0x6, 0x1, 0x5}}}}}}}}]}}, &(0x7f00000006c0)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x200, 0x4a, 0xa, 0x4, 0x10, 0x3}, 0xc, &(0x7f00000001c0)={0x5, 0xf, 0xc, 0x1, [@ext_cap={0x7, 0x10, 0x2, 0x1c, 0x6, 0x3, 0x8}]}, 0x9, [{0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x43f}}, {0xcf, &(0x7f0000000300)=@string={0xcf, 0x3, "7ee4a440fb470f46aaad15060a7fd94135e95c1f7810974c2565bfccbaa5ddc57af8d7fd06bec45f227d48f4cc9df3e1b8de97fe32c43de449557778860d4c04d17dfd053356a1d0da4d170b48bbf734254a93d6337a1413dcbc6d6f4e09de89cb581e9f7179a52e8ecb84b4224bfdd1f9f45eb5eaec24d5b03a6d2e74d5c81df1aee0c6cb4c61918182ab11c5fd6f8e95d5db57d6ef1292cb285ab95a67bc9810b7bea2c598736cd1a810c78b68606f7df53f7898caa32d2d25ea03d03a8a76e12421d0e51652290965a89279"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0xc0c}}, {0x46, &(0x7f0000000440)=@string={0x46, 0x3, "305b0dbd4dc8d71592f3585ec4fa2202e2dc886b23549c57d0998fa0e7f99bbfab3d8fb8948abe0994173db3f83a7ddda3afe3b52759cd2edf3489fdfc5f2910b59f7d67"}}, {0x2a, &(0x7f00000004c0)=@string={0x2a, 0x3, "320c9875cca0d98e97a7e233088b0642c5b6209e997cab836358c800f546b0e3fe10f264d355d489"}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x100a}}, {0x88, &(0x7f0000000540)=@string={0x88, 0x3, "cef2ba23c05da48e44b1ab5e3c89b4fe846ba424dc95c99c7a550620fba4a272efcccc1147ef23d617fa2e8f361db9fc3824650a5e72f009b39891ef78d4f58fc76737e29e88b01a0d1041f8145facd05c0bdf2213ce09ca1288eec4feb910978dcb0ae7d0481fc087e05e176237010297ef2e2616246213986e2b039315bc34d7c07cd7eb08"}}, {0x62, &(0x7f0000000600)=@string={0x62, 0x3, "aca8571585aec04986e2a864b47f36510661b702ea908ade1e082b5cdca9e8fe5846fa769c1e61af223cc37cfb690ab4afd3fa969be8d3585ddc4acc458fa0ccd5dc18726fd090a9fb4c421c50bee7fb057f474237e19aaa1e7558ccc723ce00"}}, {0x60, &(0x7f0000000240)=@string={0x60, 0x3, "d15c5d9bebed8005464ef1cfe0764db6596b8d9ce878949a786905829869a751d61b03e04964fcc536f4f3cbf92b6fbc389ba6a9708ccb599e2876f0109ea4c9444bb3f2764ef2dd8d2b8595e94dbfa44e7cebd791eb4342e17d0b87ecb3"}}]})
r4 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0)
write(r4, &(0x7f0000000780)="1fd47e00dec8916814913b00d6bd75032cfd7d7c08c02e4036e6c42e0dcad74c200023ea2b70df81738f16722c0327ba6801946c14c0dee4e2058ef5912cc2fb5a9e458e9bde906bbef4da31959722cf76c66a157f422a597fe44057a4182c8e73c0ac19794f711cac92", 0x6a)
r5 = socket$packet(0x11, 0x3, 0x300)
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x4000)
setresuid(r6, r6, 0x0)
sendmmsg(r5, &(0x7f0000008f40)=[{{&(0x7f0000000a40)=@hci={0x1f, 0x0, 0x3}, 0x80, 0x0}}], 0x1, 0x0)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000000)={0x0, 0x0, 0x8, &(0x7f0000000180)={0x3, "0edb2a8b2b20df774eb0afa200021000004000000000000001000400"}})

731.512259ms ago: executing program 2 (id=2130):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}}], 0x1, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f00000024c0), 0xffffffffffffffff)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x29e9c934, 0x5, 0x0, 0x1}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000001600010800000000000000000a"], 0x20}, 0x1, 0x0, 0x0, 0x600c8050}, 0x0)

521.224099ms ago: executing program 2 (id=2131):
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x145})
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000390000/0x1000)=nil)

409.608741ms ago: executing program 2 (id=2132):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='lp', 0x2)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_ERRQUEUE(r3, 0x6b, 0x4, 0x0, 0x0)
syz_usb_ep_write(r1, 0x81, 0x4, &(0x7f0000000000)='BBBB')
syz_usb_ep_write(r1, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB')
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
landlock_create_ruleset(&(0x7f00000003c0)={0x1, 0x2, 0x1}, 0x18, 0x2)
landlock_restrict_self(r4, 0xe)

325.076898ms ago: executing program 2 (id=2133):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x1)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x101840, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
close(0xffffffffffffffff)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r4, 0xc00864bf, &(0x7f0000000180)={0x0, 0x1})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @aes256, 0x10, @desc4})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000200))
ioctl$TUNSETLINK(r3, 0x400454cd, 0xf)
connect$pppl2tp(r1, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private2}}}, 0x32)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0xe, 0x13e, 0x89, 0x2, 0x6})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x2, 0xc0)
write$snapshot(r5, &(0x7f00000001c0)="679b8e698af07d807bd794193e12e0cd20d7a221ca565e6e81542805137bcbebff18e6ad2de651714742cce0ae6c73025bcc8cd02ce4ba34009045de", 0x3c)
ioctl$PPPIOCGL2TPSTATS(r1, 0x80487436, &(0x7f0000000180))
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, &(0x7f00000000c0)={0x6, 0x80000000, 0x101, 0x0, 0x2})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, &(0x7f0000000380)={0x4, 0x3ff, 0x101, 0x0, 0xe})
syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})

305.127163ms ago: executing program 3 (id=2134):
unshare(0x22020400)
r0 = add_key$keyring(&(0x7f0000000300), &(0x7f0000000400)={'syz', 0x3}, 0x0, 0x0, 0x0)
r1 = add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, &(0x7f0000000d80)="0000000000000040ff6943b80000000800003fecf20000000086070000", 0x4000, r0)
r2 = add_key$keyring(&(0x7f0000001140), &(0x7f0000000000)={'syz', 0x2}, 0x0, 0x0, r0)
r3 = add_key$user(&(0x7f0000000fc0), &(0x7f0000000280)={'syz', 0x2}, &(0x7f0000000340)="1e998a45d31ef8d57ca9064591952d1b3e1ca58a47979ed1533212f06733d543a8741ad8ebb69a1fa26c14416c474de0d8509c037c11efbab2368f6b0b911961fa6f0fda716f1fc44908089a5763b060524c8ceaead092", 0x57, 0xfffffffffffffff9)
add_key$user(&(0x7f0000000040), &(0x7f0000001240)={'syz', 0x2}, &(0x7f0000001600)="09103095dcf41bf3f37acf8a288295b061ff5bfd85326efccbd1fb20a9595063e7682bb5e725cc180f025ee622d9484a202106d0e71bdb9bbb4d8f396add43f7b322d892d11993a2a2fc434fe88069f8f1e0a96e541774011200000000000000418657d8d2ca042d07617058a49448327a98c19b40fcb25ae2834d59e42ddb8cf8bdf935a75d4e7023000000000000009b9e3e4601ceaa3455e192b5fcb552c5562a04f252eec7fd856d91aa74fbab39d848cbbbc05ff1a9f2cac884fddcfa218d426ac306abcb1b0269d75d4f0b0c5597c6cc36eced18b953ba2283ea4a307c7e393b1226f3b7bf676094dd947bdcfa90eea92bafa87e3595b09d07a451c08cee8ba041cd8a2738c097bb4a4ab3804cfb2590f9b61648eb68afa77cce0af86002bfb4735657d57c110acd88eeddffb3421cf05b", 0x134, r2)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r5, &(0x7f00000054c0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000055c0)=""/4106, 0x100a}, {&(0x7f00000000c0)=""/51, 0x33}], 0x2, &(0x7f0000000180)=""/28, 0x1c}, 0x7}, {{0x0, 0x0, 0x0}, 0x4e3}, {{&(0x7f00000019c0)=@nfc={0x27, <r6=>0x0}, 0x80, &(0x7f0000003bc0)=[{&(0x7f00000001c0)=""/117, 0x75}, {&(0x7f0000001ac0)=""/161, 0xa1}, {&(0x7f0000001b80)=""/64, 0x40}, {&(0x7f0000006600)=""/4102, 0x1006}, {&(0x7f0000003b80)=""/22, 0x16}], 0x5}, 0xa}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000004240)=""/4096, 0x1000}, 0x8000}], 0x4, 0x0, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r7 = socket$inet(0x2, 0x1, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYRES64=r6, @ANYRESOCT=r0, @ANYRES16=0x0, @ANYRES32=r9, @ANYRES16=r0, @ANYRESOCT=r0], 0x24}, 0x1, 0x0, 0x0, 0xa4824698a2d10e5a}, 0x200480c0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x30}, 0x1, 0x0, 0x0, 0xc001}, 0x50)
setsockopt$inet_mreqn(r7, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="ea9e958eac1414aa0000000003"], 0x1c)
setsockopt$inet_mreqn(r7, 0x0, 0x24, &(0x7f0000000080)={@multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
syz_clone3(&(0x7f0000000680)={0x10000000, 0x0, 0x0, 0x0, {0x35}, &(0x7f0000000300), 0x0, 0x0, 0x0}, 0x58)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r10, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000003c0)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x48011}, 0x20004010)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x49)
ioctl$VHOST_SET_VRING_ERR(r4, 0x4008af22, &(0x7f0000000640)={0x1})
socket$inet_mptcp(0x2, 0x1, 0x106)
r11 = fsmount(0xffffffffffffffff, 0x1, 0xfb)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r11, 0x40405515, &(0x7f00000003c0)={0x3, 0x2, 0xc, 0x7, 'syz0\x00', 0x3ff})
keyctl$unlink(0x9, r3, r2)

1.190611ms ago: executing program 2 (id=2135):
r0 = syz_open_dev$dvb_frontend(0x0, 0x0, 0x0)
ioctl$FE_GET_FRONTEND(r0, 0x80246f4d, 0x0)
r1 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007f, 0x0)
capset(0x0, &(0x7f0000000040)={0x200003, 0x40200003, 0x4, 0x2, 0xf8, 0x40})
ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001)
r3 = dup3(r1, r2, 0x0)
ioctl$MON_IOCG_STATS(r3, 0xc0109207, &(0x7f0000000040))
capget(&(0x7f00000000c0)={0x300312b7, 0xffffffffffffffff}, &(0x7f0000000100)={0x7ad, 0x3, 0x5, 0x7, 0x81, 0x42dc})
ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000240)={&(0x7f0000000140), &(0x7f0000000180)=""/156, 0x9c})

0s ago: executing program 0 (id=2136):
r0 = syz_open_dev$sg(0x0, 0x0, 0x8002)
syz_usb_connect(0x0, 0x57, &(0x7f0000000000)=ANY=[@ANYBLOB="12010102882333404f17cf8af4390102030109024500013f06400409044207000e0100010a240107000105ff010302070724050107638c0924030500030406810c2402"], &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0})
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

0 RSI: 000000000000ae80 RDI: 000000000000000a
[  323.242478][T10113] RBP: 00007fc001f9d090 R08: 0000000000000000 R09: 0000000000000000
[  323.242494][T10113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  323.242509][T10113] R13: 00007fc003fe6128 R14: 00007fc003fe6090 R15: 00007fff3690e4a8
[  323.242546][T10113]  </TASK>
[  323.771443][T10124] FAULT_INJECTION: forcing a failure.
[  323.771443][T10124] name failslab, interval 1, probability 0, space 0, times 0
[  323.771485][T10124] CPU: 0 UID: 0 PID: 10124 Comm: syz.2.1653 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  323.771517][T10124] Tainted: [L]=SOFTLOCKUP
[  323.771526][T10124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  323.771540][T10124] Call Trace:
[  323.771550][T10124]  <TASK>
[  323.771560][T10124]  dump_stack_lvl+0xe8/0x150
[  323.771593][T10124]  should_fail_ex+0x46b/0x600
[  323.771623][T10124]  should_failslab+0xa8/0x100
[  323.771648][T10124]  kmem_cache_alloc_noprof+0x87/0x680
[  323.771670][T10124]  ? skb_clone+0x212/0x3a0
[  323.771691][T10124]  skb_clone+0x212/0x3a0
[  323.771710][T10124]  __netlink_deliver_tap+0x424/0x8b0
[  323.771749][T10124]  ? netlink_deliver_tap+0x2e/0x1b0
[  323.771778][T10124]  netlink_deliver_tap+0x19c/0x1b0
[  323.771811][T10124]  __netlink_sendskb+0x47/0x90
[  323.771839][T10124]  netlink_dump+0xa0f/0xe10
[  323.771878][T10124]  ? __pfx_netlink_dump+0x10/0x10
[  323.771914][T10124]  ? netlink_recvmsg+0x5d6/0xa50
[  323.771929][T10124]  ? kmem_cache_free+0x187/0x6c0
[  323.771951][T10124]  ? netlink_recvmsg+0x5d6/0xa50
[  323.771972][T10124]  netlink_recvmsg+0x690/0xa50
[  323.771997][T10124]  ? __pfx_netlink_recvmsg+0x10/0x10
[  323.772026][T10124]  ? __pfx_aa_sk_perm+0x10/0x10
[  323.772050][T10124]  ? aa_sock_msg_perm+0x122/0x200
[  323.772071][T10124]  ? __pfx_netlink_recvmsg+0x10/0x10
[  323.772090][T10124]  sock_recvmsg_nosec+0x130/0x170
[  323.772117][T10124]  sock_read_iter+0x29f/0x370
[  323.772141][T10124]  ? __pfx_sock_read_iter+0x10/0x10
[  323.772181][T10124]  do_iter_readv_writev+0x62b/0x8d0
[  323.772215][T10124]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  323.772254][T10124]  ? rw_verify_area+0x2ac/0x4e0
[  323.772303][T10124]  vfs_readv+0x292/0x850
[  323.772347][T10124]  ? __pfx_vfs_readv+0x10/0x10
[  323.772380][T10124]  ? __fget_files+0x2a/0x420
[  323.772406][T10124]  ? __fget_files+0x3a6/0x420
[  323.772428][T10124]  ? __fget_files+0x2a/0x420
[  323.772460][T10124]  do_readv+0x15a/0x2e0
[  323.772479][T10124]  ? __pfx_do_readv+0x10/0x10
[  323.772503][T10124]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.772522][T10124]  do_syscall_64+0x174/0x580
[  323.772549][T10124]  ? trace_irq_disable+0x3b/0x140
[  323.772569][T10124]  ? clear_bhb_loop+0x40/0x90
[  323.772591][T10124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.772608][T10124] RIP: 0033:0x7fd46176ce59
[  323.772626][T10124] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  323.772641][T10124] RSP: 002b:00007fd45f9a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  323.772661][T10124] RAX: ffffffffffffffda RBX: 00007fd4619e6090 RCX: 00007fd46176ce59
[  323.772675][T10124] RDX: 0000000000000001 RSI: 0000200000001800 RDI: 0000000000000004
[  323.772687][T10124] RBP: 00007fd45f9a5090 R08: 0000000000000000 R09: 0000000000000000
[  323.772699][T10124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.772710][T10124] R13: 00007fd4619e6128 R14: 00007fd4619e6090 R15: 00007ffde33f93e8
[  323.772740][T10124]  </TASK>
[  324.323951][  T822] usb 1-1: USB disconnect, device number 70
[  324.499557][T10139] FAULT_INJECTION: forcing a failure.
[  324.499557][T10139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.499598][T10139] CPU: 1 UID: 0 PID: 10139 Comm: syz.1.1658 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  324.499629][T10139] Tainted: [L]=SOFTLOCKUP
[  324.499638][T10139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  324.499652][T10139] Call Trace:
[  324.499661][T10139]  <TASK>
[  324.499672][T10139]  dump_stack_lvl+0xe8/0x150
[  324.499706][T10139]  should_fail_ex+0x46b/0x600
[  324.499746][T10139]  _copy_from_user+0x2d/0xb0
[  324.499776][T10139]  kstrtouint_from_user+0xd6/0x180
[  324.499815][T10139]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  324.499870][T10139]  proc_fail_nth_write+0x8e/0x210
[  324.499901][T10139]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  324.499935][T10139]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  324.499966][T10139]  vfs_write+0x2a3/0xba0
[  324.500009][T10139]  ? __pfx_vfs_write+0x10/0x10
[  324.500044][T10139]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  324.500080][T10139]  ? lockdep_hardirqs_on+0x7a/0x110
[  324.500114][T10139]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  324.500158][T10139]  ? mutex_lock_nested+0x152/0x1d0
[  324.500184][T10139]  ? fdget_pos+0x252/0x320
[  324.500223][T10139]  ksys_write+0x156/0x270
[  324.500259][T10139]  ? __pfx_ksys_write+0x10/0x10
[  324.500301][T10139]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.500327][T10139]  do_syscall_64+0x174/0x580
[  324.500366][T10139]  ? trace_irq_disable+0x3b/0x140
[  324.500394][T10139]  ? clear_bhb_loop+0x40/0x90
[  324.500423][T10139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.500447][T10139] RIP: 0033:0x7fc003d2d68e
[  324.500468][T10139] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  324.500488][T10139] RSP: 002b:00007fc001f7bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  324.500513][T10139] RAX: ffffffffffffffda RBX: 00007fc001f7c6c0 RCX: 00007fc003d2d68e
[  324.500532][T10139] RDX: 0000000000000001 RSI: 00007fc001f7c0a0 RDI: 0000000000000007
[  324.500547][T10139] RBP: 00007fc001f7c090 R08: 0000000000000000 R09: 0000000000000000
[  324.500562][T10139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.500576][T10139] R13: 00007fc003fe6218 R14: 00007fc003fe6180 R15: 00007fff3690e4a8
[  324.500613][T10139]  </TASK>
[  324.810540][T10145] FAULT_INJECTION: forcing a failure.
