last executing test programs:

6.153289978s ago: executing program 1 (id=1039):
r0 = socket(0x1e, 0x4, 0x0)
keyctl$instantiate_iov(0x14, 0x0, 0x0, 0x0, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r1 = socket(0x28, 0xa, 0x200)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000040)={'ip_vti0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x7, 0x8, 0x0, 0xfffffff8, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0xe, 0x4, 0x0, @empty, @empty}}}})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937e, &(0x7f00000019c0)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x8cff}}, './file1\x00'})
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f00000000c0)="ee", 0x1}, {&(0x7f00000007c0)="51b61dc764d46db2ea55b572bd35f80c9d0691ae283e982da299d74e777106ceb04ebbe440acb097e3e88f8e2bf830911e86feef8aee9912f24f02007709d0f129632d3e2a3b9f4437d8cd5236f7faf4ad17fca683e4e509362b4d6a025a878cd493cadd4211a2ccf4ff19815e53d321412cfab8fd57c437a513072cb5a22097e4b2ecd16f6043a9c02cd6e580bd749db8a120a678cd6aa35f6419e9070d7c32ff5f2f2f5beeb46194d3be6335f1ea7b0664eec726c0964b49d5141fd2b1ddd0b921b8b6ac5a786989700f81aba23a1481415a566e2a55c4997694e1e3ab9c5be87ac7dfe8f9a6444eb2093b5ceec03e8ac744389d3dd922a2f1bd61de8759ca1e508bb311ab6e0877530d7d18ae7851caf24a77c8263dd7e09e23fbb7c3f3a9544f4ff30d85b542f26759f5db33a7c244bc6f84c6ab3d154ebabdc3f21cb9ed307fe0184da3d217624de71db3b1e6f078191ecc22091fe0ca94788b36601ee4b84ac3b8b687c9fe46488eb28c632d563b80b6f5c681905e8b99d648bea2d86438eb9a61d054dc698cfa286d4900d3718ea3372b1253d8186df05abf9d7022328d10d7723739c2b538acfa968d59dc8b696f5f819b613aa6063141fcefaf4803634be00c06b35943b2c96dea82293eb900a3d370abafde56884843b29d190ce52b4371a5b0ec1e858e0af6daf7ef7ea2745f2534bb9edc3a520f0757ca5ce0c980af7b371eb5f408e72242f0b109695f761bd9577e26308c23a2243832f3766002f0c8fbbaaf78115496c74bf9eef945b4f3ae2282abddd455d53010cb7dcc99f4865c897f79b5b902c3a849ef7e729358ed304b042faf07e1b24fc3fdbd2b37a796e183a090bc0a36800735c02f6cbbea4af8ecf74fb56b971e9705239331dda4f764f6a2761974471b280241ef33f6ea37da25506967ceb98ffa9f7619f2fdd4bce26167b2970ff13a4291b79865cf498ab65a561c43f9e08517fdf114e5b11f334da2933d2e2ea620b29f4fc2d18a2f5e03dd64caebff57b9f5228da2c0236bec7542d1ef589f835f2ec46f12b7c5864be9ea721a8f7deaa7f3fee874227e01a38f80237000700d11733d49b4d7e62e6e76a1f7b5003edefb4115a28eda23802ed186b1f68fb9fd3324d0da6c07f7a25c46372610731188e977abf7954ae2bf7cd3961c28ef2c865e108dff8cbc576039bffac7599c58abc02487d0494890e3e4a041f77237275bef2f6871760ff529f20daaa9de679ca9597bbff9b4d8c10b3a3e0572ac91a7d2f1137239ca557599147c2ba1e08c672e04de1a1efadd6476cb5028c82381c91ca1acae515c0a6b17f389046b879362a469c578f1d57c1e1a0d426de21f1a89426e37a4611e6a2131d5291323239cb9c87c68704227270975cac0d432403477f97f263f2361134fc7a2188896a907c58fdd1fcc35914445d55dbe212335cfc729e43e8057c5ff8ced61252ae15d1606a14f0d62ec92b73b320e7b7c5550f8b2074ce6c43ee147dac7549f7d35904d180240e5c2e9e751333a1301f6234495021b7fc46f9a7538be42e4b18e35f863423b8eb6dae9df553c06dc70deafbb62837aeeb0d5903aa8bfabbd3b1e6727ff5bc97f27615be8d711e5f2edc85922f0bc3270a575adf2f98db5b95dc0b14f80e67c0302dff006644afcf69efba4579a8e2bd74dce98908d3551a7175457782b637b6b64aa6c7c94b201f8772a942791c9e2ac9f86a75e91676812f93abd988bb2a7d9745a3792fb0f1896cbcb893c98e3d4f07faa60761e12414ff0113e990fee06f41f9d59165ee80ca904803a2eb9f800d16ed6649a618dcf8cb8143d662eaf4d41e22f953d761ec03a03b8680f8cbd2653ee5c25bd1ce79a36ecdf474150506cfc6e7466ff05b3c63d97706c8e2fd078300555d4a0acd87e24fd7411b2c17faa0f7dace3bcf33a62d165d4ff35687153afcbff8fc1c683ab7d7e6793b0f9407fbc0353646a5e29ee7d43ed15f7e1fc8fee5002cd62e0796e2c2913d9cd3378a6a91b9c0bf7d5b909884f79e8a07b07458d90016bac5dc484bbf1655440af454f4f5f1e18e1207119f1e80ec78f9f8652abd3d6207b71bda40fa22008fcc33b225e6b983a801f9ca2a6186be64e405ea3bb4cae258d08952394c16dac15a4c6e8b20b9da53dda95dd9178b834bf632b8fb3a270fa638175db95ad7007cd915e62c54a60ace0b97c9a12fa9a3358ef711e84e5444e005ea8f3e94d27dc04c9543a8fc430844dc791b25a0a1e207cb849cf933c92d57a4fcc56dfc52d1a7454beae97fc3ae719e582353c4521a9e07aeb64e890d572e248e19b87fc4732163c09c06111b79247fdf89226f9d4b88b62008c65804235ac45267e8dfa787e6210e43d74b03ae91f951b8d70234c576ecf4ff86a18b61243b6189ebb1785714ce2b695fb677ae1c1e964a1f499a020b6c42a340024ef59c1a0cc2e54105036c6eb6906790c2fbef78d57b091d7fc43f8b9f5abc8d3198b330dd556ff67c9bb6734bc61a59b3cb489d8048bc19066c446a4cf9e3581a42d33722c3cf5e6cf315f22de97f35d0fec8e16836e52c042979996730a024bf2be3d47218e944cb733be0a974a93df1dd6490f773ebfb5d76374e89d45b93925a6a35f08e1a26b48b82f6abf3def3095a833625b755a5f005cd36d54901d6e61d548a7b50eee518387d890c82d47182512e801081c9f406457bfd3635daebd3775ae2e972e7e06401508dbcefdfbdae7413a5f0c6315fd6706ad33881442c984db96f7143f8be434ff19ee7a5f7617fb73067d18ea038f16bbdabd366561fbf63ba84495e11f5b2c501af743e63753895ab8ea8f497142254818c37a57567cda929e71fb84d9a5b0ca77715f9fc765de1061ec175da678506a366f7949f2a606e9124e5cc07c26e4a7748bf31efd5499864ea48b1e2503ad5fd0e675896aca7e8a5e4cba921173c83e5bd5b9d2759a8672dedae9c8a7003205731cad53974204abdfdf320c002c61ed083bd0505156df6281383d99595b9f071b5bf973e05f2bf829a93df123ca67cded32cf1ada7d1a418ec542c7088985db774aaf4c138b66257191f4f26ac61c6820130df322df42843c40e1f1399d26bcce51ab62398daf619006b5eb294317db5b6ce120117cb19ec1182c5185ac8e157a055362ef4b8adebce7199fe64ac22df7e37d9777198d3d38a1d6bbdaf313b8b31b84a9677a8835a0de691c44eac08758fc00ee079165f928b9fe6ba725fc1f9ac66acab87e7722c6798ad2752bea9c4ded0475b16c88c7d376f0505a1d479b6b9ec0f343edad5a271ad2e02f753a744a3aecef969a887618b6fc4b690db6c1f7518181a58e26b97fb330e92f71bb9a3a307e52eed4f68e83e36af49c66f1a791d7da06d1f68312d5ae743280298cff2afaf2edd0ef4cb90eac1790b165620164613cd166cc3c5888b053d613c0bc43e50f95432b3062af35e8cfb4a7412a9051bd59c72d4786e5e44421835d815656278d8f9b92ce36e3c3ec7c104b299feb48affdfe8e7251fa4576261aa2093467a642329b7a155d72dfc504b8e04aa181015b412c55ae8e3c6cd0d054c21b081c94821980834ebbc395ac417e19abf16ebae11143b88c6cfbf03df98950dc25160e1425e0e2b4f27ea0df638d628ce7c45983536670a7a7300c68570fac866e6293ae85f747cc486545b664442354bd5237c491436b702c27e7143ad6f01ad82d3357f049e6849f87a69611d76280dbf209b47a70f9f5bd09dcdfa4e71b810d653385f6d75a6a7cd2b661cd99362d885de6a0845db74f7aab06c93f28037aa4bed61d33b26cec3f1a337278fbd746c52f6093622c8530db418f67f5d0e1092f32cc220daa1d0caa081d21de7bdffd8971b120006ffabdc75f8c01de9fdbb2f78d1d18c9d87ca9b4e0bf873d2fa327e4acb1558e4626e03bcf03d4b76e7ffcb3c1950e4e640b9733ca7c4ec109f2e9d8d76e40e4530e33af4cc94a976bc131864cda9c0123c0692a2d131d8e7f35dff19f1c6176152b6c92ae66b97f49d824b9dea8d61bcb7ffee5e0d2e2243203c03f217d1758ed72d002e844aed2a82ee3dc164f38b399d4d16a54e1e680e2fbed3a72f49d22a9c75ea76600306887024c1c28e00e292bdc82bc917fcd30fe05621c7903f37839c508c5a3ec8942fc0f71a2d297d28f1af740c592610214a936ba3b9b0f579fd94192a6bece645ba86c93e00060dfe651007cbe5f25fa5c9136d2b0c009a628dea0a11e80b692545ea46bfcb46ca30dd15e4777d60ca3918f053db45bee5ae92fa5b8023d90125e50ef606bcabb4698ba77899070b7d3885fb0a98d047feed67bac927d170f9ed11f8b483fff64fddb762144177339455be294611dcefbd79b9096126370a33a3831886a4697e14ffdf12a89df72736a725f937aa6ba39ea03707a0d3a52b1a237e64e0cdcd3a49698db3b2d939794852cec531f5196f7607c6c2641cc5b91da6fd0be210448861a7d045db9dc474564becb13e91176ac33749ad384b3c9f9d7dcdc8574c5b02889ebbf060e6e0a5950cd6550cdc4da972916fb8b2467ada79cd905c30ee86ff300a1855ee01a4c55e03bbd284885eab4da4fdf46be859b3ec9e177124437e445ff7e83491c73d4e1832c8b8c2dc8e255f000c520d9f27d9f4bcc940aa9fb8a79220c561ce4d336af080e3696b590cc5e1e721eeb52cb1fd8aca36a68dfdb59268c98f387569a9a38ee1ab01c14baf01f656dd634e9a4a37417e536958cef3ae7c5af183a4af223f8e06adc596d16f8ec709524d26558e3462ad9f15b473b3bc9884f0f08add8b7a072ab2acf26e34a1488eaa60feb7a5ce22cf1ee1eda6b2c33f8833cd6516fe078205aa5afafc020aafd2fa971ef684200c4ad97efcdc8ba4dc7fef499b86585ac1e0ae09cc49642c880765d8f09f6b2b82cf9fb482ce313124bc2ebccf6794893277ed4f3fe80dc0d15a968e405461b7dbe673e0a457165f8de052c62034f05686fc8e7da2fbd3ad7be39438b0ec0605d237f3cfc2e0060b5e40bf705e66c5480b4f4024f45450be218fb4de9c2a2a29a0bb17bc977b6f0ab4470739aaab2f119343eda3c19a0e5ff4f6b3995a5d6502d8d4dbf1c18c926942d36cc1dacbfb04705a7eb7349e8de94d1f454d03c87823656315a3cc538d23e852b0cad63d610b7cf8a899ae84bbb2a9f03fba185c4e855729136720f254847efff0bea265eb4a23d0f85503ba96704ce89194e3ac1121ab152e20ff647a16fa7ef5a325062dbad73234111968802a550387801d30b1627e40458ec78983ad9605cb18b23a08b38e5194d1b9ac3da738eb7e82c98510b2303f73cf6f84607f78b1a0622c14c8c7f3c897b281cbb1d996d79d9b015cc49dd454c4d5b9fdfe6c3c37e4051fa181ab12a88d009c1089889cce0971c6c9413f059bab81037b5380b839e592e030ef883d6c9dac34f616acafb24b6312045f1bafbac501f73fde6e47dd2b5560879b8d45a18d9ece5fb1e1694f257a510295ffc149ab1946fd46100a1271038a473378b448cc70fcc9196f1b1a4165f7982aebd5b39f26976427248c3938a523c20fdd67023ae4b2c0045adb4c534f58ecad3cb8873a5123f75902cb3e6c363405db9f3858dab5026ee341105cbc1c08b34a80686657e884dd2528bf45f4026da8aab89d30ed47fd0c3acc2c3066b9d067f82b829d4372787c6f7d3f7ca8e3a9b79c92b7da9a7ecb618f10526348cf68a044d502cd37949f1d708e598611291169a7867e725", 0x1000}], 0x2}}], 0x1, 0x9200000000000000)
recvmmsg$unix(r0, &(0x7f0000006200), 0x0, 0x0, 0x0)
r4 = socket(0x1e, 0x1, 0x0)
sendmsg$NFNL_MSG_CTHELPER_DEL(0xffffffffffffffff, 0x0, 0x20004854)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000200), 0x10080, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000400)={0xc})
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r5, 0x3b87, &(0x7f0000000080)={0x18, 0x1, 0x0, 0x0, 0x0, 0x1})
socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x31, &(0x7f0000000000)=0xd37, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x5, 0x27, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="04050400c900", @ANYRES16=r6, @ANYBLOB="b8d01ff5890c3c42c95fd8169fe54dc5953e406c8f7201d2b316dffaf617b37f4e4f0503be040da0151f592721a28e7f12e0d2d23589a52ef3861ffa182e55c852790c31504c40ca691870b42365edd460b341876cc53a4002bb688de5e191fa3e8924199f96cfe662aa7b2e9432eaccb57af2479d3172b17a513dc427ebc36a6101dd9c2eda279e0e165a6188efaca24686715d281cc8b2af16a3177c71465a43ca39acb0b321d71ad4799779e9c1d9be84607920f79b47558a2de011e36c983af91d60d891abea908cf81ac3", @ANYRES64=r5, @ANYBLOB="3f5c589c513414d3e6d567"], 0x7)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
accept4(r4, &(0x7f0000000240)=@nfc, &(0x7f00000002c0)=0x80, 0x0)

5.467977511s ago: executing program 1 (id=1060):
socket$nl_sock_diag(0x10, 0x3, 0x4)
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
socket$netlink(0x10, 0x3, 0x400000000000004)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000280)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000180)=0x800, 0x4)
writev(r0, &(0x7f0000000100), 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
ioctl$BTRFS_IOC_SET_FEATURES(r2, 0x40309439, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f00000001c0))
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0xc0686611, &(0x7f0000000180)={0x1fe, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = fsopen(&(0x7f0000000240)='nilfs2\x00', 0x1)
mmap$qrtrtun(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000000, 0x11, r4, 0x8bd)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f00000002c0)='{owrce\xedI]\xbbJ\"\xd3\xecR*\x95\xcf\xb9k\xb0\x15\x1a\xac\xc4\xf2\xf7\xe6\x97#\x92\xc9\xfdh\xf2%4\x9b\xd2\xbe\xf2d\x04~\xf4s&\x99\x91Nt\x81\xc6\x821\xa1P\xb0k\xef\xbbo\x98m\xaa\x8d\xae3\x11\xdf\xec\xa1v\x87s\xfa}\x8dxW\x8a\xf6:L\x86\x04;V\x96\'HJ\xd6\xbe\x18/vm\xfa\xdd\x1c\'\x1d{(v\x8c~I\x8e\xc6\xe1\x81H\xb6\x9d\xb6\x7f\x92\x9e\x9e\x1d\xe4\x88fy\x84\n\xa5Y\xda\xab\x82\x9d\xba\xcc\xf2\xd1| \xe8\f\xc8\x12>\x16\xf9\xf3\xeed?\xa2\xa5\b\xb7@\xbc\bhh\xd4\'r\"\xef\x0f\n\xdbw\x88.\xb7\x1fB\x90|\xd5\xf6\a\xdep1\'D\xcf{-\xde\x1dj@\xd86\x10}\aV\xd4DX1\xd4a#\\\xfa\xcb\xd0\xd2TE<M\xea\xfbi\'\x1d-\n\x1a\'\xdf)T&\x0f\x19\x83vP\x18yA\xfb\xb8u\xc9t\xa3\xf2pD\x84\xf8G7\x00\x00\x00', &(0x7f0000000580)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x93\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xb8\xa8\xbf\xe8\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000700)='source', &(0x7f00000004c0)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael,\xc4\x00\x00\x00\x00\x00\x00\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x00\x00\x00\x00\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\xf9\xff\x1b\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&\xc1&A0\xa7\xef\x9cL\x8e1K', 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r8, 0x4048aecb, &(0x7f0000000480)={0x7, 0x0, [{0x80000008, 0xffffffff, 0x1, 0xffffff89, 0x1, 0x6, 0x2}, {0x0, 0x5, 0x5, 0x7fff, 0x27, 0x7, 0x5}, {0xc0000001, 0x8, 0x0, 0x3ff, 0x7ffffdff, 0x16898d14, 0xffff}, {0x6, 0xe5f, 0x4, 0x7, 0xdf1, 0x6, 0x80000001}, {0x80000000, 0x2bb, 0x1, 0x9, 0x3, 0x7ff, 0x480}, {0x80000000, 0x100, 0x4, 0x6, 0x3, 0x2, 0x3}, {0x80000001, 0x2, 0x3, 0xfffffff7, 0xfffffff9, 0xff, 0x6}]})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in={{0x2, 0x4, @multicast1}}, 0x0, 0x0, 0x0, 0x0, 0x32, 0x1, 0x4}, 0x9c)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket(0x2, 0x3, 0x6)

5.05276701s ago: executing program 0 (id=1066):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500"], 0x310)
clock_settime(0x17, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000480)={0x6, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {{0x2, 0x4e21, @loopback}}}, 0x108)
r1 = syz_ublk_setup_io_uring(0x63c, &(0x7f0000000340)={0x0, 0x0, 0x80, 0x2, 0x3c8}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r2, r3, r4, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL={0xe, 0x10, 0x0, 0x0, 0x0, 0x11a2a, 0x0, 0x0, 0x1})
syz_io_uring_submit(r2, r3, r4, &(0x7f0000000980)=@IORING_OP_ACCEPT={0xd, 0x12, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800, 0x1})
syz_ublk_add_dev(r1, r2, r3, r4, &(0x7f00000003c0)={0x2e, 0x5, 0x0, <r5=>0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000200)=@any_dev={0x4, 0xd74, 0x0, 0x0, 0x1000, 0x68ba, 0x0, 0x0, 0x10}}}, &(0x7f0000000440))
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)="2e00000011008188040f80ec59acbc0413a181004000000004000000000000000e000a000d00000002800200121f", 0x2e}], 0x1}, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000a00)={0x0, "092f18b593dd53c9daec2d332f27f951"})
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xf}, "a8914cb5df1718344cbddffb5a8288"}, 0x13)
ioctl$BTRFS_IOC_BALANCE_V2(r5, 0xc4009420, &(0x7f0000001a00)={0x10, 0x0, {0x2, @struct={0x9, 0x2}, 0x0, 0x7, 0x9, 0x6, 0x4, 0xc, 0x3b, @usage=0x6bf, 0x8, 0x7, [0x3, 0xfffffffffffffffe, 0x6, 0xd59, 0xfffffffffffffffa, 0x3]}, {0x38, @usage=0x4, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffffff, 0x8, 0x40, @struct={0x8, 0x7ff}, 0x4, 0x80000001, [0x8, 0x5, 0x6, 0x4, 0x8, 0x1]}, {0x3, @usage, 0x0, 0x800, 0xd, 0x3, 0x2, 0x0, 0x4, @struct={0x7}, 0x400, 0x3, [0x1, 0x6, 0x1b4, 0x2, 0xdfb, 0x3]}, {0x4, 0x6, 0x8}})

4.904522724s ago: executing program 1 (id=1069):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000840)={0x34, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000000)=ANY=[], 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000100)={0x14, &(0x7f0000000000)={0x40, 0x30, 0x99, {0x99, 0x22, "e6f1a4c6496db6debf5dff616ed7a38b50620c0849d4181fb620ecc2dcd2b4e50b049a396929ade02ce02a9743f987d71744ee5d17d4824932d43af3e3c63438b948c18e464e8ad12fa8748f9f1c6b9ecb3ff349cc5720053ba187b2c8d9ffcf5b048de555a2d648908103ac37e61e68a286bfa5e81d829c3514135e441c1df643c4825df77ae13decb97585c54868780cbbb0476e73bf"}}, &(0x7f00000000c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000300)={0x1c, &(0x7f0000000140)={0x0, 0x8, 0xf7, "d601f555024d8d33a3b85ccaa8cd303eb6939abfdaa03f487a3428a74563c0159ef447d6da3185db88823a1066bb0547c00bcd3349eabff1d0a5e7aad6ccc5d589d435be5a9b98615e38b91fb8acb7509f58889e671b63b1ad0c4c9081700b9e89a177eb9a295f978c70d946e9d56ea5b17589b19dc082066a6bce563ee5d8c545d68388b3648f780171994de93a9fc1012c9f3b509bae30a47bb1b6fe3f4a50ecd50982caebdfd430c42963508486d3ef3e3f6b36c9fb7b5eaf2719461161bd8baa0422219207a382e2f5bc02161331cabebca064719a2a6d6a3bf967f23ea6b8f54ce3453979359f77fce9d3a7d8c1e17ada35590692"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x1}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0xf0}})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

