last executing test programs:

3m49.391637956s ago: executing program 2 (id=86):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000080), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r2=>0x0})
sendmsg$can_bcm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x1d, r2}, 0x10, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYRES32=r1], 0x48}}, 0x0)

3m49.080633004s ago: executing program 2 (id=89):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c)
close(0x3)
getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040), &(0x7f00000000c0)=0x8)
connect$can_bcm(r1, &(0x7f00000007c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="010000006b0300000100000000000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0000000001"], 0x48}}, 0x20000000)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000080), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r5=>0x0})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x34, 0x5, 0x6, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000800)
sendmsg$can_bcm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r4, &(0x7f00000002c0)={&(0x7f0000000000)={0x1d, r5}, 0x10, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYRES32=r4], 0x48}}, 0x0)

3m48.736444341s ago: executing program 2 (id=91):
syz_usb_connect(0x3, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
setgroups(0x1, &(0x7f0000000080)=[0x0])
read$FUSE(r1, &(0x7f0000001180)={0x2020}, 0x2020)
write$char_usb(r0, 0x0, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000000c0), &(0x7f0000000100)=0x8)
r3 = syz_open_dev$mouse(&(0x7f0000000040), 0xfffffffffffffffd, 0x0)
fcntl$F_GET_FILE_RW_HINT(r3, 0x40d, &(0x7f0000000080))
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
syz_emit_vhci(&(0x7f0000001a80)=ANY=[@ANYBLOB="0300"], 0x37)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000380)={0x0, &(0x7f00000000c0)=[@nested_vmlaunch={0x12f, 0x18, 0x3}, @nested_amd_inject_event={0x180, 0x38, {0x2, 0x1d, 0x2, 0x2, 0x3}}, @wrmsr={0x65, 0x20, {0xb37, 0x6}}, @nested_amd_stgi={0x17e, 0x10}, @nested_amd_inject_event={0x180, 0x38, {0x0, 0x41, 0x4, 0x5, 0x2}}, @wr_drn={0x68, 0x20, {0x6, 0x4}}, @nested_create_vm={0x12d, 0x18, 0x2}, @uexit={0x0, 0x18, 0x10000}, @in_dx={0x69, 0x20, {0x2443, 0x3}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x4, @save_area=0x685, 0xee, 0x80000001, 0x5}}, @wr_crn={0x67, 0x20, {0xe10020c0f44a2db4, 0x3}}, @enable_nested={0x12c, 0x18}, @nested_amd_vmsave={0x183, 0x18, 0x1}, @nested_load_syzos={0x136, 0x88, {0x3, 0x5, [@nested_intel_vmwrite_mask={0x154, 0x38, {0x3, @ro32=0x440e, 0x8000, 0xf0, 0x7}}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @cpuid={0x64, 0x18, {0x0, 0x1}}]}}, @nested_amd_inject_event={0x180, 0x38, {0x0, 0x9c, 0x0, 0xe, 0x2}}, @nested_create_vm={0x12d, 0x18, 0x2}, @set_irq_handler={0xc8, 0x20, {0x22}}], 0x2a8})
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$bt_hci(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="0e0001000200"], 0x8)

3m46.638969095s ago: executing program 2 (id=101):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x78, 0x101842)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x6, 0x6576, 0x3})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x3, 0x11, r0, 0x100000000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x1c0)
r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000000140)={0x100, r2}, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_restrict_self(r1, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file1\x00', 0x81c0, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x81c0, 0x0)
r3 = landlock_create_ruleset(&(0x7f0000000240)={0x20}, 0x18, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r3, 0x1, &(0x7f00000002c0)={0x20, r4}, 0x0)
landlock_restrict_self(r3, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0/file0/file0\x00', 0x81c0, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000340)='./file0/file0/file0\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file1\x00', 0x4, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file1\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)

3m45.530246752s ago: executing program 2 (id=107):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$loop(0x0, 0x200000b1, 0x8a681)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, &(0x7f0000000000)={0x5, 0x2}, 0x2)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)={0x54, 0x2, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0, 0x0, 0x44}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x54}}, 0x80)
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000006bc0), 0x0, 0x0)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='source', &(0x7f0000000180)='::.:\x00\x8e\xf7\xd4\t\xe1\xae\x19\xe5\xf7c\x84\x9c\x06\x00\x00\x00\x11\x01\xf2 \xec\xbe#\'S\xc4\xbd\xb5\x1e\x98MM\x06\x1a\x7f5U\x18\x90\x99\xb2\xfa\')Z\x9ew\xae\xe8\xdd\b\t\xf0\xc4\xbfj\xb6\x88/)~\x93E\x1d4\xa7\xcb\xeb\x0f\xd4(\xb6>\x87\xc3\t\xb0\x80\xf7\xe6\x8b?\xa4\xb3\b\x00\x81\xbe\xea\x1f\xfe\xed\x9d\x1a\x8aQ\xafQ\x06\x0fJ\xc0\xc0=}\x7f\xaeB\xb1\xed\xa4\xf3c#\xbe\b\x1f\xa4L[\xfa\x01Uu\xe0\x8b\x94E\xda\xd9j\x93\xc8~\xd9\x82\x8f\xcam\x17\xa2\xed\xf3\xc3_h\xfc6\t\x96@\xaf\xe6\xd0!)\xc3\xcfe\xe1g\xe7\xe5F\xbdC\xd9$\x9b@\xaf\xc2j1p\xa9\xb2d\x92\x8fo\xcbg\x9fZ\xd7\xef\xb2z\xf5\x0fq\x7f\b\xc2\xa7\x90\xc5\xf5Y\xbc\xf1s\x93X\xb6\xeb\x86&\xa7\x14%B', 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002dbd7000ffdbdf250c0000001800058008000100756470000c0002809f00000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000800}, 0x8000)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r5, 0x7041, 0x0)
read$FUSE(r5, &(0x7f0000001180)={0x2020}, 0x2020)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r5, 0x84, 0xc, &(0x7f0000000080)=0x5, 0x4)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r2, 0xfffffffc)
read$FUSE(r5, &(0x7f00000031c0)={0x2020}, 0x2020)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x5543, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x90, 0xc, "", [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x81, 0x3, 0x1, {0x22, 0x28}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x3, 0xc1}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_control_io(r9, &(0x7f00000000c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="20222b0000002b21c263130026792c918d0fb74237cc6e446c4e88e78862ce2a52973661d67a0c05b6b66eaa55"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r10 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r10, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

3m42.950971336s ago: executing program 2 (id=120):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000001b00)=[{&(0x7f0000000300)="7a71f96cedb89dd3e71e2c25d78dca35edab5f2dc94833449810674b831f7f35314778c04e0cb104ff30732c1f0a570238174d91a0d9a93e6f42962d9de52008941cc63e43ab415399ea2576678879839b6219a8947e495e206c70f561a54b039693eb9bec094a47d84849ba54bb6d45a49bcb57e609fcd6cabfca6edd34c127a4e36b9cac3a39e30063b3f54a929d62cf4b536a168d49a4752d69ef602ceb5fdcaee3c5893ea8dccfca92d76f1eab1f755a5e8e12aa03c736619176ea8439c11203c69fcab074f8d0f4bdc3af8272f1415420c10b97c058", 0xd8}, {&(0x7f0000000580)="1b4a71105a9c1929b50430d6e09c9a05b7af9b0f5a0cd8d490e006566bd6b62f4a333f8a1c2788aa84338f21ea5065e7adeabdc41384d7c69cbd689ce2e9d51c21e42d51cdfcc675ff3533f47129b5ea5793c0b47fff64a36e2b59f26e8745b939dee7860cca5b15420011becc313bb22a019dece431127874904a884f42fb583ed741a0a985f000", 0x88}, {&(0x7f0000000b00)="68802178d1eb5b96582acd1ff3f58f31dc2d542f12845e2de6f5f41dafc194d10c28b7eb4773d14e44b04e0f2e23667e58323bf36f0e469522a9639ee0b86ff5029fdc216dd3ba42d16be8d443b7a56f09bb42ec01db192587fa381ec5ed0b319f5f29149c92afd19758a590ca32aae96a50fb870dfe833052d30af8a2099ecd13cbc847fcbdb9e29e531dc9767f17f9665dc2de8fa20892afb9cfea953e00f5b449cd1112f14264f4e09f0f0de26a26470c228fb25536e078c3d4dd8fcad6f951a5e01f687cf7c7e26160e985aa09ba0ae62a9598117e11aa9d31358f3be9e08238db0e1085a8f1c400d747e96c070919e59381655679197666552b7e662d2e1d706d6e2030cca2778e54e51ec984f029019188c4540adbcb8a7245df42014136dc5ec85c328fb5301f0d41ae4f9a3e0f7b6a4d18e558f257d9cd144d71cfa8d1f11d6169d797bf18be0c7d467537b953220c4d17cf79054568fed36f2fc1f0b7e1048ca65596866b2c960376abf70707691ef3837ac670f93c3c112d766ce3cc6ab3ae7c57912193211e5e63b997e77289f931365de9a5427a02008f00bdbfd6352755b6ffc1b3b225132e79a8e803bdeaaa5f87fd767b2606e466aed892de1f1800df5261d8a8d2ba18f49e9a619652f6b9683bb3ee07217f7b8a9e89dadf9ba780304d48ac8d6bb77506c66f423f4c58ef0b5944c5330deb8881cb1cfc29f4694a7a2e50143d2dfa3e1cc83cceca1106468990055d1e6f7454c9e553fd786253b77cdf5714be5bcbef15b30b9bf4b0be2117013b1916c2fa7b2284af61590a41b61c781a8244d689eb4689debc57f714ec75a0411938689eaf0cb803599f3a749bdd387365d1301287f2c9ff619d1e0c11161105837d7c604945c50a7c042fbf54666755c80b21474b6b3494f4c516085d23bdc3edb4caf6bfff17d2ae9a864eaa6605f19fba102a4f45b83470c67b19212930cf2548aeeb43d81c84d98762e6ff47f137cf0dd4cb97ae9859c1fc2e1a9f0eded6922a7cdcb2bafe3d6775621b3db626f5968c5b3f49f209b582403d5e850fd355db5c463ba20b45c665f6891a6901fd9ba8b913adfa96633543433516f9fcd065308d0001d8cde69e36206ff126ae0687cc407fd05dd973ee0e085e8de84f8d5d69be5c8d017e519cec1e2c8ccd319daa2dde179a42648e8cb97b3e9ec31b73f133f9ab2cb469adb60dd9c865830da66ce390c6bd84cdd63cf483a1cbfd6031424e315ca3576735ca4198797cd56d49a1bbb39d89a2f89560488c7f9a0d6d4cbf4720e4ef5b98dd033cc6b63369c7fa55820672d67406754e8c02bc929bc1357ef7e4230ffebf74792528a87fa5c77fc656907544eeba84138ce0f181da82c1b8a8c84911dcc524043c8e67e2c81c6670f7264b9b3b15739524dafe5b4c74140f9ad8075d3fd8f2c675597564b33b0e94088d815a691bb42dc922e13479f1fe7317cfc0f714a86ff614625b36f64c5ea80e024718f6776748348816295a6162f48feebffa5bfc624dceaaafdfbd369739ebd576d293c7ed93dc39761b97267662dd3ac99f1b0d818ab5ade48919f26b872e61f4ea487da67c801ee00eef1313038b53051a876921d3b456d65847dcb84601aafc4bb90a72d1bef1569a94d6a962b77dae18ab26a8f7ba53cd36b78587ce041da9d036e577995b33daa3a90a09148deba522e32c09cfedc6765870d4359b5028f7aa02c7bfd6164334b996b6cc0244d3f0be8ab4c50017bca046e841d789c4c90f957c115919c95396c40586df5424c11d0b9a52e8212fab29a9c15266b3caaa0356a2f80d628df072978de30b33ddb778c532859f8db52c09e17b6b29cd81eb9a58a6ac0231f3437cfb44d522f1d38adffad2f4b4cfbd96a354e08057f881ea2d09ec64b1e58e0b0834ee908b7295321018ddd88d538a6653e01d95c21f1cf1e8c4367f43c4ceeac4de86e9579c142f63ccb72e1bdc9cf01006bdf59bdf440a2362f3fa572fdb13e3bfa7d53a21055d37fdc90aa75fefea7d23cc3180d641ce17f07d3ab26172f8f190512a77bbc8af495e39e39c847223985db14f77eca453a929efb969fd528f9273b9a11684ccaccb4e113792006e90c00927df5788b6e15c92b71f140e8d9756adb434011faaa9b96b2e5a1496df8086008c00db625a979891110fa07423ec3ec56af7d05e98edba01161771338a3670175f0daa62c452fb677fb6992b6ea7ade3643c23d196cbfd771ecbb13ebf5a254518ab4519171f261a0f468ad9a9bcf2f0c9f490f1d088476de1df2b273f046fbb70fd249400178c7a33920657756c9acdd21b09d9eedde9fc6da57557272a20ba2ae592669e5c4859441f775065b21a6a681fea2ace04057f5f564825da8af2a0f53f0e26f77b2fcbc5b79e83986606154a43945e110a6e33fefec5680f57820b82bdb2a51dbc9a92dbe05f1da352328771c4530240aa6d3093118d1d5329e7da5071e8182ec8f88459840950f2c52b54e0d0420f0565f908b95f17ce615bcd0d323c03053d5379ef50a5f370c9ba242f0a9514684effb97cbe1adf8e3a9a45ae99a09321869098bcc9d5ed8876bfef07ce2b0fee35b511861b44b7b0e70eed96253cc6e89aa560798877e47b91561f2bccf8ff6adb342ac06df868ba85d265b4422fa85b9cd4dfea65ef41b918b19bfd9f7b31014c78dcbfffd31fbc837e4e1638fce98ac589368fa96fd6689ba32565904dd665f17d561b4df9ef35e70906faebbf176c15fc0df2e3103cd730e2bfe13181b1a45907930da4520a29e9ec4723ab0c62b14ff9cea5b241c39353d33609f4da59c7d5808952c0f6bcfb0eb459ef7d0ca4970d640d612bea41693137e88faf8b93ed7565c6c28f00e3f93b70e8f88561a683de1d5576436cc18ac753ec1f37a9f7cbb587b1b3d3ed2a66946218d67e8282b9bbf729a9362718311dcd0efe50af245fce51dea9f45bd65c1836c917e726b4c6cf9147c8a6305245483dbba1ca265b709154118ed39d0ec4fc1856ab2ba75a5a0174c53cd00d6c8ba6c398d0ac138d414856d5f502d722ccef89c9fa0a49def65447e05c7599fe8d633162b2525bcd7f56c200545a5aae96c2c1e93e11d666ee8417986661d8d299f1d9f9cfee7bb1e8f55d6aeed20f387bdba09d2fdf5516b1bce682c79faaa9809684b91a3fb4e6518e38f63b4b2899eabd738e60ee8741f8231dd9cd71384622ae281ec20e6837739b13e36cb774101bf423d8decfbeb28a68a5308b792d847c604186323b19bfb88e4d51547508d4d0e14a5e6fdcea4f14884f198d93330aceb9c6ea899bd284c3632927bcbbc4456c5a05a75f7038c85227c6d6382efdacc821438aa9e72a35b92bc99a0128bdfeb4a0154beeddce2c98c40b446134c70dd87e204761414010a859bbf18357af9ca726ec7231703f3414d1e1129fcbf05f998cdf9098261a3713ab65cefca12d4ae69b50c788ee19446825b73c89cc3fd540ece1ecb53610404222afd8055ec992576c568d3cff97d64dbcd447d0de14c8502d769d3cab1057622a98a5829abe672dfee49af116293eabdac4c89faa2191348de3d91eadc5ec32767a3827c6616d2d2bb4230a8226d44c6fa806c77df44b40fdb304096080630b92fcb2d4de84566e68a865313f9eca0fb15df20495389c27a41753534a36b1259511a1da84502f188212b6689640699127708a53a7fc2d76a3439556ea03263db8ee88653912f7e7390a3b100b8ead14d7803fdd6de947c6088d348397d599e12076be174f5e2da13a96f7c6e3c3f9cca0836527aa6fe1ba7434ebc2e1949e0365b08b06fba14c77cf55f677bedae007a4f32d742cf472922357f292af4a89d5bc36461026da03d158438d185d906b42b6e8eba913cb55391b0427394f8cd81fa392ca49a700e0b8d9f670a8858906abaa0bf51a1b984cca5e6196ed4de4a8956edb1922f959b854f67721eaf414b371490ee09aff98fa5f0724841285330ec9a9d997d8d6b57026e19be3e45f76321ff214c3527f8704ecf222c3a5e525ef5948a8983d2d2f22599b327841db8b2fd5426ede1312cb72dd41a1d5c4d0cdb305a50adc42c7b71721997c2164149d8d8ee3e8790292be8e5829bf3c772aca473c6129d5b4e541ba291067fc116de7ea21303903524b592ce668251f929868865cf5c73f20ebf0db3bc01b945bfba9e7c6c93ce8b904a76a6ebb5affdea2f4940bd03ff456322aa812a76f45cf60dbe34ee000987ad734b281f2a0a5ce596d39c5fda76b4258af737b258d35977884a0a900b632953906996d986a8e97c3bd9db21178079647657ee81b25e98506914ccd4cab65e562cf99a436e32d57fb3556d52021143f6391f066b6946183a95c81cb9ef1a975ec9f059d9d7fd78ff4b7d85db897965d11e6b403d18d13dace24d1ca1e1047435fbe64b03d75512607c7bda54f7b95a47480f89e9264ab57eba51a23adabd15a3713f815d59e8681e577a9208b95bd5786e92cf7008ff07c15f5daf999532d6aec81695e4163ba46471f0c7f33d21387a27b72aff91e8db6d202faaecd801be61d18667f7f56727e5e22e69fb452a122ccfc8ea378f76b0a6d50086c8c0f1c614079f0b19fdcf2dda5fabc03c49f18e7d905d6ed18e9678992523ad94863cf16b23a69e8b01050162c178706598cbd2d37867e69c28ee24d71a3c442a53fec338abaf7a23f0db898cf9067090493bb8cbf65a0f1e8c3fc8ae867770dbe0cca270bb9ca0b6bddceb110817c255d683a5076cc58df930e275d19fb638268adb2b2f65db01364677b61be77b940a63733419c17125a275f60453aba3907b43015953d6ee000c31776318bfa6fc3fc4583a80fa739d9b0b982e5f818979b344ee83ddf8bd61f19c334d6a1054e22a132905a9a0edb0591b9a595d276f44fee11e526521559b350cfe35e8386079fb9aac3e29d343a00fca1bb861cecb1c9882e5434e05b54b863b56e95d5b48c699562c401a3faa300189ced5fc48f1ced3cc7f1644106eb3e12387cfff119af2fa18784ba078d762a04446c4bbf14dd51434245c1d4a1f43ac4c26d844105af948199951e5e33cc9f1185dd1973b2de480a9c0d92c072e793918d9255f8212c75b5294e23d67e34f098a0754735b12a7cdc8ffe74570f39f04922a5eb1ab6ae74fa6f43fa187446cc394eec81f20b4506eb0b1c951135bc483d54b65c7a91905a28c86f79272ed59695249a1f8d0dc50db4a6bb6f471544d7598748779dd0764f32cbacf923948ea7ac2d9d02fa73d06d32e976ef19febf187ae2dfac5d8f1c44ca84b65aa74bb3eb17fb26ce039da9b54a8b04faf5964a0f9f8222a0fec50d3c5f4685da1d0c5255475331848aafad26bdc3ccb1830d59e464d3e2357fd10f4fc0504e94dfb3b5e55d9fee4f02ebc87db0bc6ea1d36d0df58076c3cb6da6b491a3e46411be63446c312fcddbd449723ca49dfbd5984fe46c7b0462821430b5a2e72383e797975fff7cf81625a832fb74d88440005e4067e501e8b7a25ebdb8840899bc35fad679fc7f2b6f178fdff853b3e7a3ceb40f1786d9f1e6bc125a144999a697dcfbb227a50c39df9fc3f29f4e66f3ef7b32f239407363d5aba009332376eff7313ca0f4d8e580e561730052defde47ea257d4a7f20f288e5c79b3b376a4662b12072b59e677da281a669796d074df19f4c9874b76038e2cb2c87261a6face3313a12f6ffac822681bb99560418a48836566f42c6c187b2ad389d9d14f584d1e66c05e12ea9d09", 0x1000}], 0x3)
socket(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}})
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r2, @ANYRESHEX=r3], 0x15)
r4 = fsopen(&(0x7f0000000080)='befs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$KDDELIO(r5, 0x7040, 0x6)