[  324.810540][T10145] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.810575][T10145] CPU: 1 UID: 0 PID: 10145 Comm: syz.2.1661 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  324.810601][T10145] Tainted: [L]=SOFTLOCKUP
[  324.810608][T10145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  324.810619][T10145] Call Trace:
[  324.810627][T10145]  <TASK>
[  324.810635][T10145]  dump_stack_lvl+0xe8/0x150
[  324.810662][T10145]  should_fail_ex+0x46b/0x600
[  324.810693][T10145]  strncpy_from_user+0x36/0x2b0
[  324.810721][T10145]  do_getname+0x77/0x250
[  324.810743][T10145]  do_sys_openat2+0xcc/0x200
[  324.810766][T10145]  ? __pfx_do_sys_openat2+0x10/0x10
[  324.810788][T10145]  ? ksys_write+0x248/0x270
[  324.810814][T10145]  ? __pfx_ksys_write+0x10/0x10
[  324.810841][T10145]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.810862][T10145]  __x64_sys_open+0x11e/0x150
[  324.810887][T10145]  do_syscall_64+0x174/0x580
[  324.810915][T10145]  ? trace_irq_disable+0x3b/0x140
[  324.810939][T10145]  ? clear_bhb_loop+0x40/0x90
[  324.810962][T10145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.810981][T10145] RIP: 0033:0x7fd46176ce59
[  324.810998][T10145] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  324.811015][T10145] RSP: 002b:00007fd45f9c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  324.811036][T10145] RAX: ffffffffffffffda RBX: 00007fd4619e5fa0 RCX: 00007fd46176ce59
[  324.811050][T10145] RDX: 0000000000000000 RSI: 0000000000080242 RDI: 0000200000000040
[  324.811064][T10145] RBP: 00007fd45f9c6090 R08: 0000000000000000 R09: 0000000000000000
[  324.811076][T10145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.811087][T10145] R13: 00007fd4619e6038 R14: 00007fd4619e5fa0 R15: 00007ffde33f93e8
[  324.811116][T10145]  </TASK>
[  325.125716][T10062] can0 (unregistered): slcan off ttynull.
[  325.182681][T10151] FAULT_INJECTION: forcing a failure.
[  325.182681][T10151] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  325.182720][T10151] CPU: 1 UID: 0 PID: 10151 Comm: syz.2.1665 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  325.182753][T10151] Tainted: [L]=SOFTLOCKUP
[  325.182763][T10151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  325.182778][T10151] Call Trace:
[  325.182787][T10151]  <TASK>
[  325.182797][T10151]  dump_stack_lvl+0xe8/0x150
[  325.182830][T10151]  should_fail_ex+0x46b/0x600
[  325.182877][T10151]  _copy_from_iter+0x1d3/0x1670
[  325.182902][T10151]  ? rcu_is_watching+0x15/0xb0
[  325.182934][T10151]  ? trace_kmem_cache_alloc+0x29/0xe0
[  325.182964][T10151]  ? kmem_cache_alloc_noprof+0x388/0x680
[  325.182992][T10151]  ? __pfx__copy_from_iter+0x10/0x10
[  325.183018][T10151]  ? __build_skb+0x2a2/0x440
[  325.183058][T10151]  ? netlink_sendmsg+0x650/0xb40
[  325.183080][T10151]  ? skb_put+0x11b/0x210
[  325.183116][T10151]  netlink_sendmsg+0x6c0/0xb40
[  325.183149][T10151]  ? __pfx_netlink_sendmsg+0x10/0x10
[  325.183174][T10151]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  325.183208][T10151]  ? __pfx_aa_file_perm+0x10/0x10
[  325.183236][T10151]  ? aa_sock_msg_perm+0x122/0x200
[  325.183263][T10151]  ? __pfx_netlink_sendmsg+0x10/0x10
[  325.183286][T10151]  sock_sendmsg_nosec+0x13a/0x180
[  325.183317][T10151]  sock_write_iter+0x308/0x410
[  325.183346][T10151]  ? __pfx_sock_write_iter+0x10/0x10
[  325.183395][T10151]  vfs_write+0x629/0xba0
[  325.183437][T10151]  ? __pfx_vfs_write+0x10/0x10
[  325.183480][T10151]  ? __fget_files+0x2a/0x420
[  325.183518][T10151]  ksys_write+0x156/0x270
[  325.183554][T10151]  ? __pfx_ksys_write+0x10/0x10
[  325.183596][T10151]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.183622][T10151]  do_syscall_64+0x174/0x580
[  325.183655][T10151]  ? trace_irq_disable+0x3b/0x140
[  325.183681][T10151]  ? clear_bhb_loop+0x40/0x90
[  325.183710][T10151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.183734][T10151] RIP: 0033:0x7fd46176ce59
[  325.183755][T10151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  325.183776][T10151] RSP: 002b:00007fd45f9c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  325.183801][T10151] RAX: ffffffffffffffda RBX: 00007fd4619e5fa0 RCX: 00007fd46176ce59
[  325.183819][T10151] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 0000000000000003
[  325.183834][T10151] RBP: 00007fd45f9c6090 R08: 0000000000000000 R09: 0000000000000000
[  325.183850][T10151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  325.183865][T10151] R13: 00007fd4619e6038 R14: 00007fd4619e5fa0 R15: 00007ffde33f93e8
[  325.183907][T10151]  </TASK>
[  326.627838][T10205] FAULT_INJECTION: forcing a failure.
[  326.627838][T10205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.627880][T10205] CPU: 0 UID: 0 PID: 10205 Comm: syz.2.1684 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  326.627912][T10205] Tainted: [L]=SOFTLOCKUP
[  326.627921][T10205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  326.627935][T10205] Call Trace:
[  326.627944][T10205]  <TASK>
[  326.627954][T10205]  dump_stack_lvl+0xe8/0x150
[  326.627988][T10205]  should_fail_ex+0x46b/0x600
[  326.628029][T10205]  _copy_from_user+0x2d/0xb0
[  326.628058][T10205]  kvm_vm_ioctl+0x640/0xd50
[  326.628090][T10205]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  326.628136][T10205]  ? kasan_quarantine_put+0xbb/0x1f0
[  326.628171][T10205]  ? tomoyo_path_number_perm+0x219/0x630
[  326.628210][T10205]  ? tomoyo_path_number_perm+0x219/0x630
[  326.628252][T10205]  ? do_vfs_ioctl+0x117b/0x1540
[  326.628291][T10205]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  326.628362][T10205]  ? __fget_files+0x2a/0x420
[  326.628393][T10205]  ? __fget_files+0x2a/0x420
[  326.628419][T10205]  ? __fget_files+0x3a6/0x420
[  326.628446][T10205]  ? __fget_files+0x2a/0x420
[  326.628477][T10205]  ? bpf_lsm_file_ioctl+0x9/0x20
[  326.628511][T10205]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  326.628540][T10205]  __se_sys_ioctl+0xff/0x170
[  326.628578][T10205]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.628604][T10205]  do_syscall_64+0x174/0x580
[  326.628639][T10205]  ? trace_irq_disable+0x3b/0x140
[  326.628665][T10205]  ? clear_bhb_loop+0x40/0x90
[  326.628694][T10205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.628718][T10205] RIP: 0033:0x7fd46176ce59
[  326.628747][T10205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  326.628768][T10205] RSP: 002b:00007fd45f9c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  326.628792][T10205] RAX: ffffffffffffffda RBX: 00007fd4619e5fa0 RCX: 00007fd46176ce59
[  326.628809][T10205] RDX: 0000200000000000 RSI: 000000004068aea3 RDI: 0000000000000004
[  326.628825][T10205] RBP: 00007fd45f9c6090 R08: 0000000000000000 R09: 0000000000000000
[  326.628840][T10205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.628854][T10205] R13: 00007fd4619e6038 R14: 00007fd4619e5fa0 R15: 00007ffde33f93e8
[  326.628890][T10205]  </TASK>
[  326.896216][T10206] FAULT_INJECTION: forcing a failure.
[  326.896216][T10206] name failslab, interval 1, probability 0, space 0, times 0
[  326.896257][T10206] CPU: 0 UID: 0 PID: 10206 Comm: syz.0.1682 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  326.896289][T10206] Tainted: [L]=SOFTLOCKUP
[  326.896299][T10206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  326.896314][T10206] Call Trace:
[  326.896324][T10206]  <TASK>
[  326.896337][T10206]  dump_stack_lvl+0xe8/0x150
[  326.896371][T10206]  should_fail_ex+0x46b/0x600
[  326.896411][T10206]  should_failslab+0xa8/0x100
[  326.896443][T10206]  __kmalloc_noprof+0xdf/0x7b0
[  326.896471][T10206]  ? mutex_rt_init_lockdep+0x66/0x80
[  326.896508][T10206]  ? security_task_alloc+0x4d/0x330
[  326.896551][T10206]  security_task_alloc+0x4d/0x330
[  326.896589][T10206]  copy_process+0x1c4c/0x43d0
[  326.896633][T10206]  ? copy_process+0xd4e/0x43d0
[  326.896691][T10206]  ? __pfx_copy_process+0x10/0x10
[  326.896741][T10206]  vhost_task_create+0x1f9/0x380
[  326.896769][T10206]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  326.896803][T10206]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  326.896840][T10206]  ? __pfx_vhost_task_create+0x10/0x10
[  326.896877][T10206]  ? __pfx_vhost_task_fn+0x10/0x10
[  326.896909][T10206]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  326.897022][T10206]  ? lockdep_hardirqs_on+0x7a/0x110
[  326.897065][T10206]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  326.897100][T10206]  ? mutex_lock_nested+0x152/0x1d0
[  326.897127][T10206]  ? kvm_mmu_post_init_vm+0x8f/0x2d0
[  326.897168][T10206]  kvm_mmu_post_init_vm+0x147/0x2d0
[  326.897208][T10206]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  326.897253][T10206]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  326.897283][T10206]  ? do_raw_spin_lock+0x12b/0x2f0
[  326.897321][T10206]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  326.897356][T10206]  ? lockdep_hardirqs_on+0x7a/0x110
[  326.897389][T10206]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  326.897422][T10206]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  326.897456][T10206]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  326.897487][T10206]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  326.897522][T10206]  ? lockdep_hardirqs_on+0x7a/0x110
[  326.897557][T10206]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  326.897592][T10206]  ? rt_write_unlock+0x190/0x230
[  326.897625][T10206]  kvm_vcpu_ioctl+0xa65/0xfe0
[  326.897678][T10206]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  326.897739][T10206]  ? __fget_files+0x2a/0x420
[  326.897777][T10206]  ? __fget_files+0x2a/0x420
[  326.897801][T10206]  ? __fget_files+0x3a6/0x420
[  326.897827][T10206]  ? __fget_files+0x2a/0x420
[  326.897857][T10206]  ? bpf_lsm_file_ioctl+0x9/0x20
[  326.897891][T10206]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  326.897925][T10206]  __se_sys_ioctl+0xff/0x170
[  326.897960][T10206]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.897995][T10206]  do_syscall_64+0x174/0x580
[  326.898030][T10206]  ? trace_irq_disable+0x3b/0x140
[  326.898057][T10206]  ? clear_bhb_loop+0x40/0x90
[  326.898087][T10206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.898111][T10206] RIP: 0033:0x7f1d67c1ce59
[  326.898134][T10206] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  326.898154][T10206] RSP: 002b:00007f1d65e4d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  326.898179][T10206] RAX: ffffffffffffffda RBX: 00007f1d67e96090 RCX: 00007f1d67c1ce59
[  326.898198][T10206] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009
[  326.898212][T10206] RBP: 00007f1d65e4d090 R08: 0000000000000000 R09: 0000000000000000
[  326.898226][T10206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  326.898241][T10206] R13: 00007f1d67e96128 R14: 00007f1d67e96090 R15: 00007fff3b447ce8
[  326.898278][T10206]  </TASK>
[  327.777616][T10230] FAULT_INJECTION: forcing a failure.
[  327.777616][T10230] name failslab, interval 1, probability 0, space 0, times 0
[  327.777667][T10230] CPU: 1 UID: 0 PID: 10230 Comm: syz.2.1689 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  327.777699][T10230] Tainted: [L]=SOFTLOCKUP
[  327.777708][T10230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  327.777722][T10230] Call Trace:
[  327.777732][T10230]  <TASK>
[  327.777743][T10230]  dump_stack_lvl+0xe8/0x150
[  327.777776][T10230]  should_fail_ex+0x46b/0x600
[  327.777817][T10230]  should_failslab+0xa8/0x100
[  327.777850][T10230]  kmem_cache_alloc_noprof+0x87/0x680
[  327.777878][T10230]  ? __kvm_mmu_topup_memory_cache+0x1b4/0x610
[  327.777916][T10230]  __kvm_mmu_topup_memory_cache+0x1b4/0x610
[  327.777959][T10230]  mmu_topup_memory_caches+0x21/0x170
[  327.777993][T10230]  kvm_mmu_load+0x9d/0x2320
[  327.778023][T10230]  ? kvm_msr_allowed+0x9a/0x490
[  327.778058][T10230]  ? kvm_msr_allowed+0x9a/0x490
[  327.778091][T10230]  ? kvm_msr_allowed+0x3f4/0x490
[  327.778124][T10230]  ? kvm_msr_allowed+0x9a/0x490
[  327.778161][T10230]  ? kvm_apic_has_interrupt+0x73c/0x770
[  327.778199][T10230]  ? vmx_recalc_intercepts+0xec4/0x1b10
[  327.778246][T10230]  vcpu_run+0x5c68/0x7830
[  327.778268][T10230]  ? __lock_acquire+0x6b5/0x2d10
[  327.778374][T10230]  ? __pfx_vcpu_run+0x10/0x10
[  327.778397][T10230]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  327.778423][T10230]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  327.778463][T10230]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  327.778515][T10230]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  327.778540][T10230]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  327.778571][T10230]  ? do_raw_spin_lock+0x12b/0x2f0
[  327.778607][T10230]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  327.778650][T10230]  ? lockdep_hardirqs_on+0x7a/0x110
[  327.778685][T10230]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  327.778719][T10230]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  327.778756][T10230]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  327.778786][T10230]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  327.778821][T10230]  ? lockdep_hardirqs_on+0x7a/0x110
[  327.778857][T10230]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  327.778893][T10230]  ? rt_write_unlock+0x190/0x230
[  327.778923][T10230]  kvm_vcpu_ioctl+0xa65/0xfe0
[  327.778965][T10230]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  327.779022][T10230]  ? __fget_files+0x2a/0x420
[  327.779054][T10230]  ? __fget_files+0x2a/0x420
[  327.779081][T10230]  ? __fget_files+0x3a6/0x420
[  327.779108][T10230]  ? __fget_files+0x2a/0x420
[  327.779139][T10230]  ? bpf_lsm_file_ioctl+0x9/0x20
[  327.779173][T10230]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  327.779208][T10230]  __se_sys_ioctl+0xff/0x170
[  327.779242][T10230]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.779267][T10230]  do_syscall_64+0x174/0x580
[  327.779301][T10230]  ? trace_irq_disable+0x3b/0x140
[  327.779327][T10230]  ? clear_bhb_loop+0x40/0x90
[  327.779356][T10230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.779380][T10230] RIP: 0033:0x7fd46176ce59
[  327.779402][T10230] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  327.779422][T10230] RSP: 002b:00007fd45f9a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  327.779446][T10230] RAX: ffffffffffffffda RBX: 00007fd4619e6090 RCX: 00007fd46176ce59
[  327.779464][T10230] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000a
[  327.779479][T10230] RBP: 00007fd45f9a5090 R08: 0000000000000000 R09: 0000000000000000
[  327.779494][T10230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  327.779509][T10230] R13: 00007fd4619e6128 R14: 00007fd4619e6090 R15: 00007ffde33f93e8
[  327.779546][T10230]  </TASK>
[  328.014419][   T10] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[  328.336641][   T10] usb 1-1: Using ep0 maxpacket: 16
[  328.341550][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  328.341608][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  328.341753][   T10] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  328.341781][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.391015][   T10] usb 1-1: config 0 descriptor??