4.366435137s ago: executing program 0 (id=1083):
r0 = socket$kcm(0x10, 0x2, 0x0)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0xe, 0x13e, 0x89, 0xffffffff, 0x2})
r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000180)={'filter\x00', 0x4}, 0x68)
r2 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0)
setrlimit(0x40000000000008, &(0x7f0000000000))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002380)={0x2, &(0x7f0000002340)=[{0x5, 0x4, 0xf8}, {0x6, 0xf, 0x7, 0x9}]})
setresuid(0x0, 0xee01, 0x0)
syz_ublk_setup_io_uring(0x20, &(0x7f0000000340)={0x0, 0x0, 0x100, 0x2, 0x1e5}, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000140))
ioctl$SG_IO(r2, 0x2285, &(0x7f0000002700)={0x53, 0xffffffffffffffff, 0x6, 0xcd, @scatter={0x0, 0x0, 0x0}, &(0x7f0000002500)="b6b77bbf8d61", 0x0, 0xffff, 0x0, 0x3, 0x0})
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="1800000015006b05c84e21000af32c6e022975f802000000", 0x18}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
socket$kcm(0x10, 0x2, 0x0) (async)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0xe, 0x13e, 0x89, 0xffffffff, 0x2}) (async)
pidfd_getfd(0xffffffffffffffff, r0, 0x0) (async)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000180)={'filter\x00', 0x4}, 0x68) (async)
syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0) (async)
setrlimit(0x40000000000008, &(0x7f0000000000)) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002380)={0x2, &(0x7f0000002340)=[{0x5, 0x4, 0xf8}, {0x6, 0xf, 0x7, 0x9}]}) (async)
setresuid(0x0, 0xee01, 0x0) (async)
syz_ublk_setup_io_uring(0x20, &(0x7f0000000340)={0x0, 0x0, 0x100, 0x2, 0x1e5}, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000140)) (async)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000002700)={0x53, 0xffffffffffffffff, 0x6, 0xcd, @scatter={0x0, 0x0, 0x0}, &(0x7f0000002500)="b6b77bbf8d61", 0x0, 0xffff, 0x0, 0x3, 0x0}) (async)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="1800000015006b05c84e21000af32c6e022975f802000000", 0x18}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) (async)

4.232377221s ago: executing program 0 (id=1086):
socket$nl_sock_diag(0x10, 0x3, 0x4)
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
socket$netlink(0x10, 0x3, 0x400000000000004)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000280)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000180)=0x800, 0x4)
writev(r0, &(0x7f0000000100), 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
ioctl$BTRFS_IOC_SET_FEATURES(r2, 0x40309439, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f00000001c0))
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0xc0686611, &(0x7f0000000180)={0x1fe, 0x0, 0x18, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = fsopen(&(0x7f0000000240)='nilfs2\x00', 0x1)
mmap$qrtrtun(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000000, 0x11, r4, 0x8bd)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f00000002c0)='{owrce\xedI]\xbbJ\"\xd3\xecR*\x95\xcf\xb9k\xb0\x15\x1a\xac\xc4\xf2\xf7\xe6\x97#\x92\xc9\xfdh\xf2%4\x9b\xd2\xbe\xf2d\x04~\xf4s&\x99\x91Nt\x81\xc6\x821\xa1P\xb0k\xef\xbbo\x98m\xaa\x8d\xae3\x11\xdf\xec\xa1v\x87s\xfa}\x8dxW\x8a\xf6:L\x86\x04;V\x96\'HJ\xd6\xbe\x18/vm\xfa\xdd\x1c\'\x1d{(v\x8c~I\x8e\xc6\xe1\x81H\xb6\x9d\xb6\x7f\x92\x9e\x9e\x1d\xe4\x88fy\x84\n\xa5Y\xda\xab\x82\x9d\xba\xcc\xf2\xd1| \xe8\f\xc8\x12>\x16\xf9\xf3\xeed?\xa2\xa5\b\xb7@\xbc\bhh\xd4\'r\"\xef\x0f\n\xdbw\x88.\xb7\x1fB\x90|\xd5\xf6\a\xdep1\'D\xcf{-\xde\x1dj@\xd86\x10}\aV\xd4DX1\xd4a#\\\xfa\xcb\xd0\xd2TE<M\xea\xfbi\'\x1d-\n\x1a\'\xdf)T&\x0f\x19\x83vP\x18yA\xfb\xb8u\xc9t\xa3\xf2pD\x84\xf8G7\x00\x00\x00', &(0x7f0000000580)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x93\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xb8\xa8\xbf\xe8\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000700)='source', &(0x7f00000004c0)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael,\xc4\x00\x00\x00\x00\x00\x00\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x00\x00\x00\x00\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\xf9\xff\x1b\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&\xc1&A0\xa7\xef\x9cL\x8e1K', 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in={{0x2, 0x4, @multicast1}}, 0x0, 0x0, 0x0, 0x0, 0x32, 0x1, 0x4}, 0x9c)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket(0x2, 0x3, 0x6)

1.714723276s ago: executing program 1 (id=1094):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500"], 0x310)
clock_settime(0x17, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000480)={0x6, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {{0x2, 0x4e21, @loopback}}}, 0x108)
r1 = syz_ublk_setup_io_uring(0x63c, &(0x7f0000000340)={0x0, 0x0, 0x80, 0x2, 0x3c8}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r2, r3, r4, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL={0xe, 0x10, 0x0, 0x0, 0x0, 0x11a2a, 0x0, 0x0, 0x1})
syz_io_uring_submit(r2, r3, r4, &(0x7f0000000980)=@IORING_OP_ACCEPT={0xd, 0x12, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800, 0x1})
syz_ublk_add_dev(r1, r2, r3, r4, &(0x7f00000003c0)={0x2e, 0x5, 0x0, <r5=>0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000200)=@any_dev={0x4, 0xd74, 0x0, 0x0, 0x1000, 0x68ba, 0x0, 0x0, 0x10}}}, &(0x7f0000000440))
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)="2e00000011008188040f80ec59acbc0413a181004000000004000000000000000e000a000d00000002800200121f", 0x2e}], 0x1}, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000a00)={0x0, "092f18b593dd53c9daec2d332f27f951"})
syz_emit_vhci(&(0x7f0000000100)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xf}, "a8914cb5df1718344cbddffb5a8288"}, 0x13)
ioctl$BTRFS_IOC_BALANCE_V2(r5, 0xc4009420, &(0x7f0000001a00)={0x10, 0x0, {0x2, @struct={0x9, 0x2}, 0x0, 0x7, 0x9, 0x6, 0x4, 0xc, 0x3b, @usage=0x6bf, 0x8, 0x7, [0x3, 0xfffffffffffffffe, 0x6, 0xd59, 0xfffffffffffffffa, 0x3]}, {0x38, @usage=0x4, 0x0, 0x1, 0x3, 0x0, 0xffffffffffffffff, 0x8, 0x40, @struct={0x8, 0x7ff}, 0x4, 0x80000001, [0x8, 0x5, 0x6, 0x4, 0x8, 0x1]}, {0x3, @usage, 0x0, 0x800, 0xd, 0x3, 0x2, 0x0, 0x4, @struct={0x7}, 0x400, 0x3, [0x1, 0x6, 0x1b4, 0x2, 0xdfb, 0x3]}, {0x4, 0x6, 0x8}})

1.713178278s ago: executing program 0 (id=1102):
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_CAP_X2APIC_API(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)={0x81, 0x0, 0x3})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

1.586468721s ago: executing program 0 (id=1099):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
close(0x3)
syz_clone3(&(0x7f00000005c0)={0x280a00300, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) (fail_nth: 1)

1.234294285s ago: executing program 0 (id=1107):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002480)=[{0x0}, {0x0}], 0x2}, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01')
syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(r0, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="1201410130f56920ac05190272f00102030109021b000100001000090455070103490200090582030004"], 0x0)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000100)={@hyper})
syz_usb_control_io$uac2(r1, &(0x7f0000000640)={0x14, &(0x7f0000000440)={0x0, 0xe, 0x62, {0x62, 0x22, "16ea7d5fc133bfbc7f47ebb3b1bab718b2ed638676c9178d8449290e2aea63e56cb2e4f5c2e4c879c1b22e353f9d85daf2024fef4065ac48e175aa9a5c1f6d7934f41dd551607ea6f28a70fda2c25491b65aa717f027f67e7b63d7e6d5c0f722"}}, &(0x7f00000004c0)={0x0, 0x3, 0x98, @string={0x98, 0x3, "6a00b8b2eb6ecbe0523821fceab633f90f4fb30686dde67b3fbb97525bd9fce79f5c51d92e7423adc266585852502ba9f247060513837ff643a67618fcee43b22baac272c6cf58e7947caa6115ad5914c3dc1aac5d1878934a0d070ac27e3ce0e66a82b25349cceaba012346a82233d4055c86ea54c4bceb21117d6ac28a947f572a4ce6a89fecb7d67fbf1b5e11f7c91f60b9ebd138"}}}, &(0x7f0000000900)={0x44, &(0x7f0000000680)={0x60, 0xf, 0x27, "33d1f80b3e8156f1132747d4754340053133948044640a950db9521afbf3439437f52455cec254"}, &(0x7f00000006c0)={0x0, 0xa, 0x1, 0x1}, &(0x7f0000000700)={0x0, 0x8, 0x1, 0x9e}, &(0x7f0000000740)={0x20, 0x81, 0x3, "07ba0d"}, &(0x7f0000000780)={0x20, 0x82, 0x2, "fa94"}, &(0x7f00000007c0)={0x20, 0x83, 0x2, "a2e1"}, &(0x7f0000000800)={0x20, 0x84, 0x2, "c96f"}, &(0x7f0000000840)={0x20, 0x85, 0x3, "66de88"}})
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r3, &(0x7f0000000480)='\x00', 0x1)
socket$key(0xf, 0x3, 0x2)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x40, &(0x7f0000000640)=ANY=[])
syz_usb_control_io$cdc_ncm(r1, &(0x7f0000000100)={0x14, &(0x7f0000000000)={0x20, 0x24, 0x95, {0x95, 0x11, "dde771877bcc778a91a7925d3b378dad3a3061062defcd6ac59a68e403cac66c2db5d97cd5227cb8461ddafae027fc99c38b4b34151ace4d27ce606f47b044409067cdbe04f6b11a32537fd213fe3366b8ad10952087223a8c86a817a6b776efd97c4a109f3fd067433a8cb90bcaab6290d8edfbf3ae95bf9e3433703cd33c98c2be00ce83874279dc0c28a209424dfb8221ea"}}, &(0x7f00000000c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000003c0)={0x44, &(0x7f0000000140)={0x20, 0xe, 0x37, "75f7a6bb75dc4d5e03115a66ff1aef383c58256c30981c89ce77e1942ad21e4c28c358a4f8f12c90c42ccf83cfa6960edc4a50803e5bd4"}, &(0x7f0000000180)={0x0, 0xa, 0x1, 0x5}, &(0x7f00000001c0)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000240)={0x20, 0x80, 0x1c, {0x0, 0x6, 0x10000, 0x9, 0x0, 0x2, 0x9, 0x6, 0x8, 0x2, 0x2acb, 0x23}}, &(0x7f0000000280)={0x20, 0x85, 0x4, 0x401}, &(0x7f00000002c0)={0x20, 0x83, 0x2}, &(0x7f0000000300)={0x20, 0x87, 0x2, 0xc81}, &(0x7f0000000380)={0x20, 0x89, 0x2, 0x1}})

1.095099643s ago: executing program 1 (id=1109):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)={0x1a8, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x10}, [@CTA_EXPECT_NAT={0xbc, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x40, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x60, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010102}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x12}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, @CTA_EXPECT_NAT={0xd8, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x64, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @remote}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}]}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_TUPLE={0x68, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000c40)="120000001200e7ef007b0000000000faffa0", 0x12, 0x8800, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})

910.633235ms ago: executing program 1 (id=1115):
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
ioctl$BLKTRACESTART(r0, 0x1274, 0x0)
r1 = openat$panthor(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040)={<r2=>0x0})
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000080)={r2, 0x1})
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f00000002c0)={0xa8, &(0x7f0000000200)=""/168})
openat$mice(0xffffffffffffff9c, &(0x7f0000019080), 0x2000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000001000010000000000000000002c00000020000000ff0f00000000000008001c00c900000014003100fc0100"], 0x3c}], 0x1, 0x0, 0x0, 0xb305e06d8ab48273}, 0x48800)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000019140)=ANY=[@ANYBLOB="1201000000000040ac0538024000010203010902240601010000000904000000030102"], 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000800)="21ae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dbfaf8eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856", 0x244}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf2acfb793", 0x161}, {&(0x7f0000000140)="f610e61ac81cc3edc86f0500194d27a5a443f10dfd1ecda0fd0ed9a444b7fb76afe3a0002f0a5eafcd3555a6cad574af080de74a37f54ee5f10fe3f42b445293ca980200000000000000ecfd6cc1b3a9a9263506e88c5557069d0ca055991454ec1307b7411892a1beaef9ae54833107eb88b0411b1bc0ba9bc28d0eb6a73ad76be9facd", 0x84}], 0x3, 0x0, 0x0, 0x900}}], 0x3fffffffffffddf, 0x0)
r5 = getegid()
ioctl$TUNSETGROUP(r0, 0x400454ce, r5)
r6 = socket(0x10, 0x803, 0x0)
sendto(r6, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x89fc, &(0x7f00000006c0)={'sit0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
ioctl$sock_inet_SIOCDARP(r4, 0x8953, &(0x7f0000000500)={{0x2, 0x4e20, @private=0xa010102}, {0x306, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x16, {0x2, 0x4e21, @empty}, 'caif0\x00'})

847.095493ms ago: executing program 2 (id=1116):
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, &(0x7f0000000040)={[{@mpol={'mpol', 0x3d, {'prefer', '', @void}}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x49a002, 0x181) (fail_nth: 1)

769.641432ms ago: executing program 2 (id=1119):
r0 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$sock_int(r0, 0x1, 0x26, 0x0, &(0x7f00000000c0))
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_int(r1, 0x1, 0x4, 0x0, &(0x7f0000000040))

650.495757ms ago: executing program 3 (id=1120):
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, &(0x7f0000000380)=0x84)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r2, 0x10c, 0x5, &(0x7f0000000000)=0xbd2, 0x4)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x64, r3, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x8, 0x8, 0x0, 0x1, [{0x4}]}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x5}]}]}, 0x64}}, 0x0)
sendmsg$NET_DM_CMD_START(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44004}, 0x0)
sendmmsg$inet(r1, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000000640)="f2b4e4f180ec3860b99bb254602fb717f9437cd2547fce2306325491a0ec68779f10729ed1f62f6e2c132ca90d49aa95a1ed03f8c6b4f274bf080197a2f4c0fad41128ae51096ffcba1b5266add485ebbd308420c601f47062eb3fcbbb91207f65d852dd8966f195f9c9300b939bb8395eedebf432e9f4518e838779a8d8c8283797a2116396f1fcef6cad72ccc5f1784bdfdebd04af58f57424c27be084c48079913780d2c30a94a2f7891b3ca75cbb149caf8a22e187fe16721bc163e4471b50b796a4680a200cba9a912b578afda68a732ccb9f6e086e680bc21de5988055a4b1f1c5450afd33288da6819fcbeb30ab8c28cad8594d7b5c6bb6b1897bcb8238f4c166249c45267e64ad1601d57dbb5c4bc807719c13b1978dac89a91c58c46332f597177ac6d8404aad1a6ab02cdf0623814b3e36d4daf52273bddd84e14d86eb673334357e4a0d053a6d0725c37ad09f982b8e7c04fe136d34349958a6c61fecbf61c021be1c381867f55266d4d35050c8729f8c3c760a24ef98ceb6181b35c7c66d59b485d545652a6377393bf6bee54a7d6b3309a17954643a077add125bf2a8cfdc0cc58d94ec39c4ba2df86554c625f09c0c340618fbc5f77cba9a189f0ef47e6dc57ac0449ba0713ed40418169b81a9c22ddbe97b5994f92d7fcc369d52c5c90aa57fbd06b3149acb7722f979a947861e16865516b5d510e2d53084f80b28bfddafec63a84117ebfd4500eb78e095818345bb5d436d815fe93d21b85d86ee2f94e6377393b43ab999b10fe15754baa05012eb8f4fef67b39c3d50260e38dea1d3c982e6a6c3e4f346674eeba27e4a215c7d0a66b8ccdaeb694cf8b62eb5911917c7dcbd9ac6c295635170a00a9cbf14e18f45c54f8daa08e2bade74e4c3ef9969cefa698a37cefce1794bba0939c08c214c2845dd47fdcd5737340f08e6949c86da2fc3bcccba120f8d669b43e0126ed1d17c2778d3b8f456dbad5e3ea6a3af578ea12ed04807599334f3f8058b03276861170944cb14494a07fd3bb0b8ace43fb42aca5629cb60bf1ff818157b10c978629bf4e1c82ef41e90f89b8ab0291a4a28ab294c9fd011b73f914421a7964ba165ad02d6c4037acf446050a20e84fe8ca45176f7d599d8eae6e3ac2c89528e9e9d54a07e56d11f521906b392481a00ab4d46141df670067f876dfcb23602b7fa2045df525d756d6e12ea87df64e46ebea1a389cb65e2dcc1e7075502f7bc03b52b78744a474f6cb1bc16d3d3ff33d78ea868850ffca814b80e9ae598660e2dd03da9f08bfef4ab81c3c6d2a5706cf4c29f96364a18b404f31bb104afa11222188ad94331f100546ab65385870241d39090edb540e0c80a5b2baffdae0619423b9404ac52c0e1d50fac5029c0cbf85cdbee365c6e6f2f8b8386febb21fa3517184955a31ebb64d3db9c32530abd4becd63ef02fe01a8de92217f54c62afa1c6277f2fc32412964dcb51573153162603111b25f19e7735414fd45d76eb24b8472c678ecdcf8ccec658b71d81fff152", 0x443}], 0x1}}], 0x1, 0x2090)
r4 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x10, 0x458, 0x5005, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x1, "", [{{0x9, 0x4, 0x0, 0x0, 0xfe, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x1, 0xfc, 0x1, {0x22, 0x28}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x3, 0x81, 0x2}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io(r4, &(0x7f00000003c0)={0x2c, &(0x7f0000000480)=ANY=[@ANYBLOB="20232800000028ff"], 0x0, 0x0, 0x0, 0x0}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
sendto$inet(r1, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

540.672403ms ago: executing program 2 (id=1121):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d01"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000000)=ANY=[], 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000100)={0x14, &(0x7f0000000000)={0x40, 0x30, 0x99, {0x99, 0x22, "e6f1a4c6496db6debf5dff616ed7a38b50620c0849d4181fb620ecc2dcd2b4e50b049a396929ade02ce02a9743f987d71744ee5d17d4824932d43af3e3c63438b948c18e464e8ad12fa8748f9f1c6b9ecb3ff349cc5720053ba187b2c8d9ffcf5b048de555a2d648908103ac37e61e68a286bfa5e81d829c3514135e441c1df643c4825df77ae13decb97585c54868780cbbb0476e73bf"}}, &(0x7f00000000c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000300)={0x1c, &(0x7f0000000140)={0x0, 0x8, 0xf7, "d601f555024d8d33a3b85ccaa8cd303eb6939abfdaa03f487a3428a74563c0159ef447d6da3185db88823a1066bb0547c00bcd3349eabff1d0a5e7aad6ccc5d589d435be5a9b98615e38b91fb8acb7509f58889e671b63b1ad0c4c9081700b9e89a177eb9a295f978c70d946e9d56ea5b17589b19dc082066a6bce563ee5d8c545d68388b3648f780171994de93a9fc1012c9f3b509bae30a47bb1b6fe3f4a50ecd50982caebdfd430c42963508486d3ef3e3f6b36c9fb7b5eaf2719461161bd8baa0422219207a382e2f5bc02161331cabebca064719a2a6d6a3bf967f23ea6b8f54ce3453979359f77fce9d3a7d8c1e17ada35590692"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x1}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0xf0}})

523.300694ms ago: executing program 3 (id=1122):
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_CAP_X2APIC_API(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)={0x81, 0x0, 0x3})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

418.593197ms ago: executing program 2 (id=1123):
r0 = socket(0x10, 0x2, 0x4)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0x4c)
setresuid(0x0, r1, r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = getpgid(0x0)
fcntl$setownex(r3, 0xf, &(0x7f0000000140)={0x2, r4})
sendmmsg$unix(r2, &(0x7f0000011500)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)="11", 0x1}], 0x1, 0x0, 0x0, 0x4004040}}], 0x1, 0x40015)

412.187284ms ago: executing program 2 (id=1124):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000840)={0x34, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000000)=ANY=[], 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000880)={0x84, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000300)={0x1c, &(0x7f0000000140)={0x0, 0x8, 0xf7, "d601f555024d8d33a3b85ccaa8cd303eb6939abfdaa03f487a3428a74563c0159ef447d6da3185db88823a1066bb0547c00bcd3349eabff1d0a5e7aad6ccc5d589d435be5a9b98615e38b91fb8acb7509f58889e671b63b1ad0c4c9081700b9e89a177eb9a295f978c70d946e9d56ea5b17589b19dc082066a6bce563ee5d8c545d68388b3648f780171994de93a9fc1012c9f3b509bae30a47bb1b6fe3f4a50ecd50982caebdfd430c42963508486d3ef3e3f6b36c9fb7b5eaf2719461161bd8baa0422219207a382e2f5bc02161331cabebca064719a2a6d6a3bf967f23ea6b8f54ce3453979359f77fce9d3a7d8c1e17ada35590692"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x1}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0xf0}})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

404.86336ms ago: executing program 3 (id=1125):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)={0x1a8, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x10}, [@CTA_EXPECT_NAT={0xbc, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x40, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x60, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private=0xa010101}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010102}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x12}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, @CTA_EXPECT_NAT={0xd8, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x64, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @remote}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}]}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_TUPLE={0x68, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000c40)="120000001200e7ef007b0000000000faffa0", 0x12, 0x8800, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})

