last executing test programs:

8.666989428s ago: executing program 3 (id=3975):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, 0x0) (fail_nth: 4)

8.603417393s ago: executing program 4 (id=3976):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x3ffe, 0x1, @dev={0xfe, 0x80, '\x00', 0x1c}, 0x3f}, 0x1c)
setsockopt$inet6_tcp_TLS_RX(r0, 0x29, 0x1e, 0x0, 0x0)

8.09841132s ago: executing program 2 (id=3978):
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x54c, 0x268, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xb0, 0x0, "", [{{0x9, 0x4, 0x0, 0x7, 0x19, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x8, 0x3, 0x1, {0x22, 0x29}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0xff, 0xff}}}}}]}}]}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x804, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xfffffffd, 0x0}, 0x6400c810)
sched_setattr(0x0, 0x0, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000040)={@multicast2, @multicast1, 0x2, "4f6fb4d1af0f724e6118ecd4ac1100843af297baebb0efcdf5a284da144a011a"}, 0x3c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x4010, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000240)=0x1)
ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000000)={0x3ff, 0x1, 0x0, "eef1b7de005bd152f35ed734fc000000000000000000000000000000004000", 0x43353039})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'veth1_to_batadv\x00', &(0x7f0000000140)=@ethtool_perm_addr={0x20, 0x1b, "e95bb00f253b79886c6e14f73cd42ff8f7ab4b3d42ff73940674b1"}})
mmap(&(0x7f00003cc000/0x3000)=nil, 0x3000, 0x4, 0x2010, r3, 0x80671000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000000540)=ANY=[])
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="0200000002110000e00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000"], 0x18c)
syz_open_procfs(0x0, &(0x7f0000000100)='gid_map\x00')
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000300)="d800000018008105e00212ba0d8105040a020200020f100b067c55a1bc000900b80006990200000015000500fc038178a80015000338004002000c0901ac040000d67f6f947a7100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f27260e970300000000000000000000000000000000000000008dc5fb510162", 0xd8}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'macvlan0\x00'})

8.032522074s ago: executing program 3 (id=3979):
prctl$PR_SET_DUMPABLE(0x4, 0x3)
syz_usb_connect$uac1(0x5, 0xaa, &(0x7f0000000380)=ANY=[], 0x0)
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x6)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000680)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x4b)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'vlan1\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000400)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {}, {0xfff1}, {0x7, 0x8}}}, 0x24}}, 0x0)
writev(r4, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000006e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000340), r0)
sendmsg$L2TP_CMD_SESSION_GET(r4, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000500)={&(0x7f0000000700)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRESHEX=0x0, @ANYBLOB="03002cbd7000fcdbdfd79e0b000400ddff05001a004e20000008000c0002000000080019009356cb771e9ceb13f846000000000c00"/63], 0x50}, 0x1, 0x0, 0x0, 0x81}, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fd", 0xa4}], 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="80"], 0x80, 0x4044040}], 0x1, 0x40800)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r7, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @empty}, 0xc)
getsockopt$inet_buf(r7, 0x0, 0x29, 0x0, 0x0)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000010"], 0x48}}, 0x40000)
socket$netlink(0x10, 0x3, 0x7)
pipe2$9p(&(0x7f0000000080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80000)
write$binfmt_script(r10, &(0x7f0000000800)={'#! ', './file0'}, 0xb)
tee(r9, r5, 0x1, 0x7)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x89102, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001540)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x4, 0xffffffffffffffff, &(0x7f0000000100)="14", 0x1, 0x73d, 0x0, 0x1}])
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
ioctl$KVM_GET_SUPPORTED_CPUID(r11, 0xc008ae05, &(0x7f0000000100))

6.971339345s ago: executing program 0 (id=3982):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="1201000000000040411215500000000000010902240001000000c609040007020300010009210000050122050009058103"], 0x0) (async, rerun: 32)
r1 = syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 32)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async, rerun: 32)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0xa10024, &(0x7f00000004c0)=ANY=[@ANYBLOB='=', @ANYBLOB=',ro']) (async, rerun: 32)
open_by_handle_at(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="0800c19d4c0a0000000000000000a500"], 0x105080) (async)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000300)=@generic={&(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r3}, 0x18) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000028c0)={r2, 0x20, &(0x7f0000002880)={&(0x7f0000001800)=""/74, 0x4a, <r4=>0x0, &(0x7f0000001880)=""/4096, 0x1000}}, 0x10) (async)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002900)={0x3, 0x4, 0x4, 0xa, 0x0, r2, 0x100, '\x00', 0x0, r2, 0x2, 0x4, 0x2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000002a40)={0x1c, 0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000004000000000000000500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008700000083000000bf0900000000000055090100000000009500000000000000056100005a0f0000b7080000000000007b8af8ff00000000b7080000030000007b8af0ff00000000bfa1000000001d0007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000e50c00008500000006000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000400)='GPL\x00', 0x7, 0xdf, &(0x7f0000001680)=""/223, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25, r2, 0x8, &(0x7f0000001780)={0xa, 0x3}, 0x8, 0x10, &(0x7f00000017c0)={0x2, 0x4, 0xffffffe6, 0x80}, 0x10, r4, r2, 0x6, &(0x7f0000002980)=[r2, r2, r2, r2, r2, r2, r5, r2, r1, r2], &(0x7f00000029c0)=[{0x0, 0x5, 0x0, 0x2}, {0x1, 0x1, 0x6, 0x3}, {0x5, 0x3, 0x1, 0x2}, {0x2, 0x2, 0xb, 0x8}, {0x5, 0x3, 0xc, 0x4}, {0x1, 0x2, 0xa, 0x2}], 0x10, 0x5}, 0x94)
syz_usb_control_io$hid(r0, 0x0, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xa2) (async)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r6, &(0x7f0000000080)={0x20000013}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async, rerun: 32)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x63b5, &(0x7f0000006680)) (rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setgroups(0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_CREATE_PIT2(r8, 0x4040ae77, &(0x7f0000000180)={0x1}) (async)
ioctl$KVM_SET_PIT(r8, 0x8048ae66, &(0x7f0000000240)={[{0x2, 0x5, 0x93, 0x1, 0x0, 0x5f, 0x3, 0x0, 0xa6, 0x2, 0x9, 0x9, 0x82}, {0xfffffff9, 0xfffa, 0x0, 0x0, 0x0, 0xf6, 0xca, 0x8, 0x4, 0xff, 0x81, 0x0, 0x800000000000000}, {0xffffff01, 0x0, 0x7, 0x4, 0x4, 0x5, 0x7, 0x8, 0x7, 0x8, 0xfe, 0x4, 0x1000000000000004}], 0x40003})
ioctl$KVM_SET_PIT2(r8, 0x4070aea0, &(0x7f0000002400)={[{0xa, 0xcc, 0xfa, 0x5, 0xff, 0x96, 0xc9, 0x6, 0x4, 0x0, 0x2, 0x6, 0xffffffff}, {0x15, 0x1, 0x6, 0xb5, 0x1, 0x6, 0xbb, 0x2, 0xb, 0x5, 0x4, 0x9, 0x1}, {0x2, 0x1000, 0x28, 0x2, 0x1, 0x2a, 0x4, 0x8, 0xe, 0x40, 0xf4, 0x4, 0x200}], 0x6}) (async)
r9 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r9, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)

6.865728278s ago: executing program 0 (id=3983):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x4000000, 0xb40)
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000600), 0x103042, 0x0)
r5 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
listen(r5, 0x6)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="010300000000000000000800000004000300", @ANYRES32=0x0, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x24}}, 0x0)
mmap(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x2000000, 0x11, r1, 0x4c930000)
syz_emit_ethernet(0x4e, &(0x7f00000001c0)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x8, 0x6, 0x0, @private=0xa010102, @private=0xa010102, {[@timestamp_addr={0x44, 0x14, 0x6, 0x1, 0x0, [{@multicast1, 0xfffffffc}, {@local}]}, @generic={0x7, 0x3, "01"}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r6, 0x4028700f, &(0x7f0000000140)={0x2, 0x0, {0x0, 0x5, 0x0, 0x10, 0x0, 0x5c, 0x4, 0x0, 0x1}})
pread64(r6, &(0x7f00000014c0)=""/4104, 0x1008, 0x10000)

6.86179221s ago: executing program 4 (id=3984):
timer_settime(0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = openat$fuse(0xffffff9c, 0x0, 0x2, 0x0)
read$FUSE(r1, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, 0x0)
syz_usb_connect(0x0, 0x62, 0x0, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2)

6.787038442s ago: executing program 0 (id=3985):
r0 = syz_usb_connect$lan78xx(0x5, 0x3f, &(0x7f0000000dc0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000001140)={0x34, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000940)={0x34, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000003f00)={0x84, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000880)={0x34, &(0x7f00000006c0)={0x40, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000980)={0x84, &(0x7f0000000e80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = add_key$keyring(&(0x7f0000002280), &(0x7f00000022c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb)
pipe2$watch_queue(&(0x7f0000002300)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0x6f)
r6 = add_key$fscrypt_provisioning(&(0x7f0000002a40), &(0x7f0000002a80)={'syz', 0x2}, &(0x7f0000002ac0)={0x2, 0x0, @b}, 0x48, r4)
keyctl$KEYCTL_MOVE(0x1e, r6, r4, 0xfffffffffffffffb, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000002400)=@newqdisc={0x434, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x10}, {0x0, 0xe}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x0, 0xfffffffe, 0x7, 0x8000, 0x9, 0xbe2, 0x100003, 0x4000b762, 0x6, 0x7, 0x8, 0xf, 0x2, 0x80000001, 0x400, 0x7fc, 0xffff8000, 0x6, 0x401, 0x9, 0xb89, 0xffffe4f5, 0xf, 0x4, 0xffff, 0x65, 0x0, 0x6, 0x101, 0x1, 0x5, 0x4, 0x1, 0x4, 0x9, 0xc, 0x20001000, 0x4, 0x2, 0x4470008e, 0x4, 0x9, 0x9, 0x2, 0x6, 0x7, 0xfffffff7, 0x1, 0x2, 0x9, 0x9, 0x44, 0x8, 0x8, 0x1, 0x80004, 0x7ff, 0x8, 0x7, 0x80000001, 0x4, 0x8, 0xfffffa72, 0xcd, 0xffffff80, 0x80000000, 0xc, 0x4, 0x65, 0x91, 0x656, 0x9, 0x80000f, 0x9, 0xc28, 0x9, 0x7, 0x3, 0x401, 0x3, 0x2, 0xfffffffa, 0x101, 0xfffe, 0xfffffff9, 0x1, 0x4, 0x8, 0x8, 0x8, 0x1, 0x1, 0x1, 0x7, 0x40, 0x7, 0x12, 0x8000, 0x1, 0x4dc, 0x80, 0x3, 0x7fffffff, 0xff, 0x9, 0xa7, 0xb, 0x2, 0x8, 0x3, 0x1000, 0x800004, 0x401, 0x7, 0x80000000, 0xffff, 0x6, 0x4, 0x4, 0xffffffff, 0x80000004, 0x1966f9ab, 0x415, 0x20200, 0xed5, 0xffff7c00, 0x6, 0x4, 0x8, 0x7, 0xa85, 0x80000040, 0x2, 0x7, 0x7, 0x102, 0x2d5421e8, 0x3, 0xffd, 0x10000, 0x6, 0x3fb, 0x3, 0x0, 0x2, 0x5, 0x400, 0x5, 0x8d, 0x4, 0x401, 0x4, 0x9, 0x3, 0xfffffffb, 0x1, 0x0, 0x0, 0x4, 0x1, 0x8, 0x3, 0x0, 0x800, 0x2, 0xc, 0x800, 0x1, 0x80000009, 0x6, 0x5, 0x5, 0x4d15, 0xa, 0xfffff060, 0x3, 0x469, 0x3, 0xffff0001, 0x1ff, 0x10000005, 0x7, 0xfffffffd, 0x8, 0x42ba, 0x4, 0x9, 0x3, 0x8, 0x8, 0x53, 0x6, 0x4, 0x400, 0x8000, 0x6, 0x2c310b18, 0xfff, 0x0, 0x3, 0xcd34, 0x9, 0x7d, 0xdf3, 0x2, 0x7, 0x8, 0xb, 0x81, 0x8000, 0x3, 0x9, 0x3, 0x9, 0x9a6, 0x0, 0x402, 0x1, 0x1ff, 0x3e, 0x9b4, 0x1, 0x8, 0x0, 0x8, 0xfffffffc, 0x9, 0x0, 0x4, 0x10, 0x901, 0xa, 0x2, 0x418503d2, 0xfffffeff, 0x6, 0x6, 0xc, 0x1000, 0x8, 0x9, 0xe6, 0xab, 0x400, 0x7fffffff, 0xed, 0x7ff, 0xd83, 0x68, 0x80000021, 0x4, 0x1, 0x6, 0x1fd, 0x2]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000b80)={0x34, &(0x7f0000000700)={0x40, 0x14, 0x4, "1ed5a0a7"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000300)={0x34, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000580)={0x34, &(0x7f00000003c0)={0x20, 0x16}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect(0x3, 0x866, &(0x7f0000001180)={{0x12, 0x1, 0x300, 0x2c, 0x27, 0x3d, 0x40, 0x6cd, 0x105, 0x9932, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x854, 0x2, 0x5b, 0x0, 0x10, 0x8, "", [{{0x9, 0x4, 0x6e, 0x1d, 0xf, 0xbb, 0x19, 0xb9, 0x44, [], [{{0x9, 0x5, 0xe, 0x4, 0x400, 0x9, 0x80, 0x3}}, {{0x9, 0x5, 0xe, 0x1, 0x20, 0xb, 0xf, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xa6, 0xab}, @generic={0xcc, 0x3a, "0d4122c8a2b30f50b8fe3458fa4140e1a6bfdcbb8a16049288fd8efa84de8bb00350c52bdd4ce4ad3e2d4e78268ff1773f8c41d3c331a8e338131d67e771d14569ad568f209107d8d157f7dbe8a7f3207f8fe5a4db218edaf09db2f0c982e341549d3bde8d0b88f4abdc581d7ed90bc20dd04036e9f1b58da8835001137ac03a0f24b08ffdd37850aa3ca0aa6ac4f1c88582d1bf3161672dc4afb0f36a540db2f82fa5056087252e699b2b7c33dd9ff531e8162155ceb125d628d58ee02fcc29b732cac9b0f92000b398"}]}}, {{0x9, 0x5, 0x8, 0x0, 0x20, 0x8, 0x80, 0x6, [@generic={0x40, 0x23, "d4c08cf7f025354f839cae17c5db5556684b4a89686b15dadf8942dfafc1942590d0c3168e70909c0c94a2270054e1c0e5e355dd4140ea05c6c9de5358f1"}]}}, {{0x9, 0x5, 0xe, 0xc, 0x1bf, 0x7, 0x6, 0x4}}, {{0x9, 0x5, 0x0, 0x4, 0x3f7, 0x5, 0x80, 0xf9}}, {{0x9, 0x5, 0xe, 0x3, 0x20, 0x8, 0x5, 0x9, [@generic={0xd1, 0x31, "e82e4f97d57f4403902dd37181243ce449d93dcc9819487f5bee804c40144795102fbcb8fad7af9dd59809e2740648e890c163e15ea10acfa940121e89e0f0265e088b2993f34932a63c7706b5f80603d5cbb7f3e8ddd3ff8429d4bc7b49dfd565e6854aaead51de521b5762b34ad1223627d9f2645e352084e2bd17ee95ff07fb5cbcc58ff21459336e79717b618470a0fda08e0845b6267b98a428804209dc065e3852f8e9c77e492bb4e82b4864f2a5a2ad4ff0f963e119d969f4e8b24ff605c1919027afdfc982f5c3749956d7"}]}}, {{0x9, 0x5, 0x6, 0x0, 0x8, 0x3, 0x3, 0x18, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0xf9, 0x1}]}}, {{0x9, 0x5, 0xa, 0x0, 0x28, 0x2e, 0xe1, 0xf7}}, {{0x9, 0x5, 0xb, 0xc, 0x10, 0x3, 0xff, 0x2, [@generic={0x72, 0x0, "b3aebdc7d9e6187f11051e90f933075d70923e648e53995c84a92cd9fda045d317a9fcb6b6f39d6c7569e089fd64c12aa7104018a7578e8717fe803e835315d9af1dc04434cc62eead03edc1f4103d7363b3a0512393afc0fefd338766d9f6e5719001b0e403ba025fcb4bbbb520cd77"}]}}, {{0x9, 0x5, 0xb, 0x0, 0x20, 0x7, 0x7, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x8, 0x80, 0x9}]}}, {{0x9, 0x5, 0x80, 0x0, 0x8, 0xe4, 0x3, 0x7}}, {{0x9, 0x5, 0x80, 0x4, 0x3ff, 0x7, 0x5, 0xcf, [@uac_iso={0x7, 0x25, 0x1, 0x8, 0x5}]}}, {{0x9, 0x5, 0x3, 0x4, 0x10, 0x0, 0xaf, 0x2}}, {{0x9, 0x5, 0x8, 0x8, 0x20, 0x9, 0x9, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x4, 0xe, 0x6d5b}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x9, 0xc000}]}}, {{0x9, 0x5, 0x0, 0xf, 0x40, 0x33, 0xf, 0x27}}]}}, {{0x9, 0x4, 0xcc, 0xd, 0xc, 0xb4, 0xa2, 0x3c, 0x2, [@cdc_ecm={{0x6, 0x24, 0x6, 0x0, 0x0, "ec"}, {0x5, 0x24, 0x0, 0xfffb}, {0xd, 0x24, 0xf, 0x1, 0x7, 0x2, 0x3, 0x9}, [@country_functional={0x6, 0x24, 0x7, 0xc, 0xfffa}, @country_functional={0xa, 0x24, 0x7, 0x0, 0xfe00, [0x7, 0x59d]}]}], [{{0x9, 0x5, 0x80, 0x0, 0x10, 0xe, 0xe, 0x3, [@generic={0xed, 0xe, "1a4d863038d7420f2ea28831963af623db20b8652aadb1a7d8d9478d9031a2dc7e832cf422ab3d197d246c4e28af3f89364d183dae40d11af3bd27bf03a714c48619517068fcdb3c24d8823c5e377c69e8a67850a681a13aac0a70abe9da36d8b81d7459be9121c89ef67c748136b828a33031957ffae73081f9c8d691ecf060306f1984f96781926d6fcb150681911c3550652cabd4b7d662e1379f2bfda2399f363dfc4be4f519b3b89440332e08312bd362296830b69866cb8a051166c897be928a1fc483a61838a657269fbc53fe0586d0e094594c873a45fcadf8a435aa8b4495eeab2e44acdc319e"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x8, 0x2}]}}, {{0x9, 0x5, 0xa, 0x10, 0x3ff, 0xe, 0x6, 0x1}}, {{0x9, 0x5, 0x5, 0xc, 0x40, 0x1, 0x5, 0x5f, [@uac_iso={0x7, 0x25, 0x1, 0x8, 0x4, 0xfff}, @generic={0xdc, 0x23, "05a9f4f1ae403abb558d40722321467912828956658ab5b91de71fe22f22358746ffc8697ce837644e71cdc116105e63ea39351606b1945f3fa0a8580787883f06013c29fee936ab0fef573ef6000b37e443c41c1b2edf1d57f4128b8cc39b8fd465dd522d483774b3aa434e3cf4d67388dec5a72eb67de87a8c37fe61c53e6ef16083bb2ef34cda67f00e0399f1ad858b30d1675235d73f6de36f056942b68bd88dae2d05f0a2ed0196c3e8596b31458ccff8c6c16e0d341d4cdfc46efca5e2fb83884495e1556a122d19dd219fe6e21c6002ee5a83189c40ae"}]}}, {{0x9, 0x5, 0xf, 0x0, 0x20, 0x7, 0x68, 0x2, [@generic={0x9a, 0xc, "436d8169065d09ebebf4627f2e9b5b884185c518b43250e8024419c44c8865d6728211cd93d7fb0fcfd490f90b5966bb90439479ff2f8e82d03961e45590e8e2787d4ee929217a4566c505e43dc2704ffc7f58531a3225e4ba20a2fb9884178695a89b942cc670a6ff804eb789060055e90c68d56f0593ccf0fc5ffb605659ae1a0f0c32e591463836c7f270ac8f23bbf3ebe975852c5f1d"}, @generic={0x1b, 0x2, "b8acd03f8fd82afde1a7de721fe9dacc0326cef299e09746b4"}]}}, {{0x9, 0x5, 0x7, 0x0, 0x40, 0x4, 0x9, 0xc7, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0x80, 0x7fff}, @generic={0x66, 0x22, "db99bd9d57c0e650a20ca5ce93c0d710230e4aea910f7fd9458d0e00f3626eef22e3d06fae61bdff47106575aa0541eb32724d626d597fcafcff01ef41ac644fcb1f7c44e8ddd3c051565454ee3747a9947140e1b648db960d1380ee5ab7b325787ec5dd"}]}}, {{0x9, 0x5, 0x4, 0x0, 0x3ff, 0xba, 0x8, 0x2}}, {{0x9, 0x5, 0x4, 0x4, 0x400, 0x8, 0x4, 0x2f, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0x5, 0x9}]}}, {{0x9, 0x5, 0x4, 0x0, 0x8, 0x69, 0x0, 0x51, [@generic={0x5e, 0x1d, "d1f0bcc3e1580708d803358b8e31be63bd0baa52f41999f682dc27acfa230aef6247251dbc4db440fc6095b2ecf1c28b38ee93feaf2810b60a7c1c2fe3f685082856d756b9658e2077046f301fbf27aa6e03e2bdf108bf237ecdce58"}, @generic={0x70, 0xd, "f40d3a30fbb4e829a1015444cafaf3b5b910b73d525f2bc680d4207310c008cf327ac2b4ad62204e38a0f8ff7451d9e64f8000c04ba354a5aec549ae7c8008c390ec25b0b77f831ea2b2711d8b36c2f425077cfb935c2fcdae734f39b6670a69f796d82f179dad913434b337123f"}]}}, {{0x9, 0x5, 0xd, 0x10, 0x20, 0x2, 0x40, 0xe0, [@generic={0x54, 0x4, "bb232f80d6a4279bd48836fbf5237a002aa81bf2ac1cc36068520514faf4c279bab7ed4e0f03f45ea2c15e413e911120e4ec9fbbcd671bf3f55c4c25de3dde0873250cda9c573b1562f14809a7fcbf8c9736"}, @generic={0x7c, 0x23, "594e825169a0f369f74c61ed6ec224177aa82c45c1843ad7b1657e519c6acbe83373d7dd5435a7a6a0694a10083b0f9152ce549513467b698c7aee07d19818f240c4ad46bce2f993c6aef9f3d7bfc9093250706ead6054edbe2abf5881c1f3f6023a871e10ff4d1ba1b4605e379b11c04483c1e3702ff01f05c7"}]}}, {{0x9, 0x5, 0x80, 0x0, 0x200, 0x2, 0x9d, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x6, 0xdf4c}]}}, {{0x9, 0x5, 0x1, 0x0, 0x400, 0x6, 0xa, 0x5}}, {{0x9, 0x5, 0x0, 0x0, 0x40, 0x8, 0x8, 0x80}}]}}]}}]}}, &(0x7f00000021c0)={0xa, &(0x7f0000001d00)={0xa, 0x6, 0x310, 0xff, 0x4, 0x2, 0x10, 0x80}, 0x1a, &(0x7f0000001d40)={0x5, 0xf, 0x1a, 0x3, [@ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0xc, 0xc0, 0x4, 0x2, 0x0, 0x8}, @ext_cap={0x7, 0x10, 0x2, 0x1a, 0x1, 0x4, 0x6}]}, 0x9, [{0x92, &(0x7f0000001d80)=@string={0x92, 0x3, "e3d218ae5d78a3b5003033353c063aa04e70e57e5a52ed54227782d6210e37afc53f79d86530bde12ec01e831c06aeb1e4984729f36cb142fca8f3dbb3c8492dd6ef6d4f5d699f9b84c9c6844b5b1324b5244dbadb59d93d009252d88183ea199cd8c564ed062086dfa26de8e6661dc1ee4cb07b6c753d68847ec3eac2e164b58bc13996b336171e79d8718b1542080f"}}, {0x4, &(0x7f0000001e40)=@lang_id={0x4}}, {0xc9, &(0x7f0000001e80)=@string={0xc9, 0x3, "5caedd938f441fd4a8e259cad7a1f428aac280f1766b7d7b4258b8fb422fd32c508556e9ff41ad1c73385efdcc3a82167eef023c29515b1e1aaf09e4ba6c16733e7bb14e40e72c2e730584dd4e05f833414805975c487970d8e09f6089c3ababcc03b2a552a955fa051c5e8bbff9ac2b7af59c91c277ddac4951694ac8448ce97408108971ade041b8baf58795627ea6f0cc17e9678aa03c3f2d80a9fd49b022f26e6440fe00427893913a01b336ba754c186288131c37ec01aec5d11e5d959ebe51e4954ba82e"}}, {0x2, &(0x7f0000001f80)=@string={0x2}}, {0x2, &(0x7f0000001fc0)=ANY=[@ANYBLOB="0202"]}, {0xa9, &(0x7f0000002040)=@string={0xa9, 0x3, "822edf1158216b33f9f37b0c7f3004f6e46f77c6affc7a5f6410c9758cef8dc84e225d2044acb5d037dce5b969508e1737d31e3ce6a26a2702e7c73b4ae50f38e31541504a40b4c48fb9be466cbd98250c10c265e1afff350df389399b80cd7e550e8af54c76375d9da5fe08ff40d5bf4d1118df04ef5d295de43f84919446486e5af4998e7f9a20afc89cc82c91fc8ed1e2715fd14ec730832f201a2c01b9fee9b08e10976408"}}, {0x4, &(0x7f0000002100)=@lang_id={0x4, 0x3, 0x449}}, {0x4, &(0x7f0000002140)=@lang_id={0x4, 0x3, 0xf0ff}}, {0x31, &(0x7f0000002180)=@string={0x31, 0x3, "d1f48eeacfebf79eabe8dfffe0cb8d11045a75447f603948983ce21e107ee8df0d39785af7118f5551cce2b0f7a3ed"}}]})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f00000004c0)={0x34, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000e80)={0x84, &(0x7f0000000700)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