[  328.726051][T10238] FAULT_INJECTION: forcing a failure.
[  328.726051][T10238] name failslab, interval 1, probability 0, space 0, times 0
[  328.726096][T10238] CPU: 1 UID: 0 PID: 10238 Comm: syz.3.1695 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  328.726129][T10238] Tainted: [L]=SOFTLOCKUP
[  328.726139][T10238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  328.726154][T10238] Call Trace:
[  328.726165][T10238]  <TASK>
[  328.726176][T10238]  dump_stack_lvl+0xe8/0x150
[  328.726211][T10238]  should_fail_ex+0x46b/0x600
[  328.726259][T10238]  should_failslab+0xa8/0x100
[  328.726292][T10238]  kmem_cache_alloc_noprof+0x87/0x680
[  328.726322][T10238]  ? vm_area_dup+0x2b/0x670
[  328.726362][T10238]  vm_area_dup+0x2b/0x670
[  328.726399][T10238]  __split_vma+0x1e4/0xa40
[  328.726424][T10238]  ? rtlock_slowlock_locked+0xfb/0x3c80
[  328.726465][T10238]  ? __pfx___split_vma+0x10/0x10
[  328.726510][T10238]  vms_gather_munmap_vmas+0x32d/0x1380
[  328.726575][T10238]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  328.726612][T10238]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  328.726648][T10238]  ? lockdep_hardirqs_on+0x7a/0x110
[  328.726685][T10238]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  328.726722][T10238]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  328.726749][T10238]  ? reacquire_held_locks+0x104/0x190
[  328.726783][T10238]  ? rt_spin_lock+0x1e0/0x400
[  328.726819][T10238]  do_vmi_align_munmap+0x2c7/0x4d0
[  328.726874][T10238]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  328.726922][T10238]  ? mtree_range_walk+0x6fc/0x8b0
[  328.726975][T10238]  do_vmi_munmap+0x252/0x2d0
[  328.727019][T10238]  move_vma+0x11a7/0x1900
[  328.727076][T10238]  ? arch_get_unmapped_area_topdown+0x264/0xb70
[  328.727110][T10238]  ? __pfx_move_vma+0x10/0x10
[  328.727155][T10238]  ? mtree_load+0x12a/0x780
[  328.727202][T10238]  ? cap_mmap_addr+0xaf/0x100
[  328.727238][T10238]  ? bpf_lsm_mmap_addr+0x9/0x50
[  328.727282][T10238]  mremap_to+0x7b7/0x880
[  328.727330][T10238]  ? __pfx_mremap_to+0x10/0x10
[  328.727374][T10238]  ? check_prep_vma+0x7a5/0xbd0
[  328.727423][T10238]  __se_sys_mremap+0xe7a/0x11e0
[  328.727489][T10238]  ? __pfx___se_sys_mremap+0x10/0x10
[  328.727531][T10238]  ? fput+0xa0/0xd0
[  328.727568][T10238]  ? ksys_write+0x248/0x270
[  328.727605][T10238]  ? __pfx_ksys_write+0x10/0x10
[  328.727645][T10238]  ? __x64_sys_mremap+0x20/0xc0
[  328.727680][T10238]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.727707][T10238]  do_syscall_64+0x174/0x580
[  328.727752][T10238]  ? trace_irq_disable+0x3b/0x140
[  328.727780][T10238]  ? clear_bhb_loop+0x40/0x90
[  328.727810][T10238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.727835][T10238] RIP: 0033:0x7fabe54bce59
[  328.727857][T10238] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  328.727878][T10238] RSP: 002b:00007fabe3716028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  328.727903][T10238] RAX: ffffffffffffffda RBX: 00007fabe5735fa0 RCX: 00007fabe54bce59
[  328.727921][T10238] RDX: 0000000000001000 RSI: 0000000000002000 RDI: 0000200000e87000
[  328.727938][T10238] RBP: 00007fabe3716090 R08: 0000200000e9f000 R09: 0000000000000000
[  328.727955][T10238] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[  328.727970][T10238] R13: 00007fabe5736038 R14: 00007fabe5735fa0 R15: 00007fff98438938
[  328.728007][T10238]  </TASK>
[  329.851764][   T10] usbhid 1-1:0.0: can't add hid device: -71
[  329.851894][   T10] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  329.885745][   T10] usb 1-1: USB disconnect, device number 71
[  329.966855][T10264] FAULT_INJECTION: forcing a failure.
[  329.966855][T10264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  329.966895][T10264] CPU: 1 UID: 0 PID: 10264 Comm: syz.2.1704 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  329.966928][T10264] Tainted: [L]=SOFTLOCKUP
[  329.966937][T10264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  329.966953][T10264] Call Trace:
[  329.966962][T10264]  <TASK>
[  329.966973][T10264]  dump_stack_lvl+0xe8/0x150
[  329.967006][T10264]  should_fail_ex+0x46b/0x600
[  329.967047][T10264]  _copy_to_user+0x31/0xb0
[  329.967078][T10264]  simple_read_from_buffer+0xe1/0x170
[  329.967111][T10264]  proc_fail_nth_read+0x1be/0x230
[  329.967142][T10264]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  329.967172][T10264]  ? rw_verify_area+0x2ac/0x4e0
[  329.967203][T10264]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  329.967232][T10264]  vfs_read+0x212/0xa80
[  329.967271][T10264]  ? __pfx_vfs_read+0x10/0x10
[  329.967309][T10264]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  329.967345][T10264]  ? lockdep_hardirqs_on+0x7a/0x110
[  329.967379][T10264]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  329.967414][T10264]  ? mutex_lock_nested+0x152/0x1d0
[  329.967440][T10264]  ? fdget_pos+0x252/0x320
[  329.967489][T10264]  ksys_read+0x156/0x270
[  329.967519][T10264]  ? __pfx_gsmld_ioctl+0x10/0x10
[  329.967551][T10264]  ? __pfx_ksys_read+0x10/0x10
[  329.967582][T10264]  ? __pfx_tty_ioctl+0x10/0x10
[  329.967618][T10264]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.967643][T10264]  do_syscall_64+0x174/0x580
[  329.967675][T10264]  ? trace_irq_disable+0x3b/0x140
[  329.967699][T10264]  ? clear_bhb_loop+0x40/0x90
[  329.967724][T10264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.967744][T10264] RIP: 0033:0x7fd46172d68e
[  329.967764][T10264] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  329.967782][T10264] RSP: 002b:00007fd45f9c5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  329.967806][T10264] RAX: ffffffffffffffda RBX: 00007fd45f9c66c0 RCX: 00007fd46172d68e
[  329.968237][T10264] RDX: 000000000000000f RSI: 00007fd45f9c60a0 RDI: 0000000000000004
[  329.968249][T10264] RBP: 00007fd45f9c6090 R08: 0000000000000000 R09: 0000000000000000
[  329.968260][T10264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  329.968272][T10264] R13: 00007fd4619e6038 R14: 00007fd4619e5fa0 R15: 00007ffde33f93e8
[  329.968299][T10264]  </TASK>
[  330.543552][ T5620] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  330.593273][ T5620] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  330.643272][ T5620] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  330.661883][ T5620] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  330.664173][ T5620] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  330.708751][  T103] block nbd2: Possible stuck request ffff888027e15080: control (read@0,1024B). Runtime 120 seconds
[  330.708795][  T103] block nbd2: Possible stuck request ffff888027e15240: control (read@1024,1024B). Runtime 120 seconds
[  330.708822][  T103] block nbd2: Possible stuck request ffff888027e15400: control (read@2048,1024B). Runtime 120 seconds
[  330.708849][  T103] block nbd2: Possible stuck request ffff888027e155c0: control (read@3072,1024B). Runtime 120 seconds
[  331.110462][T10281] can0: slcan on ttynull.
[  331.377995][ T1009] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[  331.526470][ T1009] usb 1-1: Using ep0 maxpacket: 8
[  331.542084][ T1009] usb 1-1: unable to get BOS descriptor or descriptor too short
[  331.544112][ T1009] usb 1-1: config 2 has an invalid interface number: 99 but max is 0
[  331.544139][ T1009] usb 1-1: config 2 has no interface number 0
[  331.544186][ T1009] usb 1-1: config 2 interface 99 altsetting 7 has an endpoint descriptor with address 0xFE, changing to 0x8E
[  331.544218][ T1009] usb 1-1: config 2 interface 99 altsetting 7 endpoint 0x2 has invalid wMaxPacketSize 0
[  331.544244][ T1009] usb 1-1: config 2 interface 99 has no altsetting 0
[  331.591836][ T1009] usb 1-1: New USB device found, idVendor=0000, idProduct=a300, bcdDevice= a.f3
[  331.591873][ T1009] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.591897][ T1009] usb 1-1: Product: syz
[  331.591914][ T1009] usb 1-1: Manufacturer: syz
[  331.591931][ T1009] usb 1-1: SerialNumber: syz
[  331.903628][   T38] audit: type=1326 audit(1780747027.121:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10279 comm="syz.0.1711" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d67c1ce59 code=0x0
[  332.459319][T10318] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.463094][T10318] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.486617][T10318] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.500127][T10318] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.656735][   T10] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  332.806544][   T10] usb 3-1: Using ep0 maxpacket: 32
[  332.817692][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  332.839314][   T10] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  332.844707][   T60] Bluetooth: hci4: command tx timeout
[  332.845703][   T10] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  332.845734][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.845820][   T10] usb 3-1: Product: syz
[  332.845838][   T10] usb 3-1: Manufacturer: syz
[  332.845857][   T10] usb 3-1: SerialNumber: syz
[  333.274692][T10328] FAULT_INJECTION: forcing a failure.
[  333.274692][T10328] name failslab, interval 1, probability 0, space 0, times 0
[  333.274734][T10328] CPU: 1 UID: 0 PID: 10328 Comm: syz.1.1723 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  333.274765][T10328] Tainted: [L]=SOFTLOCKUP
[  333.274775][T10328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  333.274789][T10328] Call Trace:
[  333.274799][T10328]  <TASK>
[  333.274810][T10328]  dump_stack_lvl+0xe8/0x150
[  333.274845][T10328]  should_fail_ex+0x46b/0x600
[  333.274887][T10328]  should_failslab+0xa8/0x100
[  333.274919][T10328]  kmem_cache_alloc_noprof+0x87/0x680
[  333.274948][T10328]  ? alloc_pid+0x1ae/0x1310
[  333.274978][T10328]  alloc_pid+0x1ae/0x1310
[  333.275013][T10328]  ? __lock_acquire+0x6b5/0x2d10
[  333.275044][T10328]  ? __pfx_alloc_pid+0x10/0x10
[  333.275080][T10328]  ? lockdep_hardirqs_on+0x7a/0x110
[  333.275116][T10328]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  333.275153][T10328]  ? fpu_clone+0x33c/0xb60
[  333.275203][T10328]  ? __asan_memcpy+0x40/0x70
[  333.275228][T10328]  ? copy_thread+0x74f/0x9a0
[  333.275272][T10328]  copy_process+0x20dc/0x43d0
[  333.275318][T10328]  ? copy_process+0xd4e/0x43d0
[  333.275370][T10328]  ? __pfx_copy_process+0x10/0x10
[  333.275419][T10328]  vhost_task_create+0x1f9/0x380
[  333.275448][T10328]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  333.275483][T10328]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  333.275521][T10328]  ? __pfx_vhost_task_create+0x10/0x10
[  333.275558][T10328]  ? __pfx_vhost_task_fn+0x10/0x10
[  333.275590][T10328]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  333.275627][T10328]  ? lockdep_hardirqs_on+0x7a/0x110
[  333.275663][T10328]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  333.275697][T10328]  ? mutex_lock_nested+0x152/0x1d0
[  333.275723][T10328]  ? kvm_mmu_post_init_vm+0x8f/0x2d0
[  333.275762][T10328]  kvm_mmu_post_init_vm+0x147/0x2d0
[  333.275803][T10328]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  333.275847][T10328]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  333.275878][T10328]  ? do_raw_spin_lock+0x12b/0x2f0
[  333.275915][T10328]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  333.275950][T10328]  ? lockdep_hardirqs_on+0x7a/0x110
[  333.275986][T10328]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  333.276021][T10328]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  333.276056][T10328]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  333.276086][T10328]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  333.276123][T10328]  ? lockdep_hardirqs_on+0x7a/0x110
[  333.276155][T10328]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  333.276191][T10328]  ? rt_write_unlock+0x190/0x230
[  333.276223][T10328]  kvm_vcpu_ioctl+0xa65/0xfe0
[  333.276276][T10328]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  333.276334][T10328]  ? __fget_files+0x2a/0x420
[  333.276365][T10328]  ? __fget_files+0x2a/0x420
[  333.276392][T10328]  ? __fget_files+0x3a6/0x420
[  333.276420][T10328]  ? __fget_files+0x2a/0x420
[  333.276453][T10328]  ? bpf_lsm_file_ioctl+0x9/0x20
[  333.276497][T10328]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  333.276532][T10328]  __se_sys_ioctl+0xff/0x170
[  333.276566][T10328]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.276594][T10328]  do_syscall_64+0x174/0x580
[  333.276629][T10328]  ? trace_irq_disable+0x3b/0x140
[  333.276656][T10328]  ? clear_bhb_loop+0x40/0x90
[  333.276685][T10328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.276709][T10328] RIP: 0033:0x7fc003d6ce59
[  333.276731][T10328] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  333.276752][T10328] RSP: 002b:00007fc001f9d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  333.276778][T10328] RAX: ffffffffffffffda RBX: 00007fc003fe6090 RCX: 00007fc003d6ce59
[  333.276796][T10328] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009
[  333.276811][T10328] RBP: 00007fc001f9d090 R08: 0000000000000000 R09: 0000000000000000
[  333.276827][T10328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  333.276842][T10328] R13: 00007fc003fe6128 R14: 00007fc003fe6090 R15: 00007fff3690e4a8
[  333.276880][T10328]  </TASK>
[  333.510040][T10271] lo speed is unknown, defaulting to 1000
[  333.799748][   T10] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  334.076455][ T1009] usb 1-1: USB disconnect, device number 72
[  334.878414][   T69] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.908580][   T60] Bluetooth: hci4: command tx timeout
[  334.996054][   T10] usb 3-1: USB disconnect, device number 42
[  335.448921][T10337] netlink: 'syz.1.1726': attribute type 12 has an invalid length.
[  335.448951][T10337] FAULT_INJECTION: forcing a failure.
[  335.448951][T10337] name failslab, interval 1, probability 0, space 0, times 0
[  335.448984][T10337] CPU: 0 UID: 0 PID: 10337 Comm: syz.1.1726 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  335.449015][T10337] Tainted: [L]=SOFTLOCKUP
[  335.449023][T10337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  335.449050][T10337] Call Trace:
[  335.449058][T10337]  <TASK>
[  335.449068][T10337]  dump_stack_lvl+0xe8/0x150
[  335.449099][T10337]  should_fail_ex+0x46b/0x600
[  335.449138][T10337]  should_failslab+0xa8/0x100
[  335.449169][T10337]  __kmalloc_noprof+0xdf/0x7b0
[  335.449195][T10337]  ? ___neigh_create+0x724/0x2360
[  335.449237][T10337]  ___neigh_create+0x724/0x2360
[  335.449274][T10337]  ? neigh_lookup+0xb6/0x610
[  335.449299][T10337]  ? __pfx_ndisc_key_eq+0x10/0x10
[  335.449324][T10337]  ? __pfx_neigh_lookup+0x10/0x10
[  335.449362][T10337]  neigh_add+0xc51/0xf70
[  335.449397][T10337]  ? rt_mutex_slowlock+0x1fd/0x780
[  335.449432][T10337]  ? __pfx_neigh_add+0x10/0x10
[  335.449495][T10337]  ? __pfx_neigh_add+0x10/0x10
[  335.449530][T10337]  rtnetlink_rcv_msg+0x77e/0xbe0
[  335.449566][T10337]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  335.449596][T10337]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  335.449625][T10337]  ? ref_tracker_free+0x673/0x820
[  335.449657][T10337]  ? __netlink_deliver_tap+0x636/0x8b0
[  335.449692][T10337]  ? netlink_deliver_tap+0x19c/0x1b0
[  335.449723][T10337]  ? netlink_unicast+0x754/0x920
[  335.449752][T10337]  ? netlink_sendmsg+0x813/0xb40
[  335.449773][T10337]  ? sock_sendmsg_nosec+0x13a/0x180
[  335.449816][T10337]  ? sock_write_iter+0x308/0x410
[  335.449839][T10337]  ? vfs_write+0x629/0xba0
[  335.449869][T10337]  ? ksys_write+0x156/0x270
[  335.449899][T10337]  ? do_syscall_64+0x174/0x580
[  335.449932][T10337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.449966][T10337]  netlink_rcv_skb+0x232/0x4b0
[  335.450004][T10337]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  335.450049][T10337]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  335.450100][T10337]  ? netlink_deliver_tap+0x2e/0x1b0
[  335.450136][T10337]  ? netlink_deliver_tap+0x2e/0x1b0
[  335.450179][T10337]  netlink_unicast+0x780/0x920
[  335.450224][T10337]  netlink_sendmsg+0x813/0xb40
[  335.450257][T10337]  ? __pfx_netlink_sendmsg+0x10/0x10
[  335.450283][T10337]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  335.450314][T10337]  ? __pfx_aa_file_perm+0x10/0x10
[  335.450341][T10337]  ? aa_sock_msg_perm+0x122/0x200
[  335.450367][T10337]  ? __pfx_netlink_sendmsg+0x10/0x10
[  335.450389][T10337]  sock_sendmsg_nosec+0x13a/0x180
[  335.450420][T10337]  sock_write_iter+0x308/0x410
[  335.450449][T10337]  ? __pfx_sock_write_iter+0x10/0x10
[  335.450500][T10337]  vfs_write+0x629/0xba0
[  335.450542][T10337]  ? __pfx_vfs_write+0x10/0x10
[  335.450586][T10337]  ? __fget_files+0x2a/0x420
[  335.450624][T10337]  ksys_write+0x156/0x270
[  335.450660][T10337]  ? __pfx_ksys_write+0x10/0x10
[  335.450702][T10337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.450728][T10337]  do_syscall_64+0x174/0x580
[  335.450763][T10337]  ? trace_irq_disable+0x3b/0x140
[  335.450789][T10337]  ? clear_bhb_loop+0x40/0x90
[  335.450818][T10337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.450842][T10337] RIP: 0033:0x7fc003d6ce59
[  335.450863][T10337] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  335.450883][T10337] RSP: 002b:00007fc001fbe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  335.450906][T10337] RAX: ffffffffffffffda RBX: 00007fc003fe5fa0 RCX: 00007fc003d6ce59
[  335.450924][T10337] RDX: 0000000000000120 RSI: 0000200000001b00 RDI: 0000000000000003
[  335.450939][T10337] RBP: 00007fc001fbe090 R08: 0000000000000000 R09: 0000000000000000
[  335.450954][T10337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.450969][T10337] R13: 00007fc003fe6038 R14: 00007fc003fe5fa0 R15: 00007fff3690e4a8
[  335.451006][T10337]  </TASK>
[  335.798002][T10279] can0 (unregistered): slcan off ttynull.