214.73089ms ago: executing program 3 (id=1126):
add_key$fscrypt_provisioning(&(0x7f0000000000), 0x0, 0x0, 0x48, 0xfffffffffffffffb)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x141000, 0x0)
ioctl$PTP_ENABLE_PPS(r3, 0xc0403d11, 0xffffffffffffffff)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r4], 0x1c}}, 0x24008844)
r5 = socket(0x1e, 0x4, 0x0)
write$nci(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="5001", @ANYRES8=r1, @ANYRES16=r5], 0x14)

214.35782ms ago: executing program 2 (id=1127):
r0 = epoll_create1(0x0)
r1 = socket(0x1, 0x80802, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)={0x10000001}) (fail_nth: 4)

125.40564ms ago: executing program 3 (id=1128):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500"], 0x310)
clock_settime(0x17, &(0x7f0000000200))
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000480)={0x6, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}, {{0x2, 0x4e21, @loopback}}}, 0x108)
r1 = syz_ublk_setup_io_uring(0x63c, &(0x7f0000000340)={0x0, 0x0, 0x80, 0x2, 0x3c8}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r2, r3, r4, &(0x7f0000000080)=@IORING_OP_ASYNC_CANCEL={0xe, 0x10, 0x0, 0x0, 0x0, 0x11a2a, 0x0, 0x0, 0x1})
syz_io_uring_submit(r2, r3, r4, &(0x7f0000000980)=@IORING_OP_ACCEPT={0xd, 0x12, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800, 0x1})
syz_ublk_add_dev(r1, r2, r3, r4, &(0x7f00000003c0)={0x2e, 0x5, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000200)=@any_dev={0x4, 0xd74, 0x0, 0x0, 0x1000, 0x68ba, 0x0, 0x0, 0x10}}}, &(0x7f0000000440))

0s ago: executing program 3 (id=1129):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x220c) (async, rerun: 32)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 32)
listen(r1, 0x3)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) (async, rerun: 32)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) (rerun: 32)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) (async)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r4, 0x84, 0x82, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b) (async, rerun: 64)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 64)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0) (async)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, 0x0, 0x0) (async, rerun: 64)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 64)
setsockopt$inet6_int(r8, 0x29, 0x1a, 0x0, 0x0) (async)
bind$inet6(r8, &(0x7f0000000540)={0xa, 0x4e22, 0x7651, @empty, 0x200}, 0x1c) (async)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r9, 0x7) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async, rerun: 32)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) (rerun: 32)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000240)={0x1, 0x0, [{0x40000118, 0xec000000, 0x3b6d}]}) (async)
ioctl$KVM_GET_MSRS_cpu(r12, 0xc008ae88, &(0x7f0000000140)={0x35, 0x0, [{0x40000108}]})

kernel console output (not intermixed with test programs):