3m27.699654118s ago: executing program 32 (id=120):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000001b00)=[{&(0x7f0000000300)="7a71f96cedb89dd3e71e2c25d78dca35edab5f2dc94833449810674b831f7f35314778c04e0cb104ff30732c1f0a570238174d91a0d9a93e6f42962d9de52008941cc63e43ab415399ea2576678879839b6219a8947e495e206c70f561a54b039693eb9bec094a47d84849ba54bb6d45a49bcb57e609fcd6cabfca6edd34c127a4e36b9cac3a39e30063b3f54a929d62cf4b536a168d49a4752d69ef602ceb5fdcaee3c5893ea8dccfca92d76f1eab1f755a5e8e12aa03c736619176ea8439c11203c69fcab074f8d0f4bdc3af8272f1415420c10b97c058", 0xd8}, {&(0x7f0000000580)="1b4a71105a9c1929b50430d6e09c9a05b7af9b0f5a0cd8d490e006566bd6b62f4a333f8a1c2788aa84338f21ea5065e7adeabdc41384d7c69cbd689ce2e9d51c21e42d51cdfcc675ff3533f47129b5ea5793c0b47fff64a36e2b59f26e8745b939dee7860cca5b15420011becc313bb22a019dece431127874904a884f42fb583ed741a0a985f000", 0x88}, {&(0x7f0000000b00)="68802178d1eb5b96582acd1ff3f58f31dc2d542f12845e2de6f5f41dafc194d10c28b7eb4773d14e44b04e0f2e23667e58323bf36f0e469522a9639ee0b86ff5029fdc216dd3ba42d16be8d443b7a56f09bb42ec01db192587fa381ec5ed0b319f5f29149c92afd19758a590ca32aae96a50fb870dfe833052d30af8a2099ecd13cbc847fcbdb9e29e531dc9767f17f9665dc2de8fa20892afb9cfea953e00f5b449cd1112f14264f4e09f0f0de26a26470c228fb25536e078c3d4dd8fcad6f951a5e01f687cf7c7e26160e985aa09ba0ae62a9598117e11aa9d31358f3be9e08238db0e1085a8f1c400d747e96c070919e59381655679197666552b7e662d2e1d706d6e2030cca2778e54e51ec984f029019188c4540adbcb8a7245df42014136dc5ec85c328fb5301f0d41ae4f9a3e0f7b6a4d18e558f257d9cd144d71cfa8d1f11d6169d797bf18be0c7d467537b953220c4d17cf79054568fed36f2fc1f0b7e1048ca65596866b2c960376abf70707691ef3837ac670f93c3c112d766ce3cc6ab3ae7c57912193211e5e63b997e77289f931365de9a5427a02008f00bdbfd6352755b6ffc1b3b225132e79a8e803bdeaaa5f87fd767b2606e466aed892de1f1800df5261d8a8d2ba18f49e9a619652f6b9683bb3ee07217f7b8a9e89dadf9ba780304d48ac8d6bb77506c66f423f4c58ef0b5944c5330deb8881cb1cfc29f4694a7a2e50143d2dfa3e1cc83cceca1106468990055d1e6f7454c9e553fd786253b77cdf5714be5bcbef15b30b9bf4b0be2117013b1916c2fa7b2284af61590a41b61c781a8244d689eb4689debc57f714ec75a0411938689eaf0cb803599f3a749bdd387365d1301287f2c9ff619d1e0c11161105837d7c604945c50a7c042fbf54666755c80b21474b6b3494f4c516085d23bdc3edb4caf6bfff17d2ae9a864eaa6605f19fba102a4f45b83470c67b19212930cf2548aeeb43d81c84d98762e6ff47f137cf0dd4cb97ae9859c1fc2e1a9f0eded6922a7cdcb2bafe3d6775621b3db626f5968c5b3f49f209b582403d5e850fd355db5c463ba20b45c665f6891a6901fd9ba8b913adfa96633543433516f9fcd065308d0001d8cde69e36206ff126ae0687cc407fd05dd973ee0e085e8de84f8d5d69be5c8d017e519cec1e2c8ccd319daa2dde179a42648e8cb97b3e9ec31b73f133f9ab2cb469adb60dd9c865830da66ce390c6bd84cdd63cf483a1cbfd6031424e315ca3576735ca4198797cd56d49a1bbb39d89a2f89560488c7f9a0d6d4cbf4720e4ef5b98dd033cc6b63369c7fa55820672d67406754e8c02bc929bc1357ef7e4230ffebf74792528a87fa5c77fc656907544eeba84138ce0f181da82c1b8a8c84911dcc524043c8e67e2c81c6670f7264b9b3b15739524dafe5b4c74140f9ad8075d3fd8f2c675597564b33b0e94088d815a691bb42dc922e13479f1fe7317cfc0f714a86ff614625b36f64c5ea80e024718f6776748348816295a6162f48feebffa5bfc624dceaaafdfbd369739ebd576d293c7ed93dc39761b97267662dd3ac99f1b0d818ab5ade48919f26b872e61f4ea487da67c801ee00eef1313038b53051a876921d3b456d65847dcb84601aafc4bb90a72d1bef1569a94d6a962b77dae18ab26a8f7ba53cd36b78587ce041da9d036e577995b33daa3a90a09148deba522e32c09cfedc6765870d4359b5028f7aa02c7bfd6164334b996b6cc0244d3f0be8ab4c50017bca046e841d789c4c90f957c115919c95396c40586df5424c11d0b9a52e8212fab29a9c15266b3caaa0356a2f80d628df072978de30b33ddb778c532859f8db52c09e17b6b29cd81eb9a58a6ac0231f3437cfb44d522f1d38adffad2f4b4cfbd96a354e08057f881ea2d09ec64b1e58e0b0834ee908b7295321018ddd88d538a6653e01d95c21f1cf1e8c4367f43c4ceeac4de86e9579c142f63ccb72e1bdc9cf01006bdf59bdf440a2362f3fa572fdb13e3bfa7d53a21055d37fdc90aa75fefea7d23cc3180d641ce17f07d3ab26172f8f190512a77bbc8af495e39e39c847223985db14f77eca453a929efb969fd528f9273b9a11684ccaccb4e113792006e90c00927df5788b6e15c92b71f140e8d9756adb434011faaa9b96b2e5a1496df8086008c00db625a979891110fa07423ec3ec56af7d05e98edba01161771338a3670175f0daa62c452fb677fb6992b6ea7ade3643c23d196cbfd771ecbb13ebf5a254518ab4519171f261a0f468ad9a9bcf2f0c9f490f1d088476de1df2b273f046fbb70fd249400178c7a33920657756c9acdd21b09d9eedde9fc6da57557272a20ba2ae592669e5c4859441f775065b21a6a681fea2ace04057f5f564825da8af2a0f53f0e26f77b2fcbc5b79e83986606154a43945e110a6e33fefec5680f57820b82bdb2a51dbc9a92dbe05f1da352328771c4530240aa6d3093118d1d5329e7da5071e8182ec8f88459840950f2c52b54e0d0420f0565f908b95f17ce615bcd0d323c03053d5379ef50a5f370c9ba242f0a9514684effb97cbe1adf8e3a9a45ae99a09321869098bcc9d5ed8876bfef07ce2b0fee35b511861b44b7b0e70eed96253cc6e89aa560798877e47b91561f2bccf8ff6adb342ac06df868ba85d265b4422fa85b9cd4dfea65ef41b918b19bfd9f7b31014c78dcbfffd31fbc837e4e1638fce98ac589368fa96fd6689ba32565904dd665f17d561b4df9ef35e70906faebbf176c15fc0df2e3103cd730e2bfe13181b1a45907930da4520a29e9ec4723ab0c62b14ff9cea5b241c39353d33609f4da59c7d5808952c0f6bcfb0eb459ef7d0ca4970d640d612bea41693137e88faf8b93ed7565c6c28f00e3f93b70e8f88561a683de1d5576436cc18ac753ec1f37a9f7cbb587b1b3d3ed2a66946218d67e8282b9bbf729a9362718311dcd0efe50af245fce51dea9f45bd65c1836c917e726b4c6cf9147c8a6305245483dbba1ca265b709154118ed39d0ec4fc1856ab2ba75a5a0174c53cd00d6c8ba6c398d0ac138d414856d5f502d722ccef89c9fa0a49def65447e05c7599fe8d633162b2525bcd7f56c200545a5aae96c2c1e93e11d666ee8417986661d8d299f1d9f9cfee7bb1e8f55d6aeed20f387bdba09d2fdf5516b1bce682c79faaa9809684b91a3fb4e6518e38f63b4b2899eabd738e60ee8741f8231dd9cd71384622ae281ec20e6837739b13e36cb774101bf423d8decfbeb28a68a5308b792d847c604186323b19bfb88e4d51547508d4d0e14a5e6fdcea4f14884f198d93330aceb9c6ea899bd284c3632927bcbbc4456c5a05a75f7038c85227c6d6382efdacc821438aa9e72a35b92bc99a0128bdfeb4a0154beeddce2c98c40b446134c70dd87e204761414010a859bbf18357af9ca726ec7231703f3414d1e1129fcbf05f998cdf9098261a3713ab65cefca12d4ae69b50c788ee19446825b73c89cc3fd540ece1ecb53610404222afd8055ec992576c568d3cff97d64dbcd447d0de14c8502d769d3cab1057622a98a5829abe672dfee49af116293eabdac4c89faa2191348de3d91eadc5ec32767a3827c6616d2d2bb4230a8226d44c6fa806c77df44b40fdb304096080630b92fcb2d4de84566e68a865313f9eca0fb15df20495389c27a41753534a36b1259511a1da84502f188212b6689640699127708a53a7fc2d76a3439556ea03263db8ee88653912f7e7390a3b100b8ead14d7803fdd6de947c6088d348397d599e12076be174f5e2da13a96f7c6e3c3f9cca0836527aa6fe1ba7434ebc2e1949e0365b08b06fba14c77cf55f677bedae007a4f32d742cf472922357f292af4a89d5bc36461026da03d158438d185d906b42b6e8eba913cb55391b0427394f8cd81fa392ca49a700e0b8d9f670a8858906abaa0bf51a1b984cca5e6196ed4de4a8956edb1922f959b854f67721eaf414b371490ee09aff98fa5f0724841285330ec9a9d997d8d6b57026e19be3e45f76321ff214c3527f8704ecf222c3a5e525ef5948a8983d2d2f22599b327841db8b2fd5426ede1312cb72dd41a1d5c4d0cdb305a50adc42c7b71721997c2164149d8d8ee3e8790292be8e5829bf3c772aca473c6129d5b4e541ba291067fc116de7ea21303903524b592ce668251f929868865cf5c73f20ebf0db3bc01b945bfba9e7c6c93ce8b904a76a6ebb5affdea2f4940bd03ff456322aa812a76f45cf60dbe34ee000987ad734b281f2a0a5ce596d39c5fda76b4258af737b258d35977884a0a900b632953906996d986a8e97c3bd9db21178079647657ee81b25e98506914ccd4cab65e562cf99a436e32d57fb3556d52021143f6391f066b6946183a95c81cb9ef1a975ec9f059d9d7fd78ff4b7d85db897965d11e6b403d18d13dace24d1ca1e1047435fbe64b03d75512607c7bda54f7b95a47480f89e9264ab57eba51a23adabd15a3713f815d59e8681e577a9208b95bd5786e92cf7008ff07c15f5daf999532d6aec81695e4163ba46471f0c7f33d21387a27b72aff91e8db6d202faaecd801be61d18667f7f56727e5e22e69fb452a122ccfc8ea378f76b0a6d50086c8c0f1c614079f0b19fdcf2dda5fabc03c49f18e7d905d6ed18e9678992523ad94863cf16b23a69e8b01050162c178706598cbd2d37867e69c28ee24d71a3c442a53fec338abaf7a23f0db898cf9067090493bb8cbf65a0f1e8c3fc8ae867770dbe0cca270bb9ca0b6bddceb110817c255d683a5076cc58df930e275d19fb638268adb2b2f65db01364677b61be77b940a63733419c17125a275f60453aba3907b43015953d6ee000c31776318bfa6fc3fc4583a80fa739d9b0b982e5f818979b344ee83ddf8bd61f19c334d6a1054e22a132905a9a0edb0591b9a595d276f44fee11e526521559b350cfe35e8386079fb9aac3e29d343a00fca1bb861cecb1c9882e5434e05b54b863b56e95d5b48c699562c401a3faa300189ced5fc48f1ced3cc7f1644106eb3e12387cfff119af2fa18784ba078d762a04446c4bbf14dd51434245c1d4a1f43ac4c26d844105af948199951e5e33cc9f1185dd1973b2de480a9c0d92c072e793918d9255f8212c75b5294e23d67e34f098a0754735b12a7cdc8ffe74570f39f04922a5eb1ab6ae74fa6f43fa187446cc394eec81f20b4506eb0b1c951135bc483d54b65c7a91905a28c86f79272ed59695249a1f8d0dc50db4a6bb6f471544d7598748779dd0764f32cbacf923948ea7ac2d9d02fa73d06d32e976ef19febf187ae2dfac5d8f1c44ca84b65aa74bb3eb17fb26ce039da9b54a8b04faf5964a0f9f8222a0fec50d3c5f4685da1d0c5255475331848aafad26bdc3ccb1830d59e464d3e2357fd10f4fc0504e94dfb3b5e55d9fee4f02ebc87db0bc6ea1d36d0df58076c3cb6da6b491a3e46411be63446c312fcddbd449723ca49dfbd5984fe46c7b0462821430b5a2e72383e797975fff7cf81625a832fb74d88440005e4067e501e8b7a25ebdb8840899bc35fad679fc7f2b6f178fdff853b3e7a3ceb40f1786d9f1e6bc125a144999a697dcfbb227a50c39df9fc3f29f4e66f3ef7b32f239407363d5aba009332376eff7313ca0f4d8e580e561730052defde47ea257d4a7f20f288e5c79b3b376a4662b12072b59e677da281a669796d074df19f4c9874b76038e2cb2c87261a6face3313a12f6ffac822681bb99560418a48836566f42c6c187b2ad389d9d14f584d1e66c05e12ea9d09", 0x1000}], 0x3)
socket(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}})
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r2, @ANYRESHEX=r3], 0x15)
r4 = fsopen(&(0x7f0000000080)='befs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$KDDELIO(r5, 0x7040, 0x6)

