last executing test programs:

20m58.970616291s ago: executing program 4 (id=4511):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000580)=ANY=[@ANYBLOB="240100001600010428bd700000000000fe8000000000190000000000000000bbfc01000000000000000000000000000100040000000000000000a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff02000000000000000000000000000100000000330000000a0101010000000000000000000000000000000000004e340100000000000000000000000000000004000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000a0000002bbd70000000000000000200000000000000000008000020ffffffdf2c0027cc"], 0x124}}, 0x0)

20m58.864246816s ago: executing program 4 (id=4514):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000010429bd70000000000000030000", @ANYRES32=0x0, @ANYBLOB="00000002000400001c0012800b00010067656e65766500000c000280080002007f00"], 0x50}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)

20m58.671958919s ago: executing program 4 (id=4518):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0xd, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41000, 0x4e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7a0b}, 0x94)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x37b, @tick=0x440, 0xff, {}, 0x0, 0x0, 0xfb})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r3, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x7, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x2}}, 0x0, 0x0}})
r4 = socket$inet(0xa, 0x801, 0x84)
listen(r4, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e000000850000007d000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x7, 0x8, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r6 = accept4(r4, 0x0, 0x0, 0x0)
sendto$inet(r6, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000042c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x403, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x4c, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x23, 0x3, "7339f2f304fdd672bad09dfb040000000000000001f9580dabf95ddc91967c"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xc, 0x1, 'RATEEST\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20008040)
r8 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81)
write$sndseq(r8, 0x0, 0x0)
r9 = syz_open_procfs(0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r9, 0x80045300, 0x0)

20m57.153900397s ago: executing program 4 (id=4531):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x33eb4000)
madvise(&(0x7f00007ff000/0x800000)=nil, 0x800000, 0x15)
creat(&(0x7f00000000c0)='./bus\x00', 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a54000000090a010400000000000000000a0000040900010073797a310000000008000a40fffffffc08000540000000020900020073797ab10000000008000640ffffff000800084000000001080003400000011c14000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a54000000090a010400000000000000000a0000040900010073797a310000000008000a40fffffffc08000540000000020900020073797ab10000000008000640ffffff000800084000000001080003400000011c14000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0xa, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x44800}, 0x80)
setxattr$system_posix_acl(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="0200000010"], 0xff3c, 0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x2, &(0x7f0000000000)=0x1) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x2, &(0x7f0000000000)=0x1)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) (async)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
mq_open(&(0x7f0000000200)='.\xae}^-%&+\x00', 0x40, 0x0, 0x0) (async)
mq_open(&(0x7f0000000200)='.\xae}^-%&+\x00', 0x40, 0x0, 0x0)
timerfd_create(0x6, 0x78f9a26a841b5b1a)

20m54.87928373s ago: executing program 4 (id=4540):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r0, 0x410, &(0x7f0000000080)={0x1, 0x1, 0x1, 0x10000})
mmap(&(0x7f0000a53000/0x2000)=nil, 0x2000, 0xb635773f04ebbeee, 0x8031, r0, 0xa9525000)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r1=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1f, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
sendmmsg(0xffffffffffffffff, &(0x7f0000009e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1000000000010000"], 0x10}}], 0x1, 0x20008004)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$getregset(0x4205, r2, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
process_vm_writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000d40)=""/147, 0x93}, {0x0}], 0x2, &(0x7f0000001280)=[{&(0x7f0000000f00)=""/172, 0xac}, {&(0x7f0000000fc0)=""/179, 0xb3}, {&(0x7f0000001080)=""/189, 0xbd}, {&(0x7f0000000140)=""/99, 0x63}, {&(0x7f0000001140)=""/137, 0x89}, {&(0x7f0000001200)=""/10, 0xa}, {&(0x7f0000001240)}], 0x7, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @rand_addr, 0x8000}, 0x1c)
sendmmsg(r3, &(0x7f00000092c0), 0x4ff, 0xfdff)
utimensat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040), 0x0)

20m54.316044286s ago: executing program 4 (id=4541):
setsockopt$inet_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000180)=0x66d, 0x4) (async)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000180)=0x66d, 0x4)
r0 = socket(0xa, 0x3, 0x87)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e) (async)
connect$unix(r2, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f00000005c0)=ANY=[@ANYRESDEC=r3, @ANYRES32=0x0, @ANYBLOB="080002002a3c309ee065749552ab1c45551f82992ca221a8dd504bf0604f2db4a2505a404aac59907dd7a634bad063ee26d7a3487ca030", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="33f5defb", @ANYRES64=r0, @ANYRESDEC=r0, @ANYRES32=0xee01, @ANYRES32=r1], 0x54, 0x0) (async)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f00000005c0)=ANY=[@ANYRESDEC=r3, @ANYRES32=0x0, @ANYBLOB="080002002a3c309ee065749552ab1c45551f82992ca221a8dd504bf0604f2db4a2505a404aac59907dd7a634bad063ee26d7a3487ca030", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="33f5defb", @ANYRES64=r0, @ANYRESDEC=r0, @ANYRES32=0xee01, @ANYRES32=r1], 0x54, 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
socket$packet(0x11, 0x3, 0x300) (async)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f00000004c0)={r5, 0x3, 0x6}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) (async)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
openat$adsp1(0xffffffffffffff9c, &(0x7f00000004c0), 0xa8201, 0x0) (async)
r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000004c0), 0xa8201, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000080)=0x8000)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x2311}], 0x1, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)

20m39.213836708s ago: executing program 32 (id=4541):
setsockopt$inet_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000180)=0x66d, 0x4) (async)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000180)=0x66d, 0x4)
r0 = socket(0xa, 0x3, 0x87)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e) (async)
connect$unix(r2, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f00000005c0)=ANY=[@ANYRESDEC=r3, @ANYRES32=0x0, @ANYBLOB="080002002a3c309ee065749552ab1c45551f82992ca221a8dd504bf0604f2db4a2505a404aac59907dd7a634bad063ee26d7a3487ca030", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="33f5defb", @ANYRES64=r0, @ANYRESDEC=r0, @ANYRES32=0xee01, @ANYRES32=r1], 0x54, 0x0) (async)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f00000005c0)=ANY=[@ANYRESDEC=r3, @ANYRES32=0x0, @ANYBLOB="080002002a3c309ee065749552ab1c45551f82992ca221a8dd504bf0604f2db4a2505a404aac59907dd7a634bad063ee26d7a3487ca030", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="33f5defb", @ANYRES64=r0, @ANYRESDEC=r0, @ANYRES32=0xee01, @ANYRES32=r1], 0x54, 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
socket$packet(0x11, 0x3, 0x300) (async)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f00000004c0)={r5, 0x3, 0x6}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) (async)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
openat$adsp1(0xffffffffffffff9c, &(0x7f00000004c0), 0xa8201, 0x0) (async)
r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000004c0), 0xa8201, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000080)=0x8000)
ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x2311}], 0x1, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)

16m49.045071635s ago: executing program 5 (id=5800):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000340)=0x2, 0xa2)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000380)={'#! ', './file0'}, 0xb)
sendfile(r1, r2, &(0x7f0000000100)=0x6, 0x100000000010001)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000080)={{0x4, 0x7, 0x2, 0x3}, 'syz1\x00', 0x2e})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
syz_fuse_handle_req(r4, &(0x7f0000002a00)="d2a5228b252da9fba35c59e6c5292830dd8881833bda24e20b6bac0b2e1ebfa35ef0d46db7afac0c80041b36cc0ccc231d630c6ba3fb8b525f739c513717f0198442168c8f02a0215dd4e8010a722e33ce9c1c7e42e25d7995bf46f2d98c327e51d3e1061990a94166840d6974de1655cb45632f6eb3d8c8c29e921be3466b96a62ec4fbf23b1a3e4900a04563c02257702c823ea82d9e15df97eabe7b43e2592755ed678cde105e85852a7ebeca3fc5c949e106ee1ed5eec7bb94ec397c71c9bdc8b2173f6ee47c8f1bda9575d1d015e247d49051b36091f38f47f1b55720a87f22cc3e832f34e812c247910b3e7de0c6b2258ae2d963e4070f66cf6f04f1447a9881710e77b099c28e522e774a2c88964fb3c311ab71b9a4e94a95d473b9790549bf7c8a5637179a83b57d639247b2cb6c9ffcd2cfd144c38ac044abb73dee8240bf75df98a4478097290295e619f84af832807612f5c0b547f70bdecef8186c57cd9f6627aa93e92095999ace747209024583b2d114a298e801e720864dabbe39b5788fe382f7e8f53179ee6df106282e0182f8057646fb6d338c58dee757d8562ace2e17895fac9b2cc6e29cb21ab8ffa826a4d954f3874f5314fe80efb11219844e55dfe0ef2cfd5a3895ab3191bcc57695f499721cc17d904151566a7b26ba30e1b1b6374afef669685cf9a0a54035d3f7e5e29b5c28d8ae18ea3f83d969c6869243fd6624d326182a2880c208922a96efe6aadd44b45ee883c5a8429101d4cc01e0c0356729f8f2a75fa5ab484a8607f6f1e5918257ddffd0635eafd20e92898366c328f7b3f7057b0d68f64b2da723510da74e6ce2faae8d0402f6ec9d6c8458ad1f0d991c0e2ebc3506ffd5a1eedb087a8b0ab5fe962bc3b75a72d262de70fd335fde94a6b31ecdf4eca96b0fcaa459741a35e26b84466891de8676483fba91859827d31be46e3eff8612b6f4f4d56db18c901f1ff38e0653151a04ed9a06c1b64e1abb7894b8c7f214d5bbf67648f2022da8a38ebf183e7f0042d7c081c169d00ed8bb1c62c2f40173addaa7a9f8d80e4fcc17e2e8b5e5ac3f52c7fb2d9c60d5f54020e153576ce229044c224acd74b119ec2de0671351a7994a7fd04541d55ecb276c5f8ef35d5495bd24ded5651eb5415228f671eaa7fe7f4d2a6a17c48b2626cda3459e6e0b0fe13f7685341c6c5cc9a72f0719c77080ffad71e4af1932c8be4110fa342925d7318a8d3b513096031fd9b18266a40330ee7f041f606b665eb2a3a439b4138f55fe0c3d3f01da42cd04a4a21f67f8ca8531db2cacce4084f21862b67a9586db4faad7d06f7bbf31a37b58dc1b12ef4c0cf79e7f0ec1943c955b1f793fb48c29d5c7872406331db993cbf1b3a3797bd94e3fc094f4acefd8d685259098bf3807ab71076a05c104b96f4655d32850ee1ad3e9cb8531d27827ef97af79b20faf98815f590ac7a35441392ae9c76f346755edd2db1666a79922549209182b3a9fa8fdd82b064547da366fd0e7e9e9f0d045b4bf11e4de0fb616d4ed8c511f60da47a09f258d5f3e0ea96dc182f57cf3b6584a92baa83c0bc7606ac3ee7a562044eff142073f9b7a9effdca602f56ee3b8eece19c38b6208521056398702aa740e04a8db36ca8b27575d4bf034fa81398577ed04d11bd0c8854106f5fb579a24e205337c7d08d3cf204d2b408544b129228bdd4596743df3d36d50b01474eb4ace25530ccd406ee9c90ec79f111e0f6b7843834799ea027630511971609767c24670c6f7abcf5e980563f20b689014de28cae532e750aac0528951961a70b7978eeda1e59fbf7a064029b47fb6ce6c411602ad9c6347a5ce650b9054e6615b28fc5969c38dd28daf9a9b50fc3597d744791fa940b0eb8806b1aa44478c044bace4d2b86199b98ed7e8c466a1046e39d4458687f36620bbfc9ee49eaee16448d36099824edfdcf30a7f787956f1cee26972ec893bc1d884dc50fccb0312628462410d848b3ea161c7260851a9627d73951c0d83f605a1e14fb27e8318947998f04494582d7a564fed35e20aad24037161956205e0ed62b7ed02e90c6d507f79da4ef9bc68d2d1c56d89d68c2a6297db904dfe13d210eca0da4f28c06b444bd323face428f85d9ecddb9fd55bd147fff5f8ccca2a123579e9e1cf87c55c2e2269bba7774bd0357cb69f1f605aa733583a7e49be43f65ad800e42d685d4f9f683f86aebca35c1697bc287f9d6810789dad7014a992a57817e7c877021758ccd57104c2490b1aab5ad8cbf20f19a1ab45439c6b7bb84e7cb8b06ffd75c151ab77ee96cc7e5e0fe2ec30f3ed70f88765198af284d6b5d6546838c2dd30a826e1d0982126fc5b54206205e12bfcdb2edfc5255a7f5cc95701cb117ddfaf5ddfa81de4edcbdaca98365dff0f9203f060e106c4f498e2712d5b761174d9fa5f8287b23b65186a40c1f89dd56edde8f0e62bf6232c81c137ff334d9187ee010132c0d0be994f5da4a9c9c13f7379b19f465c584589ae8d313aa55a2711ebff35115aea4e165bf4920aaf727bfec4838019a730b482697bd0a31404b9ed742a7191f5e7f51cc37a7b27fd3974a1c0a7597f30961fc3ced32641fc4e0ac14a16b36196e4b2148c84245fab51a84df7a7b8906a0ab80da315778015476001511b70b0bd24ce327679d5a4462d2cc30b35713e487f894ec1a634828a3fc291bce2cf5e9d27995099211f92ff2f51d287dcf401a466282a1bbaf75a1ca0dd109570659b638a937276057664efef499dc439cf94c345623d463b013c93f617ed597cf216a56e4cde8ccdd06efc9c2e090c7f597c70be495a3dbc266e4a4662d53b8e2a270e722a33f4da8512154fcff21d08a7291a0a228f718ebe0eb7eebc675bab3ad6efeb6c8ecf3154d6afa42d753296d1854870f3a446a9f368261e429a8f8b58980144d5a42e30090dcf7aed575646c09b1faeecd50df0ab89e20ade673dd75b9e2c62c5bca7e7cb73d0ba199aa695f7fb618cdd7eeea69669c9954367c5ccf3e6b2c3b65f84fef5acfcdbe67f61bbc2a418e79307e0ca70208c57015a2b6875109677f6280b64f24b2a3668422f24f337fc3aa7bdfa3bd687aae6e7c8e49f25c0d7157aea7326d5a2b4f56cdf2fbf2210e0b726fefe2e53e32da04f3713959b6b1cb1dc3eab944ae418d4fa055e41f457203060c1a5429434c7256efb49b4a64b4d08df6056890056d050279ed206acf9fc33cc9990ce2196ed36cd9fa16ae84f370ee7ee5a3c16f62cb6fe4e6b5c0c1bedb4eff571305eb05cb119076f9229593773e60c1e976bfc05fb8d10837071848e34616775563f3c5b6102cb685789916bce482c32b2aa754b217e4828cd1db7f671ec7449d92270ddf7dc0589dba752d5bf93297370a145dc458407eb55d69b1777462fdb55a209a1b6b96aa9d34db88c1e0466825be27d69f0f8d1f184d7a5a6a64bb50b31a6fe8924f7a258d2968a2cae4f24322e8b71e95324ef709d2f9fcb8f132e0feaa6eafa14f6cdfa907fef35aee99d78c3d29a104a734a6c84c3d3da95f09dd4e026d523eb66a6e82da0918ec98109f2c4d593642907e6c83db64ab16522fb2b5de32cf7ad60cd1f47a210748fa632af0733117626c481d9710fab84a93c3e295b78aafa749447cb6d72b18a2a837cb351af4b4c7aca2576c90e9a1770de13b834f5b63268c0b8aead977ff6a87866320a78548c1b631fc40f70a3ab9e4db9aaf0b15253f788d9f353940da35300bba59ebfc224fb6d1eac6b50efc3d953d9d366d8c7642ed0038333ede7dffd2b746fd45361849f0e1fa17a7e5d5778f312672de5d478386836a95d2304087c62e3acd6a587b8a2cf9e3840ddf8070a2d2dcac88845173cbafabc7483e25381ee981cf597a3c6e0946879bd3488d6d8b6ca67e8f45ee111949ea2e1a55a5bd0ce0c02d72b410b8c2d95dbeb559ccc36778b35c95c807a5bf1ec85fe0e8d602c4fa611f1009812648c907c315882c7ab7ea460f2fa50b1c56dd82764dc1c6d60d7e7d2644f817fe479f299cfc4a2e1fafc38bf57867670ab6603da2d044b92e6d134acc88bd60669f792cf4ba783b3c34209346391558b49bb048abc5eb7a2938ca7f5c1f51e095245f4360f7f81b2935871fc045f1c834e02dca0c5c48863b9e562713f52eeb2e14f6383f4c86c2c416490caaf10bec2875a66673b0bea2baf9525c501a32105f68080f3c7151975f4f0acccdf47837f84b85969df93a3b7aa3390ae7c0e549a9b34a640931f9b69a9b1b9fdbeff496a704b3e4bc765c0a6db4f49265a565e4fe9f396238a975c009795c93da9c5b476032e76686275824b1b5aa9a9b13b45d3af3b6289b58dca1c834a4f80c8ebfabd09327720ec209e31a148e768339d0aab351fda6ceb48b6b26e0ebcc80939637ce69b62103a51436c72f4eefd94eaeaaf88923e418077b5b0c5d20c828fe58383772716da615c2c1369f5e1006775078c5fdb84758a57e360dec1a6036e6cef82adaa0161a8b109ac36000bc39b5f9b974d638995af5fdbf941cd9da766f585478399ee011b74bf0494a796ab33039cca25a72e75e7dea778796940168663f7289ed083e497c4c87c76a0a64b8c917c7eec9354b4cacf678d0b840707873362836aaec7ea2e7aff98851e119e512083d8688ffca8ba24cd3999fda6770c2ede96a820acf3469eafd8638b429fe3218e5735a166c7466a8c9c68492572320642729ea9e7d71da7d15bfb2b6735287ca2eb4171bc246574f776f87ba0d06c828e2c4fc3b2cc0235a497706a0193e35a44ff9a7c674d75d72d79e3fe2aa84a2565369175282c401de7e1f07bf3fd932807f80007a35832f413c7820e56e3fac836ccfa37f2f951a6b54438b6a41a52ffecc40c9033d1264ba2f4a86ebf634a11d0470d513da6a9faf2b2da767a66334cfbff4f266939b8af3872569dec0a3c989ee6753a21dac4af714b05215f020b947d596e8306835419875bc4f89caa9aa924ba81c9441a79433311627df5466a65f653c2ce22cca29aa730fd25e8c0af0ff30b22def737b4a4506cdebfc2a81a3d24d52729147418601494c9105811e766a1130f8f1b366aea1226c008e7918086a0edb734fa8af6a9018b0da529263461d713368fbd739a262bd2b631a20b36cac2681fe5f74d536e363c2d4997ab69a7c0581e10e4c9b2f81238d48da7ebe390091472040eddaa1a2a6b2c4ffcccd99de5113a77389f78d135c51079768a70f5636becc4a4ee4218691342f58ead53b66cc35f6ea07e2269a815e9875c545e34b158e93ba2ce1e5fabc894d708fa5bb6c073165600da95d4b2927837ae438f4414eec209bfbc32a800501cab24cd7eeb271af37ff4af445dc5bd5bd0bc27fa3630722e0b6ef37a454c74ef00156c3befad89eda0df4e4151af4be893c11bc44bca28a25144df066c2cd9d62ed6490c1155c3a5ab1dbc48e0dc8b356f5be4b363e58db66433d605d2671dbad7106ed4e31a0b8c7f2f1905e64196992f337a46b83a3fa3332877a8575fb5d05ca8be3a05517a88ccd93ddbf336a9c77fe98adce80f05f974d82b244f848a8209ffd9f2360297ce69eb1c858b661596938515397c792682e6ab9e1470482e30b159e30cff11a33faf80b723e6bfe98d448971f798b6073fb6ac16554fe38c14143fa679c36b52de0157f2dc0631ac3498d49c2253bec08ac9ae43deb9ac44a0cf1b990bb6110f26c4f31162f7fc4916b0c577cd5bbf23ab37411afae7526e1c1b340649ca7d3dc36ba208ee7d0816eb596648a937defcb056ea97fd79d3f5d9c49dfdb4533247a721fb2530e1dd796ac456ac3e61d5c04c9183c219e68dd81e6756fa8ebd1938f3d99bb01d7ac4cb46dcd9bf4bc1a3ad173ebc71efe28a49c36d1eaa6add1c08c43e759304b2eb6eda88a3ad30f19de087ffba2f81d0e17dfb1e9504bb431536765493699b70609323b9dcb8e4d1c5870673cabfb9c987009fafa6406a35b43042fe6fd2cc80addf67318926ecd4155a12ed2324ffe319b7e0c41814806f1e6788c819bc00233682d7dd56ecef020d06716dfc3155ae2a0764e947b3692715047ebcce17599c9e7f21fdd3cba33539cc1b3f3e955e193e3a1f0e824ba57384a2fd3bf5786f923b0b2356797629c0689a35acfdf453b20f79baf552c121707cb01c4c3d88181d31c941f44912806eb17ed7b3cd1ff2afdcf4945e344b5b72cfab7d98724ffa042cbe4a3c62b5edf8f265add2d9a11c596a7255348db8fd8d2342e90fc28d9da42e446275be6379713948d29a5d5bdc10c431228033b16979e27a7bcd6f06043534c70ba172c8dab1158c54212ba3d870637aaea038fbd1eab8072d9f92fe3a0081b14042e2deb8029d13f6135b0890f6960f49fffe6264c8d74c03ea5d1cafcccb18cdea48f04fa4aea2f20ac21995f259491aa63731f9649d731c080171568f2a933df7cff3417d976d32bf7e17fa668bb012619d5472c71be9a59883b80745b1e4315ec53e61fac3683f0150252ee955a65e0157d16905c6aa467a35c2808615ce4a35cef104f02a1904bd1b591123d342d868b94c33e366adb7fe648297cffb8c283f858556465a121999b3b64633de99fc1d9814bedc760a7c993c3ff9c591497f058b6840eaf6f748c2d4608b42075093c549ea7cf7f8e06acdcf8e3db99a3ef5793c62233f4a2f1c0f8f78fc821d433e529bf185f3fa0955efd1492ead4baa57885f74bd7587df45ea1182e0b44a451e6eed4dabd41b61527bb66fcb7c556087ed9d3f6402b96f4bbe09deed814ac63752eef43354eb14f785745d99f6957d02f75f2c03cefb93f6d6c7bb4add9fca42d4383a3905bdea6b92923aa8a845e2e1ab987a3898213ed6d8bd73ab210da2b8597355ad70624c2048cd5048656c3d83a4ee36d3760c381832ab9b60aa9d7aa781e928182a0498d5c2d474e5bf930540bc346c816daf71ecf693c2abc5fa1a9aaa7b3af8dae9575e0f022348813f01f06593c1e52776aba77a8d9ff1f94f4c4ec1c6acd8bd9b0343764aec8dcd1b4954dce7da492e76d09437ddc22e0abe2e8d39b487d4e2dac7b78e4f898d1940578fa11889fa885997ec2f90fda2892f90ded5315cf1e0c870df1867af270f08bccaccc266bee51cee0bafc792708fbd77f0bbaf06b9467d252cbac41e1412584667aa2bc9b558d14f4623394ccdfd71442d4be32106cbc6193389d501cbcc8ed00d25a2f03cd629a40db69b23213ea78fe2e01dfd331fe4252923f56d407649cb8cf149b30a4c135456e2525352a1ae86d3bae6e7ab60f9184019b4021a9b4dcb6277853aa5bf87374853eadeeb616fb566de00b733ad57551a60beab185daa3b696fe8dd35bc431858ae34310cae279d035836fcd7bbc1bd25ed3d0e2617b789820dc2dbacf2d69fc05ecf6c00611ff3a21e291bbdafdc3edf08ca75822996e65e12bf0ade3f04e4517b3495bd6bb34c7527c5c7566082d631286f8ac333c29ea66a3d8237f8d81133a378f2e13e6f9c8214b73f6eb7c587abdb2e055c0abeb2e12d1dc235f3658924bc33b0a0216596a903aba1cdaf62372f277c57fa09a7c8cc8cb0a0a69e9b1bf3550cb5b606119d4efa735ed458477c1fb426569f86af3f7d802f71ffec7f2fe33302d2fe8b3c711e6bf58d17e5611ad9cb4fec59e82eb17e22e6faa69704efff17d4fedfba5580afaaa1be405399e2c9da8e837721545150ff48494f54ec2e3dd7e459cc15f06284dcb5865da808636125fe8c9678dbbb31f19f1a72d3e3d9ffd178adb8b3926f1b7b35eaf5a19bbc6294d3a51b936650afd67aaa896d21b92562cb663b7c342180d95da7e5b78662f3639e8d16fc7da3a208e9aaeedd1c2a40bec86184028001607d07164fd30c1b878e8006b00c77b47969ef006de59869bf899d5c001a394bec95a4f2a510bb2d077435c0d9e088e537b18d962a27474e66c0151ed119aa86adfdd9b2817f0f6a246af433c4cec2dc6a01612243f136432bd74696e64cfe9feb1c86d8b87d11abdaa74116f546d1942b3a35bad5f924a73e13181de9db3c4bfd6143edb67ca04879d41990cb6e9a62b6529aee9479f797a9650dbfb21eb137416efc8b59238a0542233524c015e17d53ce8fbfd260fc5f55b389413e350faf6618d93a8b6bfc33e3a3d38338f67ef4d690b5db9a8cd8e4005d63bf168b48dd2eb08dbe47d0c23c29e40dd3b3e5b7ad8179b6936428dfef012794ab2b4e89810be905b156b08a32177dccee794b8c121f2348b4091672cc7a56ea9067cff019c29285acb03a14676279ff2f85a6f0876eaba08321ba051c984c09f32c8d3cfe1d0d88e3f6ad0d7876c64ae852a3a850e0db8011ab6980431dad5de562245b44f11130cfea1978e22e59dca2a1a50fdfbd08debcdc1df646581e67f1385aed8aa7c6ebf35a382053ceaa6b022791a3f8c8be11fa7c4188a39d8689dfa6dd0bd95d29a16f36dbf6074bcfcb9d36615e3eb760d0fc77d8537d4854f623bffc870fe9595ba795337bd62aa5afe3395cf68dd25d138fc1904bfb4bc8a2b33d8e871eaf785ef62f246fa2be9ee0ead07adca9dc7709dd1333fef0140e3dd9f9b4483c7a46f0043b6c9c31050fb42b23f6f9cb729b0388954a8a7a03802b85920baa978d450e4e5594d2e5514e0c0633de109ff04d4d0f19d1e349ca3dd03aabc9d88160cc43863ab81cf87036d920efaa30df0706a877b112d74e373f27deeae2b508cdf7f1cfe4a78507c1ada40de1e9d8d4aed0219eb57273286bcbb5ecbcdaf0fc75620b83dd974b0dba8ddf41e1b140254c356d062aa1868723e3c94c1bd22841f6a260a3698bbbbd0e81ca4e9e69a975dabe5bf5506d2f11ee9266b1ea24f1394b4e39996999742e24996bfb7a9190b24a1f043190c9eab9e932c399be7598e3ef263ac9fc71d8c5cf55596e11d7f14d713a66e37016bc1917cc4ea30981b21e18d8f252f09d39412349330defeb21ac0b09f6d26527bbf1f49e50e26023a66fe45bd58ee4917e7e2dd713547c110081383310a8cb3e78d332c50d22818cbb3f508dfb84dfdc1e1d2dd8119410536759fb175fb7af1a971e2004e2047f792b3cc80cc80f384b44eecc042da11a76f4c43c16abfae66773ff5ebc3e1bdde1f3ab67248cd1c8c9d9e5a26aeb3b83ad626f9825e53d4dd2a3d359c4710bcf1ebf5d22d51963b3282a0d4d7ecc1bffc423092d76b41c0ce9ced95a6c773c72f9be9a970b8e460ed94f4d6bcb350866fa04be422a0b15b76fdfcc3c8c8aa446582c487926125e79b12da9545444fb3b526e61a20110b71b8515664c4934f03b1da14e6722a99dbf662e07e8d359850457b0798ee9c57a3b441a81a6297cf30a76eb1af556a19c05e10dd6a7a4718a3f56a178bcf7db972f308cca46d08a50e3033faff987394fcd3ae1376213afdd9d6e2697b65a5b0eb8dedc221b6ba21b58688fe1a0fb1b8b143b4bac2dd430060b6944add7db855d59c2c5587ee789cfbcc51e72194a55019fb94cd54d5ac261f9ee81f3e8b43396b3bc13a413829586f56c2ec32bebac2fe55acb141a22e560a60ffdb653db5cda769a76614c754db6fea4dce1011f46a8c391f190770e6a69164bde5d7ab8aa33b87201bb0911b7f1e357e68a105dbdd8acf26d9a5a1bde6c65868d787de63c3d0ff038519d2d9060cd53a4650402a47a32d73223f80697c369e4837c0cc31809fade781caa4f9543b9f5910bb7b8833f03af723f1b1214f7949b292539f9884265e09ae7196b3e200fd84a909ef7c1d818f7f64c2f904eac28d440a0ea606aa9568953f903bb5e6981f67a048afb97cd80b2c03d403a7eb69029a1d93909ad5a79eed840f33f824c05d0cd4646b529e32030188c8f9a4a8d53eeb52dd271d4391362c1c9417c3526b5da6cc629ea7b935b4a7c78eb28fc3754e9c14cb5c31bda8525cb8932656a26683de3790907bd1a2d003791505cb51a484b19e74581f78a730d9267a425f45d3b9f45c77ea0058b0bab40d5b75edb179d8b24e3a04d9749ef652a0d85c069398034f06cc1ebc81eb16401a08c806f330acd188f1a879b0916d34a1be3d7ef57fc3dcea3d335b2de3a9ee37bbecba5b65b5fb0d3a25b4c57f1f38399ff3b6e6679826e49ec91bfaedd5d2e5e3295549079c9ca22b7c383fe2a0f84913cdc5d35caf12fd90b293622e8afb683c618f84163f8d194f9e1ad23d361b0a6d4e4ac08e5f6db2a9630d54489ba7b9287c3c9d32f19006d4fddee69a06b215ffea34a281ac2154cd42cdcd2f1e24ef3e4ad1e407f2e5a4e67150606a796862896bf58f232ce3e7f148158793447eb13f829ff29d32d4c6582435cbeb9d65d0ceebb2f271426cd0dcff9c59e3e2f11368b36cb7b42a7ce18e35a5c3560567664efea444bbdad78db377baa71b089db8b4a0b0e20283511e16de12260e25355a2278afac849569b75f9d321dec198d50525058fd13b541448c430f39b7b2cfc8dd5da9a022be1dd395188878957f23bd5371cdbdf33cd36c35dff4639e1b49f5246392d280a6e4d363f7aeb9df8f887913b8c61a0efb0823b80c3ac65369821f59ed82defd60f2206cef379ef89c40c97c03022dc08ce416bc98df2bd5d71a0b7c2180265fc0359b157a04897c039bf1a53af69e3977a4e44bd9cda287ef4123e6f3306a036f922e549fee286b977c3c6531575f92bd4976778c1ebd2680c88ee538a76050a9063931aac368cfed262dca729387305c954af8fa432d9010ff862b2b05d7155bf6de8036efda77fecdf519ddc11a9258eea3eae53562f978c031df0b431665e1bae1ae92afb4f6119e4a60edca53313533dd107f15d94dc53f0892b1952cb70811b92f8c9bbff36cbf2b3eca0e2379d40c58d76e8c276fe81ffb1a590466c042439f8af161e079df3551bd2b57c37f522ed67bdca84026143146b791ad45ddeae6465714391e6f42a13d0c1349e793f96e2c4520b4b6be31d5dfbd33e969c6e77083e0d793cd01a8bdfe34d16b88c2fb6261184eb9e72a754cafbe6b0e524e4b743597de3bfc2c83577e85757846aa9188e2cd6f722b5f86a2e98baff1e6bfff70f3d985e06758cd3af00a21d5d951e1b0db3710915d6e81032517fe15143352b1638cc5c7734cb4ff3ed0fd0f0cc9fb00dc50d0965953e06157610f6de446763fdfec006cc9a7782900b47ffde0493aa81206e45d9a515ce16c3512df3c969e0610dcadd9f9bc3fd9a7bbfe694a5634eaa0eed450f2c55bd20d29e20fc9fd5062c0d09115a82f0ca0d49cca3c07e911605a7d9d176f05af3a58ca6dd8db58e80a8e73adfa9459b4648497108fc0fb1f2f728a664df1d03f0b7e9bb5b46ca6b8cc0344cd994936e1ef29518bf0dda69953a562d43a32e84a9ee262c7a3eb2ea7cfc659c6079977b2ef606785861d4d576e2d41d2a58f65aea2b16c075475a79cb1f4d1040d6ac79f501fed8dddb272a3152c8cb9b0b63e73d8b6128b47359a867cc6553c9a0d610a73a9600d9c4e8cd836fc3c5a674f00", 0x2000, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000002c0)={0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r5=>0xffffffffffffffff})
close(r5)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
r6 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x8101)
munmap(&(0x7f0000644000/0x3000)=nil, 0x3000)
mmap$qrtrtun(&(0x7f00001b1000/0x2000)=nil, 0x2000, 0x0, 0x10010, r6, 0x2)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000040)={'ip6tnl0\x00', {0x2, 0x4e21, @remote}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)