6.662778302s ago: executing program 2 (id=3986):
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000000)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;|\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0x0)
cachestat(r0, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000c8c0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x3b00, 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc01020301090212000100000000090401"], 0x0)
set_mempolicy(0x6005, &(0x7f0000000080)=0x8, 0x4)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90124fc600c05000f90c60100053582c137153e370a48018004f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x5}, 0x0)
r3 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = syz_pidfd_open(r3, 0x0)
waitid$P_PIDFD(0x3, r4, 0x0, 0xa000000c, 0x0)
r5 = fsopen(&(0x7f0000000380)='nilfs2\x00', 0x1)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x2, &(0x7f0000000080)='discard', &(0x7f0000000200)='\t', 0x1)
syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f00000008c0)={0x1c, &(0x7f0000010000)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0})
r6 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
read(r6, 0x0, 0x0)

5.497562487s ago: executing program 1 (id=3990):
unshare(0x6a040000)
r0 = socket(0xa, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x18, &(0x7f0000000080)=0x200, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x3, @empty, 0x4}, 0x1c) (async)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000080)={'syztnl1\x00', <r1=>0x0, 0x2f, 0x0, 0x5a, 0x5, 0x46, @private2, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x40, 0x1, 0x10, 0x3}})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000140)={r1, 0x1, 0x6}, 0x10) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=@updpolicy={0xb8, 0x1d, 0x1, 0x0, 0x0, {{@in=@multicast1, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80, 0x80}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x16}, {0x0, 0x0, 0xfffffffffffffffe}}}, 0xb8}, 0x1, 0x0, 0x0, 0x37a5fce0bcf595dd}, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)={0x14, r4, 0x303, 0x3, 0x25dfdbfd, {0x3d}}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)

5.126755848s ago: executing program 4 (id=3991):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="120100009080e140fc044a500243010203010902120001000000000904"], 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000000b80)={0x84, &(0x7f0000000480)=ANY=[@ANYBLOB="000e0100000002995b281724e4a835b2ff8c7c590000ad0000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000005c0)=@abs, 0x6e)
ioctl$SNDRV_TIMER_IOCTL_CREATE(r1, 0xc02054a5, &(0x7f00000004c0)={0x10001, r0, 'id0\x00'})
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = socket(0x1, 0x800, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x3c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
fsetxattr$system_posix_acl(r3, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000a00)={{}, {0x1, 0x4}, [{0x2, 0x5}, {0x2, 0x1}, {0x2, 0x4}, {0x2, 0x5, 0xffffffffffffffff}], {0x4, 0x5}, [], {0x10, 0x5}}, 0x44, 0x3)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x5000, 0x1, @remote, 0x5}, 0x1c)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)
socket$inet6(0xa, 0x80002, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, 0x0, &(0x7f0000000040))
bind$can_raw(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x3ffdcf, 0x7ff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffc}, 0x50)
syz_usb_control_io$hid(r2, 0x0, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f00000000c0)={0x0, 0xfacf, 0x8001, 0x0, 0x1, "f6a67b6c9832488c"})
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100)="1876d433b8c266f9be2253e7c12fc9ea10343a19c358547a9357a174911e926c57b51eab3d0a4a2297653ac0c62201010000881a8789adddd1ca89ebd8632972a4f65ad1505ed06b6779ed03ef849c46e3dedf604c01fae7c32f782dd9a45993a0798444d6ba181f2546b88893bf12575b27c1af55a55c55ca8855d5dc89db3e110430d10f429cc423ff64acc9fdb59a76caf809ce3c954f8a9618ebe5c3253e888feae6cc381ecb4a64085e24c48cf5ae9c5125d58d78ab2b70ec9216b42cf69b0cd34aa9a9b8e32e1841f19a7d38ce8de4d6d24b1a239ccfbb0935e4db5f50c9b8ebdf158eb582b914857522de035110521a268d3fa0888ebd65ab713338b2fa1029851d62af03f2bcf6034cf0287f10c84c967bae32a79fbf90122d41a622c0fa8a0fae4ffa55df5ec7ebb0708dbb6148f2cde6d128018a0efa8598fa29ac80c6642d52c6f6b979e8fe5e1fbe7615ca1bc31f2bc541b3f67f129a490900000004ab65b661139a2d66fbe14888b28fb681b11cd33e07a04cee7fa461932185531acd971e41d0eaed454f6b4520963c5d21b889764986530174051ddeca7547b3aeb0ed720e20099fbeec90859a9f22b9229f72fb45e62fb2c7048099eb484edac92717591a6467c38af94b14d4bf366d5fb232c24bc8a9d5361dd979a98ff5ea6a331cf27110b4457301454119173622e1ddef43e79842b3dcbce701ec9195770fd820823cd45fe00baa87d3000000000000570d", 0x215}], 0x1)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=@newlink={0x4c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_SNOOPING={0x5}, @IFLA_BR_NF_CALL_IPTABLES={0x5}, @IFLA_BR_MCAST_ROUTER={0x5}]}}}]}, 0x4c}}, 0x0)

4.89812776s ago: executing program 2 (id=3992):
r0 = socket(0x80000000000000a, 0x2, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
lseek(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0x1b, "0062ba7d820700000000000000000000096304"})
syz_open_pts(r1, 0x80)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x5, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f00000000c0)=0xf, 0x4)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f00000001c0)={0xe, 0x93, 0x8e, 0xf, 0xf3, 0x92, 0xe, 0x10, 0x9, 0x0, 0x8, 0x7, 0x1f, 0x7}, 0xe)
sendto$inet6(r2, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close_range(r0, 0xffffffffffffffff, 0x0)

4.838372685s ago: executing program 3 (id=3993):
r0 = gettid()
setpriority(0x1, r0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000300)={0x7, 0x5}, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000a00)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000004c0)="2c3800000000000000ffcc92b6bc436aa6a38ee41603ab5c91cc3d9e0fec0c6ba3bd948c7031f90f7eecbd329ed26c97f2e1ad3994476ba59fd96b338f439e7922554e48cb3c2a4b18e89fb68a32b344d8ab746813903f656131f6f01e719a0ee4956c60828c91f935ce7bb9d586a3aac66c5a1eb41d370000000000000000000000ad460c64d2ecb940e00fb88a8248944f1e22e967dde8ea0a10100ae0d80bf3f3ee6d8f4553f8d0754ef7f23c162b65437c0ac5f522a78333065d68c16e888ea2794cb3e569dd844378cf42ffe4468cb298cffd32828e72b40da58f24a054392028201b71f25f35c7bef184762b722530a8fe5b7e20de3da1ca4e39e9efaed70b2a95eef6d1ad8d514570804a9d6ecb09d7b6590ea310e51886d2aaabacec6bfc2e61573a5687bf3e3ae7f6980b44432925b138b126f9c1a0c3089887cecbd50ce9639f8b4c859b74761f54cc41d00bc3b607557a0d94c92ebd5fb85446b73837c6f83e3872f523d7ec22dcb38666953036e8b76365bd48ae2ea8c6c8dd3215a33de59e00bdcbd35f86d8", 0x18c)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000340)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x4c045}, 0x80400d0)
recvmmsg$unix(r6, &(0x7f0000000840)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000200)=""/252, 0xfc}], 0x1}}], 0x1, 0x10000, 0x0)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x4000004, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r7=>0x0})
sendto$packet(r4, &(0x7f0000000180)="0b036c00e0ff64000200475400f6a13bb10000000800894f4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r7}, 0x14)
r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
r9 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r9, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x1c)
socket$unix(0x1, 0x2, 0x0)
bind$unix(r6, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)
pread64(r8, &(0x7f0000000000)=""/170, 0xaa, 0x8)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
keyctl$restrict_keyring(0xa, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x30, 0xffffffffffffffff, 0x1000000)

4.819732054s ago: executing program 1 (id=3994):
unshare(0x2c020400) (async)
r0 = socket(0x10, 0x2, 0x0) (async)
r1 = fsopen(&(0x7f0000000040)='devpts\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x9, 0x7, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5c, 0x10000009, 0xffff, 0x2, 0x0, 0x6, 0x3, 0x0, 0x2ab, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0xb, 0x9, 0x1, 0x5f461e2f, 0x7, 0xe661, 0x7fff, 0xb, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x800242, 0xff7fffff, 0xe, 0x0, 0x71, 0x2, 0x406, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x3, 0x80092a3, 0x4, 0x1, 0x20000000, 0x82, 0x0, 0x7, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x6, 0x10, 0x9, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x5, 0x1000, 0xfffffffc, 0x43, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x1, 0x0, 0xfffffffe, 0x8, 0x4, 0x8000, 0x9, 0x3fe, 0x401, 0x6, 0x4, 0xfb, 0x5, 0x8000, 0x5f31, 0xbcf5, 0x1, 0x2, 0x2, 0x9, 0x40, 0x9, 0x8, 0x9, 0x6, 0xb, 0xa, 0x1, 0xc, 0x9, 0x2, 0x7f, 0x9, 0x1, 0x3, 0x8, 0xffffffff, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x400004], [0x6, 0x6, 0x80000001, 0x2, 0xff, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x1, 0xb, 0x4, 0x5, 0x0, 0x0, 0x1f0, 0xfffffffd, 0x3, 0x86, 0x1, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x800, 0x8, 0x5, 0x8001, 0x7, 0x38, 0x1, 0x200, 0x82, 0x2, 0xcc52, 0x81, 0x1000, 0xa1, 0x7, 0x53cf697b, 0xfffffff9, 0x6, 0xac8, 0xbf, 0x10002, 0x403, 0x7fb, 0x3, 0x0, 0x1, 0xffff, 0x0, 0x6, 0x1c, 0x120000, 0x3, 0x4, 0xaaed, 0x4, 0xff], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x1, 0x6, 0x40005, 0x0, 0x3, 0x80ce7, 0xe3, 0x3, 0x7, 0x5, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xe620, 0x2, 0x2, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x4, 0xffffffff, 0x80000000, 0x7, 0x8, 0xc8, 0xee1, 0x0, 0xffff, 0x3, 0x3f, 0x100, 0x9602, 0x10000004, 0x5, 0xffff, 0x6, 0x1, 0x10080, 0x7, 0x8, 0xb, 0x5a2b, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) (async, rerun: 32)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000014640000000c0a050000000000000000000a0000060900020073797a31000000000900010073797a310000000038000380340000800400018014000b80100001148c9d8dbd7db32f00040002800c000440000000000000000f0c0005"], 0xd0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
fspick(0xffffffffffffffff, &(0x7f0000000340)='.\x00', 0x0) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x20040, 0x0) (async)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x16)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_smc(0x2b, 0x1, 0x0) (async)
fsopen(&(0x7f0000000180)='qnx6\x00', 0x0) (async)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x101140, 0x0)
dup3(r5, r4, 0x80000)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
connect$vsock_stream(r0, &(0x7f0000000180)={0x28, 0x0, 0x0, @host}, 0x10)

4.294594927s ago: executing program 1 (id=3995):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
bind$packet(r1, &(0x7f00000001c0)={0x11, 0x17, r2, 0x1, 0x7, 0x6, @local}, 0x14)
getsockname$packet(r1, &(0x7f00000018c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000000100)=ANY=[@ANYBLOB="38000000540001050000000000c4000007008209", @ANYRES32=r3, @ANYBLOB="20000100", @ANYRES32=r2, @ANYBLOB="00000001e000030000000000000000000000000008"], 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x0)

4.156742323s ago: executing program 1 (id=3996):
openat$kvm(0xffffff9c, &(0x7f0000000080), 0x103201, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x48)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0x0, 0xffffffff}, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000200), 0x3, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$kcm(0x10, 0x2, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0xf, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r6, 0x4)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x320, &(0x7f0000000180)=[{&(0x7f0000000340)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f1400000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec001210000140090c0c00bdad446b9bbc7a46e39882a5dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0xff0f0000}, 0x0)
r7 = syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x30, 0x42, 0x1, 0x70bd25, 0x25dfdbfd, {0x2}, [@nested={0x4, 0x38}, @nested={0x10, 0x1, 0x0, 0x1, [@typed={0xc, 0x8c8, 0x0, 0x0, @u64=0x2}]}, @nested={0x8, 0x4, 0x0, 0x1, [@generic="56b5bfa7"]}]}, 0x30}, 0x1, 0x0, 0x0, 0x8800}, 0x4040)
sendmsg$TIPC_CMD_GET_NODES(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x1c, r7, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x880)
ioctl$vim2m_VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000040)=@overlay={0x0, 0x1, 0x4, 0x0, 0xd, {}, {0x1, 0x0, 0x0, 0x1, 0x0, 0x0, "12848098"}, 0x3})
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
add_key(&(0x7f0000000040)='rxrpc\x00', 0x0, &(0x7f0000000180)="0000000000000002ff69000000000001000000c000000006000200861fa72e5b01504104bfeacdd5a9007d167c71e3b8a93aa64d957a684161c833020a6da888c7a56843a85f3a078c97d542ed1fbf069ca713670adf7d9fb6d2600fd9c1981fe9f095cfe9d2fe1e1e34f6096bf02543747b2c792890f07c0da0fa25e6101062e6c9", 0x82, 0xffffffffffffffff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200000)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000a40)={'syztnl1\x00', &(0x7f00000009c0)={'ip6_vti0\x00', <r10=>0x0, 0x4, 0x1, 0x9, 0x1, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7, 0x7800, 0x0, 0x9}})
r11 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000a80)=0xffffffffffffffff, 0x4)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000b40)={{0x1, 0x1, 0x18, <r12=>0xffffffffffffffff, {0x401}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x2, 0x15, &(0x7f0000000840)=@raw=[@exit, @map_val={0x18, 0x6, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x5}, @map_idx_val={0x18, 0xd, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @ldst={0x0, 0x0, 0x1, 0x2, 0x9, 0x6, 0xfffffffffffffffc}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfc5c}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r9}}, @call={0x85, 0x0, 0x0, 0x18}], &(0x7f0000000900)='GPL\x00', 0xf, 0x6a, &(0x7f0000000940)=""/106, 0x41000, 0x11, '\x00', r10, @fallback=0xe, r11, 0x8, &(0x7f0000000ac0)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000b00)={0x3, 0xd, 0x48b9, 0x7fffffff}, 0x10, 0x0, r6, 0x1, &(0x7f0000000b80)=[r12, r5, r5], &(0x7f0000000bc0)=[{0x5, 0x4, 0xe, 0x4}], 0x10, 0x1}, 0x94)
read$dsp(0xffffffffffffffff, &(0x7f00000000c0)=""/152, 0x98)
r13 = socket$unix(0x1, 0x2, 0x0)
setsockopt$SO_TIMESTAMP(r13, 0x1, 0x3f, &(0x7f0000000040)=0x8, 0x4)
setsockopt$SO_TIMESTAMP(r13, 0x1, 0x1d, &(0x7f0000000080)=0x9, 0x4)

3.813582077s ago: executing program 3 (id=3997):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_open_dev$evdev(&(0x7f0000000240), 0xd69d, 0x428282)
socket$tipc(0x1e, 0x5, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
arch_prctl$ARCH_REQ_XCOMP_PERM(0x1023, 0x12)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x1000)=nil, 0x1000, &(0x7f0000000080)='\x00\x00\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x3, 0x0, 0xe, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
r2 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x85)
landlock_create_ruleset(&(0x7f0000000040)={0x3342, 0x3}, 0x18, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x8)
r4 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='source\xfd>\xf6\xdfS', &(0x7f0000000300)='%\xff:2\x82|\x9a\xe0\xadA\xde\xd5\x03\x00\x00\x00\xb7\xe5\xee:\xd3\xc5*\x15\xdf_|\x7f\xff9\xf7o$e&1\xfd\xea\xb0\xb0\x00\x00\x0ed\x06W\xa1\xbc:\xfe!\xfa\xd6x\x00nP\xc0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\r\xcc:', 0x0)
r5 = userfaultfd(0x1)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
close(0x3)
ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x3, 0x2})
r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/wireless\x00')
read$FUSE(r6, 0x0, 0x0)

3.670404972s ago: executing program 2 (id=3998):
r0 = syz_usb_connect$lan78xx(0x5, 0x3f, &(0x7f0000000dc0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000000)={0x34, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0) (async)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000940)={0x34, &(0x7f0000000680)={0x0, 0x30}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000003f00)={0x84, &(0x7f0000003b00)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000880)={0x34, &(0x7f00000006c0)={0x40, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io(r0, 0x0, &(0x7f0000000980)={0x84, &(0x7f0000000e80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io(r0, 0x0, &(0x7f0000000b80)={0x84, &(0x7f0000000040)=ANY=[@ANYBLOB="20130300000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0) (async)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000c40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_buf(r1, 0x0, 0x20, &(0x7f0000000340)="75405ba77a113d257dc2aa61", 0xc)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, 0x0, &(0x7f0000000ac0)={0x84, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)

2.754281701s ago: executing program 0 (id=3999):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x1a5})
r1 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000002840)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x8)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xb635773f04ebbee7, 0x12, r1, 0x2000)
socket$kcm(0x2c, 0x3, 0x0)
r2 = syz_open_dev$radio(&(0x7f0000000200), 0x3, 0x2)
ioctl$VIDIOC_G_CTRL(r2, 0xc008561b, &(0x7f0000000240)={0xc53, 0xfffffff9})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe1, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d", 0x0, 0x8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = openat$sndtimer(0xffffff9c, &(0x7f0000000280), 0x40080)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000}, 0x1a, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x24000854}, 0x4000800)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r5, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f0000000840)=ANY=[@ANYBLOB="d80000006ab68e6814246ebae334688dc250c0860e154cfd3a41227b772a4a2b0ed003a0a1c4ac0b616914a0bfd721de1044420acb5fdb34d4f26be2a47fe92505dc1454c181af1b1689b69475", @ANYRES16=r5, @ANYBLOB="000325bd7000fedbdf2506000000000099006e000000480000001c00e700ed54a960c498d9560ca0c19917fb526b98648b494906e0211c00e700c643716793add6b6334047cf901ce7b60a8b148e608da7422800178005005300000000000800050007000000200017800400010004000200040004000400030004000500000001000400010010001780040002000400060004000500170017800400030004000100040002000400020004000600040006000400050004000500", @ANYRES8=r0], 0xd8}, 0x1, 0x0, 0x0, 0x44095}, 0xc008185)
socket(0x2, 0xa, 0x300)
syz_emit_ethernet(0x2e, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c200000e0000000000008100000008004538001c00660000750290780a010102e0e8ff001500907864010102"], 0x0)
r6 = accept4(r4, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x881}, 0x0)
sendmmsg$alg(r6, &(0x7f00000010c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="18e907"], 0x18, 0x60040040}], 0x1, 0x40000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f00000002c0)={0x2, 0x2, 0x7, 0x3, 0x3})
syz_emit_ethernet(0x46, &(0x7f0000000380)=ANY=[], 0x0)

2.625013916s ago: executing program 4 (id=4000):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bbr', 0x3)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000840)="89000000120081ae08060cdc030003fe7f030006000000000001ffca1b1f0000000024c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00150c00014003080c00bdad446b31007a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947e", 0x75}, {&(0x7f0000000140)="11d6cb557c8496a2fe7a81f38210bfa9b70ee09c", 0x14}], 0x2}, 0x4000000)