2m34.400267668s ago: executing program 3 (id=485):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x88840, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000000)={0x0, 'syz_tun\x00', {0xffffffff}, 0x7})
socket(0x80000000000000a, 0x2, 0x0)
socket(0xa, 0x3, 0x3a)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r2 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000001c0)=[r3], &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000080), 0x0, 0x1})

2m33.815237328s ago: executing program 3 (id=491):
mkdir(&(0x7f0000000080)='./file1\x00', 0x8)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000340)={0x8000000000000000, 0x4, 0x100000001, 0x3, 0x24, 0x6, 0x6, 0xfffffffffffffffc, 0x100fff})
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
creat(&(0x7f0000010280)='./file0\x00', 0x182)

2m33.719250898s ago: executing program 3 (id=493):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f00000002c0)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x0, @local}, 0x2, 0x0, 0x1}}, 0x26)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x60bd27, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x1c}}, 0x20) (fail_nth: 1)

2m33.339220657s ago: executing program 3 (id=495):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[])
setsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000100)="afcd1f8ea483793cadeca8407e034883ac82f929bd6f225faf04e84115e33df96318989da68347b65de4df18a2a8cf65054223d5d5723e42808a96e43f87e84dfe7da9304a49c780a005", 0x4a)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000160055312a00000000000a0000000800"], 0x1c}}, 0x0)
sendmmsg(r0, &(0x7f00000026c0)=[{{0x0, 0x0, &(0x7f0000003880)=[{&(0x7f0000000240)="c57219fd56c3", 0x6}], 0x1}}], 0x1, 0x4000045)

2m32.811033871s ago: executing program 3 (id=500):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000c80)={0x0, 0x17c}, 0x1, 0x0, 0x0, 0x4008004}, 0x20000080)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
capset(&(0x7f0000000340)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x20000000})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f0000002240)={0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000180)={0x10, 0x2e, 0x1, 0x70bd26, 0x25dfdbfe}, 0x10}], 0x1, &(0x7f0000002200)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0x20, 0x4000000}, 0x24004000)
recvmmsg$unix(r4, &(0x7f00000053c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0xa32, 0x60, 0x0)
sendmsg$FOU_CMD_GET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x38, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PEER_V4={0x8, 0x8, @remote}, @FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @empty}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e20}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x8815)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r6, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0xd, 0x10, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309002500000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc60efd680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca512b5f379c4eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7f804bb4713019a83353dc519d11c3cc1c22a3b86cf3c645413fcea0ce9ded703699d2bb6a4a663b99b6069da5aaf6470a648847440f064b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200216032811fadcf1e0f49a514df529061e09ce45e3f303a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a250200000000000000d23d324205000000000000000a617f22133b6cb5087f4c6057942ad995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f0200000059119ab50c1f706a930121ebcd53ccb93d158186ed4b9a3cff46591ccaff3075b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8841416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedcbefc5990d7fed29a002ce34dccd6fc5d944afa92b22ec9a698469c6edc06caa2cfcd61912607d559b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c7116fb5fdc756d732533c2722e03000593e37966611602f297de6ff5408777d7a93c45cee3eeea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8fa4b23e296fb889c02f484f6579ef62866a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c909cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc562507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f80000000000001700000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000ff000000000000000000000b00"})
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3be", 0x6)
r7 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r9, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r10, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)
write(r1, &(0x7f0000000040)="2400000021002551241c0165ff00fc020200000000100f000ee1000c08000b0000000002", 0x24)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@delsa={0x28, 0x11, 0x9, 0x70bd2d, 0x25dfdbfb, {@in=@broadcast, 0x4d2, 0xa, 0x33}}, 0x28}, 0x1, 0x0, 0x0, 0x24008080}, 0x10000044)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRESDEC=r0, @ANYRESOCT], 0x74}, 0x1, 0x0, 0x0, 0x40048000}, 0x4000015)

2m32.4948205s ago: executing program 3 (id=504):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[@ANYBLOB='+cpu'], 0xb)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
r4 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
writev(r4, &(0x7f0000000480)=[{&(0x7f0000000140)="34a9ef", 0x3}], 0x1)
bind$l2tp6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
bind$l2tp6(r3, &(0x7f0000000080)={0xa, 0x0, 0x401, @private0, 0x10001}, 0x20)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)
write$cgroup_type(r5, &(0x7f0000000040), 0x9)

2m17.07587211s ago: executing program 33 (id=504):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[@ANYBLOB='+cpu'], 0xb)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
r4 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
writev(r4, &(0x7f0000000480)=[{&(0x7f0000000140)="34a9ef", 0x3}], 0x1)
bind$l2tp6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
bind$l2tp6(r3, &(0x7f0000000080)={0xa, 0x0, 0x401, @private0, 0x10001}, 0x20)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)
write$cgroup_type(r5, &(0x7f0000000040), 0x9)

12.673832337s ago: executing program 1 (id=1207):
r0 = socket$inet6(0xa, 0x2, 0xf)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(r0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e224e217f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71036000000ffffffffffffffffff", 0x49}], 0x1)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
iopl(0x3)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x8000000000000000)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
recvmsg(r2, 0x0, 0x40000102)
setsockopt(r2, 0x84, 0x12, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r3 = mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3})
mq_timedsend(r3, 0x0, 0x0, 0x5, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0xa, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

11.062353903s ago: executing program 1 (id=1214):
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)="4274aa814c8f6ea8d8db43", 0xb}, {0x0}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2b6aa78", 0x58}], 0x3}, 0x41)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000001700)="0c74c75350f4a590", 0x8}], 0x2, 0x0, 0x0, 0x10}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)=0x5, 0x12)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

8.02537009s ago: executing program 1 (id=1221):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x5437, 0x0)
r2 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)

6.384103278s ago: executing program 0 (id=1224):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d0400", 0xc)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f0000000600), 0xfec8)
recvmmsg(r1, &(0x7f0000003300)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000640)=""/243, 0xf3}], 0x1}, 0x9}], 0x1, 0xcb, 0x0)

5.327253402s ago: executing program 0 (id=1225):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3b, 0x0, &(0x7f0000000240)=0x24)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5.074859257s ago: executing program 1 (id=1228):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xfffffffffffffe1f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000000)="2e000300010001", 0x7)
creat(&(0x7f0000000180)='./file3\x00', 0x200)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x13c}}, 0x4000000)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x5c}, 0x1, 0x0, 0x0, 0x24004850}, 0x40054)
unlink(0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="020200020a0000000100ed9d8fefee58720000000000030006000000400002004e2164010101000000000000000002000000fb0000000000030005000000000002004e220000"], 0x50}, 0x1, 0x7}, 0x40880)
fanotify_init(0xf00, 0x1000)

4.84280891s ago: executing program 5 (id=1230):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbff}, 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x4000840)
write$tun(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001011ff00000000000100070000000000000000ff0200000000000000000000000000014f194e20"], 0xfdef)

3.676523606s ago: executing program 0 (id=1231):
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, 0x0, 0x0)
sendmsg$sock(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@in6={0x2, 0x4e21, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

3.514979451s ago: executing program 1 (id=1233):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040f204211400000040000109022400010000b00009040100090300000009210000000122290009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000600)={0x2c, &(0x7f0000000540)={0x40, 0x24, 0x29, {0x29, 0xb, "98c1b95e87ee9fa47fad7cc0fa5bba479c82dc874c88a7211f46d75fe34c250c0c1cb45655f4f5"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

3.407485536s ago: executing program 0 (id=1235):
openat$tun(0xffffffffffffff9c, 0x0, 0x20400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r3 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f00000000c0)={[{@quota}, {@grpquota_block_hardlimit={'grpquota_block_hardlimit', 0x3d, [0x33]}}]})
fallocate(0xffffffffffffffff, 0x0, 0x1, 0x8ffff)

2.038575856s ago: executing program 4 (id=1237):
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x2000, 0x80000}, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x400)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r3=>0x0, 0x0, <r4=>0x0], &(0x7f0000000040), 0x3, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000580)={0x0, 0x1, &(0x7f0000000180)=[r2], &(0x7f00000000c0)=[0x3], &(0x7f0000000640)=[r4, r3, r3], &(0x7f0000000340), 0x0, 0xffffffffffffffff})

1.749161089s ago: executing program 0 (id=1238):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f00000001c0)={0x80, 0x6, 0x206, 0xfffe, 0x52, 0xffff874c, 0x0})

1.725994906s ago: executing program 4 (id=1239):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r4 = memfd_create(&(0x7f0000000180)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x17}\xdc\x8a\r8\x06D-\xf4nN8\x0f\xba\xc4\x19\x9f\xd9?!\xd3\x8b\xd2\xa4\x88\x9f\xfdH\x11\x19\xf4aX8!\x8c\xedn\x17NEwC\xc4\xe0\x8d\x97\"\xbfC3M\xa0\x93A\x18\x00\x00\x00\xfb\x00\x00\x00', 0x3)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f00000000c0)={r4, 0x0, 0x2000, 0x1000})
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, &(0x7f0000000080)=0x1)
getsockopt$IP_SET_OP_GET_BYINDEX(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000280)={0x7, 0x7, 0x4}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.70133446s ago: executing program 5 (id=1240):
syz_open_dev$dri(0x0, 0xfffffffffffffc01, 0xa0001)
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, 0x0, 0x0)
sendmsg$sock(r0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)

1.494741484s ago: executing program 5 (id=1241):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000340)={0x400, 0x300, 0x0, 0x800, 0xbbba, 0x0, 0x18, 0x0, {0x3}, {0x0, 0xfffffffd, 0xfffffffe}, {0x0, 0xffff0000}, {0x1000000}, 0x0, 0x3f0, 0x0, 0xd613, 0x1, 0x2, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x4, 0x0, 0x100, 0x3})

450.865133ms ago: executing program 4 (id=1242):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x0, &(0x7f00000001c0)}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in={{0x2, 0xce23, @broadcast}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000080)={0x0, 0xa00, 0x10, 0xaf9}, &(0x7f0000000440)=0x18)

305.76208ms ago: executing program 4 (id=1243):
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44)
sendmsg$sock(r0, 0x0, 0x0)

239.303914ms ago: executing program 5 (id=1244):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d0400", 0xc)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f0000000600), 0xfec8)
recvmmsg(r1, &(0x7f0000003300)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000640)=""/243, 0xf3}], 0x1}, 0x9}], 0x1, 0xcb, 0x0)

234.324509ms ago: executing program 0 (id=1245):
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = msgget$private(0x0, 0x722)
msgsnd(r0, 0x0, 0x8, 0x800)
msgrcv(r0, 0x0, 0x0, 0xffffff7f00000000, 0x0)

188.864687ms ago: executing program 5 (id=1246):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, 0x0, 0x0)
listen(r0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0xfffffffd}}, 0x10)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10)
socket(0x15, 0x5, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000001c0)={r3, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000100)=[<r5=>0x0, <r6=>0x0, 0x0], &(0x7f0000000280), 0x3, r4})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000340)={&(0x7f0000000200), 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000580)={0x0, 0x1, &(0x7f0000000180)=[r4], &(0x7f00000000c0)=[0x3], &(0x7f0000000200)=[r6, r5], &(0x7f0000000340), 0x0, 0xffffffffffffffff})

85.225627ms ago: executing program 4 (id=1247):
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x2000, 0x80000}, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x400)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r3=>0x0, 0x0, <r4=>0x0], &(0x7f0000000040), 0x3, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000580)={0x0, 0x1, &(0x7f0000000180)=[r2], &(0x7f00000000c0)=[0x3], &(0x7f0000000640)=[r4, r3, r3], &(0x7f0000000340), 0x0, 0xffffffffffffffff})

39.318362ms ago: executing program 5 (id=1248):
openat$tun(0xffffffffffffff9c, 0x0, 0x20400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r3 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r4, 0x0, 0x1, 0x8ffff)

5.153865ms ago: executing program 1 (id=1249):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/partitions\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r1, r0, &(0x7f00000000c0)=0x58, 0xa)

0s ago: executing program 4 (id=1250):
r0 = gettid()
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000003c0)={0x0, 0x20000005, 0x30}, 0xc)
r2 = dup(r1)
write$cgroup_subtree(r2, &(0x7f00000005c0)=ANY=[], 0x32600)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000140)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x1}}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0)

kernel console output (not intermixed with test programs):