[  336.166880][ T5789] udevd[5789]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  336.564350][   T69] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.858130][   T37] usb 2-1: new full-speed USB device number 45 using dummy_hcd
[  336.988657][   T60] Bluetooth: hci4: command tx timeout
[  337.017193][   T37] usb 2-1: config 0 has an invalid interface number: 231 but max is 0
[  337.017226][   T37] usb 2-1: config 0 has no interface number 0
[  337.017274][   T37] usb 2-1: config 0 interface 231 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  337.021807][   T37] usb 2-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b
[  337.021841][   T37] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.021862][   T37] usb 2-1: Product: syz
[  337.021878][   T37] usb 2-1: Manufacturer: syz
[  337.021895][   T37] usb 2-1: SerialNumber: syz
[  337.072834][   T37] usb 2-1: config 0 descriptor??
[  337.092917][T10389] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  337.238746][   T69] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.446520][  T822] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  337.517640][   T37] plusb 2-1:0.231 usb0: register 'plusb' at usb-dummy_hcd.1-1, Prolific PL-2301/PL-2302/PL-25A1/PL-27A1, da:e4:e4:40:94:7e
[  337.596795][  T822] usb 3-1: Using ep0 maxpacket: 16
[  337.600348][  T822] usb 3-1: unable to get BOS descriptor or descriptor too short
[  337.605987][  T822] usb 3-1: config 14 has an invalid interface number: 39 but max is 0
[  337.606063][  T822] usb 3-1: config 14 has no interface number 0
[  337.606197][  T822] usb 3-1: config 14 interface 39 has no altsetting 0
[  337.638623][  T822] usb 3-1: New USB device found, idVendor=0734, idProduct=043b, bcdDevice=ee.91
[  337.638656][  T822] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.638679][  T822] usb 3-1: Product: syz
[  337.638695][  T822] usb 3-1: Manufacturer: syz
[  337.638711][  T822] usb 3-1: SerialNumber: syz
[  337.762517][T10413] i2c i2c-0: DVB: adapter 0 frontend 0 symbol rate 0 out of range (1000000..45000000)
[  337.974077][  T822] gspca_main: spca506-2.14.0 probing 0734:043b
[  338.045312][   T69] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.192458][  T822] usb 3-1: USB disconnect, device number 43
[  338.559085][   T37] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[  338.706519][   T37] usb 1-1: Using ep0 maxpacket: 16
[  338.709490][   T37] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  338.709529][   T37] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  338.709562][   T37] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  338.709580][   T37] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.730183][   T37] usb 1-1: config 0 descriptor??
[  339.066721][   T60] Bluetooth: hci4: command tx timeout
[  339.192046][    T9] usb 2-1: USB disconnect, device number 45
[  339.208193][    T9] plusb 2-1:0.231 usb0: unregister 'plusb' usb-dummy_hcd.1-1, Prolific PL-2301/PL-2302/PL-25A1/PL-27A1
[  340.180098][   T37] usbhid 1-1:0.0: can't add hid device: -71
[  340.180227][   T37] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  340.248396][   T37] usb 1-1: USB disconnect, device number 73
[  340.734086][T10271] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.734470][T10271] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.734832][T10271] bridge_slave_0: entered allmulticast mode
[  340.762522][T10271] bridge_slave_0: entered promiscuous mode
[  340.809659][   T37] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  340.928959][T10483] netlink: 'syz.0.1773': attribute type 21 has an invalid length.
[  340.928982][T10483] netlink: 388 bytes leftover after parsing attributes in process `syz.0.1773'.
[  340.971160][   T37] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  340.971198][   T37] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  340.971218][   T37] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  340.973609][   T37] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  340.973658][   T37] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.973674][   T37] usb 2-1: Product: syz
[  340.973685][   T37] usb 2-1: Manufacturer: syz
[  340.973696][   T37] usb 2-1: SerialNumber: syz
[  340.992018][T10271] bridge0: port 2(bridge_slave_1) entered blocking state
[  341.016808][T10271] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.017180][T10271] bridge_slave_1: entered allmulticast mode
[  341.065589][T10271] bridge_slave_1: entered promiscuous mode
[  341.087106][   T37] usb 2-1: config 0 descriptor??
[  341.092999][T10473] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  341.093138][T10473] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  341.098376][   T37] usb 2-1: ucan: probing device on interface #0
[  341.327802][   T37] usb 2-1: ucan: device reported invalid device info
[  341.327828][   T37] usb 2-1: ucan: probe failed; try to update the device firmware
[  341.547898][   T69] bridge_slave_1: left allmulticast mode
[  341.548161][   T69] bridge_slave_1: left promiscuous mode
[  341.565728][   T69] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.780276][   T69] bridge_slave_0: left allmulticast mode
[  341.780308][   T69] bridge_slave_0: left promiscuous mode
[  341.780506][   T69] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.272389][   T37] usb 2-1: USB disconnect, device number 46
[  342.334867][T10496] FAULT_INJECTION: forcing a failure.
[  342.334867][T10496] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  342.334898][T10496] CPU: 0 UID: 0 PID: 10496 Comm: syz.1.1775 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  342.334924][T10496] Tainted: [L]=SOFTLOCKUP
[  342.334931][T10496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  342.334942][T10496] Call Trace:
[  342.334949][T10496]  <TASK>
[  342.334957][T10496]  dump_stack_lvl+0xe8/0x150
[  342.334980][T10496]  should_fail_ex+0x46b/0x600
[  342.335009][T10496]  prepare_alloc_pages+0x22a/0x6b0
[  342.335037][T10496]  __alloc_frozen_pages_noprof+0x12f/0x380
[  342.335064][T10496]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  342.335090][T10496]  ? __pfx_policy_nodemask+0x10/0x10
[  342.335111][T10496]  ? filemap_get_entry+0x378/0x3f0
[  342.335134][T10496]  ? do_raw_spin_lock+0x12b/0x2f0
[  342.335151][T10496]  ? __pfx_filemap_get_entry+0x10/0x10
[  342.335175][T10496]  alloc_pages_mpol+0xd1/0x380
[  342.335201][T10496]  folio_alloc_mpol_noprof+0x3b/0x1e0
[  342.335226][T10496]  shmem_get_folio_gfp+0x647/0x1ad0
[  342.335263][T10496]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  342.335281][T10496]  ? __lock_acquire+0x6b5/0x2d10
[  342.335308][T10496]  shmem_fault+0x170/0x380
[  342.335333][T10496]  __do_fault+0x138/0x2a0
[  342.335358][T10496]  do_pte_missing+0x65b/0x2940
[  342.335386][T10496]  ? handle_mm_fault+0xed/0x14d0
[  342.335408][T10496]  handle_mm_fault+0xdc2/0x14d0
[  342.335430][T10496]  ? handle_mm_fault+0xed/0x14d0
[  342.335453][T10496]  ? __pfx_handle_mm_fault+0x10/0x10
[  342.335473][T10496]  ? follow_page_pte+0xbe2/0xe60
[  342.335499][T10496]  ? __pfx_follow_page_pte+0x10/0x10
[  342.335527][T10496]  __get_user_pages+0x16d4/0x2620
[  342.335574][T10496]  faultin_page_range+0x240/0x8c0
[  342.335599][T10496]  madvise_do_behavior+0x2e5/0x540
[  342.335627][T10496]  ? __pfx_madvise_do_behavior+0x10/0x10
[  342.335649][T10496]  ? down_read+0x156/0x200
[  342.335678][T10496]  do_madvise+0x26f/0x330
[  342.335706][T10496]  ? __pfx_do_madvise+0x10/0x10
[  342.335737][T10496]  ? __pfx_ksys_write+0x10/0x10
[  342.335763][T10496]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.335782][T10496]  __x64_sys_madvise+0xa6/0xc0
[  342.335807][T10496]  do_syscall_64+0x174/0x580
[  342.335834][T10496]  ? clear_bhb_loop+0x40/0x90
[  342.335854][T10496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.335871][T10496] RIP: 0033:0x7fc003d6ce59
[  342.335886][T10496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  342.335901][T10496] RSP: 002b:00007fc001fbe028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  342.335918][T10496] RAX: ffffffffffffffda RBX: 00007fc003fe5fa0 RCX: 00007fc003d6ce59
[  342.335931][T10496] RDX: 0000000000000017 RSI: 0000000000c00000 RDI: 0000200000000000
[  342.335942][T10496] RBP: 00007fc001fbe090 R08: 0000000000000000 R09: 0000000000000000
[  342.335953][T10496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  342.335962][T10496] R13: 00007fc003fe6038 R14: 00007fc003fe5fa0 R15: 00007fff3690e4a8
[  342.335987][T10496]  </TASK>
[  343.588850][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  343.697970][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  343.753905][   T69] bond0 (unregistering): Released all slaves
[  344.279222][T10543] FAULT_INJECTION: forcing a failure.
[  344.279222][T10543] name failslab, interval 1, probability 0, space 0, times 0
[  344.279252][T10543] CPU: 1 UID: 0 PID: 10543 Comm: syz.1.1795 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  344.279276][T10543] Tainted: [L]=SOFTLOCKUP
[  344.279282][T10543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  344.279293][T10543] Call Trace:
[  344.279299][T10543]  <TASK>
[  344.279307][T10543]  dump_stack_lvl+0xe8/0x150
[  344.279329][T10543]  should_fail_ex+0x46b/0x600
[  344.279358][T10543]  should_failslab+0xa8/0x100
[  344.279384][T10543]  __kmalloc_cache_noprof+0x84/0x690
[  344.279409][T10543]  ? hash_ip_create+0x713/0x14a0
[  344.279431][T10543]  hash_ip_create+0x713/0x14a0
[  344.279461][T10543]  ? __pfx_hash_ip_create+0x10/0x10
[  344.279481][T10543]  ? __nla_parse+0x40/0x60
[  344.279497][T10543]  ? __pfx_hash_ip_create+0x10/0x10
[  344.279517][T10543]  ip_set_create+0xae8/0x1a40
[  344.279540][T10543]  ? ip_set_create+0x4f3/0x1a40
[  344.279571][T10543]  ? __pfx_ip_set_create+0x10/0x10
[  344.279608][T10543]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  344.279639][T10543]  ? lockdep_hardirqs_on+0x7a/0x110
[  344.279667][T10543]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  344.279697][T10543]  nfnetlink_rcv_msg+0xbc9/0x1260
[  344.279722][T10543]  ? nfnetlink_rcv_msg+0x230/0x1260
[  344.279759][T10543]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  344.279805][T10543]  ? __lock_acquire+0x6b5/0x2d10
[  344.279827][T10543]  ? __lock_acquire+0x6b5/0x2d10
[  344.279846][T10543]  ? sock_sendmsg_nosec+0x13a/0x180
[  344.279870][T10543]  netlink_rcv_skb+0x232/0x4b0
[  344.279927][T10543]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  344.279964][T10543]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  344.280019][T10543]  ? bpf_lsm_capable+0x9/0x20
[  344.280034][T10543]  ? security_capable+0x7e/0x2c0
[  344.280056][T10543]  nfnetlink_rcv+0x2c0/0x27b0
[  344.280081][T10543]  ? sock_sendmsg_nosec+0x13a/0x180
[  344.280102][T10543]  ? __pfx_snprintf+0x10/0x10
[  344.280124][T10543]  ? unwind_get_return_address+0x4d/0x90
[  344.280150][T10543]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  344.280175][T10543]  ? trim_netdev_trace+0x7ac/0x840
[  344.280196][T10543]  ? __pfx_trim_netdev_trace+0x10/0x10
[  344.280213][T10543]  ? stack_trace_save+0xa9/0x100
[  344.280231][T10543]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  344.280257][T10543]  ? save_netdev_trace_buffer+0x18f/0x5f0
[  344.280278][T10543]  ? save_netdev_trace_buffer+0x4cf/0x5f0
[  344.280302][T10543]  ? __pfx_save_netdev_trace_buffer+0x10/0x10
[  344.280331][T10543]  ? ref_tracker_free+0x673/0x820
[  344.280356][T10543]  ? __netlink_deliver_tap+0x636/0x8b0
[  344.280383][T10543]  ? netlink_deliver_tap+0x19c/0x1b0
[  344.280408][T10543]  ? netlink_unicast+0x754/0x920
[  344.280429][T10543]  ? netlink_sendmsg+0x813/0xb40
[  344.280443][T10543]  ? sock_sendmsg_nosec+0x13a/0x180
[  344.280461][T10543]  ? ____sys_sendmsg+0x55c/0x870
[  344.280485][T10543]  ? ___sys_sendmsg+0x2a5/0x360
[  344.280509][T10543]  ? __x64_sys_sendmsg+0x1c3/0x2a0
[  344.280533][T10543]  ? do_syscall_64+0x174/0x580
[  344.280557][T10543]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.280589][T10543]  ? skb_clone+0x246/0x3a0
[  344.280608][T10543]  ? __netlink_deliver_tap+0x866/0x8b0
[  344.280639][T10543]  ? netlink_deliver_tap+0x2e/0x1b0
[  344.280670][T10543]  ? netlink_deliver_tap+0x2e/0x1b0
[  344.280695][T10543]  ? netlink_deliver_tap+0x2e/0x1b0
[  344.280725][T10543]  netlink_unicast+0x780/0x920
[  344.280757][T10543]  netlink_sendmsg+0x813/0xb40
[  344.280782][T10543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.280800][T10543]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  344.280825][T10543]  ? aa_sock_msg_perm+0x122/0x200
[  344.280843][T10543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.280858][T10543]  sock_sendmsg_nosec+0x13a/0x180
[  344.280880][T10543]  ____sys_sendmsg+0x55c/0x870
[  344.280910][T10543]  ? __pfx_____sys_sendmsg+0x10/0x10
[  344.280942][T10543]  ? import_iovec+0x73/0xa0
[  344.280967][T10543]  ___sys_sendmsg+0x2a5/0x360
[  344.280991][T10543]  ? __lock_acquire+0x6b5/0x2d10
[  344.281014][T10543]  ? __pfx____sys_sendmsg+0x10/0x10
[  344.281097][T10543]  ? __fget_files+0x2a/0x420
[  344.281126][T10543]  ? __fget_files+0x3a6/0x420
[  344.281168][T10543]  __x64_sys_sendmsg+0x1c3/0x2a0
[  344.281197][T10543]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  344.281230][T10543]  ? __pfx_ksys_write+0x10/0x10
[  344.281259][T10543]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.281277][T10543]  do_syscall_64+0x174/0x580
[  344.281302][T10543]  ? trace_irq_disable+0x3b/0x140
[  344.281320][T10543]  ? clear_bhb_loop+0x40/0x90
[  344.281341][T10543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.281358][T10543] RIP: 0033:0x7fc003d6ce59
[  344.281375][T10543] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  344.281389][T10543] RSP: 002b:00007fc001fbe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  344.281407][T10543] RAX: ffffffffffffffda RBX: 00007fc003fe5fa0 RCX: 00007fc003d6ce59
[  344.281420][T10543] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  344.281431][T10543] RBP: 00007fc001fbe090 R08: 0000000000000000 R09: 0000000000000000
[  344.281441][T10543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  344.281451][T10543] R13: 00007fc003fe6038 R14: 00007fc003fe5fa0 R15: 00007fff3690e4a8
[  344.281476][T10543]  </TASK>
[  344.851557][T10271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  344.880622][T10271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  344.999841][T10271] team0: Port device team_slave_0 added
[  345.012797][T10271] team0: Port device team_slave_1 added
[  345.072447][T10271] batman_adv: batadv0: Adding interface: batadv_slave_0
[  345.072468][T10271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  345.072499][T10271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  345.076240][T10271] batman_adv: batadv0: Adding interface: batadv_slave_1
[  345.076259][T10271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  345.076292][T10271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  345.388628][T10271] hsr_slave_0: entered promiscuous mode
[  345.395443][T10271] hsr_slave_1: entered promiscuous mode
[  345.421367][T10271] debugfs: 'hsr0' already exists in 'hsr'
[  345.426636][T10271] Cannot create hsr debugfs directory
[  345.639041][    T9] usb 1-1: new full-speed USB device number 74 using dummy_hcd
[  345.818098][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 65535, setting to 64
[  345.822184][    T9] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[  345.822217][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.822241][    T9] usb 1-1: Product: syz
[  345.822258][    T9] usb 1-1: Manufacturer: syz
[  345.822272][    T9] usb 1-1: SerialNumber: syz
[  345.894457][    T9] usb 1-1: config 0 descriptor??