2.32449267s ago: executing program 0 (id=4001):
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x1521, 0x0, [0xfff, 0xfffffffffffffffe, 0x6, 0x5, 0x10001], [0x1, 0x6, 0xc6, 0x74, 0x80, 0x3, 0x40, 0x9d0, 0x5, 0x7, 0x8001, 0x9, 0xa3, 0x4, 0x1, 0xc, 0xae, 0x1, 0x2, 0xa, 0x302, 0xb7, 0x6, 0x7ff, 0xe3, 0x8, 0xcb, 0xff, 0x0, 0x800, 0x8, 0x4497, 0x100000001, 0x3, 0x6ee, 0x1, 0x8000000000000001, 0x3, 0xa00, 0x3, 0x0, 0x3, 0x1000, 0xfffffffffffffff9, 0x1cc3, 0x3, 0x0, 0x9, 0x84, 0x100000001, 0x7ff, 0x6, 0x5, 0x4, 0x6, 0x8, 0x8, 0x200, 0x8, 0x1000, 0x100000001, 0xfff, 0x3ff, 0xa8e, 0x5, 0x5, 0x7e5c, 0x4, 0xee, 0x6, 0x95, 0xf3db, 0x40, 0xdb3a, 0xfffffffffffffffc, 0xd2, 0x6, 0x1000, 0x3, 0x2, 0xc, 0xffffffffffffffff, 0xe, 0x8000, 0x7f, 0x2, 0x9, 0x1000, 0x8, 0x6, 0x6, 0xffffffffffff0001, 0x100000000, 0x8, 0x1, 0x7fffffff, 0x2, 0x9, 0xc, 0x7, 0x80000001, 0x80000001, 0x6, 0x5, 0x6, 0x8001, 0x4, 0xffff, 0xfffffffffffffff7, 0x9, 0x5, 0xfffffffffffffff6, 0x4, 0x2, 0x5, 0x8, 0x5, 0x5, 0x0, 0x8000000000000001, 0x101]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000380)={0x5, 0x4, 0x3000, 0x1000, &(0x7f0000028000/0x1000)=nil, 0x8000000000000000, r2})
r3 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VIDIOC_G_EDID(r3, 0xc0285629, &(0x7f0000000680)={0x3, 0x0, 0xa12, '\x00', 0x0})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f00000aa000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, &(0x7f0000000080)=0x70000)
r7 = openat$binderfs(0xffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000c80)={0x30, 0x0, &(0x7f0000000340)=[@decrefs, @increfs={0x40046304, 0x3}, @enter_looper, @free_buffer, @request_death], 0x92, 0x0, &(0x7f0000000bc0)="9f03f53bca06fd6d917f9ad33a62be8a069c945d504e3f73ccc73781477634823735aad3dee6e15b8dc575cc23c076e92b0a03bf157c7208ae1ca312c45c3a0aaaeb0fa906584f3e04075c72a2c8f1c0f44ac5641c6aa063882adc50da4d76a9b58700ee891ec087a4b9f9653e6a883f0c1741406779f7b3182fb00642379c5363f73302b7ee91d76558696893e860865fa2"})
fstatfs(r6, &(0x7f0000000380)=""/47)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x1ff, 0x2, 0xdddd1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r5, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000040)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0], 0x0, 0x62, &(0x7f0000000240), 0x0, 0x10, &(0x7f0000000280), &(0x7f00000002c0), 0x8, 0xae, 0x8, 0x8, &(0x7f0000000300)}}, 0x10)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000600)=@x86={0x4, 0x8, 0xc, 0x0, 0x9, 0x10, 0x5, 0xd, 0xe, 0x3, 0x6, 0xd, 0x0, 0x2, 0x612, 0x3, 0x7, 0x71, 0x2, '\x00', 0x7, 0x6})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2.171067147s ago: executing program 4 (id=4002):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
open_tree(r0, &(0x7f0000000480)='./file0/../file0\x00', 0x1101)
r1 = open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)
quotactl_fd$Q_SYNC(r0, 0x80000300, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001080), 0x1a3000, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0xc, 0x0, 0x0, 0x0, "810000cc2b05e300000000fa25ffff00ffffff"})
r3 = syz_open_pts(r2, 0x141601)
socket$inet(0x2, 0x800, 0x5)
fcntl$setstatus(r1, 0x4, 0x0)
io_setup(0x4, &(0x7f0000000100)=<r4=>0x0)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_SET_DEBUG(r6, 0x227e, &(0x7f00000000c0))
write$P9_RREMOVE(r6, &(0x7f00000001c0)={0x7, 0x7b, 0x2}, 0x7)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk', 0x1, 0x0)
io_submit(r4, 0x1, &(0x7f0000000400)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x1000, r7, &(0x7f0000000300)="87992d800d80", 0x6, 0x401, 0x0, 0x0, r7}])
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x78, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2f}, @NFTA_SET_EXPRESSIONS={0x34, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}, {0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x800}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x106}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc0}}, 0x20050800)
write(r3, &(0x7f0000000000)="d5", 0xfffffedf)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x1b)
openat$adsp1(0xffffff9c, &(0x7f0000000180), 0x40240, 0x0)

1.828653472s ago: executing program 3 (id=4003):
r0 = syz_open_dev$radio(&(0x7f0000000200), 0x3, 0x2)
ioctl$VIDIOC_G_CTRL(r0, 0xc008561b, 0x0)

1.764077103s ago: executing program 1 (id=4004):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x45ffffb, 0x122c42)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x1, 0x1ffffe, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b38b000000000000000000070d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded147e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd2bf35239d2", "4f000000dd9d9ac2f63a7ad700", [0x5]}})
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb2361000000010902"], 0x0)
socket$igmp(0x2, 0x3, 0x2)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @multicast})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x307, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}}], {0x14}}, 0x70}}, 0x0)
write$tun(r2, &(0x7f0000000480)={@void, @void, @eth={@multicast, @random, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x2, 0x7, 0x5c, 0x68, 0x4000, 0x7, 0x1, 0x0, @rand_addr=0x64010101, @local}, @redirect={0x5, 0x3, 0x0, @broadcast, {0x10, 0x4, 0x0, 0x4, 0x6, 0x65, 0x1, 0x8, 0x2, 0xf, @loopback, @loopback, {[@generic={0x86, 0x5, "c80842"}, @ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x4, 0xf3, 0x3, 0x8}, @cipso={0x86, 0x1c, 0xfffffffffffffffe, [{0x0, 0x4, "0612"}, {0x7, 0xf, "c43e8c34f8ca4be4cdb6364607"}, {0x6, 0x3, '`'}]}]}}}}}}}}, 0x6e)
r6 = dup(r1)
read$FUSE(r6, &(0x7f0000003c40)={0x2020}, 0xffffff0a)
syz_usb_connect$midi(0x6, 0xb2, &(0x7f0000000100)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0xff, 0xe41, 0x3020, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa0, 0x1, 0x1, 0x2, 0x110, 0xe, "", {{{0x9, 0x4, 0x0, 0x0, 0x6, 0x1, 0x3, 0x0, 0x6, [@midi_in_jack={0x6, 0x24, 0x2, 0x0, 0x0, 0xc0}, @midi_out_jack={0xb, 0x24, 0x3, 0x1, 0x1, 0x2, [{0x4, 0x94}, {0xf8, 0x9}], 0x5}], [{{0x9, 0x5, 0x1, 0x3, 0x10, 0x3, 0x5, 0x10, {0x12, 0x25, 0x1, 0xe, "21113bfb5e1ad7afea5af0be472f"}}}, {{0x9, 0x5, 0x2, 0xc, 0x8, 0x5, 0x7, 0x6, {0x4}}}, {{0x9, 0x5, 0xd, 0x4, 0x200, 0x4c, 0xf2, 0x5, {0x4}}}, {{0x9, 0x5, 0xb, 0x3, 0x40, 0xec, 0x7, 0x6, {0x10, 0x25, 0x1, 0xc, "b72b83b1fc55c92bb9d5f52b"}}}, {{0x9, 0x5, 0x80, 0x8, 0x408, 0x10, 0x7, 0x3, {0x13, 0x25, 0x1, 0xf, "545280c577e780292b1dbf4d6e501e"}}}, {{0x9, 0x5, 0x0, 0x2, 0x20, 0x40, 0x7, 0xa, {0xa, 0x25, 0x1, 0x6, "4b11b0b50387"}}}]}}}}}]}}, &(0x7f0000000300)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x201, 0x4, 0x5, 0xf, 0x10, 0x6}, 0x29, &(0x7f0000000200)={0x5, 0xf, 0x29, 0x4, [@ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0x2, 0x82, 0x1, 0x5b, 0x8, 0x7f}, @wireless={0xb, 0x10, 0x1, 0xc, 0x4, 0x7, 0x42, 0x9, 0x80}, @wireless={0xb, 0x10, 0x1, 0x8, 0x88, 0x3, 0x7, 0x3, 0x5}]}, 0x1, [{0x9d, &(0x7f0000000240)=@string={0x9d, 0x3, "5bfb6c68c05d9123e4754758e5942189af97d64d2575f9bbb9ee4acc2a069cd2aa0ef8d51a5ecadb6cc5ce70be1e08a359f287357786211a8bffbf47e9a48c0a8be329ae756a0504b7701371118d70a78224c481fa2d9d6f1b9614f704e71aa31c4dca37b1e43002c9e4d3557d0d5e2321f66e6b5f9cf18e9a968197120b6d77a1aba43e65d40445151c0e89c0e0b8ecbee47f824d1e4835f4c122"}}]})

1.624342227s ago: executing program 3 (id=4005):
socket$can_bcm(0x1d, 0x2, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x82002)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, &(0x7f0000000480)={0xa, 0xfffe, 0x3, @mcast1, 0x5}, 0x1c)
r3 = dup2(r2, r2)
sendmmsg$unix(r3, &(0x7f0000008380), 0x400000000000174, 0x4008890)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000005600010000000000000000000700c6c9", @ANYRES32=r4, @ANYBLOB="200001"], 0x38}}, 0x0)
sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x20008041)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r5, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
r6 = socket$nl_route(0x10, 0x3, 0x0)
accept4$unix(r3, &(0x7f00000001c0)=@abs, 0x0, 0x800)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bond0\x00'})
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[], 0x68}}, 0x8004006)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$alg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@assoc={0x18, 0x117, 0x4, 0x8}], 0x18}, 0x0)
r7 = io_uring_setup(0x35a7, &(0x7f00000000c0)={0x0, 0x7f12, 0x3410, 0x3, 0xfefffffd})
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r7, 0x21, &(0x7f0000000340)={0x0, 0xebb9, 0x8, 0x3, 0xd5}, 0x1)
unshare(0x64000600)
socket$inet_udp(0x2, 0x2, 0x0)

1.605587761s ago: executing program 0 (id=4006):
socket$inet_udp(0x2, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
io_uring_setup(0x11d5, &(0x7f0000000040)={0x0, 0x2150, 0xc000, 0x3, 0xc2})
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x1e3002, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r3, 0x0)
move_pages(0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x50})
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
sendmsg$IPSET_CMD_SAVE(r5, 0x0, 0x8000)
r7 = socket(0x10, 0x3, 0x0)
sendto$inet6(r7, &(0x7f0000000140)="7800000018002507b9409b14ffff00000204be04020506050e020409430009003f000c00100000000d0085a168d0bf46d32345653600648d0a00120002000a0000005ade4a460c89b6ec0cff3959547f509058ba86c902000000004a3200040016000500020000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0)
r8 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r8, 0x0)
ioctl$BLKZEROOUT(r8, 0x127f, &(0x7f00000000c0)={0x4000, 0x80600})
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r8)
sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x50, r9, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @remote}, 0x9}}, {0x14, 0x2, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES8=r0], 0x50)

1.509397696s ago: executing program 2 (id=4007):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x202, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="5000000002060108000034e4000000000000000805000400000000000900020073797a3100000000050005000200000016000300686173683a6e65742c706f72742c6e65740000000500010007"], 0x50}, 0x1, 0x0, 0x0, 0x20044000}, 0x8042)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x68, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x43}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x40, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e24}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x8}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xac1e0100}}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_IP2_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x20004000}, 0x80)
r4 = eventfd2(0x4001, 0x800)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000001700)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000016c0)={&(0x7f0000000480)={0x14, 0x2a, 0x19, 0x70bd25, 0x25dfdbff, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
r6 = eventfd2(0xae9, 0x801)
prctl$PR_SET_IO_FLUSHER(0x39, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_LINK_CREATE(0x8, 0x0, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x8, 0x2, r6})
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0x18, &(0x7f0000000400)=@req3={0xc, 0x47, 0x8004, 0x4, 0x3, 0xfffffffe, 0xfffe0}, 0x1c)
recvmmsg(r7, &(0x7f0000002cc0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000028c0)=""/12, 0xc}, {0x0}], 0x2}, 0x13}], 0x1, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000003c0)={[0xcb, 0xeac, 0x2000000000004, 0x8000000000000000, 0x2, 0xfff, 0x80000ef, 0x80000200, 0x100, 0x8b, 0x2, 0xf, 0xfffffffffffffffe, 0x5, 0x3, 0xbe3], 0x2000, 0x67a64fa265d6ee17})
r9 = socket$netlink(0x10, 0x3, 0x4)
write(r9, &(0x7f0000000040)="2700000014000707030e0000120f0a0011600100f5fe009d2fb112ff000000008a151f75080039", 0x27)
r10 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/rcu_stall_count', 0x0, 0x103)
unshare(0x8040480)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB="0600000004000000420000000900000000000000", @ANYRES32, @ANYBLOB="04cb000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r11}, 0x0, 0x0}, 0x1c)
read$watch_queue(r10, &(0x7f0000000dc0)=""/69, 0x45)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

1.389354253s ago: executing program 4 (id=4008):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000440)={{0xfffe, 0x5, 0x2, 0x5}, 'syz1\x00', 0x53})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="04000000090000000200000000000000000000000000d7d8d0000000000000364fe25b900e8cb4d45632db091db7fd1b8c715752c19aaf56450d3fa8c81a372b707f5899715b1b2cf7078a638584f28de72bc5875de3ff67b67b923dd03a0f02018bc7fd37b2bfd6e5a30c5a8d2dd3d6cafd67c28f9f5dcfcdcd7047a7a69baaf81e15c3c2dc6c40c502d314a9eebc0aa6591f0cd6a9e7308ecef0d782826e90c66b8ae19f25800ce09fb7c2c5a0575b1e8bb4fad51a6978d19484b1227b341523"], 0x50)
add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, &(0x7f0000000040)="42d7", 0xfffff, 0xfffffffffffffffe)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f00000000c0)={0x48, 0x5, 0x0, 0x0, <r2=>0xffffffffffffffff})
r3 = syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0x4800)
ioctl$XFS_IOC_PATH_TO_HANDLE(r2, 0xc01c5869, &(0x7f0000000280)={r3, &(0x7f0000000180)='t:\x00', 0x204400, &(0x7f00000001c0)={@align=0x9, {0x1, 0x6, 0x8, 0x4}}, 0x9, &(0x7f0000000200), &(0x7f0000000240)=0x4f6})
write$UHID_INPUT(r1, &(0x7f0000001640)={0xfc, {"fce3ad0eed0d07f91b50091887f70706d0f0e7ff7fc6e5539b0d3d0a8b089b3f383163030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b5b3107200773090acd3b78130daa61d8e8040040005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a91e0dad47f36fd9f73c152a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e1c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df11847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e30400f7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddba02635478d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f79400000000ddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df04b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e785419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd502ac8044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88e4facfd4c735a20307c737afa2d60399473296b831dbd933d93990f00064279b10ea0c5833f41f157ea2302993dbe97fb1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea10c00a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeee964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e42df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed62480ec43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e069160f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df076f0ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f87296ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef869c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1066)

1.148345009s ago: executing program 2 (id=4009):
ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f0000000040))
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={r2, <r3=>0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000640)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000080)=[r5, r5], 0x2, r3, r4, 0x3, 0x0, 0xffffffff, 0x804, {0xac7c, 0x1, 0x3, 0x67, 0xf4b, 0x1, 0x2, 0x5, 0x412f, 0xc154, 0x1000, 0x7f, 0x6, 0xffffffff, "fe1d00003413000000000020b42717e47f00"}})

0s ago: executing program 1 (id=4010):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0)={0xfffc}, 0x8)
sendto$inet6(r0, &(0x7f0000000580)="81", 0x1, 0xc001, &(0x7f0000000280)={0xa, 0x0, 0x0, @loopback, 0x81}, 0x1c)
r1 = openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000440)={{0x0, 0x5, 0x0, 0x25}, 'syz0\x00', 0x53})
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81e8943c, &(0x7f0000000240)={0x0, ""/256, <r3=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f00000004c0)={r3, 0x8000})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f00000005c0)={{r3, 0xfffffffffffffff4, 0x9, 0x7f, 0x4, 0x8000, 0xd88, 0x64, 0x10001, 0x5, 0x6, 0x6, 0x2, 0x8}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffff9})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_buf(r0, 0x84, 0x2a, 0x0, 0x0)

kernel console output (not intermixed with test programs):