-1/input0
[  224.998242][  T823] cp2112 0003:10C4:EA90.0004: Part Number: 0x82 Device Version: 0xFE
[  225.016172][  T823] cp2112 0003:10C4:EA90.0004: error requesting SMBus config
[  225.088068][  T823] cp2112 0003:10C4:EA90.0004: probe with driver cp2112 failed with error -5
[  225.216047][ T1120] usb 2-1: USB disconnect, device number 38
[  225.895987][ T7463] FAULT_INJECTION: forcing a failure.
[  225.895987][ T7463] name failslab, interval 1, probability 0, space 0, times 0
[  225.896023][ T7463] CPU: 1 UID: 0 PID: 7463 Comm: syz.0.600 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  225.896052][ T7463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  225.896066][ T7463] Call Trace:
[  225.896075][ T7463]  <TASK>
[  225.896084][ T7463]  dump_stack_lvl+0xe8/0x150
[  225.896116][ T7463]  should_fail_ex+0x46b/0x600
[  225.896155][ T7463]  should_failslab+0xa8/0x100
[  225.896187][ T7463]  __kvmalloc_node_noprof+0x170/0x8e0
[  225.896218][ T7463]  ? file_tty_write+0x2ec/0xa10
[  225.896244][ T7463]  ? _mutex_trylock_nest_lock+0x128/0x180
[  225.896278][ T7463]  file_tty_write+0x2ec/0xa10
[  225.896314][ T7463]  vfs_write+0x629/0xba0
[  225.896355][ T7463]  ? __pfx_vfs_write+0x10/0x10
[  225.896398][ T7463]  ? __fget_files+0x2a/0x420
[  225.896437][ T7463]  ksys_write+0x156/0x270
[  225.896473][ T7463]  ? __pfx_ksys_write+0x10/0x10
[  225.896516][ T7463]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.896542][ T7463]  do_syscall_64+0x174/0x580
[  225.896577][ T7463]  ? trace_irq_disable+0x3b/0x140
[  225.896612][ T7463]  ? clear_bhb_loop+0x40/0x90
[  225.896642][ T7463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.896666][ T7463] RIP: 0033:0x7fcc71b2ce59
[  225.896687][ T7463] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  225.896709][ T7463] RSP: 002b:00007fcc6fd65028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  225.896733][ T7463] RAX: ffffffffffffffda RBX: 00007fcc71da6090 RCX: 00007fcc71b2ce59
[  225.896751][ T7463] RDX: 00000000fffffecc RSI: 0000200000000240 RDI: 0000000000000003
[  225.896766][ T7463] RBP: 00007fcc6fd65090 R08: 0000000000000000 R09: 0000000000000000
[  225.896781][ T7463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.896795][ T7463] R13: 00007fcc71da6128 R14: 00007fcc71da6090 R15: 00007ffd419df298
[  225.896831][ T7463]  </TASK>
[  225.899002][ T5621] Bluetooth: hci4: command tx timeout
[  226.084342][ T7464] FAULT_INJECTION: forcing a failure.
[  226.084342][ T7464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.084462][ T7464] CPU: 1 UID: 0 PID: 7464 Comm: syz.1.602 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  226.084501][ T7464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  226.084515][ T7464] Call Trace:
[  226.084524][ T7464]  <TASK>
[  226.084549][ T7464]  dump_stack_lvl+0xe8/0x150
[  226.084693][ T7464]  should_fail_ex+0x46b/0x600
[  226.084798][ T7464]  _copy_from_user+0x2d/0xb0
[  226.084872][ T7464]  ___sys_sendmsg+0x1c6/0x360
[  226.084968][ T7464]  ? __lock_acquire+0x6b5/0x2d10
[  226.085054][ T7464]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.085236][ T7464]  ? __fget_files+0x2a/0x420
[  226.085302][ T7464]  ? __fget_files+0x3a6/0x420
[  226.085405][ T7464]  __x64_sys_sendmsg+0x1c3/0x2a0
[  226.085509][ T7464]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  226.085623][ T7464]  ? __pfx_ksys_write+0x10/0x10
[  226.085686][ T7464]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.085758][ T7464]  do_syscall_64+0x174/0x580
[  226.085848][ T7464]  ? trace_irq_disable+0x3b/0x140
[  226.085913][ T7464]  ? clear_bhb_loop+0x40/0x90
[  226.086003][ T7464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.086080][ T7464] RIP: 0033:0x7f6ea148ce59
[  226.086139][ T7464] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  226.086191][ T7464] RSP: 002b:00007f6e9f6e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.086254][ T7464] RAX: ffffffffffffffda RBX: 00007f6ea1705fa0 RCX: 00007f6ea148ce59
[  226.086297][ T7464] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  226.086337][ T7464] RBP: 00007f6e9f6e6090 R08: 0000000000000000 R09: 0000000000000000
[  226.086371][ T7464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.086411][ T7464] R13: 00007f6ea1706038 R14: 00007f6ea1705fa0 R15: 00007ffd4c448ad8
[  226.086505][ T7464]  </TASK>
[  226.801225][ T7373] 8021q: adding VLAN 0 to HW filter on device batadv0
[  226.881811][ T5768] usb 2-1: new full-speed USB device number 39 using dummy_hcd
[  227.009428][ T5768] usb 2-1: device descriptor read/64, error -71
[  227.172008][ T7373] veth0_vlan: entered promiscuous mode
[  227.180198][ T5726] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  227.217722][ T7373] veth1_vlan: entered promiscuous mode
[  227.259387][ T5768] usb 2-1: new full-speed USB device number 40 using dummy_hcd
[  227.293655][ T7373] veth0_macvtap: entered promiscuous mode
[  227.308348][ T7373] veth1_macvtap: entered promiscuous mode
[  227.351191][ T5726] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.351229][ T5726] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  227.351272][ T5726] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  227.351298][ T5726] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.385010][ T7373] batman_adv: batadv0: Interface activated: batadv_slave_0
[  227.395101][ T5768] usb 2-1: device descriptor read/64, error -71
[  227.420199][ T5726] usb 1-1: config 0 descriptor??
[  227.486145][ T7373] batman_adv: batadv0: Interface activated: batadv_slave_1
[  227.522060][ T5768] usb usb2-port1: attempt power cycle
[  227.572479][ T1438] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.575021][ T1438] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.602263][ T1438] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.626656][ T1423] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.887501][ T5726] hid-led 0003:27B8:01ED.0005: unbalanced collection at end of report description
[  227.890442][ T5726] hid-led 0003:27B8:01ED.0005: probe with driver hid-led failed with error -22
[  227.898921][ T5768] usb 2-1: new full-speed USB device number 41 using dummy_hcd
[  227.923915][ T5768] usb 2-1: device descriptor read/8, error -71
[  227.980094][ T5621] Bluetooth: hci4: command tx timeout
[  228.045385][    T9] usb 1-1: USB disconnect, device number 31
[  228.171868][ T5768] usb 2-1: new full-speed USB device number 42 using dummy_hcd
[  228.204447][ T5768] usb 2-1: device descriptor read/8, error -71
[  228.320629][ T5768] usb usb2-port1: unable to enumerate USB device
[  228.557651][ T1423] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.557673][ T1423] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.757467][ T1423] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.757490][ T1423] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.988792][ T5712] usb 1-1: new full-speed USB device number 32 using dummy_hcd
[  229.076448][ T7494] FAULT_INJECTION: forcing a failure.
[  229.076448][ T7494] name failslab, interval 1, probability 0, space 0, times 0
[  229.076474][ T7494] CPU: 0 UID: 0 PID: 7494 Comm: syz.5.610 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  229.076492][ T7494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  229.076502][ T7494] Call Trace:
[  229.076508][ T7494]  <TASK>
[  229.076515][ T7494]  dump_stack_lvl+0xe8/0x150
[  229.076563][ T7494]  should_fail_ex+0x46b/0x600
[  229.076602][ T7494]  should_failslab+0xa8/0x100
[  229.076635][ T7494]  __kmalloc_noprof+0xdf/0x7b0
[  229.076662][ T7494]  ? kfree+0x4d/0x6c0
[  229.076684][ T7494]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  229.076723][ T7494]  tomoyo_realpath_from_path+0xe3/0x5d0
[  229.076743][ T7494]  ? tomoyo_domain+0xd7/0x130
[  229.076765][ T7494]  ? tomoyo_path_number_perm+0x219/0x630
[  229.076789][ T7494]  tomoyo_path_number_perm+0x246/0x630
[  229.076814][ T7494]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  229.076837][ T7494]  ? __lock_acquire+0x6b5/0x2d10
[  229.076857][ T7494]  ? do_raw_spin_lock+0x12b/0x2f0
[  229.076899][ T7494]  ? __fget_files+0x2a/0x420
[  229.076920][ T7494]  ? __fget_files+0x2a/0x420
[  229.076937][ T7494]  ? __fget_files+0x3a6/0x420
[  229.076954][ T7494]  ? __fget_files+0x2a/0x420
[  229.076975][ T7494]  security_file_ioctl+0xc3/0x2a0
[  229.077000][ T7494]  __se_sys_ioctl+0x47/0x170
[  229.077023][ T7494]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.077041][ T7494]  do_syscall_64+0x174/0x580
[  229.077064][ T7494]  ? trace_irq_disable+0x3b/0x140
[  229.077082][ T7494]  ? clear_bhb_loop+0x40/0x90
[  229.077102][ T7494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.077117][ T7494] RIP: 0033:0x7fe5bb07ce59
[  229.077131][ T7494] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  229.077145][ T7494] RSP: 002b:00007fe5b92d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  229.077161][ T7494] RAX: ffffffffffffffda RBX: 00007fe5bb2f5fa0 RCX: 00007fe5bb07ce59
[  229.077173][ T7494] RDX: 0000200000000180 RSI: 0000000040305829 RDI: 0000000000000003
[  229.077183][ T7494] RBP: 00007fe5b92d6090 R08: 0000000000000000 R09: 0000000000000000
[  229.077193][ T7494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.077202][ T7494] R13: 00007fe5bb2f6038 R14: 00007fe5bb2f5fa0 R15: 00007ffd1eabdda8
[  229.077226][ T7494]  </TASK>
[  229.077232][ T7494] ERROR: Out of memory at tomoyo_realpath_from_path.
[  229.282851][ T5712] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  229.283983][ T5712] usb 1-1: config 0 has no interface number 0
[  229.328950][ T5712] usb 1-1: New USB device found, idVendor=0b48, idProduct=1003, bcdDevice=7b.54
[  229.329043][ T5712] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.329098][ T5712] usb 1-1: Product: syz
[  229.329140][ T5712] usb 1-1: Manufacturer: syz
[  229.329184][ T5712] usb 1-1: SerialNumber: syz
[  229.394180][ T5712] usb 1-1: config 0 descriptor??
[  229.437288][ T5712] usb 1-1: selecting invalid altsetting 1
[  229.461133][ T5712] dvb_ttusb_budget: ttusb_init_controller: error
[  229.461432][ T5712] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  229.617414][ T5712] DVB: Unable to find symbol stv0299_attach()
[  229.686004][ T5712] DVB: Unable to find symbol tda8083_attach()
[  229.686021][ T5712] dvb_ttusb_budget: no frontend driver found for device [0b48:1003]
[  229.774921][ T5712] usb 1-1: USB disconnect, device number 32
[  230.162112][ T5726] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  230.317014][ T7514] random: crng reseeded on system resumption
[  230.318412][ T5902] failed while handling packet from 1:-2
[  230.409101][ T5726] usb 5-1: Using ep0 maxpacket: 16
[  230.411901][ T5726] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024
[  230.411934][ T5726] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024
[  230.411960][ T5726] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  230.411981][ T5726] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  230.415461][ T5726] usb 5-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  230.415492][ T5726] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.415514][ T5726] usb 5-1: Product: syz
[  230.415529][ T5726] usb 5-1: Manufacturer: syz
[  230.415544][ T5726] usb 5-1: SerialNumber: syz
[  230.518019][ T5726] usb 5-1: config 0 descriptor??
[  230.525873][ T7502] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  230.564058][    C1] port100 5-1:0.0: NFC: Urb failure (status -71)
[  230.577944][ T5726] port100 5-1:0.0: NFC: Could not get supported command types
[  230.751463][ T5348] usb 5-1: USB disconnect, device number 18
[  231.242812][ T7527] FAULT_INJECTION: forcing a failure.
[  231.242812][ T7527] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  231.242850][ T7527] CPU: 0 UID: 0 PID: 7527 Comm: syz.1.621 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  231.242876][ T7527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  231.242891][ T7527] Call Trace:
[  231.242899][ T7527]  <TASK>
[  231.242908][ T7527]  dump_stack_lvl+0xe8/0x150
[  231.242942][ T7527]  should_fail_ex+0x46b/0x600
[  231.242981][ T7527]  _copy_from_user+0x2d/0xb0
[  231.243012][ T7527]  ___sys_sendmsg+0x1c6/0x360
[  231.243047][ T7527]  ? __lock_acquire+0x6b5/0x2d10
[  231.243087][ T7527]  ? __pfx____sys_sendmsg+0x10/0x10
[  231.243158][ T7527]  ? __fget_files+0x2a/0x420
[  231.243184][ T7527]  ? __fget_files+0x3a6/0x420
[  231.243222][ T7527]  __x64_sys_sendmsg+0x1c3/0x2a0
[  231.243260][ T7527]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  231.243305][ T7527]  ? __pfx_ksys_write+0x10/0x10
[  231.243345][ T7527]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.243371][ T7527]  do_syscall_64+0x174/0x580
[  231.243403][ T7527]  ? trace_irq_disable+0x3b/0x140
[  231.243428][ T7527]  ? clear_bhb_loop+0x40/0x90
[  231.243455][ T7527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.243478][ T7527] RIP: 0033:0x7f6ea148ce59
[  231.243498][ T7527] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  231.243517][ T7527] RSP: 002b:00007f6e9f6e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  231.243541][ T7527] RAX: ffffffffffffffda RBX: 00007f6ea1705fa0 RCX: 00007f6ea148ce59
[  231.243557][ T7527] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  231.243572][ T7527] RBP: 00007f6e9f6e6090 R08: 0000000000000000 R09: 0000000000000000
[  231.243587][ T7527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.243601][ T7527] R13: 00007f6ea1706038 R14: 00007f6ea1705fa0 R15: 00007ffd4c448ad8
[  231.243635][ T7527]  </TASK>
[  231.259362][ T1120] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  231.388774][ T1120] usb 6-1: device descriptor read/64, error -71
[  231.539449][ T5704] usb 1-1: new full-speed USB device number 33 using dummy_hcd
[  231.689456][ T1120] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  231.743914][ T5704] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  231.743945][ T5704] usb 1-1: config 0 has no interface number 0
[  231.744000][ T5704] usb 1-1: config 0 interface 1 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  231.744035][ T5704] usb 1-1: config 0 interface 1 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.744063][ T5704] usb 1-1: config 0 interface 1 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  231.744096][ T5704] usb 1-1: config 0 interface 1 has no altsetting 0
[  231.744150][ T5704] usb 1-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[  231.744178][ T5704] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.788491][ T5704] usb 1-1: config 0 descriptor??
[  231.871439][ T1120] usb 6-1: device descriptor read/64, error -71
[  231.980252][   T10] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  232.177167][ T1120] usb usb6-port1: attempt power cycle
[  232.201258][   T10] usb 5-1: device descriptor read/64, error -71
[  232.460632][   T10] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  232.589089][   T10] usb 5-1: device descriptor read/64, error -71
[  232.589790][ T1120] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  232.614065][ T1120] usb 6-1: device descriptor read/8, error -71
[  232.705188][   T10] usb usb5-port1: attempt power cycle
[  232.773936][ T5704] uclogic 0003:145F:0212.0006: failed retrieving string descriptor #100: -71
[  232.774015][ T5704] uclogic 0003:145F:0212.0006: failed retrieving pen parameters: -71
[  232.774050][ T5704] uclogic 0003:145F:0212.0006: pen probing failed: -71
[  232.774071][ T5704] uclogic 0003:145F:0212.0006: failed probing parameters: -71
[  232.774208][ T5704] uclogic 0003:145F:0212.0006: probe with driver uclogic failed with error -71
[  232.891303][ T1120] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  232.916706][ T5704] usb 1-1: USB disconnect, device number 33
[  232.921114][ T1120] usb 6-1: device descriptor read/8, error -71
[  233.035278][ T1120] usb usb6-port1: unable to enumerate USB device
[  233.085631][ T7543] 9pnet_fd: p9_fd_create_unix (7543): problem connecting socket: ./file0: -111
[  233.110857][   T10] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  233.131333][   T10] usb 5-1: device descriptor read/8, error -71
[  233.398775][   T10] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  233.435165][   T10] usb 5-1: device descriptor read/8, error -71
[  233.541196][   T10] usb usb5-port1: unable to enumerate USB device
[  234.423793][ T5348] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  234.565393][ T7563] FAULT_INJECTION: forcing a failure.
[  234.565393][ T7563] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.565429][ T7563] CPU: 0 UID: 0 PID: 7563 Comm: syz.1.634 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  234.565455][ T7563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  234.565468][ T7563] Call Trace:
[  234.565477][ T7563]  <TASK>
[  234.565486][ T7563]  dump_stack_lvl+0xe8/0x150
[  234.565516][ T7563]  should_fail_ex+0x46b/0x600
[  234.565553][ T7563]  _copy_from_user+0x2d/0xb0