16m47.372573575s ago: executing program 5 (id=5807):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x8800)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@updpolicy={0xb8, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@mcast1, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x80}, {0x0, 0xffffffffffffff80}}}, 0xb8}}, 0x0)

16m47.372343374s ago: executing program 5 (id=5808):
socket$inet_tcp(0x2, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.kill\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev(r0, &(0x7f00000000c0)=[{0x0}], 0x1)

16m47.170774829s ago: executing program 5 (id=5809):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002dc0)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x1000000}, @NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x7c, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x7c}}, 0x0)

16m46.888283332s ago: executing program 5 (id=5811):
pipe(0x0)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e", 0x2b}], 0x1}, 0x0)

16m46.671461645s ago: executing program 5 (id=5812):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x3, 0x22e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000880], 0x7000000, 0x0, &(0x7f0000000880)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{0x9, 0x2, 0xf6, 'team_slave_0\x00', 'bridge_slave_0\x00', 'dvmrp0\x00', 'wlan1\x00', @random="cf1c2d2bb007", [0x0, 0x0, 0xff, 0x0, 0x5c0c5eca75c56a36, 0xff], @multicast, [0x0, 0xff, 0x0, 0x0, 0xff], 0x6e, 0x6e, 0x19e, [], [], @common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x100, 'system_u:system_r:kernel_t:s0\x00'}}}}]}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x3}]}, 0x2a6)

16m31.283589127s ago: executing program 33 (id=5812):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x3, 0x22e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000880], 0x7000000, 0x0, &(0x7f0000000880)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{0x9, 0x2, 0xf6, 'team_slave_0\x00', 'bridge_slave_0\x00', 'dvmrp0\x00', 'wlan1\x00', @random="cf1c2d2bb007", [0x0, 0x0, 0xff, 0x0, 0x5c0c5eca75c56a36, 0xff], @multicast, [0x0, 0xff, 0x0, 0x0, 0xff], 0x6e, 0x6e, 0x19e, [], [], @common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x100, 'system_u:system_r:kernel_t:s0\x00'}}}}]}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x3}]}, 0x2a6)

7.715429311s ago: executing program 2 (id=10671):
socket$kcm(0x2, 0x200000000000001, 0x106)
socket$kcm(0x10, 0x2, 0x4)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x121682, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x82200, 0x0)
syz_usb_connect(0x5, 0x4c, &(0x7f0000000580)=ANY=[@ANYBLOB="1201100335fe6510"], 0x0)
unshare(0x28000600)
socket$inet(0x2, 0x4000000000000001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r1, &(0x7f00000012c0)="a5", 0x1)
pselect6(0x0, 0x0, &(0x7f0000000780)={0xc10, 0x0, 0x7, 0x3, 0x4, 0x8, 0x5, 0x2}, 0x0, 0x0, 0x0)

5.246379763s ago: executing program 0 (id=10690):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, 0x0, 0x240088e4)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
unshare(0x8000000)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs2/custom1\x00', 0x0, 0x0)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x1802, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
dup3(r9, r8, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, 0x0)
writev(r7, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8004010}, 0xc, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b3feffff03b49f111c61fe37941b1b350c2bbe7c1ff5ceb19a5f28318854ff90c6d2fce1f7bc4f108da88803767346c0f55b8732171e0aa2350c175d99e909ccd154b044ebcc67d02637a44e11d5c10098f8dec8328fed34bf2a511c82ddaad1452642acfffb8dd56b830f0f1f615721738718cebdd7d79a3c566f887b1618", @ANYRES16=r3, @ANYBLOB="010025bd7000ffdbdf254500000008000300", @ANYRES32=r4, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4011}, 0x0)
sendmsg$NL80211_CMD_SET_BSS(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="20002abd7000fddbdf251900000008000300", @ANYRES32=r4], 0x1c}}, 0x800)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001040)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010022077000000000007efd512779ef3b4221341e221522a3cff377088af6d44d573459befda16433803b2304142cd874c00d5140d8ae9edf30b0f1e25fea1a87fca7da1b17d8b15df701a3f3dc8ae6b9f586f4b20bc2a541ce710e3d7afdcfbe8f047999", @ANYRES32=r10], 0x30}}, 0x0)

4.520441673s ago: executing program 2 (id=10693):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0)={0xfffe}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000400)={0x0, 0x1c, &(0x7f0000000340)=[@in6={0xa, 0x4e21, 0x800, @local, 0x9}]}, &(0x7f0000000480)=0x10)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, 0x0, 0x0)

4.355980665s ago: executing program 1 (id=10695):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_netfilter(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x28, 0x12, 0x0, 0xb05, 0x3, 0x0, {0x7}, [@typed={0x8, 0x107, 0x0, 0x0, @u32=0x1}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x31, 0x0, 0x0, @uid}]}]}, 0x28}}, 0x40000000)

4.290077855s ago: executing program 1 (id=10697):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x21}, 0x94)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x801a01, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
socket$inet_smc(0x2b, 0x1, 0x0)
writev(r2, 0x0, 0x0)
ioctl$PPPIOCCONNECT(r2, 0x4004743a, 0x0) (fail_nth: 1)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc1}, 0x0)

4.168843163s ago: executing program 6 (id=10698):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000340)={0x40, 0xf, 0x1, 'V'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000180)={0x20, 0xd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$uac3(r0, &(0x7f0000000140)={0x14, &(0x7f0000000040)={0x20, 0xd, 0x10, {0x10, 0x22, "5e15b8f9187a67e42b4c9362ca5c"}}, &(0x7f0000000080)={0x0, 0x3, 0xb1, @string={0xb1, 0x3, "cb85973f77b5dac8c023174feeea8f574bc39e131b8ba54df76056330be4abb37ebb6fbfb70fa268ec7c2a76650c4a4973532e18d60e4552d97c8bea1f3e0f55015a168f2ba19973c18c5b71698b2783d826e2f3edf993ce026a3b89d59ffd711cef73540eb509edc7b7b6f15bef2c835c1f986ec45a494c618e4f7298857c362f5e70134a75bf807b7fa3c024ef2cebab1121cd8f1ecb89ceb8ebdf9e7b57b6dc819cbf3665fb9755d8f3e0429baa"}}}, &(0x7f00000004c0)={0x44, &(0x7f00000001c0)={0x0, 0xa, 0x14, "a930e9fe0d147dbb9853c10f8d04c88ff1d3a9f2"}, &(0x7f0000000200)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000240)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000280)={0x20, 0x81, 0x1, '^'}, &(0x7f0000000300)={0x20, 0x82, 0x2, "33e3"}, &(0x7f0000000380)={0x20, 0x83, 0x3, "4979e0"}, &(0x7f00000003c0)={0x20, 0x84, 0x2, "b7e4"}, &(0x7f0000000400)={0x20, 0x85, 0x3, "159ffe"}})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000002c0)={0x2c, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_disconnect(r0)

3.85201647s ago: executing program 1 (id=10699):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120110013e083f10cc04332558fc0102030109022400010509401a0904a807020855fe980905eb020004020205090523"], 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
ioctl$IOMMU_VFIO_GET_API_VERSION(r1, 0x3b64)
sendfile(r1, r1, 0x0, 0xb)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0)={0xfffe}, 0x8)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x59, 0xe0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f00000031c0)=@vmx={0x103, 0x0, 0x2080, {0x50000, 0xe000, {}, 0x0, 0x1}, {"d07ee511000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000057ae00", "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000"}})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r7)
r8 = socket$unix(0x1, 0x2, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0xffffffff, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240008c5}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x80000, {0x0, 0x0, 0x0, r10, {0x0, 0x6}, {0x2, 0xb}, {0xe, 0xb}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2404c8f1}, 0x4000800)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000400)={0x0, 0x1c, &(0x7f0000000340)=[@in6={0xa, 0x4e21, 0x800, @local, 0x9}]}, &(0x7f0000000480)=0x10)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, 0x0, 0x0)

3.807192963s ago: executing program 0 (id=10700):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x3c1, 0x3, 0x308, 0x0, 0x940c, 0x3002, 0x148, 0x2c0, 0x238, 0x3d8, 0x3d8, 0x238, 0x3d8, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private1, [0xff, 0xffffffff, 0xffffffff, 0xffffff00], [0xffffffff, 0xffffffff, 0xff000000, 0xff], 'geneve0\x00', 'veth1_to_bridge\x00', {}, {0xff}, 0x84, 0x5, 0x2, 0x1d}, 0x0, 0x120, 0x148, 0x0, {}, [@common=@hl={{0x28}, {0x3, 0x7}}, @common=@inet=@multiport={{0x50}, {0x1, 0xb, [0x4e24, 0x4e22, 0x4e21, 0x4e22, 0x4e21, 0x4e24, 0x4e21, 0x4e22, 0x4e20, 0x4e20, 0x4e23, 0x4e24, 0x4e22, 0x4e22, 0x4e21], [0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x10]}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0xff, 0x200, 0x2}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@multicast1, 'veth1_to_team\x00', {0x12}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x368)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x19, &(0x7f0000000000)=0x94b, 0x4)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$unix(0x1, 0x5, 0x0)
sendmmsg$inet(r6, &(0x7f0000000bc0)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @local}, 0x10, &(0x7f00000001c0)=[{&(0x7f00000002c0)="1fdb11020e31f4396e1e050809ced17ed25dd48b2026972a323104011cb2dd27c591fdb3b03299d1d07d3ed8445cc2ae2bb09af28093c79aee738d47cbb9d82b5e01c3391e9bcd87d7087b0df6b1bb55d5adfaf5d78dcc6e92b6c84bafa827c75bb453528a6e64dc447f5fe7b85f4e3e8464e0dd14bd5d3278fd5e63e12a0e1893ce208e2aaf067061", 0x89}, {&(0x7f0000000380)="2491a34dbbd8ded7e67d9e025a2f96f92f51788e1d0633290492d1cf3a9d41b2f41b26b4ff6d13b03f731cbb33c59a402373bfccbd91a8232d651be615ef215817547d9f155e5cb7c3a6a8a6460d237a1a2762f82c8b4470d24790279929a18b211316daca67ca863aca62df0abf43f0a0d46b0ce9987eecdef85ce80f8b6bf0a9d0401ba98fad969494e66286b021310e6e961a4d7f01045dc1f981261d0eb19e6b206078be52443196778798da1b60c3780cdda1b9ff4c83", 0xb9}], 0x2, &(0x7f00000004c0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_retopts={{0x34, 0x0, 0x7, {[@cipso={0x86, 0x17, 0xffffffffffffffff, [{0x1, 0x4, "8581"}, {0x2, 0xd, "024b0acc3178b7604aa508"}]}, @generic={0x82, 0xd, "bba25bb9760d406a72ffa8"}]}}}, @ip_retopts={{0x3c, 0x0, 0x7, {[@rr={0x7, 0x2b, 0x4f, [@remote, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, @broadcast, @multicast2, @loopback, @empty, @local, @multicast2]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @rand_addr=0x64010100, @multicast1}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_retopts={{0x28, 0x0, 0x7, {[@lsrr={0x83, 0x17, 0xca, [@multicast1, @multicast1, @empty, @empty, @loopback]}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}], 0x108}}, {{&(0x7f0000000600)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000640)="4bc1462c41e4eae7dfa415105bed422a82106722a7162c9a39687ff5f4977b6cb44333f3925c1f80acd9f22138b1be9d8b9be5d050eb4bbfc55e007a0635065d3d91830ff2d9648657aa5853074346f7f14eefc5588048e7d8196f38ec04966884a5362dfc84ee8feada2e9182281bb970c584739ed0cc923412fd834409999560833a4fb3c6b7eed11e9a", 0x8b}], 0x1, &(0x7f0000000b00)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xfa}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@cipso={0x86, 0x18, 0x1, [{0x5, 0x12, "db3f15eb6e93befa7aa01538bc6c1b0d"}]}, @rr={0x7, 0x7, 0xa3, [@broadcast]}, @end, @ssrr={0x89, 0xf, 0x5b, [@multicast2, @local, @private=0xa010102]}, @noop, @generic={0x82, 0x9, "67165aaeb84267"}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty}}}], 0xa0}}], 0x2, 0x20004080)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}}, 0x1, 0x0, 0x0, 0xddaa, 0x8a}, 0x9c)
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3f}, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x38, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x500, {0x6, 0x6, ':yE', 0x6, 0x3a, 0x0, @private1, @dev={0xfe, 0x80, '\x00', 0x2b}, [], "8029335287b7a081"}}}}}}}, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0xa0)
recvmmsg(r1, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2000, 0x0)

3.774020271s ago: executing program 0 (id=10701):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000000d80)={&(0x7f0000000540)={0xa, 0x4e22, 0x3ff, @private1, 0x1}, 0x1c, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1400000000000000290000003e0000000100000000000000110000007ffffff72900000004"], 0x30}, 0x20044084)

3.704200064s ago: executing program 0 (id=10702):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0xffffff23, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x0, 0x15690}, [@IFLA_EXT_MASK={0x8, 0x1d, 0x8000}]}, 0x28}, 0x1, 0x0, 0x0, 0x20040001}, 0x8000)
close(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r3, 0x29, 0x41, 0x0, &(0x7f0000000080))
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x4, 0x6361, 0x7, 0xffffffff, 0x3}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x8, 0xe, 0x5, 0xa, 0x9}}]}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xc}, {0x6, 0xb}, {0xd, 0xffe0}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x200040f0}, 0x4890)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_PROBE_CLIENT(r5, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000010}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0x28, r6, 0x4, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)

3.703902758s ago: executing program 0 (id=10703):
socket$kcm(0x2, 0x200000000000001, 0x106)
socket$kcm(0x10, 0x2, 0x4)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x121682, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x82200, 0x0)
syz_usb_connect(0x5, 0x4c, &(0x7f0000000580)=ANY=[@ANYBLOB="1201100335fe6510"], 0x0)
unshare(0x28000600)
socket$inet(0x2, 0x4000000000000001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r1, &(0x7f00000012c0)="a5", 0x1)
pselect6(0x0, 0x0, &(0x7f0000000780)={0xc10, 0x0, 0x7, 0x3, 0x4, 0x8, 0x5, 0x2}, 0x0, 0x0, 0x0)

3.48475456s ago: executing program 2 (id=10706):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1fc, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x20, 0x8}, {0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x7000000, 0x0, 0x0, 0x1d}, {0x0, 0x0, 0x0, 0x2dd}}, [@tmpl={0x144, 0x5, [{{@in=@dev={0xac, 0x14, 0x14, 0x3b}, 0x0, 0x2b}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xc}, 0x0, 0x0, 0x0, 0xff}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x32}, 0x0, @in=@multicast1, 0x3502}, {{@in6=@loopback, 0x0, 0x3c}, 0x2, @in=@remote, 0x0, 0x1, 0x3, 0x0, 0x0, 0x7}, {{@in6=@mcast2, 0x0, 0x3c}, 0x2, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x32}, 0xa, @in6=@mcast1, 0x0, 0x1}]}]}, 0x1fc}}, 0x0)

3.280040205s ago: executing program 2 (id=10707):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_QUEUE_SREG_QNUM={0x8}]}}}]}]}], {0x14}}, 0x74}}, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00', 0x6})
ioctl(r4, 0x8b21, &(0x7f0000000040))
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @mcast1}, 0xfffffffffffffc5d)
splice(r3, 0x0, r1, 0x0, 0x1ffffffffffffe, 0x1)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x1c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
syz_emit_ethernet(0x6a, &(0x7f0000001200)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x2, 0x0, 0x0, 0x11, 0x0, @empty, @remote}, {0x0, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x3, "07a10640e6b20ba7fa9d0a23034ad497d84d1a2050bb69f0", "9564172768e1d2a6d36de41818c4f56a4535dc872e8240ec5348ece9c58da5d1"}}}}}}, 0x0)

1.966708429s ago: executing program 3 (id=10712):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}) (rerun: 64)
quotactl_fd$Q_GETINFO(r1, 0xffffffff80000502, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c80)=ANY=[@ANYBLOB="30000000400007012bbd700000000000047c0000100042800c00070006002000000000000c0001800600060080"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc020)

1.819907808s ago: executing program 3 (id=10713):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0xf79a, 0x0, 0x2000004, 0x3ce}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = socket$kcm(0xa, 0x2, 0x73)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x2400c0c7, 0x1})
io_uring_enter(r2, 0x3516, 0x0, 0x69, 0x0, 0x0) (fail_nth: 3)

957.262912ms ago: executing program 3 (id=10714):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x20004004)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000010500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a300000000014000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