own main item tag 0x0
[ 1095.634161][T19114] random: crng reseeded on system resumption
[ 1095.641771][T15989] hid-generic 0002:0004:0009.0032: unknown main item tag 0x0
[ 1095.680493][T15989] hid-generic 0002:0004:0009.0032: unknown main item tag 0x0
[ 1095.702892][T15989] hid-generic 0002:0004:0009.0032: unknown main item tag 0x0
[ 1095.744043][T15989] hid-generic 0002:0004:0009.0032: unknown main item tag 0x0
[ 1095.800181][T15989] hid-generic 0002:0004:0009.0032: unknown main item tag 0x0
[ 1095.834426][T15989] hid-generic 0002:0004:0009.0032: unknown main item tag 0x0
[ 1095.891563][T15989] hid-generic 0002:0004:0009.0032: hidraw0: <UNKNOWN> HID v0.04 Device [syz0] on syz0
[ 1095.993660][T19121] fuse: Bad value for 'rootmode'
[ 1096.784500][T19128] netlink: 'syz.4.3670': attribute type 1 has an invalid length.
[ 1097.309624][T19140] FAULT_INJECTION: forcing a failure.
[ 1097.309624][T19140] name failslab, interval 1, probability 0, space 0, times 0
[ 1097.336153][T19140] CPU: 1 UID: 0 PID: 19140 Comm: syz.1.3674 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1097.336199][T19140] Tainted: [L]=SOFTLOCKUP
[ 1097.336209][T19140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1097.336224][T19140] Call Trace:
[ 1097.336235][T19140]  <TASK>
[ 1097.336245][T19140]  dump_stack_lvl+0xe8/0x150
[ 1097.336291][T19140]  should_fail_ex+0x412/0x560
[ 1097.336333][T19140]  should_failslab+0xa8/0x100
[ 1097.336369][T19140]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1097.336402][T19140]  ? __alloc_skb+0x1d0/0x7d0
[ 1097.336428][T19140]  ? __local_bh_enable_ip+0xd0/0x130
[ 1097.336471][T19140]  __alloc_skb+0x1d0/0x7d0
[ 1097.336506][T19140]  netlink_dump+0x1d8/0xe10
[ 1097.336533][T19140]  ? __nla_parse+0x40/0x60
[ 1097.336565][T19140]  ? ip_set_dump_start+0x2ed/0x430
[ 1097.336594][T19140]  ? __pfx_netlink_dump+0x10/0x10
[ 1097.336637][T19140]  ? netlink_lookup+0x30/0x200
[ 1097.336664][T19140]  ? netlink_lookup+0x30/0x200
[ 1097.336688][T19140]  ? netlink_lookup+0x30/0x200
[ 1097.336730][T19140]  __netlink_dump_start+0x5cb/0x7e0
[ 1097.336769][T19140]  ip_set_dump+0x15b/0x1f0
[ 1097.336806][T19140]  ? __pfx_ip_set_dump+0x10/0x10
[ 1097.336842][T19140]  ? __pfx_ip_set_dump_start+0x10/0x10
[ 1097.336865][T19140]  ? __pfx_ip_set_dump_do+0x10/0x10
[ 1097.336887][T19140]  ? __pfx_ip_set_dump_done+0x10/0x10
[ 1097.336929][T19140]  nfnetlink_rcv_msg+0xc03/0x12c0
[ 1097.336955][T19140]  ? unwind_get_return_address+0x4d/0x90
[ 1097.336982][T19140]  ? nfnetlink_rcv_msg+0x22a/0x12c0
[ 1097.337031][T19140]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1097.337118][T19140]  netlink_rcv_skb+0x232/0x4b0
[ 1097.337147][T19140]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1097.337176][T19140]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1097.337219][T19140]  ? bpf_lsm_capable+0x9/0x20
[ 1097.337252][T19140]  ? security_capable+0x7e/0x2c0
[ 1097.337296][T19140]  nfnetlink_rcv+0x2c0/0x27b0
[ 1097.337334][T19140]  ? __local_bh_enable_ip+0xd0/0x130
[ 1097.337371][T19140]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1097.337417][T19140]  ? __dev_queue_xmit+0x2b6/0x3950
[ 1097.337445][T19140]  ? __local_bh_enable_ip+0xd0/0x130
[ 1097.337476][T19140]  ? __dev_queue_xmit+0x2b6/0x3950
[ 1097.337505][T19140]  ? __dev_queue_xmit+0x1fe5/0x3950
[ 1097.337534][T19140]  ? __sys_sendmsg+0x183/0x260
[ 1097.337571][T19140]  ? __dev_queue_xmit+0x2b6/0x3950
[ 1097.337607][T19140]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1097.337638][T19140]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1097.337677][T19140]  ? ref_tracker_free+0x693/0x840
[ 1097.337720][T19140]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1097.337773][T19140]  ? skb_clone+0x246/0x3a0
[ 1097.337806][T19140]  ? __netlink_deliver_tap+0x807/0x850
[ 1097.337832][T19140]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1097.337866][T19140]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1097.337892][T19140]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1097.337924][T19140]  netlink_unicast+0x75c/0x8e0
[ 1097.337958][T19140]  netlink_sendmsg+0x813/0xb40
[ 1097.337994][T19140]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1097.338028][T19140]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1097.338053][T19140]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1097.338074][T19140]  ____sys_sendmsg+0x972/0x9f0
[ 1097.338101][T19140]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1097.338127][T19140]  ? kstrtoull+0x12f/0x1d0
[ 1097.338155][T19140]  ___sys_sendmsg+0x2a5/0x360
[ 1097.338176][T19140]  ? __lock_acquire+0x6b5/0x2cf0
[ 1097.338203][T19140]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1097.338225][T19140]  ? get_pid_task+0x20/0x1f0
[ 1097.338242][T19140]  ? get_pid_task+0x20/0x1f0
[ 1097.338257][T19140]  ? get_pid_task+0x20/0x1f0
[ 1097.338294][T19140]  ? __fget_files+0x2a/0x420
[ 1097.338309][T19140]  ? __fget_files+0x3a0/0x420
[ 1097.338332][T19140]  __sys_sendmsg+0x183/0x260
[ 1097.338354][T19140]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1097.338391][T19140]  __do_fast_syscall_32+0x229/0x6e0
[ 1097.338407][T19140]  ? do_fast_syscall_32+0x33/0x70
[ 1097.338421][T19140]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1097.338444][T19140]  ? asm_int80_emulation+0x1a/0x20
[ 1097.338460][T19140]  ? do_int80_emulation+0x286/0x530
[ 1097.338480][T19140]  do_fast_syscall_32+0x33/0x70
[ 1097.338496][T19140]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1097.338516][T19140] RIP: 0023:0xf705f01c
[ 1097.338531][T19140] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1097.338545][T19140] RSP: 002b:00000000f544d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1097.338563][T19140] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000140
[ 1097.338575][T19140] RDX: 0000000000048810 RSI: 0000000000000000 RDI: 0000000000000000
[ 1097.338586][T19140] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1097.338596][T19140] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1097.338606][T19140] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1097.338628][T19140]  </TASK>
[ 1098.067219][ T5899] rc_core: IR keymap rc-hauppauge not found
[ 1098.083267][ T5899] Registered IR keymap rc-empty
[ 1098.109801][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.138910][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.177769][ T5899] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[ 1098.228329][ T5899] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input79
[ 1098.268659][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.308929][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.342530][T19155] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3679'.
[ 1098.359174][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.387393][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.416899][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.447126][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.455746][T17125] usb 1-1: new high-speed USB device number 121 using dummy_hcd
[ 1098.477574][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.499240][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.536567][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.569932][ T5899] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1098.598601][T17125] usb 1-1: device descriptor read/64, error -71
[ 1098.609603][ T5899] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[ 1098.635393][ T5899] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1098.661557][ T5899] usb 3-1: USB disconnect, device number 10
[ 1098.827738][T19167] fuse: Bad value for 'rootmode'
[ 1098.855810][T17125] usb 1-1: new high-speed USB device number 122 using dummy_hcd
[ 1098.942163][  T992] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 1099.006322][T17125] usb 1-1: device descriptor read/64, error -71
[ 1099.105877][  T992] usb 2-1: Using ep0 maxpacket: 16
[ 1099.113265][  T992] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1099.125492][  T992] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1099.132693][T17125] usb usb1-port1: attempt power cycle
[ 1099.139908][  T992] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[ 1099.150241][  T992] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1099.162605][  T992] usb 2-1: config 0 descriptor??
[ 1099.495940][T17125] usb 1-1: new high-speed USB device number 123 using dummy_hcd
[ 1099.526667][T17125] usb 1-1: device descriptor read/8, error -71
[ 1099.597906][  T992] nzxt-smart2 0003:1E71:2009.0033: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[ 1099.776036][T17125] usb 1-1: new high-speed USB device number 124 using dummy_hcd
[ 1099.811823][T17125] usb 1-1: device descriptor read/8, error -71
[ 1099.946914][T17125] usb usb1-port1: unable to enumerate USB device
[ 1099.964506][   T30] audit: type=1326 audit(1776682218.572:2249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19180 comm="syz.2.3687" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fef01c code=0x7ffc0000
[ 1099.998616][T19185] netlink: 'syz.3.3685': attribute type 1 has an invalid length.
[ 1100.141395][  T992] usb 2-1: USB disconnect, device number 28
[ 1100.388096][   T30] audit: type=1326 audit(1776682219.002:2250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.1.3689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1100.421664][   T30] audit: type=1326 audit(1776682219.002:2251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.1.3689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1100.481788][   T30] audit: type=1326 audit(1776682219.012:2252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.1.3689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=434 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1100.533333][T19195] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3691'.
[ 1100.544924][   T30] audit: type=1326 audit(1776682219.042:2253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.1.3689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1100.608925][   T30] audit: type=1326 audit(1776682219.042:2254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.1.3689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1100.681975][   T30] audit: type=1326 audit(1776682219.042:2255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.1.3689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7195cab code=0x7ffc0000
[ 1100.735202][   T30] audit: type=1326 audit(1776682219.072:2256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.1.3689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1100.792455][   T30] audit: type=1326 audit(1776682219.072:2257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.1.3689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1100.866386][ T5961] usb 5-1: dvb_usb_v2: Did not find the firmware file 'dvb-usb-ec168.fw' (status -2). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[ 1100.879288][   T30] audit: type=1326 audit(1776682219.072:2258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19191 comm="syz.1.3689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1100.997716][ T5961] dvb_usb_ec168 5-1:0.1: probe with driver dvb_usb_ec168 failed with error -2
[ 1101.013631][T12424] usb 4-1: dvb_usb_v2: Did not find the firmware file 'dvb-usb-ec168.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[ 1101.062914][ T5961] usb 5-1: USB disconnect, device number 115
[ 1101.084133][T12424] dvb_usb_ec168 4-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[ 1101.158619][T12424] usb 4-1: USB disconnect, device number 127
[ 1101.378215][T19207] fuse: Bad value for 'rootmode'
[ 1101.626043][ T5961] usb 5-1: new high-speed USB device number 116 using dummy_hcd
[ 1101.662753][T19212] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3698'.
[ 1101.677281][T19212] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3698'.
[ 1101.797527][ T5961] usb 5-1: Using ep0 maxpacket: 8
[ 1101.811033][ T5961] usb 5-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40
[ 1101.826027][ T5961] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1101.834749][ T5961] usb 5-1: Product: syz
[ 1101.839922][ T5961] usb 5-1: Manufacturer: syz
[ 1101.845138][ T5961] usb 5-1: SerialNumber: syz
[ 1102.152104][ T5961] usb 5-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[ 1102.171394][ T5961] usb 5-1: clock source 0 is not valid, cannot use
[ 1102.185513][ T5961] usb 5-1: 1:1: cannot get freq (v2/v3): err -71
[ 1102.199078][ T5961] usb 5-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[ 1102.219657][ T5961] usb 5-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[ 1102.245018][ T5961] usb 5-1: clock source 0 is not valid, cannot use
[ 1102.261045][ T5961] usb 5-1: 2:1: cannot get freq (v2/v3): err -71
[ 1102.275564][ T5961] usb 5-1: uac_clock_source_is_valid(): cannot get clock validity for id 0
[ 1102.464267][ T5961] usb 5-1: USB disconnect, device number 116
[ 1102.565211][T17972] udevd[17972]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1102.587244][T19221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3702'.
[ 1103.040898][T19233] FAULT_INJECTION: forcing a failure.
[ 1103.040898][T19233] name failslab, interval 1, probability 0, space 0, times 0
[ 1103.056482][T19233] CPU: 1 UID: 0 PID: 19233 Comm: syz.1.3706 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1103.056518][T19233] Tainted: [L]=SOFTLOCKUP
[ 1103.056527][T19233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1103.056541][T19233] Call Trace:
[ 1103.056550][T19233]  <TASK>
[ 1103.056560][T19233]  dump_stack_lvl+0xe8/0x150
[ 1103.056601][T19233]  should_fail_ex+0x412/0x560
[ 1103.056644][T19233]  should_failslab+0xa8/0x100
[ 1103.056683][T19233]  __kmalloc_cache_noprof+0x88/0x660
[ 1103.056712][T19233]  ? nfnetlink_rcv+0xfdf/0x27b0
[ 1103.056742][T19233]  nfnetlink_rcv+0xfdf/0x27b0
[ 1103.056802][T19233]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1103.056844][T19233]  ? ref_tracker_free+0x693/0x840
[ 1103.056907][T19233]  ? __netlink_deliver_tap+0x807/0x850
[ 1103.056942][T19233]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1103.056967][T19233]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1103.056997][T19233]  netlink_unicast+0x75c/0x8e0
[ 1103.057029][T19233]  netlink_sendmsg+0x813/0xb40
[ 1103.057060][T19233]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1103.057090][T19233]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1103.057123][T19233]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1103.057150][T19233]  ____sys_sendmsg+0x972/0x9f0
[ 1103.057184][T19233]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1103.057215][T19233]  ? kstrtoull+0x12f/0x1d0
[ 1103.057248][T19233]  ___sys_sendmsg+0x2a5/0x360
[ 1103.057271][T19233]  ? __lock_acquire+0x6b5/0x2cf0
[ 1103.057304][T19233]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1103.057339][T19233]  ? get_pid_task+0x20/0x1f0
[ 1103.057360][T19233]  ? get_pid_task+0x20/0x1f0
[ 1103.057378][T19233]  ? get_pid_task+0x20/0x1f0
[ 1103.057423][T19233]  ? __fget_files+0x2a/0x420
[ 1103.057442][T19233]  ? __fget_files+0x3a0/0x420
[ 1103.057471][T19233]  __sys_sendmsg+0x183/0x260
[ 1103.057498][T19233]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1103.057544][T19233]  __do_fast_syscall_32+0x229/0x6e0
[ 1103.057564][T19233]  ? do_fast_syscall_32+0x33/0x70
[ 1103.057582][T19233]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1103.057610][T19233]  ? asm_int80_emulation+0x1a/0x20
[ 1103.057629][T19233]  ? do_int80_emulation+0x286/0x530
[ 1103.057647][T19233]  ? trace_irq_disable+0x3b/0x140
[ 1103.057675][T19233]  do_fast_syscall_32+0x33/0x70
[ 1103.057695][T19233]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1103.057719][T19233] RIP: 0023:0xf705f01c
[ 1103.057758][T19233] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1103.057775][T19233] RSP: 002b:00000000f544d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1103.057797][T19233] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[ 1103.057811][T19233] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1103.057822][T19233] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1103.057833][T19233] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1103.057845][T19233] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1103.057873][T19233]  </TASK>
[ 1103.618754][T19244] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3709'.
[ 1103.630610][T19244] netlink: 'syz.1.3709': attribute type 11 has an invalid length.
[ 1103.647037][T11209] usb 5-1: new high-speed USB device number 117 using dummy_hcd
[ 1103.807577][T11209] usb 5-1: Using ep0 maxpacket: 16
[ 1103.814883][T11209] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1103.854062][T11209] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[ 1103.894393][T11209] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1103.927235][T11209] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[ 1103.962325][T11209] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1103.980600][T19250] fuse: Unknown parameter 'use00000000000000000000'
[ 1104.007923][T11209] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[ 1104.021651][T11209] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1104.061428][T11209] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[ 1104.074320][T11209] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1104.085716][ T5961] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[ 1104.123163][T11209] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[ 1104.163348][T19229] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3705'.
[ 1104.189576][T11209] usb 5-1: string descriptor 0 read error: -71
[ 1104.201090][T11209] usb 5-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice=e2.32
[ 1104.215432][T11209] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1104.232437][T11209] usb 5-1: rejected 5 configurations due to insufficient available bus power
[ 1104.247818][ T5961] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1104.273224][T11209] usb 5-1: no configuration chosen from 5 choices
[ 1104.276203][ T5961] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1104.298915][T11209] usb 5-1: USB disconnect, device number 117
[ 1104.313632][ T5961] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1104.339003][ T5961] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1104.353353][ T5961] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1104.363462][ T5961] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1104.378620][ T5961] usb 1-1: config 0 descriptor??
[ 1104.873684][ T5961] plantronics 0003:047F:FFFF.0034: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 1104.882201][T19256] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3714'.
[ 1105.033939][T15981] bond0: (slave bond_slave_0): interface is now down
[ 1105.066002][T15981] bond0: (slave bond_slave_1): interface is now down
[ 1105.097817][T19260] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3716'.
[ 1105.141377][T15981] bond0: now running without any active interface!
[ 1105.415825][ T5961] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[ 1105.575837][ T5961] usb 2-1: Using ep0 maxpacket: 32
[ 1105.608910][ T5961] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[ 1105.635433][ T5961] usb 2-1: config 0 has no interface number 0
[ 1105.670863][ T5961] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1105.692457][ T5961] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1105.715609][ T5961] usb 2-1: Product: syz
[ 1105.729524][ T5961] usb 2-1: Manufacturer: syz
[ 1105.743850][ T5961] usb 2-1: SerialNumber: syz
[ 1105.758510][T15989] usb 1-1: USB disconnect, device number 125
[ 1105.801725][ T5961] usb 2-1: config 0 descriptor??
[ 1105.811583][T19277] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3718'.
[ 1105.888639][T19274] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3718'.
[ 1105.889402][ T5961] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1106.189945][ T5961] usb 2-1: qt2_attach - failed to power on unit: -71
[ 1106.203445][ T5961] quatech2 2-1:0.51: probe with driver quatech2 failed with error -71
[ 1106.249306][ T5961] usb 2-1: USB disconnect, device number 29
[ 1106.881887][T19302] fuse: Unknown parameter 'use00000000000000000000'
[ 1107.205236][T19312] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3728'.
[ 1107.312194][T19313] netlink: 'syz.1.3727': attribute type 1 has an invalid length.
[ 1108.219538][T19321] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1108.245070][T19321] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1108.500930][T19340] binder: 19339:19340 ioctl 40046210 0 returned -14
[ 1109.216712][T19346] fuse: Invalid uid '00000000000000000006'
[ 1109.327869][T19356] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1109.501179][T19362] fuse: Unknown parameter 'use00000000000000000000'
[ 1109.727957][T11209] usb 1-1: new full-speed USB device number 126 using dummy_hcd
[ 1109.796787][T15989] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[ 1109.898654][T11209] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[ 1109.919262][T11209] usb 1-1: config 0 has no interface number 0
[ 1109.940653][T11209] usb 1-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[ 1109.976836][T11209] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1109.993702][T15989] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 39, changing to 4
[ 1110.021412][T11209] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1110.033656][T15989] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[ 1110.063285][T11209] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1110.074781][T15989] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1110.086751][T11209] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1110.098297][T11209] usb 1-1: Product: syz
[ 1110.103483][T11209] usb 1-1: SerialNumber: syz
[ 1110.118754][T15989] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1110.140837][T15989] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1110.158728][T11209] usb 1-1: config 0 descriptor??
[ 1110.180147][T15989] usb 4-1: Product: syz
[ 1110.189443][T11209] cm109 1-1:0.8: invalid payload size 0, expected 4
[ 1110.204011][T15989] usb 4-1: Manufacturer: syz
[ 1110.214599][T15989] usb 4-1: SerialNumber: syz
[ 1110.222278][T11209] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input81
[ 1110.242253][T15989] usb 4-1: config 0 descriptor??
[ 1110.272144][T15989] usb 4-1: selecting invalid altsetting 0
[ 1110.898759][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1110.912022][ T5961] usb 1-1: USB disconnect, device number 126
[ 1110.913144][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1110.925940][    C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[ 1110.972495][T19350] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1111.005158][ T5961] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 1111.079124][T19350] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1111.153856][T15989] usb 4-1: USB disconnect, device number 2
[ 1111.448139][ T5899] usb 1-1: new high-speed USB device number 127 using dummy_hcd
[ 1111.627147][ T5899] usb 1-1: Using ep0 maxpacket: 8
[ 1111.729237][ T5899] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1111.741594][ T5899] usb 1-1: unable to read config index 0 descriptor/start: -71
[ 1111.750860][ T5899] usb 1-1: can't read configurations, error -71
[ 1112.764244][T19413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1112.813516][T19413] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1112.827037][T15989] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 1112.996816][T15989] usb 4-1: Using ep0 maxpacket: 8
[ 1113.013403][T15989] usb 4-1: config 0 has an invalid interface number: 6 but max is 2
[ 1113.027761][T15989] usb 4-1: config 0 has an invalid interface number: 176 but max is 2
[ 1113.038158][T15989] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1113.052138][T15989] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 3
[ 1113.057779][  T992] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[ 1113.072085][T15989] usb 4-1: config 0 has no interface number 0
[ 1113.080817][T15989] usb 4-1: config 0 has no interface number 1
[ 1113.104827][T15989] usb 4-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[ 1113.119944][T19421] FAULT_INJECTION: forcing a failure.
[ 1113.119944][T19421] name failslab, interval 1, probability 0, space 0, times 0
[ 1113.135116][T19421] CPU: 1 UID: 0 PID: 19421 Comm: syz.4.3762 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1113.135152][T19421] Tainted: [L]=SOFTLOCKUP
[ 1113.135161][T19421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1113.135176][T19421] Call Trace:
[ 1113.135186][T19421]  <TASK>
[ 1113.135196][T19421]  dump_stack_lvl+0xe8/0x150
[ 1113.135241][T19421]  should_fail_ex+0x412/0x560
[ 1113.135280][T19421]  should_failslab+0xa8/0x100
[ 1113.135313][T19421]  __kmalloc_noprof+0xe8/0x760
[ 1113.135340][T19421]  ? tomoyo_encode+0x28b/0x550
[ 1113.135367][T19421]  tomoyo_encode+0x28b/0x550
[ 1113.135394][T19421]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1113.135434][T19421]  ? tomoyo_path_number_perm+0x219/0x630
[ 1113.135463][T19421]  tomoyo_path_number_perm+0x246/0x630
[ 1113.135496][T19421]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1113.135526][T19421]  ? __lock_acquire+0x6b5/0x2cf0
[ 1113.135597][T19421]  ? __fget_files+0x2a/0x420
[ 1113.135623][T19421]  ? __fget_files+0x3a0/0x420
[ 1113.135642][T19421]  ? __fget_files+0x2a/0x420
[ 1113.135667][T19421]  security_file_ioctl_compat+0xc3/0x2a0
[ 1113.135699][T19421]  __ia32_compat_sys_ioctl+0x139/0x950
[ 1113.135733][T19421]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 1113.135767][T19421]  ? __fget_files+0x3a0/0x420
[ 1113.135797][T19421]  ? fput+0xa0/0xd0
[ 1113.135817][T19421]  ? ksys_write+0x242/0x270
[ 1113.135857][T19421]  __do_fast_syscall_32+0x229/0x6e0
[ 1113.135880][T19421]  ? do_fast_syscall_32+0x33/0x70
[ 1113.135900][T19421]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1113.135932][T19421]  ? asm_int80_emulation+0x1a/0x20
[ 1113.135952][T19421]  ? do_int80_emulation+0x286/0x530
[ 1113.135973][T19421]  ? trace_irq_disable+0x3b/0x140
[ 1113.136005][T19421]  do_fast_syscall_32+0x33/0x70
[ 1113.136027][T19421]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1113.136054][T19421] RIP: 0023:0xf7f5801c
[ 1113.136074][T19421] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1113.136093][T19421] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 1113.136116][T19421] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080045530
[ 1113.136132][T19421] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1113.136146][T19421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1113.136158][T19421] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1113.136173][T19421] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1113.136205][T19421]  </TASK>
[ 1113.398414][T15989] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1113.412465][T19421] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1113.439639][T19423] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3763'.
[ 1113.457411][T15989] usb 4-1: config 0 descriptor??
[ 1113.464454][T19423] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3763'.
[ 1113.479162][T15989] usb 4-1: unknown number of interfaces: 2
[ 1113.511635][T19423] trusted_key: encrypted_key: insufficient parameters specified
[ 1113.516457][  T992] usb 3-1: device descriptor read/64, error -71
[ 1113.692549][T15989] usb 4-1: USB disconnect, device number 3
[ 1113.765819][  T992] usb 3-1: new full-speed USB device number 12 using dummy_hcd
[ 1113.845805][ T5907] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1113.896119][  T992] usb 3-1: device descriptor read/64, error -71
[ 1114.003072][ T5907] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1114.013116][  T992] usb usb3-port1: attempt power cycle
[ 1114.018728][ T5907] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1114.031329][ T5907] usb 1-1: config 0 descriptor??
[ 1114.041190][ T5907] cp210x 1-1:0.0: cp210x converter detected
[ 1114.250650][ T5907] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -121
[ 1114.259527][ T5907] cp210x 1-1:0.0: querying part number failed
[ 1114.278773][ T5907] usb 1-1: cp210x converter now attached to ttyUSB0
[ 1114.395878][  T992] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[ 1114.430676][  T992] usb 3-1: device descriptor read/8, error -71
[ 1114.675844][  T992] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[ 1114.717792][  T992] usb 3-1: device descriptor read/8, error -71
[ 1114.853071][  T992] usb usb3-port1: unable to enumerate USB device
[ 1114.918501][T19450] fuse: Bad value for 'rootmode'