[  345.896314][T10552] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  345.937138][    T9] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input16
[  346.036937][T10567] FAULT_INJECTION: forcing a failure.
[  346.036937][T10567] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.036983][T10567] CPU: 1 UID: 0 PID: 10567 Comm: syz.2.1804 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  346.037020][T10567] Tainted: [L]=SOFTLOCKUP
[  346.037027][T10567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  346.037038][T10567] Call Trace:
[  346.037061][T10567]  <TASK>
[  346.037072][T10567]  dump_stack_lvl+0xe8/0x150
[  346.037106][T10567]  should_fail_ex+0x46b/0x600
[  346.037148][T10567]  __kvm_read_guest_page+0x18d/0x240
[  346.037189][T10567]  kvm_fetch_guest_virt+0x12b/0x170
[  346.037221][T10567]  ? __pfx_kvm_fetch_guest_virt+0x10/0x10
[  346.037254][T10567]  __do_insn_fetch_bytes+0x31c/0x6d0
[  346.037307][T10567]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  346.037347][T10567]  ? __lock_acquire+0x6b5/0x2d10
[  346.037381][T10567]  ? trace_kvm_tdp_mmu_spte_changed+0x8a/0x230
[  346.037413][T10567]  x86_decode_insn+0x38e/0x5e00
[  346.037447][T10567]  ? __handle_changed_spte+0x534/0x12e0
[  346.037494][T10567]  ? kvm_tdp_mmu_map+0x3ac/0x1e60
[  346.037540][T10567]  ? __pfx_x86_decode_insn+0x10/0x10
[  346.037588][T10567]  ? vmx_read_guest_seg_ar+0x3e9/0x640
[  346.037629][T10567]  ? __asan_memset+0x22/0x50
[  346.037652][T10567]  ? init_decode_cache+0xf3/0x160
[  346.037690][T10567]  ? init_emulate_ctxt+0x533/0x6e0
[  346.037721][T10567]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  346.037772][T10567]  ? rt_read_unlock+0x14f/0x220
[  346.037807][T10567]  x86_emulate_instruction+0x315/0x2030
[  346.037867][T10567]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  346.037906][T10567]  ? __lock_acquire+0x6b5/0x2d10
[  346.037937][T10567]  ? __lock_acquire+0x6b5/0x2d10
[  346.037970][T10567]  ? clear_bhb_loop+0x40/0x90
[  346.037995][T10567]  ? clear_bhb_loop+0x40/0x90
[  346.038019][T10567]  ? clear_bhb_loop+0x40/0x90
[  346.038049][T10567]  kvm_mmu_page_fault+0x90e/0xb90
[  346.038090][T10567]  ? __pfx_handle_ept_violation+0x10/0x10
[  346.038122][T10567]  vmx_handle_exit+0x1081/0x17e0
[  346.038165][T10567]  vcpu_run+0x5c5b/0x7830
[  346.038197][T10567]  ? segmented_read+0x2d0/0x3f0
[  346.038237][T10567]  ? vcpu_run+0x4982/0x7830
[  346.038318][T10567]  ? __pfx_vcpu_run+0x10/0x10
[  346.038343][T10567]  ? __asan_memcpy+0x40/0x70
[  346.038366][T10567]  ? complete_emulated_mmio+0x53e/0x900
[  346.038423][T10567]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  346.038464][T10567]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  346.038489][T10567]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  346.038560][T10567]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  346.038597][T10567]  ? lockdep_hardirqs_on+0x7a/0x110
[  346.038631][T10567]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  346.038668][T10567]  ? _mutex_lock_killable+0x152/0x1d0
[  346.038688][T10567]  ? kvm_vcpu_ioctl+0x283/0xfe0
[  346.038751][T10567]  kvm_vcpu_ioctl+0xa65/0xfe0
[  346.038790][T10567]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  346.038845][T10567]  ? __fget_files+0x2a/0x420
[  346.038875][T10567]  ? __fget_files+0x2a/0x420
[  346.038902][T10567]  ? __fget_files+0x3a6/0x420
[  346.038919][T10567]  ? __fget_files+0x2a/0x420
[  346.038963][T10567]  ? bpf_lsm_file_ioctl+0x9/0x20
[  346.038997][T10567]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  346.039031][T10567]  __se_sys_ioctl+0xff/0x170
[  346.039064][T10567]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.039088][T10567]  do_syscall_64+0x174/0x580
[  346.039121][T10567]  ? trace_irq_disable+0x3b/0x140
[  346.039139][T10567]  ? clear_bhb_loop+0x40/0x90
[  346.039181][T10567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.039206][T10567] RIP: 0033:0x7fd46176ce59
[  346.039245][T10567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  346.039267][T10567] RSP: 002b:00007fd45f9c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  346.039292][T10567] RAX: ffffffffffffffda RBX: 00007fd4619e5fa0 RCX: 00007fd46176ce59
[  346.039310][T10567] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  346.039324][T10567] RBP: 00007fd45f9c6090 R08: 0000000000000000 R09: 0000000000000000
[  346.039339][T10567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.039359][T10567] R13: 00007fd4619e6038 R14: 00007fd4619e5fa0 R15: 00007ffde33f93e8
[  346.039400][T10567]  </TASK>
[  346.204018][    C0] kbtab 1-1:0.0: kbtab_irq - usb_submit_urb failed with result -1
[  346.750495][ T5792] usb 1-1: USB disconnect, device number 74
[  347.776528][   T37] usb 1-1: new high-speed USB device number 75 using dummy_hcd
[  347.931734][   T37] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  347.931763][   T37] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  347.935928][   T37] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  347.935961][   T37] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  347.935986][   T37] usb 1-1: SerialNumber: syz
[  348.214773][ T5270] 8021q: adding VLAN 0 to HW filter on device eth1
[  348.412729][   T37] usb 1-1: 0:2 : does not exist
[  348.851511][   T37] usb 1-1: USB disconnect, device number 75
[  349.359264][ T5783] udevd[5783]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  349.838630][T10674] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  349.839241][T10674] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  350.056738][ T5792] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[  350.079896][    T9] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  350.209764][ T5792] usb 1-1: Using ep0 maxpacket: 8
[  350.218418][ T5792] usb 1-1: unable to get BOS descriptor or descriptor too short
[  350.219968][ T5792] usb 1-1: config 2 has an invalid interface number: 99 but max is 0
[  350.219994][ T5792] usb 1-1: config 2 has no interface number 0
[  350.220032][ T5792] usb 1-1: config 2 interface 99 altsetting 7 has an endpoint descriptor with address 0xFE, changing to 0x8E
[  350.220060][ T5792] usb 1-1: config 2 interface 99 altsetting 7 endpoint 0x2 has invalid wMaxPacketSize 0
[  350.220083][ T5792] usb 1-1: config 2 interface 99 has no altsetting 0
[  350.223504][ T5792] usb 1-1: New USB device found, idVendor=0000, idProduct=a300, bcdDevice= a.f3
[  350.223535][ T5792] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.223556][ T5792] usb 1-1: Product: syz
[  350.223572][ T5792] usb 1-1: Manufacturer: syz
[  350.223588][ T5792] usb 1-1: SerialNumber: syz
[  350.482578][   T38] audit: type=1326 audit(1780747045.681:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10664 comm="syz.0.1835" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d67c1ce59 code=0x0
[  350.649196][T10665] can0: slcan on ttynull.
[  351.031537][    T9] usb 2-1: device descriptor read/64, error -71
[  351.276471][    T9] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  351.343948][T10698] 9pnet_fd: p9_fd_create_tcp (10698): problem connecting socket to 127.0.0.1
[  351.461773][    T9] usb 2-1: Using ep0 maxpacket: 32
[  351.484122][    T9] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  351.484216][    T9] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  351.484242][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  351.484311][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  351.484343][    T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  351.484372][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  351.484419][    T9] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  351.484447][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.692840][    T9] usb 2-1: config 0 descriptor??
[  351.694087][T10692] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  351.982658][    T9] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 48 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  352.843783][ T1009] usb 2-1: USB disconnect, device number 48
[  352.936049][ T5792] usb 1-1: USB disconnect, device number 76
[  352.970453][ T1009] usblp0: removed
[  353.367059][T10664] can0 (unregistered): slcan off ttynull.
[  353.544472][T10745] blk_print_req_error: 56 callbacks suppressed
[  353.544496][T10745] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  353.544527][T10745] buffer_io_error: 54 callbacks suppressed
[  353.544540][T10745] Buffer I/O error on dev nbd0, logical block 0, async page read
[  353.544718][T10745] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  353.544748][T10745] Buffer I/O error on dev nbd0, logical block 1, async page read
[  353.544910][T10745] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  353.544939][T10745] Buffer I/O error on dev nbd0, logical block 2, async page read
[  353.545090][T10745] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  353.545119][T10745] Buffer I/O error on dev nbd0, logical block 3, async page read
[  353.552821][T10745] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  353.552921][T10745] Buffer I/O error on dev nbd0, logical block 0, async page read
[  353.553323][T10745] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  353.553406][T10745] Buffer I/O error on dev nbd0, logical block 1, async page read
[  353.553618][T10745] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  353.553654][T10745] Buffer I/O error on dev nbd0, logical block 2, async page read
[  353.553840][T10745] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  353.553875][T10745] Buffer I/O error on dev nbd0, logical block 3, async page read
[  353.554043][T10745] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  353.554072][T10745] Buffer I/O error on dev nbd0, logical block 0, async page read
[  353.554224][T10745] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  353.554252][T10745] Buffer I/O error on dev nbd0, logical block 1, async page read
[  353.700401][T10745] ldm_validate_partition_table(): Disk read failed.
[  353.725687][T10749] netlink: 'syz.0.1862': attribute type 1 has an invalid length.
[  353.787666][T10745] Dev nbd0: unable to read RDB block 0
[  353.805823][T10745]  nbd0: unable to read partition table
[  353.938123][   T69] hsr_slave_0: left promiscuous mode
[  353.994469][   T69] hsr_slave_1: left promiscuous mode
[  354.020793][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  354.020933][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  354.073002][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  354.073034][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  354.076501][ T1009] usb 1-1: new full-speed USB device number 77 using dummy_hcd
[  354.233542][ T1009] usb 1-1: unable to get BOS descriptor or descriptor too short
[  354.243085][ T1009] usb 1-1: not running at top speed; connect to a high speed hub
[  354.252188][ T1009] usb 1-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice= 0.40
[  354.252224][ T1009] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.252247][ T1009] usb 1-1: Product: syz
[  354.252265][ T1009] usb 1-1: Manufacturer: syz
[  354.252282][ T1009] usb 1-1: SerialNumber: syz
[  354.563471][   T69] veth1_macvtap: left promiscuous mode
[  354.644117][   T69] veth0_macvtap: left promiscuous mode
[  354.657738][   T69] veth1_vlan: left promiscuous mode
[  354.669775][   T69] veth0_vlan: left promiscuous mode
[  355.104056][T10794] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  355.104561][T10794] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  355.144699][T10794] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  355.166671][T10794] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  355.349861][   T37] usb 3-1: new full-speed USB device number 44 using dummy_hcd
[  355.498418][   T37] usb 3-1: config index 0 descriptor too short (expected 75, got 53)
[  355.498631][   T37] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  355.523873][   T37] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  355.523907][   T37] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  355.523932][   T37] usb 3-1: Product: syz
[  355.523948][   T37] usb 3-1: Manufacturer: syz
[  355.523964][   T37] usb 3-1: SerialNumber: syz
[  355.577693][   T37] usb 3-1: config 0 descriptor??
[  355.597658][   T37] cdc_ether 3-1:0.0: Descriptor too short
[  355.599238][   T37] usb 3-1: unsupported MDLM descriptors
[  355.718988][T10800] fuse: Bad value for 'user_id'
[  355.719004][T10800] fuse: Bad value for 'user_id'
[  355.791112][   T37] usb 3-1: USB disconnect, device number 44
[  357.047434][   T69] team0 (unregistering): Port device team_slave_1 removed
[  357.107522][   T69] team0 (unregistering): Port device team_slave_0 removed
[  357.422619][ T5885] smc: removing ib device syz1
[  357.635988][   T10] lo speed is unknown, defaulting to 1000
[  357.636103][   T10] syz1: Port: 1 Link DOWN
[  357.832679][ T1009] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  358.072462][ T1009] usb 1-1: USB disconnect, device number 77
[  358.088585][ T5885] smbdirect: ib_dev[syz1] removed
[  358.380875][T10824] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1896'.
[  360.170075][T10877] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  360.789137][  T103] block nbd2: Possible stuck request ffff888027e15080: control (read@0,1024B). Runtime 150 seconds
[  360.789206][  T103] block nbd2: Possible stuck request ffff888027e15240: control (read@1024,1024B). Runtime 150 seconds
[  360.789241][  T103] block nbd2: Possible stuck request ffff888027e15400: control (read@2048,1024B). Runtime 150 seconds
[  360.789276][  T103] block nbd2: Possible stuck request ffff888027e155c0: control (read@3072,1024B). Runtime 150 seconds
[  361.261661][T10895] program syz.0.1922 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  361.263448][T10895] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  361.779359][T10918] warning: `syz.1.1930' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  362.254433][T10931] FAULT_INJECTION: forcing a failure.
[  362.254433][T10931] name failslab, interval 1, probability 0, space 0, times 0
[  362.254475][T10931] CPU: 0 UID: 0 PID: 10931 Comm: syz.2.1933 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  362.254507][T10931] Tainted: [L]=SOFTLOCKUP
[  362.254516][T10931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  362.254531][T10931] Call Trace:
[  362.254541][T10931]  <TASK>
[  362.254551][T10931]  dump_stack_lvl+0xe8/0x150
[  362.254585][T10931]  should_fail_ex+0x46b/0x600
[  362.254627][T10931]  should_failslab+0xa8/0x100
[  362.254661][T10931]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  362.254689][T10931]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  362.254717][T10931]  ? dup_task_struct+0x52/0x860
[  362.254759][T10931]  dup_task_struct+0x52/0x860
[  362.254793][T10931]  ? rt_spin_unlock+0x160/0x200
[  362.254825][T10931]  copy_process+0x837/0x43d0
[  362.254892][T10931]  ? __pfx_copy_process+0x10/0x10
[  362.254940][T10931]  vhost_task_create+0x1f9/0x380
[  362.254977][T10931]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  362.255012][T10931]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  362.255049][T10931]  ? __pfx_vhost_task_create+0x10/0x10
[  362.255087][T10931]  ? __pfx_vhost_task_fn+0x10/0x10
[  362.255118][T10931]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  362.255154][T10931]  ? lockdep_hardirqs_on+0x7a/0x110
[  362.255189][T10931]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  362.255225][T10931]  ? mutex_lock_nested+0x152/0x1d0
[  362.255252][T10931]  ? kvm_mmu_post_init_vm+0x8f/0x2d0
[  362.255292][T10931]  kvm_mmu_post_init_vm+0x147/0x2d0
[  362.255332][T10931]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  362.255376][T10931]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  362.255406][T10931]  ? do_raw_spin_lock+0x12b/0x2f0
[  362.255444][T10931]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  362.255480][T10931]  ? lockdep_hardirqs_on+0x7a/0x110
[  362.255514][T10931]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  362.255549][T10931]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  362.255586][T10931]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  362.255617][T10931]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  362.255653][T10931]  ? lockdep_hardirqs_on+0x7a/0x110
[  362.255692][T10931]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  362.255727][T10931]  ? rt_write_unlock+0x190/0x230
[  362.255760][T10931]  kvm_vcpu_ioctl+0xa65/0xfe0
[  362.255801][T10931]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  362.255858][T10931]  ? __fget_files+0x2a/0x420
[  362.255890][T10931]  ? __fget_files+0x2a/0x420
[  362.255917][T10931]  ? __fget_files+0x3a6/0x420
[  362.255944][T10931]  ? __fget_files+0x2a/0x420
[  362.255982][T10931]  ? bpf_lsm_file_ioctl+0x9/0x20
[  362.256015][T10931]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  362.256050][T10931]  __se_sys_ioctl+0xff/0x170
[  362.256085][T10931]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.256110][T10931]  do_syscall_64+0x174/0x580
[  362.256143][T10931]  ? trace_irq_disable+0x3b/0x140
[  362.256169][T10931]  ? clear_bhb_loop+0x40/0x90
[  362.256198][T10931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.256223][T10931] RIP: 0033:0x7fd46176ce59
[  362.256244][T10931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  362.256266][T10931] RSP: 002b:00007fd45f9a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  362.256291][T10931] RAX: ffffffffffffffda RBX: 00007fd4619e6090 RCX: 00007fd46176ce59
[  362.256309][T10931] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009
[  362.256323][T10931] RBP: 00007fd45f9a5090 R08: 0000000000000000 R09: 0000000000000000
[  362.256337][T10931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.256351][T10931] R13: 00007fd4619e6128 R14: 00007fd4619e6090 R15: 00007ffde33f93e8
[  362.256387][T10931]  </TASK>
[  363.223854][T10271] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  363.470757][T10271] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  363.540967][T10945] can0: slcan on ttynull.