900.121832ms ago: executing program 3 (id=10715):
openat$mixer(0xffffffffffffff9c, &(0x7f0000003fc0), 0x28000, 0x0)
r0 = socket(0x11, 0x800000002, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000540)={'ipvlan1\x00', {0x2, 0x0, @private=0xac141436}})
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$inet(0x2, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x1800, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x46)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, 0x0, &(0x7f0000000080))
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0xc, 0x4, 0xffffbe0000000001, 0x8, 0xffffffff}, 0x0)
sysinfo(0x0)
socket(0x11, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="000426bd7000fcdbdf250c00000034000980080002000010000008000100fbffffff08000100ffffff7f08000200d63c0000080001000400000008000100090000002c0101800d0001007564703a73797a3200000000380004001400010002004e23ac1e00010000000000000000200002000a004e227ffffffffc00000000000000000000000000000001000080080003000400000038000400200001000a004e2000000009ff020000000000000000000000000001040000001400020002004e240000000000000000000000004c00028008000300ff0100000800040001040000080003000900000008000200f6000000080001001c0000000800020001000000080001001a0000000800030009000000080001001700000054000280080001001c00000008"], 0x2d0}, 0x1, 0x0, 0x0, 0x40408c1}, 0x40)
r4 = syz_open_dev$evdev(&(0x7f0000000180), 0x4000000000, 0xcec842)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x12d8)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000780)={'netdevsim0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x3f, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)
r6 = socket$kcm(0x10, 0x100000000002, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340), 0x10}, 0x94)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000040)=r7, 0x4)
socket$netlink(0x10, 0x3, 0x0)

715.816591ms ago: executing program 1 (id=10716):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000001000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)

715.53729ms ago: executing program 1 (id=10717):
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, &(0x7f0000000000)=@chain) (async)
socket$inet(0x2, 0x3, 0x30) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f00000011c0)=[{0x80, 0x80, 0x4, 0xc}]}) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 32)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (rerun: 32)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) (async)
writev(0xffffffffffffffff, &(0x7f0000000640)=[{&(0x7f0000000200)="9c30fb4d", 0x4}], 0x1) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r2, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async, rerun: 32)
r4 = socket(0x400000000010, 0x3, 0x0) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) (async)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x68, 0x2c, 0xd27, 0x70bd2b, 0x2, {0x0, 0x0, 0x0, r5, {0xa, 0x10}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x38, 0x2, [@TCA_FLOW_ACT={0x34, 0x9, 0x0, 0x1, [@m_csum={0x30, 0x1, 0x0, 0x0, {{0x9}, {0xfffffffffffffc1c}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x800}, 0x2) (async)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000100)={0xa00, 0xa00}) (async)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r7 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r7, 0xc0184800, &(0x7f0000000100)={0x20004, r6, 0x80000})
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001180)='net/ip_tables_matches\x00')
preadv(r8, &(0x7f0000000040)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, &(0x7f0000000bc0)={{0xfd, 0x1}, {0xe}, 0x2005, 0xbfbf}) (async)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x28, 0x1, 0x7, 0x101, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFACCT_FILTER={0x14, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x6}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x804c}, 0xc080) (async)
syz_open_dev$vim2m(&(0x7f0000000040), 0x3, 0x2)

643.559074ms ago: executing program 0 (id=10718):
syz_open_dev$video(&(0x7f0000000340), 0xd7ee, 0x200)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0)
quotactl_fd$Q_SYNC(r0, 0xffffffff80000101, 0x0, 0x0)
ppoll(&(0x7f0000000280)=[{r1, 0x6200}], 0x1, 0x0, 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000200)={0x0, 0x0, 0x82, 0xa, 0x1, "42341f9b1000"})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da1700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00222200000096231306e53f070c0000002a9000070900be00a3"], 0x0}, 0x0)
syz_open_dev$dri(&(0x7f00000000c0), 0x9, 0x8240)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})

609.266167ms ago: executing program 6 (id=10719):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'geneve0\x00', <r1=>0x0})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) (async)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000003b80)={0x10000001}) (async)
write(r3, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x180, 0x12, 0x60d, 0x180, 0x202, 0x250, 0x2e8, 0x2e8, 0x250, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @dev={0xfe, 0x80, '\x00', 0x1b}, [0xffffff00, 0xff, 0xff000000, 0xff000000], [0xff, 0xffffffff, 0xffffffff, 0xff000000], 'wlan1\x00', 'pim6reg1\x00', {}, {}, 0x3a, 0x9, 0x5}, 0x0, 0x138, 0x180, 0x0, {}, [@common=@hbh={{0x48}, {0xff, 0x2, 0x1, [0xfff7, 0xfffe, 0xed, 0xff01, 0x4, 0x9, 0x5, 0x10, 0x3, 0x7, 0xffff, 0x9e, 0xfff, 0x3, 0x4, 0x5], 0x6}}, @common=@unspec=@limit={{0x48}, {0x5, 0x6, 0xfffffffffffffffd, 0x7be, 0xa674, 0x0, 0x6}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x180}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_S_INPUT(r7, 0xc0045627, &(0x7f00000001c0)=0x1)
ioctl$VIDIOC_S_FREQUENCY(r7, 0x402c5639, &(0x7f0000000080)={0x0, 0x2, 0x400008}) (async)
ioctl$VIDIOC_S_STD(r7, 0x40085618, &(0x7f0000000480)=0x7) (async)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r9=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4800000010000104000000000007000000000000", @ANYRES32=r9, @ANYBLOB="3f00000006020400280012800b0001006272696467650000180002800c002e0003000000030000000500070008"], 0x48}, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0)
r10 = syz_open_dev$sg(&(0x7f00000003c0), 0x4a38, 0x201)
ioctl$SG_IO(r10, 0x2285, &(0x7f00000000c0)={0x0, 0xfffffffffffffffc, 0xab, 0xb4, @scatter={0x0, 0x0, 0x0}, &(0x7f00000004c0)="a6823ac6aeb312b0510792ebf045ded76208a57ceddf96bd7bfba6f7882171dcf3fe5deb41ee0feb00e67f9fb3bff49072eeb6733927308310c1b1422730e410475d57e3c7e39108eb23fd58e4fc0084f4a708057d6585eda37e59372c6fcccfda9392a97c9528d858fe06a4b59e5f44e27ac6d5400738e4f283e30c776823388aaa7d266d51536e11e0a5ccda8deddc4dca46ce0904a64cf814e7bd4fe8c6dbfce0558619300167d80000", 0x0, 0x2, 0x10023, 0x1, 0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="700000001000010428bd70000100000000000000", @ANYRES32=0x0, @ANYBLOB="08000000000001004000128009000100766c616e0000000030000280060001000200000006000100020000001c0004800c00010005000000000800000c0001008100000081ffffff08000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9, @ANYBLOB="f2f7aad2ce88e25ffe20930b205432511f7dd4057f71069063035b2d5cef"], 0x70}, 0x1, 0x0, 0x0, 0x240008c4}, 0x20008004)

523.194491ms ago: executing program 1 (id=10720):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002c00)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000340), 0x8002, 0x36ba03)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r2, 0x80085665, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
close(r3)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xb57533df4456317d, 0x0)
getpid()
syz_80211_join_ibss(&(0x7f0000000200)='wlan0\x00', &(0x7f00000002c0)=@default_ap_ssid, 0x6, 0x1)
r4 = socket$key(0xf, 0x3, 0x2)
accept$packet(r4, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x77, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x65, 0x2, 0x1, 0x8, 0x10, 0xf5, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x9, 0x24, 0x6, 0x0, 0x1, "bcf96bbd"}, {0x5, 0x24, 0x0, 0x7f}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x1, 0xb0, 0x67}, {0x6, 0x24, 0x1a, 0x8001, 0x3c}, [@obex={0x5, 0x24, 0x15, 0x8}]}, {{0x9, 0x5, 0x81, 0x3, 0x8, 0x1, 0x9, 0x8}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x0, 0x4, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x9, 0x5, 0xfe}}}}}}}]}}, &(0x7f0000000a80)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x200, 0x5, 0x80, 0x24, 0x20, 0x8}, 0x1e, &(0x7f0000000380)={0x5, 0xf, 0x1e, 0x3, [@wireless={0xb, 0x10, 0x1, 0xc, 0x61, 0x7f, 0x6, 0x8000, 0x9}, @wireless={0xb, 0x10, 0x1, 0x0, 0x10, 0x3, 0x5, 0x1070, 0x8}, @ptm_cap={0x3}]}, 0x8, [{0xd7, &(0x7f0000000800)=@string={0xd7, 0x3, "5404e01c3a7600a69cc3b763015389db38bb389b4ca556ed95196851d7d3b89f1805dbe7b7d8b0069ba1ee77271171f91ff3357290766c294a61cc9f20c50d17e6502c771dba60b51fdac9141c37caa54bb87a0ef5e20c8152ae5e922426eaee9b447d6b6c1f888333272dca29a045d21b56b1c0dd21778c98e8ac5d4011443b72c84c7a5bfa8846dc4aa4e548a6cd00d26cac97f365a0abbe43c427bae6828bcb541cd2258bb2e0a9b2e704736faadcc279af9b9d4aa1fd5352f38dd45da22ae68e337004b5085f681b21075a9a4f60a20db3abb4"}}, {0x1f, &(0x7f00000003c0)=@string={0x1f, 0x3, "b027b428ffdf33589869ae53ae027a6daabadb42272562b267e62022c5"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0xf0ff}}, {0x34, &(0x7f0000000480)=@string={0x34, 0x3, "b42b46972f35619e937765c3392811ae3ce8baf2f307646e56afa60876963302770d76de907c6b8cde6abdd598f114ce6adc"}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0xde2ea77675cd1a57}}, {0x4, &(0x7f0000000900)=@lang_id={0x4, 0x3, 0x3055}}, {0xd8, &(0x7f0000000940)=ANY=[@ANYBLOB="d803520daf4e9524038444c7a710efb9ac24d2a78251dd2b0f71462a0b7614dda882964173be44fcf252a5000d05d3e4da3ede3fe44ab479a0ce83a61126b47f78a51c4a3d8a4875c0a27ede5bf38e62317799fcb2bc47d2cc1c06e77262cf9fe8acb8dd45817da8a73629b96b3aa70b1a1c5dc39f5414dfe2c84ad93543c94be7d5c10744cbf578fa2f879b91d36eb0a3261ff9bf4b3916171d5c22d83f3dbe61668b058bb11686c79adaac516608f464d0b7b5fc52c7f49c11c61f36159730a5a1f047e485d0cd29ecc3b2c4d78ae599a700db71695b51"]}, {0x4, &(0x7f0000000a40)=@lang_id={0x4, 0x3, 0x42b}}]})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x40400)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20000080)
r7 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil)
shmat(r7, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r9 = getpid()
process_vm_readv(r9, 0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000740)=""/148, 0x94}, {&(0x7f0000000300)=""/15, 0xf}, {&(0x7f0000000500)=""/250, 0xfa}, {&(0x7f0000000440)=""/42, 0x2a}, {&(0x7f0000000600)=""/129, 0x81}], 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')

487.261333ms ago: executing program 6 (id=10721):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000280)=ANY=[@ANYRES16=0x0, @ANYBLOB="df4800000000000000000c0000000c000380040005"], 0x20}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd00028008"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1, 0x0, 0x0, 0xf401}, 0x0)

405.602144ms ago: executing program 6 (id=10722):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000001600)="36a18e24c2a7c72fc5d61df3433eb6d250c3a67b9c03d6590ff2314f05afdceeee31074468da8f01da11fa78c93134c062b0f529a16eb53d6b1f3180120ee48994d422003856ea1eda79b4b4ffc15ca99ecbcccb4def419da443a1676320113cc2893153c32a1b1e79c8566dd7cce8ee805426bd48cdba93c9f58855ed88ef7415b51c839723cd567069c877912b943c000000000000", 0x96, 0x800b, 0x0, 0x0)

355.643253ms ago: executing program 6 (id=10723):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140))
getpid()
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$setregs(0xd, r1, 0x8, &(0x7f0000000a40)="47aaf63e3722d2a83d6b95a71d14ea166ec1bbec3c5baae7afd00a52a3543b68c1bda7e00de23c816f603aba4d37d816b52752b766b487aad71d38b670f6f3b3cc48ed3a5315da46c08b579ac8e19d569f448837157ea3057dc0648ec5c071b72aac5f9ba0fcf2002c8d131dad49288f1fc6a2cf9d1138215e83e17555d582393941219571a5d2efdf")
ptrace$getregset(0x4204, r1, 0x202, &(0x7f0000000540)={&(0x7f0000000880)=""/264, 0x108})

281.245039ms ago: executing program 6 (id=10724):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x2b, 0x0, 0x1022c001, 0x4, 0x0, 0x3, 0xa18, 0x0, 0x0, 0x10, 0x6}}, 0x50)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700100000001400000060ec97000fc82c00fe8000000000000000001200000000aaff02000000000000000000000000000188"], 0xffe)

280.280019ms ago: executing program 3 (id=10725):
socket(0x80000000000000a, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$key(0xf, 0x3, 0x2)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305001200000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0)

190.29537ms ago: executing program 2 (id=10726):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'veth1_to_bond\x00', 0x400})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'rose0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000000300000000000000", @ANYRES32=r2], 0x20}}, 0x0)

256.051µs ago: executing program 3 (id=10727):
r0 = socket$key(0xf, 0x3, 0x2)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000080)=0x7f)
socket$key(0xf, 0x3, 0x2) (async)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) (async)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000001c0)) (async)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000080)=0x7f) (async)

0s ago: executing program 2 (id=10728):
socket$kcm(0x2, 0x200000000000001, 0x106)
socket$kcm(0x10, 0x2, 0x4)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x121682, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x82200, 0x0)
syz_usb_connect(0x5, 0x4c, &(0x7f0000000580)=ANY=[@ANYBLOB="1201100335fe6510"], 0x0)
unshare(0x28000600)
socket$inet(0x2, 0x4000000000000001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r1, &(0x7f00000012c0)="a5", 0x1)
pselect6(0x0, 0x0, &(0x7f0000000780)={0xc10, 0x0, 0x7, 0x3, 0x4, 0x8, 0x5, 0x2}, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