[ 1115.012255][  T992] usb 1-1: USB disconnect, device number 3
[ 1115.044201][  T992] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1115.079844][  T992] cp210x 1-1:0.0: device disconnected
[ 1115.645792][T19470] vivid-000: disconnect
[ 1115.715203][T19470] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1115.890880][T19473] netlink: 'syz.4.3779': attribute type 1 has an invalid length.
[ 1116.045922][  T992] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1116.214525][T19478] bond4: entered promiscuous mode
[ 1116.222364][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.236890][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.348356][T19480] vcan0: entered promiscuous mode
[ 1116.390494][T19480] vcan0: entered allmulticast mode
[ 1116.401321][  T992] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice= 0.40
[ 1116.412829][T19480] bond4: (slave vcan0): The slave device specified does not support setting the MAC address
[ 1116.433152][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1116.433175][   T30] audit: type=1326 audit(1776682235.012:2276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19477 comm="syz.3.3781" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb601c code=0x0
[ 1116.462503][  T992] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1116.483007][T19480] bond4: (slave vcan0): Error -95 calling set_mac_address
[ 1116.532642][  T992] usb 1-1: Product: syz
[ 1116.550719][  T992] usb 1-1: Manufacturer: syz
[ 1116.570779][  T992] usb 1-1: SerialNumber: syz
[ 1116.759224][T19480] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3781'.
[ 1116.896418][T15989] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[ 1117.057006][T15989] usb 2-1: Using ep0 maxpacket: 16
[ 1117.081444][T15989] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1117.114984][T15989] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1117.161604][T15989] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1117.220446][T15989] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1117.258236][T15989] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1117.307105][T15989] usb 2-1: Product: syz
[ 1117.320595][T15989] usb 2-1: Manufacturer: syz
[ 1117.350095][T15989] usb 2-1: SerialNumber: syz
[ 1117.445393][T15989] usb 2-1: 0:2 : does not exist
[ 1117.666115][T11209] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1117.870653][T11209] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1117.901439][T11209] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1117.938920][T11209] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1117.991464][T11209] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1118.103146][T11209] usb 4-1: config 0 descriptor??
[ 1118.479222][T15989] usb 2-1: USB disconnect, device number 30
[ 1118.540151][T19470] vivid-000: reconnect
[ 1118.549826][  T992] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -71
[ 1118.663146][  T992] usb 1-1: USB disconnect, device number 4
[ 1118.719697][T17968] udevd[17968]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1118.801533][T11209] hid-led 0003:27B8:01ED.0035: probe with driver hid-led failed with error -71
[ 1118.867305][T11209] usb 4-1: USB disconnect, device number 4
[ 1118.961854][T19502] FAULT_INJECTION: forcing a failure.
[ 1118.961854][T19502] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1119.004263][T19502] CPU: 1 UID: 0 PID: 19502 Comm: syz.2.3787 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1119.004300][T19502] Tainted: [L]=SOFTLOCKUP
[ 1119.004309][T19502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1119.004322][T19502] Call Trace:
[ 1119.004331][T19502]  <TASK>
[ 1119.004341][T19502]  dump_stack_lvl+0xe8/0x150
[ 1119.004380][T19502]  should_fail_ex+0x412/0x560
[ 1119.004417][T19502]  _copy_from_iter+0x1d3/0x1670
[ 1119.004452][T19502]  ? rcu_is_watching+0x15/0xb0
[ 1119.004480][T19502]  ? __pfx__copy_from_iter+0x10/0x10
[ 1119.004522][T19502]  ? netlink_sendmsg+0x650/0xb40
[ 1119.004548][T19502]  ? skb_put+0x11b/0x210
[ 1119.004578][T19502]  netlink_sendmsg+0x6c0/0xb40
[ 1119.004615][T19502]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1119.004645][T19502]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1119.004690][T19502]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1119.004720][T19502]  ____sys_sendmsg+0x972/0x9f0
[ 1119.004759][T19502]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1119.004793][T19502]  ? kstrtoull+0x12f/0x1d0
[ 1119.004830][T19502]  ___sys_sendmsg+0x2a5/0x360
[ 1119.004856][T19502]  ? __lock_acquire+0x6b5/0x2cf0
[ 1119.004894][T19502]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1119.004924][T19502]  ? get_pid_task+0x20/0x1f0
[ 1119.004947][T19502]  ? get_pid_task+0x20/0x1f0
[ 1119.004969][T19502]  ? get_pid_task+0x20/0x1f0
[ 1119.005019][T19502]  ? __fget_files+0x2a/0x420
[ 1119.005041][T19502]  ? __fget_files+0x3a0/0x420
[ 1119.005072][T19502]  __sys_sendmsg+0x183/0x260
[ 1119.005102][T19502]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1119.005153][T19502]  __do_fast_syscall_32+0x229/0x6e0
[ 1119.005176][T19502]  ? do_fast_syscall_32+0x33/0x70
[ 1119.005196][T19502]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1119.005226][T19502]  ? asm_int80_emulation+0x1a/0x20
[ 1119.005246][T19502]  ? do_int80_emulation+0x286/0x530
[ 1119.005266][T19502]  ? trace_irq_disable+0x3b/0x140
[ 1119.005303][T19502]  do_fast_syscall_32+0x33/0x70
[ 1119.005324][T19502]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1119.005351][T19502] RIP: 0023:0xf6fef01c
[ 1119.005371][T19502] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1119.005390][T19502] RSP: 002b:00000000f53dd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1119.005413][T19502] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[ 1119.005429][T19502] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1119.005441][T19502] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1119.005454][T19502] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1119.005467][T19502] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1119.005498][T19502]  </TASK>
[ 1119.831572][T19514] syzkaller0: entered promiscuous mode
[ 1119.850050][T19514] syzkaller0: entered allmulticast mode
[ 1119.873338][T19522] misc userio: Invalid payload size
[ 1120.560411][T19519] FAULT_INJECTION: forcing a failure.
[ 1120.560411][T19519] name failslab, interval 1, probability 0, space 0, times 0
[ 1120.605819][T19519] CPU: 1 UID: 0 PID: 19519 Comm: syz.3.3794 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1120.605854][T19519] Tainted: [L]=SOFTLOCKUP
[ 1120.605863][T19519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1120.605876][T19519] Call Trace:
[ 1120.605886][T19519]  <TASK>
[ 1120.605896][T19519]  dump_stack_lvl+0xe8/0x150
[ 1120.605936][T19519]  should_fail_ex+0x412/0x560
[ 1120.605974][T19519]  should_failslab+0xa8/0x100
[ 1120.606006][T19519]  __kmalloc_cache_noprof+0x88/0x660
[ 1120.606034][T19519]  ? do_mq_timedreceive+0x3c5/0xb20
[ 1120.606068][T19519]  do_mq_timedreceive+0x3c5/0xb20
[ 1120.606106][T19519]  ? __pfx_do_mq_timedreceive+0x10/0x10
[ 1120.606132][T19519]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1120.606168][T19519]  ? __fget_files+0x3a0/0x420
[ 1120.606198][T19519]  __ia32_sys_mq_timedreceive_time32+0x177/0x220
[ 1120.606230][T19519]  ? __pfx___ia32_sys_mq_timedreceive_time32+0x10/0x10
[ 1120.606278][T19519]  ? arch_syscall_is_vdso_sigreturn+0x174/0x1a0
[ 1120.606310][T19519]  __do_fast_syscall_32+0x229/0x6e0
[ 1120.606333][T19519]  ? do_fast_syscall_32+0x33/0x70
[ 1120.606354][T19519]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1120.606385][T19519]  ? asm_int80_emulation+0x1a/0x20
[ 1120.606406][T19519]  ? do_int80_emulation+0x286/0x530
[ 1120.606431][T19519]  do_fast_syscall_32+0x33/0x70
[ 1120.606453][T19519]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1120.606480][T19519] RIP: 0023:0xf7fb601c
[ 1120.606500][T19519] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1120.606519][T19519] RSP: 002b:00000000f547650c EFLAGS: 00000206 ORIG_RAX: 0000000000000118
[ 1120.606550][T19519] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080019200
[ 1120.606566][T19519] RDX: 0000000000018fe2 RSI: 0000000080000002 RDI: 0000000000000000
[ 1120.606580][T19519] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1120.606593][T19519] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1120.606606][T19519] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1120.606638][T19519]  </TASK>
[ 1121.062012][T19532] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3797'.
[ 1121.411331][T19534] binder: 19533:19534 ioctl c018937c 80000000 returned -22
[ 1121.448420][T19534] binder: 19533:19534 ioctl c0306201 800003c0 returned -14
[ 1121.727315][ T5899] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1121.888489][ T5899] usb 4-1: config 0 has an invalid interface number: 69 but max is 0
[ 1121.898635][ T5899] usb 4-1: config 0 has no interface number 0
[ 1121.905366][ T5899] usb 4-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[ 1121.917904][ T5899] usb 4-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1121.931091][ T5899] usb 4-1: config 0 interface 69 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1121.948966][ T5899] usb 4-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[ 1121.959995][ T5899] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1121.971099][ T5899] usb 4-1: Product: syz
[ 1121.985250][ T5899] usb 4-1: Manufacturer: syz
[ 1121.994909][ T5899] usb 4-1: SerialNumber: syz
[ 1122.013420][ T5899] usb 4-1: config 0 descriptor??
[ 1122.030351][T19536] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1122.042846][ T5899] cyberjack 4-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[ 1122.059056][ T5899] cyberjack ttyUSB0: usb_submit_urb(read int) failed
[ 1122.096713][ T5899] usb 4-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[ 1126.762216][ T5907] usb 4-1: USB disconnect, device number 5
[ 1126.822073][ T5907] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[ 1126.892720][ T5907] cyberjack 4-1:0.69: device disconnected
[ 1127.003105][T19555] FAULT_INJECTION: forcing a failure.
[ 1127.003105][T19555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1127.033803][T19555] CPU: 0 UID: 0 PID: 19555 Comm: syz.1.3806 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1127.033840][T19555] Tainted: [L]=SOFTLOCKUP
[ 1127.033848][T19555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1127.033861][T19555] Call Trace:
[ 1127.033869][T19555]  <TASK>
[ 1127.033879][T19555]  dump_stack_lvl+0xe8/0x150
[ 1127.033918][T19555]  should_fail_ex+0x412/0x560
[ 1127.033956][T19555]  _copy_from_user+0x2d/0xb0
[ 1127.033979][T19555]  get_compat_msghdr+0xb3/0x4c0
[ 1127.034010][T19555]  ? _parse_integer_limit+0x1ae/0x1f0
[ 1127.034040][T19555]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1127.034070][T19555]  ? kstrtoull+0x12f/0x1d0
[ 1127.034114][T19555]  ___sys_sendmsg+0x201/0x360
[ 1127.034141][T19555]  ? __lock_acquire+0x6b5/0x2cf0
[ 1127.034179][T19555]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1127.034209][T19555]  ? get_pid_task+0x20/0x1f0
[ 1127.034233][T19555]  ? get_pid_task+0x20/0x1f0
[ 1127.034254][T19555]  ? get_pid_task+0x20/0x1f0
[ 1127.034305][T19555]  ? __fget_files+0x2a/0x420
[ 1127.034327][T19555]  ? __fget_files+0x3a0/0x420
[ 1127.034361][T19555]  __sys_sendmsg+0x183/0x260
[ 1127.034392][T19555]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1127.034443][T19555]  __do_fast_syscall_32+0x229/0x6e0
[ 1127.034467][T19555]  ? do_fast_syscall_32+0x33/0x70
[ 1127.034487][T19555]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1127.034519][T19555]  ? asm_int80_emulation+0x1a/0x20
[ 1127.034539][T19555]  ? do_int80_emulation+0x286/0x530
[ 1127.034559][T19555]  ? trace_irq_disable+0x3b/0x140
[ 1127.034590][T19555]  do_fast_syscall_32+0x33/0x70
[ 1127.034613][T19555]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1127.034640][T19555] RIP: 0023:0xf705f01c
[ 1127.034661][T19555] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1127.034681][T19555] RSP: 002b:00000000f544d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1127.034705][T19555] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1127.034721][T19555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1127.034734][T19555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1127.034748][T19555] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1127.034761][T19555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1127.034791][T19555]  </TASK>
[ 1127.254211][T19558] fuse: Bad value for 'fd'
[ 1127.289605][T19559] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3807'.
[ 1127.344095][T19562] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3807'.
[ 1127.376407][T15989] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1127.403448][T19563] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3807'.
[ 1127.470629][T19567] FAULT_INJECTION: forcing a failure.
[ 1127.470629][T19567] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1127.485274][T19567] CPU: 0 UID: 0 PID: 19567 Comm: syz.4.3809 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1127.485311][T19567] Tainted: [L]=SOFTLOCKUP
[ 1127.485320][T19567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1127.485334][T19567] Call Trace:
[ 1127.485343][T19567]  <TASK>
[ 1127.485353][T19567]  dump_stack_lvl+0xe8/0x150
[ 1127.485394][T19567]  should_fail_ex+0x412/0x560
[ 1127.485432][T19567]  _copy_from_iter+0x1d3/0x1670
[ 1127.485481][T19567]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1127.485527][T19567]  ? __pfx__copy_from_iter+0x10/0x10
[ 1127.485575][T19567]  ? packet_cached_dev_get+0x1c/0x2b0
[ 1127.485600][T19567]  ? packet_cached_dev_get+0x1c/0x2b0
[ 1127.485636][T19567]  packet_sendmsg+0x3015/0x5120
[ 1127.485675][T19567]  ? __pfx_aa_label_sk_perm+0x10/0x10
[ 1127.485726][T19567]  ? __lock_acquire+0x6b5/0x2cf0
[ 1127.485775][T19567]  ? aa_sk_perm+0x6d5/0x900
[ 1127.485805][T19567]  ? __pfx_packet_sendmsg+0x10/0x10
[ 1127.485846][T19567]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[ 1127.485885][T19567]  ? __import_iovec+0x5d4/0x7e0
[ 1127.485908][T19567]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1127.485942][T19567]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1127.485972][T19567]  ____sys_sendmsg+0x972/0x9f0
[ 1127.486009][T19567]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1127.486043][T19567]  ? kstrtoull+0x12f/0x1d0
[ 1127.486080][T19567]  ___sys_sendmsg+0x2a5/0x360
[ 1127.486108][T19567]  ? __lock_acquire+0x6b5/0x2cf0
[ 1127.486144][T19567]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1127.486176][T19567]  ? get_pid_task+0x20/0x1f0
[ 1127.486200][T19567]  ? get_pid_task+0x20/0x1f0
[ 1127.486222][T19567]  ? get_pid_task+0x20/0x1f0
[ 1127.486281][T19567]  ? __fget_files+0x2a/0x420
[ 1127.486303][T19567]  ? __fget_files+0x3a0/0x420
[ 1127.486336][T19567]  __sys_sendmsg+0x183/0x260
[ 1127.486367][T19567]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1127.486420][T19567]  __do_fast_syscall_32+0x229/0x6e0
[ 1127.486444][T19567]  ? do_fast_syscall_32+0x33/0x70
[ 1127.486464][T19567]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1127.486496][T19567]  ? asm_int80_emulation+0x1a/0x20
[ 1127.486518][T19567]  ? do_int80_emulation+0x286/0x530
[ 1127.486537][T19567]  ? trace_irq_disable+0x3b/0x140
[ 1127.486568][T19567]  do_fast_syscall_32+0x33/0x70
[ 1127.486589][T19567]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1127.486617][T19567] RIP: 0023:0xf7f5801c
[ 1127.486637][T19567] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1127.486656][T19567] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1127.486681][T19567] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080002ac0
[ 1127.486697][T19567] RDX: 0000000020040890 RSI: 0000000000000000 RDI: 0000000000000000
[ 1127.486711][T19567] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1127.486724][T19567] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1127.486737][T19567] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1127.486769][T19567]  </TASK>
[ 1127.827216][T15989] usb 3-1: Using ep0 maxpacket: 8
[ 1127.838439][T15989] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1127.851220][T15989] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 1127.862057][T15989] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1127.878135][T15989] usb 3-1: config 0 descriptor??
[ 1127.888630][T15989] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 1127.961442][T19574] FAULT_INJECTION: forcing a failure.
[ 1127.961442][T19574] name failslab, interval 1, probability 0, space 0, times 0
[ 1127.976801][T19574] CPU: 0 UID: 0 PID: 19574 Comm: syz.4.3813 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1127.976837][T19574] Tainted: [L]=SOFTLOCKUP
[ 1127.976846][T19574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1127.976860][T19574] Call Trace:
[ 1127.976868][T19574]  <TASK>
[ 1127.976878][T19574]  dump_stack_lvl+0xe8/0x150
[ 1127.976922][T19574]  should_fail_ex+0x412/0x560
[ 1127.976961][T19574]  should_failslab+0xa8/0x100
[ 1127.976990][T19574]  ? skb_clone+0x212/0x3a0
[ 1127.977020][T19574]  kmem_cache_alloc_noprof+0x87/0x650
[ 1127.977047][T19574]  ? __netlink_lookup+0xc6/0x8b0
[ 1127.977081][T19574]  skb_clone+0x212/0x3a0
[ 1127.977113][T19574]  __netlink_deliver_tap+0x404/0x850
[ 1127.977153][T19574]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1127.977181][T19574]  netlink_deliver_tap+0x19c/0x1b0
[ 1127.977208][T19574]  netlink_unicast+0x730/0x8e0
[ 1127.977333][T19574]  netlink_sendmsg+0x813/0xb40
[ 1127.977370][T19574]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1127.977399][T19574]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1127.977433][T19574]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1127.977462][T19574]  ____sys_sendmsg+0x972/0x9f0
[ 1127.977500][T19574]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1127.977535][T19574]  ? kstrtoull+0x12f/0x1d0
[ 1127.977573][T19574]  ___sys_sendmsg+0x2a5/0x360
[ 1127.977602][T19574]  ? __lock_acquire+0x6b5/0x2cf0
[ 1127.977640][T19574]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1127.977672][T19574]  ? get_pid_task+0x20/0x1f0
[ 1127.977696][T19574]  ? get_pid_task+0x20/0x1f0
[ 1127.977718][T19574]  ? get_pid_task+0x20/0x1f0
[ 1127.977771][T19574]  ? __fget_files+0x2a/0x420
[ 1127.977793][T19574]  ? __fget_files+0x3a0/0x420
[ 1127.977826][T19574]  __sys_sendmsg+0x183/0x260
[ 1127.977857][T19574]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1127.977931][T19574]  __do_fast_syscall_32+0x229/0x6e0
[ 1127.977955][T19574]  ? do_fast_syscall_32+0x33/0x70
[ 1127.977975][T19574]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1127.978006][T19574]  ? asm_int80_emulation+0x1a/0x20
[ 1127.978027][T19574]  ? do_int80_emulation+0x286/0x530
[ 1127.978048][T19574]  ? trace_irq_disable+0x3b/0x140
[ 1127.978079][T19574]  do_fast_syscall_32+0x33/0x70
[ 1127.978102][T19574]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1127.978129][T19574] RIP: 0023:0xf7f5801c
[ 1127.978149][T19574] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1127.978168][T19574] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1127.978191][T19574] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[ 1127.978207][T19574] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1127.978220][T19574] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1127.978233][T19574] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1127.978253][T19574] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1127.978286][T19574]  </TASK>
[ 1128.298678][T19578] FAULT_INJECTION: forcing a failure.
[ 1128.298678][T19578] name failslab, interval 1, probability 0, space 0, times 0
[ 1128.313497][T19578] CPU: 1 UID: 0 PID: 19578 Comm: syz.0.3812 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1128.313532][T19578] Tainted: [L]=SOFTLOCKUP
[ 1128.313541][T19578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1128.313560][T19578] Call Trace:
[ 1128.313570][T19578]  <TASK>
[ 1128.313579][T19578]  dump_stack_lvl+0xe8/0x150
[ 1128.313619][T19578]  should_fail_ex+0x412/0x560
[ 1128.313657][T19578]  should_failslab+0xa8/0x100
[ 1128.313691][T19578]  __kmalloc_noprof+0xe8/0x760
[ 1128.313716][T19578]  ? __kasan_kmalloc+0x93/0xb0
[ 1128.313743][T19578]  ? ovs_nla_copy_actions+0x68/0x3d0
[ 1128.313767][T19578]  ? __kmalloc_cache_noprof+0x31c/0x660
[ 1128.313798][T19578]  ovs_nla_copy_actions+0x68/0x3d0
[ 1128.313820][T19578]  ? __asan_memcpy+0x40/0x70
[ 1128.313850][T19578]  ovs_flow_cmd_new+0x615/0xe80
[ 1128.313880][T19578]  ? kasan_save_track+0x3e/0x80
[ 1128.313915][T19578]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[ 1128.314005][T19578]  ? __nla_parse+0x40/0x60
[ 1128.314032][T19578]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[ 1128.314067][T19578]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[ 1128.314109][T19578]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1128.314157][T19578]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1128.314204][T19578]  ? bpf_lsm_capable+0x9/0x20
[ 1128.314235][T19578]  ? security_capable+0x7e/0x2c0
[ 1128.314273][T19578]  genl_rcv_msg+0x61c/0x7a0
[ 1128.314313][T19578]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1128.314345][T19578]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[ 1128.314376][T19578]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1128.314421][T19578]  netlink_rcv_skb+0x232/0x4b0
[ 1128.314449][T19578]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1128.314483][T19578]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1128.314526][T19578]  ? down_read+0x270/0x2e0
[ 1128.314548][T19578]  ? genl_rcv+0xd/0x40
[ 1128.314580][T19578]  genl_rcv+0x28/0x40
[ 1128.314611][T19578]  netlink_unicast+0x75c/0x8e0
[ 1128.314646][T19578]  netlink_sendmsg+0x813/0xb40
[ 1128.314684][T19578]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1128.314714][T19578]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1128.314750][T19578]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1128.314780][T19578]  ____sys_sendmsg+0x972/0x9f0
[ 1128.314819][T19578]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1128.314854][T19578]  ? kstrtoull+0x12f/0x1d0
[ 1128.314892][T19578]  ___sys_sendmsg+0x2a5/0x360
[ 1128.314921][T19578]  ? __lock_acquire+0x6b5/0x2cf0
[ 1128.314959][T19578]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1128.314991][T19578]  ? get_pid_task+0x20/0x1f0
[ 1128.315015][T19578]  ? get_pid_task+0x20/0x1f0
[ 1128.315037][T19578]  ? get_pid_task+0x20/0x1f0
[ 1128.315091][T19578]  ? __fget_files+0x2a/0x420
[ 1128.315114][T19578]  ? __fget_files+0x3a0/0x420
[ 1128.315154][T19578]  __sys_sendmsg+0x183/0x260
[ 1128.315186][T19578]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1128.315239][T19578]  __do_fast_syscall_32+0x229/0x6e0
[ 1128.315264][T19578]  ? do_fast_syscall_32+0x33/0x70
[ 1128.315285][T19578]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1128.315317][T19578]  ? asm_int80_emulation+0x1a/0x20
[ 1128.315338][T19578]  ? do_int80_emulation+0x286/0x530
[ 1128.315359][T19578]  ? trace_irq_disable+0x3b/0x140
[ 1128.315391][T19578]  do_fast_syscall_32+0x33/0x70
[ 1128.315414][T19578]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1128.315441][T19578] RIP: 0023:0xf7f9401c
[ 1128.315462][T19578] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1128.315481][T19578] RSP: 002b:00000000f545650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1128.315504][T19578] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[ 1128.315520][T19578] RDX: 000000000800c000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1128.315533][T19578] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1128.315546][T19578] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1128.315559][T19578] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1128.315591][T19578]  </TASK>
[ 1128.769101][T15989] gspca_vc032x: reg_r err -110
[ 1128.774156][T15989] vc032x 3-1:0.0: probe with driver vc032x failed with error -110
[ 1128.814502][T19578] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1128.874473][T19580] F2FS-fs: Conflicting test_dummy_encryption options
[ 1128.966807][ T5907] usb 3-1: USB disconnect, device number 15
[ 1129.121669][T19594] fuse: Bad value for 'fd'
[ 1129.167149][T15989] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[ 1129.332473][T15989] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1129.350846][T15989] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1129.371638][T15989] usb 2-1: Product: syz
[ 1129.398517][T15989] usb 2-1: Manufacturer: syz
[ 1129.435579][T15989] usb 2-1: SerialNumber: syz
[ 1129.483140][T15989] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1129.511498][ T5899] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1129.846699][ T5961] usb 5-1: new high-speed USB device number 119 using dummy_hcd
[ 1129.890969][T19608] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3823'.
[ 1130.031147][ T5961] usb 5-1: Using ep0 maxpacket: 8
[ 1130.056019][ T5961] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1130.074011][ T5961] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1130.096664][T19611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1130.108740][ T5961] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1130.122590][T19611] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1130.154473][ T5961] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1130.211870][ T5961] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1130.274570][ T5961] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1130.338999][ T5961] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1130.349381][T19615] FAULT_INJECTION: forcing a failure.
[ 1130.349381][T19615] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1130.571417][T19615] CPU: 1 UID: 0 PID: 19615 Comm: syz.2.3825 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1130.571458][T19615] Tainted: [L]=SOFTLOCKUP
[ 1130.571468][T19615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1130.571481][T19615] Call Trace:
[ 1130.571491][T19615]  <TASK>
[ 1130.571502][T19615]  dump_stack_lvl+0xe8/0x150
[ 1130.571543][T19615]  should_fail_ex+0x412/0x560
[ 1130.571583][T19615]  _copy_from_user+0x2d/0xb0
[ 1130.571609][T19615]  get_compat_msghdr+0xb3/0x4c0
[ 1130.571645][T19615]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1130.571679][T19615]  ? kfree+0x4d/0x640
[ 1130.571708][T19615]  ___sys_sendmsg+0x201/0x360
[ 1130.571745][T19615]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1130.571779][T19615]  ? do_user_addr_fault+0xbad/0x1340
[ 1130.571838][T19615]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1130.571906][T19615]  __sys_sendmmsg+0x2e7/0x4e0
[ 1130.571941][T19615]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1130.572002][T19615]  ? fput+0xa0/0xd0
[ 1130.572034][T19615]  ? ksys_write+0x242/0x270
[ 1130.572073][T19615]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1130.572108][T19615]  __do_fast_syscall_32+0x229/0x6e0
[ 1130.572131][T19615]  ? do_fast_syscall_32+0x33/0x70
[ 1130.572151][T19615]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1130.572188][T19615]  ? asm_int80_emulation+0x1a/0x20
[ 1130.572216][T19615]  ? do_int80_emulation+0x286/0x530
[ 1130.572242][T19615]  do_fast_syscall_32+0x33/0x70
[ 1130.572265][T19615]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1130.572292][T19615] RIP: 0023:0xf6fef01c
[ 1130.572313][T19615] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1130.572332][T19615] RSP: 002b:00000000f53dd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 1130.572355][T19615] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800bd000
[ 1130.572371][T19615] RDX: 0000000092492846 RSI: 0000000000000000 RDI: 0000000000000000
[ 1130.572385][T19615] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1130.572397][T19615] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1130.572411][T19615] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1130.572439][T19615]  </TASK>
[ 1130.801085][ T5899] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[ 1130.825388][ T5961] usb 5-1: usb_control_msg returned -32
[ 1130.834254][ T5961] usbtmc 5-1:16.0: can't read capabilities
[ 1130.889701][ T5899] ath9k_htc: Failed to initialize the device
[ 1130.970052][ T5899] usb 2-1: ath9k_htc: USB layer deinitialized
[ 1131.064368][T15989] usb 2-1: USB disconnect, device number 31
[ 1131.538171][T19632] usbtmc 5-1:16.0: INDICATOR_PULSE returned 31
[ 1131.874973][T19637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3833'.
[ 1132.211392][   T29] wlan0: Trigger new scan to find an IBSS to join
[ 1132.769821][T19643] netlink: 'syz.3.3834': attribute type 1 has an invalid length.