[  363.546653][T10271] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  363.698461][ T5779] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[  363.741282][T10271] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  363.763566][T10271] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  363.858073][ T5779] usb 1-1: Using ep0 maxpacket: 8
[  363.863872][ T5779] usb 1-1: unable to get BOS descriptor or descriptor too short
[  363.884330][ T5779] usb 1-1: config 2 has an invalid interface number: 99 but max is 0
[  363.884364][ T5779] usb 1-1: config 2 has no interface number 0
[  363.884414][ T5779] usb 1-1: config 2 interface 99 altsetting 7 has an endpoint descriptor with address 0xFE, changing to 0x8E
[  363.884446][ T5779] usb 1-1: config 2 interface 99 altsetting 7 endpoint 0x2 has invalid wMaxPacketSize 0
[  363.884472][ T5779] usb 1-1: config 2 interface 99 has no altsetting 0
[  363.904917][ T5779] usb 1-1: New USB device found, idVendor=0000, idProduct=a300, bcdDevice= a.f3
[  363.904952][ T5779] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.904977][ T5779] usb 1-1: Product: syz
[  363.904993][ T5779] usb 1-1: Manufacturer: syz
[  363.905010][ T5779] usb 1-1: SerialNumber: syz
[  364.113034][T10271] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  364.127257][T10271] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  364.295064][   T38] audit: type=1326 audit(1780747059.521:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10944 comm="syz.0.1937" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d67c1ce59 code=0x0
[  364.344528][T10271] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  365.660752][T10271] 8021q: adding VLAN 0 to HW filter on device bond0
[  365.794189][T10271] 8021q: adding VLAN 0 to HW filter on device team0
[  365.813493][ T5885] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.813760][ T5885] bridge0: port 1(bridge_slave_0) entered forwarding state
[  365.901845][ T5885] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.940510][ T5885] bridge0: port 2(bridge_slave_1) entered forwarding state
[  366.333876][ T5779] usb 1-1: USB disconnect, device number 78
[  366.399837][   T69] IPVS: stop unused estimator thread 0...
[  366.567267][T10951] can0 (unregistered): slcan off ttynull.
[  367.796547][ T5715] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[  367.946559][ T5715] usb 1-1: Using ep0 maxpacket: 16
[  367.952104][ T5715] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  367.952134][ T5715] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  367.968634][ T5715] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  367.968732][ T5715] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=16
[  367.968799][ T5715] usb 1-1: Product: syz
[  367.968843][ T5715] usb 1-1: Manufacturer: syz
[  367.968887][ T5715] usb 1-1: SerialNumber: syz
[  368.101177][T10271] 8021q: adding VLAN 0 to HW filter on device batadv0
[  368.308090][ T5715] usb 1-1: 0:2 : does not exist
[  368.381410][T10271] veth0_vlan: entered promiscuous mode
[  368.485172][T10271] veth1_vlan: entered promiscuous mode
[  368.583863][T10271] veth0_macvtap: entered promiscuous mode
[  368.594803][ T5715] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  368.644796][T10271] veth1_macvtap: entered promiscuous mode
[  368.699559][T10271] batman_adv: batadv0: Interface activated: batadv_slave_0
[  368.769778][T10271] batman_adv: batadv0: Interface activated: batadv_slave_1
[  368.795643][   T69] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  368.807237][   T69] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  368.807287][   T69] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  368.807325][   T69] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  368.873279][ T5715] usb 1-1: USB disconnect, device number 79
[  369.026295][ T5783] udevd[5783]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  369.855372][ T3371] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  369.855422][ T3371] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  370.344451][T11129] FAULT_INJECTION: forcing a failure.
[  370.344451][T11129] name failslab, interval 1, probability 0, space 0, times 0
[  370.344503][T11129] CPU: 1 UID: 0 PID: 11129 Comm: syz.2.2002 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  370.344537][T11129] Tainted: [L]=SOFTLOCKUP
[  370.344547][T11129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  370.344572][T11129] Call Trace:
[  370.344585][T11129]  <TASK>
[  370.344596][T11129]  dump_stack_lvl+0xe8/0x150
[  370.344633][T11129]  should_fail_ex+0x46b/0x600
[  370.344673][T11129]  should_failslab+0xa8/0x100
[  370.344706][T11129]  __kmalloc_noprof+0xdf/0x7b0
[  370.344733][T11129]  ? kfree+0x4d/0x6c0
[  370.344756][T11129]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  370.344791][T11129]  tomoyo_realpath_from_path+0xe3/0x5d0
[  370.344821][T11129]  ? tomoyo_domain+0xd7/0x130
[  370.344856][T11129]  ? tomoyo_path_number_perm+0x219/0x630
[  370.344894][T11129]  tomoyo_path_number_perm+0x246/0x630
[  370.344934][T11129]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  370.344969][T11129]  ? __lock_acquire+0x6b5/0x2d10
[  370.345000][T11129]  ? do_raw_spin_lock+0x12b/0x2f0
[  370.345058][T11129]  ? __fget_files+0x2a/0x420
[  370.345090][T11129]  ? __fget_files+0x2a/0x420
[  370.345117][T11129]  ? __fget_files+0x3a6/0x420
[  370.345144][T11129]  ? __fget_files+0x2a/0x420
[  370.345176][T11129]  security_file_ioctl+0xc3/0x2a0
[  370.345212][T11129]  __se_sys_ioctl+0x47/0x170
[  370.345247][T11129]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.345273][T11129]  do_syscall_64+0x174/0x580
[  370.345308][T11129]  ? trace_irq_disable+0x3b/0x140
[  370.345335][T11129]  ? clear_bhb_loop+0x40/0x90
[  370.345365][T11129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.345388][T11129] RIP: 0033:0x7fd46176ce59
[  370.345410][T11129] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  370.345431][T11129] RSP: 002b:00007fd45f9c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  370.345455][T11129] RAX: ffffffffffffffda RBX: 00007fd4619e5fa0 RCX: 00007fd46176ce59
[  370.345473][T11129] RDX: 0000000000000000 RSI: 000000000000541b RDI: 0000000000000003
[  370.345488][T11129] RBP: 00007fd45f9c6090 R08: 0000000000000000 R09: 0000000000000000
[  370.345504][T11129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  370.345518][T11129] R13: 00007fd4619e6038 R14: 00007fd4619e5fa0 R15: 00007ffde33f93e8
[  370.345561][T11129]  </TASK>
[  370.386835][T11129] ERROR: Out of memory at tomoyo_realpath_from_path.
[  370.653994][ T5885] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.654017][ T5885] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.477553][ T5620] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  371.549088][ T5620] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  371.575985][ T5620] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  371.599834][ T5620] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  371.622771][ T5620] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  372.016581][   T10] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  372.047196][T11174] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2013'.
[  372.147986][   T10] usb 3-1: device descriptor read/64, error -71
[  372.427235][   T10] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  372.589022][   T10] usb 3-1: device descriptor read/64, error -71
[  372.631049][T11186] FAULT_INJECTION: forcing a failure.
[  372.631049][T11186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.631099][T11186] CPU: 0 UID: 0 PID: 11186 Comm: syz.0.2017 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  372.631123][T11186] Tainted: [L]=SOFTLOCKUP
[  372.631129][T11186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  372.631140][T11186] Call Trace:
[  372.631147][T11186]  <TASK>
[  372.631155][T11186]  dump_stack_lvl+0xe8/0x150
[  372.631192][T11186]  should_fail_ex+0x46b/0x600
[  372.631230][T11186]  _copy_from_iter+0x1d3/0x1670
[  372.631248][T11186]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  372.631265][T11186]  ? mempool_alloc_noprof+0x26c/0x300
[  372.631286][T11186]  ? __pfx__copy_from_iter+0x10/0x10
[  372.631309][T11186]  ? bio_add_page+0x415/0x6f0
[  372.631330][T11186]  copy_page_from_iter+0x220/0x2d0
[  372.631350][T11186]  blk_rq_map_user_iov+0xe43/0x1790
[  372.631390][T11186]  ? __pfx_blk_rq_map_user_iov+0x10/0x10
[  372.631422][T11186]  ? do_syscall_64+0x174/0x580
[  372.631447][T11186]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.631474][T11186]  ? import_ubuf+0xfb/0x1d0
[  372.631494][T11186]  blk_rq_map_user_io+0x2ae/0x440
[  372.631524][T11186]  ? __pfx_blk_rq_map_user_io+0x10/0x10
[  372.631553][T11186]  ? do_raw_spin_lock+0x12b/0x2f0
[  372.631582][T11186]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  372.631608][T11186]  ? lockdep_hardirqs_on+0x7a/0x110
[  372.631632][T11186]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  372.631657][T11186]  ? rt_mutex_slowunlock+0x1cb/0x300
[  372.631677][T11186]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  372.631705][T11186]  sg_common_write+0xcff/0x13e0
[  372.631734][T11186]  ? __pfx_sg_common_write+0x10/0x10
[  372.631760][T11186]  sg_write+0xafb/0xf00
[  372.631791][T11186]  ? __pfx_sg_write+0x10/0x10
[  372.631818][T11186]  ? __pfx_aa_file_perm+0x10/0x10
[  372.631862][T11186]  ? rw_verify_area+0x25b/0x4e0
[  372.631884][T11186]  ? __pfx_sg_write+0x10/0x10
[  372.631910][T11186]  vfs_write+0x2a3/0xba0
[  372.631938][T11186]  ? __pfx_vfs_write+0x10/0x10
[  372.631962][T11186]  ? __fget_files+0x2a/0x420
[  372.631983][T11186]  ? __fget_files+0x2a/0x420
[  372.632001][T11186]  ? __fget_files+0x3a6/0x420
[  372.632020][T11186]  ? __fget_files+0x2a/0x420
[  372.632045][T11186]  ksys_write+0x156/0x270
[  372.632069][T11186]  ? __pfx_ksys_write+0x10/0x10
[  372.632098][T11186]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.632115][T11186]  do_syscall_64+0x174/0x580
[  372.632139][T11186]  ? trace_irq_disable+0x3b/0x140
[  372.632159][T11186]  ? clear_bhb_loop+0x40/0x90
[  372.632182][T11186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.632199][T11186] RIP: 0033:0x7f1d67c1ce59
[  372.632214][T11186] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  372.632228][T11186] RSP: 002b:00007f1d65e6e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  372.632245][T11186] RAX: ffffffffffffffda RBX: 00007f1d67e95fa0 RCX: 00007f1d67c1ce59
[  372.632258][T11186] RDX: 00000000000000c4 RSI: 0000200000000200 RDI: 0000000000000004
[  372.632268][T11186] RBP: 00007f1d65e6e090 R08: 0000000000000000 R09: 0000000000000000
[  372.632278][T11186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  372.632289][T11186] R13: 00007f1d67e96038 R14: 00007f1d67e95fa0 R15: 00007fff3b447ce8
[  372.632313][T11186]  </TASK>
[  372.698049][   T10] usb usb3-port1: attempt power cycle
[  373.156511][   T10] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  373.177385][   T10] usb 3-1: device descriptor read/8, error -71
[  373.431538][   T10] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  373.468162][   T10] usb 3-1: device descriptor read/8, error -71
[  373.571008][T11206] openvswitch: netlink: Actions may not be safe on all matching packets
[  373.608818][   T10] usb usb3-port1: unable to enumerate USB device
[  373.799226][ T5620] Bluetooth: hci2: command tx timeout
[  374.173428][T11161] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.173739][T11161] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.173951][T11161] bridge_slave_0: entered allmulticast mode
[  374.184480][T11161] bridge_slave_0: entered promiscuous mode
[  374.208912][  T822] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[  374.265710][T11161] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.265969][T11161] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.266189][T11161] bridge_slave_1: entered allmulticast mode
[  374.347270][T11161] bridge_slave_1: entered promiscuous mode
[  374.386521][ T5792] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  374.408943][  T822] usb 1-1: unable to get BOS descriptor or descriptor too short
[  374.410269][  T822] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 32
[  374.413841][  T822] usb 1-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice= 0.40
[  374.413871][  T822] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.413895][  T822] usb 1-1: Product: syz
[  374.413913][  T822] usb 1-1: Manufacturer: syz
[  374.413930][  T822] usb 1-1: SerialNumber: syz
[  374.468509][T11213] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  374.504076][T11161] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  374.532068][T11161] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  374.565181][ T5792] usb 4-1: New USB device found, idVendor=08e4, idProduct=017f, bcdDevice= 0.40
[  374.565291][ T5792] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.565316][ T5792] usb 4-1: Product: syz
[  374.565334][ T5792] usb 4-1: Manufacturer: syz
[  374.565350][ T5792] usb 4-1: SerialNumber: syz
[  374.721502][T11161] team0: Port device team_slave_0 added
[  374.733493][T11161] team0: Port device team_slave_1 added
[  374.809717][T11161] batman_adv: batadv0: Adding interface: batadv_slave_0
[  374.809738][T11161] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  374.809768][T11161] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  374.813910][T11161] batman_adv: batadv0: Adding interface: batadv_slave_1
[  374.813930][T11161] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  374.813975][T11161] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  375.045625][T11223] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.072740][T11223] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  375.086251][T11161] hsr_slave_0: entered promiscuous mode
[  375.101714][T11161] hsr_slave_1: entered promiscuous mode
[  375.103567][ T5792] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  375.105193][ T5792] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  375.181131][T11161] debugfs: 'hsr0' already exists in 'hsr'
[  375.181162][T11161] Cannot create hsr debugfs directory
[  375.402637][  T822] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  375.402698][  T822] usb 1-1: MIDIStreaming interface descriptor not found
[  375.403334][ T5792] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -71
[  375.499973][ T5792] usb 4-1: USB disconnect, device number 43
[  375.514718][ T8886] udevd[8886]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  375.573766][T11234] FAULT_INJECTION: forcing a failure.
[  375.573766][T11234] name failslab, interval 1, probability 0, space 0, times 0
[  375.573806][T11234] CPU: 0 UID: 0 PID: 11234 Comm: syz.3.2030 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  375.573840][T11234] Tainted: [L]=SOFTLOCKUP
[  375.573849][T11234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  375.573862][T11234] Call Trace:
[  375.573872][T11234]  <TASK>
[  375.573882][T11234]  dump_stack_lvl+0xe8/0x150
[  375.573916][T11234]  should_fail_ex+0x46b/0x600
[  375.573957][T11234]  should_failslab+0xa8/0x100
[  375.573990][T11234]  __kmalloc_noprof+0xdf/0x7b0
[  375.574020][T11234]  ? tomoyo_encode+0x28b/0x550
[  375.574053][T11234]  tomoyo_encode+0x28b/0x550
[  375.574086][T11234]  tomoyo_realpath_from_path+0x58d/0x5d0
[  375.574126][T11234]  ? tomoyo_path_number_perm+0x219/0x630
[  375.574171][T11234]  tomoyo_path_number_perm+0x246/0x630
[  375.574212][T11234]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  375.574248][T11234]  ? __lock_acquire+0x6b5/0x2d10
[  375.574284][T11234]  ? do_raw_spin_lock+0x12b/0x2f0
[  375.574341][T11234]  ? __fget_files+0x2a/0x420
[  375.574373][T11234]  ? __fget_files+0x2a/0x420
[  375.574399][T11234]  ? __fget_files+0x3a6/0x420
[  375.574426][T11234]  ? __fget_files+0x2a/0x420
[  375.574458][T11234]  security_file_ioctl+0xc3/0x2a0
[  375.574495][T11234]  __se_sys_ioctl+0x47/0x170
[  375.574531][T11234]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.574557][T11234]  do_syscall_64+0x174/0x580
[  375.574592][T11234]  ? trace_irq_disable+0x3b/0x140
[  375.574619][T11234]  ? clear_bhb_loop+0x40/0x90
[  375.574648][T11234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.574672][T11234] RIP: 0033:0x7fe2e1bdce59
[  375.574693][T11234] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  375.574713][T11234] RSP: 002b:00007fe2dfe2e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  375.574738][T11234] RAX: ffffffffffffffda RBX: 00007fe2e1e55fa0 RCX: 00007fe2e1bdce59
[  375.574757][T11234] RDX: 0000200000001bc0 RSI: 00000000000007b1 RDI: 0000000000000003
[  375.574772][T11234] RBP: 00007fe2dfe2e090 R08: 0000000000000000 R09: 0000000000000000
[  375.574788][T11234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  375.574802][T11234] R13: 00007fe2e1e56038 R14: 00007fe2e1e55fa0 R15: 00007fff3ce36e38
[  375.574840][T11234]  </TASK>
[  375.574981][T11234] ERROR: Out of memory at tomoyo_realpath_from_path.