000000a
[ 2222.910278][T11640] RBP: 00007fe0c8131090 R08: 0000000000000000 R09: 0000000000000000
[ 2222.910289][T11640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2222.910298][T11640] R13: 00007fe0c7416038 R14: 00007fe0c7415fa0 R15: 00007fe0c753fa48
[ 2222.910323][T11640]  </TASK>
[ 2222.912361][T11644] mac80211_hwsim hwsim53 syzkaller0: entered promiscuous mode
[ 2223.146781][T11644] mac80211_hwsim hwsim53 syzkaller0: entered allmulticast mode
[ 2223.204864][T11649] fuse: Unknown parameter 'smackfshat'
[ 2223.440533][T11658] FAULT_INJECTION: forcing a failure.
[ 2223.440533][T11658] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2223.484305][T11658] CPU: 0 UID: 0 PID: 11658 Comm: syz.6.10349 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2223.484333][T11658] Tainted: [L]=SOFTLOCKUP
[ 2223.484340][T11658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2223.484350][T11658] Call Trace:
[ 2223.484357][T11658]  <TASK>
[ 2223.484365][T11658]  dump_stack_lvl+0xe8/0x150
[ 2223.484392][T11658]  should_fail_ex+0x412/0x560
[ 2223.484418][T11658]  _copy_from_user+0x2d/0xb0
[ 2223.484436][T11658]  __se_sys_landlock_add_rule+0x1e4/0x780
[ 2223.484521][T11658]  ? fput+0xa0/0xd0
[ 2223.484542][T11658]  ? __pfx___se_sys_landlock_add_rule+0x10/0x10
[ 2223.484558][T11658]  ? ksys_write+0x242/0x270
[ 2223.484575][T11658]  ? __pfx_ksys_write+0x10/0x10
[ 2223.484595][T11658]  do_syscall_64+0x14d/0xf80
[ 2223.484609][T11658]  ? trace_irq_disable+0x3b/0x150
[ 2223.484626][T11658]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2223.484638][T11658]  ? clear_bhb_loop+0x40/0x90
[ 2223.484653][T11658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2223.484665][T11658] RIP: 0033:0x7fd73619c799
[ 2223.484678][T11658] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2223.484688][T11658] RSP: 002b:00007fd736fb9028 EFLAGS: 00000246 ORIG_RAX: 00000000000001bd
[ 2223.484702][T11658] RAX: ffffffffffffffda RBX: 00007fd736416180 RCX: 00007fd73619c799
[ 2223.484711][T11658] RDX: 0000200000000380 RSI: 0000000000000001 RDI: 000000000000000b
[ 2223.484719][T11658] RBP: 00007fd736fb9090 R08: 0000000000000000 R09: 0000000000000000
[ 2223.484726][T11658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2223.484734][T11658] R13: 00007fd736416218 R14: 00007fd736416180 R15: 00007fd73653fa48
[ 2223.484760][T11658]  </TASK>
[ 2223.547870][T19605] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[ 2223.708994][T11659] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2223.738302][T11659] PKCS7: Unknown OID: [4] 5.25.43183(bad)
[ 2223.744055][T11659] PKCS7: Only support pkcs7_signedData type
[ 2223.978441][T19605] usb 1-1: config 0 has no interfaces?
[ 2223.985909][T19605] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 2224.010849][T19605] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2224.041009][T11662] fuse: Bad value for 'fd'
[ 2224.045459][T19605] usb 1-1: Product: syz
[ 2224.058455][T19605] usb 1-1: Manufacturer: syz
[ 2224.079644][T19605] usb 1-1: SerialNumber: syz
[ 2224.104955][T19605] usb 1-1: config 0 descriptor??
[ 2224.310341][T11668] binder: 11663:11668 ioctl ae80 0 returned -22
[ 2224.391963][T11647] __nla_validate_parse: 43 callbacks suppressed
[ 2224.391982][T11647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10347'.
[ 2224.524172][T11647] veth0_vlan: entered allmulticast mode
[ 2224.547425][ T7586] usb 1-1: USB disconnect, device number 81
[ 2225.296947][T16352] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[ 2225.476807][T16352] usb 7-1: Using ep0 maxpacket: 16
[ 2225.503472][T16352] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2225.523511][T16352] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2225.558823][T16352] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2225.595446][T16352] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2225.633818][T16352] usb 7-1: Product: syz
[ 2225.649792][T16352] usb 7-1: Manufacturer: syz
[ 2225.655484][T11696] fuse: Invalid rootmode
[ 2225.662997][T16352] usb 7-1: SerialNumber: syz
[ 2225.810721][T11705] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10364'.
[ 2225.822416][T11705] netlink: 'syz.3.10364': attribute type 1 has an invalid length.
[ 2225.887853][T16352] usb 7-1: 0:2 : does not exist
[ 2225.910844][T16352] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[ 2225.961439][T16352] usb 7-1: USB disconnect, device number 25
[ 2225.968289][T21664] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[ 2226.003825][ T5890] udevd[5890]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2226.116738][T21664] usb 3-1: device descriptor read/64, error -71
[ 2226.366764][T21664] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[ 2226.516852][T21664] usb 3-1: device descriptor read/64, error -71
[ 2226.621040][T11712] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10368'.
[ 2226.651103][T21664] usb usb3-port1: attempt power cycle
[ 2226.828680][T11721] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10370'.
[ 2226.916813][T16352] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[ 2226.983027][T11721] netlink: 52 bytes leftover after parsing attributes in process `syz.3.10370'.
[ 2227.010855][T21664] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[ 2227.047763][T21664] usb 3-1: device descriptor read/8, error -71
[ 2227.089034][T16352] usb 7-1: config 0 has no interfaces?
[ 2227.099144][T16352] usb 7-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 2227.113999][T16352] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2227.130382][T16352] usb 7-1: Product: syz
[ 2227.134633][T16352] usb 7-1: Manufacturer: syz
[ 2227.139330][T16352] usb 7-1: SerialNumber: syz
[ 2227.150453][T16352] usb 7-1: config 0 descriptor??
[ 2227.306771][T21664] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 2227.334277][T11724] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10371'.
[ 2227.347641][T21664] usb 3-1: device descriptor read/8, error -71
[ 2227.381709][T11714] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10369'.
[ 2227.392710][T11714] veth0_vlan: left promiscuous mode
[ 2227.401768][T11714] veth0_vlan: entered promiscuous mode
[ 2227.415311][ T7586] usb 7-1: USB disconnect, device number 26
[ 2227.458520][T21664] usb usb3-port1: unable to enumerate USB device
[ 2227.468265][T11729] binder: 11725:11729 ioctl ae80 0 returned -22
[ 2228.124758][T21664] IPVS: starting estimator thread 0...
[ 2228.175284][   T29] audit: type=1326 audit(1773626496.371:4619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11736 comm="syz.6.10374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2228.226821][T11740] IPVS: using max 59 ests per chain, 141600 per kthread
[ 2228.235401][   T29] audit: type=1326 audit(1773626496.411:4620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11736 comm="syz.6.10374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2228.297391][   T29] audit: type=1326 audit(1773626496.411:4621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11736 comm="syz.6.10374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2228.378525][   T29] audit: type=1326 audit(1773626496.431:4622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11736 comm="syz.6.10374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2228.449147][   T29] audit: type=1326 audit(1773626496.431:4623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11736 comm="syz.6.10374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2228.471791][T19605] usb 2-1: new full-speed USB device number 35 using dummy_hcd
[ 2228.537931][   T29] audit: type=1326 audit(1773626496.521:4624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11736 comm="syz.6.10374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2228.633470][   T29] audit: type=1326 audit(1773626496.651:4625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11736 comm="syz.6.10374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2228.663948][T19605] usb 2-1: config 129 has an invalid interface number: 4 but max is 0
[ 2228.681695][T19605] usb 2-1: config 129 has no interface number 0
[ 2228.707148][T19605] usb 2-1: config 129 interface 4 altsetting 20 endpoint 0xB has invalid maxpacket 1024, setting to 64
[ 2228.735967][   T29] audit: type=1326 audit(1773626496.651:4626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11736 comm="syz.6.10374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2228.742593][T11744] fuse: Invalid rootmode
[ 2228.777093][T19605] usb 2-1: config 129 interface 4 has no altsetting 0
[ 2228.829466][T19605] usb 2-1: New USB device found, idVendor=0403, idProduct=f458, bcdDevice= 0.7c
[ 2228.912206][T19605] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2228.943733][T19605] usb 2-1: Product: syz
[ 2228.986959][T19605] usb 2-1: Manufacturer: syz
[ 2228.991602][T19605] usb 2-1: SerialNumber: syz
[ 2229.316842][T16352] usb 3-1: new full-speed USB device number 54 using dummy_hcd
[ 2229.347606][ T7586] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[ 2229.529076][T16352] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2229.555062][ T7586] usb 1-1: Using ep0 maxpacket: 16
[ 2229.566847][T11759] FAULT_INJECTION: forcing a failure.
[ 2229.566847][T11759] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2229.593835][T16352] usb 3-1: New USB device found, idVendor=200c, idProduct=100b, bcdDevice= 0.40
[ 2229.610005][T16352] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2229.622008][T11759] CPU: 0 UID: 0 PID: 11759 Comm: syz.3.10380 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2229.622034][T11759] Tainted: [L]=SOFTLOCKUP
[ 2229.622040][T11759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2229.622050][T11759] Call Trace:
[ 2229.622058][T11759]  <TASK>
[ 2229.622065][T11759]  dump_stack_lvl+0xe8/0x150
[ 2229.622093][T11759]  should_fail_ex+0x412/0x560
[ 2229.622114][T11759]  _copy_to_user+0x31/0xb0
[ 2229.622126][T11759]  simple_read_from_buffer+0xe1/0x170
[ 2229.622142][T11759]  proc_fail_nth_read+0x1bb/0x230
[ 2229.622158][T11759]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2229.622177][T11759]  ? rw_verify_area+0x2a6/0x4d0
[ 2229.622194][T11759]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2229.622216][T11759]  vfs_read+0x20c/0xa70
[ 2229.622231][T11759]  ? fdget_pos+0x246/0x320
[ 2229.622254][T11759]  ? __pfx___mutex_lock+0x10/0x10
[ 2229.622268][T11759]  ? __pfx_vfs_read+0x10/0x10
[ 2229.622278][T11759]  ? __fget_files+0x2a/0x420
[ 2229.622293][T11759]  ? __fget_files+0x3a0/0x420
[ 2229.622305][T11759]  ? __fget_files+0x2a/0x420
[ 2229.622327][T11759]  ksys_read+0x150/0x270
[ 2229.622346][T11759]  ? __pfx_ksys_read+0x10/0x10
[ 2229.622376][T11759]  do_syscall_64+0x14d/0xf80
[ 2229.622392][T11759]  ? trace_irq_disable+0x3b/0x150
[ 2229.622410][T11759]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2229.622419][T11759]  ? clear_bhb_loop+0x40/0x90
[ 2229.622431][T11759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2229.622440][T11759] RIP: 0033:0x7fcf4975cfce
[ 2229.622452][T11759] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2229.622460][T11759] RSP: 002b:00007fcf4a6b7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2229.622477][T11759] RAX: ffffffffffffffda RBX: 00007fcf4a6b86c0 RCX: 00007fcf4975cfce
[ 2229.622488][T11759] RDX: 000000000000000f RSI: 00007fcf4a6b80a0 RDI: 0000000000000004
[ 2229.622499][T11759] RBP: 00007fcf4a6b8090 R08: 0000000000000000 R09: 0000000000000000
[ 2229.622509][T11759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2229.622519][T11759] R13: 00007fcf49a16128 R14: 00007fcf49a16090 R15: 00007fcf49b3fa48
[ 2229.622545][T11759]  </TASK>
[ 2229.986791][T16352] usb 3-1: Product: syz
[ 2229.990988][T16352] usb 3-1: Manufacturer: syz
[ 2229.995569][T16352] usb 3-1: SerialNumber: syz
[ 2230.066539][ T7586] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2230.107597][ T7586] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2230.215831][ T7586] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 2230.289014][ T7586] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2230.316371][ T7586] usb 1-1: config 0 descriptor??
[ 2230.557152][ T7223] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 2230.626816][   T42] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[ 2230.718842][ T7223] usb 4-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64
[ 2230.730608][ T7223] usb 4-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32
[ 2230.746758][ T7223] usb 4-1: config 1 interface 0 has no altsetting 0
[ 2230.752418][ T7586] hid_parser_main: 11 callbacks suppressed
[ 2230.752439][ T7586] mcp2221 0003:04D8:00DD.0050: unknown main item tag 0x6
[ 2230.756464][ T7223] usb 4-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40
[ 2230.761911][ T7586] mcp2221 0003:04D8:00DD.0050: item fetching failed at offset 4/5
[ 2230.787799][ T7586] mcp2221 0003:04D8:00DD.0050: can't parse reports
[ 2230.790756][ T7223] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2230.794835][ T7586] mcp2221 0003:04D8:00DD.0050: probe with driver mcp2221 failed with error -22
[ 2230.812112][ T7223] usb 4-1: Product: syz
[ 2230.817742][ T7223] usb 4-1: Manufacturer: syz
[ 2230.822780][ T7223] usb 4-1: SerialNumber: syz
[ 2230.832118][   T42] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 2230.844860][T11763] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[ 2230.851645][   T42] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2230.859805][T11763] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[ 2230.868866][   T42] usb 7-1: Product: syz
[ 2230.873424][   T42] usb 7-1: Manufacturer: syz
[ 2230.878258][   T42] usb 7-1: SerialNumber: syz
[ 2230.891642][   T42] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 2230.909578][ T7586] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 2230.960891][   T42] usb 1-1: USB disconnect, device number 82
[ 2231.120247][T11765] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2231.132575][T11765] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2231.208136][T19605] ftdi_sio 2-1:129.4: FTDI USB Serial Device converter detected
[ 2231.252043][T19605] usb 2-1: Detected SIO
[ 2231.272833][T19605] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 2231.291852][T19605] usb 2-1: USB disconnect, device number 35
[ 2231.342740][T19605] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 2231.384276][T19605] ftdi_sio 2-1:129.4: device disconnected
[ 2231.716813][T19605] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 2231.879633][T19605] usb 2-1: config 0 has no interfaces?
[ 2231.897070][ T7223] (unnamed net_device) (uninitialized): Assigned a random MAC address: de:2c:64:be:03:df
[ 2231.961835][T19605] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 2232.014474][T19605] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2232.019269][ T7223] rtl8150 4-1:1.0: eth9: rtl8150 is detected
[ 2232.023850][ T7586] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[ 2232.078341][ T7223] usb 4-1: USB disconnect, device number 14
[ 2232.132902][T19605] usb 2-1: Product: syz
[ 2232.141907][ T7586] ath9k_htc: Failed to initialize the device
[ 2232.152504][T19605] usb 2-1: Manufacturer: syz
[ 2232.166545][T16352] usb 3-1: unit 8 not found!
[ 2232.176374][T16352] usb 3-1: unit 6 not found!
[ 2232.195050][T19605] usb 2-1: SerialNumber: syz
[ 2232.210263][ T7586] usb 7-1: ath9k_htc: USB layer deinitialized
[ 2232.219369][T19605] usb 2-1: config 0 descriptor??
[ 2232.371259][T16352] usb 3-1: USB disconnect, device number 54
[ 2232.393781][ T5890] udevd[5890]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2232.477381][T11768] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10384'.
[ 2232.507811][T11768] veth0_vlan: entered allmulticast mode
[ 2232.595618][T21664] usb 2-1: USB disconnect, device number 36
[ 2232.702263][T11785] fuse: Invalid rootmode
[ 2233.078796][T11796] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10393'.
[ 2233.091857][T11796] IPv6: NLM_F_CREATE should be specified when creating new route
[ 2233.559849][   T42] usb 7-1: USB disconnect, device number 27
[ 2234.002839][T11819] fuse: Bad value for 'rootmode'
[ 2234.216810][ T7586] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[ 2234.369191][ T7586] usb 7-1: Using ep0 maxpacket: 32
[ 2234.389216][ T7586] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2234.436027][ T7586] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2234.489065][ T7586] usb 7-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[ 2234.506713][ T7586] usb 7-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[ 2234.535504][ T7586] usb 7-1: Product: syz
[ 2234.557215][   T29] audit: type=1326 audit(1773626502.751:4627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11823 comm="syz.2.10402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2234.586072][ T7586] usb 7-1: Manufacturer: syz
[ 2234.599612][ T7586] usb 7-1: SerialNumber: syz
[ 2234.628886][ T7586] appletouch 7-1:1.0: Could not find int-in endpoint
[ 2234.635625][ T7586] appletouch 7-1:1.0: probe with driver appletouch failed with error -5
[ 2234.666945][   T29] audit: type=1326 audit(1773626502.751:4628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11823 comm="syz.2.10402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2234.708449][   T29] audit: type=1326 audit(1773626502.751:4629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11823 comm="syz.2.10402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2234.753813][ T7586] usbhid 7-1:1.0: couldn't find an input interrupt endpoint
[ 2234.793570][   T29] audit: type=1326 audit(1773626502.761:4630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11823 comm="syz.2.10402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2234.828750][   T29] audit: type=1326 audit(1773626502.761:4631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11823 comm="syz.2.10402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2234.873228][T11817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2234.910746][T11817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2234.947204][   T29] audit: type=1326 audit(1773626502.781:4632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11823 comm="syz.2.10402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2234.952001][ T7586] usb 7-1: USB disconnect, device number 28
[ 2234.998843][T11836] binder: 11831:11836 ioctl ae80 0 returned -22
[ 2235.089204][   T29] audit: type=1326 audit(1773626502.781:4633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11823 comm="syz.2.10402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2235.159519][   T29] audit: type=1326 audit(1773626502.781:4634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11823 comm="syz.2.10402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2235.245801][   T29] audit: type=1326 audit(1773626502.781:4635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11823 comm="syz.2.10402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2235.372864][   T29] audit: type=1326 audit(1773626502.781:4636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11823 comm="syz.2.10402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2236.190800][T11854] bridge_slave_0: left allmulticast mode
[ 2236.218985][T11854] bridge_slave_0: left promiscuous mode
[ 2236.233425][T11854] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2236.264274][T11854] bridge_slave_1: left allmulticast mode
[ 2236.276830][T21664] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[ 2236.293384][T11854] bridge_slave_1: left promiscuous mode
[ 2236.305016][T11854] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2236.343530][T11854] bond0: (slave bond_slave_0): Releasing backup interface
[ 2236.374997][T11854] bond0: (slave bond_slave_1): Releasing backup interface
[ 2236.432501][T11854] team0: Port device team_slave_0 removed
[ 2236.468782][T21664] usb 7-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[ 2236.484376][T11854] team0: Port device team_slave_1 removed
[ 2236.503457][T11854] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2236.517448][T21664] usb 7-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=7c.79
[ 2236.530698][T11854] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2236.544048][T21664] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2236.559599][T11854] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2236.576967][T21664] usb 7-1: Product: syz
[ 2236.581273][T21664] usb 7-1: Manufacturer: syz
[ 2236.585888][T11854] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2236.603156][T21664] usb 7-1: SerialNumber: syz
[ 2236.622762][T11854] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 2236.655660][T21664] comedi comedi5: Wrong number of endpoints
[ 2236.674147][T21664] dt9812 7-1:2.0: driver 'dt9812' failed to auto-configure device.
[ 2236.858491][T21664] usb 7-1: USB disconnect, device number 29
[ 2237.213130][T11877] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10414'.
[ 2237.222672][T11877] IPv6: NLM_F_CREATE should be specified when creating new route
[ 2237.244824][T11878] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10411'.
[ 2238.230329][T11898] netlink: 'syz.1.10423': attribute type 1 has an invalid length.
[ 2238.256965][T16352] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[ 2238.303305][T11900] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10423'.
[ 2238.309028][T11898] bond4: entered promiscuous mode
[ 2238.322669][T11900] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10423'.
[ 2238.323039][T11898] 8021q: adding VLAN 0 to HW filter on device bond4
[ 2238.423272][T11904] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2238.436779][T16352] usb 7-1: Using ep0 maxpacket: 16
[ 2238.455888][T11905] fuse: Bad value for 'fd'
[ 2238.466323][T11898] bond4: (slave bridge6): making interface the new active one
[ 2238.476416][T11898] bridge6: entered promiscuous mode
[ 2238.485583][T11898] bond4: (slave bridge6): Enslaving as an active interface with an up link
[ 2238.841150][T11910] netlink: 72 bytes leftover after parsing attributes in process `syz.2.10426'.
[ 2239.087018][T11914] binder: 11911:11914 ioctl ae80 0 returned -22
[ 2239.456770][   T42] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[ 2239.554624][T16352] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2239.591414][T16352] usb 7-1: no configurations
[ 2239.607092][   T42] usb 1-1: device descriptor read/64, error -71
[ 2239.626648][T16352] usb 7-1: can't read configurations, error -22
[ 2239.876776][   T42] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[ 2240.026822][   T42] usb 1-1: device descriptor read/64, error -71
[ 2240.157123][   T42] usb usb1-port1: attempt power cycle
[ 2240.529021][   T42] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[ 2240.601576][   T42] usb 1-1: device descriptor read/8, error -71
[ 2240.866767][   T42] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[ 2240.900081][   T42] usb 1-1: device descriptor read/8, error -71
[ 2241.025673][   T42] usb usb1-port1: unable to enumerate USB device
[ 2242.082906][T11960] netlink: 'syz.6.10439': attribute type 1 has an invalid length.
[ 2242.154968][T11964] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10439'.
[ 2242.179005][T11964] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10439'.
[ 2242.219189][T11960] bond4: entered promiscuous mode
[ 2242.247180][T11960] 8021q: adding VLAN 0 to HW filter on device bond4
[ 2242.308292][T11969] FAULT_INJECTION: forcing a failure.
[ 2242.308292][T11969] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2242.357025][T11969] CPU: 1 UID: 0 PID: 11969 Comm: syz.2.10443 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2242.357046][T11969] Tainted: [L]=SOFTLOCKUP
[ 2242.357050][T11969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2242.357056][T11969] Call Trace:
[ 2242.357061][T11969]  <TASK>
[ 2242.357066][T11969]  dump_stack_lvl+0xe8/0x150
[ 2242.357084][T11969]  should_fail_ex+0x412/0x560
[ 2242.357101][T11969]  _copy_from_iter+0x1d3/0x1670
[ 2242.357116][T11969]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2242.357131][T11969]  ? __pfx_policy_nodemask+0x10/0x10
[ 2242.357145][T11969]  ? __pfx__copy_from_iter+0x10/0x10
[ 2242.357161][T11969]  ? set_page_refcounted+0xa0/0x1e0
[ 2242.357173][T11969]  ? page_copy_sane+0x4e/0x270
[ 2242.357187][T11969]  copy_page_from_iter+0xdd/0x170
[ 2242.357203][T11969]  tun_get_user+0x1d4b/0x3dd0
[ 2242.357213][T11969]  ? tun_get_user+0x6ff/0x3dd0
[ 2242.357229][T11969]  ? aa_file_perm+0x50e/0x15e0
[ 2242.357245][T11969]  ? __pfx_tun_get_user+0x10/0x10
[ 2242.357253][T11969]  ? aa_file_perm+0x192/0x15e0
[ 2242.357274][T11969]  ? ref_tracker_alloc+0x35c/0x4c0
[ 2242.357289][T11969]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 2242.357304][T11969]  ? tun_get+0x1c/0x2f0
[ 2242.357315][T11969]  ? tun_get+0x1c/0x2f0
[ 2242.357324][T11969]  ? tun_get+0x1c/0x2f0
[ 2242.357334][T11969]  tun_chr_write_iter+0x113/0x200
[ 2242.357344][T11969]  vfs_write+0x61d/0xb90
[ 2242.357358][T11969]  ? __pfx_vfs_write+0x10/0x10
[ 2242.357372][T11969]  ? __fget_files+0x2a/0x420
[ 2242.357389][T11969]  ksys_write+0x150/0x270
[ 2242.357400][T11969]  ? __pfx_ksys_write+0x10/0x10
[ 2242.357415][T11969]  do_syscall_64+0x14d/0xf80
[ 2242.357426][T11969]  ? trace_irq_disable+0x3b/0x150
[ 2242.357440][T11969]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2242.357449][T11969]  ? clear_bhb_loop+0x40/0x90
[ 2242.357460][T11969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2242.357470][T11969] RIP: 0033:0x7f7da3f5cfce
[ 2242.357480][T11969] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2242.357488][T11969] RSP: 002b:00007f7da4f00fb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2242.357500][T11969] RAX: ffffffffffffffda RBX: 00007f7da4f016c0 RCX: 00007f7da3f5cfce
[ 2242.357506][T11969] RDX: 0000000000000036 RSI: 0000200000001800 RDI: 00000000000000c8
[ 2242.357520][T11969] RBP: 00007f7da4f01090 R08: 0000000000000000 R09: 0000000000000000
[ 2242.357525][T11969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2242.357531][T11969] R13: 00007f7da4216038 R14: 00007f7da4215fa0 R15: 00007f7da433fa48
[ 2242.357545][T11969]  </TASK>
[ 2242.776241][T11964] bond4: (slave bridge6): making interface the new active one
[ 2242.784324][T11964] bridge6: entered promiscuous mode