[ 1132.799882][T15989] usb 5-1: USB disconnect, device number 119
[ 1133.000435][   T30] audit: type=1326 audit(1776682251.622:2277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19658 comm="syz.4.3838" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f5801c code=0x0
[ 1133.159484][T19663] netlink: 'syz.2.3839': attribute type 1 has an invalid length.
[ 1133.228983][T19661] batman_adv: batadv0: Adding interface: macvtap1
[ 1133.240306][T19661] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1133.346746][T19661] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active
[ 1133.387704][T19657] netlink: 'syz.1.3837': attribute type 1 has an invalid length.
[ 1133.461149][T19663] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1133.792444][T19678] netlink: 'syz.2.3841': attribute type 4 has an invalid length.
[ 1134.212608][T19683] netlink: 'syz.0.3843': attribute type 1 has an invalid length.
[ 1134.241111][T19685] FAULT_INJECTION: forcing a failure.
[ 1134.241111][T19685] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1134.299209][T19685] CPU: 0 UID: 0 PID: 19685 Comm: syz.4.3844 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1134.299236][T19685] Tainted: [L]=SOFTLOCKUP
[ 1134.299265][T19685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1134.299279][T19685] Call Trace:
[ 1134.299288][T19685]  <TASK>
[ 1134.299298][T19685]  dump_stack_lvl+0xe8/0x150
[ 1134.299335][T19685]  should_fail_ex+0x412/0x560
[ 1134.299362][T19685]  _copy_to_iter+0x1e4/0x17d0
[ 1134.299391][T19685]  ? __asan_memset+0x22/0x50
[ 1134.299412][T19685]  ? __pfx__copy_to_iter+0x10/0x10
[ 1134.299438][T19685]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1134.299464][T19685]  ? crng_make_state+0x36a/0x600
[ 1134.299523][T19685]  ? crng_make_state+0xb6/0x600
[ 1134.299547][T19685]  get_random_bytes_user+0x1cf/0x3d0
[ 1134.299573][T19685]  ? __pfx_get_random_bytes_user+0x10/0x10
[ 1134.299601][T19685]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1134.299625][T19685]  ? import_ubuf+0xfb/0x1d0
[ 1134.299642][T19685]  __ia32_sys_getrandom+0x17a/0x270
[ 1134.299667][T19685]  ? __pfx___ia32_sys_getrandom+0x10/0x10
[ 1134.299708][T19685]  __do_fast_syscall_32+0x229/0x6e0
[ 1134.299727][T19685]  ? do_fast_syscall_32+0x33/0x70
[ 1134.299742][T19685]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1134.299765][T19685]  ? asm_int80_emulation+0x1a/0x20
[ 1134.299780][T19685]  ? do_int80_emulation+0x286/0x530
[ 1134.299795][T19685]  ? trace_irq_disable+0x3b/0x140
[ 1134.299818][T19685]  do_fast_syscall_32+0x33/0x70
[ 1134.299834][T19685]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1134.299852][T19685] RIP: 0023:0xf7f5801c
[ 1134.299867][T19685] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1134.299881][T19685] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000163
[ 1134.299898][T19685] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 00000000fffffdde
[ 1134.299909][T19685] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 1134.299918][T19685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1134.299927][T19685] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1134.299936][T19685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1134.299962][T19685]  </TASK>
[ 1134.988471][T19690] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1135.163733][T19697] vlan2: entered promiscuous mode
[ 1135.179312][T19697] macvlan0: entered promiscuous mode
[ 1135.246830][   T13] wlan0: Trigger new scan to find an IBSS to join
[ 1135.538361][   T30] audit: type=1326 audit(1776682254.162:2278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.4.3850" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5801c code=0x7ffc0000
[ 1135.658834][   T30] audit: type=1326 audit(1776682254.162:2279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.4.3850" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5801c code=0x7ffc0000
[ 1135.732127][   T30] audit: type=1326 audit(1776682254.192:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.4.3850" exe="/root/syz-executor" sig=0 arch=40000003 syscall=442 compat=1 ip=0xf7f5801c code=0x7ffc0000
[ 1135.798458][   T30] audit: type=1326 audit(1776682254.192:2281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.4.3850" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5801c code=0x7ffc0000
[ 1135.851639][   T30] audit: type=1326 audit(1776682254.192:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.4.3850" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5801c code=0x7ffc0000
[ 1135.932769][   T30] audit: type=1326 audit(1776682254.192:2283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.4.3850" exe="/root/syz-executor" sig=0 arch=40000003 syscall=443 compat=1 ip=0xf7f5801c code=0x7ffc0000
[ 1136.059205][   T30] audit: type=1326 audit(1776682254.192:2284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.4.3850" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5801c code=0x7ffc0000
[ 1136.138215][   T30] audit: type=1326 audit(1776682254.192:2285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.4.3850" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f5801c code=0x7ffc0000
[ 1136.191357][   T30] audit: type=1326 audit(1776682254.192:2286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.4.3850" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f5801c code=0x7ffc0000
[ 1136.355071][T19707] netlink: 84 bytes leftover after parsing attributes in process `syz.4.3850'.
[ 1136.423320][T19709] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3850'.
[ 1136.517286][T19714] netlink: 'syz.2.3852': attribute type 1 has an invalid length.
[ 1136.586778][ T5961] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 1136.755700][ T5961] usb 4-1: Using ep0 maxpacket: 32
[ 1136.769157][ T5961] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1136.795703][ T5961] usb 4-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[ 1136.838518][ T5961] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1136.863461][ T5961] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1136.884297][ T5961] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1136.918465][ T5961] usb 4-1: Product: syz
[ 1136.928129][ T5961] usb 4-1: Manufacturer: syz
[ 1136.952851][ T5961] usb 4-1: SerialNumber: syz
[ 1136.993461][ T5961] usb 4-1: config 0 descriptor??
[ 1137.450810][ T5961] gs_usb 4-1:0.0: Configuring for 1 interfaces
[ 1137.651834][ T5961] gs_usb 4-1:0.0: Couldn't get bit timing const for channel 0 (-EREMOTEIO)
[ 1137.679639][ T5961] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -121
[ 1138.205947][T15981] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1138.328290][T11209] usb 4-1: USB disconnect, device number 6
[ 1138.721848][T19728] fuse: Unknown parameter '0x0000000000000003'
[ 1138.764737][T19726] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1138.792585][T19726] FAULT_INJECTION: forcing a failure.
[ 1138.792585][T19726] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1138.827285][T19726] CPU: 0 UID: 0 PID: 19726 Comm: syz.3.3856 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1138.827321][T19726] Tainted: [L]=SOFTLOCKUP
[ 1138.827330][T19726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1138.827343][T19726] Call Trace:
[ 1138.827352][T19726]  <TASK>
[ 1138.827362][T19726]  dump_stack_lvl+0xe8/0x150
[ 1138.827402][T19726]  should_fail_ex+0x412/0x560
[ 1138.827446][T19726]  _copy_to_user+0x31/0xb0
[ 1138.827473][T19726]  simple_read_from_buffer+0xe1/0x170
[ 1138.827502][T19726]  proc_fail_nth_read+0x1bb/0x230
[ 1138.827531][T19726]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1138.827559][T19726]  ? rw_verify_area+0x2a6/0x4d0
[ 1138.827585][T19726]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1138.827611][T19726]  vfs_read+0x20c/0xa70
[ 1138.827643][T19726]  ? __pfx___mutex_lock+0x10/0x10
[ 1138.827665][T19726]  ? __pfx_vfs_read+0x10/0x10
[ 1138.827693][T19726]  ? __fget_files+0x2a/0x420
[ 1138.827720][T19726]  ? __fget_files+0x3a0/0x420
[ 1138.827744][T19726]  ? __fget_files+0x2a/0x420
[ 1138.827776][T19726]  ksys_read+0x150/0x270
[ 1138.827805][T19726]  ? __pfx_ksys_read+0x10/0x10
[ 1138.827835][T19726]  ? asm_int80_emulation+0x1a/0x20
[ 1138.827862][T19726]  do_int80_emulation+0x181/0x530
[ 1138.827881][T19726]  ? trace_irq_disable+0x3b/0x140
[ 1138.827913][T19726]  ? asm_int80_emulation+0x1a/0x20
[ 1138.827933][T19726]  ? clear_bhb_loop+0x40/0x90
[ 1138.827956][T19726]  ? clear_bhb_loop+0x40/0x90
[ 1138.827984][T19726]  asm_int80_emulation+0x1a/0x20
[ 1138.828006][T19726] RIP: 0023:0xf71b5cab
[ 1138.828030][T19726] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1138.828044][T19726] RSP: 002b:00000000f54764bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1138.828061][T19726] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f54765d0
[ 1138.828072][T19726] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1138.828081][T19726] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1138.828091][T19726] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1138.828100][T19726] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1138.828123][T19726]  </TASK>
[ 1139.676262][ T5961] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1139.854606][ T5961] usb 1-1: device descriptor read/64, error -71
[ 1140.115773][ T5961] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 1140.145816][  T992] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[ 1140.245730][ T5961] usb 1-1: device descriptor read/64, error -71
[ 1140.278037][  T992] usb 2-1: device descriptor read/64, error -71
[ 1140.372779][T19764] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1140.387679][ T5961] usb usb1-port1: attempt power cycle
[ 1140.546995][  T992] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[ 1140.695794][  T992] usb 2-1: device descriptor read/64, error -71
[ 1140.748641][ T5961] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 1140.786761][ T5961] usb 1-1: device descriptor read/8, error -71
[ 1140.816565][  T992] usb usb2-port1: attempt power cycle
[ 1140.844344][T19766] syzkaller0: entered promiscuous mode
[ 1140.868463][T19766] syzkaller0: entered allmulticast mode
[ 1141.066598][ T5961] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 1141.100082][ T5961] usb 1-1: device descriptor read/8, error -71
[ 1141.215963][  T992] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[ 1141.228082][ T5961] usb usb1-port1: unable to enumerate USB device
[ 1141.268434][  T992] usb 2-1: device descriptor read/8, error -71
[ 1141.525734][  T992] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[ 1141.559153][  T992] usb 2-1: device descriptor read/8, error -71
[ 1141.694515][  T992] usb usb2-port1: unable to enumerate USB device
[ 1142.254022][T19770] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3869'.
[ 1142.324176][T19773] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3869'.
[ 1142.347491][T19770] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3869'.
[ 1142.816785][T19791] fuse: Unknown parameter '0x0000000000000003'
[ 1143.365217][   T30] kauditd_printk_skb: 26 callbacks suppressed
[ 1143.365239][   T30] audit: type=1800 audit(1776682261.982:2313): pid=19780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3870" name="bus" dev="ramfs" ino=91248 res=0 errno=0
[ 1143.427200][T19803] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3877'.
[ 1143.864260][T19808] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3878'.
[ 1144.387068][T11209] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[ 1144.509923][T18089] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1144.521459][T18089] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1144.548970][T11209] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1144.565212][T11209] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1144.592670][T11209] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[ 1144.610827][T11209] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1144.663538][T11209] usb 1-1: config 0 descriptor??
[ 1144.899168][T19820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1144.915720][  T992] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 1144.928594][T19820] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1145.088589][  T992] usb 2-1: config 0 has an invalid interface number: 106 but max is 0
[ 1145.097237][  T992] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1145.108600][  T992] usb 2-1: config 0 has no interface number 0
[ 1145.114806][  T992] usb 2-1: too many endpoints for config 0 interface 106 altsetting 74: 216, using maximum allowed: 30
[ 1145.127055][  T992] usb 2-1: config 0 interface 106 altsetting 74 has 0 endpoint descriptors, different from the interface descriptor's value: 216
[ 1145.146061][  T992] usb 2-1: config 0 interface 106 has no altsetting 0
[ 1145.153370][  T992] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[ 1145.175050][T11209] isku 0003:1E7D:319C.0036: item fetching failed at offset 5/7
[ 1145.183992][  T992] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1145.217250][  T992] usb 2-1: config 0 descriptor??
[ 1145.262719][T11209] isku 0003:1E7D:319C.0036: parse failed
[ 1145.269825][  T992] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1145.279505][T11209] isku 0003:1E7D:319C.0036: probe with driver isku failed with error -22
[ 1146.412667][T18089] usb 2-1: Failed to submit usb control message: -110
[ 1146.467105][T18089] usb 2-1: unable to send the bmi data to the device: -110
[ 1146.495358][T18089] usb 2-1: unable to get target info from device
[ 1146.519630][T18089] usb 2-1: could not get target info (-110)
[ 1146.532143][T18089] usb 2-1: could not probe fw (-110)
[ 1146.711418][T19850] fuse: Unknown parameter '0x0000000000000003'
[ 1147.089606][T19857] FAULT_INJECTION: forcing a failure.
[ 1147.089606][T19857] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1147.147600][T19857] CPU: 1 UID: 0 PID: 19857 Comm: syz.2.3892 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1147.147627][T19857] Tainted: [L]=SOFTLOCKUP
[ 1147.147633][T19857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1147.147643][T19857] Call Trace:
[ 1147.147651][T19857]  <TASK>
[ 1147.147658][T19857]  dump_stack_lvl+0xe8/0x150
[ 1147.147688][T19857]  should_fail_ex+0x412/0x560
[ 1147.147715][T19857]  _copy_from_iter+0x1d3/0x1670
[ 1147.147741][T19857]  ? rcu_is_watching+0x15/0xb0
[ 1147.147764][T19857]  ? __pfx__copy_from_iter+0x10/0x10
[ 1147.147793][T19857]  ? netlink_sendmsg+0x650/0xb40
[ 1147.147811][T19857]  ? skb_put+0x11b/0x210
[ 1147.147832][T19857]  netlink_sendmsg+0x6c0/0xb40
[ 1147.147858][T19857]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1147.147880][T19857]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1147.147906][T19857]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1147.147930][T19857]  ____sys_sendmsg+0x972/0x9f0
[ 1147.147960][T19857]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1147.147984][T19857]  ? kstrtoull+0x12f/0x1d0
[ 1147.148009][T19857]  ___sys_sendmsg+0x2a5/0x360
[ 1147.148029][T19857]  ? __lock_acquire+0x6b5/0x2cf0
[ 1147.148055][T19857]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1147.148077][T19857]  ? get_pid_task+0x20/0x1f0
[ 1147.148114][T19857]  ? get_pid_task+0x20/0x1f0
[ 1147.148136][T19857]  ? get_pid_task+0x20/0x1f0
[ 1147.148187][T19857]  ? __fget_files+0x2a/0x420
[ 1147.148209][T19857]  ? __fget_files+0x3a0/0x420
[ 1147.148242][T19857]  __sys_sendmsg+0x183/0x260
[ 1147.148279][T19857]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1147.148317][T19857]  __do_fast_syscall_32+0x229/0x6e0
[ 1147.148334][T19857]  ? do_fast_syscall_32+0x33/0x70
[ 1147.148349][T19857]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1147.148372][T19857]  ? asm_int80_emulation+0x1a/0x20
[ 1147.148387][T19857]  ? do_int80_emulation+0x286/0x530
[ 1147.148402][T19857]  ? trace_irq_disable+0x3b/0x140
[ 1147.148425][T19857]  do_fast_syscall_32+0x33/0x70
[ 1147.148441][T19857]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1147.148460][T19857] RIP: 0023:0xf6fef01c
[ 1147.148474][T19857] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1147.148488][T19857] RSP: 002b:00000000f53dd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1147.148505][T19857] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[ 1147.148516][T19857] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1147.148526][T19857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1147.148535][T19857] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1147.148550][T19857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1147.148572][T19857]  </TASK>
[ 1147.599513][T11209] usb 1-1: USB disconnect, device number 9
[ 1148.230243][T19865] syzkaller1: entered promiscuous mode
[ 1148.269042][T19865] syzkaller1: entered allmulticast mode
[ 1148.355545][T19873] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3898'.
[ 1148.644812][T19881] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3900'.
[ 1148.997969][T11209] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1149.081127][T19885] FAULT_INJECTION: forcing a failure.
[ 1149.081127][T19885] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1149.121491][T19885] CPU: 1 UID: 0 PID: 19885 Comm: syz.2.3901 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1149.121519][T19885] Tainted: [L]=SOFTLOCKUP
[ 1149.121525][T19885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1149.121535][T19885] Call Trace:
[ 1149.121542][T19885]  <TASK>
[ 1149.121550][T19885]  dump_stack_lvl+0xe8/0x150
[ 1149.121581][T19885]  should_fail_ex+0x412/0x560
[ 1149.121609][T19885]  _copy_from_iter+0x1d3/0x1670
[ 1149.121635][T19885]  ? rcu_is_watching+0x15/0xb0
[ 1149.121656][T19885]  ? __pfx__copy_from_iter+0x10/0x10
[ 1149.121686][T19885]  ? netlink_sendmsg+0x650/0xb40
[ 1149.121704][T19885]  ? skb_put+0x11b/0x210
[ 1149.121749][T19885]  netlink_sendmsg+0x6c0/0xb40
[ 1149.121785][T19885]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1149.121815][T19885]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1149.121849][T19885]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1149.121880][T19885]  ____sys_sendmsg+0x972/0x9f0
[ 1149.121908][T19885]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1149.121946][T19885]  ? kstrtoull+0x12f/0x1d0
[ 1149.121992][T19885]  ___sys_sendmsg+0x2a5/0x360
[ 1149.122021][T19885]  ? __lock_acquire+0x6b5/0x2cf0
[ 1149.122059][T19885]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1149.122091][T19885]  ? get_pid_task+0x20/0x1f0
[ 1149.122114][T19885]  ? get_pid_task+0x20/0x1f0
[ 1149.122130][T19885]  ? get_pid_task+0x20/0x1f0
[ 1149.122168][T19885]  ? __fget_files+0x2a/0x420
[ 1149.122184][T19885]  ? __fget_files+0x3a0/0x420
[ 1149.122209][T19885]  __sys_sendmsg+0x183/0x260
[ 1149.122231][T19885]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1149.122270][T19885]  __do_fast_syscall_32+0x229/0x6e0
[ 1149.122287][T19885]  ? do_fast_syscall_32+0x33/0x70
[ 1149.122301][T19885]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1149.122324][T19885]  ? asm_int80_emulation+0x1a/0x20
[ 1149.122339][T19885]  ? do_int80_emulation+0x286/0x530
[ 1149.122353][T19885]  ? trace_irq_disable+0x3b/0x140
[ 1149.122376][T19885]  do_fast_syscall_32+0x33/0x70
[ 1149.122392][T19885]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1149.122411][T19885] RIP: 0023:0xf6fef01c
[ 1149.122426][T19885] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1149.122448][T19885] RSP: 002b:00000000f53dd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1149.122465][T19885] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[ 1149.122476][T19885] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1149.122486][T19885] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1149.122495][T19885] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1149.122505][T19885] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1149.122527][T19885]  </TASK>
[ 1149.407242][T11209] usb 1-1: config 171 has an invalid interface number: 109 but max is 0
[ 1149.416681][T11209] usb 1-1: config 171 has an invalid descriptor of length 0, skipping remainder of the config
[ 1149.489000][ T5961] usb 2-1: USB disconnect, device number 36
[ 1149.588065][T11209] usb 1-1: config 171 has no interface number 0
[ 1149.594652][T11209] usb 1-1: config 171 interface 109 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1023
[ 1149.678283][T11209] usb 1-1: config 171 interface 109 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 12
[ 1149.729505][T11209] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=fd.2e
[ 1149.766677][T11209] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1149.786772][T11209] usb 1-1: Product: syz
[ 1149.791151][T11209] usb 1-1: Manufacturer: syz
[ 1149.802400][T11209] usb 1-1: SerialNumber: syz
[ 1149.820066][T19876] FAULT_INJECTION: forcing a failure.
[ 1149.820066][T19876] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1149.835966][T19876] CPU: 1 UID: 0 PID: 19876 Comm: syz.3.3899 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1149.836002][T19876] Tainted: [L]=SOFTLOCKUP
[ 1149.836011][T19876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1149.836034][T19876] Call Trace:
[ 1149.836043][T19876]  <TASK>
[ 1149.836053][T19876]  dump_stack_lvl+0xe8/0x150
[ 1149.836109][T19876]  should_fail_ex+0x412/0x560
[ 1149.836154][T19876]  _copy_to_iter+0x589/0x17d0
[ 1149.836203][T19876]  ? __pfx__copy_to_iter+0x10/0x10
[ 1149.836235][T19876]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1149.836268][T19876]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1149.836301][T19876]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1149.836331][T19876]  ? __skb_try_recv_datagram+0x3d4/0x4d0
[ 1149.836368][T19876]  __skb_datagram_iter+0xf8/0x980
[ 1149.836405][T19876]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 1149.836444][T19876]  skb_copy_datagram_iter+0xb5/0x240
[ 1149.836478][T19876]  netlink_recvmsg+0x2c3/0xa50
[ 1149.836505][T19876]  ? rcu_is_watching+0x15/0xb0
[ 1149.836537][T19876]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1149.836571][T19876]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1149.836606][T19876]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 1149.836631][T19876]  ? security_socket_recvmsg+0x7e/0x2c0
[ 1149.836654][T19876]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1149.836680][T19876]  sock_recvmsg+0x172/0x1b0
[ 1149.836703][T19876]  ____sys_recvmsg+0x1e6/0x4a0
[ 1149.836742][T19876]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1149.836770][T19876]  ? get_compat_msghdr+0x34b/0x4c0
[ 1149.836811][T19876]  ? __lock_acquire+0x6b5/0x2cf0
[ 1149.836853][T19876]  ___sys_recvmsg+0x215/0x590
[ 1149.836881][T19876]  ? ktime_get_ts64+0xa9/0x410
[ 1149.836916][T19876]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1149.836951][T19876]  ? __fget_files+0x2a/0x420
[ 1149.836993][T19876]  ? __fget_files+0x3a0/0x420
[ 1149.837026][T19876]  do_recvmmsg+0x3a5/0x800
[ 1149.837065][T19876]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1149.837108][T19876]  ? _copy_from_user+0x94/0xb0
[ 1149.837145][T19876]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1149.837187][T19876]  __sys_recvmmsg+0x12f/0x290
[ 1149.837211][T19876]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 1149.837233][T19876]  ? ksys_write+0x242/0x270
[ 1149.837257][T19876]  __ia32_compat_sys_recvmmsg_time32+0xbf/0xe0
[ 1149.837283][T19876]  __do_fast_syscall_32+0x229/0x6e0
[ 1149.837299][T19876]  ? do_fast_syscall_32+0x33/0x70
[ 1149.837313][T19876]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1149.837335][T19876]  ? asm_int80_emulation+0x1a/0x20
[ 1149.837351][T19876]  ? do_int80_emulation+0x286/0x530
[ 1149.837365][T19876]  ? trace_irq_disable+0x3b/0x140
[ 1149.837389][T19876]  do_fast_syscall_32+0x33/0x70
[ 1149.837405][T19876]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1149.837425][T19876] RIP: 0023:0xf7fb601c
[ 1149.837440][T19876] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1149.837453][T19876] RSP: 002b:00000000f547650c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[ 1149.837470][T19876] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800037c0
[ 1149.837482][T19876] RDX: 00000000000003b4 RSI: 0000000002040000 RDI: 0000000080003700
[ 1149.837492][T19876] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1149.837502][T19876] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1149.837511][T19876] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1149.837532][T19876]  </TASK>
[ 1150.226105][T19882] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1150.325755][ T5961] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1150.445646][T19896] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1150.452761][T19896] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1150.462394][T19896] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1150.469371][T19896] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1150.477495][T19896] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1150.484091][T19896] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1150.490962][T19896] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1150.497888][T19896] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1150.504923][ T5961] usb 2-1: Using ep0 maxpacket: 8
[ 1150.510446][T19896] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1150.515021][ T5961] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1150.517495][T19896] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1150.529526][ T5961] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1150.544824][ T5961] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1150.554828][ T5961] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[ 1150.567704][ T5961] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1150.577892][ T5961] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1150.588030][ T5961] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1150.610584][ T5961] usb 2-1: config 0 descriptor??
[ 1150.620866][T19889] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1150.730832][T11209] ath6kl: Failed to submit usb control message: -71
[ 1150.804946][T11209] ath6kl: unable to send the bmi data to the device: -71
[ 1150.840587][T11209] ath6kl: Unable to send get target info: -71
[ 1150.881249][T11209] ath6kl: Failed to init ath6kl core: -71
[ 1150.930853][T11209] ath6kl_usb 1-1:171.109: probe with driver ath6kl_usb failed with error -71
[ 1151.057435][T11209] usb 1-1: USB disconnect, device number 10
[ 1151.193225][ T5961] usb 2-1: USB disconnect, device number 37
[ 1151.208142][ T5852] Bluetooth: hci3: Opcode 0x0c03 failed: -71
[ 1151.354652][T19898] netlink: 'syz.3.3903': attribute type 1 has an invalid length.
[ 1151.724729][T19902] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1151.741965][T19906] FAULT_INJECTION: forcing a failure.
[ 1151.741965][T19906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1151.808662][T19906] CPU: 1 UID: 0 PID: 19906 Comm: syz.0.3905 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1151.808699][T19906] Tainted: [L]=SOFTLOCKUP
[ 1151.808708][T19906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1151.808721][T19906] Call Trace:
[ 1151.808730][T19906]  <TASK>
[ 1151.808741][T19906]  dump_stack_lvl+0xe8/0x150
[ 1151.808781][T19906]  should_fail_ex+0x412/0x560
[ 1151.808818][T19906]  _copy_to_iter+0x589/0x17d0
[ 1151.808870][T19906]  ? __pfx__copy_to_iter+0x10/0x10
[ 1151.808903][T19906]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1151.808936][T19906]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1151.808969][T19906]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1151.809009][T19906]  ? __skb_try_recv_datagram+0x3d4/0x4d0
[ 1151.809048][T19906]  __skb_datagram_iter+0xf8/0x980
[ 1151.809089][T19906]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 1151.809129][T19906]  skb_copy_datagram_iter+0xb5/0x240
[ 1151.809165][T19906]  netlink_recvmsg+0x2c3/0xa50
[ 1151.809193][T19906]  ? rcu_is_watching+0x15/0xb0
[ 1151.809222][T19906]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1151.809256][T19906]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1151.809291][T19906]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 1151.809316][T19906]  ? security_socket_recvmsg+0x7e/0x2c0
[ 1151.809340][T19906]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1151.809367][T19906]  sock_recvmsg+0x172/0x1b0
[ 1151.809392][T19906]  ____sys_recvmsg+0x1e6/0x4a0
[ 1151.809430][T19906]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1151.809461][T19906]  ? get_compat_msghdr+0x34b/0x4c0
[ 1151.809490][T19906]  ? __lock_acquire+0x6b5/0x2cf0
[ 1151.809520][T19906]  ___sys_recvmsg+0x215/0x590
[ 1151.809540][T19906]  ? ktime_get_ts64+0xa9/0x410