PU: 1 UID: 0 PID: 6926 Comm: syz.1.360 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  163.836086][ T6926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  163.836092][ T6926] Call Trace:
[  163.836097][ T6926]  <TASK>
[  163.836104][ T6926]  dump_stack_lvl+0xe8/0x150
[  163.836126][ T6926]  should_fail_ex+0x46b/0x600
[  163.836145][ T6926]  _copy_to_user+0x31/0xb0
[  163.836158][ T6926]  simple_read_from_buffer+0xe1/0x170
[  163.836174][ T6926]  proc_fail_nth_read+0x1be/0x230
[  163.836188][ T6926]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  163.836202][ T6926]  ? rw_verify_area+0x2ac/0x4e0
[  163.836216][ T6926]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  163.836228][ T6926]  vfs_read+0x212/0xa80
[  163.836246][ T6926]  ? __pfx_vfs_read+0x10/0x10
[  163.836260][ T6926]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  163.836276][ T6926]  ? lockdep_hardirqs_on+0x7a/0x110
[  163.836291][ T6926]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  163.836305][ T6926]  ? mutex_lock_nested+0x152/0x1d0
[  163.836317][ T6926]  ? fdget_pos+0x252/0x320
[  163.836333][ T6926]  ksys_read+0x156/0x270
[  163.836348][ T6926]  ? __pfx_ksys_read+0x10/0x10
[  163.836361][ T6926]  ? __pfx_cec_ioctl+0x10/0x10
[  163.836375][ T6926]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.836387][ T6926]  do_syscall_64+0x174/0x580
[  163.836401][ T6926]  ? trace_irq_disable+0x3b/0x140
[  163.836413][ T6926]  ? clear_bhb_loop+0x40/0x90
[  163.836426][ T6926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.836436][ T6926] RIP: 0033:0x7f1c3689d68e
[  163.836446][ T6926] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  163.836456][ T6926] RSP: 002b:00007f1c34b2dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  163.836467][ T6926] RAX: ffffffffffffffda RBX: 00007f1c34b2e6c0 RCX: 00007f1c3689d68e
[  163.836475][ T6926] RDX: 000000000000000f RSI: 00007f1c34b2e0a0 RDI: 0000000000000005
[  163.836482][ T6926] RBP: 00007f1c34b2e090 R08: 0000000000000000 R09: 0000000000000000
[  163.836491][ T6926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.836497][ T6926] R13: 00007f1c36b56038 R14: 00007f1c36b55fa0 R15: 00007ffdef84eca8
[  163.836513][ T6926]  </TASK>
[  163.951694][ T5717] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[  164.113895][ T5717] usb 4-1: config index 0 descriptor too short (expected 74, got 45)
[  164.113949][ T5717] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 64
[  164.113975][ T5717] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 64
[  164.114001][ T5717] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  164.114041][ T5717] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  164.114063][ T5717] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.322270][  T823] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  164.332812][ T5717] usb 4-1: GET_CAPABILITIES returned 0
[  164.332840][ T5717] usbtmc 4-1:16.0: can't read capabilities
[  164.471721][  T823] usb 2-1: Using ep0 maxpacket: 8
[  164.475538][  T823] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  164.475570][  T823] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.475587][  T823] usb 2-1: Product: syz
[  164.475601][  T823] usb 2-1: Manufacturer: syz
[  164.475616][  T823] usb 2-1: SerialNumber: syz
[  164.479407][  T823] usb 2-1: config 0 descriptor??
[  164.556985][    C0] usbtmc 4-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  164.557854][ T6924] usbtmc 4-1:16.0: Unable to send data, error -71
[  164.579709][ T5717] usb 4-1: USB disconnect, device number 23
[  164.685425][  T823] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  165.641618][ T5724] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  165.701100][  T823] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  165.716339][  T823] usb 1-1: USB disconnect, device number 19
[  165.803610][ T5724] usb 3-1: Using ep0 maxpacket: 8
[  165.809238][ T5724] usb 3-1: config 254 has an invalid descriptor of length 0, skipping remainder of the config
[  165.809266][ T5724] usb 3-1: config 254 has 0 interfaces, different from the descriptor's value: 1
[  165.841663][ T5724] usb 3-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  165.841702][ T5724] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.841722][ T5724] usb 3-1: Product: syz
[  165.841736][ T5724] usb 3-1: Manufacturer: syz
[  165.841760][ T5724] usb 3-1: SerialNumber: syz
[  166.351619][  T822] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[  166.504818][  T822] usb 4-1: config index 0 descriptor too short (expected 74, got 45)
[  166.504874][  T822] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 64
[  166.504989][  T822] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 64
[  166.505017][  T822] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  166.505058][  T822] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  166.505082][  T822] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.738893][  T822] usb 4-1: GET_CAPABILITIES returned 0
[  166.738921][  T822] usbtmc 4-1:16.0: can't read capabilities
[  166.942879][    C1] usbtmc 4-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  166.955021][ T6963] usbtmc 4-1:16.0: Unable to send data, error -71
[  166.989106][  T822] usb 2-1: USB disconnect, device number 24
[  167.010537][ T5724] usb 4-1: USB disconnect, device number 24
[  167.431714][  T822] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  167.584033][  T822] usb 2-1: Using ep0 maxpacket: 8
[  167.589260][  T822] usb 2-1: config 254 has an invalid descriptor of length 0, skipping remainder of the config
[  167.589286][  T822] usb 2-1: config 254 has 0 interfaces, different from the descriptor's value: 1
[  167.608298][  T822] usb 2-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  167.608356][  T822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.608376][  T822] usb 2-1: Product: syz
[  167.608390][  T822] usb 2-1: Manufacturer: syz
[  167.608404][  T822] usb 2-1: SerialNumber: syz
[  167.721761][ T5724] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  167.871626][ T5724] usb 1-1: Using ep0 maxpacket: 32
[  167.874265][ T5724] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 1056, setting to 1024
[  167.874322][ T5724] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 7
[  167.876589][ T5724] usb 1-1: New USB device found, idVendor=1235, idProduct=8203, bcdDevice= 0.40
[  167.876618][ T5724] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.876638][ T5724] usb 1-1: Product: syz
[  167.876652][ T5724] usb 1-1: Manufacturer: syz
[  167.876666][ T5724] usb 1-1: SerialNumber: syz
[  168.337110][ T5724] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  168.359790][ T5724] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  168.395225][ T5724] usb 1-1: Focusrite Scarlett Gen 2 Mixer Driver enabled (pid=0x8203); report any issues to https://github.com/geoffreybennett/scarlett-gen2/issues
[  168.395317][ T5724] usb 1-1: Error initialising Scarlett Gen 2 Mixer Driver: -22
[  168.451648][  T822] usb 3-1: USB disconnect, device number 20
[  168.627867][ T5724] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[  168.640710][ T5724] usb 1-1: USB disconnect, device number 20
[  168.695982][ T5857] udevd[5857]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  168.821721][  T823] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  168.901221][  T822] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  168.972260][  T823] usb 4-1: Using ep0 maxpacket: 8
[  168.980144][  T823] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  168.980176][  T823] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.980196][  T823] usb 4-1: Product: syz
[  168.980210][  T823] usb 4-1: Manufacturer: syz
[  168.980224][  T823] usb 4-1: SerialNumber: syz
[  169.023607][  T823] usb 4-1: config 0 descriptor??
[  169.053612][  T822] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  169.053639][  T822] usb 3-1: config 0 has no interface number 0
[  169.053680][  T822] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  169.053703][  T822] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  169.053727][  T822] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  169.053752][  T822] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  169.053773][  T822] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  169.053812][  T822] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  169.053834][  T822] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.059993][  T822] usb 3-1: config 0 descriptor??
[  169.074936][  T822] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  169.239527][  T823] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  169.265281][ T6995] ldusb 3-1:0.55: Couldn't submit interrupt_in_urb -90
[  169.268285][ T5717] usb 3-1: USB disconnect, device number 21
[  169.318178][ T5717] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  169.781684][    T9] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  169.933218][    T9] usb 1-1: Using ep0 maxpacket: 8
[  169.980719][    T9] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  169.980823][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.980847][    T9] usb 1-1: Product: syz
[  169.980861][    T9] usb 1-1: Manufacturer: syz
[  169.980876][    T9] usb 1-1: SerialNumber: syz
[  170.038765][    T9] usb 1-1: config 0 descriptor??
[  170.083363][ T7016] FAULT_INJECTION: forcing a failure.
[  170.083363][ T7016] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.083404][ T7016] CPU: 1 UID: 0 PID: 7016 Comm: syz.2.392 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  170.083432][ T7016] Tainted: [L]=SOFTLOCKUP
[  170.083438][ T7016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  170.083449][ T7016] Call Trace:
[  170.083457][ T7016]  <TASK>
[  170.083465][ T7016]  dump_stack_lvl+0xe8/0x150
[  170.083488][ T7016]  should_fail_ex+0x46b/0x600
[  170.083506][ T7016]  _copy_from_iter+0x1d3/0x1670
[  170.083521][ T7016]  ? trace_kmem_cache_alloc+0x29/0xe0
[  170.083543][ T7016]  ? __alloc_skb+0x27d/0x7d0
[  170.083568][ T7016]  ? __pfx__copy_from_iter+0x10/0x10
[  170.083585][ T7016]  ? kmem_cache_alloc_node_noprof+0x27c/0x6e0
[  170.083607][ T7016]  ? __alloc_skb+0x27d/0x7d0
[  170.083637][ T7016]  ? netlink_sendmsg+0x650/0xb40
[  170.083654][ T7016]  ? skb_put+0x11b/0x210
[  170.083682][ T7016]  netlink_sendmsg+0x6c0/0xb40
[  170.083707][ T7016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.083732][ T7016]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  170.083760][ T7016]  ? aa_sock_msg_perm+0x122/0x200
[  170.083780][ T7016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.083798][ T7016]  sock_sendmsg_nosec+0x13a/0x180
[  170.083823][ T7016]  ____sys_sendmsg+0x55c/0x870
[  170.083854][ T7016]  ? __pfx_____sys_sendmsg+0x10/0x10
[  170.083890][ T7016]  ? import_iovec+0x73/0xa0
[  170.083914][ T7016]  ___sys_sendmsg+0x2a5/0x360
[  170.083942][ T7016]  ? __lock_acquire+0x6b5/0x2d10
[  170.083969][ T7016]  ? __pfx____sys_sendmsg+0x10/0x10
[  170.084004][ T7016]  ? __fget_files+0x2a/0x420
[  170.084016][ T7016]  ? __fget_files+0x3a6/0x420
[  170.084045][ T7016]  __x64_sys_sendmsg+0x1c3/0x2a0
[  170.084076][ T7016]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  170.084114][ T7016]  ? __pfx_ksys_write+0x10/0x10
[  170.084145][ T7016]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.084157][ T7016]  do_syscall_64+0x174/0x580
[  170.084172][ T7016]  ? trace_irq_disable+0x3b/0x140
[  170.084184][ T7016]  ? clear_bhb_loop+0x40/0x90
[  170.084206][ T7016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.084233][ T7016] RIP: 0033:0x7f4af128ce59
[  170.084255][ T7016] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  170.084278][ T7016] RSP: 002b:00007f4aef4e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.084298][ T7016] RAX: ffffffffffffffda RBX: 00007f4af1505fa0 RCX: 00007f4af128ce59
[  170.084312][ T7016] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  170.084324][ T7016] RBP: 00007f4aef4e6090 R08: 0000000000000000 R09: 0000000000000000
[  170.084335][ T7016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.084346][ T7016] R13: 00007f4af1506038 R14: 00007f4af1505fa0 R15: 00007ffdf7287e68
[  170.084376][ T7016]  </TASK>
[  170.161698][ T5724] usb 2-1: USB disconnect, device number 25
[  170.321567][    T9] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  170.341901][  T823] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  170.350225][ T7022] FAULT_INJECTION: forcing a failure.
[  170.350225][ T7022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.350296][ T7022] CPU: 1 UID: 0 PID: 7022 Comm: syz.1.393 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  170.350324][ T7022] Tainted: [L]=SOFTLOCKUP
[  170.350332][ T7022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  170.350346][ T7022] Call Trace:
[  170.350354][ T7022]  <TASK>
[  170.350361][ T7022]  dump_stack_lvl+0xe8/0x150
[  170.350391][ T7022]  should_fail_ex+0x46b/0x600
[  170.350423][ T7022]  strncpy_from_user+0x36/0x2b0
[  170.350453][ T7022]  do_getname+0x77/0x250
[  170.350475][ T7022]  __se_sys_linkat+0x49/0x2d0
[  170.350494][ T7022]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.350514][ T7022]  do_syscall_64+0x174/0x580
[  170.350541][ T7022]  ? trace_irq_disable+0x3b/0x140
[  170.350563][ T7022]  ? clear_bhb_loop+0x40/0x90
[  170.350586][ T7022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.350604][ T7022] RIP: 0033:0x7f1c368dce59
[  170.350621][ T7022] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  170.350637][ T7022] RSP: 002b:00007f1c34b0d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000109
[  170.350657][ T7022] RAX: ffffffffffffffda RBX: 00007f1c36b56090 RCX: 00007f1c368dce59
[  170.350670][ T7022] RDX: 0000000000000003 RSI: 0000200000000280 RDI: 0000000000000006
[  170.350682][ T7022] RBP: 00007f1c34b0d090 R08: 0000000000001400 R09: 0000000000000000
[  170.350694][ T7022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.350706][ T7022] R13: 00007f1c36b56128 R14: 00007f1c36b56090 R15: 00007ffdef84eca8
[  170.350735][ T7022]  </TASK>
[  170.741619][ T5725] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  170.912771][ T5725] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  170.912823][ T5725] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  170.912847][ T5725] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.918483][ T5725] usb 3-1: config 0 descriptor??
[  170.934073][ T5725] pwc: Askey VC010 type 2 USB webcam detected.
[  171.125077][ T5725] pwc: send_video_command error -71
[  171.125096][ T5725] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  171.125216][ T5725] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[  171.135914][ T5725] usb 3-1: USB disconnect, device number 22
[  171.336552][ T7021] fuse: Unknown parameter ''
[  171.605584][ T5725] usb 4-1: USB disconnect, device number 25
[  171.742548][    T9] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  171.786561][    T9] usb 1-1: USB disconnect, device number 21
[  172.002890][ T7047] FAULT_INJECTION: forcing a failure.
[  172.002890][ T7047] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.002926][ T7047] CPU: 1 UID: 0 PID: 7047 Comm: syz.2.403 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  172.002952][ T7047] Tainted: [L]=SOFTLOCKUP
[  172.002959][ T7047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  172.002970][ T7047] Call Trace:
[  172.002977][ T7047]  <TASK>
[  172.002985][ T7047]  dump_stack_lvl+0xe8/0x150
[  172.003014][ T7047]  should_fail_ex+0x46b/0x600
[  172.003046][ T7047]  _copy_from_iter+0x1d3/0x1670
[  172.003071][ T7047]  ? trace_kmem_cache_alloc+0x29/0xe0
[  172.003093][ T7047]  ? __alloc_skb+0x27d/0x7d0
[  172.003120][ T7047]  ? __pfx__copy_from_iter+0x10/0x10
[  172.003136][ T7047]  ? kmem_cache_alloc_node_noprof+0x27c/0x6e0
[  172.003156][ T7047]  ? __alloc_skb+0x27d/0x7d0
[  172.003185][ T7047]  ? netlink_sendmsg+0x650/0xb40
[  172.003202][ T7047]  ? skb_put+0x11b/0x210
[  172.003231][ T7047]  netlink_sendmsg+0x6c0/0xb40
[  172.003258][ T7047]  ? __pfx_netlink_sendmsg+0x10/0x10
[  172.003278][ T7047]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  172.003303][ T7047]  ? aa_sock_msg_perm+0x122/0x200
[  172.003322][ T7047]  ? __pfx_netlink_sendmsg+0x10/0x10
[  172.003338][ T7047]  sock_sendmsg_nosec+0x13a/0x180
[  172.003362][ T7047]  ____sys_sendmsg+0x55c/0x870
[  172.003394][ T7047]  ? __pfx_____sys_sendmsg+0x10/0x10
[  172.003432][ T7047]  ? import_iovec+0x73/0xa0
[  172.003456][ T7047]  ___sys_sendmsg+0x2a5/0x360
[  172.003483][ T7047]  ? __lock_acquire+0x6b5/0x2d10
[  172.003505][ T7047]  ? __pfx____sys_sendmsg+0x10/0x10
[  172.003553][ T7047]  ? __fget_files+0x2a/0x420
[  172.003580][ T7047]  ? __fget_files+0x3a6/0x420
[  172.003605][ T7047]  __x64_sys_sendmsg+0x1c3/0x2a0
[  172.003633][ T7047]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  172.003659][ T7047]  ? __pfx_ksys_write+0x10/0x10
[  172.003685][ T7047]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.003704][ T7047]  do_syscall_64+0x174/0x580
[  172.003724][ T7047]  ? trace_irq_disable+0x3b/0x140
[  172.003739][ T7047]  ? clear_bhb_loop+0x40/0x90
[  172.003756][ T7047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.003769][ T7047] RIP: 0033:0x7f4af128ce59
[  172.003782][ T7047] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  172.003795][ T7047] RSP: 002b:00007f4aef4e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  172.003812][ T7047] RAX: ffffffffffffffda RBX: 00007f4af1505fa0 RCX: 00007f4af128ce59
[  172.003825][ T7047] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  172.003837][ T7047] RBP: 00007f4aef4e6090 R08: 0000000000000000 R09: 0000000000000000
[  172.003848][ T7047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.003860][ T7047] R13: 00007f4af1506038 R14: 00007f4af1505fa0 R15: 00007ffdf7287e68
[  172.003890][ T7047]  </TASK>
[  172.066198][ T7050] netlink: 24 bytes leftover after parsing attributes in process `syz.2.404'.
[  172.191610][ T5725] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  172.351654][ T5725] usb 4-1: Using ep0 maxpacket: 8
[  172.353648][ T5725] usb 4-1: config 254 has an invalid descriptor of length 0, skipping remainder of the config
[  172.353674][ T5725] usb 4-1: config 254 has 0 interfaces, different from the descriptor's value: 1
[  172.358169][ T5725] usb 4-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  172.358196][ T5725] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.358216][ T5725] usb 4-1: Product: syz
[  172.358228][ T5725] usb 4-1: Manufacturer: syz
[  172.358236][ T5725] usb 4-1: SerialNumber: syz
[  172.791674][    T9] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  172.882818][ T7057] FAULT_INJECTION: forcing a failure.
[  172.882818][ T7057] name failslab, interval 1, probability 0, space 0, times 0
[  172.882854][ T7057] CPU: 0 UID: 0 PID: 7057 Comm: syz.1.407 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  172.882880][ T7057] Tainted: [L]=SOFTLOCKUP
[  172.882887][ T7057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  172.882898][ T7057] Call Trace:
[  172.882906][ T7057]  <TASK>
[  172.882914][ T7057]  dump_stack_lvl+0xe8/0x150
[  172.882943][ T7057]  should_fail_ex+0x46b/0x600
[  172.882974][ T7057]  should_failslab+0xa8/0x100
[  172.883005][ T7057]  __kmalloc_cache_noprof+0x84/0x690
[  172.883031][ T7057]  ? autofs_new_ino+0x53/0x1c0
[  172.883056][ T7057]  autofs_new_ino+0x53/0x1c0
[  172.883077][ T7057]  autofs_lookup+0x581/0xb10
[  172.883099][ T7057]  ? __rt_spin_lock_init+0x3e/0x50
[  172.883135][ T7057]  __lookup_slow+0x2d2/0x440
[  172.883161][ T7057]  ? __pfx___lookup_slow+0x10/0x10
[  172.883197][ T7057]  ? down_read+0x156/0x200
[  172.883215][ T7057]  ? __pfx_down_read+0x10/0x10
[  172.883235][ T7057]  ? lookup_fast+0x1a3/0x5b0
[  172.883263][ T7057]  lookup_slow+0x53/0x70
[  172.883286][ T7057]  path_lookupat+0x3f5/0x8c0
[  172.883324][ T7057]  filename_lookup+0x256/0x5d0
[  172.883351][ T7057]  ? __pfx_filename_lookup+0x10/0x10
[  172.883397][ T7057]  ? strncpy_from_user+0x150/0x2b0
[  172.883427][ T7057]  ? do_getname+0x151/0x250
[  172.883450][ T7057]  __se_sys_chdir+0xa8/0x2a0
[  172.883486][ T7057]  ? __pfx___se_sys_chdir+0x10/0x10
[  172.883521][ T7057]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.883542][ T7057]  do_syscall_64+0x174/0x580
[  172.883568][ T7057]  ? trace_irq_disable+0x3b/0x140
[  172.883589][ T7057]  ? clear_bhb_loop+0x40/0x90
[  172.883613][ T7057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.883631][ T7057] RIP: 0033:0x7f1c368dce59
[  172.883649][ T7057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  172.883665][ T7057] RSP: 002b:00007f1c34b2e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
[  172.883686][ T7057] RAX: ffffffffffffffda RBX: 00007f1c36b55fa0 RCX: 00007f1c368dce59
[  172.883700][ T7057] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  172.883712][ T7057] RBP: 00007f1c34b2e090 R08: 0000000000000000 R09: 0000000000000000
[  172.883724][ T7057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.883735][ T7057] R13: 00007f1c36b56038 R14: 00007f1c36b55fa0 R15: 00007ffdef84eca8
[  172.883765][ T7057]  </TASK>
[  173.011614][    T9] usb 3-1: Using ep0 maxpacket: 32
[  173.038865][    T9] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  173.038894][    T9] usb 3-1: config 0 has no interface number 0
[  173.150759][    T9] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8
[  173.150789][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.150809][    T9] usb 3-1: Product: syz
[  173.150824][    T9] usb 3-1: Manufacturer: syz
[  173.150838][    T9] usb 3-1: SerialNumber: syz
[  173.203771][ T5724] usb 4-1: USB disconnect, device number 26
[  173.260074][    T9] usb 3-1: config 0 descriptor??
[  173.276205][    T9] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  173.276245][    T9] usb 3-1: selecting invalid altsetting 1
[  173.276261][    T9] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  173.305266][    T9] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  173.330823][    T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  173.330929][    T9] usb 3-1: media controller created
[  173.388399][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  173.515114][ T7054] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.515669][ T7054] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.561629][ T5725] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  173.579719][    T9] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  173.579777][    T9] zl10353_read_register: readreg error (reg=127, ret==-71)
[  173.580796][    T9] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  173.712876][ T5725] usb 2-1: Using ep0 maxpacket: 8
[  173.727430][    T9] usb 3-1: USB disconnect, device number 23
[  173.757326][ T5725] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  173.757357][ T5725] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.757378][ T5725] usb 2-1: Product: syz
[  173.757392][ T5725] usb 2-1: Manufacturer: syz
[  173.757406][ T5725] usb 2-1: SerialNumber: syz
[  173.777588][ T5725] usb 2-1: config 0 descriptor??
[  174.042471][ T5725] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  174.261693][   T10] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  174.411889][   T10] usb 4-1: Using ep0 maxpacket: 32
[  174.434699][   T10] usb 4-1: New USB device found, idVendor=0fe9, idProduct=d501, bcdDevice=23.50
[  174.434729][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.434748][   T10] usb 4-1: Product: syz
[  174.434760][   T10] usb 4-1: Manufacturer: syz
[  174.434774][   T10] usb 4-1: SerialNumber: syz
[  174.441850][ T5767] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  174.505787][   T10] usb 4-1: config 0 descriptor??
[  174.519071][   T10] dvb-usb: found a 'DViCO FusionHDTV5 USB Gold' in warm state.
[  174.540507][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  174.576408][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  174.577232][   T10] dvbdev: DVB: registering new adapter (DViCO FusionHDTV5 USB Gold)
[  174.577296][   T10] usb 4-1: media controller created
[  174.617584][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  174.631582][ T5767] usb 1-1: Using ep0 maxpacket: 8
[  174.668478][ T5767] usb 1-1: config 254 has an invalid descriptor of length 0, skipping remainder of the config
[  174.668505][ T5767] usb 1-1: config 254 has 0 interfaces, different from the descriptor's value: 1
[  174.682105][   T10] usb 4-1: selecting invalid altsetting 7
[  174.682118][ T5767] usb 1-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  174.682125][   T10] cxusb: set interface failed
[  174.682138][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  174.682142][ T5767] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.682159][ T5767] usb 1-1: Product: syz
[  174.682172][ T5767] usb 1-1: Manufacturer: syz
[  174.682185][ T5767] usb 1-1: SerialNumber: syz
[  174.939714][   T10] DVB: Unable to find symbol lgdt330x_attach()