[ 2242.790295][T11964] bond4: (slave bridge6): Enslaving as an active interface with an up link
[ 2242.968442][   T10] usb 1-1: new high-speed USB device number 87 using dummy_hcd
[ 2243.112208][   T29] kauditd_printk_skb: 15 callbacks suppressed
[ 2243.112227][   T29] audit: type=1326 audit(1773626511.301:4652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.1.10446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09e2d9c799 code=0x7ffc0000
[ 2243.157099][   T10] usb 1-1: Using ep0 maxpacket: 16
[ 2243.233006][T11984] binder: 11975:11984 ioctl ae80 0 returned -22
[ 2243.272889][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2243.294732][   T10] usb 1-1: config 2 has an invalid interface number: 200 but max is 0
[ 2243.303238][   T29] audit: type=1326 audit(1773626511.301:4653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.1.10446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f09e2d9c799 code=0x7ffc0000
[ 2243.375256][   T29] audit: type=1326 audit(1773626511.301:4654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.1.10446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09e2d9c799 code=0x7ffc0000
[ 2243.385277][   T10] usb 1-1: config 2 has no interface number 0
[ 2243.406264][   T29] audit: type=1326 audit(1773626511.301:4655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.1.10446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09e2d9c799 code=0x7ffc0000
[ 2243.428909][   T29] audit: type=1326 audit(1773626511.351:4656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.1.10446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f09e2d9c799 code=0x7ffc0000
[ 2243.451796][   T29] audit: type=1326 audit(1773626511.351:4657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.1.10446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09e2d9c799 code=0x7ffc0000
[ 2243.492842][   T10] usb 1-1: config 2 interface 200 has no altsetting 0
[ 2243.506761][   T29] audit: type=1326 audit(1773626511.351:4658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.1.10446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09e2d9c799 code=0x7ffc0000
[ 2243.529541][   T29] audit: type=1326 audit(1773626511.351:4659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.1.10446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f09e2d9c799 code=0x7ffc0000
[ 2243.552153][   T29] audit: type=1326 audit(1773626511.351:4660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.1.10446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09e2d9c799 code=0x7ffc0000
[ 2243.575163][   T29] audit: type=1326 audit(1773626511.351:4661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.1.10446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09e2d9c799 code=0x7ffc0000
[ 2243.632775][   T10] usb 1-1: New USB device found, idVendor=093a, idProduct=260e, bcdDevice=43.53
[ 2243.709858][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2243.733284][   T10] usb 1-1: Product: syz
[ 2243.743724][   T10] usb 1-1: Manufacturer: С
[ 2243.755682][   T10] usb 1-1: SerialNumber: syz
[ 2244.137612][   T10] gspca_main: pac7311-2.14.0 probing 093a:260e
[ 2244.177467][   T10] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71
[ 2244.195626][   T10] pac7311 1-1:2.200: probe with driver pac7311 failed with error -71
[ 2244.235220][   T10] usb 1-1: USB disconnect, device number 87
[ 2244.380522][T11995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10450'.
[ 2244.423760][T11995] bond0: option lp_interval: invalid value (0)
[ 2244.440250][T11995] bond0: option lp_interval: allowed values 1 - 2147483647
[ 2244.761923][T12003] mac80211_hwsim hwsim53 syzkaller0: left promiscuous mode
[ 2244.775947][T12003] mac80211_hwsim hwsim53 syzkaller0: left allmulticast mode
[ 2244.943138][T12013] netlink: 'syz.6.10455': attribute type 1 has an invalid length.
[ 2245.016996][T12017] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10455'.
[ 2245.051601][T12013] bond5: entered promiscuous mode
[ 2245.061475][T12017] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10455'.
[ 2245.061841][T12013] 8021q: adding VLAN 0 to HW filter on device bond5
[ 2245.192053][T12023] bond5: (slave bridge7): making interface the new active one
[ 2245.202114][T12023] bridge7: entered promiscuous mode
[ 2245.260901][T12023] bond5: (slave bridge7): Enslaving as an active interface with an up link
[ 2245.467334][   T42] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 2245.648311][   T42] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[ 2245.657214][   T42] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 2245.688027][   T42] usb 3-1: config 0 has no interface number 0
[ 2245.717923][   T42] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[ 2245.786945][   T42] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2245.811160][   T42] usb 3-1: Product: syz
[ 2245.816357][   T42] usb 3-1: Manufacturer: syz
[ 2245.824224][   T42] usb 3-1: SerialNumber: syz
[ 2245.842433][   T42] usb 3-1: config 0 descriptor??
[ 2246.178686][   T42] uvcvideo 3-1:0.64: Found UVC 0.08 device syz (046d:0823)
[ 2246.240900][   T42] uvcvideo 3-1:0.64: No valid video chain found.
[ 2246.264842][   T42] usb 3-1: USB disconnect, device number 55
[ 2246.903810][T12058] netlink: 'syz.3.10471': attribute type 1 has an invalid length.
[ 2247.229997][T12063] bridge0: port 3(hsr0) entered blocking state
[ 2247.329480][T12063] bridge0: port 3(hsr0) entered disabled state
[ 2247.357027][T12063] hsr0: entered allmulticast mode
[ 2247.414542][T12063] hsr_slave_0: entered allmulticast mode
[ 2247.423487][T12063] hsr_slave_1: entered allmulticast mode
[ 2247.872809][T12068] netlink: 'syz.6.10474': attribute type 1 has an invalid length.
[ 2248.028514][T12071] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10474'.
[ 2248.062213][T12071] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10474'.
[ 2248.760641][T12063] hsr0: entered promiscuous mode
[ 2248.880453][T12063] bridge0: port 3(hsr0) entered blocking state
[ 2248.886868][T12063] bridge0: port 3(hsr0) entered forwarding state
[ 2249.207968][ T1148] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2249.434047][T12068] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[ 2249.892721][T12095] binder: 12085:12095 ioctl ae80 0 returned -22
[ 2249.920891][T12097] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2249.932660][T12097] netlink: 68 bytes leftover after parsing attributes in process `syz.6.10479'.
[ 2251.040557][T12109] netlink: 16 bytes leftover after parsing attributes in process `syz.0.10484'.
[ 2251.438218][ T3893] Bluetooth: hci1: Malformed MSFT vendor event: 0x02
[ 2251.455887][T12116] FAULT_INJECTION: forcing a failure.
[ 2251.455887][T12116] name failslab, interval 1, probability 0, space 0, times 0
[ 2251.487819][T12118] FAULT_INJECTION: forcing a failure.
[ 2251.487819][T12118] name failslab, interval 1, probability 0, space 0, times 0
[ 2251.506880][T12116] CPU: 0 UID: 0 PID: 12116 Comm: syz.6.10486 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2251.506907][T12116] Tainted: [L]=SOFTLOCKUP
[ 2251.506913][T12116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2251.506922][T12116] Call Trace:
[ 2251.506929][T12116]  <TASK>
[ 2251.506937][T12116]  dump_stack_lvl+0xe8/0x150
[ 2251.506964][T12116]  should_fail_ex+0x412/0x560
[ 2251.506998][T12116]  should_failslab+0xa8/0x100
[ 2251.507020][T12116]  __kmalloc_noprof+0xe8/0x760
[ 2251.507039][T12116]  ? tomoyo_encode+0x28b/0x550
[ 2251.507065][T12116]  tomoyo_encode+0x28b/0x550
[ 2251.507092][T12116]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 2251.507123][T12116]  ? tomoyo_path_number_perm+0x219/0x630
[ 2251.507143][T12116]  tomoyo_path_number_perm+0x246/0x630
[ 2251.507164][T12116]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2251.507186][T12116]  ? __lock_acquire+0x6b5/0x2cf0
[ 2251.507213][T12116]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 2251.507250][T12116]  ? __fget_files+0x2a/0x420
[ 2251.507273][T12116]  ? __fget_files+0x2a/0x420
[ 2251.507293][T12116]  ? __fget_files+0x3a0/0x420
[ 2251.507312][T12116]  ? __fget_files+0x2a/0x420
[ 2251.507336][T12116]  security_file_ioctl+0xc3/0x2a0
[ 2251.507358][T12116]  __se_sys_ioctl+0x47/0x170
[ 2251.507379][T12116]  do_syscall_64+0x14d/0xf80
[ 2251.507395][T12116]  ? trace_irq_disable+0x3b/0x150
[ 2251.507415][T12116]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2251.507432][T12116]  ? clear_bhb_loop+0x40/0x90
[ 2251.507451][T12116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2251.507466][T12116] RIP: 0033:0x7fd73619c799
[ 2251.507482][T12116] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2251.507493][T12116] RSP: 002b:00007fd736ffb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2251.507510][T12116] RAX: ffffffffffffffda RBX: 00007fd736415fa0 RCX: 00007fd73619c799
[ 2251.507522][T12116] RDX: 0000200000000000 RSI: 000000004004743a RDI: 0000000000000005
[ 2251.507533][T12116] RBP: 00007fd736ffb090 R08: 0000000000000000 R09: 0000000000000000
[ 2251.507543][T12116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2251.507553][T12116] R13: 00007fd736416038 R14: 00007fd736415fa0 R15: 00007fd73653fa48
[ 2251.507579][T12116]  </TASK>
[ 2251.507718][T12116] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2251.626752][T12118] CPU: 1 UID: 0 PID: 12118 Comm: syz.3.10487 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2251.626777][T12118] Tainted: [L]=SOFTLOCKUP
[ 2251.626784][T12118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2251.626793][T12118] Call Trace:
[ 2251.626803][T12118]  <TASK>
[ 2251.626811][T12118]  dump_stack_lvl+0xe8/0x150
[ 2251.626837][T12118]  should_fail_ex+0x412/0x560
[ 2251.626862][T12118]  should_failslab+0xa8/0x100
[ 2251.626883][T12118]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 2251.626901][T12118]  ? __alloc_skb+0x186/0x7d0
[ 2251.626916][T12118]  ? __alloc_skb+0x1d0/0x7d0
[ 2251.626929][T12118]  ? __local_bh_enable_ip+0xd0/0x130
[ 2251.626951][T12118]  __alloc_skb+0x1d0/0x7d0
[ 2251.626970][T12118]  netlink_sendmsg+0x5d4/0xb40
[ 2251.627000][T12118]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2251.627023][T12118]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 2251.627045][T12118]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2251.627066][T12118]  ____sys_sendmsg+0x972/0x9f0
[ 2251.627091][T12118]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2251.627114][T12118]  ? import_iovec+0x73/0xa0
[ 2251.627136][T12118]  ___sys_sendmsg+0x2a5/0x360
[ 2251.627158][T12118]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2251.627202][T12118]  ? __fget_files+0x2a/0x420
[ 2251.627222][T12118]  ? __fget_files+0x3a0/0x420
[ 2251.627249][T12118]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 2251.627269][T12118]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2251.627293][T12118]  ? __pfx_ksys_write+0x10/0x10
[ 2251.627318][T12118]  do_syscall_64+0x14d/0xf80
[ 2251.627334][T12118]  ? trace_irq_disable+0x3b/0x150
[ 2251.627353][T12118]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2251.627369][T12118]  ? clear_bhb_loop+0x40/0x90
[ 2251.627387][T12118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2251.627402][T12118] RIP: 0033:0x7fcf4979c799
[ 2251.627419][T12118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2251.627431][T12118] RSP: 002b:00007fcf4a6d9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2251.627448][T12118] RAX: ffffffffffffffda RBX: 00007fcf49a15fa0 RCX: 00007fcf4979c799
[ 2251.627459][T12118] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 2251.627469][T12118] RBP: 00007fcf4a6d9090 R08: 0000000000000000 R09: 0000000000000000
[ 2251.627493][T12118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2251.627503][T12118] R13: 00007fcf49a16038 R14: 00007fcf49a15fa0 R15: 00007fcf49b3fa48
[ 2251.627527][T12118]  </TASK>
[ 2252.238952][   T10] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[ 2252.377095][   T10] usb 3-1: device descriptor read/64, error -71
[ 2252.391894][T12132] netlink: 'syz.3.10489': attribute type 1 has an invalid length.
[ 2252.411890][T12129] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10490'.
[ 2252.452459][T12129] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10490'.
[ 2252.491744][T12135] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10489'.
[ 2252.505342][T12132] bond6: entered promiscuous mode
[ 2252.518678][T12132] 8021q: adding VLAN 0 to HW filter on device bond6
[ 2252.531076][T12135] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10489'.
[ 2252.594106][T12132] bond6: (slave bridge10): making interface the new active one
[ 2252.603131][T12132] bridge10: entered promiscuous mode
[ 2252.616854][   T10] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[ 2252.632941][T12132] bond6: (slave bridge10): Enslaving as an active interface with an up link
[ 2252.759713][   T10] usb 3-1: device descriptor read/64, error -71
[ 2252.887110][   T10] usb usb3-port1: attempt power cycle
[ 2253.236767][   T10] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[ 2253.258432][T12151] FAULT_INJECTION: forcing a failure.
[ 2253.258432][T12151] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2253.313429][T12151] CPU: 0 UID: 0 PID: 12151 Comm: syz.1.10497 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2253.313456][T12151] Tainted: [L]=SOFTLOCKUP
[ 2253.313462][T12151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2253.313472][T12151] Call Trace:
[ 2253.313479][T12151]  <TASK>
[ 2253.313487][T12151]  dump_stack_lvl+0xe8/0x150
[ 2253.313514][T12151]  should_fail_ex+0x412/0x560
[ 2253.313540][T12151]  _copy_from_user+0x2d/0xb0
[ 2253.313557][T12151]  do_tcp_getsockopt+0x22e/0x2950
[ 2253.313658][T12151]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[ 2253.313679][T12151]  ? sock_recv_errqueue+0x520/0x590
[ 2253.313704][T12151]  ? __lock_acquire+0x6b5/0x2cf0
[ 2253.313724][T12151]  ? aa_label_sk_perm+0x532/0x6e0
[ 2253.313747][T12151]  ? kstrtoull+0x12f/0x1d0
[ 2253.313768][T12151]  ? __pfx_aa_label_sk_perm+0x10/0x10
[ 2253.313788][T12151]  ? kstrtouint+0x6e/0xe0
[ 2253.313818][T12151]  ? get_pid_task+0x20/0x1f0
[ 2253.313838][T12151]  ? __lock_acquire+0x6b5/0x2cf0
[ 2253.313872][T12151]  ? aa_sk_perm+0x6d5/0x900
[ 2253.313906][T12151]  tcp_getsockopt+0x83/0x130
[ 2253.313926][T12151]  ? sock_recv_errqueue+0x520/0x590
[ 2253.313946][T12151]  ? sock_recv_errqueue+0x520/0x590
[ 2253.313965][T12151]  ? __pfx_sock_common_getsockopt+0x10/0x10
[ 2253.313988][T12151]  do_sock_getsockopt+0x2d3/0x3f0
[ 2253.314008][T12151]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 2253.314025][T12151]  ? __fget_files+0x3a0/0x420
[ 2253.314046][T12151]  ? __fget_files+0x2a/0x420
[ 2253.314073][T12151]  __x64_sys_getsockopt+0x1a4/0x240
[ 2253.314097][T12151]  do_syscall_64+0x14d/0xf80
[ 2253.314114][T12151]  ? trace_irq_disable+0x3b/0x150
[ 2253.314133][T12151]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2253.314148][T12151]  ? clear_bhb_loop+0x40/0x90
[ 2253.314165][T12151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2253.314181][T12151] RIP: 0033:0x7f09e2d9c799
[ 2253.314196][T12151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2253.314208][T12151] RSP: 002b:00007f09e3d32028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 2253.314226][T12151] RAX: ffffffffffffffda RBX: 00007f09e3015fa0 RCX: 00007f09e2d9c799
[ 2253.314237][T12151] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000004
[ 2253.314247][T12151] RBP: 00007f09e3d32090 R08: 0000200000000480 R09: 0000000000000000
[ 2253.314256][T12151] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[ 2253.314266][T12151] R13: 00007f09e3016038 R14: 00007f09e3015fa0 R15: 00007f09e313fa48
[ 2253.314292][T12151]  </TASK>
[ 2253.582647][   T10] usb 3-1: device descriptor read/8, error -71
[ 2253.718835][T12158] netlink: 36 bytes leftover after parsing attributes in process `syz.1.10500'.
[ 2253.718981][T12157] netlink: 36 bytes leftover after parsing attributes in process `syz.1.10500'.
[ 2253.826751][   T10] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[ 2253.910580][   T10] usb 3-1: device descriptor read/8, error -71
[ 2254.016985][   T10] usb usb3-port1: unable to enumerate USB device
[ 2254.658709][T12183] syzkaller0: mtu less than device minimum
[ 2254.733839][   T29] kauditd_printk_skb: 9 callbacks suppressed
[ 2254.733855][   T29] audit: type=1326 audit(1773626522.931:4671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.10507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2254.849603][   T29] audit: type=1326 audit(1773626522.931:4672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.10507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2254.872643][   T29] audit: type=1326 audit(1773626522.931:4673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.10507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2254.946465][   T29] audit: type=1326 audit(1773626522.931:4674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.10507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2255.048583][   T29] audit: type=1326 audit(1773626522.931:4675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.10507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2255.096960][   T29] audit: type=1326 audit(1773626522.931:4676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.10507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7da3f5cfce code=0x7ffc0000
[ 2255.147712][   T29] audit: type=1326 audit(1773626522.941:4677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.10507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2255.216776][   T29] audit: type=1326 audit(1773626522.941:4678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.10507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2255.254353][   T29] audit: type=1326 audit(1773626522.941:4679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.10507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2255.286932][   T42] usb 3-1: new low-speed USB device number 60 using dummy_hcd
[ 2255.293961][   T29] audit: type=1326 audit(1773626522.941:4680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12188 comm="syz.2.10507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7da3f9c799 code=0x7ffc0000
[ 2255.377484][T12195] syzkaller1: entered promiscuous mode
[ 2255.383488][T12195] syzkaller1: entered allmulticast mode
[ 2255.487927][   T42] usb 3-1: Invalid ep0 maxpacket: 32
[ 2255.826768][   T42] usb 3-1: new low-speed USB device number 61 using dummy_hcd
[ 2255.996910][   T42] usb 3-1: Invalid ep0 maxpacket: 32
[ 2256.016962][   T42] usb usb3-port1: attempt power cycle
[ 2256.200705][T12217] FAULT_INJECTION: forcing a failure.
[ 2256.200705][T12217] name failslab, interval 1, probability 0, space 0, times 0
[ 2256.216178][T12217] CPU: 1 UID: 0 PID: 12217 Comm: syz.0.10518 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2256.216204][T12217] Tainted: [L]=SOFTLOCKUP
[ 2256.216210][T12217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2256.216220][T12217] Call Trace:
[ 2256.216233][T12217]  <TASK>
[ 2256.216240][T12217]  dump_stack_lvl+0xe8/0x150
[ 2256.216266][T12217]  should_fail_ex+0x412/0x560
[ 2256.216292][T12217]  should_failslab+0xa8/0x100
[ 2256.216311][T12217]  ? prepare_creds+0x30/0x820
[ 2256.216329][T12217]  kmem_cache_alloc_noprof+0x87/0x650
[ 2256.216353][T12217]  prepare_creds+0x30/0x820
[ 2256.216376][T12217]  copy_creds+0x10e/0xa30
[ 2256.216399][T12217]  copy_process+0x904/0x3cd0
[ 2256.216423][T12217]  ? kstrtoull+0x12f/0x1d0
[ 2256.216446][T12217]  ? kstrtouint+0x6e/0xe0
[ 2256.216469][T12217]  ? get_pid_task+0x20/0x1f0
[ 2256.216488][T12217]  ? __pfx_copy_process+0x10/0x10
[ 2256.216508][T12217]  ? get_pid_task+0x20/0x1f0
[ 2256.216521][T12217]  ? get_pid_task+0x20/0x1f0
[ 2256.216542][T12217]  kernel_clone+0x248/0x8e0
[ 2256.216567][T12217]  ? __pfx_kernel_clone+0x10/0x10
[ 2256.216596][T12217]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 2256.216620][T12217]  __x64_sys_clone+0x1b6/0x230
[ 2256.216643][T12217]  ? __pfx___x64_sys_clone+0x10/0x10
[ 2256.216673][T12217]  ? __pfx_ksys_write+0x10/0x10
[ 2256.216699][T12217]  do_syscall_64+0x14d/0xf80
[ 2256.216715][T12217]  ? trace_irq_disable+0x3b/0x150
[ 2256.216734][T12217]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2256.216750][T12217]  ? clear_bhb_loop+0x40/0x90
[ 2256.216769][T12217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2256.216785][T12217] RIP: 0033:0x7fe0c719c799
[ 2256.216801][T12217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2256.216815][T12217] RSP: 002b:00007fe0c8130fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2256.216832][T12217] RAX: ffffffffffffffda RBX: 00007fe0c7415fa0 RCX: 00007fe0c719c799
[ 2256.216844][T12217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 2256.216854][T12217] RBP: 00007fe0c8131090 R08: 0000000000000000 R09: 0000000000000000
[ 2256.216863][T12217] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 2256.216873][T12217] R13: 00007fe0c7416038 R14: 00007fe0c7415fa0 R15: 00007fe0c753fa48
[ 2256.216898][T12217]  </TASK>
[ 2256.876488][T19605] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[ 2256.926918][   T42] usb 3-1: new low-speed USB device number 62 using dummy_hcd
[ 2256.962085][   T42] usb 3-1: Invalid ep0 maxpacket: 32
[ 2257.027022][T19605] usb 7-1: device descriptor read/64, error -71
[ 2257.096844][   T42] usb 3-1: new low-speed USB device number 63 using dummy_hcd
[ 2257.117913][   T42] usb 3-1: Invalid ep0 maxpacket: 32
[ 2257.124261][   T42] usb usb3-port1: unable to enumerate USB device
[ 2257.266797][T19605] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[ 2257.406799][T19605] usb 7-1: device descriptor read/64, error -71
[ 2257.519183][T19605] usb usb7-port1: attempt power cycle
[ 2257.857592][T19605] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[ 2257.908172][T19605] usb 7-1: device descriptor read/8, error -71
[ 2258.009377][T12238] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10524'.
[ 2258.045992][T12239] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10525'.
[ 2258.079327][T12239] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10525'.
[ 2258.096364][T12239] openvswitch: netlink: Flow actions attr not present in new flow.
[ 2258.167065][T19605] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[ 2258.210532][T19605] usb 7-1: device descriptor read/8, error -71
[ 2258.338758][T19605] usb usb7-port1: unable to enumerate USB device
[ 2259.037899][T12263] FAULT_INJECTION: forcing a failure.
[ 2259.037899][T12263] name failslab, interval 1, probability 0, space 0, times 0
[ 2259.037927][T12263] CPU: 0 UID: 0 PID: 12263 Comm: syz.6.10534 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2259.037947][T12263] Tainted: [L]=SOFTLOCKUP
[ 2259.037952][T12263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2259.037962][T12263] Call Trace:
[ 2259.037969][T12263]  <TASK>
[ 2259.037976][T12263]  dump_stack_lvl+0xe8/0x150
[ 2259.038001][T12263]  should_fail_ex+0x412/0x560
[ 2259.038021][T12263]  should_failslab+0xa8/0x100
[ 2259.038034][T12263]  __kmalloc_noprof+0xe8/0x760
[ 2259.038045][T12263]  ? bpf_test_init+0x9f/0x150
[ 2259.038062][T12263]  bpf_test_init+0x9f/0x150
[ 2259.038076][T12263]  bpf_prog_test_run_skb+0x36f/0x1c90
[ 2259.038095][T12263]  ? __fget_files+0x2a/0x420
[ 2259.038108][T12263]  ? __fget_files+0x3a0/0x420
[ 2259.038120][T12263]  ? __fget_files+0x2a/0x420
[ 2259.038135][T12263]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 2259.038148][T12263]  bpf_prog_test_run+0x2c7/0x340
[ 2259.038160][T12263]  __sys_bpf+0x643/0x950
[ 2259.038175][T12263]  ? __pfx___sys_bpf+0x10/0x10
[ 2259.038195][T12263]  ? ksys_write+0x242/0x270
[ 2259.038206][T12263]  ? __pfx_ksys_write+0x10/0x10
[ 2259.038219][T12263]  __x64_sys_bpf+0x7c/0x90
[ 2259.038232][T12263]  do_syscall_64+0x14d/0xf80
[ 2259.038242][T12263]  ? trace_irq_disable+0x3b/0x150
[ 2259.038256][T12263]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2259.038265][T12263]  ? clear_bhb_loop+0x40/0x90
[ 2259.038277][T12263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2259.038286][T12263] RIP: 0033:0x7fd73619c799
[ 2259.038296][T12263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2259.038304][T12263] RSP: 002b:00007fd736ffb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2259.038316][T12263] RAX: ffffffffffffffda RBX: 00007fd736415fa0 RCX: 00007fd73619c799
[ 2259.038323][T12263] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a
[ 2259.038329][T12263] RBP: 00007fd736ffb090 R08: 0000000000000000 R09: 0000000000000000
[ 2259.038334][T12263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2259.038339][T12263] R13: 00007fd736416038 R14: 00007fd736415fa0 R15: 00007fd73653fa48
[ 2259.038353][T12263]  </TASK>
[ 2259.161565][T12269] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2259.496761][T19605] usb 2-1: new full-speed USB device number 37 using dummy_hcd
[ 2259.511891][T12269] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2259.660199][T19605] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 2259.678148][T19605] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2259.724396][T19605] usb 2-1: Product: syz
[ 2259.740955][T19605] usb 2-1: Manufacturer: syz
[ 2259.755763][T19605] usb 2-1: SerialNumber: syz
[ 2259.832383][T19605] usb 2-1: config 0 descriptor??
[ 2259.895124][T19605] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 2260.064186][T19605] gspca_stk1135: reg_w 0x2 err -71
[ 2260.096477][T19605] gspca_stk1135: serial bus timeout: status=0x00
[ 2260.120461][T19605] gspca_stk1135: Sensor write failed
[ 2260.128876][T19605] gspca_stk1135: serial bus timeout: status=0x00
[ 2260.135368][T19605] gspca_stk1135: Sensor write failed
[ 2260.162951][T19605] gspca_stk1135: serial bus timeout: status=0x00
[ 2260.171341][T19605] gspca_stk1135: Sensor read failed
[ 2260.177150][T19605] gspca_stk1135: serial bus timeout: status=0x00
[ 2260.183583][T19605] gspca_stk1135: Sensor read failed
[ 2260.189080][T19605] gspca_stk1135: Detected sensor type unknown (0x0)
[ 2260.195703][T19605] gspca_stk1135: serial bus timeout: status=0x00
[ 2260.202921][T19605] gspca_stk1135: Sensor read failed
[ 2260.210360][T19605] gspca_stk1135: serial bus timeout: status=0x00
[ 2260.216910][T19605] gspca_stk1135: Sensor read failed
[ 2260.223724][T19605] gspca_stk1135: serial bus timeout: status=0x00
[ 2260.234579][T19605] gspca_stk1135: Sensor write failed