[  375.867338][ T5620] Bluetooth: hci2: command tx timeout
[  376.250381][T11248] tmpfs: Bad value for 'nr_inodes'
[  376.255880][T11248] binder: Bad value for 'stats'
[  376.282636][  T822] usb 1-1: USB disconnect, device number 80
[  376.604373][ T5762] udevd[5762]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  377.412507][    T9] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[  377.566500][    T9] usb 1-1: Using ep0 maxpacket: 16
[  377.579993][    T9] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  377.580023][    T9] usb 1-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  377.580046][    T9] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  377.580071][    T9] usb 1-1: config 1 has no interface number 1
[  377.580120][    T9] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  377.580168][    T9] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 12336, setting to 64
[  377.588927][    T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  377.588960][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.588993][    T9] usb 1-1: Product: syz
[  377.589010][    T9] usb 1-1: Manufacturer: syz
[  377.589027][    T9] usb 1-1: SerialNumber: syz
[  377.921333][T11161] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.946818][ T5620] Bluetooth: hci2: command tx timeout
[  378.001357][    T9] usb 1-1: USB disconnect, device number 81
[  378.141735][ T5783] udevd[5783]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  378.504479][T11161] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.504752][T11291] libceph: resolve '=' (ret=-3): failed
[  378.706039][ T1337] ieee802154 phy0 wpan0: encryption failed: -22
[  378.706153][ T1337] ieee802154 phy1 wpan1: encryption failed: -22
[  378.994595][T11161] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.196565][ T5715] usb 3-1: new full-speed USB device number 49 using dummy_hcd
[  379.349354][ T5715] usb 3-1: config 0 interface 0 has no altsetting 0
[  379.349394][ T5715] usb 3-1: New USB device found, idVendor=056a, idProduct=010e, bcdDevice= 0.00
[  379.349413][ T5715] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.354301][ T5715] usb 3-1: config 0 descriptor??
[  379.431075][   T38] audit: type=1326 audit(1780747074.651:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11305 comm="syz.0.2057" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d67c1ce59 code=0x0
[  379.753607][ T5715] usbhid 3-1:0.0: can't add hid device: -71
[  379.753728][ T5715] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  379.802084][ T5715] usb 3-1: USB disconnect, device number 49
[  379.806988][T11318] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  379.833005][T11318] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  379.944682][T11320] FAULT_INJECTION: forcing a failure.
[  379.944682][T11320] name failslab, interval 1, probability 0, space 0, times 0
[  379.944724][T11320] CPU: 0 UID: 0 PID: 11320 Comm: syz.2.2061 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  379.944756][T11320] Tainted: [L]=SOFTLOCKUP
[  379.944765][T11320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  379.944780][T11320] Call Trace:
[  379.944798][T11320]  <TASK>
[  379.944808][T11320]  dump_stack_lvl+0xe8/0x150
[  379.944840][T11320]  should_fail_ex+0x46b/0x600
[  379.944881][T11320]  should_failslab+0xa8/0x100
[  379.944918][T11320]  kmem_cache_alloc_noprof+0x87/0x680
[  379.944948][T11320]  ? vm_area_dup+0x2b/0x670
[  379.944986][T11320]  vm_area_dup+0x2b/0x670
[  379.945023][T11320]  __split_vma+0x1e4/0xa40
[  379.945047][T11320]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  379.945086][T11320]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  379.945122][T11320]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  379.945150][T11320]  ? __pfx___split_vma+0x10/0x10
[  379.945184][T11320]  ? try_to_take_rt_mutex+0x840/0xb00
[  379.945224][T11320]  vms_gather_munmap_vmas+0x32d/0x1380
[  379.945264][T11320]  ? __lock_acquire+0x6b5/0x2d10
[  379.945299][T11320]  ? __lock_acquire+0x6b5/0x2d10
[  379.945331][T11320]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  379.945363][T11320]  ? tomoyo_check_open_permission+0x1d3/0x470
[  379.945421][T11320]  do_vmi_align_munmap+0x2c7/0x4d0
[  379.945456][T11320]  ? __lock_acquire+0x6b5/0x2d10
[  379.945502][T11320]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  379.945551][T11320]  ? mtree_range_walk+0x6fc/0x8b0
[  379.945604][T11320]  do_vmi_munmap+0x252/0x2d0
[  379.945647][T11320]  do_munmap+0xf9/0x170
[  379.945678][T11320]  ? __pfx_do_munmap+0x10/0x10
[  379.945727][T11320]  mremap_to+0x353/0x880
[  379.945772][T11320]  ? mtree_range_walk+0x6fc/0x8b0
[  379.945806][T11320]  ? __pfx_mremap_to+0x10/0x10
[  379.945852][T11320]  ? check_prep_vma+0x7a5/0xbd0
[  379.945899][T11320]  __se_sys_mremap+0xbaa/0x11e0
[  379.945962][T11320]  ? __pfx___se_sys_mremap+0x10/0x10
[  379.946011][T11320]  ? ksys_write+0x248/0x270
[  379.946046][T11320]  ? __pfx_ksys_write+0x10/0x10
[  379.946086][T11320]  ? __x64_sys_mremap+0x20/0xc0
[  379.946120][T11320]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.946146][T11320]  do_syscall_64+0x174/0x580
[  379.946180][T11320]  ? trace_irq_disable+0x3b/0x140
[  379.946206][T11320]  ? clear_bhb_loop+0x40/0x90
[  379.946235][T11320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.946260][T11320] RIP: 0033:0x7fd46176ce59
[  379.946282][T11320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  379.946303][T11320] RSP: 002b:00007fd45f9c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  379.946327][T11320] RAX: ffffffffffffffda RBX: 00007fd4619e5fa0 RCX: 00007fd46176ce59
[  379.946345][T11320] RDX: 0000000000004000 RSI: 0000000000004000 RDI: 0000200000ffc000
[  379.946362][T11320] RBP: 00007fd45f9c6090 R08: 0000200000390000 R09: 0000000000000000
[  379.946378][T11320] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  379.946392][T11320] R13: 00007fd4619e6038 R14: 00007fd4619e5fa0 R15: 00007ffde33f93e8
[  379.946428][T11320]  </TASK>
[  380.029101][ T5620] Bluetooth: hci2: command tx timeout
[  380.176397][ T5777] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  380.378917][ T5777] usb 4-1: config 1 has an invalid interface number: 7 but max is 0
[  380.378948][ T5777] usb 4-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[  380.378970][ T5777] usb 4-1: config 1 has no interface number 0
[  380.379011][ T5777] usb 4-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  380.379051][ T5777] usb 4-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 8
[  380.379080][ T5777] usb 4-1: config 1 interface 7 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  380.383213][ T5777] usb 4-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  380.383246][ T5777] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.383269][ T5777] usb 4-1: Product: syz
[  380.383280][ T5777] usb 4-1: Manufacturer: syz
[  380.383291][ T5777] usb 4-1: SerialNumber: syz
[  380.498458][T11317] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  380.516368][T11324] binder: 11323:11324 ioctl 4018620d 0 returned -22
[  380.534713][ T5777] usb 4-1: Expected 3 endpoints, found: 2
[  380.586022][T11325] FAULT_INJECTION: forcing a failure.
[  380.586022][T11325] name failslab, interval 1, probability 0, space 0, times 0
[  380.586064][T11325] CPU: 1 UID: 0 PID: 11325 Comm: syz.2.2063 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  380.586095][T11325] Tainted: [L]=SOFTLOCKUP
[  380.586104][T11325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  380.586118][T11325] Call Trace:
[  380.586128][T11325]  <TASK>
[  380.586138][T11325]  dump_stack_lvl+0xe8/0x150
[  380.586173][T11325]  should_fail_ex+0x46b/0x600
[  380.586214][T11325]  should_failslab+0xa8/0x100
[  380.586246][T11325]  __kmalloc_noprof+0xdf/0x7b0
[  380.586283][T11325]  ? tomoyo_encode+0x28b/0x550
[  380.586319][T11325]  tomoyo_encode+0x28b/0x550
[  380.586352][T11325]  tomoyo_realpath_from_path+0x58d/0x5d0
[  380.586391][T11325]  ? tomoyo_path_number_perm+0x219/0x630
[  380.586428][T11325]  tomoyo_path_number_perm+0x246/0x630
[  380.586469][T11325]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  380.586510][T11325]  ? __lock_acquire+0x6b5/0x2d10
[  380.586541][T11325]  ? do_raw_spin_lock+0x12b/0x2f0
[  380.586598][T11325]  ? __fget_files+0x2a/0x420
[  380.586631][T11325]  ? __fget_files+0x2a/0x420
[  380.586658][T11325]  ? __fget_files+0x3a6/0x420
[  380.586685][T11325]  ? __fget_files+0x2a/0x420
[  380.586718][T11325]  security_file_ioctl+0xc3/0x2a0
[  380.586755][T11325]  __se_sys_ioctl+0x47/0x170
[  380.586790][T11325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.586817][T11325]  do_syscall_64+0x174/0x580
[  380.586879][T11325]  ? trace_irq_disable+0x3b/0x140
[  380.586907][T11325]  ? clear_bhb_loop+0x40/0x90
[  380.586936][T11325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.586965][T11325] RIP: 0033:0x7fd46176ce59
[  380.586988][T11325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  380.587010][T11325] RSP: 002b:00007fd45f9a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  380.587035][T11325] RAX: ffffffffffffffda RBX: 00007fd4619e6090 RCX: 00007fd46176ce59
[  380.587053][T11325] RDX: 00002000000015c0 RSI: 00000000c0306201 RDI: 0000000000000003
[  380.587070][T11325] RBP: 00007fd45f9a5090 R08: 0000000000000000 R09: 0000000000000000
[  380.587085][T11325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  380.587100][T11325] R13: 00007fd4619e6128 R14: 00007fd4619e6090 R15: 00007ffde33f93e8
[  380.587136][T11325]  </TASK>
[  380.643982][T11325] ERROR: Out of memory at tomoyo_realpath_from_path.
[  380.866037][   T37] usb 4-1: USB disconnect, device number 44
[  380.885096][T11306] can0: slcan on ttynull.
[  381.639540][T11346] netlink: 'syz.3.2064': attribute type 4 has an invalid length.
[  382.546259][ T5779] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  382.625395][T11161] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  382.648007][T11307] can0 (unregistered): slcan off ttynull.
[  382.718977][ T5779] usb 4-1: Using ep0 maxpacket: 32
[  382.737394][T11161] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  382.744687][T11161] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  382.779335][ T5779] usb 4-1: unable to get BOS descriptor or descriptor too short
[  382.780269][ T5779] usb 4-1: unable to read config index 0 descriptor/start: -71
[  382.780313][ T5779] usb 4-1: can't read configurations, error -71
[  382.891907][T11161] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  382.904845][T11161] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  382.941734][T11161] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  382.970901][T11161] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  383.060224][T11161] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  383.289420][T11404] FAULT_INJECTION: forcing a failure.
[  383.289420][T11404] name failslab, interval 1, probability 0, space 0, times 0
[  383.289460][T11404] CPU: 1 UID: 0 PID: 11404 Comm: syz.2.2087 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  383.289496][T11404] Tainted: [L]=SOFTLOCKUP
[  383.289506][T11404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  383.289521][T11404] Call Trace:
[  383.289531][T11404]  <TASK>
[  383.289549][T11404]  dump_stack_lvl+0xe8/0x150
[  383.289580][T11404]  should_fail_ex+0x46b/0x600
[  383.289619][T11404]  should_failslab+0xa8/0x100
[  383.289652][T11404]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  383.289680][T11404]  ? __alloc_skb+0x1d0/0x7d0
[  383.289709][T11404]  ? lockdep_hardirqs_on+0x7a/0x110
[  383.289750][T11404]  __alloc_skb+0x1d0/0x7d0
[  383.289781][T11404]  ? __might_fault+0xaf/0x130
[  383.289813][T11404]  alloc_skb_with_frags+0xc8/0x760
[  383.289859][T11404]  sock_alloc_send_pskb+0x884/0x9a0
[  383.289901][T11404]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  383.289938][T11404]  ? iov_iter_advance+0x8b/0x1c0
[  383.289965][T11404]  tun_get_user+0x5df/0x4450
[  383.290014][T11404]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  383.290041][T11404]  ? reacquire_held_locks+0x80/0x190
[  383.290073][T11404]  ? rt_spin_lock+0x1e0/0x400
[  383.290104][T11404]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  383.290133][T11404]  ? __pfx_tun_get_user+0x10/0x10
[  383.290166][T11404]  ? rt_spin_unlock+0x14f/0x200
[  383.290198][T11404]  ? rt_spin_unlock+0x160/0x200
[  383.290229][T11404]  ? save_netdev_trace_buffer+0x4ba/0x5f0
[  383.290264][T11404]  ? ref_tracker_alloc+0x332/0x4a0
[  383.290298][T11404]  ? tun_get+0x157/0x2f0
[  383.290331][T11404]  ? vfs_write+0x629/0xba0
[  383.290360][T11404]  ? ksys_write+0x156/0x270
[  383.290393][T11404]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  383.290436][T11404]  ? tun_get+0x1c/0x2f0
[  383.290477][T11404]  ? tun_get+0x1c/0x2f0
[  383.290512][T11404]  ? tun_get+0x1c/0x2f0
[  383.290560][T11404]  tun_chr_write_iter+0x119/0x210
[  383.290599][T11404]  vfs_write+0x629/0xba0
[  383.290641][T11404]  ? __pfx_vfs_write+0x10/0x10
[  383.290685][T11404]  ? __fget_files+0x2a/0x420
[  383.290722][T11404]  ksys_write+0x156/0x270
[  383.290756][T11404]  ? __pfx_ksys_write+0x10/0x10
[  383.290797][T11404]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.290823][T11404]  do_syscall_64+0x174/0x580
[  383.290857][T11404]  ? trace_irq_disable+0x3b/0x140
[  383.290884][T11404]  ? clear_bhb_loop+0x40/0x90
[  383.290912][T11404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.290937][T11404] RIP: 0033:0x7fd46176ce59
[  383.290960][T11404] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  383.290979][T11404] RSP: 002b:00007fd45f9c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  383.291005][T11404] RAX: ffffffffffffffda RBX: 00007fd4619e5fa0 RCX: 00007fd46176ce59
[  383.291023][T11404] RDX: 000000000000fdef RSI: 00002000000002c0 RDI: 0000000000000003
[  383.291039][T11404] RBP: 00007fd45f9c6090 R08: 0000000000000000 R09: 0000000000000000
[  383.291054][T11404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  383.291069][T11404] R13: 00007fd4619e6038 R14: 00007fd4619e5fa0 R15: 00007ffde33f93e8
[  383.291106][T11404]  </TASK>
[  384.648431][T11161] 8021q: adding VLAN 0 to HW filter on device bond0
[  384.811457][   T37] usb 1-1: new full-speed USB device number 82 using dummy_hcd
[  384.899716][T11161] 8021q: adding VLAN 0 to HW filter on device team0
[  384.956940][   T37] usb 1-1: device descriptor read/64, error -71
[  384.985708][   T69] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.007224][   T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[  385.115575][ T5891] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.115751][ T5891] bridge0: port 2(bridge_slave_1) entered forwarding state
[  385.243950][   T37] usb 1-1: new full-speed USB device number 83 using dummy_hcd
[  385.397116][   T37] usb 1-1: device descriptor read/64, error -71
[  385.506975][   T37] usb usb1-port1: attempt power cycle
[  385.886556][   T37] usb 1-1: new full-speed USB device number 84 using dummy_hcd
[  385.912573][   T37] usb 1-1: device descriptor read/8, error -71
[  386.147698][   T37] usb 1-1: new full-speed USB device number 85 using dummy_hcd
[  386.172699][   T37] usb 1-1: device descriptor read/8, error -71
[  386.276881][   T37] usb usb1-port1: unable to enumerate USB device
[  386.499168][ T5779] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  386.679308][ T5779] usb 4-1: Using ep0 maxpacket: 16
[  386.698530][ T5779] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  386.698570][ T5779] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  386.698618][ T5779] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  386.698644][ T5779] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.755659][ T5779] usb 4-1: config 0 descriptor??