[  234.565579][ T7563]  ___sys_sendmsg+0x1c6/0x360
[  234.565632][ T7563]  ? __lock_acquire+0x6b5/0x2d10
[  234.565663][ T7563]  ? __pfx____sys_sendmsg+0x10/0x10
[  234.565705][ T7563]  ? kstrtouint+0x6e/0xe0
[  234.565765][ T7563]  ? __fget_files+0x2a/0x420
[  234.565793][ T7563]  ? __fget_files+0x3a6/0x420
[  234.565830][ T7563]  __sys_sendmmsg+0x282/0x4e0
[  234.565873][ T7563]  ? __pfx___sys_sendmmsg+0x10/0x10
[  234.565918][ T7563]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  234.565959][ T7563]  ? ksys_write+0x248/0x270
[  234.565993][ T7563]  ? __pfx_ksys_write+0x10/0x10
[  234.566032][ T7563]  __x64_sys_sendmmsg+0xa0/0xc0
[  234.566067][ T7563]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.566090][ T7563]  do_syscall_64+0x174/0x580
[  234.566123][ T7563]  ? trace_irq_disable+0x3b/0x140
[  234.566147][ T7563]  ? clear_bhb_loop+0x40/0x90
[  234.566180][ T7563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.566203][ T7563] RIP: 0033:0x7f6ea148ce59
[  234.566224][ T7563] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  234.566245][ T7563] RSP: 002b:00007f6e9f6c5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  234.566270][ T7563] RAX: ffffffffffffffda RBX: 00007f6ea1706090 RCX: 00007f6ea148ce59
[  234.566288][ T7563] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000004
[  234.566303][ T7563] RBP: 00007f6e9f6c5090 R08: 0000000000000000 R09: 0000000000000000
[  234.566318][ T7563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.566332][ T7563] R13: 00007f6ea1706128 R14: 00007f6ea1706090 R15: 00007ffd4c448ad8
[  234.566377][ T7563]  </TASK>
[  234.683079][ T5348] usb 6-1: Using ep0 maxpacket: 8
[  234.840829][ T5348] usb 6-1: config 1 interface 0 has no altsetting 0
[  234.871579][ T5348] usb 6-1: language id specifier not provided by device, defaulting to English
[  234.873505][ T5348] usb 6-1: New USB device found, idVendor=056a, idProduct=0018, bcdDevice= 0.40
[  234.873537][ T5348] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.873566][ T5348] usb 6-1: Product: syz
[  234.873577][ T5348] usb 6-1: Manufacturer: syz
[  234.873588][ T5348] usb 6-1: SerialNumber: syz
[  235.256471][ T7566] FAULT_INJECTION: forcing a failure.
[  235.256471][ T7566] name failslab, interval 1, probability 0, space 0, times 0
[  235.256508][ T7566] CPU: 0 UID: 0 PID: 7566 Comm: syz.0.635 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  235.256536][ T7566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  235.256551][ T7566] Call Trace:
[  235.256560][ T7566]  <TASK>
[  235.256571][ T7566]  dump_stack_lvl+0xe8/0x150
[  235.256602][ T7566]  should_fail_ex+0x46b/0x600
[  235.256641][ T7566]  should_failslab+0xa8/0x100
[  235.256674][ T7566]  kmem_cache_alloc_noprof+0x87/0x680
[  235.256703][ T7566]  ? do_getname+0x2e/0x250
[  235.256731][ T7566]  do_getname+0x2e/0x250
[  235.256752][ T7566]  ? getname_flags+0x11/0x20
[  235.256778][ T7566]  do_sys_openat2+0xcc/0x200
[  235.256811][ T7566]  ? __pfx_do_sys_openat2+0x10/0x10
[  235.256839][ T7566]  ? ksys_write+0x202/0x270
[  235.256876][ T7566]  ? __pfx_ksys_write+0x10/0x10
[  235.256913][ T7566]  __x64_sys_openat+0x138/0x170
[  235.256943][ T7566]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.256967][ T7566]  do_syscall_64+0x174/0x580
[  235.257003][ T7566]  ? trace_irq_disable+0x3b/0x140
[  235.257029][ T7566]  ? clear_bhb_loop+0x40/0x90
[  235.257057][ T7566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.257080][ T7566] RIP: 0033:0x7fcc71aed68e
[  235.257101][ T7566] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  235.257120][ T7566] RSP: 002b:00007fcc6fd85f18 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  235.257144][ T7566] RAX: ffffffffffffffda RBX: 00007fcc6fd866c0 RCX: 00007fcc71aed68e
[  235.257161][ T7566] RDX: 0000000000000000 RSI: 00007fcc71bc24aa RDI: ffffffffffffff9c
[  235.257178][ T7566] RBP: 00007fcc6fd86090 R08: 0000000000000000 R09: 0000000000000000
[  235.257193][ T7566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.257207][ T7566] R13: 00007fcc71da6038 R14: 00007fcc71da5fa0 R15: 00007ffd419df298
[  235.257241][ T7566]  </TASK>
[  235.807755][ T5348] usbhid 6-1:1.0: can't add hid device: -71
[  235.807904][ T5348] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  235.830181][ T5348] usb 6-1: USB disconnect, device number 6
[  236.172908][  T823] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  236.327935][  T823] usb 1-1: config 0 has an invalid interface number: 69 but max is 0
[  236.327966][  T823] usb 1-1: config 0 has no interface number 0
[  236.328034][  T823] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[  236.328063][  T823] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  236.397516][  T823] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  236.397550][  T823] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.397574][  T823] usb 1-1: Product: syz
[  236.397590][  T823] usb 1-1: Manufacturer: syz
[  236.397605][  T823] usb 1-1: SerialNumber: syz
[  236.454504][  T823] usb 1-1: config 0 descriptor??
[  236.455448][ T7573] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  236.475154][  T823] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  236.567250][  T823] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  236.924273][ T1120] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  236.961242][ T7586] FAULT_INJECTION: forcing a failure.
[  236.961242][ T7586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.961279][ T7586] CPU: 0 UID: 0 PID: 7586 Comm: syz.5.641 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  236.961305][ T7586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  236.961334][ T7586] Call Trace:
[  236.961343][ T7586]  <TASK>
[  236.961352][ T7586]  dump_stack_lvl+0xe8/0x150
[  236.961385][ T7586]  should_fail_ex+0x46b/0x600
[  236.961435][ T7586]  _copy_from_iter+0x1d3/0x1670
[  236.961465][ T7586]  ? __lock_acquire+0x6b5/0x2d10
[  236.961497][ T7586]  ? __pfx__copy_from_iter+0x10/0x10
[  236.961536][ T7586]  tun_get_user+0x267/0x4450
[  236.961578][ T7586]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  236.961619][ T7586]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  236.961654][ T7586]  ? reacquire_held_locks+0x80/0x190
[  236.961685][ T7586]  ? rt_spin_lock+0x1e0/0x400
[  236.961715][ T7586]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  236.961745][ T7586]  ? __pfx_tun_get_user+0x10/0x10
[  236.961777][ T7586]  ? rt_spin_unlock+0x14f/0x200
[  236.961809][ T7586]  ? rt_spin_unlock+0x160/0x200
[  236.961839][ T7586]  ? save_netdev_trace_buffer+0x4ba/0x5f0
[  236.961873][ T7586]  ? ref_tracker_alloc+0x332/0x4a0
[  236.961907][ T7586]  ? tun_get+0x157/0x2f0
[  236.961939][ T7586]  ? vfs_write+0x629/0xba0
[  236.961969][ T7586]  ? ksys_write+0x156/0x270
[  236.962000][ T7586]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  236.962041][ T7586]  ? tun_get+0x1c/0x2f0
[  236.962083][ T7586]  ? tun_get+0x1c/0x2f0
[  236.962117][ T7586]  ? tun_get+0x1c/0x2f0
[  236.962157][ T7586]  tun_chr_write_iter+0x119/0x210
[  236.962196][ T7586]  vfs_write+0x629/0xba0
[  236.962237][ T7586]  ? __pfx_vfs_write+0x10/0x10
[  236.962280][ T7586]  ? __fget_files+0x2a/0x420
[  236.962317][ T7586]  ksys_write+0x156/0x270
[  236.962350][ T7586]  ? __pfx_ksys_write+0x10/0x10
[  236.962393][ T7586]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.962419][ T7586]  do_syscall_64+0x174/0x580
[  236.962453][ T7586]  ? trace_irq_disable+0x3b/0x140
[  236.962479][ T7586]  ? clear_bhb_loop+0x40/0x90
[  236.962505][ T7586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.962528][ T7586] RIP: 0033:0x7fe5bb07ce59
[  236.962549][ T7586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  236.962569][ T7586] RSP: 002b:00007fe5b92d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  236.962593][ T7586] RAX: ffffffffffffffda RBX: 00007fe5bb2f5fa0 RCX: 00007fe5bb07ce59
[  236.962610][ T7586] RDX: 000000000000fdef RSI: 0000200000000240 RDI: 0000000000000003
[  236.962625][ T7586] RBP: 00007fe5b92d6090 R08: 0000000000000000 R09: 0000000000000000
[  236.962647][ T7586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.962661][ T7586] R13: 00007fe5bb2f6038 R14: 00007fe5bb2f5fa0 R15: 00007ffd1eabdda8
[  236.962695][ T7586]  </TASK>
[  237.077140][ T1120] usb 5-1: device descriptor read/64, error -71
[  237.328768][ T1120] usb 5-1: new full-speed USB device number 24 using dummy_hcd
[  237.472473][ T1120] usb 5-1: device descriptor read/64, error -71
[  237.579935][ T1120] usb usb5-port1: attempt power cycle
[  237.918841][ T1120] usb 5-1: new full-speed USB device number 25 using dummy_hcd
[  237.941422][ T1120] usb 5-1: device descriptor read/8, error -71
[  238.178800][ T1120] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[  238.199412][ T1120] usb 5-1: device descriptor read/8, error -71
[  238.309746][ T1120] usb usb5-port1: unable to enumerate USB device
[  238.952488][ T7605] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  239.352855][ T1120] usb 1-1: USB disconnect, device number 34
[  239.393452][ T1120] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  239.394356][ T1120] cyberjack 1-1:0.69: device disconnected
[  239.486462][ T7611] syzkaller1: entered promiscuous mode
[  239.486484][ T7611] syzkaller1: entered allmulticast mode
[  240.008761][  T823] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  240.161959][  T823] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  240.161998][  T823] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 152, changing to 7
[  240.162027][  T823] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 49752, setting to 1024
[  240.165364][  T823] usb 6-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1
[  240.165399][  T823] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.165414][  T823] usb 6-1: Product: syz
[  240.165425][  T823] usb 6-1: Manufacturer: syz
[  240.165436][  T823] usb 6-1: SerialNumber: syz
[  240.238973][  T823] usb 6-1: config 0 descriptor??
[  240.245220][  T823] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  240.247533][  T823] usb 6-1: Detected SIO
[  240.247555][  T823] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 4
[  240.275396][  T823] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  240.310562][ T5605] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  240.447336][  T823] usb 6-1: USB disconnect, device number 7
[  240.496424][  T823] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  240.510844][ T5605] usb 1-1: Using ep0 maxpacket: 32
[  240.511544][  T823] ftdi_sio 6-1:0.0: device disconnected
[  240.513148][ T5605] usb 1-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  240.513201][ T5605] usb 1-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  240.513231][ T5605] usb 1-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  240.513261][ T5605] usb 1-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  240.569962][ T5605] usb 1-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  240.570082][ T5605] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.570137][ T5605] usb 1-1: Product: syz
[  240.570178][ T5605] usb 1-1: Manufacturer: syz
[  240.570222][ T5605] usb 1-1: SerialNumber: syz
[  240.657852][    C0] imon 1-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  240.756867][ T5605] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:155.0/input/input15
[  241.145355][ T7639] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  241.898835][ T5726] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  242.015454][ T5605] imon:send_packet: packet tx failed (-71)
[  242.038748][ T5605] imon 1-1:155.0: panel buttons/knobs setup failed
[  242.038779][ T5605] imon 1-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  242.038791][ T5605]  (id 0x00)
[  242.049086][ T5726] usb 2-1: Using ep0 maxpacket: 32
[  242.069440][ T5726] usb 2-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  242.069592][ T5726] usb 2-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  242.069665][ T5726] usb 2-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  242.069748][ T5726] usb 2-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  242.088088][ T5726] usb 2-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  242.088191][ T5726] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.088246][ T5726] usb 2-1: Product: syz
[  242.089868][ T5726] usb 2-1: Manufacturer: syz
[  242.089924][ T5726] usb 2-1: SerialNumber: syz
[  242.108617][ T5704] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  242.159518][ T5768] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  242.196460][    C1] imon 2-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  242.218067][ T5726] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:155.0/input/input17
[  242.288772][ T5605] rc_core: IR keymap rc-imon-pad not found
[  242.288796][ T5605] Registered IR keymap rc-empty
[  242.288961][ T5605] imon 1-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  242.288982][ T5605] imon 1-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  242.289353][ T5605] imon:send_packet: packet tx failed (-71)
[  242.338677][ T5704] usb 6-1: Using ep0 maxpacket: 32
[  242.341395][ T5768] usb 5-1: Using ep0 maxpacket: 16
[  242.342794][ T5605] imon 1-1:155.0: remote input dev register failed
[  242.364009][ T5605] imon 1-1:155.0: imon_init_intf0: rc device setup failed
[  242.365775][ T5768] usb 5-1: config 0 has an invalid interface number: 34 but max is 0
[  242.366030][ T5768] usb 5-1: config 0 has no interface number 0
[  242.366084][ T5768] usb 5-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023
[  242.366114][ T5768] usb 5-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80
[  242.431295][ T5726] imon 2-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  242.431318][ T5726]  (id 0x00)
[  242.435003][ T5768] usb 5-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[  242.435037][ T5768] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.435060][ T5768] usb 5-1: Product: syz
[  242.435076][ T5768] usb 5-1: Manufacturer: syz
[  242.435093][ T5768] usb 5-1: SerialNumber: syz
[  242.447688][ T5704] usb 6-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  242.447741][ T5704] usb 6-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  242.447766][ T5704] usb 6-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  242.447791][ T5704] usb 6-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  242.478497][ T5704] usb 6-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  242.481366][ T5704] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.481394][ T5704] usb 6-1: Product: syz
[  242.481411][ T5704] usb 6-1: Manufacturer: syz
[  242.481427][ T5704] usb 6-1: SerialNumber: syz
[  242.585858][ T5768] usb 5-1: config 0 descriptor??
[  242.587128][ T7647] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[  242.587276][ T7647] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[  242.668071][    C0] imon 6-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  242.730047][ T5704] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/input/input19
[  242.801765][ T5605] imon 1-1:155.0: unable to initialize intf0, err 0
[  242.801787][ T5605] imon:imon_probe: failed to initialize context!
[  242.801799][ T5605] imon 1-1:155.0: unable to register, err -19
[  242.836405][ T5605] usb 1-1: USB disconnect, device number 35
[  242.871145][ T7647] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  242.874447][ T7647] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  242.880793][ T5726] rc_core: IR keymap rc-imon-pad not found
[  242.880816][ T5726] Registered IR keymap rc-empty
[  242.881337][ T5726] imon 2-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  242.881402][ T5726] imon 2-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  242.963365][ T7651] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[  242.963691][ T7651] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[  242.985666][ T5704] imon 6-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  242.985687][ T5704]  (id 0x00)
[  242.989952][ T5726] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:155.0/rc/rc0
[  243.108951][ T5704] rc_core: IR keymap rc-imon-pad not found
[  243.108972][ T5704] Registered IR keymap rc-empty
[  243.109056][ T5704] imon 6-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  243.109089][ T5704] imon 6-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  243.205894][ T5768] asix 5-1:0.34 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  243.206098][ T5768] asix 5-1:0.34: probe with driver asix failed with error -61
[  243.233486][ T7655] netlink: 28 bytes leftover after parsing attributes in process `syz.0.664'.
[  243.254167][ T5704] rc rc1: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/rc/rc1
[  243.279358][ T5726] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:155.0/rc/rc0/input18