[ 2260.242108][T19605] gspca_stk1135: serial bus timeout: status=0x00
[ 2260.249239][T19605] gspca_stk1135: Sensor write failed
[ 2260.256833][T19605] stk1135 2-1:0.0: probe with driver stk1135 failed with error -71
[ 2260.270621][T19605] usb 2-1: USB disconnect, device number 37
[ 2260.596813][T21664] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[ 2260.784050][T12302] netlink: 'syz.1.10547': attribute type 1 has an invalid length.
[ 2260.797126][T21664] usb 1-1: device descriptor read/64, error -71
[ 2261.086816][T21664] usb 1-1: new high-speed USB device number 89 using dummy_hcd
[ 2261.236746][T21664] usb 1-1: device descriptor read/64, error -71
[ 2261.358355][T21664] usb usb1-port1: attempt power cycle
[ 2261.711434][T21664] usb 1-1: new high-speed USB device number 90 using dummy_hcd
[ 2261.726792][ T5911] usb 3-1: new low-speed USB device number 64 using dummy_hcd
[ 2261.767543][T21664] usb 1-1: device descriptor read/8, error -71
[ 2262.020407][ T5911] usb 3-1: No LPM exit latency info found, disabling LPM.
[ 2262.026775][T21664] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[ 2262.057826][T21664] usb 1-1: device descriptor read/8, error -71
[ 2262.088263][ T5911] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 is Bulk; changing to Interrupt
[ 2262.114224][ T5911] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 is Bulk; changing to Interrupt
[ 2262.167389][T21664] usb usb1-port1: unable to enumerate USB device
[ 2262.202549][ T5911] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2262.212312][ T5911] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2262.222431][ T5911] usb 3-1: Product: 
[ 2262.227774][ T5911] usb 3-1: Manufacturer: ➰⢴堳榘厮ʮ浺몪䋛┧뉢∠
[ 2262.241247][ T5911] usb 3-1: SerialNumber: ⮴靆㔯鹡瞓썥⠹긑߳湤꽖ࢦ陶ȳ൷粐豫櫞햽츔
[ 2262.527649][   T29] kauditd_printk_skb: 85 callbacks suppressed
[ 2262.527667][   T29] audit: type=1800 audit(1773626530.721:4766): pid=12319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.10550" name="SYSV00000000" dev="hugetlbfs" ino=4 res=0 errno=0
[ 2263.550557][T12352] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2264.264946][ T5911] cdc_ncm 3-1:1.0: bind() failure
[ 2264.351771][ T5911] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[ 2264.416752][ T5911] cdc_ncm 3-1:1.1: bind() failure
[ 2264.462636][ T5911] usb 3-1: USB disconnect, device number 64
[ 2264.495815][T12361] binder: 12356:12361 ioctl c0306201 0 returned -14
[ 2264.805680][T12368] mac80211_hwsim hwsim59 syzkaller0: entered promiscuous mode
[ 2264.839413][T12368] mac80211_hwsim hwsim59 syzkaller0: entered allmulticast mode
[ 2264.896156][T12368] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2264.911714][T12361] syz.2.10562 (12361): drop_caches: 2
[ 2264.926909][T12372] delete_channel: no stack
[ 2265.177722][T21664] usb 7-1: new full-speed USB device number 36 using dummy_hcd
[ 2265.338867][T21664] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2265.346820][T16352] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 2265.377449][T21664] usb 7-1: not running at top speed; connect to a high speed hub
[ 2265.406983][T21664] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 2265.414750][T21664] usb 7-1: can't read configurations, error -61
[ 2265.556775][T16352] usb 2-1: Using ep0 maxpacket: 16
[ 2265.585457][T21664] usb 7-1: new full-speed USB device number 37 using dummy_hcd
[ 2265.818497][T21664] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2265.831902][T21664] usb 7-1: not running at top speed; connect to a high speed hub
[ 2265.848701][T21664] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 2265.866745][T21664] usb 7-1: can't read configurations, error -61
[ 2265.883541][T21664] usb usb7-port1: attempt power cycle
[ 2266.017145][   T10] tipc: Node number set to 1463014624
[ 2266.158087][   T10] usb 1-1: new low-speed USB device number 92 using dummy_hcd
[ 2266.166253][T16352] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 2266.190977][T16352] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 2266.210759][T16352] usb 2-1: can't read configurations, error -71
[ 2266.256764][T21664] usb 7-1: new full-speed USB device number 38 using dummy_hcd
[ 2266.290511][T21664] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2266.304642][T21664] usb 7-1: not running at top speed; connect to a high speed hub
[ 2266.331107][T21664] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 2266.340764][T21664] usb 7-1: can't read configurations, error -61
[ 2266.368358][   T10] usb 1-1: No LPM exit latency info found, disabling LPM.
[ 2266.386838][   T10] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 is Bulk; changing to Interrupt
[ 2266.399643][   T10] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 is Bulk; changing to Interrupt
[ 2266.426050][   T10] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2266.449462][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2266.467820][   T10] usb 1-1: Product: 
[ 2266.476411][   T10] usb 1-1: Manufacturer: ➰⢴堳榘厮ʮ浺몪䋛┧뉢∠
[ 2266.485040][T21664] usb 7-1: new full-speed USB device number 39 using dummy_hcd
[ 2266.502854][   T10] usb 1-1: SerialNumber: ⮴靆㔯鹡瞓썥⠹긑߳湤꽖ࢦ陶ȳ൷粐豫櫞햽츔
[ 2266.529082][T21664] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2266.553128][T21664] usb 7-1: not running at top speed; connect to a high speed hub
[ 2266.563473][T21664] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 2266.572478][T21664] usb 7-1: can't read configurations, error -61
[ 2266.582649][T21664] usb usb7-port1: unable to enumerate USB device
[ 2266.865914][   T29] audit: type=1800 audit(1773626535.061:4767): pid=12386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.10572" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[ 2267.396343][T12414] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10579'.
[ 2267.708182][T12416] mac80211_hwsim hwsim56 wlan0: entered promiscuous mode
[ 2267.722591][T12416] macvlan2: entered promiscuous mode
[ 2268.035042][T12420] netdevsim netdevsim6 netdevsim0: entered allmulticast mode
[ 2268.069430][T12420] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 2268.796162][T12440] FAULT_INJECTION: forcing a failure.
[ 2268.796162][T12440] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2268.816968][T12440] CPU: 1 UID: 0 PID: 12440 Comm: syz.3.10589 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2268.817005][T12440] Tainted: [L]=SOFTLOCKUP
[ 2268.817011][T12440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2268.817020][T12440] Call Trace:
[ 2268.817027][T12440]  <TASK>
[ 2268.817034][T12440]  dump_stack_lvl+0xe8/0x150
[ 2268.817062][T12440]  should_fail_ex+0x412/0x560
[ 2268.817086][T12440]  _copy_from_user+0x2d/0xb0
[ 2268.817102][T12440]  kstrtouint_from_user+0xd6/0x180
[ 2268.817124][T12440]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 2268.817157][T12440]  proc_fail_nth_write+0x8e/0x210
[ 2268.817179][T12440]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 2268.817204][T12440]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 2268.817226][T12440]  vfs_write+0x29a/0xb90
[ 2268.817251][T12440]  ? __pfx_vfs_write+0x10/0x10
[ 2268.817269][T12440]  ? __fget_files+0x2a/0x420
[ 2268.817294][T12440]  ? __fget_files+0x3a0/0x420
[ 2268.817313][T12440]  ? __fget_files+0x2a/0x420
[ 2268.817341][T12440]  ksys_write+0x150/0x270
[ 2268.817360][T12440]  ? __pfx_ksys_write+0x10/0x10
[ 2268.817385][T12440]  do_syscall_64+0x14d/0xf80
[ 2268.817403][T12440]  ? trace_irq_disable+0x3b/0x150
[ 2268.817422][T12440]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2268.817437][T12440]  ? clear_bhb_loop+0x40/0x90
[ 2268.817457][T12440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2268.817472][T12440] RIP: 0033:0x7fcf4975cfce
[ 2268.817488][T12440] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2268.817502][T12440] RSP: 002b:00007fcf4a6d8fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2268.817520][T12440] RAX: ffffffffffffffda RBX: 00007fcf4a6d96c0 RCX: 00007fcf4975cfce
[ 2268.817531][T12440] RDX: 0000000000000001 RSI: 00007fcf4a6d90a0 RDI: 0000000000000004
[ 2268.817541][T12440] RBP: 00007fcf4a6d9090 R08: 0000000000000000 R09: 0000000000000000
[ 2268.817550][T12440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2268.817559][T12440] R13: 00007fcf49a16038 R14: 00007fcf49a15fa0 R15: 00007fcf49b3fa48
[ 2268.817586][T12440]  </TASK>
[ 2269.054433][ T5911] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 2269.067702][   T10] cdc_ncm 1-1:1.0: bind() failure
[ 2269.078220][   T10] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[ 2269.085040][   T10] cdc_ncm 1-1:1.1: bind() failure
[ 2269.111183][   T10] usb 1-1: USB disconnect, device number 92
[ 2269.216717][ T5911] usb 2-1: Using ep0 maxpacket: 16
[ 2269.790560][ T5911] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 2269.818627][ T5911] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 2269.854692][ T5911] usb 2-1: can't read configurations, error -71
[ 2269.932446][T12456] FAULT_INJECTION: forcing a failure.
[ 2269.932446][T12456] name failslab, interval 1, probability 0, space 0, times 0
[ 2270.028554][T12456] CPU: 0 UID: 0 PID: 12456 Comm: syz.3.10595 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2270.028573][T12456] Tainted: [L]=SOFTLOCKUP
[ 2270.028576][T12456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2270.028582][T12456] Call Trace:
[ 2270.028587][T12456]  <TASK>
[ 2270.028592][T12456]  dump_stack_lvl+0xe8/0x150
[ 2270.028610][T12456]  should_fail_ex+0x412/0x560
[ 2270.028627][T12456]  should_failslab+0xa8/0x100
[ 2270.028640][T12456]  __kmalloc_cache_noprof+0x88/0x660
[ 2270.028652][T12456]  ? ipv6_flowlabel_opt+0xf1e/0x28e0
[ 2270.028666][T12456]  ipv6_flowlabel_opt+0xf1e/0x28e0
[ 2270.028677][T12456]  ? look_up_lock_class+0x57/0x110
[ 2270.028693][T12456]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[ 2270.028712][T12456]  ? __lock_acquire+0x6b5/0x2cf0
[ 2270.028727][T12456]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2270.028737][T12456]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2270.028751][T12456]  ? __local_bh_enable_ip+0xd0/0x130
[ 2270.028765][T12456]  do_ipv6_setsockopt+0xda7/0x31c0
[ 2270.028794][T12456]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[ 2270.028804][T12456]  ? kstrtouint+0x6e/0xe0
[ 2270.028817][T12456]  ? aa_label_sk_perm+0x532/0x6e0
[ 2270.028834][T12456]  ? __pfx_aa_label_sk_perm+0x10/0x10
[ 2270.028846][T12456]  ? get_pid_task+0x20/0x1f0
[ 2270.028854][T12456]  ? get_pid_task+0x20/0x1f0
[ 2270.028861][T12456]  ? get_pid_task+0x20/0x1f0
[ 2270.028876][T12456]  ? __lock_acquire+0x6b5/0x2cf0
[ 2270.028894][T12456]  ? aa_sk_perm+0x6d5/0x900
[ 2270.028907][T12456]  ipv6_setsockopt+0x59/0x170
[ 2270.028919][T12456]  rawv6_setsockopt+0x276/0x5f0
[ 2270.028932][T12456]  ? __pfx_rawv6_setsockopt+0x10/0x10
[ 2270.028944][T12456]  ? aa_sock_opt_perm+0xff/0x1a0
[ 2270.028958][T12456]  ? sock_common_setsockopt+0x36/0xc0
[ 2270.028971][T12456]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 2270.028985][T12456]  do_sock_setsockopt+0x17c/0x1b0
[ 2270.028997][T12456]  __x64_sys_setsockopt+0x13d/0x1b0
[ 2270.029010][T12456]  do_syscall_64+0x14d/0xf80
[ 2270.029019][T12456]  ? trace_irq_disable+0x3b/0x150
[ 2270.029032][T12456]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2270.029041][T12456]  ? clear_bhb_loop+0x40/0x90
[ 2270.029053][T12456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2270.029062][T12456] RIP: 0033:0x7fcf4979c799
[ 2270.029071][T12456] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2270.029080][T12456] RSP: 002b:00007fcf4a6d9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 2270.029091][T12456] RAX: ffffffffffffffda RBX: 00007fcf49a15fa0 RCX: 00007fcf4979c799
[ 2270.029098][T12456] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[ 2270.029103][T12456] RBP: 00007fcf4a6d9090 R08: 0000000000000024 R09: 0000000000000000
[ 2270.029109][T12456] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2270.029115][T12456] R13: 00007fcf49a16038 R14: 00007fcf49a15fa0 R15: 00007fcf49b3fa48
[ 2270.029129][T12456]  </TASK>
[ 2270.423755][T12460] FAULT_INJECTION: forcing a failure.
[ 2270.423755][T12460] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2270.441890][T12460] CPU: 1 UID: 0 PID: 12460 Comm: syz.3.10597 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2270.441917][T12460] Tainted: [L]=SOFTLOCKUP
[ 2270.441923][T12460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2270.441933][T12460] Call Trace:
[ 2270.441940][T12460]  <TASK>
[ 2270.441948][T12460]  dump_stack_lvl+0xe8/0x150
[ 2270.441974][T12460]  should_fail_ex+0x412/0x560
[ 2270.442000][T12460]  _copy_from_user+0x2d/0xb0
[ 2270.442017][T12460]  inet6_ioctl+0x1ac/0x2e0
[ 2270.442037][T12460]  ? __pfx_inet6_ioctl+0x10/0x10
[ 2270.442054][T12460]  ? tomoyo_path_number_perm+0x219/0x630
[ 2270.442082][T12460]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2270.442106][T12460]  sock_do_ioctl+0x101/0x320
[ 2270.442129][T12460]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 2270.442146][T12460]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 2270.442178][T12460]  sock_ioctl+0x5c6/0x7f0
[ 2270.442199][T12460]  ? __pfx_sock_ioctl+0x10/0x10
[ 2270.442218][T12460]  ? __fget_files+0x2a/0x420
[ 2270.442238][T12460]  ? __fget_files+0x3a0/0x420
[ 2270.442257][T12460]  ? __fget_files+0x2a/0x420
[ 2270.442280][T12460]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 2270.442300][T12460]  ? __pfx_sock_ioctl+0x10/0x10
[ 2270.442318][T12460]  __se_sys_ioctl+0xfc/0x170
[ 2270.442337][T12460]  do_syscall_64+0x14d/0xf80
[ 2270.442354][T12460]  ? trace_irq_disable+0x3b/0x150
[ 2270.442373][T12460]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2270.442389][T12460]  ? clear_bhb_loop+0x40/0x90
[ 2270.442407][T12460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2270.442423][T12460] RIP: 0033:0x7fcf4979c799
[ 2270.442438][T12460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2270.442451][T12460] RSP: 002b:00007fcf4a6d9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2270.442469][T12460] RAX: ffffffffffffffda RBX: 00007fcf49a15fa0 RCX: 00007fcf4979c799
[ 2270.442480][T12460] RDX: 0000200000000240 RSI: 000000000000890b RDI: 0000000000000005
[ 2270.442490][T12460] RBP: 00007fcf4a6d9090 R08: 0000000000000000 R09: 0000000000000000
[ 2270.442500][T12460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2270.442509][T12460] R13: 00007fcf49a16038 R14: 00007fcf49a15fa0 R15: 00007fcf49b3fa48
[ 2270.442534][T12460]  </TASK>
[ 2271.006770][T21664] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[ 2271.020300][   T29] audit: type=1326 audit(1773626539.211:4768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12472 comm="syz.6.10602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2271.042978][   T10] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 2271.085334][   T29] audit: type=1326 audit(1773626539.271:4769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12472 comm="syz.6.10602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2271.110279][   T29] audit: type=1326 audit(1773626539.271:4770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12472 comm="syz.6.10602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2271.138182][   T29] audit: type=1326 audit(1773626539.271:4771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12472 comm="syz.6.10602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2271.161686][   T29] audit: type=1326 audit(1773626539.271:4772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12472 comm="syz.6.10602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2271.187150][T21664] usb 1-1: device descriptor read/64, error -71
[ 2271.196818][   T29] audit: type=1326 audit(1773626539.391:4773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12472 comm="syz.6.10602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2271.229566][   T10] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 2271.249829][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2271.259929][   T10] usb 4-1: Product: syz
[ 2271.264151][   T10] usb 4-1: Manufacturer: syz
[ 2271.269189][   T29] audit: type=1326 audit(1773626539.391:4774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12472 comm="syz.6.10602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2271.292089][   T10] usb 4-1: SerialNumber: syz
[ 2271.300792][   T29] audit: type=1326 audit(1773626539.391:4775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12472 comm="syz.6.10602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2271.346899][   T29] audit: type=1326 audit(1773626539.391:4776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12472 comm="syz.6.10602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2271.377683][   T29] audit: type=1326 audit(1773626539.391:4777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12472 comm="syz.6.10602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2271.407105][ T5911] usb 2-1: new low-speed USB device number 41 using dummy_hcd
[ 2271.436933][T21664] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[ 2271.528739][   T10] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[ 2271.540745][   T10] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[ 2271.552527][   T10] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 2271.566628][   T10] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[ 2271.567094][T21664] usb 1-1: device descriptor read/64, error -71
[ 2271.574371][ T5911] usb 2-1: No LPM exit latency info found, disabling LPM.
[ 2271.590889][ T5911] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 is Bulk; changing to Interrupt
[ 2271.604056][   T10] usb 4-1: USB disconnect, device number 15
[ 2271.612696][ T5911] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 is Bulk; changing to Interrupt
[ 2271.633561][ T5911] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2271.646602][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2271.654937][ T5911] usb 2-1: Product: 
[ 2271.659363][ T5911] usb 2-1: Manufacturer: ➰⢴堳榘厮ʮ浺몪䋛┧뉢∠
[ 2271.671071][ T5911] usb 2-1: SerialNumber: ⮴靆㔯鹡瞓썥⠹긑߳湤꽖ࢦ陶ȳ൷粐豫櫞햽츔
[ 2271.698090][T21664] usb usb1-port1: attempt power cycle
[ 2271.778411][T12485] FAULT_INJECTION: forcing a failure.
[ 2271.778411][T12485] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2271.793210][T12485] CPU: 0 UID: 0 PID: 12485 Comm: syz.6.10604 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2271.793227][T12485] Tainted: [L]=SOFTLOCKUP
[ 2271.793231][T12485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2271.793236][T12485] Call Trace:
[ 2271.793241][T12485]  <TASK>
[ 2271.793245][T12485]  dump_stack_lvl+0xe8/0x150
[ 2271.793264][T12485]  should_fail_ex+0x412/0x560
[ 2271.793289][T12485]  _copy_to_user+0x31/0xb0
[ 2271.793308][T12485]  simple_read_from_buffer+0xe1/0x170
[ 2271.793334][T12485]  proc_fail_nth_read+0x1bb/0x230
[ 2271.793358][T12485]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2271.793373][T12485]  ? rw_verify_area+0x2a6/0x4d0
[ 2271.793383][T12485]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2271.793396][T12485]  vfs_read+0x20c/0xa70
[ 2271.793405][T12485]  ? fdget_pos+0x246/0x320
[ 2271.793423][T12485]  ? __pfx___mutex_lock+0x10/0x10
[ 2271.793442][T12485]  ? __pfx_vfs_read+0x10/0x10
[ 2271.793461][T12485]  ? __fget_files+0x2a/0x420
[ 2271.793484][T12485]  ? __fget_files+0x3a0/0x420
[ 2271.793504][T12485]  ? __fget_files+0x2a/0x420
[ 2271.793521][T12485]  ksys_read+0x150/0x270
[ 2271.793532][T12485]  ? __pfx_ksys_read+0x10/0x10
[ 2271.793546][T12485]  do_syscall_64+0x14d/0xf80
[ 2271.793556][T12485]  ? trace_irq_disable+0x3b/0x150
[ 2271.793580][T12485]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2271.793597][T12485]  ? clear_bhb_loop+0x40/0x90
[ 2271.793616][T12485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2271.793631][T12485] RIP: 0033:0x7fd73615cfce
[ 2271.793647][T12485] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2271.793656][T12485] RSP: 002b:00007fd736ffafe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2271.793667][T12485] RAX: ffffffffffffffda RBX: 00007fd736ffb6c0 RCX: 00007fd73615cfce
[ 2271.793674][T12485] RDX: 000000000000000f RSI: 00007fd736ffb0a0 RDI: 0000000000000004
[ 2271.793680][T12485] RBP: 00007fd736ffb090 R08: 0000000000000000 R09: 0000000000000000
[ 2271.793686][T12485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2271.793691][T12485] R13: 00007fd736416038 R14: 00007fd736415fa0 R15: 00007fd73653fa48
[ 2271.793705][T12485]  </TASK>
[ 2272.071597][T12488] FAULT_INJECTION: forcing a failure.
[ 2272.071597][T12488] name failslab, interval 1, probability 0, space 0, times 0
[ 2272.076782][T21664] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[ 2272.107973][T21664] usb 1-1: device descriptor read/8, error -71
[ 2272.115649][T12488] CPU: 1 UID: 0 PID: 12488 Comm: syz.6.10605 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2272.115666][T12488] Tainted: [L]=SOFTLOCKUP
[ 2272.115670][T12488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2272.115676][T12488] Call Trace:
[ 2272.115680][T12488]  <TASK>
[ 2272.115685][T12488]  dump_stack_lvl+0xe8/0x150
[ 2272.115703][T12488]  should_fail_ex+0x412/0x560
[ 2272.115720][T12488]  should_failslab+0xa8/0x100
[ 2272.115736][T12488]  __kmalloc_noprof+0xe8/0x760
[ 2272.115746][T12488]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2272.115757][T12488]  ? video_usercopy+0x1b1/0x14b0
[ 2272.115775][T12488]  video_usercopy+0x1b1/0x14b0
[ 2272.115789][T12488]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 2272.115801][T12488]  ? __pfx___video_do_ioctl+0x10/0x10
[ 2272.115815][T12488]  ? __pfx_video_usercopy+0x10/0x10
[ 2272.115831][T12488]  ? __fget_files+0x2a/0x420
[ 2272.115846][T12488]  ? __fget_files+0x2a/0x420
[ 2272.115859][T12488]  ? __fget_files+0x3a0/0x420
[ 2272.115873][T12488]  v4l2_ioctl+0x18d/0x1e0
[ 2272.115886][T12488]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 2272.115898][T12488]  __se_sys_ioctl+0xfc/0x170
[ 2272.115909][T12488]  do_syscall_64+0x14d/0xf80
[ 2272.115919][T12488]  ? trace_irq_disable+0x3b/0x150
[ 2272.115932][T12488]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2272.115941][T12488]  ? clear_bhb_loop+0x40/0x90
[ 2272.115952][T12488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2272.115962][T12488] RIP: 0033:0x7fd73619c799
[ 2272.115972][T12488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2272.115980][T12488] RSP: 002b:00007fd736ffb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2272.115991][T12488] RAX: ffffffffffffffda RBX: 00007fd736415fa0 RCX: 00007fd73619c799
[ 2272.115998][T12488] RDX: 0000200000000380 RSI: 00000000c0845657 RDI: 0000000000000003
[ 2272.116004][T12488] RBP: 00007fd736ffb090 R08: 0000000000000000 R09: 0000000000000000
[ 2272.116010][T12488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2272.116015][T12488] R13: 00007fd736416038 R14: 00007fd736415fa0 R15: 00007fd73653fa48
[ 2272.116029][T12488]  </TASK>
[ 2272.347081][T21664] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[ 2272.517950][T21664] usb 1-1: device descriptor read/8, error -71
[ 2272.647559][T21664] usb usb1-port1: unable to enumerate USB device
[ 2272.807753][   T10] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 2272.968332][   T10] usb 4-1: Using ep0 maxpacket: 16
[ 2273.659383][   T10] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 2273.700870][   T10] usb 4-1: no configurations
[ 2273.726301][   T10] usb 4-1: can't read configurations, error -22
[ 2274.097123][   T10] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 2274.246837][   T10] usb 4-1: Using ep0 maxpacket: 16
[ 2274.885577][   T10] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 2274.915833][   T10] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 2274.953758][   T10] usb 4-1: can't read configurations, error -71
[ 2274.968581][   T10] usb usb4-port1: attempt power cycle
[ 2275.185087][T12525] FAULT_INJECTION: forcing a failure.
[ 2275.185087][T12525] name failslab, interval 1, probability 0, space 0, times 0
[ 2275.204279][T12525] CPU: 1 UID: 0 PID: 12525 Comm: syz.0.10615 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2275.204299][T12525] Tainted: [L]=SOFTLOCKUP
[ 2275.204302][T12525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2275.204317][T12525] Call Trace:
[ 2275.204323][T12525]  <TASK>
[ 2275.204328][T12525]  dump_stack_lvl+0xe8/0x150
[ 2275.204347][T12525]  should_fail_ex+0x412/0x560
[ 2275.204364][T12525]  should_failslab+0xa8/0x100
[ 2275.204376][T12525]  ? dst_alloc+0x105/0x170
[ 2275.204395][T12525]  kmem_cache_alloc_noprof+0x87/0x650
[ 2275.204405][T12525]  ? string+0x279/0x2b0
[ 2275.204421][T12525]  dst_alloc+0x105/0x170
[ 2275.204434][T12525]  ip_route_output_key_hash_rcu+0x14d0/0x25d0
[ 2275.204492][T12525]  ? ip_route_output_key_hash+0xd8/0x2a0
[ 2275.204502][T12525]  ip_route_output_key_hash+0x18d/0x2a0
[ 2275.204511][T12525]  ? look_up_lock_class+0x57/0x110
[ 2275.204523][T12525]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[ 2275.204540][T12525]  ip_route_output_flow+0x2a/0x150
[ 2275.204553][T12525]  ? security_sk_classify_flow+0x6d/0x150
[ 2275.204565][T12525]  udp_sendmsg+0x154a/0x22f0
[ 2275.204610][T12525]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 2275.204622][T12525]  ? __pfx_udp_sendmsg+0x10/0x10
[ 2275.204645][T12525]  ? inet_sendmsg+0x14f/0x370
[ 2275.204736][T12525]  ? inet_sendmsg+0x14f/0x370
[ 2275.204746][T12525]  ? __local_bh_enable_ip+0xd0/0x130
[ 2275.204758][T12525]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2275.204767][T12525]  ? inet_sendmsg+0x14f/0x370
[ 2275.204776][T12525]  ? __local_bh_enable_ip+0xd0/0x130
[ 2275.204788][T12525]  ? inet_sendmsg+0x29c/0x370
[ 2275.204799][T12525]  ____sys_sendmsg+0x80a/0x9f0
[ 2275.204815][T12525]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2275.204834][T12525]  ? import_iovec+0x73/0xa0
[ 2275.204846][T12525]  ___sys_sendmsg+0x2a5/0x360
[ 2275.204859][T12525]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2275.204871][T12525]  ? kstrtouint+0x6e/0xe0
[ 2275.204899][T12525]  ? __fget_files+0x2a/0x420
[ 2275.204912][T12525]  ? __fget_files+0x3a0/0x420
[ 2275.204930][T12525]  __sys_sendmmsg+0x27c/0x4e0
[ 2275.204943][T12525]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2275.204952][T12525]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 2275.204974][T12525]  ? ksys_write+0x242/0x270