[ 1151.809565][T19906]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1151.809590][T19906]  ? __fget_files+0x2a/0x420
[ 1151.809618][T19906]  ? __fget_files+0x3a0/0x420
[ 1151.809641][T19906]  do_recvmmsg+0x3a5/0x800
[ 1151.809668][T19906]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1151.809698][T19906]  ? _copy_from_user+0x94/0xb0
[ 1151.809718][T19906]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1151.809739][T19906]  __sys_recvmmsg+0x12f/0x290
[ 1151.809762][T19906]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 1151.809784][T19906]  ? ksys_write+0x242/0x270
[ 1151.809808][T19906]  __ia32_compat_sys_recvmmsg_time32+0xbf/0xe0
[ 1151.809833][T19906]  __do_fast_syscall_32+0x229/0x6e0
[ 1151.809849][T19906]  ? do_fast_syscall_32+0x33/0x70
[ 1151.809863][T19906]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1151.809886][T19906]  ? asm_int80_emulation+0x1a/0x20
[ 1151.809902][T19906]  ? do_int80_emulation+0x286/0x530
[ 1151.809916][T19906]  ? trace_irq_disable+0x3b/0x140
[ 1151.809939][T19906]  do_fast_syscall_32+0x33/0x70
[ 1151.809955][T19906]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1151.809980][T19906] RIP: 0023:0xf7f9401c
[ 1151.809995][T19906] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1151.810009][T19906] RSP: 002b:00000000f545650c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[ 1151.810027][T19906] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800037c0
[ 1151.810039][T19906] RDX: 00000000000003b4 RSI: 0000000000002000 RDI: 0000000080003700
[ 1151.810049][T19906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1151.810059][T19906] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1151.810068][T19906] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1151.810090][T19906]  </TASK>
[ 1152.048005][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[ 1153.398261][T19933] syz_tun: entered allmulticast mode
[ 1153.415216][T19933] FAULT_INJECTION: forcing a failure.
[ 1153.415216][T19933] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1153.443799][T19933] CPU: 1 UID: 0 PID: 19933 Comm: syz.2.3917 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1153.443841][T19933] Tainted: [L]=SOFTLOCKUP
[ 1153.443850][T19933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1153.443863][T19933] Call Trace:
[ 1153.443872][T19933]  <TASK>
[ 1153.443882][T19933]  dump_stack_lvl+0xe8/0x150
[ 1153.443921][T19933]  should_fail_ex+0x412/0x560
[ 1153.443959][T19933]  _copy_from_iter+0x1d3/0x1670
[ 1153.443995][T19933]  ? rcu_is_watching+0x15/0xb0
[ 1153.444025][T19933]  ? __pfx__copy_from_iter+0x10/0x10
[ 1153.444067][T19933]  ? netlink_sendmsg+0x650/0xb40
[ 1153.444092][T19933]  ? skb_put+0x11b/0x210
[ 1153.444131][T19933]  netlink_sendmsg+0x6c0/0xb40
[ 1153.444168][T19933]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1153.444198][T19933]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1153.444234][T19933]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1153.444265][T19933]  ____sys_sendmsg+0x972/0x9f0
[ 1153.444304][T19933]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1153.444337][T19933]  ? kstrtoull+0x12f/0x1d0
[ 1153.444374][T19933]  ___sys_sendmsg+0x2a5/0x360
[ 1153.444402][T19933]  ? __lock_acquire+0x6b5/0x2cf0
[ 1153.444439][T19933]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1153.444470][T19933]  ? get_pid_task+0x20/0x1f0
[ 1153.444495][T19933]  ? get_pid_task+0x20/0x1f0
[ 1153.444517][T19933]  ? get_pid_task+0x20/0x1f0
[ 1153.444568][T19933]  ? __fget_files+0x2a/0x420
[ 1153.444591][T19933]  ? __fget_files+0x3a0/0x420
[ 1153.444623][T19933]  __sys_sendmsg+0x183/0x260
[ 1153.444654][T19933]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1153.444706][T19933]  __do_fast_syscall_32+0x229/0x6e0
[ 1153.444733][T19933]  ? do_fast_syscall_32+0x33/0x70
[ 1153.444753][T19933]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1153.444784][T19933]  ? asm_int80_emulation+0x1a/0x20
[ 1153.444805][T19933]  ? do_int80_emulation+0x286/0x530
[ 1153.444833][T19933]  ? trace_irq_disable+0x3b/0x140
[ 1153.444864][T19933]  do_fast_syscall_32+0x33/0x70
[ 1153.444887][T19933]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1153.444914][T19933] RIP: 0023:0xf6fef01c
[ 1153.444934][T19933] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1153.444953][T19933] RSP: 002b:00000000f53dd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1153.444977][T19933] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800002c0
[ 1153.444993][T19933] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1153.445006][T19933] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1153.445019][T19933] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1153.445032][T19933] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1153.445063][T19933]  </TASK>
[ 1153.599853][T11209] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[ 1153.627087][T19935] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.3916'.
[ 1153.819253][T19932] syz_tun: left allmulticast mode
[ 1153.976468][T11209] usb 1-1: Using ep0 maxpacket: 16
[ 1154.000024][T11209] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1154.043075][T11209] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1154.057084][T19941] fuse: Unknown parameter '0x0000000000000003'
[ 1154.090324][T19940] tipc: Started in network mode
[ 1154.100186][T11209] usb 1-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[ 1154.105332][T19940] tipc: Node identity f2012434c534, cluster identity 4711
[ 1154.130812][T19940] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1154.139759][T11209] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1154.152877][T19945] syzkaller0: entered allmulticast mode
[ 1154.169024][T11209] usb 1-1: config 0 descriptor??
[ 1154.173068][T19940] tipc: Resetting bearer <eth:syzkaller0>
[ 1154.233647][T19939] tipc: Disabling bearer <eth:syzkaller0>
[ 1154.442846][T19931] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1154.474515][T19955] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3924'.
[ 1154.493731][T19931] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1154.507696][T19955] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3924'.
[ 1154.579636][T11209] usbhid 1-1:0.0: can't add hid device: -71
[ 1154.599390][T11209] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1154.618258][ T5899] usb 5-1: new high-speed USB device number 120 using dummy_hcd
[ 1154.650012][T11209] usb 1-1: USB disconnect, device number 11
[ 1154.761005][T19959] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[ 1154.789067][ T5899] usb 5-1: config 0 has no interfaces?
[ 1154.803961][ T5899] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1154.818661][ T5899] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1154.830380][ T5899] usb 5-1: Product: syz
[ 1154.837867][ T5899] usb 5-1: Manufacturer: syz
[ 1154.843153][ T5899] usb 5-1: SerialNumber: syz
[ 1154.859812][ T5899] usb 5-1: config 0 descriptor??
[ 1155.232393][   T30] audit: type=1326 audit(1776682273.852:2314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb601c code=0x7ffc0000
[ 1155.289907][T11209] usb 5-1: USB disconnect, device number 120
[ 1155.355039][   T30] audit: type=1326 audit(1776682273.852:2315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb601c code=0x7ffc0000
[ 1155.417353][   T30] audit: type=1326 audit(1776682273.852:2316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7fb601c code=0x7ffc0000
[ 1155.522875][   T30] audit: type=1326 audit(1776682273.852:2317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb601c code=0x7ffc0000
[ 1155.602142][   T30] audit: type=1326 audit(1776682273.852:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fb601c code=0x7ffc0000
[ 1155.668957][   T30] audit: type=1326 audit(1776682273.852:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb601c code=0x7ffc0000
[ 1155.763399][   T30] audit: type=1326 audit(1776682273.852:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb601c code=0x7ffc0000
[ 1155.855107][   T30] audit: type=1326 audit(1776682273.852:2321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb601c code=0x7ffc0000
[ 1155.905081][T19972] netlink: 'syz.1.3928': attribute type 1 has an invalid length.
[ 1155.954254][   T30] audit: type=1326 audit(1776682273.852:2322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7fb601c code=0x7ffc0000
[ 1155.980751][   T30] audit: type=1326 audit(1776682273.852:2323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb601c code=0x7ffc0000
[ 1157.161429][T19987] IPVS: set_ctl: invalid protocol: 50 100.1.1.2:20000
[ 1157.636910][T15989] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[ 1157.810210][T15989] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1157.830837][T15989] usb 1-1: not running at top speed; connect to a high speed hub
[ 1157.859862][T15989] usb 1-1: config 5 has an invalid interface number: 174 but max is 0
[ 1157.890822][T15989] usb 1-1: config 5 has no interface number 0
[ 1157.920728][T15989] usb 1-1: config 5 interface 174 has no altsetting 0
[ 1157.954306][T15989] usb 1-1: New USB device found, idVendor=0fe9, idProduct=db59, bcdDevice=57.ec
[ 1157.978838][T15989] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1158.019069][T15989] usb 1-1: Product: syz
[ 1158.030584][T15989] usb 1-1: Manufacturer: syz
[ 1158.043618][T15989] usb 1-1: SerialNumber: syz
[ 1158.304078][T20008] input: syz1 as /devices/virtual/input/input85
[ 1158.329049][T15989] dvb-usb: found a 'DViCO FusionHDTV DVB-T Dual Digital 2' in warm state.
[ 1158.378006][T20007] FAULT_INJECTION: forcing a failure.
[ 1158.378006][T20007] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1158.437796][T15989] dvb-usb: bulk message failed: -71 (2/0)
[ 1158.440138][T20007] CPU: 1 UID: 0 PID: 20007 Comm: syz.4.3941 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1158.440228][T20007] Tainted: [L]=SOFTLOCKUP
[ 1158.440258][T20007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1158.440293][T20007] Call Trace:
[ 1158.440323][T20007]  <TASK>
[ 1158.440348][T20007]  dump_stack_lvl+0xe8/0x150
[ 1158.440445][T20007]  should_fail_ex+0x412/0x560
[ 1158.440545][T20007]  _copy_to_iter+0x1e4/0x17d0
[ 1158.440663][T20007]  ? __asan_memset+0x22/0x50
[ 1158.440763][T20007]  ? __pfx__copy_to_iter+0x10/0x10
[ 1158.440861][T20007]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1158.440960][T20007]  ? crng_make_state+0x36a/0x600
[ 1158.441039][T20007]  ? crng_make_state+0xb6/0x600
[ 1158.441173][T20007]  get_random_bytes_user+0x1cf/0x3d0
[ 1158.441287][T20007]  ? __pfx_get_random_bytes_user+0x10/0x10
[ 1158.441381][T20007]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1158.441476][T20007]  ? import_ubuf+0xfb/0x1d0
[ 1158.441541][T20007]  __ia32_sys_getrandom+0x17a/0x270
[ 1158.441641][T20007]  ? __pfx___ia32_sys_getrandom+0x10/0x10
[ 1158.441773][T20007]  __do_fast_syscall_32+0x229/0x6e0
[ 1158.441831][T20007]  ? do_fast_syscall_32+0x33/0x70
[ 1158.441886][T20007]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1158.441974][T20007]  ? asm_int80_emulation+0x1a/0x20
[ 1158.442030][T20007]  ? do_int80_emulation+0x286/0x530
[ 1158.442086][T20007]  ? trace_irq_disable+0x3b/0x140
[ 1158.442174][T20007]  do_fast_syscall_32+0x33/0x70
[ 1158.442238][T20007]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1158.442307][T20007] RIP: 0023:0xf7f5801c
[ 1158.442363][T20007] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1158.442404][T20007] RSP: 002b:00000000f541650c EFLAGS: 00000206 ORIG_RAX: 0000000000000163
[ 1158.442471][T20007] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 00000000fffffdde
[ 1158.442530][T20007] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 1158.442571][T20007] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1158.442605][T20007] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1158.442664][T20007] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1158.442744][T20007]  </TASK>
[ 1158.794706][T15989] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[ 1158.911572][T15989] dvb-usb: DViCO FusionHDTV DVB-T Dual Digital 2 error while loading driver (-19)
[ 1158.930319][T15989] dvb_usb_cxusb 1-1:5.174: probe with driver dvb_usb_cxusb failed with error -22
[ 1158.957911][T15989] usb 1-1: USB disconnect, device number 12
[ 1159.314175][T20019] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3945'.
[ 1159.360503][T20020] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3945'.
[ 1159.400438][T20019] binder: BINDER_SET_CONTEXT_MGR already set
[ 1159.425248][T20019] binder: 20018:20019 ioctl 4018620d 800000c0 returned -16
[ 1160.347087][T15989] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1160.520946][T15989] usb 4-1: Using ep0 maxpacket: 16
[ 1160.547052][T15989] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1160.575112][T15989] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 10
[ 1160.617383][T15989] usb 4-1: New USB device found, idVendor=0c70, idProduct=f003, bcdDevice= 0.00
[ 1160.642892][T15989] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1160.673243][T15989] usb 4-1: config 0 descriptor??
[ 1161.119191][T15989] hid_parser_main: 7 callbacks suppressed
[ 1161.119218][T15989] aquacomputer_d5next 0003:0C70:F003.0037: unknown main item tag 0x0
[ 1161.179205][T15989] aquacomputer_d5next 0003:0C70:F003.0037: unknown main item tag 0x0
[ 1161.215167][T15989] aquacomputer_d5next 0003:0C70:F003.0037: unknown main item tag 0x0
[ 1161.234993][T15989] aquacomputer_d5next 0003:0C70:F003.0037: unknown main item tag 0x0
[ 1161.262931][T15989] aquacomputer_d5next 0003:0C70:F003.0037: unknown main item tag 0x0
[ 1161.298879][T15989] aquacomputer_d5next 0003:0C70:F003.0037: unknown main item tag 0x0
[ 1161.314340][T20051] netlink: 'syz.4.3952': attribute type 1 has an invalid length.
[ 1161.347072][T20035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1161.361968][T15989] aquacomputer_d5next 0003:0C70:F003.0037: unknown main item tag 0x0
[ 1161.385367][T20035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1161.398758][T15989] aquacomputer_d5next 0003:0C70:F003.0037: unknown main item tag 0x1
[ 1161.413168][T15989] aquacomputer_d5next 0003:0C70:F003.0037: unknown main item tag 0x0
[ 1161.442974][T15989] aquacomputer_d5next 0003:0C70:F003.0037: item fetching failed at offset 14/41
[ 1161.485493][T15989] aquacomputer_d5next 0003:0C70:F003.0037: probe with driver aquacomputer_d5next failed with error -22
[ 1161.551774][T15989] usb 4-1: USB disconnect, device number 7
[ 1163.033519][T20073] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3958'.
[ 1163.105067][T20072] syzkaller0: entered promiscuous mode
[ 1163.133680][T20072] syzkaller0: entered allmulticast mode
[ 1163.160165][T20076] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3958'.
[ 1163.237369][T20078] FAULT_INJECTION: forcing a failure.
[ 1163.237369][T20078] name failslab, interval 1, probability 0, space 0, times 0
[ 1163.260280][T20076] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3958'.
[ 1163.302091][T20078] CPU: 1 UID: 0 PID: 20078 Comm: syz.3.3960 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1163.302118][T20078] Tainted: [L]=SOFTLOCKUP
[ 1163.302124][T20078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1163.302135][T20078] Call Trace:
[ 1163.302142][T20078]  <TASK>
[ 1163.302149][T20078]  dump_stack_lvl+0xe8/0x150
[ 1163.302180][T20078]  should_fail_ex+0x412/0x560
[ 1163.302207][T20078]  should_failslab+0xa8/0x100
[ 1163.302230][T20078]  __kmalloc_noprof+0xe8/0x760
[ 1163.302250][T20078]  ? tomoyo_encode+0x28b/0x550
[ 1163.302269][T20078]  tomoyo_encode+0x28b/0x550
[ 1163.302289][T20078]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1163.302308][T20078]  ? tomoyo_domain+0xd7/0x130
[ 1163.302328][T20078]  ? tomoyo_path_number_perm+0x219/0x630
[ 1163.302350][T20078]  tomoyo_path_number_perm+0x246/0x630
[ 1163.302373][T20078]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1163.302395][T20078]  ? __lock_acquire+0x6b5/0x2cf0
[ 1163.302446][T20078]  ? __fget_files+0x2a/0x420
[ 1163.302465][T20078]  ? __fget_files+0x3a0/0x420
[ 1163.302484][T20078]  ? __fget_files+0x2a/0x420
[ 1163.302502][T20078]  security_file_ioctl_compat+0xc3/0x2a0
[ 1163.302525][T20078]  __ia32_compat_sys_ioctl+0x139/0x950
[ 1163.302549][T20078]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 1163.302573][T20078]  ? __fget_files+0x3a0/0x420
[ 1163.302594][T20078]  ? fput+0xa0/0xd0
[ 1163.302609][T20078]  ? ksys_write+0x242/0x270
[ 1163.302637][T20078]  __do_fast_syscall_32+0x229/0x6e0
[ 1163.302653][T20078]  ? do_fast_syscall_32+0x33/0x70
[ 1163.302668][T20078]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1163.302690][T20078]  ? asm_int80_emulation+0x1a/0x20
[ 1163.302705][T20078]  ? do_int80_emulation+0x286/0x530
[ 1163.302720][T20078]  ? trace_irq_disable+0x3b/0x140
[ 1163.302748][T20078]  do_fast_syscall_32+0x33/0x70
[ 1163.302764][T20078]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1163.302784][T20078] RIP: 0023:0xf7fb601c
[ 1163.302798][T20078] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1163.302811][T20078] RSP: 002b:00000000f547650c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 1163.302828][T20078] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004140aecd
[ 1163.302839][T20078] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1163.302849][T20078] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1163.302858][T20078] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1163.302868][T20078] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1163.302890][T20078]  </TASK>
[ 1163.304116][T20078] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1164.118709][T20091] netlink: 116 bytes leftover after parsing attributes in process `syz.2.3964'.
[ 1164.419418][T20107] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3970'.
[ 1165.092017][T20115] syzkaller1: entered promiscuous mode
[ 1165.111345][T20115] syzkaller1: entered allmulticast mode
[ 1165.292530][T20122] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3972'.
[ 1165.513803][T20123] netlink: 'syz.0.3972': attribute type 10 has an invalid length.
[ 1165.611448][T20125] netlink: 'syz.0.3972': attribute type 10 has an invalid length.
[ 1166.048688][T20123] team0: Port device dummy0 added
[ 1166.271557][T20125] team0: Port device dummy0 removed
[ 1166.351679][T20125] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1166.546051][ T5961] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[ 1166.745885][ T5961] usb 1-1: Using ep0 maxpacket: 16
[ 1166.784233][ T5961] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1166.813523][ T5961] usb 1-1: config 0 has no interface number 0
[ 1166.841521][ T5961] usb 1-1: config 0 interface 1 has no altsetting 0
[ 1166.881975][ T5961] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1166.901487][ T5961] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1166.933142][ T5961] usb 1-1: Product: syz
[ 1166.953113][ T5961] usb 1-1: Manufacturer: syz
[ 1166.968867][ T5961] usb 1-1: SerialNumber: syz
[ 1166.994336][ T5961] usb 1-1: config 0 descriptor??
[ 1167.519142][ T5961] gspca_main: spca1528-2.14.0 probing 04fc:1528
[ 1167.546044][ T5961] gspca_spca1528: reg_w err -71
[ 1167.575810][ T5961] spca1528 1-1:0.1: probe with driver spca1528 failed with error -71
[ 1167.618831][ T5961] usb 1-1: USB disconnect, device number 13
[ 1167.816861][T20136] FAULT_INJECTION: forcing a failure.
[ 1167.816861][T20136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1167.888241][T20136] CPU: 0 UID: 0 PID: 20136 Comm: syz.3.3975 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1167.888280][T20136] Tainted: [L]=SOFTLOCKUP
[ 1167.888289][T20136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1167.888308][T20136] Call Trace:
[ 1167.888317][T20136]  <TASK>
[ 1167.888327][T20136]  dump_stack_lvl+0xe8/0x150
[ 1167.888368][T20136]  should_fail_ex+0x412/0x560
[ 1167.888407][T20136]  _copy_to_user+0x31/0xb0
[ 1167.888433][T20136]  simple_read_from_buffer+0xe1/0x170
[ 1167.888462][T20136]  proc_fail_nth_read+0x1bb/0x230
[ 1167.888490][T20136]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1167.888519][T20136]  ? rw_verify_area+0x2a6/0x4d0
[ 1167.888546][T20136]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1167.888572][T20136]  vfs_read+0x20c/0xa70
[ 1167.888602][T20136]  ? __pfx___mutex_lock+0x10/0x10
[ 1167.888622][T20136]  ? __pfx_vfs_read+0x10/0x10
[ 1167.888646][T20136]  ? __fget_files+0x2a/0x420
[ 1167.888669][T20136]  ? __fget_files+0x3a0/0x420
[ 1167.888687][T20136]  ? __fget_files+0x2a/0x420
[ 1167.888780][T20136]  ksys_read+0x150/0x270
[ 1167.888825][T20136]  ? __pfx_ksys_read+0x10/0x10
[ 1167.888859][T20136]  ? asm_int80_emulation+0x1a/0x20
[ 1167.888924][T20136]  do_int80_emulation+0x181/0x530
[ 1167.888947][T20136]  ? trace_irq_disable+0x3b/0x140
[ 1167.888975][T20136]  ? asm_int80_emulation+0x1a/0x20
[ 1167.888997][T20136]  ? clear_bhb_loop+0x40/0x90
[ 1167.889020][T20136]  ? clear_bhb_loop+0x40/0x90
[ 1167.889048][T20136]  asm_int80_emulation+0x1a/0x20
[ 1167.889070][T20136] RIP: 0023:0xf71b5cab
[ 1167.889092][T20136] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1167.889111][T20136] RSP: 002b:00000000f54764bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1167.889136][T20136] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f54765d0
[ 1167.889151][T20136] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1167.889164][T20136] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1167.889177][T20136] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1167.889190][T20136] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1167.889223][T20136]  </TASK>
[ 1168.476081][  T992] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1168.545757][ T5961] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1168.568706][ T5899] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1168.635948][  T992] usb 3-1: Using ep0 maxpacket: 16
[ 1168.643936][  T992] usb 3-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1168.657422][  T992] usb 3-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 25
[ 1168.671555][  T992] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1168.679906][  T992] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1168.698442][  T992] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1168.706791][ T5961] usb 2-1: Using ep0 maxpacket: 16
[ 1168.714106][ T5961] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1168.719552][ T5899] usb 4-1: device descriptor read/64, error -71
[ 1168.732340][  T992] usb 3-1: config 0 descriptor??
[ 1168.742819][ T5961] usb 2-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 25
[ 1168.779969][ T5961] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1168.791882][ T5961] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1168.801919][ T5961] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1168.827684][ T5961] usb 2-1: config 0 descriptor??
[ 1168.967125][ T5899] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1169.014952][  T992] usbhid 3-1:0.0: can't add hid device: -71
[ 1169.027705][  T992] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1169.061960][  T992] usb 3-1: USB disconnect, device number 16
[ 1169.107392][ T5899] usb 4-1: device descriptor read/64, error -71
[ 1169.129673][ T5961] usbhid 2-1:0.0: can't add hid device: -71
[ 1169.138910][ T5961] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1169.159101][ T5961] usb 2-1: USB disconnect, device number 38
[ 1169.227069][ T5899] usb usb4-port1: attempt power cycle
[ 1169.578659][ T5899] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1169.618087][ T5899] usb 4-1: device descriptor read/8, error -71
[ 1169.866994][ T5899] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1169.895738][ T5961] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[ 1169.905527][ T5899] usb 4-1: device descriptor read/8, error -71
[ 1169.986416][T15989] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1170.027309][ T5899] usb usb4-port1: unable to enumerate USB device
[ 1170.090394][ T5961] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1170.099998][ T5961] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1170.108642][ T5961] usb 1-1: Product: syz
[ 1170.113303][ T5961] usb 1-1: Manufacturer: syz
[ 1170.119622][ T5961] usb 1-1: SerialNumber: syz
[ 1170.149482][T15989] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1170.169630][T15989] usb 3-1: config 0 has no interface number 0
[ 1170.187054][T15989] usb 3-1: too many endpoints for config 0 interface 1 altsetting 241: 162, using maximum allowed: 30
[ 1170.217092][T15989] usb 3-1: config 0 interface 1 altsetting 241 has 0 endpoint descriptors, different from the interface descriptor's value: 162
[ 1170.246383][T15989] usb 3-1: config 0 interface 1 has no altsetting 0
[ 1170.257033][T15989] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1170.278162][T15989] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1170.296633][T15989] usb 3-1: Product: syz
[ 1170.306352][T15989] usb 3-1: Manufacturer: syz
[ 1170.311183][T15989] usb 3-1: SerialNumber: syz
[ 1170.330952][T15989] usb 3-1: config 0 descriptor??
[ 1170.546679][T20164] netlink: 112268 bytes leftover after parsing attributes in process `syz.2.3986'.
[ 1170.557792][ T5961] net_ratelimit: 1991 callbacks suppressed
[ 1170.557820][ T5961] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[ 1170.576409][ T5961] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[ 1170.610342][ T3530] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1170.922995][T20181] netlink: 168 bytes leftover after parsing attributes in process `syz.1.3990'.
[ 1170.955759][T20181] netlink: 168 bytes leftover after parsing attributes in process `syz.1.3990'.
[ 1171.338929][T15989] dvb_usb_ec168 3-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[ 1171.371743][T15989] usb 3-1: USB disconnect, device number 17
[ 1171.537019][ T7662] usb 5-1: new high-speed USB device number 121 using dummy_hcd
[ 1171.630808][   T30] kauditd_printk_skb: 11 callbacks suppressed
[ 1171.630827][   T30] audit: type=1326 audit(1776682290.252:2335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20190 comm="syz.1.3994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1171.692544][   T30] audit: type=1326 audit(1776682290.292:2336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20190 comm="syz.1.3994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1171.718408][   T30] audit: type=1326 audit(1776682290.292:2337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20190 comm="syz.1.3994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1171.747899][   T30] audit: type=1326 audit(1776682290.292:2338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20190 comm="syz.1.3994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1171.772833][   T30] audit: type=1326 audit(1776682290.292:2339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20190 comm="syz.1.3994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1171.802705][ T7662] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[ 1171.814369][ T7662] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1171.825231][ T7662] usb 5-1: Product: syz
[ 1171.830971][ T7662] usb 5-1: Manufacturer: syz
[ 1171.837438][ T7662] usb 5-1: SerialNumber: syz
[ 1171.842402][   T30] audit: type=1326 audit(1776682290.292:2340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20190 comm="syz.1.3994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1171.873462][ T7662] usb 5-1: config 0 descriptor??
[ 1171.880670][   T30] audit: type=1326 audit(1776682290.292:2341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20190 comm="syz.1.3994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1171.913819][ T7662] gspca_main: sunplus-2.14.0 probing 04fc:504a
[ 1171.921374][   T30] audit: type=1326 audit(1776682290.292:2342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20190 comm="syz.1.3994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1171.947066][   T30] audit: type=1326 audit(1776682290.292:2343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20190 comm="syz.1.3994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1171.972635][   T30] audit: type=1326 audit(1776682290.292:2344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20190 comm="syz.1.3994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf705f01c code=0x7ffc0000
[ 1172.117657][T20162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1172.143166][T20162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1172.509496][T20204] netlink: 'syz.1.3996': attribute type 1 has an invalid length.
[ 1172.565338][ T5961] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[ 1172.802042][T20185] [U] VÔ3¸ÂFÙ¾"SÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«=
[ 1172.814520][T20185] [U] J"—E:ÀÆ"