[  243.345687][ T5704] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/rc/rc1/input20
[  243.457105][ T5726] imon 2-1:155.0: iMON device (15c2:ffdc, intf0) on usb<2:43> initialized
[  243.479764][ T5704] imon 6-1:155.0: iMON device (15c2:ffdc, intf0) on usb<6:8> initialized
[  243.675358][ T7658] FAULT_INJECTION: forcing a failure.
[  243.675358][ T7658] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  243.675390][ T7658] CPU: 0 UID: 0 PID: 7658 Comm: syz.1.661 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  243.675410][ T7658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  243.675421][ T7658] Call Trace:
[  243.675427][ T7658]  <TASK>
[  243.675435][ T7658]  dump_stack_lvl+0xe8/0x150
[  243.675462][ T7658]  should_fail_ex+0x46b/0x600
[  243.675493][ T7658]  _copy_to_user+0x31/0xb0
[  243.675515][ T7658]  simple_read_from_buffer+0xe1/0x170
[  243.675541][ T7658]  proc_fail_nth_read+0x1be/0x230
[  243.675565][ T7658]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  243.675590][ T7658]  ? rw_verify_area+0x2ac/0x4e0
[  243.675618][ T7658]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  243.675641][ T7658]  vfs_read+0x212/0xa80
[  243.675672][ T7658]  ? __pfx_vfs_read+0x10/0x10
[  243.675697][ T7658]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  243.675724][ T7658]  ? lockdep_hardirqs_on+0x7a/0x110
[  243.675749][ T7658]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  243.675774][ T7658]  ? mutex_lock_nested+0x152/0x1d0
[  243.675799][ T7658]  ? fdget_pos+0x252/0x320
[  243.675827][ T7658]  ksys_read+0x156/0x270
[  243.675871][ T7658]  ? __pfx_ksys_read+0x10/0x10
[  243.675907][ T7658]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.675928][ T7658]  do_syscall_64+0x174/0x580
[  243.675956][ T7658]  ? trace_irq_disable+0x3b/0x140
[  243.675978][ T7658]  ? clear_bhb_loop+0x40/0x90
[  243.676001][ T7658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.676021][ T7658] RIP: 0033:0x7f6ea144d68e
[  243.676038][ T7658] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  243.676055][ T7658] RSP: 002b:00007f6e9f6a3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  243.676083][ T7658] RAX: ffffffffffffffda RBX: 00007f6e9f6a46c0 RCX: 00007f6ea144d68e
[  243.676098][ T7658] RDX: 000000000000000f RSI: 00007f6e9f6a40a0 RDI: 0000000000000004
[  243.676110][ T7658] RBP: 00007f6e9f6a4090 R08: 0000000000000000 R09: 0000000000000000
[  243.676122][ T7658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.676133][ T7658] R13: 00007f6ea1706218 R14: 00007f6ea1706180 R15: 00007ffd4c448ad8
[  243.676165][ T7658]  </TASK>
[  243.958512][ T5726] usb 2-1: USB disconnect, device number 43
[  244.558883][   T32] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  244.598702][ T5726] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  244.708680][   T32] usb 1-1: Using ep0 maxpacket: 32
[  244.711324][   T32] usb 1-1: config 12 has an invalid interface number: 233 but max is 2
[  244.711356][   T32] usb 1-1: config 12 has an invalid interface number: 74 but max is 2
[  244.711385][   T32] usb 1-1: config 12 has an invalid interface number: 10 but max is 2
[  244.711403][   T32] usb 1-1: config 12 has no interface number 0
[  244.711415][   T32] usb 1-1: config 12 has no interface number 1
[  244.711427][   T32] usb 1-1: config 12 has no interface number 2
[  244.711481][   T32] usb 1-1: config 12 interface 233 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  244.711501][   T32] usb 1-1: config 12 interface 233 altsetting 0 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[  244.711522][   T32] usb 1-1: config 12 interface 233 altsetting 0 bulk endpoint 0xE has invalid maxpacket 1024
[  244.711541][   T32] usb 1-1: config 12 interface 233 altsetting 0 endpoint 0x2 has an invalid bInterval 255, changing to 7
[  244.711561][   T32] usb 1-1: config 12 interface 233 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  244.711578][   T32] usb 1-1: config 12 interface 233 altsetting 0 endpoint 0xD has invalid maxpacket 1024, setting to 64
[  244.711609][   T32] usb 1-1: config 12 interface 74 altsetting 203 has a duplicate endpoint with address 0xC, skipping
[  244.711627][   T32] usb 1-1: config 12 interface 74 altsetting 203 has a duplicate endpoint with address 0x7, skipping
[  244.711666][   T32] usb 1-1: config 12 interface 74 altsetting 203 has a duplicate endpoint with address 0x5, skipping
[  244.711693][   T32] usb 1-1: config 12 interface 74 altsetting 203 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  244.711737][   T32] usb 1-1: config 12 interface 10 altsetting 64 has a duplicate endpoint with address 0xD, skipping
[  244.711762][   T32] usb 1-1: config 12 interface 10 altsetting 64 has a duplicate endpoint with address 0xD, skipping
[  244.711790][   T32] usb 1-1: config 12 interface 10 altsetting 64 has a duplicate endpoint with address 0xC, skipping
[  244.711813][   T32] usb 1-1: config 12 interface 10 altsetting 64 has a duplicate endpoint with address 0x7, skipping
[  244.711829][   T32] usb 1-1: config 12 interface 10 altsetting 64 has a duplicate endpoint with address 0x1, skipping
[  244.711846][   T32] usb 1-1: config 12 interface 10 altsetting 64 has a duplicate endpoint with address 0x8, skipping
[  244.711863][   T32] usb 1-1: config 12 interface 10 altsetting 64 has a duplicate endpoint with address 0xC, skipping
[  244.711880][   T32] usb 1-1: config 12 interface 10 altsetting 64 has a duplicate endpoint with address 0x3, skipping
[  244.711897][   T32] usb 1-1: config 12 interface 10 altsetting 64 has a duplicate endpoint with address 0xC, skipping
[  244.711914][   T32] usb 1-1: config 12 interface 74 has no altsetting 0
[  244.711927][   T32] usb 1-1: config 12 interface 10 has no altsetting 0
[  244.714393][   T32] usb 1-1: New USB device found, idVendor=10c4, idProduct=80dd, bcdDevice=2d.bf
[  244.714431][   T32] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.714447][   T32] usb 1-1: Product: Е
[  244.714457][   T32] usb 1-1: SerialNumber: syz
[  244.799276][ T7667] raw-gadget.4 gadget.0: fail, usb_ep_enable returned -22
[  244.799535][ T7667] raw-gadget.4 gadget.0: fail, usb_ep_enable returned -22
[  244.815705][ T5726] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  244.815810][ T5726] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 152, changing to 7
[  244.815875][ T5726] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 49752, setting to 1024
[  244.895626][ T5726] usb 2-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1
[  244.895716][ T5726] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.895779][ T5726] usb 2-1: Product: syz
[  244.895823][ T5726] usb 2-1: Manufacturer: syz
[  244.895866][ T5726] usb 2-1: SerialNumber: syz
[  245.127050][ T7667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.127800][ T7667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.146123][ T7667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.146726][ T7667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.165061][ T7667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.214204][ T7667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.214576][ T5704] usb 5-1: USB disconnect, device number 27
[  245.315175][ T5605] usb 6-1: USB disconnect, device number 8
[  245.337778][ T5726] usb 2-1: config 0 descriptor??
[  245.363435][ T5726] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  245.411166][ T5726] usb 2-1: Detected SIO
[  245.411183][ T5726] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 4
[  245.484178][ T5726] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  245.571662][ T7667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.572366][ T7667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.749751][ T5726] usb 2-1: USB disconnect, device number 44
[  245.914172][ T5726] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  245.916991][ T5726] ftdi_sio 2-1:0.0: device disconnected
[  247.314284][ T7667] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  247.316741][ T7667] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  247.443612][ T7667] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  247.443720][ T7667] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  247.515992][ T7667] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  247.518177][ T7667] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  247.596861][ T7667] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  247.597042][ T7667] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  247.649922][ T7667] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  247.650094][ T7667] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  247.714164][ T7667] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  247.785982][ T7667] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  247.787045][ T7667] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  247.868230][ T7667] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  247.989962][ T5621] Bluetooth: hci1: command 0x0406 tx timeout
[  248.034349][ T7684] FAULT_INJECTION: forcing a failure.
[  248.034349][ T7684] name failslab, interval 1, probability 0, space 0, times 0
[  248.034386][ T7684] CPU: 0 UID: 0 PID: 7684 Comm: syz.5.672 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  248.034414][ T7684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  248.034428][ T7684] Call Trace:
[  248.034438][ T7684]  <TASK>
[  248.034447][ T7684]  dump_stack_lvl+0xe8/0x150
[  248.034480][ T7684]  should_fail_ex+0x46b/0x600
[  248.034519][ T7684]  should_failslab+0xa8/0x100
[  248.034552][ T7684]  __kmalloc_noprof+0xdf/0x7b0
[  248.034579][ T7684]  ? kfree+0x4d/0x6c0
[  248.034602][ T7684]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  248.034637][ T7684]  tomoyo_realpath_from_path+0xe3/0x5d0
[  248.034676][ T7684]  ? tomoyo_domain+0xd7/0x130
[  248.034710][ T7684]  ? tomoyo_path_number_perm+0x219/0x630
[  248.034749][ T7684]  tomoyo_path_number_perm+0x246/0x630
[  248.034801][ T7684]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  248.034835][ T7684]  ? __lock_acquire+0x6b5/0x2d10
[  248.034864][ T7684]  ? do_raw_spin_lock+0x12b/0x2f0
[  248.034919][ T7684]  ? __fget_files+0x2a/0x420
[  248.034950][ T7684]  ? __fget_files+0x2a/0x420
[  248.034975][ T7684]  ? __fget_files+0x3a6/0x420
[  248.035017][ T7684]  ? __fget_files+0x2a/0x420
[  248.035049][ T7684]  security_file_ioctl+0xc3/0x2a0
[  248.035087][ T7684]  __se_sys_ioctl+0x47/0x170
[  248.035121][ T7684]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.035146][ T7684]  do_syscall_64+0x174/0x580
[  248.035180][ T7684]  ? trace_irq_disable+0x3b/0x140
[  248.035206][ T7684]  ? clear_bhb_loop+0x40/0x90
[  248.035238][ T7684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.035263][ T7684] RIP: 0033:0x7fe5bb07ce59
[  248.035284][ T7684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  248.035305][ T7684] RSP: 002b:00007fe5b92d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  248.035329][ T7684] RAX: ffffffffffffffda RBX: 00007fe5bb2f5fa0 RCX: 00007fe5bb07ce59
[  248.035347][ T7684] RDX: 0000200000000440 RSI: 0000000000003b70 RDI: 0000000000000003
[  248.035362][ T7684] RBP: 00007fe5b92d6090 R08: 0000000000000000 R09: 0000000000000000
[  248.035378][ T7684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.035392][ T7684] R13: 00007fe5bb2f6038 R14: 00007fe5bb2f5fa0 R15: 00007ffd1eabdda8
[  248.035430][ T7684]  </TASK>
[  248.035463][ T7684] ERROR: Out of memory at tomoyo_realpath_from_path.
[  248.385807][ T7686] trusted_key: syz.1.673 sent an empty control message without MSG_MORE.
[  248.386597][ T7686] FAULT_INJECTION: forcing a failure.
[  248.386597][ T7686] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.386629][ T7686] CPU: 0 UID: 0 PID: 7686 Comm: syz.1.673 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  248.386653][ T7686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  248.386667][ T7686] Call Trace:
[  248.386676][ T7686]  <TASK>
[  248.386685][ T7686]  dump_stack_lvl+0xe8/0x150
[  248.386718][ T7686]  should_fail_ex+0x46b/0x600
[  248.386758][ T7686]  _copy_from_user+0x2d/0xb0
[  248.386785][ T7686]  ___sys_recvmsg+0x175/0x590
[  248.386806][ T7686]  ? get_pid_task+0x20/0x1f0
[  248.386828][ T7686]  ? get_pid_task+0x20/0x1f0
[  248.386856][ T7686]  ? __pfx____sys_recvmsg+0x10/0x10
[  248.386884][ T7686]  ? __fget_files+0x2a/0x420
[  248.386929][ T7686]  ? __fget_files+0x3a6/0x420
[  248.386966][ T7686]  __x64_sys_recvmsg+0x1c0/0x2a0
[  248.386991][ T7686]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  248.387024][ T7686]  ? __pfx_ksys_write+0x10/0x10
[  248.387065][ T7686]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.387090][ T7686]  do_syscall_64+0x174/0x580
[  248.387131][ T7686]  ? trace_irq_disable+0x3b/0x140
[  248.387156][ T7686]  ? clear_bhb_loop+0x40/0x90
[  248.387184][ T7686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.387226][ T7686] RIP: 0033:0x7f6ea148ce59
[  248.387247][ T7686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  248.387267][ T7686] RSP: 002b:00007f6e9f6e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  248.387291][ T7686] RAX: ffffffffffffffda RBX: 00007f6ea1705fa0 RCX: 00007f6ea148ce59
[  248.387309][ T7686] RDX: 0000000040010042 RSI: 0000200000000380 RDI: 0000000000000004
[  248.387325][ T7686] RBP: 00007f6e9f6e6090 R08: 0000000000000000 R09: 0000000000000000
[  248.387339][ T7686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.387353][ T7686] R13: 00007f6ea1706038 R14: 00007f6ea1705fa0 R15: 00007ffd4c448ad8
[  248.387390][ T7686]  </TASK>
[  248.693372][ T7688] FAULT_INJECTION: forcing a failure.
[  248.693372][ T7688] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.693410][ T7688] CPU: 0 UID: 0 PID: 7688 Comm: syz.5.674 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  248.693435][ T7688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  248.693450][ T7688] Call Trace:
[  248.693459][ T7688]  <TASK>
[  248.693468][ T7688]  dump_stack_lvl+0xe8/0x150
[  248.693501][ T7688]  should_fail_ex+0x46b/0x600
[  248.693541][ T7688]  _copy_from_user+0x2d/0xb0
[  248.693568][ T7688]  get_timespec64+0x96/0x1b0
[  248.693597][ T7688]  ? __pfx_get_timespec64+0x10/0x10
[  248.693636][ T7688]  __x64_sys_recvmmsg+0x14b/0x250
[  248.693665][ T7688]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  248.693698][ T7688]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.693724][ T7688]  do_syscall_64+0x174/0x580
[  248.693758][ T7688]  ? trace_irq_disable+0x3b/0x140
[  248.693785][ T7688]  ? clear_bhb_loop+0x40/0x90
[  248.693814][ T7688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.693839][ T7688] RIP: 0033:0x7fe5bb07ce59
[  248.693860][ T7688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  248.693880][ T7688] RSP: 002b:00007fe5b92d6028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  248.693904][ T7688] RAX: ffffffffffffffda RBX: 00007fe5bb2f5fa0 RCX: 00007fe5bb07ce59
[  248.693921][ T7688] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  248.693936][ T7688] RBP: 00007fe5b92d6090 R08: 0000200000003700 R09: 0000000000000000
[  248.693952][ T7688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.693966][ T7688] R13: 00007fe5bb2f6038 R14: 00007fe5bb2f5fa0 R15: 00007ffd1eabdda8
[  248.694002][ T7688]  </TASK>
[  248.947228][   T32] cp210x 1-1:12.233: cp210x converter detected
[  248.968392][   T32] cp210x 1-1:12.233: failed to get vendor val 0x370b size 1: -71
[  248.968424][   T32] cp210x 1-1:12.233: querying part number failed
[  249.069821][   T32] usb 1-1: cp210x converter now attached to ttyUSB0
[  249.163620][   T32] cp210x 1-1:12.74: cp210x converter detected
[  249.164187][   T32] cp210x 1-1:12.74: failed to get vendor val 0x370b size 1: -71
[  249.164214][   T32] cp210x 1-1:12.74: querying part number failed
[  249.170370][   T32] usb 1-1: cp210x converter now attached to ttyUSB1
[  249.207203][   T32] cp210x 1-1:12.10: cp210x converter detected
[  249.207755][   T32] cp210x 1-1:12.10: failed to get vendor val 0x370b size 1: -71
[  249.207783][   T32] cp210x 1-1:12.10: querying part number failed
[  249.241595][   T32] usb 1-1: cp210x converter now attached to ttyUSB2
[  249.269706][   T32] usb 1-1: USB disconnect, device number 36
[  249.375777][   T32] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  249.394709][   T32] cp210x 1-1:12.233: device disconnected
[  249.445128][ T5621] Bluetooth: hci4: SCO packet for unknown connection handle 201
[  249.501852][ T5621] Bluetooth: hci0: command 0x0406 tx timeout
[  249.574306][   T32] cp210x ttyUSB1: cp210x converter now disconnected from ttyUSB1
[  249.578716][ T5621] Bluetooth: hci2: command 0x0406 tx timeout
[  249.585749][   T32] cp210x 1-1:12.74: device disconnected
[  249.658751][ T5621] Bluetooth: hci3: command 0x0406 tx timeout
[  249.658804][ T5621] Bluetooth: hci5: command 0x0c1a tx timeout
[  249.730058][   T32] cp210x ttyUSB2: cp210x converter now disconnected from ttyUSB2