[ 2275.204985][T12525]  ? __pfx_ksys_write+0x10/0x10
[ 2275.204997][T12525]  __x64_sys_sendmmsg+0xa0/0xc0
[ 2275.205008][T12525]  do_syscall_64+0x14d/0xf80
[ 2275.205018][T12525]  ? trace_irq_disable+0x3b/0x150
[ 2275.205031][T12525]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2275.205041][T12525]  ? clear_bhb_loop+0x40/0x90
[ 2275.205052][T12525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2275.205061][T12525] RIP: 0033:0x7fe0c719c799
[ 2275.205072][T12525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2275.205080][T12525] RSP: 002b:00007fe0c8131028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2275.205092][T12525] RAX: ffffffffffffffda RBX: 00007fe0c7415fa0 RCX: 00007fe0c719c799
[ 2275.205098][T12525] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[ 2275.205104][T12525] RBP: 00007fe0c8131090 R08: 0000000000000000 R09: 0000000000000000
[ 2275.205110][T12525] R10: 0000000004000800 R11: 0000000000000246 R12: 0000000000000001
[ 2275.205115][T12525] R13: 00007fe0c7416038 R14: 00007fe0c7415fa0 R15: 00007fe0c753fa48
[ 2275.205130][T12525]  </TASK>
[ 2275.842850][ T5911] cdc_ncm 2-1:1.0: bind() failure
[ 2275.852951][ T5911] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 2275.860180][ T5911] cdc_ncm 2-1:1.1: bind() failure
[ 2275.946514][ T5911] usb 2-1: USB disconnect, device number 41
[ 2276.001075][T12533] FAULT_INJECTION: forcing a failure.
[ 2276.001075][T12533] name failslab, interval 1, probability 0, space 0, times 0
[ 2276.018119][T12533] CPU: 1 UID: 0 PID: 12533 Comm: syz.1.10619 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2276.018144][T12533] Tainted: [L]=SOFTLOCKUP
[ 2276.018150][T12533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2276.018160][T12533] Call Trace:
[ 2276.018167][T12533]  <TASK>
[ 2276.018174][T12533]  dump_stack_lvl+0xe8/0x150
[ 2276.018200][T12533]  should_fail_ex+0x412/0x560
[ 2276.018226][T12533]  should_failslab+0xa8/0x100
[ 2276.018245][T12533]  ? security_inode_alloc+0x39/0x310
[ 2276.018269][T12533]  kmem_cache_alloc_noprof+0x87/0x650
[ 2276.018293][T12533]  security_inode_alloc+0x39/0x310
[ 2276.018314][T12533]  inode_init_always_gfp+0x9ed/0xdc0
[ 2276.018349][T12533]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 2276.018369][T12533]  alloc_inode+0x82/0x1b0
[ 2276.018390][T12533]  do_accept+0x13e/0x760
[ 2276.018466][T12533]  ? __pfx_do_accept+0x10/0x10
[ 2276.018503][T12533]  io_accept+0x310/0x7a0
[ 2276.018563][T12533]  ? __pfx_io_accept+0x10/0x10
[ 2276.018585][T12533]  ? __fget_files+0x2a/0x420
[ 2276.018604][T12533]  ? __fget_files+0x3a0/0x420
[ 2276.018626][T12533]  __io_issue_sqe+0x180/0x4b0
[ 2276.018665][T12533]  ? io_file_get_normal+0xe9/0x310
[ 2276.018682][T12533]  io_issue_sqe+0x164/0xf90
[ 2276.018704][T12533]  io_submit_sqes+0xcb1/0x2400
[ 2276.018743][T12533]  __se_sys_io_uring_enter+0x2cc/0x18c0
[ 2276.018762][T12533]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2276.018784][T12533]  ? __fget_files+0x3a0/0x420
[ 2276.018807][T12533]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[ 2276.018822][T12533]  ? fput+0xa0/0xd0
[ 2276.018842][T12533]  ? ksys_write+0x242/0x270
[ 2276.018858][T12533]  ? __pfx_ksys_write+0x10/0x10
[ 2276.018875][T12533]  ? __x64_sys_io_uring_enter+0x21/0xf0
[ 2276.018892][T12533]  do_syscall_64+0x14d/0xf80
[ 2276.018907][T12533]  ? trace_irq_disable+0x3b/0x150
[ 2276.018926][T12533]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2276.018940][T12533]  ? clear_bhb_loop+0x40/0x90
[ 2276.018957][T12533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2276.018973][T12533] RIP: 0033:0x7f09e2d9c799
[ 2276.018987][T12533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2276.018999][T12533] RSP: 002b:00007f09e3d32028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2276.019016][T12533] RAX: ffffffffffffffda RBX: 00007f09e3015fa0 RCX: 00007f09e2d9c799
[ 2276.019026][T12533] RDX: 0000000000000000 RSI: 00000000000047ba RDI: 0000000000000004
[ 2276.019036][T12533] RBP: 00007f09e3d32090 R08: 0000000000000000 R09: 0000000000000000
[ 2276.019046][T12533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2276.019055][T12533] R13: 00007f09e3016038 R14: 00007f09e3015fa0 R15: 00007f09e313fa48
[ 2276.019078][T12533]  </TASK>
[ 2276.324898][T12537] FAULT_INJECTION: forcing a failure.
[ 2276.324898][T12537] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2276.338650][T12537] CPU: 1 UID: 0 PID: 12537 Comm: syz.6.10618 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2276.338667][T12537] Tainted: [L]=SOFTLOCKUP
[ 2276.338671][T12537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2276.338677][T12537] Call Trace:
[ 2276.338681][T12537]  <TASK>
[ 2276.338686][T12537]  dump_stack_lvl+0xe8/0x150
[ 2276.338705][T12537]  should_fail_ex+0x412/0x560
[ 2276.338721][T12537]  _copy_to_user+0x31/0xb0
[ 2276.338733][T12537]  simple_read_from_buffer+0xe1/0x170
[ 2276.338749][T12537]  proc_fail_nth_read+0x1bb/0x230
[ 2276.338764][T12537]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2276.338778][T12537]  ? rw_verify_area+0x2a6/0x4d0
[ 2276.338797][T12537]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2276.338810][T12537]  vfs_read+0x20c/0xa70
[ 2276.338819][T12537]  ? fdget_pos+0x246/0x320
[ 2276.338835][T12537]  ? __pfx___mutex_lock+0x10/0x10
[ 2276.338847][T12537]  ? __pfx_vfs_read+0x10/0x10
[ 2276.338857][T12537]  ? __fget_files+0x2a/0x420
[ 2276.338872][T12537]  ? __fget_files+0x3a0/0x420
[ 2276.338884][T12537]  ? __fget_files+0x2a/0x420
[ 2276.338901][T12537]  ksys_read+0x150/0x270
[ 2276.338912][T12537]  ? __pfx_ksys_read+0x10/0x10
[ 2276.338927][T12537]  do_syscall_64+0x14d/0xf80
[ 2276.338936][T12537]  ? trace_irq_disable+0x3b/0x150
[ 2276.338950][T12537]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2276.338960][T12537]  ? clear_bhb_loop+0x40/0x90
[ 2276.338971][T12537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2276.338980][T12537] RIP: 0033:0x7fd73615cfce
[ 2276.338991][T12537] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 2276.338998][T12537] RSP: 002b:00007fd736fd9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2276.339009][T12537] RAX: ffffffffffffffda RBX: 00007fd736fda6c0 RCX: 00007fd73615cfce
[ 2276.339016][T12537] RDX: 000000000000000f RSI: 00007fd736fda0a0 RDI: 000000000000000a
[ 2276.339022][T12537] RBP: 00007fd736fda090 R08: 0000000000000000 R09: 0000000000000000
[ 2276.339028][T12537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2276.339033][T12537] R13: 00007fd736416128 R14: 00007fd736416090 R15: 00007fd73653fa48
[ 2276.339047][T12537]  </TASK>
[ 2276.346918][   T10] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 2276.659339][   T10] usb 4-1: Using ep0 maxpacket: 32
[ 2276.666079][   T10] usb 4-1: config 0 has an invalid interface number: 188 but max is 0
[ 2276.676048][   T10] usb 4-1: config 0 has no interface number 0
[ 2276.682618][   T10] usb 4-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 2276.700161][   T10] usb 4-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 2276.717053][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2276.725087][   T10] usb 4-1: Product: syz
[ 2276.759556][   T10] usb 4-1: Manufacturer: syz
[ 2276.774554][   T10] usb 4-1: SerialNumber: syz
[ 2276.817181][   T10] usb 4-1: config 0 descriptor??
[ 2276.828036][T12534] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 2276.857230][ T7223] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[ 2277.008427][ T7223] usb 1-1: Using ep0 maxpacket: 16
[ 2277.061340][T12534] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 2277.626094][ T7223] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2277.672050][ T7223] usb 1-1: no configurations
[ 2277.686797][ T7223] usb 1-1: can't read configurations, error -22
[ 2278.051131][   T29] kauditd_printk_skb: 55 callbacks suppressed
[ 2278.051148][   T29] audit: type=1326 audit(1773626546.251:4833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.6.10626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2278.086474][   T29] audit: type=1326 audit(1773626546.251:4834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.6.10626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2278.110296][   T29] audit: type=1326 audit(1773626546.251:4835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.6.10626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2278.136148][   T29] audit: type=1326 audit(1773626546.251:4836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.6.10626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2278.162793][   T29] audit: type=1326 audit(1773626546.251:4837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.6.10626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2278.214442][   T29] audit: type=1326 audit(1773626546.261:4838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.6.10626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2278.241417][   T29] audit: type=1326 audit(1773626546.261:4839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.6.10626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2278.280318][   T29] audit: type=1326 audit(1773626546.261:4840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.6.10626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2278.305292][   T29] audit: type=1326 audit(1773626546.281:4841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.6.10626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2278.328112][   T29] audit: type=1326 audit(1773626546.281:4842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.6.10626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73619c799 code=0x7ffc0000
[ 2279.176736][ T7586] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 2279.316880][ T7586] usb 2-1: device descriptor read/64, error -71
[ 2279.337764][   T10] asix 4-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2279.356049][   T10] asix 4-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 2279.373862][   T10] asix 4-1:0.188: probe with driver asix failed with error -71
[ 2279.404836][   T10] usb 4-1: USB disconnect, device number 18
[ 2279.436942][ T5911] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[ 2279.598035][ T7586] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 2279.636725][ T5911] usb 1-1: Using ep0 maxpacket: 16
[ 2279.751593][T12594] fuse: Unknown parameter '0x0000000000000004'
[ 2279.769368][ T7586] usb 2-1: device descriptor read/64, error -71
[ 2279.896970][ T7586] usb usb2-port1: attempt power cycle
[ 2280.236770][ T7586] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 2280.277352][ T7586] usb 2-1: device descriptor read/8, error -71
[ 2280.328959][ T5911] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2280.362661][ T5911] usb 1-1: no configurations
[ 2280.374031][ T5911] usb 1-1: can't read configurations, error -22
[ 2280.537003][ T7586] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 2280.577794][ T7586] usb 2-1: device descriptor read/8, error -71
[ 2280.687228][ T7586] usb usb2-port1: unable to enumerate USB device
[ 2280.936928][   T10] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[ 2281.106747][   T10] usb 3-1: Using ep0 maxpacket: 16
[ 2281.122815][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 2281.165332][   T10] usb 3-1: config 2 has an invalid interface number: 200 but max is 0
[ 2281.193809][T12630] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10646'.
[ 2281.203246][   T10] usb 3-1: config 2 has no interface number 0
[ 2281.234343][ T7621] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2281.249417][   T10] usb 3-1: config 2 interface 200 has no altsetting 0
[ 2281.302045][   T10] usb 3-1: New USB device found, idVendor=093a, idProduct=260e, bcdDevice=43.53
[ 2281.359978][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2281.437510][   T10] usb 3-1: Product: syz
[ 2281.454244][   T10] usb 3-1: Manufacturer: С
[ 2281.480338][   T10] usb 3-1: SerialNumber: syz
[ 2281.914377][   T10] gspca_main: pac7311-2.14.0 probing 093a:260e
[ 2281.955594][   T10] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71
[ 2281.967291][   T10] pac7311 3-1:2.200: probe with driver pac7311 failed with error -71
[ 2281.978564][   T10] usb 3-1: USB disconnect, device number 65
[ 2282.126921][T19605] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 2282.306739][   T10] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 2282.316743][T19605] usb 4-1: Using ep0 maxpacket: 16
[ 2282.351612][T19605] usb 4-1: config index 0 descriptor too short (expected 51443, got 18)
[ 2282.374337][T12640] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2282.393640][T12640] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 2282.441856][T19605] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 2282.446733][   T10] usb 2-1: device descriptor read/64, error -71
[ 2282.479184][T19605] usb 4-1: New USB device strings: Mfr=14, Product=2, SerialNumber=3
[ 2282.533025][T19605] usb 4-1: Product: syz
[ 2282.558408][T19605] usb 4-1: Manufacturer: syz
[ 2282.583748][T19605] usb 4-1: SerialNumber: syz
[ 2282.696848][   T10] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 2282.899917][   T10] usb 2-1: device descriptor read/64, error -71
[ 2283.071015][   T10] usb usb2-port1: attempt power cycle
[ 2283.131880][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 2283.138291][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 2283.366797][ T5911] tipc: Node number set to 942468228
[ 2283.496803][   T10] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 2283.537724][   T29] kauditd_printk_skb: 45 callbacks suppressed
[ 2283.537740][   T29] audit: type=1326 audit(1773626551.721:4888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.3.10647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcf4979c42b code=0x7ffc0000
[ 2283.581347][   T10] usb 2-1: device descriptor read/8, error -71
[ 2283.632100][T19605] r8152-cfgselector 4-1: Unknown version 0x0000
[ 2283.654749][T19605] r8152-cfgselector 4-1: config 0 descriptor??
[ 2283.664545][   T29] audit: type=1326 audit(1773626551.821:4889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.3.10647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcf4979c42b code=0x7ffc0000
[ 2283.753172][   T29] audit: type=1326 audit(1773626551.941:4890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.3.10647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcf4979c42b code=0x7ffc0000
[ 2283.837236][   T10] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 2283.845780][   T29] audit: type=1326 audit(1773626551.941:4891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.3.10647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcf4979c42b code=0x7ffc0000
[ 2283.876953][   T10] usb 2-1: device descriptor read/8, error -71
[ 2283.958240][   T29] audit: type=1326 audit(1773626551.941:4892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.3.10647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcf4979c42b code=0x7ffc0000
[ 2284.017220][   T10] usb usb2-port1: unable to enumerate USB device
[ 2284.065802][   T29] audit: type=1326 audit(1773626551.941:4893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.3.10647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf4975cfce code=0x7ffc0000
[ 2284.170618][   T29] audit: type=1326 audit(1773626552.351:4894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.3.10647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4979c799 code=0x7ffc0000
[ 2284.277150][   T29] audit: type=1326 audit(1773626552.351:4895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.3.10647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4979c799 code=0x7ffc0000
[ 2284.350828][   T29] audit: type=1326 audit(1773626552.411:4896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12632 comm="syz.3.10647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcf4979c42b code=0x7ffc0000
[ 2284.678229][ T5911] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[ 2284.836799][ T5911] usb 7-1: Using ep0 maxpacket: 16
[ 2284.986795][T19605] usb 1-1: new high-speed USB device number 101 using dummy_hcd
[ 2285.156734][T19605] usb 1-1: Using ep0 maxpacket: 32
[ 2285.170194][T19605] usb 1-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c
[ 2285.180599][T19605] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2285.189225][T19605] usb 1-1: Product: syz
[ 2285.198164][T19605] usb 1-1: Manufacturer: syz
[ 2285.211710][T19605] usb 1-1: SerialNumber: syz
[ 2285.221386][T19605] usb 1-1: config 0 descriptor??
[ 2285.232243][T19605] gspca_main: gspca_topro-2.14.0 probing 06a2:0003
[ 2285.351537][T12678] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10660'.
[ 2285.439361][ T5911] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2285.470502][ T5911] usb 7-1: no configurations
[ 2285.475247][ T5911] usb 7-1: can't read configurations, error -22
[ 2285.816777][ T5911] usb 7-1: new high-speed USB device number 41 using dummy_hcd
[ 2285.990685][ T5911] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 2286.002129][ T5911] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2286.016544][ T5911] usb 7-1: Product: syz
[ 2286.027876][ T5911] usb 7-1: Manufacturer: syz
[ 2286.035438][ T5911] usb 7-1: SerialNumber: syz
[ 2286.165920][   T42] r8152-cfgselector 4-1: USB disconnect, device number 19
[ 2286.474864][ T7223] IPVS: starting estimator thread 0...
[ 2286.495346][T12667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2286.532267][ T5911] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[ 2286.545035][T12667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2286.607483][T19605] gspca_topro: reg_w err -71
[ 2286.614735][ T5911] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPROTO
[ 2286.626383][T12695] IPVS: using max 59 ests per chain, 141600 per kthread
[ 2286.676216][ T5911] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[ 2286.688851][T19605] gspca_topro: Sensor soi763a
[ 2286.702502][T19605] usb 1-1: USB disconnect, device number 101
[ 2286.709983][T12702] FAULT_INJECTION: forcing a failure.
[ 2286.709983][T12702] name failslab, interval 1, probability 0, space 0, times 0
[ 2286.722862][ T5911] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 2286.741793][T12702] CPU: 1 UID: 0 PID: 12702 Comm: syz.2.10667 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2286.741817][T12702] Tainted: [L]=SOFTLOCKUP
[ 2286.741823][T12702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2286.741832][T12702] Call Trace:
[ 2286.741839][T12702]  <TASK>
[ 2286.741846][T12702]  dump_stack_lvl+0xe8/0x150
[ 2286.741871][T12702]  should_fail_ex+0x412/0x560
[ 2286.741896][T12702]  should_failslab+0xa8/0x100
[ 2286.741915][T12702]  __kmalloc_noprof+0xe8/0x760
[ 2286.741931][T12702]  ? security_prepare_creds+0x52/0x360
[ 2286.741952][T12702]  security_prepare_creds+0x52/0x360
[ 2286.741972][T12702]  prepare_creds+0x57d/0x820
[ 2286.741991][T12702]  copy_creds+0x10e/0xa30
[ 2286.742012][T12702]  copy_process+0x904/0x3cd0
[ 2286.742036][T12702]  ? kstrtoull+0x12f/0x1d0
[ 2286.742058][T12702]  ? kstrtouint+0x6e/0xe0
[ 2286.742082][T12702]  ? get_pid_task+0x20/0x1f0
[ 2286.742099][T12702]  ? __pfx_copy_process+0x10/0x10
[ 2286.742120][T12702]  ? get_pid_task+0x20/0x1f0
[ 2286.742133][T12702]  ? get_pid_task+0x20/0x1f0
[ 2286.742153][T12702]  kernel_clone+0x248/0x8e0
[ 2286.742180][T12702]  ? __pfx_kernel_clone+0x10/0x10
[ 2286.742208][T12702]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 2286.742232][T12702]  __x64_sys_clone+0x1b6/0x230
[ 2286.742256][T12702]  ? __pfx___x64_sys_clone+0x10/0x10
[ 2286.742289][T12702]  ? __pfx_ksys_write+0x10/0x10
[ 2286.742315][T12702]  do_syscall_64+0x14d/0xf80
[ 2286.742332][T12702]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2286.742348][T12702]  ? clear_bhb_loop+0x40/0x90
[ 2286.742366][T12702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2286.742382][T12702] RIP: 0033:0x7f7da3f9c799
[ 2286.742398][T12702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2286.742411][T12702] RSP: 002b:00007f7da4f00fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 2286.742429][T12702] RAX: ffffffffffffffda RBX: 00007f7da4215fa0 RCX: 00007f7da3f9c799
[ 2286.742440][T12702] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[ 2286.742449][T12702] RBP: 00007f7da4f01090 R08: 0000000000000000 R09: 0000000000000000
[ 2286.742459][T12702] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 2286.742468][T12702] R13: 00007f7da4216038 R14: 00007f7da4215fa0 R15: 00007f7da433fa48
[ 2286.742493][T12702]  </TASK>
[ 2286.743150][ T5911] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 2287.244048][T12706] FAULT_INJECTION: forcing a failure.
[ 2287.244048][T12706] name failslab, interval 1, probability 0, space 0, times 0
[ 2287.257170][T12706] CPU: 0 UID: 0 PID: 12706 Comm: syz.2.10668 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2287.257196][T12706] Tainted: [L]=SOFTLOCKUP
[ 2287.257202][T12706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2287.257211][T12706] Call Trace:
[ 2287.257218][T12706]  <TASK>
[ 2287.257225][T12706]  dump_stack_lvl+0xe8/0x150
[ 2287.257252][T12706]  should_fail_ex+0x412/0x560
[ 2287.257278][T12706]  should_failslab+0xa8/0x100
[ 2287.257298][T12706]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 2287.257317][T12706]  ? __alloc_skb+0x1d0/0x7d0
[ 2287.257332][T12706]  ? __local_bh_enable_ip+0xd0/0x130
[ 2287.257356][T12706]  __alloc_skb+0x1d0/0x7d0
[ 2287.257375][T12706]  __ip6_append_data+0x2a44/0x3c50
[ 2287.257408][T12706]  ? __pfx_raw6_getfrag+0x10/0x10
[ 2287.257445][T12706]  ? __pfx___ip6_append_data+0x10/0x10
[ 2287.257461][T12706]  ? ip6_setup_cork+0x544/0xf30
[ 2287.257477][T12706]  ? ip6_append_data+0x1b7/0x280
[ 2287.257495][T12706]  ip6_append_data+0x10f/0x280
[ 2287.257513][T12706]  ? __pfx_raw6_getfrag+0x10/0x10
[ 2287.257533][T12706]  rawv6_sendmsg+0x12d3/0x18e0
[ 2287.257563][T12706]  ? __pfx_rawv6_sendmsg+0x10/0x10
[ 2287.257599][T12706]  ? aa_sk_perm+0x6d5/0x900
[ 2287.257628][T12706]  ? __pfx_aa_sk_perm+0x10/0x10
[ 2287.257650][T12706]  ? sock_rps_record_flow+0x19/0x400
[ 2287.257670][T12706]  ? inet_sendmsg+0x2f4/0x370
[ 2287.257686][T12706]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2287.257707][T12706]  ____sys_sendmsg+0x80a/0x9f0
[ 2287.257733][T12706]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2287.257759][T12706]  ? import_iovec+0x73/0xa0
[ 2287.257780][T12706]  ___sys_sendmsg+0x2a5/0x360
[ 2287.257802][T12706]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2287.257825][T12706]  ? kstrtouint+0x6e/0xe0
[ 2287.257868][T12706]  ? __fget_files+0x2a/0x420
[ 2287.257887][T12706]  ? __fget_files+0x3a0/0x420
[ 2287.257915][T12706]  __sys_sendmmsg+0x27c/0x4e0
[ 2287.257937][T12706]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2287.257952][T12706]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 2287.257993][T12706]  ? ksys_write+0x242/0x270
[ 2287.258012][T12706]  ? __pfx_ksys_write+0x10/0x10
[ 2287.258035][T12706]  __x64_sys_sendmmsg+0xa0/0xc0
[ 2287.258054][T12706]  do_syscall_64+0x14d/0xf80
[ 2287.258070][T12706]  ? trace_irq_disable+0x3b/0x150
[ 2287.258091][T12706]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2287.258107][T12706]  ? clear_bhb_loop+0x40/0x90
[ 2287.258127][T12706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2287.258142][T12706] RIP: 0033:0x7f7da3f9c799
[ 2287.258158][T12706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2287.258172][T12706] RSP: 002b:00007f7da4f01028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2287.258190][T12706] RAX: ffffffffffffffda RBX: 00007f7da4215fa0 RCX: 00007f7da3f9c799
[ 2287.258201][T12706] RDX: 0000000000000001 RSI: 0000200000000500 RDI: 0000000000000003
[ 2287.258211][T12706] RBP: 00007f7da4f01090 R08: 0000000000000000 R09: 0000000000000000
[ 2287.258221][T12706] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[ 2287.258231][T12706] R13: 00007f7da4216038 R14: 00007f7da4215fa0 R15: 00007f7da433fa48
[ 2287.258258][T12706]  </TASK>
[ 2287.737496][ T5911] lan78xx 7-1:1.0: probe with driver lan78xx failed with error -71
[ 2287.821843][ T5911] usb 7-1: USB disconnect, device number 41
[ 2287.835311][T12716] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10672'.
[ 2287.838405][T22272] IPVS: stop unused estimator thread 0...
[ 2288.057875][   T42] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[ 2288.151319][T12729] FAULT_INJECTION: forcing a failure.
[ 2288.151319][T12729] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2288.166005][T12729] CPU: 1 UID: 0 PID: 12729 Comm: syz.1.10676 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2288.166023][T12729] Tainted: [L]=SOFTLOCKUP
[ 2288.166027][T12729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2288.166032][T12729] Call Trace:
[ 2288.166037][T12729]  <TASK>
[ 2288.166042][T12729]  dump_stack_lvl+0xe8/0x150
[ 2288.166060][T12729]  should_fail_ex+0x412/0x560
[ 2288.166084][T12729]  _copy_from_iter+0x1d3/0x1670
[ 2288.166099][T12729]  ? trace_kmem_cache_alloc+0x29/0xf0
[ 2288.166114][T12729]  ? __pfx__copy_from_iter+0x10/0x10
[ 2288.166129][T12729]  ? skb_page_frag_refill+0x1be/0x310
[ 2288.166145][T12729]  tcp_sendmsg_locked+0x2151/0x5490
[ 2288.166180][T12729]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 2288.166195][T12729]  ? tcp_sendmsg+0x21/0x50
[ 2288.166206][T12729]  ? __local_bh_enable_ip+0xd0/0x130
[ 2288.166220][T12729]  ? __pfx_inet_sendmsg+0x10/0x10
[ 2288.166231][T12729]  tcp_sendmsg+0x2f/0x50
[ 2288.166242][T12729]  __sys_sendto+0x5de/0x710
[ 2288.166253][T12729]  ? __pfx___sys_sendto+0x10/0x10
[ 2288.166261][T12729]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 2288.166278][T12729]  ? __fget_files+0x3a0/0x420
[ 2288.166297][T12729]  ? ksys_write+0x242/0x270
[ 2288.166308][T12729]  ? __pfx_ksys_write+0x10/0x10
[ 2288.166320][T12729]  __x64_sys_sendto+0xde/0x100
[ 2288.166331][T12729]  do_syscall_64+0x14d/0xf80
[ 2288.166340][T12729]  ? trace_irq_disable+0x3b/0x150
[ 2288.166354][T12729]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2288.166363][T12729]  ? clear_bhb_loop+0x40/0x90
[ 2288.166374][T12729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2288.166384][T12729] RIP: 0033:0x7f09e2d9c799
[ 2288.166393][T12729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2288.166401][T12729] RSP: 002b:00007f09e3d32028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 2288.166412][T12729] RAX: ffffffffffffffda RBX: 00007f09e3015fa0 RCX: 00007f09e2d9c799