[  174.939730][   T10] dvb-usb: no frontend was attached by 'DViCO FusionHDTV5 USB Gold'
[  175.051738][   T10] rc_core: IR keymap rc-dvico-portable not found
[  175.051759][   T10] Registered IR keymap rc-empty
[  175.074528][   T10] rc rc0: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0
[  175.081200][   T10] input: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0/input9
[  175.156018][   T10] dvb-usb: schedule remote query interval to 100 msecs.
[  175.156043][   T10] dvb-usb: DViCO FusionHDTV5 USB Gold successfully initialized and connected.
[  175.198891][   T10] usb 4-1: USB disconnect, device number 27
[  175.534341][ T5725] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  175.568751][   T10] dvb-usb: DViCO FusionHDTV5 USB Gold successfully deinitialized and disconnected.
[  175.760750][ T5725] usb 2-1: USB disconnect, device number 26
[  176.311707][   T10] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  176.427631][ T7122] xt_connbytes: Forcing CT accounting to be enabled
[  176.455054][ T7122] binder: 7121:7122 ioctl c0306201 200000000640 returned -22
[  176.473333][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 1024, setting to 64
[  176.474509][ T7122] binder: 7121:7122 ioctl 89f3 2000000003c0 returned -22
[  176.501078][   T10] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  176.501107][   T10] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  176.501127][   T10] usb 3-1: Product: syz
[  176.501140][   T10] usb 3-1: Manufacturer: syz
[  176.501154][   T10] usb 3-1: SerialNumber: syz
[  176.554298][   T10] usb 3-1: config 0 descriptor??
[  176.557761][ T7114] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  176.569780][   T10] hub 3-1:0.0: bad descriptor, ignoring hub
[  176.569811][   T10] hub 3-1:0.0: probe with driver hub failed with error -5
[  176.883815][    T9] usb 3-1: USB disconnect, device number 24
[  177.021706][   T10] usb 4-1: new low-speed USB device number 28 using dummy_hcd
[  177.110950][    T9] usb 1-1: USB disconnect, device number 22
[  177.184886][   T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  177.184913][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  177.184962][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  177.185004][   T10] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  177.185026][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.189445][ T7131] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  177.191675][ T5724] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  177.195036][   T10] hub 4-1:1.0: bad descriptor, ignoring hub
[  177.195071][   T10] hub 4-1:1.0: probe with driver hub failed with error -5
[  177.196080][   T10] cdc_wdm 4-1:1.0: skipping garbage
[  177.196096][   T10] cdc_wdm 4-1:1.0: skipping garbage
[  177.207182][   T10] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  177.207221][   T10] cdc_wdm 4-1:1.0: Unknown control protocol
[  177.375063][ T5724] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.375097][ T5724] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.375133][ T5724] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  177.375156][ T5724] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.431293][ T5724] usb 2-1: config 0 descriptor??
[  177.491632][    T9] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  177.542393][   T10] usb 4-1: USB disconnect, device number 28
[  177.651572][    T9] usb 1-1: Using ep0 maxpacket: 8
[  177.656345][    T9] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  177.656376][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.656395][    T9] usb 1-1: Product: syz
[  177.656410][    T9] usb 1-1: Manufacturer: syz
[  177.656423][    T9] usb 1-1: SerialNumber: syz
[  177.660766][    T9] usb 1-1: config 0 descriptor??
[  177.693921][ T5717] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  177.857924][ T5724] hid_parser_main: 208 callbacks suppressed
[  177.857950][ T5724] pyra 0003:1E7D:2CF6.0006: unknown main item tag 0x0
[  177.857984][ T5724] pyra 0003:1E7D:2CF6.0006: unknown main item tag 0x0
[  177.858010][ T5724] pyra 0003:1E7D:2CF6.0006: unknown main item tag 0x0
[  177.858033][ T5724] pyra 0003:1E7D:2CF6.0006: unknown main item tag 0x0
[  177.858050][ T5724] pyra 0003:1E7D:2CF6.0006: unknown main item tag 0x0
[  177.858065][ T5724] pyra 0003:1E7D:2CF6.0006: unknown main item tag 0x0
[  177.858083][ T5724] pyra 0003:1E7D:2CF6.0006: unknown main item tag 0x0
[  177.868074][ T5717] usb 3-1: unable to get BOS descriptor or descriptor too short
[  177.873345][ T5717] usb 3-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  177.876906][ T5717] usb 3-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  177.876933][ T5717] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.876952][ T5717] usb 3-1: Product: syz
[  177.877013][ T5717] usb 3-1: Manufacturer: syz
[  177.877028][ T5717] usb 3-1: SerialNumber: syz
[  177.906679][    T9] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  177.986154][ T5724] pyra 0003:1E7D:2CF6.0006: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  178.772058][ T5717] usb 3-1: reset high-speed USB device number 25 using dummy_hcd
[  178.988600][ T5717] usb 3-1: device firmware changed
[  179.026831][ T5717] usb 3-1: USB disconnect, device number 25
[  179.216030][ T5717] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  179.324571][    T9] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  179.377781][ T5717] usb 3-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  179.412575][ T5717] usb 3-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  179.412607][ T5717] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.412627][ T5717] usb 3-1: Product: Џ
[  179.412655][ T5717] usb 3-1: Manufacturer: 妕暀㴬ࡁꨳ틸ڼ훣ꠝ駘鼗쭍튌剙羝䅆ꕝ驍뇢韱鋙黉⌮釻♃ப腄홦㈅㻶⤟䕅빇랃啇ེ䌍雷ቝ풛ꃤꂪ鉲ᥠṆ
[  179.412678][ T5717] usb 3-1: SerialNumber: ࠁ
[  179.541399][ T5725] usb 1-1: USB disconnect, device number 23
[  179.673300][ T7142] IPVS: sed: FWM 3 0x00000003 - no destination available
[  179.830168][ T7148] netlink: 'syz.2.440': attribute type 6 has an invalid length.
[  179.830190][ T7148] netlink: 2780 bytes leftover after parsing attributes in process `syz.2.440'.
[  179.860644][ T5724] pyra 0003:1E7D:2CF6.0006: couldn't init struct pyra_device
[  179.860699][ T5724] pyra 0003:1E7D:2CF6.0006: couldn't install mouse
[  179.903982][ T7148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.920859][ T7148] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.940575][ T5724] pyra 0003:1E7D:2CF6.0006: probe with driver pyra failed with error -71
[  179.956846][ T5724] usb 2-1: USB disconnect, device number 27
[  180.981738][ T5717] usb 3-1: USB disconnect, device number 26
[  181.561053][ T7242] FAULT_INJECTION: forcing a failure.
[  181.561053][ T7242] name failslab, interval 1, probability 0, space 0, times 0
[  181.561087][ T7242] CPU: 1 UID: 0 PID: 7242 Comm: syz.3.479 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  181.561112][ T7242] Tainted: [L]=SOFTLOCKUP
[  181.561118][ T7242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  181.561129][ T7242] Call Trace:
[  181.561136][ T7242]  <TASK>
[  181.561145][ T7242]  dump_stack_lvl+0xe8/0x150
[  181.561173][ T7242]  should_fail_ex+0x46b/0x600
[  181.561204][ T7242]  should_failslab+0xa8/0x100
[  181.561229][ T7242]  __kmalloc_noprof+0xdf/0x7b0
[  181.561253][ T7242]  ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  181.561284][ T7242]  genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  181.561316][ T7242]  genl_family_rcv_msg_doit+0xd9/0x330
[  181.561339][ T7242]  ? __asan_memcpy+0x40/0x70
[  181.561362][ T7242]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  181.561394][ T7242]  ? apparmor_capable+0x126/0x170
[  181.561421][ T7242]  ? bpf_lsm_capable+0x9/0x20
[  181.561440][ T7242]  ? security_capable+0x7e/0x2c0
[  181.561464][ T7242]  genl_rcv_msg+0x61c/0x7a0
[  181.561491][ T7242]  ? __pfx_genl_rcv_msg+0x10/0x10
[  181.561512][ T7242]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  181.561536][ T7242]  ? __pfx_nl802154_add_llsec_devkey+0x10/0x10
[  181.561564][ T7242]  ? __pfx_nl802154_post_doit+0x10/0x10
[  181.561601][ T7242]  netlink_rcv_skb+0x232/0x4b0
[  181.561637][ T7242]  ? __pfx_genl_rcv_msg+0x10/0x10
[  181.561661][ T7242]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  181.561702][ T7242]  ? netlink_deliver_tap+0x2e/0x1b0
[  181.561729][ T7242]  ? netlink_deliver_tap+0x2e/0x1b0
[  181.561762][ T7242]  genl_rcv+0x28/0x40
[  181.561782][ T7242]  netlink_unicast+0x780/0x920
[  181.561820][ T7242]  netlink_sendmsg+0x813/0xb40
[  181.561848][ T7242]  ? __pfx_netlink_sendmsg+0x10/0x10
[  181.561869][ T7242]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  181.561898][ T7242]  ? aa_sock_msg_perm+0x122/0x200
[  181.561920][ T7242]  ? __pfx_netlink_sendmsg+0x10/0x10
[  181.561937][ T7242]  sock_sendmsg_nosec+0x13a/0x180
[  181.561962][ T7242]  ____sys_sendmsg+0x55c/0x870
[  181.561996][ T7242]  ? __pfx_____sys_sendmsg+0x10/0x10
[  181.562033][ T7242]  ? import_iovec+0x73/0xa0
[  181.562060][ T7242]  ___sys_sendmsg+0x2a5/0x360
[  181.562086][ T7242]  ? __lock_acquire+0x6b5/0x2d10
[  181.562113][ T7242]  ? __pfx____sys_sendmsg+0x10/0x10
[  181.562177][ T7242]  ? __fget_files+0x2a/0x420
[  181.562198][ T7242]  ? __fget_files+0x3a6/0x420
[  181.562231][ T7242]  __x64_sys_sendmsg+0x1c3/0x2a0
[  181.562263][ T7242]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  181.562301][ T7242]  ? __pfx_ksys_write+0x10/0x10
[  181.562337][ T7242]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.562358][ T7242]  do_syscall_64+0x174/0x580
[  181.562385][ T7242]  ? trace_irq_disable+0x3b/0x140
[  181.562407][ T7242]  ? clear_bhb_loop+0x40/0x90
[  181.562431][ T7242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.562450][ T7242] RIP: 0033:0x7f810254ce59
[  181.562469][ T7242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  181.562485][ T7242] RSP: 002b:00007f81007a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  181.562506][ T7242] RAX: ffffffffffffffda RBX: 00007f81027c5fa0 RCX: 00007f810254ce59
[  181.562520][ T7242] RDX: 0000000000008004 RSI: 0000200000000200 RDI: 0000000000000004
[  181.562533][ T7242] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  181.562544][ T7242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.562556][ T7242] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  181.562587][ T7242]  </TASK>
[  181.791916][ T5724] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  181.921591][ T5767] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  181.966753][ T5724] usb 2-1: unable to get BOS descriptor or descriptor too short
[  181.968060][ T5724] usb 2-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  181.970584][ T5724] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  181.970618][ T5724] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.970695][ T5724] usb 2-1: Product: syz
[  181.970709][ T5724] usb 2-1: Manufacturer: syz
[  181.970722][ T5724] usb 2-1: SerialNumber: syz
[  182.121777][ T5767] usb 1-1: Using ep0 maxpacket: 8
[  182.147814][ T5767] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  182.147834][ T5767] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.147845][ T5767] usb 1-1: Product: syz
[  182.148042][ T5767] usb 1-1: Manufacturer: syz
[  182.148051][ T5767] usb 1-1: SerialNumber: syz
[  182.182071][ T5767] usb 1-1: config 0 descriptor??
[  182.404925][ T5767] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  182.851633][ T5725] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  183.003439][ T5725] usb 3-1: Using ep0 maxpacket: 8
[  183.010579][ T5725] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  183.010609][ T5725] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.010630][ T5725] usb 3-1: Product: syz
[  183.010645][ T5725] usb 3-1: Manufacturer: syz
[  183.010727][ T5725] usb 3-1: SerialNumber: syz
[  183.023514][ T5725] usb 3-1: config 0 descriptor??
[  183.069153][ T5724] usb 2-1: reset high-speed USB device number 28 using dummy_hcd
[  183.239758][ T5725] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  183.255879][ T5724] usb 2-1: device firmware changed
[  183.285406][ T5724] usb 2-1: USB disconnect, device number 28
[  183.453967][ T5724] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  183.625827][ T5724] usb 2-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  183.633408][ T5724] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  183.633435][ T5724] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.633734][ T5724] usb 2-1: Product: Џ
[  183.633749][ T5724] usb 2-1: Manufacturer: 妕暀㴬ࡁꨳ틸ڼ훣ꠝ駘鼗쭍튌剙羝䅆ꕝ驍뇢韱鋙黉⌮釻♃ப腄홦㈅㻶⤟䕅빇랃啇ེ䌍雷ቝ풛ꃤꂪ鉲ᥠṆ
[  183.633828][ T5724] usb 2-1: SerialNumber: ࠁ
[  183.663877][ T5767] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  183.729116][ T5767] usb 1-1: USB disconnect, device number 24
[  183.961084][ T7238] netlink: 'syz.1.478': attribute type 6 has an invalid length.
[  183.961163][ T7238] netlink: 2780 bytes leftover after parsing attributes in process `syz.1.478'.
[  183.968143][ T7238] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.970134][ T7238] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.039650][ T7326] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  184.040629][ T7326] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.241753][ T5717] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  184.402922][ T5717] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  184.402950][ T5717] usb 4-1: config 0 has no interface number 0
[  184.407160][ T5717] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  184.407190][ T5717] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.407210][ T5717] usb 4-1: Product: syz
[  184.407224][ T5717] usb 4-1: Manufacturer: syz
[  184.407238][ T5717] usb 4-1: SerialNumber: syz
[  184.422177][ T5717] usb 4-1: config 0 descriptor??
[  184.671463][ T5717] dvb_usb_ec168 4-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[  184.695740][ T5725] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  184.700105][ T5717] usb 4-1: USB disconnect, device number 29
[  184.909767][ T5725] usb 3-1: USB disconnect, device number 27
[  184.970145][ T5724] usb 2-1: USB disconnect, device number 29
[  185.651560][ T5717] usb 1-1: new full-speed USB device number 25 using dummy_hcd
[  185.804229][ T5717] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  185.804265][ T5717] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  185.804304][ T5717] usb 1-1: New USB device found, idVendor=0f30, idProduct=0111, bcdDevice= 0.00
[  185.804326][ T5717] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.817324][ T5717] usb 1-1: config 0 descriptor??
[  185.820960][ T7348] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  186.307319][ T5717] pantherlord 0003:0F30:0111.0007: reserved main item tag 0xd
[  186.307359][ T5717] pantherlord 0003:0F30:0111.0007: item fetching failed at offset 16/44
[  186.308065][ T5717] pantherlord 0003:0F30:0111.0007: parse failed
[  186.308137][ T5717] pantherlord 0003:0F30:0111.0007: probe with driver pantherlord failed with error -22
[  186.497873][ T5725] usb 1-1: USB disconnect, device number 25
[  186.981760][ T5724] usb 3-1: new full-speed USB device number 28 using dummy_hcd
[  187.145274][ T5724] usb 3-1: unable to get BOS descriptor or descriptor too short
[  187.145813][ T5724] usb 3-1: not running at top speed; connect to a high speed hub
[  187.146864][ T5724] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  187.149040][ T5724] usb 3-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice= e.3d
[  187.149067][ T5724] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.149087][ T5724] usb 3-1: Product: syz
[  187.149100][ T5724] usb 3-1: Manufacturer: syz
[  187.149111][ T5724] usb 3-1: SerialNumber: syz
[  187.311631][ T5717] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  187.333183][ T5767] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  187.474701][ T5717] usb 2-1: Using ep0 maxpacket: 16
[  187.481692][ T5767] usb 1-1: Using ep0 maxpacket: 8
[  187.492438][ T5717] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  187.492482][ T5717] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  187.492524][ T5717] usb 2-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00
[  187.492544][ T5717] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.497991][ T5767] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  187.498020][ T5767] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.498040][ T5767] usb 1-1: Product: syz
[  187.498105][ T5767] usb 1-1: Manufacturer: syz
[  187.498119][ T5767] usb 1-1: SerialNumber: syz
[  187.514911][ T7407] FAULT_INJECTION: forcing a failure.
[  187.514911][ T7407] name fail_iommufd, interval 1, probability 0, space 0, times 0
[  187.514946][ T7407] CPU: 1 UID: 0 PID: 7407 Comm: syz.3.556 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  187.514972][ T7407] Tainted: [L]=SOFTLOCKUP
[  187.514978][ T7407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  187.514993][ T7407] Call Trace:
[  187.515001][ T7407]  <TASK>
[  187.515008][ T7407]  dump_stack_lvl+0xe8/0x150
[  187.515036][ T7407]  should_fail_ex+0x46b/0x600
[  187.515068][ T7407]  iommufd_get_object+0x78/0x4b0
[  187.515094][ T7407]  ? __pfx_iommufd_get_object+0x10/0x10
[  187.515123][ T7407]  iommufd_hwpt_get_dirty_bitmap+0x108/0x310
[  187.515155][ T7407]  iommufd_fops_ioctl+0x4b8/0x5d0
[  187.515179][ T7407]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  187.515205][ T7407]  ? __fget_files+0x2a/0x420
[  187.515232][ T7407]  ? __fget_files+0x2a/0x420
[  187.515256][ T7407]  ? bpf_lsm_file_ioctl+0x9/0x20
[  187.515282][ T7407]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  187.515304][ T7407]  __se_sys_ioctl+0xff/0x170
[  187.515331][ T7407]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.515351][ T7407]  do_syscall_64+0x174/0x580
[  187.515379][ T7407]  ? clear_bhb_loop+0x40/0x90
[  187.515402][ T7407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.515420][ T7407] RIP: 0033:0x7f810254ce59
[  187.515437][ T7407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  187.515453][ T7407] RSP: 002b:00007f8100785028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  187.515473][ T7407] RAX: ffffffffffffffda RBX: 00007f81027c6090 RCX: 00007f810254ce59
[  187.515486][ T7407] RDX: 0000200000000040 RSI: 0000000000003b8c RDI: 0000000000000003
[  187.515505][ T7407] RBP: 00007f8100785090 R08: 0000000000000000 R09: 0000000000000000
[  187.515517][ T7407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.515527][ T7407] R13: 00007f81027c6128 R14: 00007f81027c6090 R15: 00007ffd7b720078
[  187.515556][ T7407]  </TASK>
[  187.782179][ T7406] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  187.817684][ T5717] usb 2-1: config 0 descriptor??
[  187.856204][ T5767] usb 1-1: config 0 descriptor??
[  188.027756][ T5724] peak_usb 3-1:1.0 can0: sending cmd f=0x6 n=0x1 failure: -22
[  188.027787][ T5724] peak_usb 3-1:1.0: unable to read PCAN-USB serial number (err -22)
[  188.071696][ T5767] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  188.181213][ T5724] peak_usb 3-1:1.0: probe with driver peak_usb failed with error -22
[  188.194311][ T5724] usb 3-1: USB disconnect, device number 28
[  188.279806][ T5717] kye 0003:0458:5005.0008: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  188.280300][ T5717] kye 0003:0458:5005.0008: unexpected long global item
[  188.280889][ T5717] kye 0003:0458:5005.0008: parse failed
[  188.280949][ T5717] kye 0003:0458:5005.0008: probe with driver kye failed with error -22
[  188.619458][ T7409] MINIX-fs: unable to read superblock
[  188.695064][ T5717] usb 2-1: USB disconnect, device number 30
[  188.798517][ T7422] overlayfs: conflicting options: userxattr,metacopy=on
[  189.505975][ T5767] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  189.523507][ T5767] usb 1-1: USB disconnect, device number 26
[  190.971667][ T5620] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  191.503367][ T5717] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  191.672285][ T5717] usb 3-1: Using ep0 maxpacket: 16
[  191.675245][ T5717] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  191.675295][ T5717] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  191.675338][ T5717] usb 3-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00
[  191.675362][ T5717] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.765675][ T5717] usb 3-1: config 0 descriptor??
[  192.025324][ T5725] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  192.177921][ T5725] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  192.177949][ T5725] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  192.196128][ T5725] usb 1-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  192.196156][ T5725] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.196176][ T5725] usb 1-1: Product: syz
[  192.196190][ T5725] usb 1-1: Manufacturer: syz
[  192.196204][ T5725] usb 1-1: SerialNumber: syz
[  192.225486][ T5725] usb 1-1: config 0 descriptor??
[  192.279683][ T5717] kye 0003:0458:5005.0009: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  192.280358][ T5717] kye 0003:0458:5005.0009: unexpected long global item
[  192.281044][ T5717] kye 0003:0458:5005.0009: parse failed
[  192.281113][ T5717] kye 0003:0458:5005.0009: probe with driver kye failed with error -22
[  192.385172][  T822] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  192.438733][ T5725] usb 1-1: USB disconnect, device number 27
[  192.473974][ T5767] usb 3-1: USB disconnect, device number 29
[  192.531636][  T822] usb 2-1: Using ep0 maxpacket: 8
[  192.537877][  T822] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  192.537908][  T822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.537928][  T822] usb 2-1: Product: syz
[  192.537942][  T822] usb 2-1: Manufacturer: syz
[  192.537951][  T822] usb 2-1: SerialNumber: syz
[  192.540820][  T822] usb 2-1: config 0 descriptor??
[  192.792827][  T822] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  193.110788][ T7490] MINIX-fs: unable to read superblock
[  193.412550][ T7500] FAULT_INJECTION: forcing a failure.
[  193.412550][ T7500] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.412641][ T7500] CPU: 1 UID: 0 PID: 7500 Comm: syz.3.597 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  193.412668][ T7500] Tainted: [L]=SOFTLOCKUP
[  193.412675][ T7500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  193.412686][ T7500] Call Trace:
[  193.412693][ T7500]  <TASK>
[  193.412701][ T7500]  dump_stack_lvl+0xe8/0x150
[  193.412730][ T7500]  should_fail_ex+0x46b/0x600
[  193.412766][ T7500]  strncpy_from_user+0x36/0x2b0
[  193.412795][ T7500]  do_getname+0x77/0x250
[  193.412818][ T7500]  __se_sys_statx+0xd7/0x2a0
[  193.412840][ T7500]  ? lockdep_hardirqs_on+0x7a/0x110
[  193.412878][ T7500]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  193.412907][ T7500]  ? __pfx___se_sys_statx+0x10/0x10
[  193.412938][ T7500]  ? fput+0xa0/0xd0
[  193.412959][ T7500]  ? ksys_write+0x248/0x270
[  193.412993][ T7500]  ? __pfx_ksys_write+0x10/0x10
[  193.413021][ T7500]  ? __x64_sys_statx+0x20/0xc0
[  193.413041][ T7500]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.413061][ T7500]  do_syscall_64+0x174/0x580
[  193.413086][ T7500]  ? trace_irq_disable+0x3b/0x140
[  193.413108][ T7500]  ? clear_bhb_loop+0x40/0x90
[  193.413131][ T7500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.413150][ T7500] RIP: 0033:0x7f810254ce59
[  193.413167][ T7500] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  193.413183][ T7500] RSP: 002b:00007f81007a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000014c
[  193.413203][ T7500] RAX: ffffffffffffffda RBX: 00007f81027c5fa0 RCX: 00007f810254ce59
[  193.413217][ T7500] RDX: 0000000000002000 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  193.413237][ T7500] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  193.413250][ T7500] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  193.413262][ T7500] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  193.413289][ T7500]  </TASK>
[  193.711592][ T5767] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  193.846581][  T822] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  193.865392][  T822] usb 2-1: USB disconnect, device number 31
[  193.868469][ T5767] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.868485][ T5767] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  193.870548][ T5767] usb 4-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  193.870573][ T5767] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.870583][ T5767] usb 4-1: Product: syz
[  193.870591][ T5767] usb 4-1: Manufacturer: syz
[  193.870599][ T5767] usb 4-1: SerialNumber: syz
[  193.891200][ T5767] usb 4-1: config 0 descriptor??
[  194.259801][ T1337] ieee802154 phy0 wpan0: encryption failed: -22
[  194.272764][ T1337] ieee802154 phy1 wpan1: encryption failed: -22
[  194.651908][  T822] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  194.801585][  T822] usb 2-1: Using ep0 maxpacket: 32