[  249.732348][   T32] cp210x 1-1:12.10: device disconnected
[  249.814880][ T7716] netlink: 25 bytes leftover after parsing attributes in process `syz.0.683'.
[  249.828984][ T5621] Bluetooth: hci4: command 0x0c1a tx timeout
[  250.150779][  T823] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  250.311444][  T823] usb 6-1: not running at top speed; connect to a high speed hub
[  250.313578][  T823] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  250.313606][  T823] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  250.313680][  T823] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 1560, setting to 1023
[  250.317454][  T823] usb 6-1: New USB device found, idVendor=041e, idProduct=3020, bcdDevice= 0.40
[  250.317486][  T823] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.317508][  T823] usb 6-1: Product: syz
[  250.317525][  T823] usb 6-1: Manufacturer: syz
[  250.317540][  T823] usb 6-1: SerialNumber: syz
[  250.773160][ T7718] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  250.841270][ T7718] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  250.841535][ T7718] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  250.841692][ T7718] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  250.841873][ T7718] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  250.842042][ T7718] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  250.905742][ T7711] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  250.921985][ T7711] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  250.957422][ T7711] netlink: 8 bytes leftover after parsing attributes in process `syz.5.682'.
[  251.009860][  T823] usb 6-1: 1:1 : no or invalid class specific endpoint descriptor
[  251.009934][  T823] usb 6-1: 1:1 : invalid UAC_FORMAT_TYPE desc
[  251.011980][  T823] usb 6-1: 0:2 : does not exist
[  251.150658][  T823] usb 6-1: USB disconnect, device number 9
[  251.219681][ T7740] FAULT_INJECTION: forcing a failure.
[  251.219681][ T7740] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.219720][ T7740] CPU: 1 UID: 0 PID: 7740 Comm: syz.1.690 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  251.219745][ T7740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  251.219759][ T7740] Call Trace:
[  251.219768][ T7740]  <TASK>
[  251.219777][ T7740]  dump_stack_lvl+0xe8/0x150
[  251.219810][ T7740]  should_fail_ex+0x46b/0x600
[  251.219847][ T7740]  _copy_from_user+0x2d/0xb0
[  251.219872][ T7740]  get_timespec64+0x96/0x1b0
[  251.219899][ T7740]  ? __pfx_get_timespec64+0x10/0x10
[  251.219936][ T7740]  __x64_sys_recvmmsg+0x14b/0x250
[  251.219962][ T7740]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  251.219990][ T7740]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.220016][ T7740]  do_syscall_64+0x174/0x580
[  251.220047][ T7740]  ? trace_irq_disable+0x3b/0x140
[  251.220072][ T7740]  ? clear_bhb_loop+0x40/0x90
[  251.220099][ T7740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.220122][ T7740] RIP: 0033:0x7f6ea148ce59
[  251.220143][ T7740] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  251.220164][ T7740] RSP: 002b:00007f6e9f6c5028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  251.220187][ T7740] RAX: ffffffffffffffda RBX: 00007f6ea1706090 RCX: 00007f6ea148ce59
[  251.220203][ T7740] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  251.220218][ T7740] RBP: 00007f6e9f6c5090 R08: 0000200000003700 R09: 0000000000000000
[  251.220234][ T7740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.220247][ T7740] R13: 00007f6ea1706128 R14: 00007f6ea1706090 R15: 00007ffd4c448ad8
[  251.220281][ T7740]  </TASK>
[  251.225869][   T60] Bluetooth: hci5: SCO packet for unknown connection handle 201
[  251.547942][ T5800] udevd[5800]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  251.772943][ T5712] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  251.931370][ T5712] usb 1-1: Using ep0 maxpacket: 16
[  251.935222][ T5712] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  251.935251][ T5712] usb 1-1: config 0 has no interfaces?
[  251.968125][ T5712] usb 1-1: New USB device found, idVendor=0846, idProduct=1040, bcdDevice=d0.c9
[  251.968158][ T5712] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.968180][ T5712] usb 1-1: Product: syz
[  251.968196][ T5712] usb 1-1: Manufacturer: syz
[  251.968213][ T5712] usb 1-1: SerialNumber: syz
[  252.027845][ T5712] usb 1-1: config 0 descriptor??
[  252.060187][   T60] Bluetooth: hci1: command 0x0406 tx timeout
[  252.413220][ T5605] usb 1-1: USB disconnect, device number 37
[  252.859112][   T60] Bluetooth: hci0: command 0x0406 tx timeout
[  252.938989][   T60] Bluetooth: hci4: command 0x0c1a tx timeout
[  252.939033][   T60] Bluetooth: hci5: command 0x0c1a tx timeout
[  252.939063][   T60] Bluetooth: hci3: command 0x0406 tx timeout
[  252.941207][ T5625] Bluetooth: hci2: command 0x0406 tx timeout
[  253.018215][ T7774] netlink: 8 bytes leftover after parsing attributes in process `syz.5.702'.
[  253.399428][ T5605] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  253.558757][  T823] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  253.566049][ T5605] usb 6-1: device descriptor read/64, error -71
[  253.710739][  T823] usb 2-1: Using ep0 maxpacket: 32
[  253.719460][  T823] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  253.719490][  T823] usb 2-1: config 0 has no interface number 0
[  253.740923][  T823] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  253.740957][  T823] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.740980][  T823] usb 2-1: Product: syz
[  253.740997][  T823] usb 2-1: Manufacturer: syz
[  253.741014][  T823] usb 2-1: SerialNumber: syz
[  253.783763][  T823] usb 2-1: config 0 descriptor??
[  253.828941][ T5605] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  254.008716][ T1120] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  254.008915][ T5605] usb 6-1: device descriptor read/64, error -71
[  254.119287][ T5605] usb usb6-port1: attempt power cycle
[  254.161082][ T1120] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.161143][ T1120] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  254.161170][ T1120] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.171522][ T1120] usb 5-1: config 0 descriptor??
[  254.414781][ T7790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.415765][ T7790] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  254.450608][ T7790] netlink: 25 bytes leftover after parsing attributes in process `syz.4.705'.
[  254.470655][ T5605] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  254.499517][ T5605] usb 6-1: device descriptor read/8, error -71
[  254.738876][ T5605] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  254.770552][ T5605] usb 6-1: device descriptor read/8, error -71
[  254.872927][ T7785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.704'.
[  254.884526][ T5605] usb usb6-port1: unable to enumerate USB device
[  255.021480][ T5625] Bluetooth: hci5: command 0x0c1a tx timeout
[  255.021518][ T5625] Bluetooth: hci4: command 0x0c1a tx timeout
[  255.061009][ T7801] FAULT_INJECTION: forcing a failure.
[  255.061009][ T7801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.061095][ T7801] CPU: 1 UID: 0 PID: 7801 Comm: syz.0.707 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  255.061117][ T7801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  255.061129][ T7801] Call Trace:
[  255.061136][ T7801]  <TASK>
[  255.061144][ T7801]  dump_stack_lvl+0xe8/0x150
[  255.061172][ T7801]  should_fail_ex+0x46b/0x600
[  255.061209][ T7801]  _copy_from_user+0x2d/0xb0
[  255.061233][ T7801]  ___sys_sendmsg+0x1c6/0x360
[  255.061261][ T7801]  ? __lock_acquire+0x6b5/0x2d10
[  255.061288][ T7801]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.061349][ T7801]  ? __fget_files+0x2a/0x420
[  255.061371][ T7801]  ? __fget_files+0x3a6/0x420
[  255.061402][ T7801]  __x64_sys_sendmsg+0x1c3/0x2a0
[  255.061435][ T7801]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  255.061474][ T7801]  ? __pfx_ksys_write+0x10/0x10
[  255.061512][ T7801]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.061531][ T7801]  do_syscall_64+0x174/0x580
[  255.061572][ T7801]  ? trace_irq_disable+0x3b/0x140
[  255.061593][ T7801]  ? clear_bhb_loop+0x40/0x90
[  255.061615][ T7801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.061633][ T7801] RIP: 0033:0x7fcc71b2ce59
[  255.061651][ T7801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  255.061668][ T7801] RSP: 002b:00007fcc6fd65028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.061691][ T7801] RAX: ffffffffffffffda RBX: 00007fcc71da6090 RCX: 00007fcc71b2ce59
[  255.061707][ T7801] RDX: 0000000000000040 RSI: 00002000000001c0 RDI: 0000000000000003
[  255.061719][ T7801] RBP: 00007fcc6fd65090 R08: 0000000000000000 R09: 0000000000000000
[  255.061731][ T7801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.061743][ T7801] R13: 00007fcc71da6128 R14: 00007fcc71da6090 R15: 00007ffd419df298
[  255.061773][ T7801]  </TASK>
[  255.923369][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  255.923601][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  256.191530][ T7800] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  256.206229][ T7800] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  256.206423][ T7800] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  256.362289][ T7800] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  256.446993][ T7800] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  256.447239][ T7800] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  256.447523][ T7800] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  256.558430][  T823] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  256.558688][  T823] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  256.580257][  T823] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  256.580541][  T823] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  256.649113][  T823] usb 2-1: USB disconnect, device number 45
[  257.053379][  T823] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  257.211495][  T823] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.211534][  T823] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.211560][  T823] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  257.211606][  T823] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  257.211633][  T823] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.284903][  T823] usb 2-1: config 0 descriptor??
[  257.678782][ T5348] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  258.001171][ T1120] usbhid 5-1:0.0: can't add hid device: -71
[  258.001280][ T1120] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  258.027053][ T5348] usb 1-1: Using ep0 maxpacket: 32
[  258.048220][ T5348] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  258.048250][ T5348] usb 1-1: config 0 has no interface number 0
[  258.048300][ T5348] usb 1-1: config 0 interface 12 has no altsetting 0
[  258.077765][ T5348] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  258.077798][ T5348] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.077829][ T5348] usb 1-1: Product: syz
[  258.077846][ T5348] usb 1-1: Manufacturer: syz
[  258.077862][ T5348] usb 1-1: SerialNumber: syz
[  258.169372][ T1120] usb 5-1: USB disconnect, device number 28
[  258.221012][ T5625] Bluetooth: hci1: command 0x0406 tx timeout
[  258.221064][   T60] Bluetooth: hci0: command 0x0406 tx timeout
[  258.246696][ T5348] usb 1-1: config 0 descriptor??
[  258.369557][  T823] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  258.384569][   T60] Bluetooth: hci2: command 0x0406 tx timeout
[  258.463993][ T5625] Bluetooth: hci4: command 0x0c1a tx timeout
[  258.464022][ T5621] Bluetooth: hci3: command 0x0406 tx timeout
[  258.464053][   T60] Bluetooth: hci5: command 0x0c1a tx timeout
[  258.577326][  T823] usb 2-1: USB disconnect, device number 46
[  258.817853][ T7829] fido_id[7829]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  259.109376][  T823] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  259.259323][  T823] usb 6-1: Using ep0 maxpacket: 32
[  259.273438][  T823] usb 6-1: config 0 has an invalid interface number: 12 but max is 0
[  259.273468][  T823] usb 6-1: config 0 has no interface number 0
[  259.273752][  T823] usb 6-1: config 0 interface 12 has no altsetting 0
[  259.285912][  T823] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  259.310966][  T823] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.310997][  T823] usb 6-1: Product: syz
[  259.311065][  T823] usb 6-1: Manufacturer: syz
[  259.311081][  T823] usb 6-1: SerialNumber: syz
[  259.370104][  T823] usb 6-1: config 0 descriptor??
[  259.390757][ T5348] f81534 1-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  259.390830][ T5348] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[  259.390850][ T5348] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  259.390947][ T5348] f81534 1-1:0.12: probe with driver f81534 failed with error -71
[  259.466341][ T5348] usb 1-1: USB disconnect, device number 38
[  259.661082][ T1120] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  259.676258][ T7844] FAULT_INJECTION: forcing a failure.
[  259.676258][ T7844] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.676294][ T7844] CPU: 0 UID: 0 PID: 7844 Comm: syz.4.721 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  259.676320][ T7844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  259.676334][ T7844] Call Trace:
[  259.676342][ T7844]  <TASK>
[  259.676351][ T7844]  dump_stack_lvl+0xe8/0x150
[  259.676383][ T7844]  should_fail_ex+0x46b/0x600
[  259.676421][ T7844]  _copy_from_user+0x2d/0xb0
[  259.676449][ T7844]  ___sys_sendmsg+0x1c6/0x360
[  259.676485][ T7844]  ? __lock_acquire+0x6b5/0x2d10
[  259.676517][ T7844]  ? __pfx____sys_sendmsg+0x10/0x10
[  259.676587][ T7844]  ? __fget_files+0x2a/0x420
[  259.676633][ T7844]  ? __fget_files+0x3a6/0x420
[  259.676671][ T7844]  __x64_sys_sendmsg+0x1c3/0x2a0
[  259.676711][ T7844]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  259.676770][ T7844]  ? __pfx_ksys_write+0x10/0x10
[  259.676812][ T7844]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.676837][ T7844]  do_syscall_64+0x174/0x580
[  259.676871][ T7844]  ? trace_irq_disable+0x3b/0x140
[  259.676896][ T7844]  ? clear_bhb_loop+0x40/0x90
[  259.676923][ T7844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.676946][ T7844] RIP: 0033:0x7f22cdbece59
[  259.676967][ T7844] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  259.676987][ T7844] RSP: 002b:00007f22cbe46028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.677010][ T7844] RAX: ffffffffffffffda RBX: 00007f22cde65fa0 RCX: 00007f22cdbece59
[  259.677026][ T7844] RDX: 0000000000000080 RSI: 00002000000008c0 RDI: 0000000000000004
[  259.677040][ T7844] RBP: 00007f22cbe46090 R08: 0000000000000000 R09: 0000000000000000
[  259.677053][ T7844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.677065][ T7844] R13: 00007f22cde66038 R14: 00007f22cde65fa0 R15: 00007ffc26ac3198
[  259.677115][ T7844]  </TASK>
[  259.825897][ T1120] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.825935][ T1120] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  259.826045][ T1120] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.01
[  259.826072][ T1120] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.853837][ T1120] usb 2-1: config 0 descriptor??
[  260.039048][ T7833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.040193][ T7833] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.068071][ T7833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.108116][   T60] Bluetooth: hci0: adv larger than maximum supported
[  260.108885][ T7833] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.312719][   T60] Bluetooth: hci0: command 0x0406 tx timeout
[  260.357754][ T7833] Bluetooth: MGMT ver 1.23
[  260.525329][ T1120] usbhid 2-1:0.0: can't add hid device: -71
[  260.525445][ T1120] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  260.549893][ T1120] usb 2-1: USB disconnect, device number 47
[  260.692547][  T823] f81534 6-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  260.692604][  T823] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71
[  260.692624][  T823] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  260.692716][  T823] f81534 6-1:0.12: probe with driver f81534 failed with error -71
[  260.733132][ T5726] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  260.758983][  T823] usb 6-1: USB disconnect, device number 14
[  260.878847][ T5726] usb 1-1: Using ep0 maxpacket: 32
[  260.891453][ T5726] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  260.893973][ T5726] usb 1-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39
[  260.894003][ T5726] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.894025][ T5726] usb 1-1: Product: syz