[ 1172.884871][ T5961] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO
[ 1172.954510][ T5961] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[ 1172.997976][  T992] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1173.018617][ T5961] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1173.018627][ T7662] gspca_sunplus: reg_w_riv err -71
[ 1173.018929][ T7662] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[ 1173.078871][ T5961] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1173.108943][ T5961] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[ 1173.128548][ T7662] usb 5-1: USB disconnect, device number 121
[ 1173.147036][ T5961] usb 1-1: USB disconnect, device number 14
[ 1173.211565][  T992] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1173.232341][  T992] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1173.252340][  T992] usb 3-1: Product: syz
[ 1173.278324][  T992] usb 3-1: Manufacturer: syz
[ 1173.299805][  T992] usb 3-1: SerialNumber: syz
[ 1173.762693][  T992] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[ 1173.809162][  T992] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[ 1174.733585][  T992] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000000. ret = -EPROTO
[ 1174.783000][  T992] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1174.800310][  T992] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1174.824503][  T992] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[ 1174.850505][  T992] usb 3-1: USB disconnect, device number 18
[ 1174.896382][ T7662] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1175.057061][ T7662] usb 2-1: Using ep0 maxpacket: 8
[ 1175.080699][ T7662] usb 2-1: config 0 has no interfaces?
[ 1175.093330][T20246] input: syz1 as /devices/virtual/input/input86
[ 1175.114349][ T7662] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1175.148114][ T7662] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1175.177218][T20248] Invalid option length (1045693) for dns_resolver key
[ 1175.209461][ T7662] usb 2-1: config 0 descriptor??
[ 1175.277936][T20242] netlink: 'syz.0.4006': attribute type 5 has an invalid length.
[ 1175.527130][T20253] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4004'.
[ 1175.544355][T20233] syzkaller1: entered promiscuous mode
[ 1175.544376][T20233] syzkaller1: entered allmulticast mode
[ 1175.749684][ T7662] usb 2-1: USB disconnect, device number 39
[ 1176.367969][  T992] ------------[ cut here ]------------
[ 1176.368033][  T992] faux_driver vkms: [drm] vblank wait timed out on crtc 0
[ 1176.368053][  T992] WARNING: drivers/gpu/drm/drm_vblank.c:1320 at drm_crtc_wait_one_vblank+0x357/0x500, CPU#1: kworker/1:2/992
[ 1176.368089][  T992] Modules linked in:
[ 1176.368152][  T992] CPU: 1 UID: 0 PID: 992 Comm: kworker/1:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1176.368180][  T992] Tainted: [L]=SOFTLOCKUP
[ 1176.368187][  T992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1176.368200][  T992] Workqueue: events drm_fb_helper_damage_work
[ 1176.368222][  T992] RIP: 0010:drm_crtc_wait_one_vblank+0x4b6/0x500
[ 1176.368242][  T992] Code: e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ef e8 ca f7 c5 fc 4d 8b 7d 00 48 89 df 4c 89 e6 4c 89 fa 44 89 f1 <67> 48 0f b9 3a 48 8b 3c 24 44 89 f6 e8 79 f6 ff ff b8 92 ff ff ff
[ 1176.368257][  T992] RSP: 0000:ffffc900050678c0 EFLAGS: 00010246
[ 1176.368273][  T992] RAX: 1ffff11004ba3c00 RBX: ffffffff903ee300 RCX: 0000000000000000
[ 1176.368287][  T992] RDX: ffffffff8c51bc20 RSI: ffffffff8c537f60 RDI: ffffffff903ee300
[ 1176.368300][  T992] RBP: ffffc900050679a8 R08: ffffffff903353f7 R09: 1ffffffff2066a7e
[ 1176.368314][  T992] R10: dffffc0000000000 R11: fffffbfff2066a7f R12: ffffffff8c537f60
[ 1176.368327][  T992] R13: ffff888025d1e000 R14: 0000000000000000 R15: ffffffff8c51bc20
[ 1176.368340][  T992] FS:  0000000000000000(0000) GS:ffff88812531e000(0000) knlGS:0000000000000000
[ 1176.368354][  T992] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1176.368367][  T992] CR2: 0000000080119018 CR3: 000000005f272000 CR4: 00000000003526f0
[ 1176.368382][  T992] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083
[ 1176.368394][  T992] DR3: 0000000000000030 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1176.368406][  T992] Call Trace:
[ 1176.368413][  T992]  <TASK>
[ 1176.368425][  T992]  ? __pfx_drm_crtc_wait_one_vblank+0x10/0x10
[ 1176.368458][  T992]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1176.368481][  T992]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1176.368506][  T992]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1176.368531][  T992]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1176.368555][  T992]  ? drm_vblank_get+0x150/0x270
[ 1176.368575][  T992]  drm_client_modeset_wait_for_vblank+0xc5/0xf0
[ 1176.368602][  T992]  drm_fb_helper_damage_work+0x134/0x750
[ 1176.368626][  T992]  ? process_scheduled_works+0xa70/0x1860
[ 1176.368652][  T992]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[ 1176.368675][  T992]  ? process_scheduled_works+0xa70/0x1860
[ 1176.368699][  T992]  ? process_scheduled_works+0xa70/0x1860
[ 1176.368728][  T992]  process_scheduled_works+0xb5d/0x1860
[ 1176.368775][  T992]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1176.368805][  T992]  ? assign_work+0x3d5/0x5e0
[ 1176.368833][  T992]  worker_thread+0xa53/0xfc0
[ 1176.368909][  T992]  kthread+0x388/0x470
[ 1176.368942][  T992]  ? __pfx_worker_thread+0x10/0x10
[ 1176.368975][  T992]  ? __pfx_kthread+0x10/0x10
[ 1176.369004][  T992]  ret_from_fork+0x514/0xb70
[ 1176.369044][  T992]  ? __pfx_ret_from_fork+0x10/0x10
[ 1176.369081][  T992]  ? __switch_to+0xc79/0x1410
[ 1176.369113][  T992]  ? __pfx_kthread+0x10/0x10
[ 1176.369141][  T992]  ret_from_fork_asm+0x1a/0x30
[ 1176.369189][  T992]  </TASK>
[ 1176.369209][  T992] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1176.369228][  T992] CPU: 1 UID: 0 PID: 992 Comm: kworker/1:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1176.369257][  T992] Tainted: [L]=SOFTLOCKUP
[ 1176.369267][  T992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1176.369281][  T992] Workqueue: events drm_fb_helper_damage_work
[ 1176.369308][  T992] Call Trace:
[ 1176.369318][  T992]  <TASK>
[ 1176.369328][  T992]  vpanic+0x56c/0xa60
[ 1176.369367][  T992]  ? __pfx__printk+0x10/0x10
[ 1176.369391][  T992]  ? __pfx_vpanic+0x10/0x10
[ 1176.369423][  T992]  ? is_bpf_text_address+0x292/0x2b0
[ 1176.369457][  T992]  ? is_bpf_text_address+0x26/0x2b0
[ 1176.369500][  T992]  panic+0xc5/0xd0
[ 1176.369533][  T992]  ? __pfx_panic+0x10/0x10
[ 1176.369578][  T992]  ? ret_from_fork_asm+0x1a/0x30
[ 1176.369606][  T992]  __warn+0x315/0x4c0
[ 1176.369625][  T992]  ? drm_crtc_wait_one_vblank+0x357/0x500
[ 1176.369653][  T992]  ? drm_crtc_wait_one_vblank+0x357/0x500
[ 1176.369681][  T992]  __report_bug+0x29a/0x540
[ 1176.369719][  T992]  ? drm_crtc_wait_one_vblank+0x357/0x500
[ 1176.369743][  T992]  ? __pfx___report_bug+0x10/0x10
[ 1176.369797][  T992]  report_bug_entry+0x19a/0x290
[ 1176.369831][  T992]  ? drm_crtc_wait_one_vblank+0x4b6/0x500
[ 1176.369853][  T992]  ? drm_crtc_wait_one_vblank+0x4bb/0x500
[ 1176.369877][  T992]  handle_bug+0xce/0x200
[ 1176.369902][  T992]  exc_invalid_op+0x1a/0x50
[ 1176.369927][  T992]  asm_exc_invalid_op+0x1a/0x20
[ 1176.369950][  T992] RIP: 0010:drm_crtc_wait_one_vblank+0x4b6/0x500
[ 1176.369975][  T992] Code: e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ef e8 ca f7 c5 fc 4d 8b 7d 00 48 89 df 4c 89 e6 4c 89 fa 44 89 f1 <67> 48 0f b9 3a 48 8b 3c 24 44 89 f6 e8 79 f6 ff ff b8 92 ff ff ff
[ 1176.369994][  T992] RSP: 0000:ffffc900050678c0 EFLAGS: 00010246
[ 1176.370013][  T992] RAX: 1ffff11004ba3c00 RBX: ffffffff903ee300 RCX: 0000000000000000
[ 1176.370030][  T992] RDX: ffffffff8c51bc20 RSI: ffffffff8c537f60 RDI: ffffffff903ee300
[ 1176.370047][  T992] RBP: ffffc900050679a8 R08: ffffffff903353f7 R09: 1ffffffff2066a7e
[ 1176.370064][  T992] R10: dffffc0000000000 R11: fffffbfff2066a7f R12: ffffffff8c537f60
[ 1176.370080][  T992] R13: ffff888025d1e000 R14: 0000000000000000 R15: ffffffff8c51bc20
[ 1176.370119][  T992]  ? __pfx_drm_crtc_wait_one_vblank+0x10/0x10
[ 1176.370146][  T992]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1176.370184][  T992]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1176.370217][  T992]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1176.370250][  T992]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1176.370283][  T992]  ? drm_vblank_get+0x150/0x270
[ 1176.370310][  T992]  drm_client_modeset_wait_for_vblank+0xc5/0xf0
[ 1176.370345][  T992]  drm_fb_helper_damage_work+0x134/0x750
[ 1176.370378][  T992]  ? process_scheduled_works+0xa70/0x1860
[ 1176.370412][  T992]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[ 1176.370443][  T992]  ? process_scheduled_works+0xa70/0x1860
[ 1176.370475][  T992]  ? process_scheduled_works+0xa70/0x1860
[ 1176.370510][  T992]  process_scheduled_works+0xb5d/0x1860
[ 1176.370578][  T992]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1176.370619][  T992]  ? assign_work+0x3d5/0x5e0
[ 1176.370659][  T992]  worker_thread+0xa53/0xfc0
[ 1176.370721][  T992]  kthread+0x388/0x470
[ 1176.370749][  T992]  ? __pfx_worker_thread+0x10/0x10
[ 1176.370782][  T992]  ? __pfx_kthread+0x10/0x10
[ 1176.370810][  T992]  ret_from_fork+0x514/0xb70
[ 1176.370847][  T992]  ? __pfx_ret_from_fork+0x10/0x10
[ 1176.370882][  T992]  ? __switch_to+0xc79/0x1410
[ 1176.370915][  T992]  ? __pfx_kthread+0x10/0x10
[ 1176.370942][  T992]  ret_from_fork_asm+0x1a/0x30
[ 1176.370983][  T992]  </TASK>
[ 1176.371875][  T992] Kernel Offset: disabled