[  194.804694][  T822] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  194.804721][  T822] usb 2-1: config 0 has no interface number 0
[  194.804759][  T822] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  194.804773][  T822] usb 2-1: config 0 interface 85 has no altsetting 0
[  194.807051][  T822] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  194.807078][  T822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.807095][  T822] usb 2-1: Product: syz
[  194.807103][  T822] usb 2-1: Manufacturer: syz
[  194.807111][  T822] usb 2-1: SerialNumber: syz
[  194.810735][  T822] usb 2-1: config 0 descriptor??
[  194.927145][ T7512] Unsupported ieee802154 address type: 0
[  195.231565][ T5717] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  195.281003][  T822] appletouch 2-1:0.85: Geyser mode initialized.
[  195.288234][  T822] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input10
[  195.371650][ T5620] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  195.391620][ T5717] usb 3-1: Using ep0 maxpacket: 16
[  195.438364][ T5717] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  195.456937][ T5717] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  195.457072][ T5717] usb 3-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00
[  195.457096][ T5717] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.514618][ T5717] usb 3-1: config 0 descriptor??
[  195.939294][ T5717] kye 0003:0458:5005.000A: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  195.939898][ T5717] kye 0003:0458:5005.000A: unexpected long global item
[  195.940570][ T5717] kye 0003:0458:5005.000A: parse failed
[  195.940642][ T5717] kye 0003:0458:5005.000A: probe with driver kye failed with error -22
[  196.140592][  T822] usb 3-1: USB disconnect, device number 30
[  196.385012][  T822] usb 4-1: USB disconnect, device number 30
[  196.433175][ T5602] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  196.584737][ T5602] usb 1-1: unable to get BOS descriptor or descriptor too short
[  196.586181][ T5602] usb 1-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  196.589650][ T5602] usb 1-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  196.589676][ T5602] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.589689][ T5602] usb 1-1: Product: syz
[  196.589696][ T5602] usb 1-1: Manufacturer: syz
[  196.589704][ T5602] usb 1-1: SerialNumber: syz
[  197.472736][ T5717] usb 2-1: USB disconnect, device number 32
[  197.580366][ T5717] appletouch 2-1:0.85: input: appletouch disconnected
[  197.631885][ T5602] usb 1-1: reset high-speed USB device number 28 using dummy_hcd
[  197.807963][ T5602] usb 1-1: device firmware changed
[  197.818266][ T5602] usb 1-1: USB disconnect, device number 28
[  197.904704][ T7583] netlink: 8 bytes leftover after parsing attributes in process `syz.3.633'.
[  197.962661][ T5602] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  198.011672][  T822] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  198.119644][ T5602] usb 1-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  198.122021][ T5602] usb 1-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  198.122050][ T5602] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.122069][ T5602] usb 1-1: Product: Џ
[  198.122083][ T5602] usb 1-1: Manufacturer: 妕暀㴬ࡁꨳ틸ڼ훣ꠝ駘鼗쭍튌剙羝䅆ꕝ驍뇢韱鋙黉⌮釻♃ப腄홦㈅㻶⤟䕅빇랃啇ེ䌍雷ቝ풛ꃤꂪ鉲ᥠṆ
[  198.122105][ T5602] usb 1-1: SerialNumber: ࠁ
[  198.161789][  T822] usb 3-1: Using ep0 maxpacket: 8
[  198.171019][  T822] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  198.171048][  T822] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.171068][  T822] usb 3-1: Product: syz
[  198.171081][  T822] usb 3-1: Manufacturer: syz
[  198.171245][  T822] usb 3-1: SerialNumber: syz
[  198.184904][  T822] usb 3-1: config 0 descriptor??
[  198.208369][  T823] usb 4-1: new full-speed USB device number 31 using dummy_hcd
[  198.350054][ T7524] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.350698][ T7524] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.371951][  T823] usb 4-1: device descriptor read/64, error -71
[  198.397145][  T822] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  198.619064][  T823] usb 4-1: new full-speed USB device number 32 using dummy_hcd
[  198.741684][  T823] usb 4-1: device descriptor read/64, error -71
[  198.853035][  T823] usb usb4-port1: attempt power cycle
[  199.162145][ T5717] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  199.195748][  T823] usb 4-1: new full-speed USB device number 33 using dummy_hcd
[  199.212241][  T823] usb 4-1: device descriptor read/8, error -71
[  199.321553][ T5717] usb 2-1: Using ep0 maxpacket: 8
[  199.331231][ T5717] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  199.331262][ T5717] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.331281][ T5717] usb 2-1: Product: syz
[  199.331296][ T5717] usb 2-1: Manufacturer: syz
[  199.331310][ T5717] usb 2-1: SerialNumber: syz
[  199.339276][ T5717] usb 2-1: config 0 descriptor??
[  199.479697][  T822] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  199.499773][  T822] usb 3-1: USB disconnect, device number 31
[  199.515898][ T5602] usb 1-1: reset high-speed USB device number 29 using dummy_hcd
[  199.519858][ T5602] usb 1-1: device reset changed ep0 maxpacket size!
[  199.531599][  T823] usb 4-1: new full-speed USB device number 34 using dummy_hcd
[  199.563528][  T823] usb 4-1: device descriptor read/8, error -71
[  199.578184][ T5717] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  199.591144][ T5602] usb 1-1: USB disconnect, device number 29
[  199.687947][  T823] usb usb4-port1: unable to enumerate USB device
[  199.721620][ T5602] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  199.871566][ T5602] usb 1-1: Using ep0 maxpacket: 8
[  199.873270][ T5602] usb 1-1: config 254 has an invalid descriptor of length 0, skipping remainder of the config
[  199.873300][ T5602] usb 1-1: config 254 has 0 interfaces, different from the descriptor's value: 1
[  199.875534][ T5602] usb 1-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  199.875624][ T5602] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.875644][ T5602] usb 1-1: Product: syz
[  199.875658][ T5602] usb 1-1: Manufacturer: syz
[  199.875671][ T5602] usb 1-1: SerialNumber: syz
[  200.989655][ T5717] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  201.012178][ T5717] usb 2-1: USB disconnect, device number 33
[  201.440003][ T7620] FAULT_INJECTION: forcing a failure.
[  201.440003][ T7620] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  201.440031][ T7620] CPU: 0 UID: 0 PID: 7620 Comm: syz.3.649 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  201.440046][ T7620] Tainted: [L]=SOFTLOCKUP
[  201.440050][ T7620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  201.440057][ T7620] Call Trace:
[  201.440062][ T7620]  <TASK>
[  201.440067][ T7620]  dump_stack_lvl+0xe8/0x150
[  201.440085][ T7620]  should_fail_ex+0x46b/0x600
[  201.440103][ T7620]  _copy_to_user+0x31/0xb0
[  201.440120][ T7620]  copy_siginfo_to_user+0x22/0xc0
[  201.440136][ T7620]  x64_setup_rt_frame+0x77b/0xcb0
[  201.440148][ T7620]  ? rt_spin_unlock+0x14f/0x200
[  201.440170][ T7620]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  201.440185][ T7620]  arch_do_signal_or_restart+0x442/0x840
[  201.440197][ T7620]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  201.440211][ T7620]  ? __x64_sys_timer_settime+0x202/0x270
[  201.440253][ T7620]  exit_to_user_mode_loop+0xa9/0x680
[  201.440274][ T7620]  ? rcu_is_watching+0x15/0xb0
[  201.440298][ T7620]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.440317][ T7620]  do_syscall_64+0x353/0x580
[  201.440332][ T7620]  ? trace_irq_disable+0x3b/0x140
[  201.440345][ T7620]  ? clear_bhb_loop+0x40/0x90
[  201.440357][ T7620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.440367][ T7620] RIP: 0033:0x7f810254ce59
[  201.440378][ T7620] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  201.440387][ T7620] RSP: 002b:00007f81007a6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  201.440399][ T7620] RAX: 0000000000000000 RBX: 00007f81027c5fa0 RCX: 00007f810254ce59
[  201.440406][ T7620] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000000
[  201.440413][ T7620] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  201.440419][ T7620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.440425][ T7620] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  201.440441][ T7620]  </TASK>
[  201.541990][ T5618] Bluetooth: hci2: command 0x0406 tx timeout
[  201.543977][ T5620] Bluetooth: hci3: command 0x0406 tx timeout
[  202.150616][  T823] usb 1-1: USB disconnect, device number 30
[  202.333081][ T5717] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  202.484757][ T5717] usb 2-1: Using ep0 maxpacket: 16
[  202.490040][ T5717] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  202.490098][ T5717] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  202.490139][ T5717] usb 2-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00
[  202.490161][ T5717] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.501878][ T5717] usb 2-1: config 0 descriptor??
[  203.032867][ T7678] FAULT_INJECTION: forcing a failure.
[  203.032867][ T7678] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.032903][ T7678] CPU: 0 UID: 0 PID: 7678 Comm: syz.3.676 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  203.032929][ T7678] Tainted: [L]=SOFTLOCKUP
[  203.032935][ T7678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  203.032947][ T7678] Call Trace:
[  203.032953][ T7678]  <TASK>
[  203.032961][ T7678]  dump_stack_lvl+0xe8/0x150
[  203.032990][ T7678]  should_fail_ex+0x46b/0x600
[  203.033023][ T7678]  _copy_from_iter+0x1d3/0x1670
[  203.033050][ T7678]  ? trace_kmem_cache_alloc+0x29/0xe0
[  203.033072][ T7678]  ? __alloc_skb+0x27d/0x7d0
[  203.033097][ T7678]  ? __pfx__copy_from_iter+0x10/0x10
[  203.033113][ T7678]  ? kmem_cache_alloc_node_noprof+0x27c/0x6e0
[  203.033135][ T7678]  ? __alloc_skb+0x27d/0x7d0
[  203.033165][ T7678]  ? netlink_sendmsg+0x650/0xb40
[  203.033182][ T7678]  ? skb_put+0x11b/0x210
[  203.033210][ T7678]  netlink_sendmsg+0x6c0/0xb40
[  203.033236][ T7678]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.033256][ T7678]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  203.033284][ T7678]  ? aa_sock_msg_perm+0x122/0x200
[  203.033305][ T7678]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.033322][ T7678]  sock_sendmsg_nosec+0x13a/0x180
[  203.033347][ T7678]  ____sys_sendmsg+0x55c/0x870
[  203.033377][ T7678]  ? __pfx_____sys_sendmsg+0x10/0x10
[  203.033413][ T7678]  ? import_iovec+0x73/0xa0
[  203.033437][ T7678]  ___sys_sendmsg+0x2a5/0x360
[  203.033468][ T7678]  ? __lock_acquire+0x6b5/0x2d10
[  203.033501][ T7678]  ? __pfx____sys_sendmsg+0x10/0x10
[  203.033561][ T7678]  ? __fget_files+0x2a/0x420
[  203.033583][ T7678]  ? __fget_files+0x3a6/0x420
[  203.033614][ T7678]  __x64_sys_sendmsg+0x1c3/0x2a0
[  203.033644][ T7678]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  203.033681][ T7678]  ? __pfx_ksys_write+0x10/0x10
[  203.033714][ T7678]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.033735][ T7678]  do_syscall_64+0x174/0x580
[  203.033762][ T7678]  ? trace_irq_disable+0x3b/0x140
[  203.033783][ T7678]  ? clear_bhb_loop+0x40/0x90
[  203.033806][ T7678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.033825][ T7678] RIP: 0033:0x7f810254ce59
[  203.033843][ T7678] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  203.033858][ T7678] RSP: 002b:00007f81007a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.033878][ T7678] RAX: ffffffffffffffda RBX: 00007f81027c5fa0 RCX: 00007f810254ce59
[  203.033890][ T7678] RDX: 0000000004008054 RSI: 0000200000000200 RDI: 0000000000000005
[  203.033903][ T7678] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  203.033914][ T7678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.033925][ T7678] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  203.033954][ T7678]  </TASK>
[  203.115174][ T5717] kye 0003:0458:5005.000B: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  203.115841][ T5717] kye 0003:0458:5005.000B: unexpected long global item
[  203.123354][ T5717] kye 0003:0458:5005.000B: parse failed
[  203.123522][ T5717] kye 0003:0458:5005.000B: probe with driver kye failed with error -22
[  203.213638][ T7683] ptrace attach of "ci-upstream-rust-kasan-gce/syz-executor exec"[5612] was attempted by ""[7683]
[  203.222536][ T7683] ptrace attach of "ci-upstream-rust-kasan-gce/syz-executor exec"[5612] was attempted by ""[7683]
[  203.297847][ T5717] usb 2-1: USB disconnect, device number 34
[  203.681679][ T5725] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  203.746435][ T7706] FAULT_INJECTION: forcing a failure.
[  203.746435][ T7706] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.746459][ T7706] CPU: 1 UID: 0 PID: 7706 Comm: syz.3.687 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  203.746474][ T7706] Tainted: [L]=SOFTLOCKUP
[  203.746477][ T7706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  203.746484][ T7706] Call Trace:
[  203.746488][ T7706]  <TASK>
[  203.746493][ T7706]  dump_stack_lvl+0xe8/0x150
[  203.746509][ T7706]  should_fail_ex+0x46b/0x600
[  203.746527][ T7706]  _copy_from_iter+0x1d3/0x1670
[  203.746542][ T7706]  ? trace_kmem_cache_alloc+0x29/0xe0
[  203.746554][ T7706]  ? __alloc_skb+0x27d/0x7d0
[  203.746568][ T7706]  ? __pfx__copy_from_iter+0x10/0x10
[  203.746577][ T7706]  ? kmem_cache_alloc_node_noprof+0x27c/0x6e0
[  203.746588][ T7706]  ? __alloc_skb+0x27d/0x7d0
[  203.746604][ T7706]  ? netlink_sendmsg+0x650/0xb40
[  203.746613][ T7706]  ? skb_put+0x11b/0x210
[  203.746628][ T7706]  netlink_sendmsg+0x6c0/0xb40
[  203.746642][ T7706]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.746653][ T7706]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  203.746668][ T7706]  ? aa_sock_msg_perm+0x122/0x200
[  203.746680][ T7706]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.746689][ T7706]  sock_sendmsg_nosec+0x13a/0x180
[  203.746702][ T7706]  ____sys_sendmsg+0x55c/0x870
[  203.746720][ T7706]  ? __pfx_____sys_sendmsg+0x10/0x10
[  203.746739][ T7706]  ? import_iovec+0x73/0xa0
[  203.746752][ T7706]  ___sys_sendmsg+0x2a5/0x360
[  203.746767][ T7706]  ? __lock_acquire+0x6b5/0x2d10
[  203.746781][ T7706]  ? __pfx____sys_sendmsg+0x10/0x10
[  203.746812][ T7706]  ? __fget_files+0x2a/0x420
[  203.746824][ T7706]  ? __fget_files+0x3a6/0x420
[  203.746840][ T7706]  __x64_sys_sendmsg+0x1c3/0x2a0
[  203.746856][ T7706]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  203.746876][ T7706]  ? __pfx_ksys_write+0x10/0x10
[  203.746894][ T7706]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.746905][ T7706]  do_syscall_64+0x174/0x580
[  203.746926][ T7706]  ? trace_irq_disable+0x3b/0x140
[  203.746938][ T7706]  ? clear_bhb_loop+0x40/0x90
[  203.746951][ T7706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.746961][ T7706] RIP: 0033:0x7f810254ce59
[  203.746971][ T7706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  203.746981][ T7706] RSP: 002b:00007f81007a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.746992][ T7706] RAX: ffffffffffffffda RBX: 00007f81027c5fa0 RCX: 00007f810254ce59
[  203.747000][ T7706] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  203.747006][ T7706] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  203.747013][ T7706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.747019][ T7706] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  203.747034][ T7706]  </TASK>
[  203.921608][ T5725] usb 1-1: Using ep0 maxpacket: 8
[  203.934812][ T5725] usb 1-1: config 254 has an invalid descriptor of length 0, skipping remainder of the config
[  203.934830][ T5725] usb 1-1: config 254 has 0 interfaces, different from the descriptor's value: 1
[  204.033053][ T5725] usb 1-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  204.033072][ T5725] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.033083][ T5725] usb 1-1: Product: syz
[  204.033091][ T5725] usb 1-1: Manufacturer: syz
[  204.033098][ T5725] usb 1-1: SerialNumber: syz
[  204.116996][ T7709] netlink: 44 bytes leftover after parsing attributes in process `syz.1.688'.
[  204.531599][ T5717] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  204.691617][ T5717] usb 3-1: Using ep0 maxpacket: 8
[  204.695206][ T5717] usb 3-1: config 254 has an invalid descriptor of length 0, skipping remainder of the config
[  204.695231][ T5717] usb 3-1: config 254 has 0 interfaces, different from the descriptor's value: 1
[  204.721870][ T5717] usb 3-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  204.721900][ T5717] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.721920][ T5717] usb 3-1: Product: syz
[  204.721935][ T5717] usb 3-1: Manufacturer: syz
[  204.722029][ T5717] usb 3-1: SerialNumber: syz
[  205.192262][ T7759] FAULT_INJECTION: forcing a failure.
[  205.192262][ T7759] name failslab, interval 1, probability 0, space 0, times 0
[  205.192304][ T7759] CPU: 1 UID: 0 PID: 7759 Comm: syz.3.711 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  205.192331][ T7759] Tainted: [L]=SOFTLOCKUP
[  205.192338][ T7759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  205.192349][ T7759] Call Trace:
[  205.192356][ T7759]  <TASK>
[  205.192364][ T7759]  dump_stack_lvl+0xe8/0x150
[  205.192392][ T7759]  should_fail_ex+0x46b/0x600
[  205.192425][ T7759]  should_failslab+0xa8/0x100
[  205.192451][ T7759]  kmem_cache_alloc_noprof+0x87/0x680
[  205.192474][ T7759]  ? rcu_is_watching+0x15/0xb0
[  205.192498][ T7759]  ? security_file_alloc+0x34/0x310
[  205.192528][ T7759]  security_file_alloc+0x34/0x310
[  205.192556][ T7759]  init_file+0x96/0x2d0
[  205.192580][ T7759]  alloc_empty_file+0x74/0x1d0
[  205.192601][ T7759]  path_openat+0x11b/0x3960
[  205.192636][ T7759]  ? try_to_take_rt_mutex+0x840/0xb00
[  205.192660][ T7759]  ? arch_stack_walk+0xfb/0x150
[  205.192696][ T7759]  ? __lock_acquire+0x6b5/0x2d10
[  205.192722][ T7759]  ? __pfx_path_openat+0x10/0x10
[  205.192749][ T7759]  ? kasan_save_track+0x4f/0x80
[  205.192768][ T7759]  ? kasan_save_track+0x3e/0x80
[  205.192786][ T7759]  ? __kasan_slab_alloc+0x6c/0x80
[  205.192814][ T7759]  ? do_raw_spin_lock+0x12b/0x2f0
[  205.192841][ T7759]  do_file_open+0x23e/0x4a0
[  205.192864][ T7759]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  205.192893][ T7759]  ? __pfx_do_file_open+0x10/0x10
[  205.192906][ T7759]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  205.192928][ T7759]  ? alloc_fd+0x679/0x6f0
[  205.192948][ T7759]  do_sys_openat2+0x115/0x200
[  205.192961][ T7759]  ? __pfx_do_sys_openat2+0x10/0x10
[  205.192973][ T7759]  ? ksys_write+0x248/0x270
[  205.192988][ T7759]  ? __pfx_ksys_write+0x10/0x10
[  205.193003][ T7759]  __x64_sys_openat+0x138/0x170
[  205.193016][ T7759]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.193027][ T7759]  do_syscall_64+0x174/0x580
[  205.193041][ T7759]  ? trace_irq_disable+0x3b/0x140
[  205.193053][ T7759]  ? clear_bhb_loop+0x40/0x90
[  205.193066][ T7759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.193076][ T7759] RIP: 0033:0x7f810250d68e
[  205.193086][ T7759] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  205.193095][ T7759] RSP: 002b:00007f81007a5ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  205.193107][ T7759] RAX: ffffffffffffffda RBX: 00007f81007a66c0 RCX: 00007f810250d68e
[  205.193114][ T7759] RDX: 0000000000000002 RSI: 00007f81007a5f90 RDI: ffffffffffffff9c
[  205.193121][ T7759] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  205.193128][ T7759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.193134][ T7759] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  205.193149][ T7759]  </TASK>
[  205.463121][  T822] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  205.654511][  T822] usb 2-1: unable to get BOS descriptor or descriptor too short
[  205.655594][  T822] usb 2-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  205.658062][  T822] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  205.658089][  T822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.658109][  T822] usb 2-1: Product: syz
[  205.658124][  T822] usb 2-1: Manufacturer: syz
[  205.658139][  T822] usb 2-1: SerialNumber: syz
[  206.460978][ T5717] usb 1-1: USB disconnect, device number 31
[  206.691635][  T822] usb 2-1: reset high-speed USB device number 35 using dummy_hcd
[  206.843972][  T822] usb 2-1: device firmware changed
[  206.849437][  T822] usb 2-1: USB disconnect, device number 35
[  206.891823][ T5717] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  207.001581][  T822] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  207.051804][ T5717] usb 1-1: Using ep0 maxpacket: 32
[  207.054758][ T5717] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  207.054784][ T5717] usb 1-1: config 0 has no interface number 0
[  207.054810][ T5717] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  207.054825][ T5717] usb 1-1: config 0 interface 85 has no altsetting 0
[  207.057322][ T5717] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  207.057351][ T5717] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.057372][ T5717] usb 1-1: Product: syz
[  207.057381][ T5717] usb 1-1: Manufacturer: syz
[  207.057389][ T5717] usb 1-1: SerialNumber: syz
[  207.139175][ T5717] usb 1-1: config 0 descriptor??
[  207.171030][  T822] usb 2-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  207.184079][  T822] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  207.184110][  T822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.184128][  T822] usb 2-1: Product: Џ
[  207.184142][  T822] usb 2-1: Manufacturer: 妕暀㴬ࡁꨳ틸ڼ훣ꠝ駘鼗쭍튌剙羝䅆ꕝ驍뇢韱鋙黉⌮釻♃ப腄홦㈅㻶⤟䕅빇랃啇ེ䌍雷ቝ풛ꃤꂪ鉲ᥠṆ
[  207.184165][  T822] usb 2-1: SerialNumber: ࠁ
[  207.297254][ T5725] usb 3-1: USB disconnect, device number 32
[  207.467253][ T7757] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.468964][ T7757] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.607307][ T5717] appletouch 1-1:0.85: Geyser mode initialized.
[  207.611410][ T5717] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input11
[  208.812057][  T822] usb 2-1: reset high-speed USB device number 36 using dummy_hcd
[  208.818391][  T822] usb 2-1: device reset changed ep0 maxpacket size!
[  208.824593][  T822] usb 2-1: USB disconnect, device number 36
[  208.991834][  T822] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  209.151158][  T822] usb 2-1: Using ep0 maxpacket: 8
[  209.164053][  T822] usb 2-1: config 254 has an invalid descriptor of length 0, skipping remainder of the config
[  209.164079][  T822] usb 2-1: config 254 has 0 interfaces, different from the descriptor's value: 1
[  209.198207][  T822] usb 2-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  209.198237][  T822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.198248][  T822] usb 2-1: Product: syz
[  209.198255][  T822] usb 2-1: Manufacturer: syz
[  209.198263][  T822] usb 2-1: SerialNumber: syz
[  209.666066][   T10] usb 1-1: USB disconnect, device number 32
[  209.817068][   T10] appletouch 1-1:0.85: input: appletouch disconnected
[  210.196466][ T7846] syz.2.749 (7846) used greatest stack depth: 18720 bytes left
[  210.444239][ T7897] netlink: 44 bytes leftover after parsing attributes in process `syz.2.767'.
[  211.387478][   T10] usb 2-1: USB disconnect, device number 37
[  211.691611][  T822] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  211.801835][   T10] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  211.843105][  T822] usb 3-1: Using ep0 maxpacket: 32
[  211.847877][  T822] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  211.847903][  T822] usb 3-1: config 0 has no interface number 0
[  211.847939][  T822] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  211.847963][  T822] usb 3-1: config 0 interface 85 has no altsetting 0
[  211.856395][  T822] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  211.856426][  T822] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.856447][  T822] usb 3-1: Product: syz
[  211.856462][  T822] usb 3-1: Manufacturer: syz
[  211.856476][  T822] usb 3-1: SerialNumber: syz
[  211.943763][  T822] usb 3-1: config 0 descriptor??
[  212.004732][   T10] usb 2-1: unable to get BOS descriptor or descriptor too short
[  212.007417][   T10] usb 2-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  212.027932][   T10] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  212.027963][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.027983][   T10] usb 2-1: Product: syz
[  212.027998][   T10] usb 2-1: Manufacturer: syz
[  212.028013][   T10] usb 2-1: SerialNumber: syz
[  212.581365][  T822] appletouch 3-1:0.85: Geyser mode initialized.
[  212.589693][  T822] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input12
[  212.758447][ T7999] netlink: 44 bytes leftover after parsing attributes in process `syz.0.820'.
[  212.873091][ T5767] usb 3-1: USB disconnect, device number 33
[  213.036945][ T5767] appletouch 3-1:0.85: input: appletouch disconnected
[  213.143369][   T10] usb 2-1: reset high-speed USB device number 38 using dummy_hcd