[  387.564622][ T5779] usbhid 4-1:0.0: can't add hid device: -71
[  387.564756][ T5779] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  387.586291][ T5779] usb 4-1: USB disconnect, device number 47
[  387.621610][T11161] 8021q: adding VLAN 0 to HW filter on device batadv0
[  387.940570][T11486] binder: 11485:11486 ioctl c018620c 200000000280 returned -22
[  388.031602][T11161] veth0_vlan: entered promiscuous mode
[  388.081401][T11161] veth1_vlan: entered promiscuous mode
[  388.187595][ T5779] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  388.214886][T11161] veth0_macvtap: entered promiscuous mode
[  388.265128][T11161] veth1_macvtap: entered promiscuous mode
[  388.396471][ T5779] usb 3-1: Using ep0 maxpacket: 8
[  388.413531][ T5779] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  388.413563][ T5779] usb 3-1: config 179 has no interface number 0
[  388.413630][ T5779] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  388.413665][ T5779] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  388.413698][ T5779] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  388.413728][ T5779] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  388.413759][ T5779] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  388.413808][ T5779] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  388.413835][ T5779] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.523413][T11486] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  388.547428][T11161] batman_adv: batadv0: Interface activated: batadv_slave_0
[  388.747352][T11161] batman_adv: batadv0: Interface activated: batadv_slave_1
[  388.951463][T11486] binder: 11485:11486 ioctl c018620c 200000000280 returned -22
[  389.004613][T11486] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  389.006274][T11486] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  389.228909][ T1534] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  389.232842][ T1534] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  389.232896][ T1534] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  389.232938][ T1534] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  389.368137][ T5715] usb 3-1: USB disconnect, device number 50
[  389.368140][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  389.368299][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  389.740931][ T5779] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input17
[  390.229896][   T10] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[  390.252822][T11503] 9p: Unknown access argument 18446744073709551615: -34
[  390.402327][   T10] usb 1-1: Using ep0 maxpacket: 16
[  390.416566][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[  390.418443][   T10] usb 1-1: config 208 has no interfaces?
[  390.487344][   T10] usb 1-1: New USB device found, idVendor=05ac, idProduct=12ab, bcdDevice=e4.ac
[  390.487377][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.487400][   T10] usb 1-1: Product: 招믚㱭⏕熐ᐂꜹ㍪躞澸厁諠뀄쑇㝪涥ᶎ넣舝⇣Ώ䕶ᇚ馀圈膠吠䌽駋䷈㵩듍烃廙뛈次뚔鯼钗肖鷣壷歐疦䳧㾨ःᱎ紻ᷚ瑜罢䵦㭁ꁨ箻⇵⢤縩沐蹕⃘ꑕ瑰㖀ᬵ簊惱
[  390.487431][   T10] usb 1-1: Manufacturer: 쎼록垖
[  390.487465][   T10] usb 1-1: SerialNumber: ꥩꋰ時瓢䡮飯叠헀䩌좬鎨뭯徐𩖞梨ꛗ憒㽖焙쪔⮰浖ࣽሻ⚟䍽驼鞞ᝫ᪄챉훣Ƿ⡤騪௦뙘谦帟꘎春馃⌻渀ᖗ렔藧燎ၾꑥ蒓댟茷鶾ሜ쁥땰哢⍯⟠칑碑꼰紮䈙ӡ櫏䳈坹Ḏ구ꔡ⎖쑶⋩ᬖꭋ♪ඬ駇辕❤﯉鈎Ⴘ
[  390.871120][  T103] block nbd2: Possible stuck request ffff888027e15080: control (read@0,1024B). Runtime 180 seconds
[  390.871174][  T103] block nbd2: Possible stuck request ffff888027e15240: control (read@1024,1024B). Runtime 180 seconds
[  390.871209][  T103] block nbd2: Possible stuck request ffff888027e15400: control (read@2048,1024B). Runtime 180 seconds
[  390.871241][  T103] block nbd2: Possible stuck request ffff888027e155c0: control (read@3072,1024B). Runtime 180 seconds
[  390.938530][ T3371] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  390.938554][ T3371] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  391.146149][T11510] binder: Bad value for 'max'
[  391.501862][  T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  391.501886][  T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  391.836599][ T5715] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  391.911134][   T10] apple-mfi-fastcharge 1-1: USB disconnect, device number 86
[  391.987056][ T5715] usb 4-1: Using ep0 maxpacket: 32
[  391.988031][ T5715] usb 4-1: too many configurations: 17, using maximum allowed: 8
[  391.995202][ T5715] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  391.995227][ T5715] usb 4-1: config 0 has no interface number 0
[  391.995270][ T5715] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  391.995294][ T5715] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.082019][T11522] FAULT_INJECTION: forcing a failure.
[  392.082019][T11522] name failslab, interval 1, probability 0, space 0, times 0
[  392.082061][T11522] CPU: 0 UID: 0 PID: 11522 Comm: syz.2.2117 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  392.082092][T11522] Tainted: [L]=SOFTLOCKUP
[  392.082101][T11522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  392.082116][T11522] Call Trace:
[  392.082125][T11522]  <TASK>
[  392.082135][T11522]  dump_stack_lvl+0xe8/0x150
[  392.082170][T11522]  should_fail_ex+0x46b/0x600
[  392.082208][T11522]  should_failslab+0xa8/0x100
[  392.082242][T11522]  kmem_cache_alloc_noprof+0x87/0x680
[  392.082270][T11522]  ? alloc_empty_file+0x5b/0x1d0
[  392.082301][T11522]  alloc_empty_file+0x5b/0x1d0
[  392.082328][T11522]  path_openat+0x11b/0x3960
[  392.082361][T11522]  ? unwind_next_frame+0xa6/0x2550
[  392.082399][T11522]  ? unwind_next_frame+0xa6/0x2550
[  392.082434][T11522]  ? is_bpf_text_address+0x26/0x2b0
[  392.082481][T11522]  ? __pfx_path_openat+0x10/0x10
[  392.082513][T11522]  ? is_bpf_text_address+0x292/0x2b0
[  392.082542][T11522]  ? is_bpf_text_address+0x26/0x2b0
[  392.082576][T11522]  ? kernel_text_address+0xa5/0xe0
[  392.082607][T11522]  ? __kernel_text_address+0xd/0x30
[  392.082634][T11522]  ? unwind_get_return_address+0x4d/0x90
[  392.082666][T11522]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  392.082692][T11522]  ? arch_stack_walk+0xfb/0x150
[  392.082737][T11522]  do_file_open+0x23e/0x4a0
[  392.082768][T11522]  ? __pfx_stack_trace_save+0x10/0x10
[  392.082797][T11522]  ? __pfx_do_file_open+0x10/0x10
[  392.082869][T11522]  ? do_open_execat+0xad/0x590
[  392.082904][T11522]  do_open_execat+0x12b/0x590
[  392.082936][T11522]  ? __pfx_do_open_execat+0x10/0x10
[  392.082980][T11522]  alloc_bprm+0x28/0x650
[  392.083017][T11522]  do_execveat_common+0x175/0x690
[  392.083056][T11522]  ? do_getname+0x151/0x250
[  392.083083][T11522]  __x64_sys_execveat+0xc7/0xf0
[  392.083116][T11522]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.083142][T11522]  do_syscall_64+0x174/0x580
[  392.083178][T11522]  ? trace_irq_disable+0x3b/0x140
[  392.083204][T11522]  ? clear_bhb_loop+0x40/0x90
[  392.083233][T11522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.083257][T11522] RIP: 0033:0x7fd46176ce59
[  392.083277][T11522] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  392.083297][T11522] RSP: 002b:00007fd45f9c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  392.083322][T11522] RAX: ffffffffffffffda RBX: 00007fd4619e5fa0 RCX: 00007fd46176ce59
[  392.083346][T11522] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  392.083361][T11522] RBP: 00007fd45f9c6090 R08: 0000000000001000 R09: 0000000000000000
[  392.083376][T11522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.083391][T11522] R13: 00007fd4619e6038 R14: 00007fd4619e5fa0 R15: 00007ffde33f93e8
[  392.083427][T11522]  </TASK>
[  392.145963][ T5715] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  392.146057][ T5715] usb 4-1: config 0 has no interface number 0
[  392.146209][ T5715] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.146292][ T5715] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.206528][ T5715] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  392.206610][ T5715] usb 4-1: config 0 has no interface number 0
[  392.206759][ T5715] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.206827][ T5715] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.231400][ T5715] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  392.231484][ T5715] usb 4-1: config 0 has no interface number 0
[  392.231621][ T5715] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.231695][ T5715] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.253631][ T5715] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  392.253716][ T5715] usb 4-1: config 0 has no interface number 0
[  392.253849][ T5715] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.253921][ T5715] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.509840][ T5715] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  392.509879][ T5715] usb 4-1: config 0 has no interface number 0
[  392.510013][ T5715] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.510078][ T5715] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.530147][ T5715] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  392.530238][ T5715] usb 4-1: config 0 has no interface number 0
[  392.530402][ T5715] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.530484][ T5715] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.545866][ T5715] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  392.545953][ T5715] usb 4-1: config 0 has no interface number 0
[  392.546135][ T5715] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.546202][ T5715] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.592427][ T5715] usb 4-1: New USB device found, idVendor=108c, idProduct=0168, bcdDevice=84.b2
[  392.592503][ T5715] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.592587][ T5715] usb 4-1: Product: syz
[  392.592638][ T5715] usb 4-1: Manufacturer: syz
[  392.592681][ T5715] usb 4-1: SerialNumber: syz
[  392.752049][ T5715] usb 4-1: config 0 descriptor??
[  392.874654][ T5715] etas_es58x 4-1:0.2: Starting syz syz (Serial Number syz)
[  392.896853][T11524] openvswitch: netlink: Message has 4 unknown bytes.
[  392.896891][T11524] openvswitch: netlink: Actions may not be safe on all matching packets
[  392.997603][ T5715] etas_es58x 4-1:0.2: could not retrieve the product info string
[  393.359060][T11531] binder: BINDER_SET_CONTEXT_MGR already set
[  393.359077][T11531] binder: 11530:11531 ioctl 4018620d 200000004a80 returned -16
[  393.422154][T11537] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2123'.
[  393.456896][ T5715] usb 4-1: USB disconnect, device number 48
[  393.491726][ T5715] etas_es58x 4-1:0.2: Disconnecting syz syz
[  393.646494][ T5792] usb 1-1: new full-speed USB device number 87 using dummy_hcd
[  393.800566][ T5792] usb 1-1: config 0 has an invalid interface number: 11 but max is 0
[  393.800598][ T5792] usb 1-1: config 0 has no interface number 0
[  393.800646][ T5792] usb 1-1: config 0 interface 11 altsetting 253 endpoint 0x7 has invalid maxpacket 5120, setting to 64
[  393.800678][ T5792] usb 1-1: config 0 interface 11 altsetting 253 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  393.800710][ T5792] usb 1-1: config 0 interface 11 has no altsetting 0
[  393.800747][ T5792] usb 1-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  393.800772][ T5792] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  393.972930][ T5792] usb 1-1: config 0 descriptor??
[  394.007318][ T5792] keyspan 1-1:0.11: Keyspan 2 port adapter converter detected
[  394.071780][   T37] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  394.090751][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 81
[  394.090853][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 82
[  394.090962][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 1
[  394.091064][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 2
[  394.091154][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 85
[  394.091258][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 5
[  394.153620][ T5792] usb 1-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  394.173024][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 83
[  394.173099][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 84
[  394.173167][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 3
[  394.173233][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 4
[  394.173302][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 86
[  394.173372][ T5792] keyspan 1-1:0.11: found no endpoint descriptor for endpoint 6
[  394.282610][   T37] usb 2-1: config 1 interface 0 has no altsetting 0
[  394.309730][ T5792] usb 1-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  394.324764][   T37] usb 2-1: New USB device found, idVendor=056a, idProduct=0044, bcdDevice= 0.40
[  394.324800][   T37] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.324825][   T37] usb 2-1: Product: syz
[  394.324842][   T37] usb 2-1: SerialNumber: syz
[  394.479023][    T9] usb 1-1: USB disconnect, device number 87
[  394.695685][    T9] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  394.698290][   T37] usbhid 2-1:1.0: can't add hid device: -71
[  394.698395][   T37] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  394.733230][   T37] usb 2-1: USB disconnect, device number 49
[  395.044692][    T9] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  395.083556][    T9] keyspan 1-1:0.11: device disconnected
[  395.391563][    T9] ==================================================================
[  395.391582][    T9] BUG: KASAN: vmalloc-out-of-bounds in __list_add_valid_or_report+0x4e/0x130
[  395.391638][    T9] Read of size 8 at addr ffffc90004959008 by task kworker/0:0/9
[  395.391657][    T9] 
[  395.391673][    T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  395.391705][    T9] Tainted: [L]=SOFTLOCKUP
[  395.391715][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  395.391732][    T9] Workqueue: usb_hub_wq hub_event
[  395.391757][    T9] Call Trace:
[  395.391766][    T9]  <TASK>
[  395.391776][    T9]  dump_stack_lvl+0xe8/0x150
[  395.391805][    T9]  print_address_description+0x55/0x1e0
[  395.391835][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  395.391870][    T9]  print_report+0x58/0x70
[  395.391898][    T9]  kasan_report+0x117/0x150
[  395.391929][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  395.391969][    T9]  __list_add_valid_or_report+0x4e/0x130
[  395.392008][    T9]  kcov_remote_stop+0x457/0x680
[  395.392035][    T9]  hub_event+0x49d8/0x4f60
[  395.392082][    T9]  ? __pfx_hub_event+0x10/0x10
[  395.392105][    T9]  ? process_one_work+0x8be/0x1630
[  395.392143][    T9]  ? process_one_work+0x8be/0x1630
[  395.392175][    T9]  process_one_work+0x98b/0x1630
[  395.392219][    T9]  ? __pfx_process_one_work+0x10/0x10
[  395.392249][    T9]  ? do_raw_spin_lock+0x12b/0x2f0
[  395.392280][    T9]  worker_thread+0xb49/0x1140
[  395.392327][    T9]  kthread+0x388/0x470
[  395.392351][    T9]  ? __pfx_worker_thread+0x10/0x10
[  395.392385][    T9]  ? __pfx_kthread+0x10/0x10
[  395.392410][    T9]  ret_from_fork+0x514/0xb70
[  395.392438][    T9]  ? __pfx_ret_from_fork+0x10/0x10
[  395.392464][    T9]  ? __switch_to+0xc79/0x1410
[  395.392486][    T9]  ? __pfx_kthread+0x10/0x10
[  395.392513][    T9]  ret_from_fork_asm+0x1a/0x30
[  395.392551][    T9]  </TASK>
[  395.392560][    T9] 
[  395.392567][    T9] The buggy address belongs to a vmalloc virtual mapping
[  395.392586][    T9] Memory state around the buggy address:
[  395.392599][    T9]  ffffc90004958f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  395.392623][    T9]  ffffc90004958f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  395.392639][    T9] >ffffc90004959000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  395.392653][    T9]                       ^
[  395.392665][    T9]  ffffc90004959080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  395.392682][    T9]  ffffc90004959100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  395.392695][    T9] ==================================================================
[  395.392718][    T9] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  395.392739][    T9] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  395.392770][    T9] Tainted: [L]=SOFTLOCKUP
[  395.392779][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  395.392795][    T9] Workqueue: usb_hub_wq hub_event
[  395.392817][    T9] Call Trace:
[  395.392831][    T9]  <TASK>
[  395.392840][    T9]  vpanic+0x56c/0xa60
[  395.392875][    T9]  ? __pfx_vpanic+0x10/0x10
[  395.392913][    T9]  panic+0xc5/0xd0
[  395.392944][    T9]  ? __pfx_panic+0x10/0x10
[  395.392978][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  395.393013][    T9]  ? rcu_is_watching+0x15/0xb0
[  395.393066][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  395.393101][    T9]  check_panic_on_warn+0x89/0xb0
[  395.393129][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  395.393164][    T9]  end_report+0x73/0x170
[  395.393192][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  395.393228][    T9]  kasan_report+0x128/0x150
[  395.393259][    T9]  ? __list_add_valid_or_report+0x4e/0x130
[  395.393300][    T9]  __list_add_valid_or_report+0x4e/0x130
[  395.393338][    T9]  kcov_remote_stop+0x457/0x680
[  395.393365][    T9]  hub_event+0x49d8/0x4f60
[  395.393415][    T9]  ? __pfx_hub_event+0x10/0x10
[  395.393437][    T9]  ? process_one_work+0x8be/0x1630
[  395.393474][    T9]  ? process_one_work+0x8be/0x1630
[  395.393505][    T9]  process_one_work+0x98b/0x1630
[  395.393550][    T9]  ? __pfx_process_one_work+0x10/0x10
[  395.393581][    T9]  ? do_raw_spin_lock+0x12b/0x2f0
[  395.393618][    T9]  worker_thread+0xb49/0x1140
[  395.393667][    T9]  kthread+0x388/0x470
[  395.393692][    T9]  ? __pfx_worker_thread+0x10/0x10
[  395.393725][    T9]  ? __pfx_kthread+0x10/0x10
[  395.393750][    T9]  ret_from_fork+0x514/0xb70
[  395.393778][    T9]  ? __pfx_ret_from_fork+0x10/0x10
[  395.393805][    T9]  ? __switch_to+0xc79/0x1410
[  395.393828][    T9]  ? __pfx_kthread+0x10/0x10
[  395.393853][    T9]  ret_from_fork_asm+0x1a/0x30
[  395.393893][    T9]  </TASK>
[  395.394495][    T9] Kernel Offset: disabled