[ 2288.166418][T12729] RDX: 0000000000000381 RSI: 00002000000004c0 RDI: 0000000000000003
[ 2288.166424][T12729] RBP: 00007f09e3d32090 R08: 0000000000000000 R09: 0000000000000000
[ 2288.166430][T12729] R10: 0000000000000805 R11: 0000000000000246 R12: 0000000000000001
[ 2288.166436][T12729] R13: 00007f09e3016038 R14: 00007f09e3015fa0 R15: 00007f09e313fa48
[ 2288.166450][T12729]  </TASK>
[ 2288.393895][ T5911] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[ 2288.636827][   T42] usb 3-1: Using ep0 maxpacket: 16
[ 2288.706773][ T5911] usb 7-1: Using ep0 maxpacket: 16
[ 2288.716057][ T5911] usb 7-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[ 2288.750811][ T5911] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2288.774213][ T5911] usb 7-1: Product: syz
[ 2288.784226][ T5911] usb 7-1: Manufacturer: syz
[ 2288.794791][ T5911] usb 7-1: SerialNumber: syz
[ 2288.814182][ T5911] usb 7-1: config 0 descriptor??
[ 2288.834314][ T5911] as10x_usb: device has been detected
[ 2288.848541][ T5911] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[ 2288.884845][ T5911] usb 7-1: DVB: registering adapter 3 frontend 0 (Sky IT Digital Key (green led))...
[ 2288.967955][ T5911] as10x_usb: error during firmware upload part1
[ 2288.976752][ T7223] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 2289.003903][ T5911] Registered device Sky IT Digital Key (green led)
[ 2289.095877][T12703] random: crng reseeded on system resumption
[ 2289.147069][ T7223] usb 2-1: Using ep0 maxpacket: 32
[ 2289.161769][ T7223] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2289.190359][ T7223] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2289.200966][ T7223] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2289.216507][ T7223] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2289.255981][ T7223] usb 2-1: config 0 descriptor??
[ 2289.273399][   T10] usb 7-1: USB disconnect, device number 42
[ 2289.281773][ T7223] hub 2-1:0.0: USB hub found
[ 2289.310987][   T10] Unregistered device Sky IT Digital Key (green led)
[ 2289.314644][   T10] as10x_usb: device has been disconnected
[ 2289.416346][T12747] loop5: detected capacity change from 0 to 7
[ 2289.428489][ T5890] Dev loop5: unable to read RDB block 7
[ 2289.435114][ T5890]  loop5: AHDI p1 p2 p3
[ 2289.452120][ T5890] loop5: partition table partially beyond EOD, truncated
[ 2289.470247][ T5890] loop5: p1 start 926365495 is beyond EOD, truncated
[ 2289.471353][ T7223] hub 2-1:0.0: 26 ports detected
[ 2289.486721][ T5890] loop5: p2 start 1702059890 is beyond EOD, truncated
[ 2289.488293][ T7223] hub 2-1:0.0: insufficient power available to use all downstream ports
[ 2289.503421][T12747] Dev loop5: unable to read RDB block 7
[ 2289.510155][T12747]  loop5: AHDI p1 p2 p3
[ 2289.518027][T12747] loop5: partition table partially beyond EOD, truncated
[ 2289.528653][T12747] loop5: p1 start 926365495 is beyond EOD, truncated
[ 2289.535777][T12747] loop5: p2 start 1702059890 is beyond EOD, truncated
[ 2289.903765][T12737] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10677'.
[ 2289.950204][T12737] : entered promiscuous mode
[ 2290.277037][T12774] binder: 12771:12774 ioctl c0306201 0 returned -14
[ 2290.418239][T12774] syz.0.10690 (12774): drop_caches: 2
[ 2290.528533][ T7223] usb 2-1: USB disconnect, device number 50
[ 2290.810382][   T42] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 2290.859252][   T42] usb 3-1: no configurations
[ 2290.884166][   T42] usb 3-1: can't read configurations, error -22
[ 2290.977164][T12783] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10694'.
[ 2291.126039][T12790] FAULT_INJECTION: forcing a failure.
[ 2291.126039][T12790] name failslab, interval 1, probability 0, space 0, times 0
[ 2291.161772][T12790] CPU: 0 UID: 0 PID: 12790 Comm: syz.1.10697 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2291.161799][T12790] Tainted: [L]=SOFTLOCKUP
[ 2291.161804][T12790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2291.161813][T12790] Call Trace:
[ 2291.161820][T12790]  <TASK>
[ 2291.161828][T12790]  dump_stack_lvl+0xe8/0x150
[ 2291.161855][T12790]  should_fail_ex+0x412/0x560
[ 2291.161882][T12790]  should_failslab+0xa8/0x100
[ 2291.161903][T12790]  __kmalloc_noprof+0xe8/0x760
[ 2291.161922][T12790]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2291.161949][T12790]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2291.161980][T12790]  ? tomoyo_path_number_perm+0x219/0x630
[ 2291.162000][T12790]  tomoyo_path_number_perm+0x246/0x630
[ 2291.162021][T12790]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2291.162043][T12790]  ? __lock_acquire+0x6b5/0x2cf0
[ 2291.162073][T12790]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 2291.162109][T12790]  ? __fget_files+0x2a/0x420
[ 2291.162132][T12790]  ? __fget_files+0x2a/0x420
[ 2291.162151][T12790]  ? __fget_files+0x3a0/0x420
[ 2291.162171][T12790]  ? __fget_files+0x2a/0x420
[ 2291.162195][T12790]  security_file_ioctl+0xc3/0x2a0
[ 2291.162216][T12790]  __se_sys_ioctl+0x47/0x170
[ 2291.162237][T12790]  do_syscall_64+0x14d/0xf80
[ 2291.162254][T12790]  ? trace_irq_disable+0x3b/0x150
[ 2291.162274][T12790]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2291.162290][T12790]  ? clear_bhb_loop+0x40/0x90
[ 2291.162309][T12790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2291.162325][T12790] RIP: 0033:0x7f09e2d9c799
[ 2291.162340][T12790] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2291.162354][T12790] RSP: 002b:00007f09e3d32028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2291.162371][T12790] RAX: ffffffffffffffda RBX: 00007f09e3015fa0 RCX: 00007f09e2d9c799
[ 2291.162383][T12790] RDX: 0000000000000000 RSI: 000000004004743a RDI: 0000000000000005
[ 2291.162393][T12790] RBP: 00007f09e3d32090 R08: 0000000000000000 R09: 0000000000000000
[ 2291.162403][T12790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2291.162413][T12790] R13: 00007f09e3016038 R14: 00007f09e3015fa0 R15: 00007f09e313fa48
[ 2291.162439][T12790]  </TASK>
[ 2291.162781][T12790] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2291.687686][ T5911] usb 7-1: new high-speed USB device number 43 using dummy_hcd
[ 2291.726767][ T7223] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 2291.872631][ T5911] usb 7-1: Using ep0 maxpacket: 16
[ 2291.876914][ T7223] usb 2-1: Using ep0 maxpacket: 16
[ 2291.887428][ T5911] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 2291.896762][   T10] usb 1-1: new high-speed USB device number 102 using dummy_hcd
[ 2291.909206][ T7223] usb 2-1: config 5 has an invalid interface number: 168 but max is 0
[ 2291.917588][ T5911] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 2291.928570][ T7223] usb 2-1: config 5 has no interface number 0
[ 2291.933976][ T5911] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 2291.937308][ T7223] usb 2-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[ 2291.944318][ T5911] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2291.958121][ T7223] usb 2-1: config 5 interface 168 altsetting 7 bulk endpoint 0x8B has invalid maxpacket 1024
[ 2291.975541][ T5911] usb 7-1: Product: syz
[ 2291.977889][ T7223] usb 2-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0x23, changing to 0x3
[ 2291.985467][ T5911] usb 7-1: Manufacturer: syz
[ 2291.993137][ T7223] usb 2-1: config 5 interface 168 altsetting 7 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2292.008154][ T7223] usb 2-1: config 5 interface 168 has no altsetting 0
[ 2292.018138][ T7223] usb 2-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[ 2292.027502][ T7223] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2292.035670][ T7223] usb 2-1: Product: syz
[ 2292.040507][ T7223] usb 2-1: Manufacturer: syz
[ 2292.045116][ T7223] usb 2-1: SerialNumber: syz
[ 2292.050717][ T5911] usb 7-1: SerialNumber: syz
[ 2292.054692][T12795] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 2292.066742][   T10] usb 1-1: Using ep0 maxpacket: 16
[ 2292.076047][ T5911] usb 7-1: config 0 descriptor??
[ 2292.095784][ T5911] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 2292.113013][ T5911] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class)
[ 2292.342106][T12795] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 2292.698808][ T5911] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[ 2292.705823][ T5911] em28xx 7-1:0.0: Config register raw data: 0xfffffffb
[ 2293.317229][ T5911] em28xx 7-1:0.0: Unknown AC97 audio processor detected!
[ 2293.331774][ T5911] em28xx 7-1:0.0: couldn't setup AC97 register 2
[ 2293.553708][ T5911] em28xx 7-1:0.0: couldn't setup AC97 register 4
[ 2293.561443][ T5911] em28xx 7-1:0.0: couldn't setup AC97 register 6
[ 2293.568880][ T5911] em28xx 7-1:0.0: couldn't setup AC97 register 54
[ 2293.576203][ T5911] em28xx 7-1:0.0: couldn't setup AC97 register 56
[ 2293.635061][T12832] FAULT_INJECTION: forcing a failure.
[ 2293.635061][T12832] name failslab, interval 1, probability 0, space 0, times 0
[ 2293.649141][T12832] CPU: 0 UID: 0 PID: 12832 Comm: syz.3.10713 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2293.649167][T12832] Tainted: [L]=SOFTLOCKUP
[ 2293.649174][T12832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2293.649183][T12832] Call Trace:
[ 2293.649191][T12832]  <TASK>
[ 2293.649199][T12832]  dump_stack_lvl+0xe8/0x150
[ 2293.649227][T12832]  should_fail_ex+0x412/0x560
[ 2293.649256][T12832]  should_failslab+0xa8/0x100
[ 2293.649279][T12832]  __kmalloc_noprof+0xe8/0x760
[ 2293.649298][T12832]  ? io_cache_alloc_new+0x40/0x100
[ 2293.649318][T12832]  ? __io_alloc_req_refill+0x2a7/0x360
[ 2293.649343][T12832]  io_cache_alloc_new+0x40/0x100
[ 2293.649365][T12832]  io_msg_alloc_async+0x212/0x380
[ 2293.649388][T12832]  io_sendmsg_prep+0x344/0x5f0
[ 2293.649412][T12832]  io_submit_sqes+0xb6d/0x2400
[ 2293.649454][T12832]  __se_sys_io_uring_enter+0x2cc/0x18c0
[ 2293.649470][T12832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2293.649489][T12832]  ? __fget_files+0x3a0/0x420
[ 2293.649508][T12832]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[ 2293.649523][T12832]  ? fput+0xa0/0xd0
[ 2293.649542][T12832]  ? ksys_write+0x242/0x270
[ 2293.649557][T12832]  ? __pfx_ksys_write+0x10/0x10
[ 2293.649573][T12832]  ? __x64_sys_io_uring_enter+0x21/0xf0
[ 2293.649587][T12832]  do_syscall_64+0x14d/0xf80
[ 2293.649601][T12832]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2293.649612][T12832]  ? clear_bhb_loop+0x40/0x90
[ 2293.649628][T12832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2293.649640][T12832] RIP: 0033:0x7fcf4979c799
[ 2293.649653][T12832] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2293.649667][T12832] RSP: 002b:00007fcf4a697028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2293.649688][T12832] RAX: ffffffffffffffda RBX: 00007fcf49a16180 RCX: 00007fcf4979c799
[ 2293.649696][T12832] RDX: 0000000000000000 RSI: 0000000000003516 RDI: 0000000000000005
[ 2293.649704][T12832] RBP: 00007fcf4a697090 R08: 0000000000000000 R09: 0000000000000000
[ 2293.649712][T12832] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000001
[ 2293.649719][T12832] R13: 00007fcf49a16218 R14: 00007fcf49a16180 R15: 00007fcf49b3fa48
[ 2293.649739][T12832]  </TASK>
[ 2293.994445][ T5911] em28xx 7-1:0.0: couldn't setup AC97 register 2
[ 2294.002681][ T5911] em28xx 7-1:0.0: couldn't setup AC97 register 4
[ 2294.010504][ T5911] em28xx 7-1:0.0: couldn't setup AC97 register 6
[ 2294.016990][ T5911] em28xx 7-1:0.0: couldn't setup AC97 register 54
[ 2294.023424][ T5911] em28xx 7-1:0.0: couldn't setup AC97 register 56
[ 2294.044998][ T5911] usb 7-1: USB disconnect, device number 43
[ 2294.503341][ T7223] pn533_usb 2-1:5.168: NFC: Could not find bulk-in or bulk-out endpoint
[ 2294.537913][ T7223] usb 2-1: USB disconnect, device number 51
[ 2294.688934][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2294.708165][   T10] usb 1-1: no configurations
[ 2294.712810][   T10] usb 1-1: can't read configurations, error -22
[ 2294.803399][T12848] bridge0: port 3(vlan0) entered blocking state
[ 2294.810510][T12848] bridge0: port 3(vlan0) entered disabled state
[ 2294.817392][T12848] vlan0: entered allmulticast mode
[ 2294.828157][T12848] geneve0: entered allmulticast mode
[ 2294.836397][T12848] vlan0: entered promiscuous mode
[ 2294.841803][T12848] geneve0: entered promiscuous mode
[ 2294.909369][T12855] netlink: 212356 bytes leftover after parsing attributes in process `syz.6.10721'.
[ 2295.075056][T12863] xt_hashlimit: size too large, truncated to 1048576
[ 2295.163706][T12866] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10725'.
[ 2295.198589][T12866] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10725'.
[ 2295.254472][T12866] bridge0: entered promiscuous mode
[ 2295.261821][T12866] ip6gretap0: entered promiscuous mode
[ 2295.336778][   T10] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[ 2295.386907][    C1] 
[ 2295.389275][    C1] ============================================
[ 2295.395409][    C1] WARNING: possible recursive locking detected
[ 2295.401603][    C1] syzkaller #0 Tainted: G             L     
[ 2295.407565][    C1] --------------------------------------------
[ 2295.413693][    C1] syz.1.10720/12853 is trying to acquire lock:
[ 2295.419824][    C1] ffff888056898f70 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x237/0x360
[ 2295.428967][    C1] 
[ 2295.428967][    C1] but task is already holding lock:
[ 2295.436335][    C1] ffff888024b76f70 (&hsr->seqnr_lock){+.-.}-{3:3}, at: send_hsr_supervision_frame+0x380/0xcb0
[ 2295.446582][    C1] 
[ 2295.446582][    C1] other info that might help us debug this:
[ 2295.454632][    C1]  Possible unsafe locking scenario:
[ 2295.454632][    C1] 
[ 2295.462135][    C1]        CPU0
[ 2295.465398][    C1]        ----
[ 2295.468707][    C1]   lock(&hsr->seqnr_lock);
[ 2295.473196][    C1]   lock(&hsr->seqnr_lock);
[ 2295.477693][    C1] 
[ 2295.477693][    C1]  *** DEADLOCK ***
[ 2295.477693][    C1] 
[ 2295.485819][    C1]  May be due to missing lock nesting notation
[ 2295.485819][    C1] 
[ 2295.494118][    C1] 9 locks held by syz.1.10720/12853:
[ 2295.499382][    C1]  #0: ffff8880216ea038 (&u->iolock){+.+.}-{4:4}, at: __unix_dgram_recvmsg+0x1e2/0xd50
[ 2295.509096][    C1]  #1: ffffc90000a08ce0 ((&hsr->announce_timer)){+.-.}-{0:0}, at: call_timer_fn+0xd4/0x640
[ 2295.519090][    C1]  #2: ffffffff8e75e520 (rcu_read_lock){....}-{1:3}, at: hsr_announce+0x89/0x370
[ 2295.528213][    C1]  #3: ffff888024b76f70 (&hsr->seqnr_lock){+.-.}-{3:3}, at: send_hsr_supervision_frame+0x380/0xcb0
[ 2295.538898][    C1]  #4: ffffffff8e75e520 (rcu_read_lock){....}-{1:3}, at: hsr_forward_skb+0xb3/0x2860
[ 2295.548370][    C1]  #5: ffffffff8e75e580 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x277/0x3890
[ 2295.558272][    C1]  #6: ffffffff8e75e520 (rcu_read_lock){....}-{1:3}, at: br_dev_xmit+0x193/0x1980
[ 2295.567574][    C1]  #7: ffffffff8e75e580 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x277/0x3890
[ 2295.577487][    C1]  #8: ffffffff8e75e520 (rcu_read_lock){....}-{1:3}, at: hsr_dev_xmit+0x2d/0x360
[ 2295.586616][    C1] 
[ 2295.586616][    C1] stack backtrace:
[ 2295.592495][    C1] CPU: 1 UID: 0 PID: 12853 Comm: syz.1.10720 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2295.592516][    C1] Tainted: [L]=SOFTLOCKUP
[ 2295.592521][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2295.592531][    C1] Call Trace:
[ 2295.592537][    C1]  <IRQ>
[ 2295.592544][    C1]  dump_stack_lvl+0xe8/0x150
[ 2295.592566][    C1]  print_deadlock_bug+0x279/0x290
[ 2295.592588][    C1]  __lock_acquire+0x253f/0x2cf0
[ 2295.592607][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 2295.592632][    C1]  lock_acquire+0xf0/0x2e0
[ 2295.592647][    C1]  ? hsr_dev_xmit+0x237/0x360
[ 2295.592667][    C1]  ? hsr_dev_xmit+0x237/0x360
[ 2295.592684][    C1]  _raw_spin_lock_bh+0x36/0x50
[ 2295.592764][    C1]  ? hsr_dev_xmit+0x237/0x360
[ 2295.592781][    C1]  hsr_dev_xmit+0x237/0x360
[ 2295.592798][    C1]  ? hsr_dev_xmit+0x2d/0x360
[ 2295.592815][    C1]  dev_hard_start_xmit+0x2d8/0x870
[ 2295.592835][    C1]  __dev_queue_xmit+0x16d1/0x3890
[ 2295.592854][    C1]  ? __dev_queue_xmit+0x277/0x3890
[ 2295.592869][    C1]  ? lockdep_hardirqs_on+0x7a/0x110
[ 2295.592883][    C1]  ? ebt_do_table+0x2665/0x2830
[ 2295.592951][    C1]  ? ebt_do_table+0x2665/0x2830
[ 2295.592971][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 2295.592992][    C1]  ? br_nf_post_routing+0x219/0xfe0
[ 2295.593012][    C1]  br_dev_queue_push_xmit+0x370/0x4a0
[ 2295.593030][    C1]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[ 2295.593045][    C1]  NF_HOOK+0x360/0x3f0
[ 2295.593061][    C1]  ? NF_HOOK+0xa2/0x3f0
[ 2295.593075][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 2295.593088][    C1]  ? lock_acquire+0x20b/0x2e0
[ 2295.593105][    C1]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[ 2295.593124][    C1]  br_forward_finish+0xd3/0x130
[ 2295.593139][    C1]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[ 2295.593154][    C1]  ? __pfx_br_forward_finish+0x10/0x10
[ 2295.593170][    C1]  NF_HOOK+0x360/0x3f0
[ 2295.593185][    C1]  ? NF_HOOK+0xa2/0x3f0
[ 2295.593199][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 2295.593214][    C1]  ? __pfx_br_forward_finish+0x10/0x10
[ 2295.593230][    C1]  ? __skb_clone+0x483/0x7a0
[ 2295.593243][    C1]  ? br_handle_vlan+0x61/0x530
[ 2295.593287][    C1]  __br_forward+0x397/0x540
[ 2295.593302][    C1]  ? __pfx_br_forward_finish+0x10/0x10
[ 2295.593318][    C1]  br_flood+0x6ee/0xb80
[ 2295.593336][    C1]  ? br_dev_xmit+0x193/0x1980
[ 2295.593355][    C1]  br_dev_xmit+0x12bd/0x1980
[ 2295.593374][    C1]  ? br_dev_xmit+0x193/0x1980
[ 2295.593394][    C1]  ? __pfx_br_dev_xmit+0x10/0x10
[ 2295.593412][    C1]  ? __skb_get_hash_net+0x13f/0x2e0
[ 2295.593458][    C1]  ? __pfx___skb_get_hash_net+0x10/0x10
[ 2295.593473][    C1]  ? qdisc_pkt_len_segs_init+0x2c4/0x970
[ 2295.593489][    C1]  ? skb_network_protocol+0x234/0x3f0
[ 2295.593505][    C1]  ? __pfx_passthru_features_check+0x10/0x10
[ 2295.593522][    C1]  dev_hard_start_xmit+0x2d8/0x870
[ 2295.593541][    C1]  __dev_queue_xmit+0x16d1/0x3890
[ 2295.593557][    C1]  ? handle_softirqs+0x22a/0x870
[ 2295.593574][    C1]  ? __mutex_lock+0x19f/0x1300
[ 2295.593589][    C1]  ? __dev_queue_xmit+0x277/0x3890
[ 2295.593608][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 2295.593630][    C1]  ? __copy_skb_header+0xa3/0x4a0
[ 2295.593648][    C1]  ? hsr_addr_subst_dest+0x30d/0xa90
[ 2295.593666][    C1]  ? skb_clone+0x246/0x3a0
[ 2295.593681][    C1]  hsr_forward_skb+0x157b/0x2860
[ 2295.593704][    C1]  ? hsr_forward_skb+0xb3/0x2860
[ 2295.593724][    C1]  ? __pfx_hsr_forward_skb+0x10/0x10
[ 2295.593742][    C1]  ? do_raw_spin_lock+0x12b/0x2f0
[ 2295.593757][    C1]  ? __asan_memset+0x22/0x50
[ 2295.593769][    C1]  ? __skb_pad+0x405/0x610
[ 2295.593785][    C1]  send_hsr_supervision_frame+0x731/0xcb0
[ 2295.593807][    C1]  ? __pfx_send_hsr_supervision_frame+0x10/0x10
[ 2295.593826][    C1]  hsr_announce+0x1db/0x370
[ 2295.593843][    C1]  ? hsr_announce+0x89/0x370
[ 2295.593860][    C1]  ? __pfx_hsr_announce+0x10/0x10
[ 2295.593880][    C1]  call_timer_fn+0x192/0x640
[ 2295.593897][    C1]  ? __pfx_hsr_announce+0x10/0x10
[ 2295.593914][    C1]  ? call_timer_fn+0xd4/0x640
[ 2295.593929][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 2295.593948][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2295.593967][    C1]  ? __pfx_hsr_announce+0x10/0x10
[ 2295.593985][    C1]  __run_timer_base+0x652/0x8b0
[ 2295.594000][    C1]  ? ktime_get+0x45/0x200
[ 2295.594014][    C1]  ? __pfx___run_timer_base+0x10/0x10
[ 2295.594031][    C1]  ? sched_clock_cpu+0x74/0x440
[ 2295.594049][    C1]  run_timer_softirq+0xb7/0x170
[ 2295.594065][    C1]  handle_softirqs+0x22a/0x870
[ 2295.594082][    C1]  ? __irq_exit_rcu+0x5f/0x150
[ 2295.594101][    C1]  __irq_exit_rcu+0x5f/0x150
[ 2295.594118][    C1]  irq_exit_rcu+0x9/0x30
[ 2295.594134][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 2295.594148][    C1]  </IRQ>
[ 2295.594153][    C1]  <TASK>
[ 2295.594159][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2295.594174][    C1] RIP: 0010:lock_acquire+0x20b/0x2e0
[ 2295.594191][    C1] Code: e9 30 ff ff ff e8 95 b6 0c 0a f7 c3 00 02 00 00 0f 84 38 ff ff ff 65 48 8b 05 11 74 7a 11 48 3b 44 24 30 75 33 fb 48 83 c4 38 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d 0e 62 73
[ 2295.594205][    C1] RSP: 0018:ffffc9000d127500 EFLAGS: 00000296
[ 2295.594218][    C1] RAX: 310594542fe5ba00 RBX: 0000000000000246 RCX: 0000000080000001
[ 2295.594228][    C1] RDX: 00000000d8d84c00 RSI: ffffffff8e167611 RDI: ffffffff8c27be00
[ 2295.594238][    C1] RBP: 0000000000000000 R08: ffffffff8a4bc562 R09: ffff8880216ea038
[ 2295.594248][    C1] R10: ffffc9000d127640 R11: fffff52001a24ecd R12: 0000000000000000
[ 2295.594257][    C1] R13: ffff8880216ea038 R14: 0000000000000000 R15: 0000000000000001
[ 2295.594268][    C1]  ? __unix_dgram_recvmsg+0x1e2/0xd50
[ 2295.594288][    C1]  __mutex_lock+0x19f/0x1300
[ 2295.594302][    C1]  ? __unix_dgram_recvmsg+0x1e2/0xd50
[ 2295.594319][    C1]  ? __unix_dgram_recvmsg+0x9da/0xd50
[ 2295.594335][    C1]  ? __unix_dgram_recvmsg+0x1e2/0xd50
[ 2295.594350][    C1]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 2295.594365][    C1]  ? __pfx___mutex_lock+0x10/0x10
[ 2295.594380][    C1]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2295.594399][    C1]  __unix_dgram_recvmsg+0x1e2/0xd50
[ 2295.594417][    C1]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[ 2295.594434][    C1]  ? irqentry_exit+0x59e/0x620
[ 2295.594447][    C1]  ? trace_irq_disable+0x3b/0x150
[ 2295.594469][    C1]  ? unix_dgram_recvmsg+0xb1/0xd0
[ 2295.594487][    C1]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[ 2295.594506][    C1]  sock_recvmsg_nosec+0x10c/0x140
[ 2295.594526][    C1]  ____sys_recvmsg+0x3e3/0x4a0
[ 2295.594543][    C1]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 2295.594562][    C1]  ? import_iovec+0x73/0xa0
[ 2295.594576][    C1]  ___sys_recvmsg+0x215/0x590
[ 2295.594590][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 2295.594608][    C1]  ? __pfx____sys_recvmsg+0x10/0x10
[ 2295.594636][    C1]  do_recvmmsg+0x334/0x800
[ 2295.594653][    C1]  ? __pfx_do_recvmmsg+0x10/0x10
[ 2295.594676][    C1]  __x64_sys_recvmmsg+0x198/0x250
[ 2295.594692][    C1]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 2295.594710][    C1]  do_syscall_64+0x14d/0xf80
[ 2295.594725][    C1]  ? trace_irq_disable+0x3b/0x150
[ 2295.594744][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2295.594757][    C1]  ? clear_bhb_loop+0x40/0x90
[ 2295.594772][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2295.594785][    C1] RIP: 0033:0x7f09e2d9c799
[ 2295.594797][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 2295.594808][    C1] RSP: 002b:00007f09e3d11028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 2295.594820][    C1] RAX: ffffffffffffffda RBX: 00007f09e3016090 RCX: 00007f09e2d9c799
[ 2295.594830][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004
[ 2295.594839][    C1] RBP: 00007f09e2e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 2295.594847][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 2295.594855][    C1] R13: 00007f09e3016128 R14: 00007f09e3016090 R15: 00007f09e313fa48
[ 2295.594869][    C1]  </TASK>
[ 2295.595035][ T7223] usb 2-1: new low-speed USB device number 52 using dummy_hcd
[ 2296.196706][   T42] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[ 2296.276679][   T10] usb 1-1: Using ep0 maxpacket: 16
[ 2296.507736][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2296.524353][ T7223] usb 2-1: No LPM exit latency info found, disabling LPM.
[ 2296.535728][ T7223] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 is Bulk; changing to Interrupt
[ 2296.548378][   T42] usb 3-1: Using ep0 maxpacket: 16
[ 2296.557149][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2296.581370][ T7223] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 is Bulk; changing to Interrupt
[ 2296.598405][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 2296.615957][   T10] usb 1-1: New USB device found, idVendor=045e, idProduct=17da, bcdDevice= 0.00
[ 2296.626432][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2296.636174][ T7223] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2296.645273][ T7223] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2296.654268][   T10] usb 1-1: config 0 descriptor??
[ 2296.659321][ T7223] usb 2-1: Product: 
[ 2296.663479][ T7223] usb 2-1: Manufacturer: ➰⢴堳榘厮ʮ浺몪䋛┧뉢∠
[ 2296.671335][ T7223] usb 2-1: SerialNumber: ⮴靆㔯鹡瞓썥⠹긑߳湤꽖ࢦ陶ȳ൷粐豫櫞햽츔
[ 2296.896475][   T29] audit: type=1800 audit(1773626565.091:4897): pid=12853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.10720" name="SYSV00000000" dev="hugetlbfs" ino=5 res=0 errno=0
[ 2297.089802][   T10] hid-generic 0003:045E:17DA.0051: unknown main item tag 0x0
[ 2297.100896][   T10] hid-generic 0003:045E:17DA.0051: unknown main item tag 0x0
[ 2297.108428][   T10] hid-generic 0003:045E:17DA.0051: unknown main item tag 0x0
[ 2297.118045][   T10] hid-generic 0003:045E:17DA.0051: unknown main item tag 0x0
[ 2297.125502][   T10] hid-generic 0003:045E:17DA.0051: unknown main item tag 0x0
[ 2297.133075][   T10] hid-generic 0003:045E:17DA.0051: unknown main item tag 0x0
[ 2297.141031][   T10] hid-generic 0003:045E:17DA.0051: unknown main item tag 0x0
[ 2297.148628][   T10] hid-generic 0003:045E:17DA.0051: unknown main item tag 0x0
[ 2297.156085][   T10] hid-generic 0003:045E:17DA.0051: unknown main item tag 0x0
[ 2297.163645][   T10] hid-generic 0003:045E:17DA.0051: unknown main item tag 0x0
[ 2297.171154][   T10] hid-generic 0003:045E:17DA.0051: unbalanced collection at end of report description
[ 2297.181553][   T10] hid-generic 0003:045E:17DA.0051: probe with driver hid-generic failed with error -22
[ 2297.958224][ T7223] cdc_ncm 2-1:1.0: bind() failure
[ 2297.967266][ T7223] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 2297.974549][ T7223] cdc_ncm 2-1:1.1: bind() failure
[ 2297.984725][ T7223] usb 2-1: USB disconnect, device number 52
[ 2298.315200][ T3843] usb 1-1: USB disconnect, device number 103
[ 2298.393365][   T42] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 2298.401901][   T42] usb 3-1: no configurations
[ 2298.406518][   T42] usb 3-1: can't read configurations, error -22