[  213.308159][   T10] usb 2-1: device firmware changed
[  213.320776][   T10] usb 2-1: USB disconnect, device number 38
[  213.384040][ T8029] FAULT_INJECTION: forcing a failure.
[  213.384040][ T8029] name failslab, interval 1, probability 0, space 0, times 0
[  213.384064][ T8029] CPU: 0 UID: 0 PID: 8029 Comm: syz.3.836 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  213.384079][ T8029] Tainted: [L]=SOFTLOCKUP
[  213.384083][ T8029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  213.384090][ T8029] Call Trace:
[  213.384094][ T8029]  <TASK>
[  213.384099][ T8029]  dump_stack_lvl+0xe8/0x150
[  213.384115][ T8029]  should_fail_ex+0x46b/0x600
[  213.384133][ T8029]  should_failslab+0xa8/0x100
[  213.384148][ T8029]  kmem_cache_alloc_noprof+0x87/0x680
[  213.384161][ T8029]  ? dst_alloc+0x105/0x170
[  213.384170][ T8029]  ? fib_lookup+0x76/0x440
[  213.384184][ T8029]  dst_alloc+0x105/0x170
[  213.384196][ T8029]  ip_route_output_key_hash_rcu+0x14d0/0x25e0
[  213.384215][ T8029]  ? ip_route_output_key_hash+0xd8/0x2a0
[  213.384229][ T8029]  ip_route_output_key_hash+0x18d/0x2a0
[  213.384243][ T8029]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  213.384259][ T8029]  ? call_rcu+0x644/0x890
[  213.384273][ T8029]  ? lockdep_hardirqs_on+0x7a/0x110
[  213.384292][ T8029]  ip_route_output_flow+0x2a/0x150
[  213.384303][ T8029]  ? security_sk_classify_flow+0x6d/0x150
[  213.384319][ T8029]  tcp_v4_connect+0x828/0x19b0
[  213.384344][ T8029]  ? __pfx_tcp_v4_connect+0x10/0x10
[  213.384364][ T8029]  __inet_stream_connect+0x25a/0xdd0
[  213.384383][ T8029]  ? __pfx___inet_stream_connect+0x10/0x10
[  213.384396][ T8029]  ? __local_bh_enable+0x1e1/0x2f0
[  213.384414][ T8029]  ? __local_bh_enable_ip+0x1ae/0x2b0
[  213.384427][ T8029]  ? lockdep_hardirqs_on+0x7a/0x110
[  213.384448][ T8029]  inet_stream_connect+0x66/0xa0
[  213.384463][ T8029]  __sys_connect+0x315/0x450
[  213.384478][ T8029]  ? __pfx___sys_connect+0x10/0x10
[  213.384497][ T8029]  ? __pfx_ksys_write+0x10/0x10
[  213.384514][ T8029]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.384525][ T8029]  __x64_sys_connect+0x7a/0x90
[  213.384540][ T8029]  do_syscall_64+0x174/0x580
[  213.384553][ T8029]  ? trace_irq_disable+0x3b/0x140
[  213.384566][ T8029]  ? clear_bhb_loop+0x40/0x90
[  213.384578][ T8029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.384588][ T8029] RIP: 0033:0x7f810254ce59
[  213.384599][ T8029] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  213.384609][ T8029] RSP: 002b:00007f81007a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  213.384621][ T8029] RAX: ffffffffffffffda RBX: 00007f81027c5fa0 RCX: 00007f810254ce59
[  213.384628][ T8029] RDX: 0000000000000010 RSI: 0000200000000180 RDI: 0000000000000003
[  213.384635][ T8029] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  213.384641][ T8029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.384648][ T8029] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  213.384664][ T8029]  </TASK>
[  213.600134][   T10] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  213.705083][ T8039] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  213.780420][   T10] usb 2-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  213.798088][   T10] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  213.798118][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.798139][   T10] usb 2-1: Product: Џ
[  213.798153][   T10] usb 2-1: Manufacturer: 妕暀㴬ࡁꨳ틸ڼ훣ꠝ駘鼗쭍튌剙羝䅆ꕝ驍뇢韱鋙黉⌮釻♃ப腄홦㈅㻶⤟䕅빇랃啇ེ䌍雷ቝ풛ꃤꂪ鉲ᥠṆ
[  213.798177][   T10] usb 2-1: SerialNumber: ࠁ
[  214.107829][ T7955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  214.108455][ T7955] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  214.245225][ T8064] FAULT_INJECTION: forcing a failure.
[  214.245225][ T8064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.245260][ T8064] CPU: 1 UID: 0 PID: 8064 Comm: syz.2.852 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  214.245287][ T8064] Tainted: [L]=SOFTLOCKUP
[  214.245294][ T8064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  214.245304][ T8064] Call Trace:
[  214.245312][ T8064]  <TASK>
[  214.245319][ T8064]  dump_stack_lvl+0xe8/0x150
[  214.245347][ T8064]  should_fail_ex+0x46b/0x600
[  214.245378][ T8064]  _copy_to_user+0x31/0xb0
[  214.245401][ T8064]  simple_read_from_buffer+0xe1/0x170
[  214.245429][ T8064]  proc_fail_nth_read+0x1be/0x230
[  214.245456][ T8064]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  214.245481][ T8064]  ? rw_verify_area+0x2ac/0x4e0
[  214.245506][ T8064]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  214.245529][ T8064]  vfs_read+0x212/0xa80
[  214.245561][ T8064]  ? __pfx_vfs_read+0x10/0x10
[  214.245590][ T8064]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  214.245618][ T8064]  ? lockdep_hardirqs_on+0x7a/0x110
[  214.245645][ T8064]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  214.245672][ T8064]  ? mutex_lock_nested+0x152/0x1d0
[  214.245692][ T8064]  ? fdget_pos+0x252/0x320
[  214.245722][ T8064]  ksys_read+0x156/0x270
[  214.245750][ T8064]  ? __pfx_ksys_read+0x10/0x10
[  214.245775][ T8064]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  214.245806][ T8064]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.245826][ T8064]  do_syscall_64+0x174/0x580
[  214.245852][ T8064]  ? trace_irq_disable+0x3b/0x140
[  214.245873][ T8064]  ? clear_bhb_loop+0x40/0x90
[  214.245907][ T8064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.245926][ T8064] RIP: 0033:0x7f4af124d68e
[  214.245944][ T8064] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  214.245959][ T8064] RSP: 002b:00007f4aef4e5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  214.245979][ T8064] RAX: ffffffffffffffda RBX: 00007f4aef4e66c0 RCX: 00007f4af124d68e
[  214.245996][ T8064] RDX: 000000000000000f RSI: 00007f4aef4e60a0 RDI: 0000000000000004
[  214.246008][ T8064] RBP: 00007f4aef4e6090 R08: 0000000000000000 R09: 0000000000000000
[  214.246019][ T8064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.246031][ T8064] R13: 00007f4af1506038 R14: 00007f4af1505fa0 R15: 00007ffdf7287e68
[  214.246061][ T8064]  </TASK>
[  214.631646][  T822] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  214.781565][  T822] usb 4-1: Using ep0 maxpacket: 16
[  214.786124][  T822] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  214.786153][  T822] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.786173][  T822] usb 4-1: Product: syz
[  214.786187][  T822] usb 4-1: Manufacturer: syz
[  214.786196][  T822] usb 4-1: SerialNumber: syz
[  214.817347][  T822] r8152-cfgselector 4-1: Unknown version 0x0000
[  214.817372][  T822] r8152-cfgselector 4-1: config 0 descriptor??
[  215.228599][ T5725] r8152-cfgselector 4-1: USB disconnect, device number 35
[  215.321573][   T10] usb 2-1: reset high-speed USB device number 39 using dummy_hcd
[  215.322332][   T10] usb 2-1: device reset changed ep0 maxpacket size!
[  215.358046][   T10] usb 2-1: USB disconnect, device number 39
[  215.511732][   T10] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  215.671601][   T10] usb 2-1: Using ep0 maxpacket: 32
[  215.676935][   T10] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  215.676960][   T10] usb 2-1: config 0 has no interface number 0
[  215.677004][   T10] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  215.677032][   T10] usb 2-1: config 0 interface 85 has no altsetting 0
[  215.681203][   T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  215.681231][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.681252][   T10] usb 2-1: Product: syz
[  215.681267][   T10] usb 2-1: Manufacturer: syz
[  215.681281][   T10] usb 2-1: SerialNumber: syz
[  215.767154][   T10] usb 2-1: config 0 descriptor??
[  215.890396][ T8130] FAULT_INJECTION: forcing a failure.
[  215.890396][ T8130] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.890433][ T8130] CPU: 1 UID: 0 PID: 8130 Comm: syz.0.883 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  215.890460][ T8130] Tainted: [L]=SOFTLOCKUP
[  215.890467][ T8130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  215.890479][ T8130] Call Trace:
[  215.890487][ T8130]  <TASK>
[  215.890495][ T8130]  dump_stack_lvl+0xe8/0x150
[  215.890524][ T8130]  should_fail_ex+0x46b/0x600
[  215.890557][ T8130]  _copy_from_iter+0x1d3/0x1670
[  215.890584][ T8130]  ? trace_kmem_cache_alloc+0x29/0xe0
[  215.890605][ T8130]  ? __alloc_skb+0x27d/0x7d0
[  215.890632][ T8130]  ? __pfx__copy_from_iter+0x10/0x10
[  215.890649][ T8130]  ? kmem_cache_alloc_node_noprof+0x27c/0x6e0
[  215.890671][ T8130]  ? __alloc_skb+0x27d/0x7d0
[  215.890701][ T8130]  ? netlink_sendmsg+0x650/0xb40
[  215.890734][ T8130]  ? skb_put+0x11b/0x210
[  215.890763][ T8130]  netlink_sendmsg+0x6c0/0xb40
[  215.890790][ T8130]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.890810][ T8130]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  215.890838][ T8130]  ? aa_sock_msg_perm+0x122/0x200
[  215.890871][ T8130]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.890889][ T8130]  sock_sendmsg_nosec+0x13a/0x180
[  215.890915][ T8130]  ____sys_sendmsg+0x55c/0x870
[  215.890949][ T8130]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.890985][ T8130]  ? import_iovec+0x73/0xa0
[  215.891010][ T8130]  ___sys_sendmsg+0x2a5/0x360
[  215.891038][ T8130]  ? __lock_acquire+0x6b5/0x2d10
[  215.891064][ T8130]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.891126][ T8130]  ? __fget_files+0x2a/0x420
[  215.891150][ T8130]  ? __fget_files+0x3a6/0x420
[  215.891182][ T8130]  __x64_sys_sendmsg+0x1c3/0x2a0
[  215.891214][ T8130]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  215.891251][ T8130]  ? __pfx_ksys_write+0x10/0x10
[  215.891291][ T8130]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.891313][ T8130]  do_syscall_64+0x174/0x580
[  215.891340][ T8130]  ? trace_irq_disable+0x3b/0x140
[  215.891362][ T8130]  ? clear_bhb_loop+0x40/0x90
[  215.891385][ T8130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.891405][ T8130] RIP: 0033:0x7f19369ece59
[  215.891421][ T8130] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  215.891436][ T8130] RSP: 002b:00007f1934c46028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  215.891456][ T8130] RAX: ffffffffffffffda RBX: 00007f1936c65fa0 RCX: 00007f19369ece59
[  215.891468][ T8130] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  215.891480][ T8130] RBP: 00007f1934c46090 R08: 0000000000000000 R09: 0000000000000000
[  215.891492][ T8130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.891503][ T8130] R13: 00007f1936c66038 R14: 00007f1936c65fa0 R15: 00007ffc3d3cbbc8
[  215.891530][ T8130]  </TASK>
[  216.398263][   T10] appletouch 2-1:0.85: Geyser mode initialized.
[  216.414459][   T10] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input13
[  216.681853][ T5725] usb 2-1: USB disconnect, device number 40
[  216.681965][    C0] appletouch 2-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  216.843737][ T5725] appletouch 2-1:0.85: input: appletouch disconnected
[  216.877469][ T8172] FAULT_INJECTION: forcing a failure.
[  216.877469][ T8172] name failslab, interval 1, probability 0, space 0, times 0
[  216.877504][ T8172] CPU: 0 UID: 0 PID: 8172 Comm: syz.3.905 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  216.877531][ T8172] Tainted: [L]=SOFTLOCKUP
[  216.877538][ T8172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  216.877549][ T8172] Call Trace:
[  216.877556][ T8172]  <TASK>
[  216.877565][ T8172]  dump_stack_lvl+0xe8/0x150
[  216.877590][ T8172]  should_fail_ex+0x46b/0x600
[  216.877623][ T8172]  should_failslab+0xa8/0x100
[  216.877650][ T8172]  kmem_cache_alloc_noprof+0x87/0x680
[  216.877672][ T8172]  ? skb_clone+0x212/0x3a0
[  216.877695][ T8172]  skb_clone+0x212/0x3a0
[  216.877717][ T8172]  __netlink_deliver_tap+0x424/0x8b0
[  216.877761][ T8172]  ? netlink_deliver_tap+0x2e/0x1b0
[  216.877792][ T8172]  netlink_deliver_tap+0x19c/0x1b0
[  216.877820][ T8172]  netlink_unicast+0x754/0x920
[  216.877856][ T8172]  netlink_sendmsg+0x813/0xb40
[  216.877884][ T8172]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.877904][ T8172]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  216.877933][ T8172]  ? aa_sock_msg_perm+0x122/0x200
[  216.877955][ T8172]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.877973][ T8172]  sock_sendmsg_nosec+0x13a/0x180
[  216.877998][ T8172]  ____sys_sendmsg+0x55c/0x870
[  216.878034][ T8172]  ? __pfx_____sys_sendmsg+0x10/0x10
[  216.878072][ T8172]  ? import_iovec+0x73/0xa0
[  216.878105][ T8172]  ___sys_sendmsg+0x2a5/0x360
[  216.878133][ T8172]  ? __lock_acquire+0x6b5/0x2d10
[  216.878160][ T8172]  ? __pfx____sys_sendmsg+0x10/0x10
[  216.878224][ T8172]  ? __fget_files+0x2a/0x420
[  216.878246][ T8172]  ? __fget_files+0x3a6/0x420
[  216.878278][ T8172]  __x64_sys_sendmsg+0x1c3/0x2a0
[  216.878310][ T8172]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  216.878349][ T8172]  ? __pfx_ksys_write+0x10/0x10
[  216.878384][ T8172]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.878405][ T8172]  do_syscall_64+0x174/0x580
[  216.878432][ T8172]  ? trace_irq_disable+0x3b/0x140
[  216.878454][ T8172]  ? clear_bhb_loop+0x40/0x90
[  216.878478][ T8172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.878497][ T8172] RIP: 0033:0x7f810254ce59
[  216.878515][ T8172] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  216.878531][ T8172] RSP: 002b:00007f81007a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  216.878552][ T8172] RAX: ffffffffffffffda RBX: 00007f81027c5fa0 RCX: 00007f810254ce59
[  216.878566][ T8172] RDX: 0000000000004004 RSI: 00002000000002c0 RDI: 0000000000000004
[  216.878579][ T8172] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  216.878591][ T8172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.878602][ T8172] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  216.878633][ T8172]  </TASK>
[  216.878721][ T8172] netlink: 12 bytes leftover after parsing attributes in process `syz.3.905'.
[  217.381639][ T5725] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  217.517310][ T8190] netlink: 44 bytes leftover after parsing attributes in process `syz.1.912'.
[  217.539398][ T5725] usb 1-1: Using ep0 maxpacket: 8
[  217.545996][ T5725] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  217.546030][ T5725] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.546050][ T5725] usb 1-1: Product: syz
[  217.546064][ T5725] usb 1-1: Manufacturer: syz
[  217.546076][ T5725] usb 1-1: SerialNumber: syz
[  217.562002][ T5725] usb 1-1: config 0 descriptor??
[  217.791108][ T5725] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  218.495461][ T8248] FAULT_INJECTION: forcing a failure.
[  218.495461][ T8248] name failslab, interval 1, probability 0, space 0, times 0
[  218.495496][ T8248] CPU: 0 UID: 0 PID: 8248 Comm: syz.3.942 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  218.495522][ T8248] Tainted: [L]=SOFTLOCKUP
[  218.495528][ T8248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  218.495539][ T8248] Call Trace:
[  218.495546][ T8248]  <TASK>
[  218.495554][ T8248]  dump_stack_lvl+0xe8/0x150
[  218.495582][ T8248]  should_fail_ex+0x46b/0x600
[  218.495615][ T8248]  should_failslab+0xa8/0x100
[  218.495641][ T8248]  __kmalloc_noprof+0xdf/0x7b0
[  218.495663][ T8248]  ? kfree+0x4d/0x6c0
[  218.495682][ T8248]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  218.495711][ T8248]  tomoyo_realpath_from_path+0xe3/0x5d0
[  218.495734][ T8248]  ? tomoyo_domain+0xd7/0x130
[  218.495762][ T8248]  ? tomoyo_path_number_perm+0x219/0x630
[  218.495790][ T8248]  tomoyo_path_number_perm+0x246/0x630
[  218.495820][ T8248]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  218.495847][ T8248]  ? __lock_acquire+0x6b5/0x2d10
[  218.495871][ T8248]  ? do_raw_spin_lock+0x12b/0x2f0
[  218.495928][ T8248]  ? __fget_files+0x2a/0x420
[  218.495952][ T8248]  ? __fget_files+0x2a/0x420
[  218.495971][ T8248]  ? __fget_files+0x3a6/0x420
[  218.495990][ T8248]  ? __fget_files+0x2a/0x420
[  218.496016][ T8248]  security_file_ioctl+0xc3/0x2a0
[  218.496044][ T8248]  __se_sys_ioctl+0x47/0x170
[  218.496071][ T8248]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.496093][ T8248]  do_syscall_64+0x174/0x580
[  218.496119][ T8248]  ? trace_irq_disable+0x3b/0x140
[  218.496140][ T8248]  ? clear_bhb_loop+0x40/0x90
[  218.496163][ T8248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.496182][ T8248] RIP: 0033:0x7f810254ce59
[  218.496199][ T8248] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  218.496215][ T8248] RSP: 002b:00007f81007a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  218.496235][ T8248] RAX: ffffffffffffffda RBX: 00007f81027c5fa0 RCX: 00007f810254ce59
[  218.496248][ T8248] RDX: 0000200000000100 RSI: 00000000c0045009 RDI: 0000000000000003
[  218.496260][ T8248] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  218.496271][ T8248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.496282][ T8248] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  218.496311][ T8248]  </TASK>
[  218.496319][ T8248] ERROR: Out of memory at tomoyo_realpath_from_path.
[  219.239529][ T5725] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  219.257414][ T5725] usb 1-1: USB disconnect, device number 33
[  219.424593][ T8272] netlink: 44 bytes leftover after parsing attributes in process `syz.1.953'.
[  220.336950][ T5725] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  220.521585][ T5725] usb 1-1: Using ep0 maxpacket: 32
[  220.548013][ T5725] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  220.548039][ T5725] usb 1-1: config 0 has no interface number 0
[  220.548082][ T5725] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  220.548108][ T5725] usb 1-1: config 0 interface 85 has no altsetting 0
[  220.550283][ T5725] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  220.550310][ T5725] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.550329][ T5725] usb 1-1: Product: syz
[  220.550342][ T5725] usb 1-1: Manufacturer: syz
[  220.550355][ T5725] usb 1-1: SerialNumber: syz
[  220.588158][ T5725] usb 1-1: config 0 descriptor??
[  220.839883][ T8342] FAULT_INJECTION: forcing a failure.
[  220.839883][ T8342] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.839919][ T8342] CPU: 0 UID: 0 PID: 8342 Comm: syz.3.985 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  220.839945][ T8342] Tainted: [L]=SOFTLOCKUP
[  220.839952][ T8342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  220.839962][ T8342] Call Trace:
[  220.839969][ T8342]  <TASK>
[  220.839979][ T8342]  dump_stack_lvl+0xe8/0x150
[  220.840013][ T8342]  should_fail_ex+0x46b/0x600
[  220.840046][ T8342]  _copy_from_iter+0x1d3/0x1670
[  220.840073][ T8342]  ? trace_kmem_cache_alloc+0x29/0xe0
[  220.840096][ T8342]  ? __alloc_skb+0x27d/0x7d0
[  220.840123][ T8342]  ? __pfx__copy_from_iter+0x10/0x10
[  220.840139][ T8342]  ? kmem_cache_alloc_node_noprof+0x27c/0x6e0
[  220.840161][ T8342]  ? __alloc_skb+0x27d/0x7d0
[  220.840202][ T8342]  ? netlink_sendmsg+0x650/0xb40
[  220.840220][ T8342]  ? skb_put+0x11b/0x210
[  220.840249][ T8342]  netlink_sendmsg+0x6c0/0xb40
[  220.840276][ T8342]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.840296][ T8342]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  220.840325][ T8342]  ? aa_sock_msg_perm+0x122/0x200
[  220.840346][ T8342]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.840364][ T8342]  sock_sendmsg_nosec+0x13a/0x180
[  220.840389][ T8342]  ____sys_sendmsg+0x55c/0x870
[  220.840423][ T8342]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.840460][ T8342]  ? import_iovec+0x73/0xa0
[  220.840485][ T8342]  ___sys_sendmsg+0x2a5/0x360
[  220.840511][ T8342]  ? __lock_acquire+0x6b5/0x2d10
[  220.840538][ T8342]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.840597][ T8342]  ? __fget_files+0x2a/0x420
[  220.840619][ T8342]  ? __fget_files+0x3a6/0x420
[  220.840650][ T8342]  __x64_sys_sendmsg+0x1c3/0x2a0
[  220.840680][ T8342]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  220.840717][ T8342]  ? __pfx_ksys_write+0x10/0x10
[  220.840751][ T8342]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.840772][ T8342]  do_syscall_64+0x174/0x580
[  220.840799][ T8342]  ? trace_irq_disable+0x3b/0x140
[  220.840820][ T8342]  ? clear_bhb_loop+0x40/0x90
[  220.840842][ T8342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.840861][ T8342] RIP: 0033:0x7f810254ce59
[  220.840879][ T8342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  220.840895][ T8342] RSP: 002b:00007f81007a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.840915][ T8342] RAX: ffffffffffffffda RBX: 00007f81027c5fa0 RCX: 00007f810254ce59
[  220.840929][ T8342] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000b
[  220.840940][ T8342] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  220.840952][ T8342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.840963][ T8342] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  220.840992][ T8342]  </TASK>
[  221.243147][ T5725] appletouch 1-1:0.85: Geyser mode initialized.
[  221.249225][ T5725] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input14
[  221.550398][ T5717] usb 1-1: USB disconnect, device number 34
[  221.728907][ T5717] appletouch 1-1:0.85: input: appletouch disconnected
[  222.233514][ T8384] comedi comedi1: comedi_config --init_data is deprecated
[  222.472876][    T9] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  222.521702][ T5717] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  222.638525][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  222.638552][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  222.638602][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  222.677722][    T9] usb 2-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[  222.677752][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.677773][    T9] usb 2-1: Product: syz
[  222.677788][    T9] usb 2-1: Manufacturer: syz
[  222.677803][    T9] usb 2-1: SerialNumber: syz
[  222.717232][ T5717] usb 1-1: unable to get BOS descriptor or descriptor too short
[  222.718613][ T5717] usb 1-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  222.745646][ T5717] usb 1-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  222.745676][ T5717] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.745697][ T5717] usb 1-1: Product: syz
[  222.745711][ T5717] usb 1-1: Manufacturer: syz
[  222.745725][ T5717] usb 1-1: SerialNumber: syz
[  222.763016][ T8410] FAULT_INJECTION: forcing a failure.
[  222.763016][ T8410] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.763049][ T8410] CPU: 1 UID: 0 PID: 8410 Comm: syz.2.1016 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  222.763075][ T8410] Tainted: [L]=SOFTLOCKUP
[  222.763082][ T8410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  222.763093][ T8410] Call Trace:
[  222.763099][ T8410]  <TASK>
[  222.763107][ T8410]  dump_stack_lvl+0xe8/0x150
[  222.763136][ T8410]  should_fail_ex+0x46b/0x600
[  222.763169][ T8410]  _copy_from_user+0x2d/0xb0
[  222.763190][ T8410]  get_sg_io_hdr+0xf6/0x850
[  222.763216][ T8410]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  222.763240][ T8410]  ? __pfx_get_sg_io_hdr+0x10/0x10
[  222.763258][ T8410]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  222.763289][ T8410]  ? rt_write_unlock+0x190/0x230
[  222.763314][ T8410]  ? sg_add_request+0x526/0x580
[  222.763336][ T8410]  sg_new_write+0x180/0x890
[  222.763359][ T8410]  ? __pfx_sg_new_write+0x10/0x10
[  222.763409][ T8410]  sg_ioctl+0x11fd/0x21a0
[  222.763445][ T8410]  ? __pfx_sg_ioctl+0x10/0x10
[  222.763473][ T8410]  ? __fget_files+0x2a/0x420
[  222.763504][ T8410]  ? __fget_files+0x2a/0x420
[  222.763525][ T8410]  ? __fget_files+0x3a6/0x420
[  222.763545][ T8410]  ? __fget_files+0x2a/0x420
[  222.763568][ T8410]  ? bpf_lsm_file_ioctl+0x9/0x20
[  222.763595][ T8410]  ? __pfx_sg_ioctl+0x10/0x10
[  222.763621][ T8410]  __se_sys_ioctl+0xff/0x170
[  222.763648][ T8410]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.763668][ T8410]  do_syscall_64+0x174/0x580
[  222.763697][ T8410]  ? trace_irq_disable+0x3b/0x140
[  222.763718][ T8410]  ? clear_bhb_loop+0x40/0x90
[  222.763741][ T8410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.763759][ T8410] RIP: 0033:0x7f4af128ce59
[  222.763776][ T8410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  222.763792][ T8410] RSP: 002b:00007f4aef4e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  222.763812][ T8410] RAX: ffffffffffffffda RBX: 00007f4af1505fa0 RCX: 00007f4af128ce59
[  222.763826][ T8410] RDX: 00002000000033c0 RSI: 0000000000002285 RDI: 0000000000000003
[  222.763839][ T8410] RBP: 00007f4aef4e6090 R08: 0000000000000000 R09: 0000000000000000
[  222.763851][ T8410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.763862][ T8410] R13: 00007f4af1506038 R14: 00007f4af1505fa0 R15: 00007ffdf7287e68
[  222.763890][ T8410]  </TASK>
[  222.997034][ T8416] comedi comedi1: comedi_config --init_data is deprecated
[  223.050315][    T9] usb 2-1: config 0 descriptor??
[  223.242910][ T5602] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  223.407187][ T5602] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  223.407213][ T5602] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  223.407260][ T5602] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  223.432845][ T5602] usb 3-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[  223.432879][ T5602] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.432898][ T5602] usb 3-1: Product: syz
[  223.432913][ T5602] usb 3-1: Manufacturer: syz
[  223.432927][ T5602] usb 3-1: SerialNumber: syz
[  223.540489][ T5602] usb 3-1: config 0 descriptor??
[  224.085367][ T8382] netlink: 220 bytes leftover after parsing attributes in process `syz.1.1002'.
[  224.238401][ T8435] FAULT_INJECTION: forcing a failure.
[  224.238401][ T8435] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.238437][ T8435] CPU: 1 UID: 0 PID: 8435 Comm: syz.3.1026 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  224.238467][ T8435] Tainted: [L]=SOFTLOCKUP
[  224.238474][ T8435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  224.238486][ T8435] Call Trace:
[  224.238493][ T8435]  <TASK>
[  224.238502][ T8435]  dump_stack_lvl+0xe8/0x150
[  224.238530][ T8435]  should_fail_ex+0x46b/0x600
[  224.238563][ T8435]  _copy_from_iter+0x1d3/0x1670
[  224.238590][ T8435]  ? trace_kmem_cache_alloc+0x29/0xe0
[  224.238612][ T8435]  ? __alloc_skb+0x27d/0x7d0
[  224.238638][ T8435]  ? __pfx__copy_from_iter+0x10/0x10
[  224.238656][ T8435]  ? kmem_cache_alloc_node_noprof+0x27c/0x6e0
[  224.238678][ T8435]  ? __alloc_skb+0x27d/0x7d0
[  224.238708][ T8435]  ? netlink_sendmsg+0x650/0xb40
[  224.238725][ T8435]  ? skb_put+0x11b/0x210
[  224.238754][ T8435]  netlink_sendmsg+0x6c0/0xb40
[  224.238781][ T8435]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.238801][ T8435]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  224.238830][ T8435]  ? aa_sock_msg_perm+0x122/0x200
[  224.238859][ T8435]  ? __pfx_netlink_sendmsg+0x10/0x10
[  224.238877][ T8435]  sock_sendmsg_nosec+0x13a/0x180
[  224.238902][ T8435]  ____sys_sendmsg+0x55c/0x870
[  224.238936][ T8435]  ? __pfx_____sys_sendmsg+0x10/0x10
[  224.238973][ T8435]  ? import_iovec+0x73/0xa0
[  224.238997][ T8435]  ___sys_sendmsg+0x2a5/0x360
[  224.239024][ T8435]  ? __lock_acquire+0x6b5/0x2d10
[  224.239051][ T8435]  ? __pfx____sys_sendmsg+0x10/0x10
[  224.239111][ T8435]  ? __fget_files+0x2a/0x420
[  224.239133][ T8435]  ? __fget_files+0x3a6/0x420
[  224.239164][ T8435]  __x64_sys_sendmsg+0x1c3/0x2a0
[  224.239194][ T8435]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  224.239232][ T8435]  ? __pfx_ksys_write+0x10/0x10
[  224.239266][ T8435]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.239286][ T8435]  do_syscall_64+0x174/0x580
[  224.239312][ T8435]  ? trace_irq_disable+0x3b/0x140
[  224.239334][ T8435]  ? clear_bhb_loop+0x40/0x90
[  224.239356][ T8435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.239375][ T8435] RIP: 0033:0x7f810254ce59
[  224.239393][ T8435] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  224.239409][ T8435] RSP: 002b:00007f81007a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  224.239430][ T8435] RAX: ffffffffffffffda RBX: 00007f81027c5fa0 RCX: 00007f810254ce59
[  224.239444][ T8435] RDX: 0000000000000010 RSI: 0000200000000400 RDI: 0000000000000007
[  224.239456][ T8435] RBP: 00007f81007a6090 R08: 0000000000000000 R09: 0000000000000000
[  224.239468][ T8435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.239480][ T8435] R13: 00007f81027c6038 R14: 00007f81027c5fa0 R15: 00007ffd7b720078
[  224.239510][ T8435]  </TASK>
[  224.261393][ T5717] usb 1-1: reset high-speed USB device number 35 using dummy_hcd
[  224.310622][    T9] uvcvideo 2-1:0.0: Found UVC 34.00 device syz (8086:0b5b)
[  224.310662][    T9] uvcvideo 2-1:0.0: No valid video chain found.
[  224.511624][    T9] usb 2-1: USB disconnect, device number 41
[  224.645618][ T5602] uvcvideo 3-1:0.0: Found UVC 34.00 device syz (8086:0b5b)
[  224.645640][ T5602] uvcvideo 3-1:0.0: No valid video chain found.
[  224.661630][ T5602] usb 3-1: USB disconnect, device number 34
[  224.706764][ T5717] usb 1-1: device firmware changed
[  224.721378][ T5717] usb 1-1: USB disconnect, device number 35
[  224.871823][ T5717] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  225.072812][ T5717] usb 1-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  225.107316][ T5717] usb 1-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  225.107348][ T5717] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.107367][ T5717] usb 1-1: Product: Џ
[  225.107381][ T5717] usb 1-1: Manufacturer: 妕暀㴬ࡁꨳ틸ڼ훣ꠝ駘鼗쭍튌剙羝䅆ꕝ驍뇢韱鋙黉⌮釻♃ப腄홦㈅㻶⤟䕅빇랃啇ེ䌍雷ቝ풛ꃤꂪ鉲ᥠṆ
[  225.107405][ T5717] usb 1-1: SerialNumber: ࠁ
[  226.381625][ T5717] usb 1-1: USB disconnect, device number 36
[  226.439235][ T8515] FAULT_INJECTION: forcing a failure.
[  226.439235][ T8515] name failslab, interval 1, probability 0, space 0, times 0
[  226.439271][ T8515] CPU: 0 UID: 0 PID: 8515 Comm: syz.3.1064 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  226.439298][ T8515] Tainted: [L]=SOFTLOCKUP
[  226.439308][ T8515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  226.439318][ T8515] Call Trace:
[  226.439326][ T8515]  <TASK>
[  226.439333][ T8515]  dump_stack_lvl+0xe8/0x150
[  226.439361][ T8515]  should_fail_ex+0x46b/0x600
[  226.439394][ T8515]  should_failslab+0xa8/0x100
[  226.439420][ T8515]  __kmalloc_noprof+0xdf/0x7b0
[  226.439443][ T8515]  ? kfree+0x4d/0x6c0
[  226.439461][ T8515]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  226.439490][ T8515]  tomoyo_realpath_from_path+0xe3/0x5d0
[  226.439512][ T8515]  ? tomoyo_domain+0xd7/0x130
[  226.439536][ T8515]  ? tomoyo_path_number_perm+0x219/0x630
[  226.439563][ T8515]  tomoyo_path_number_perm+0x246/0x630
[  226.439593][ T8515]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  226.439619][ T8515]  ? __lock_acquire+0x6b5/0x2d10
[  226.439645][ T8515]  ? do_raw_spin_lock+0x12b/0x2f0
[  226.439685][ T8515]  ? __fget_files+0x2a/0x420
[  226.439704][ T8515]  ? __fget_files+0x2a/0x420
[  226.439721][ T8515]  ? __fget_files+0x3a6/0x420
[  226.439742][ T8515]  ? __fget_files+0x2a/0x420
[  226.439767][ T8515]  security_file_ioctl+0xc3/0x2a0
[  226.439789][ T8515]  __se_sys_ioctl+0x47/0x170
[  226.439808][ T8515]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.439823][ T8515]  do_syscall_64+0x174/0x580
[  226.439843][ T8515]  ? trace_irq_disable+0x3b/0x140
[  226.439859][ T8515]  ? clear_bhb_loop+0x40/0x90
[  226.439876][ T8515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.439889][ T8515] RIP: 0033:0x7f810254ce59
[  226.439903][ T8515] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  226.439916][ T8515] RSP: 002b:00007f8100785028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  226.439931][ T8515] RAX: ffffffffffffffda RBX: 00007f81027c6090 RCX: 00007f810254ce59
[  226.439942][ T8515] RDX: 00002000000004c0 RSI: 000000004008af03 RDI: 0000000000000003
[  226.439951][ T8515] RBP: 00007f8100785090 R08: 0000000000000000 R09: 0000000000000000
[  226.439960][ T8515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.439968][ T8515] R13: 00007f81027c6128 R14: 00007f81027c6090 R15: 00007ffd7b720078
[  226.439990][ T8515]  </TASK>
[  226.440084][ T8515] ERROR: Out of memory at tomoyo_realpath_from_path.
[  226.914458][ T8521] netlink: 'syz.0.1066': attribute type 10 has an invalid length.
[  227.152236][ T5602] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  227.301808][ T5602] usb 2-1: Using ep0 maxpacket: 8
[  227.315126][ T5602] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  227.315156][ T5602] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.315177][ T5602] usb 2-1: Product: syz
[  227.315191][ T5602] usb 2-1: Manufacturer: syz
[  227.315205][ T5602] usb 2-1: SerialNumber: syz
[  227.337742][ T5602] usb 2-1: config 0 descriptor??
[  227.564808][ T5602] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  229.383960][ T5602] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  229.389931][ T5602] usb 2-1: USB disconnect, device number 42
[  229.985198][ T8585] netlink: 'syz.1.1094': attribute type 10 has an invalid length.
[  230.037075][ T4927] Bluetooth: hci1: SCO packet for unknown connection handle 201
[  230.284042][ T8599] FAULT_INJECTION: forcing a failure.
[  230.284042][ T8599] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.284073][ T8599] CPU: 1 UID: 0 PID: 8599 Comm: syz.0.1099 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  230.284094][ T8599] Tainted: [L]=SOFTLOCKUP
[  230.284099][ T8599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  230.284108][ T8599] Call Trace:
[  230.284113][ T8599]  <TASK>
[  230.284120][ T8599]  dump_stack_lvl+0xe8/0x150
[  230.284143][ T8599]  should_fail_ex+0x46b/0x600
[  230.284171][ T8599]  _copy_from_user+0x2d/0xb0
[  230.284191][ T8599]  copy_clone_args_from_user+0x1fa/0x740
[  230.284212][ T8599]  ? get_pid_task+0x20/0x1f0
[  230.284226][ T8599]  ? get_pid_task+0x20/0x1f0
[  230.284240][ T8599]  ? __pfx_copy_clone_args_from_user+0x10/0x10
[  230.284270][ T8599]  __se_sys_clone3+0x142/0x360
[  230.284287][ T8599]  ? __pfx___se_sys_clone3+0x10/0x10
[  230.284322][ T8599]  ? __pfx_ksys_write+0x10/0x10
[  230.284350][ T8599]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.284367][ T8599]  do_syscall_64+0x174/0x580
[  230.284390][ T8599]  ? trace_irq_disable+0x3b/0x140
[  230.284406][ T8599]  ? clear_bhb_loop+0x40/0x90
[  230.284424][ T8599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.284439][ T8599] RIP: 0033:0x7f19369ece59
[  230.284454][ T8599] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  230.284469][ T8599] RSP: 002b:00007f1934c24ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  230.284486][ T8599] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f19369ece59
[  230.284498][ T8599] RDX: 00007f1934c24f10 RSI: 0000000000000058 RDI: 00007f1934c24f10
[  230.284509][ T8599] RBP: 00007f1934c25090 R08: 0000000000000000 R09: 0000000000000058
[  230.284524][ T8599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.284534][ T8599] R13: 00007f1936c66128 R14: 00007f1936c66090 R15: 00007ffc3d3cbbc8
[  230.284559][ T8599]  </TASK>
[  230.757600][ T8626] FAULT_INJECTION: forcing a failure.
[  230.757600][ T8626] name failslab, interval 1, probability 0, space 0, times 0
[  230.757634][ T8626] CPU: 1 UID: 0 PID: 8626 Comm: syz.2.1116 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  230.757663][ T8626] Tainted: [L]=SOFTLOCKUP
[  230.757670][ T8626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  230.757681][ T8626] Call Trace:
[  230.757688][ T8626]  <TASK>
[  230.757696][ T8626]  dump_stack_lvl+0xe8/0x150
[  230.757723][ T8626]  should_fail_ex+0x46b/0x600
[  230.757763][ T8626]  should_failslab+0xa8/0x100
[  230.757788][ T8626]  kmem_cache_alloc_noprof+0x87/0x680
[  230.757811][ T8626]  ? lockdep_hardirqs_on+0x7a/0x110
[  230.757838][ T8626]  ? do_getname+0x2e/0x250
[  230.757861][ T8626]  do_getname+0x2e/0x250
[  230.757878][ T8626]  ? getname_flags+0x11/0x20
[  230.757897][ T8626]  do_sys_openat2+0xcc/0x200
[  230.757920][ T8626]  ? __pfx_do_sys_openat2+0x10/0x10
[  230.757942][ T8626]  ? ksys_write+0x248/0x270
[  230.757968][ T8626]  ? __pfx_ksys_write+0x10/0x10
[  230.757997][ T8626]  __x64_sys_openat+0x138/0x170
[  230.758020][ T8626]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.758038][ T8626]  do_syscall_64+0x174/0x580
[  230.758063][ T8626]  ? trace_irq_disable+0x3b/0x140
[  230.758085][ T8626]  ? clear_bhb_loop+0x40/0x90
[  230.758108][ T8626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.758127][ T8626] RIP: 0033:0x7f4af128ce59
[  230.758133][ T8627] netlink: 'syz.1.1115': attribute type 49 has an invalid length.
[  230.758144][ T8626] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  230.758159][ T8626] RSP: 002b:00007f4aef4e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  230.758179][ T8626] RAX: ffffffffffffffda RBX: 00007f4af1505fa0 RCX: 00007f4af128ce59
[  230.758193][ T8626] RDX: 000000000049a002 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  230.758206][ T8626] RBP: 00007f4aef4e6090 R08: 0000000000000000 R09: 0000000000000000
[  230.758217][ T8626] R10: 0000000000000181 R11: 0000000000000246 R12: 0000000000000001
[  230.758228][ T8626] R13: 00007f4af1506038 R14: 00007f4af1505fa0 R15: 00007ffdf7287e68
[  230.758258][ T8626]  </TASK>
[  230.791584][ T5602] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  230.941543][ T5602] usb 1-1: Using ep0 maxpacket: 32
[  230.943785][ T5602] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  230.943810][ T5602] usb 1-1: config 0 has no interface number 0
[  230.943852][ T5602] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  230.943878][ T5602] usb 1-1: config 0 interface 85 has no altsetting 0
[  230.946225][ T5602] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  230.946250][ T5602] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.946269][ T5602] usb 1-1: Product: syz
[  230.946283][ T5602] usb 1-1: Manufacturer: syz
[  230.946296][ T5602] usb 1-1: SerialNumber: syz
[  230.967035][ T5602] usb 1-1: config 0 descriptor??
[  231.029574][    T9] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  231.215294][    T9] usb 2-1: config index 0 descriptor too short (expected 1572, got 36)
[  231.215323][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  231.239894][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0238, bcdDevice= 0.40
[  231.239923][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.239944][    T9] usb 2-1: Product: syz
[  231.239958][    T9] usb 2-1: Manufacturer: syz
[  231.239972][    T9] usb 2-1: SerialNumber: syz
[  231.297609][    T9] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input16
[  231.511057][ T4963] bcm5974 2-1:1.0: could not read from device
[  231.591010][ T5602] appletouch 1-1:0.85: Geyser mode initialized.
[  231.611341][    T9] bcm5974 2-1:1.0: could not read from device
[  231.649883][ T5602] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input15
[  231.678447][ T4963] bcm5974 2-1:1.0: could not read from device
[  231.754378][ T8650] FAULT_INJECTION: forcing a failure.
[  231.754378][ T8650] name failslab, interval 1, probability 0, space 0, times 0
[  231.754414][ T8650] CPU: 1 UID: 0 PID: 8650 Comm: syz.2.1127 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  231.754440][ T8650] Tainted: [L]=SOFTLOCKUP
[  231.754447][ T8650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  231.754458][ T8650] Call Trace:
[  231.754466][ T8650]  <TASK>
[  231.754475][ T8650]  dump_stack_lvl+0xe8/0x150
[  231.754503][ T8650]  should_fail_ex+0x46b/0x600
[  231.754535][ T8650]  should_failslab+0xa8/0x100
[  231.754561][ T8650]  kmem_cache_alloc_noprof+0x87/0x680
[  231.754584][ T8650]  ? ep_ptable_queue_proc+0x5c/0x200
[  231.754616][ T8650]  ep_ptable_queue_proc+0x5c/0x200
[  231.754641][ T8650]  ? __pfx_ep_ptable_queue_proc+0x10/0x10
[  231.754676][ T8650]  unix_dgram_poll+0x80/0x680
[  231.754698][ T8650]  ? sock_poll+0x88/0xc0
[  231.754717][ T8650]  ? __pfx_sock_poll+0x10/0x10
[  231.754730][ T8650]  ep_insert+0x11bb/0x1820
[  231.754752][ T8650]  ? __pfx_ep_insert+0x10/0x10
[  231.754778][ T8650]  ? __pfx_ep_ptable_queue_proc+0x10/0x10
[  231.754805][ T8650]  ? lockdep_hardirqs_on+0x7a/0x110
[  231.754832][ T8650]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  231.754859][ T8650]  ? mutex_lock_nested+0x152/0x1d0
[  231.754878][ T8650]  ? do_epoll_ctl_file+0xc69/0xed0
[  231.754894][ T8650]  do_epoll_ctl_file+0x8bb/0xed0
[  231.754912][ T8650]  ? __pfx_do_epoll_ctl_file+0x10/0x10
[  231.754927][ T8650]  ? __fget_files+0x3a6/0x420
[  231.754939][ T8650]  ? __fget_files+0x2a/0x420
[  231.754955][ T8650]  __se_sys_epoll_ctl+0x14e/0x210
[  231.754970][ T8650]  ? __pfx___se_sys_epoll_ctl+0x10/0x10
[  231.754988][ T8650]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.754999][ T8650]  do_syscall_64+0x174/0x580
[  231.755014][ T8650]  ? clear_bhb_loop+0x40/0x90
[  231.755027][ T8650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.755037][ T8650] RIP: 0033:0x7f4af128ce59
[  231.755049][ T8650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  231.755058][ T8650] RSP: 002b:00007f4aef4c5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  231.755069][ T8650] RAX: ffffffffffffffda RBX: 00007f4af1506090 RCX: 00007f4af128ce59
[  231.755077][ T8650] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[  231.755083][ T8650] RBP: 00007f4aef4c5090 R08: 0000000000000000 R09: 0000000000000000
[  231.755089][ T8650] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  231.755095][ T8650] R13: 00007f4af1506128 R14: 00007f4af1506090 R15: 00007ffdf7287e68
[  231.755112][ T8650]  </TASK>
[  231.755168][ T8650] ==================================================================
[  231.755173][ T8650] BUG: KASAN: slab-use-after-free in clear_tfile_check_list+0x114/0x380
[  231.755189][ T8650] Read of size 8 at addr ffff8880387378e8 by task syz.2.1127/8650
[  231.755198][ T8650] 
[  231.755205][ T8650] CPU: 1 UID: 0 PID: 8650 Comm: syz.2.1127 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  231.755219][ T8650] Tainted: [L]=SOFTLOCKUP
[  231.755223][ T8650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  231.755229][ T8650] Call Trace:
[  231.755233][ T8650]  <TASK>
[  231.755237][ T8650]  dump_stack_lvl+0xe8/0x150
[  231.755249][ T8650]  print_address_description+0x55/0x1e0
[  231.755263][ T8650]  ? clear_tfile_check_list+0x114/0x380
[  231.755276][ T8650]  print_report+0x58/0x70
[  231.755288][ T8650]  kasan_report+0x117/0x150
[  231.755301][ T8650]  ? clear_tfile_check_list+0x114/0x380
[  231.755316][ T8650]  clear_tfile_check_list+0x114/0x380
[  231.755330][ T8650]  ? clear_tfile_check_list+0x22/0x380
[  231.755344][ T8650]  do_epoll_ctl_file+0x8fd/0xed0
[  231.755358][ T8650]  ? __pfx_do_epoll_ctl_file+0x10/0x10
[  231.755371][ T8650]  ? __fget_files+0x3a6/0x420
[  231.755382][ T8650]  ? __fget_files+0x2a/0x420
[  231.755394][ T8650]  __se_sys_epoll_ctl+0x14e/0x210
[  231.755407][ T8650]  ? __pfx___se_sys_epoll_ctl+0x10/0x10
[  231.755422][ T8650]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.755432][ T8650]  do_syscall_64+0x174/0x580
[  231.755446][ T8650]  ? clear_bhb_loop+0x40/0x90
[  231.755457][ T8650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.755467][ T8650] RIP: 0033:0x7f4af128ce59
[  231.755475][ T8650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  231.755484][ T8650] RSP: 002b:00007f4aef4c5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  231.755494][ T8650] RAX: ffffffffffffffda RBX: 00007f4af1506090 RCX: 00007f4af128ce59
[  231.755502][ T8650] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[  231.755508][ T8650] RBP: 00007f4aef4c5090 R08: 0000000000000000 R09: 0000000000000000
[  231.755514][ T8650] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  231.755520][ T8650] R13: 00007f4af1506128 R14: 00007f4af1506090 R15: 00007ffdf7287e68
[  231.755531][ T8650]  </TASK>
[  231.755534][ T8650] 
[  231.755537][ T8650] Allocated by task 8650:
[  231.755541][ T8650]  kasan_save_track+0x3e/0x80
[  231.755552][ T8650]  __kasan_slab_alloc+0x6c/0x80
[  231.755562][ T8650]  kmem_cache_alloc_noprof+0x33b/0x680
[  231.755572][ T8650]  ep_insert+0x512/0x1820
[  231.755582][ T8650]  do_epoll_ctl_file+0x8bb/0xed0
[  231.755593][ T8650]  __se_sys_epoll_ctl+0x14e/0x210
[  231.755608][ T8650]  do_syscall_64+0x174/0x580
[  231.755621][ T8650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.755630][ T8650] 
[  231.755632][ T8650] Freed by task 8650:
[  231.755636][ T8650]  kasan_save_track+0x3e/0x80
[  231.755651][ T8650]  kasan_save_free_info+0x46/0x50
[  231.755664][ T8650]  __kasan_slab_free+0x5c/0x80
[  231.755674][ T8650]  kmem_cache_free+0x187/0x6c0
[  231.755684][ T8650]  ep_remove+0x155/0x2a0
[  231.755695][ T8650]  ep_insert+0x1372/0x1820
[  231.755705][ T8650]  do_epoll_ctl_file+0x8bb/0xed0
[  231.755717][ T8650]  __se_sys_epoll_ctl+0x14e/0x210
[  231.755728][ T8650]  do_syscall_64+0x174/0x580
[  231.755741][ T8650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.755749][ T8650] 
[  231.755751][ T8650] The buggy address belongs to the object at ffff8880387378e0
[  231.755751][ T8650]  which belongs to the cache ep_head of size 16
[  231.755760][ T8650] The buggy address is located 8 bytes inside of
[  231.755760][ T8650]  freed 16-byte region [ffff8880387378e0, ffff8880387378f0)
[  231.755770][ T8650] 
[  231.755772][ T8650] The buggy address belongs to the physical page:
[  231.755783][ T8650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888038737920 pfn:0x38737
[  231.755793][ T8650] memcg:ffff888038819001
[  231.755798][ T8650] flags: 0x80000000000200(workingset|node=0|zone=1)
[  231.755811][ T8650] page_type: f5(slab)
[  231.755821][ T8650] raw: 0080000000000200 ffff88801fee4dc0 ffffea0000fd1350 ffffea0000fbce10
[  231.755830][ T8650] raw: ffff888038737920 0000000800800020 00000000f5000000 ffff888038819001
[  231.755835][ T8650] page dumped because: kasan: bad access detected
[  231.755843][ T8650] page_owner tracks the page as allocated
[  231.755847][ T8650] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4978, tgid 4978 (udevd), ts 25496636455, free_ts 0
[  231.755864][ T8650]  post_alloc_hook+0x1f9/0x250
[  231.755875][ T8650]  get_page_from_freelist+0x265c/0x26e0
[  231.755887][ T8650]  __alloc_frozen_pages_noprof+0x18d/0x380
[  231.755906][ T8650]  allocate_slab+0x74/0x5e0
[  231.755928][ T8650]  refill_objects+0x33c/0x3d0
[  231.755951][ T8650]  __pcs_replace_empty_main+0x373/0x720
[  231.755976][ T8650]  kmem_cache_alloc_noprof+0x433/0x680
[  231.755995][ T8650]  ep_insert+0x512/0x1820
[  231.756008][ T8650]  do_epoll_ctl_file+0x8bb/0xed0
[  231.756019][ T8650]  __se_sys_epoll_ctl+0x14e/0x210
[  231.756031][ T8650]  do_syscall_64+0x174/0x580
[  231.756043][ T8650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.756053][ T8650] page_owner free stack trace missing
[  231.756057][ T8650] 
[  231.756059][ T8650] Memory state around the buggy address:
[  231.756065][ T8650]  ffff888038737780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  231.756072][ T8650]  ffff888038737800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  231.756078][ T8650] >ffff888038737880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[  231.756084][ T8650]                                                           ^
[  231.756090][ T8650]  ffff888038737900: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc
[  231.756096][ T8650]  ffff888038737980: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc
[  231.756101][ T8650] ==================================================================
[  231.757685][ T8650] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  231.757698][ T8650] CPU: 1 UID: 0 PID: 8650 Comm: syz.2.1127 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  231.757713][ T8650] Tainted: [L]=SOFTLOCKUP
[  231.757717][ T8650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  231.757723][ T8650] Call Trace:
[  231.757728][ T8650]  <TASK>
[  231.757732][ T8650]  vpanic+0x56c/0xa60
[  231.757749][ T8650]  ? __pfx_vpanic+0x10/0x10
[  231.757763][ T8650]  ? __pfx___schedule+0x10/0x10
[  231.757777][ T8650]  panic+0xc5/0xd0
[  231.757791][ T8650]  ? __pfx_panic+0x10/0x10
[  231.757803][ T8650]  ? preempt_schedule_thunk+0x16/0x40
[  231.757820][ T8650]  ? clear_tfile_check_list+0x114/0x380
[  231.757835][ T8650]  check_panic_on_warn+0x89/0xb0
[  231.757847][ T8650]  ? clear_tfile_check_list+0x114/0x380
[  231.757860][ T8650]  end_report+0x73/0x170
[  231.757872][ T8650]  ? clear_tfile_check_list+0x114/0x380
[  231.757886][ T8650]  kasan_report+0x128/0x150
[  231.757898][ T8650]  ? clear_tfile_check_list+0x114/0x380
[  231.757914][ T8650]  clear_tfile_check_list+0x114/0x380
[  231.757928][ T8650]  ? clear_tfile_check_list+0x22/0x380
[  231.757942][ T8650]  do_epoll_ctl_file+0x8fd/0xed0
[  231.757956][ T8650]  ? __pfx_do_epoll_ctl_file+0x10/0x10
[  231.757969][ T8650]  ? __fget_files+0x3a6/0x420
[  231.757980][ T8650]  ? __fget_files+0x2a/0x420
[  231.757993][ T8650]  __se_sys_epoll_ctl+0x14e/0x210
[  231.758006][ T8650]  ? __pfx___se_sys_epoll_ctl+0x10/0x10
[  231.758020][ T8650]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.758031][ T8650]  do_syscall_64+0x174/0x580
[  231.758046][ T8650]  ? clear_bhb_loop+0x40/0x90
[  231.758058][ T8650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.758067][ T8650] RIP: 0033:0x7f4af128ce59
[  231.758077][ T8650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  231.758086][ T8650] RSP: 002b:00007f4aef4c5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  231.758098][ T8650] RAX: ffffffffffffffda RBX: 00007f4af1506090 RCX: 00007f4af128ce59
[  231.758105][ T8650] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[  231.758112][ T8650] RBP: 00007f4aef4c5090 R08: 0000000000000000 R09: 0000000000000000
[  231.758118][ T8650] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  231.758124][ T8650] R13: 00007f4af1506128 R14: 00007f4af1506090 R15: 00007ffdf7287e68
[  231.758135][ T8650]  </TASK>
[  231.758408][ T8650] Kernel Offset: disabled