[  260.894035][ T5726] usb 1-1: Manufacturer: syz
[  260.894046][ T5726] usb 1-1: SerialNumber: syz
[  260.940539][ T5726] usb 1-1: config 0 descriptor??
[  260.945597][ T5726] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b
[  261.165493][ T7853] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.166248][ T7853] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.212484][ T5726] gspca_pac7302: reg_w() failed i: ff v: 01 error -71
[  261.212589][ T5726] gspca_pac7302 1-1:0.0: probe with driver gspca_pac7302 failed with error -71
[  261.238436][ T5726] usb 1-1: USB disconnect, device number 39
[  261.358864][   T10] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[  261.393646][ T7866] netlink: 6032 bytes leftover after parsing attributes in process `syz.5.728'.
[  261.547098][   T10] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  261.547134][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.547157][   T10] usb 5-1: Product: syz
[  261.547173][   T10] usb 5-1: Manufacturer: syz
[  261.547190][   T10] usb 5-1: SerialNumber: syz
[  261.589450][   T10] usb 5-1: config 0 descriptor??
[  261.822902][   T10] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  263.378754][ T5348] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  263.530310][ T5348] usb 2-1: Using ep0 maxpacket: 8
[  263.556190][ T5348] usb 2-1: config 0 has an invalid interface number: 52 but max is 0
[  263.556219][ T5348] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  263.556241][ T5348] usb 2-1: config 0 has no interface number 0
[  263.556278][ T5348] usb 2-1: config 0 interface 52 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  263.556307][ T5348] usb 2-1: config 0 interface 52 has no altsetting 0
[  263.611525][ T5348] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice= 0.00
[  263.611560][ T5348] usb 2-1: New USB device strings: Mfr=0, Product=234, SerialNumber=34
[  263.611584][ T5348] usb 2-1: Product: syz
[  263.611600][ T5348] usb 2-1: SerialNumber: syz
[  263.655094][ T5348] usb 2-1: config 0 descriptor??
[  263.681968][   T10] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  263.707474][   T10] usb 5-1: USB disconnect, device number 29
[  263.918506][ T7902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.919834][ T7902] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.922643][ T7902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.923434][ T7902] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  264.290376][ T5348] usb 2-1: Can not set alternate setting to 1, error: -71
[  264.290428][ T5348] synaptics_usb 2-1:0.52: probe with driver synaptics_usb failed with error -71
[  264.315209][ T5348] usb 2-1: USB disconnect, device number 48
[  264.775209][ T7929] FAULT_INJECTION: forcing a failure.
[  264.775209][ T7929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.775248][ T7929] CPU: 0 UID: 0 PID: 7929 Comm: syz.0.751 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  264.775274][ T7929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  264.775289][ T7929] Call Trace:
[  264.775298][ T7929]  <TASK>
[  264.775308][ T7929]  dump_stack_lvl+0xe8/0x150
[  264.775346][ T7929]  should_fail_ex+0x46b/0x600
[  264.775385][ T7929]  _copy_to_user+0x31/0xb0
[  264.775412][ T7929]  simple_read_from_buffer+0xe1/0x170
[  264.775444][ T7929]  proc_fail_nth_read+0x1be/0x230
[  264.775475][ T7929]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.775505][ T7929]  ? rw_verify_area+0x2ac/0x4e0
[  264.775535][ T7929]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  264.775564][ T7929]  vfs_read+0x212/0xa80
[  264.775603][ T7929]  ? __pfx_vfs_read+0x10/0x10
[  264.775638][ T7929]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  264.775674][ T7929]  ? lockdep_hardirqs_on+0x7a/0x110
[  264.775707][ T7929]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  264.775751][ T7929]  ? mutex_lock_nested+0x152/0x1d0
[  264.775776][ T7929]  ? fdget_pos+0x252/0x320
[  264.775813][ T7929]  ksys_read+0x156/0x270
[  264.775848][ T7929]  ? __pfx_ksys_read+0x10/0x10
[  264.775887][ T7929]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.775911][ T7929]  do_syscall_64+0x174/0x580
[  264.775945][ T7929]  ? trace_irq_disable+0x3b/0x140
[  264.775971][ T7929]  ? clear_bhb_loop+0x40/0x90
[  264.775999][ T7929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.776022][ T7929] RIP: 0033:0x7fcc71aed68e
[  264.776042][ T7929] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  264.776063][ T7929] RSP: 002b:00007fcc6fd85fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  264.776088][ T7929] RAX: ffffffffffffffda RBX: 00007fcc6fd866c0 RCX: 00007fcc71aed68e
[  264.776105][ T7929] RDX: 000000000000000f RSI: 00007fcc6fd860a0 RDI: 0000000000000003
[  264.776120][ T7929] RBP: 00007fcc6fd86090 R08: 0000000000000000 R09: 0000000000000000
[  264.776135][ T7929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.776148][ T7929] R13: 00007fcc71da6038 R14: 00007fcc71da5fa0 R15: 00007ffd419df298
[  264.776183][ T7929]  </TASK>
[  265.678741][ T5348] usb 5-1: new full-speed USB device number 30 using dummy_hcd
[  265.830657][ T5348] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  265.830690][ T5348] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  265.832799][ T5348] usb 5-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  265.832840][ T5348] usb 5-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[  265.832865][ T5348] usb 5-1: Manufacturer: syz
[  265.884778][ T5348] usb 5-1: config 0 descriptor??
[  266.094037][ T1120] usb 5-1: USB disconnect, device number 30
[  266.324693][ T7958] FAULT_INJECTION: forcing a failure.
[  266.324693][ T7958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.324732][ T7958] CPU: 0 UID: 0 PID: 7958 Comm: syz.5.765 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  266.324767][ T7958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  266.324782][ T7958] Call Trace:
[  266.324791][ T7958]  <TASK>
[  266.324801][ T7958]  dump_stack_lvl+0xe8/0x150
[  266.324834][ T7958]  should_fail_ex+0x46b/0x600
[  266.324873][ T7958]  _copy_to_user+0x31/0xb0
[  266.324902][ T7958]  simple_read_from_buffer+0xe1/0x170
[  266.324933][ T7958]  proc_fail_nth_read+0x1be/0x230
[  266.324965][ T7958]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  266.324995][ T7958]  ? rw_verify_area+0x2ac/0x4e0
[  266.325025][ T7958]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  266.325053][ T7958]  vfs_read+0x212/0xa80
[  266.325094][ T7958]  ? __pfx_vfs_read+0x10/0x10
[  266.325128][ T7958]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  266.325164][ T7958]  ? lockdep_hardirqs_on+0x7a/0x110
[  266.325199][ T7958]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  266.325233][ T7958]  ? mutex_lock_nested+0x152/0x1d0
[  266.325259][ T7958]  ? fdget_pos+0x252/0x320
[  266.325296][ T7958]  ksys_read+0x156/0x270
[  266.325335][ T7958]  ? __pfx_ksys_read+0x10/0x10
[  266.325374][ T7958]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.325399][ T7958]  do_syscall_64+0x174/0x580
[  266.325432][ T7958]  ? trace_irq_disable+0x3b/0x140
[  266.325459][ T7958]  ? clear_bhb_loop+0x40/0x90
[  266.325487][ T7958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.325512][ T7958] RIP: 0033:0x7fe5bb03d68e
[  266.325532][ T7958] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  266.325552][ T7958] RSP: 002b:00007fe5b92d5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  266.325576][ T7958] RAX: ffffffffffffffda RBX: 00007fe5b92d66c0 RCX: 00007fe5bb03d68e
[  266.325594][ T7958] RDX: 000000000000000f RSI: 00007fe5b92d60a0 RDI: 0000000000000003
[  266.325608][ T7958] RBP: 00007fe5b92d6090 R08: 0000000000000000 R09: 0000000000000000
[  266.325624][ T7958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.325638][ T7958] R13: 00007fe5bb2f6038 R14: 00007fe5bb2f5fa0 R15: 00007ffd1eabdda8
[  266.325674][ T7958]  </TASK>
[  267.265387][ T7983] FAULT_INJECTION: forcing a failure.
[  267.265387][ T7983] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  267.265414][ T7983] CPU: 1 UID: 0 PID: 7983 Comm: syz.0.775 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  267.265432][ T7983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  267.265442][ T7983] Call Trace:
[  267.265448][ T7983]  <TASK>
[  267.265454][ T7983]  dump_stack_lvl+0xe8/0x150
[  267.265478][ T7983]  should_fail_ex+0x46b/0x600
[  267.265505][ T7983]  _copy_to_user+0x31/0xb0
[  267.265526][ T7983]  simple_read_from_buffer+0xe1/0x170
[  267.265549][ T7983]  proc_fail_nth_read+0x1be/0x230
[  267.265571][ T7983]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  267.265598][ T7983]  ? rw_verify_area+0x2ac/0x4e0
[  267.265620][ T7983]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  267.265640][ T7983]  vfs_read+0x212/0xa80
[  267.265667][ T7983]  ? __pfx_vfs_read+0x10/0x10
[  267.265689][ T7983]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  267.265714][ T7983]  ? lockdep_hardirqs_on+0x7a/0x110
[  267.265738][ T7983]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  267.265761][ T7983]  ? mutex_lock_nested+0x152/0x1d0
[  267.265778][ T7983]  ? fdget_pos+0x252/0x320
[  267.265803][ T7983]  ksys_read+0x156/0x270
[  267.265827][ T7983]  ? __pfx_ksys_read+0x10/0x10
[  267.265854][ T7983]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.265871][ T7983]  do_syscall_64+0x174/0x580
[  267.265894][ T7983]  ? trace_irq_disable+0x3b/0x140
[  267.265912][ T7983]  ? clear_bhb_loop+0x40/0x90
[  267.265931][ T7983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.265946][ T7983] RIP: 0033:0x7fcc71aed68e
[  267.265960][ T7983] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  267.265974][ T7983] RSP: 002b:00007fcc6fd85fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  267.265990][ T7983] RAX: ffffffffffffffda RBX: 00007fcc6fd866c0 RCX: 00007fcc71aed68e
[  267.266002][ T7983] RDX: 000000000000000f RSI: 00007fcc6fd860a0 RDI: 0000000000000004
[  267.266011][ T7983] RBP: 00007fcc6fd86090 R08: 0000000000000000 R09: 0000000000000000
[  267.266021][ T7983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.266030][ T7983] R13: 00007fcc71da6038 R14: 00007fcc71da5fa0 R15: 00007ffd419df298
[  267.266054][ T7983]  </TASK>
[  267.320511][ T5348] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  267.421976][ T5605] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  267.603565][ T5348] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  267.603598][ T5348] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.603622][ T5348] usb 5-1: Product: syz
[  267.603633][ T5348] usb 5-1: Manufacturer: syz
[  267.603644][ T5348] usb 5-1: SerialNumber: syz
[  267.609537][ T5605] usb 6-1: Using ep0 maxpacket: 16
[  267.655068][ T5605] usb 6-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  267.655100][ T5605] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.710542][ T5605] usb 6-1: config 0 descriptor??
[  267.727927][ T5605] gspca_main: sonixj-2.14.0 probing 0471:0327
[  268.074309][ T5348] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  268.074378][ T5348] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  268.281050][ T5348] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  268.281116][ T5348] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  268.296836][ T5348] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  268.335799][ T5348] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -32
[  268.550744][ T7981] netlink: 64 bytes leftover after parsing attributes in process `syz.5.773'.
[  268.563896][ T5605] gspca_sonixj: reg_r err -71
[  268.563989][ T5605] sonixj 6-1:0.0: probe with driver sonixj failed with error -71
[  268.629439][ T5605] usb 6-1: USB disconnect, device number 15
[  268.663980][ T7998] FAULT_INJECTION: forcing a failure.
[  268.663980][ T7998] name failslab, interval 1, probability 0, space 0, times 0
[  268.664017][ T7998] CPU: 1 UID: 0 PID: 7998 Comm: syz.0.780 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  268.664042][ T7998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  268.664056][ T7998] Call Trace:
[  268.664065][ T7998]  <TASK>
[  268.664074][ T7998]  dump_stack_lvl+0xe8/0x150
[  268.664107][ T7998]  should_fail_ex+0x46b/0x600
[  268.664146][ T7998]  should_failslab+0xa8/0x100
[  268.664178][ T7998]  __kvmalloc_node_noprof+0x170/0x8e0
[  268.664210][ T7998]  ? file_tty_write+0x2ec/0xa10
[  268.664234][ T7998]  ? _mutex_trylock_nest_lock+0x128/0x180
[  268.664267][ T7998]  file_tty_write+0x2ec/0xa10
[  268.664301][ T7998]  vfs_write+0x629/0xba0
[  268.664343][ T7998]  ? __pfx_vfs_write+0x10/0x10
[  268.664383][ T7998]  ? __fget_files+0x2a/0x420
[  268.664419][ T7998]  ksys_write+0x156/0x270
[  268.664463][ T7998]  ? __pfx_ksys_write+0x10/0x10
[  268.664502][ T7998]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.664527][ T7998]  do_syscall_64+0x174/0x580
[  268.664561][ T7998]  ? clear_bhb_loop+0x40/0x90
[  268.664589][ T7998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.664612][ T7998] RIP: 0033:0x7fcc71b2ce59
[  268.664631][ T7998] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  268.664651][ T7998] RSP: 002b:00007fcc6fd86028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  268.664674][ T7998] RAX: ffffffffffffffda RBX: 00007fcc71da5fa0 RCX: 00007fcc71b2ce59
[  268.664691][ T7998] RDX: 0000000000001006 RSI: 0000200000000100 RDI: 0000000000000004
[  268.664705][ T7998] RBP: 00007fcc6fd86090 R08: 0000000000000000 R09: 0000000000000000
[  268.664719][ T7998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.664732][ T7998] R13: 00007fcc71da6038 R14: 00007fcc71da5fa0 R15: 00007ffd419df298
[  268.664766][ T7998]  </TASK>
[  269.016601][ T5348] usb 5-1: USB disconnect, device number 31
[  269.198380][ T8008] netdevsim netdevsim5 : renamed from netdevsim0 (while UP)
[  269.308833][ T5605] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  269.481479][ T5605] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  269.481529][ T5605] usb 1-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[  269.481557][ T5605] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.517693][ T5605] usb 1-1: config 0 descriptor??
[  269.548008][ T5605] smsusb:smsusb_probe: board id=8, interface number 0
[  269.548128][ T5605] smsusb:smsusb_probe: Device initialized with return code -19
[  269.564463][ T5348] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  269.724042][ T5348] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  269.724097][ T5348] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  269.724123][ T5348] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.750080][ T8003] ./file0: Can't lookup blockdev
[  269.751362][ T8004] ./file0: Can't lookup blockdev
[  269.769269][ T5348] usb 6-1: config 0 descriptor??
[  269.769893][ T5605] usb 1-1: USB disconnect, device number 40
[  269.984259][ T8010] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.984803][ T8010] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  270.029002][ T8010] netlink: 25 bytes leftover after parsing attributes in process `syz.5.785'.
[  270.443097][ T5348] usbhid 6-1:0.0: can't add hid device: -71
[  270.443226][ T5348] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  270.476800][ T5348] usb 6-1: USB disconnect, device number 16
[  270.492582][ T8028] FAULT_INJECTION: forcing a failure.
[  270.492582][ T8028] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  270.492618][ T8028] CPU: 0 UID: 0 PID: 8028 Comm: syz.4.792 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  270.492644][ T8028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  270.492659][ T8028] Call Trace:
[  270.492667][ T8028]  <TASK>
[  270.492677][ T8028]  dump_stack_lvl+0xe8/0x150
[  270.492710][ T8028]  should_fail_ex+0x46b/0x600
[  270.492749][ T8028]  _copy_to_user+0x31/0xb0
[  270.492778][ T8028]  simple_read_from_buffer+0xe1/0x170
[  270.492811][ T8028]  proc_fail_nth_read+0x1be/0x230
[  270.492843][ T8028]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  270.492872][ T8028]  ? rw_verify_area+0x2ac/0x4e0
[  270.492905][ T8028]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  270.492934][ T8028]  vfs_read+0x212/0xa80
[  270.492974][ T8028]  ? __pfx_vfs_read+0x10/0x10
[  270.493008][ T8028]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  270.493044][ T8028]  ? lockdep_hardirqs_on+0x7a/0x110
[  270.493077][ T8028]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  270.493111][ T8028]  ? mutex_lock_nested+0x152/0x1d0
[  270.493136][ T8028]  ? fdget_pos+0x252/0x320
[  270.493173][ T8028]  ksys_read+0x156/0x270
[  270.493206][ T8028]  ? __pfx_ksys_read+0x10/0x10
[  270.493245][ T8028]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.493271][ T8028]  do_syscall_64+0x174/0x580
[  270.493303][ T8028]  ? trace_irq_disable+0x3b/0x140
[  270.493329][ T8028]  ? clear_bhb_loop+0x40/0x90
[  270.493358][ T8028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.493381][ T8028] RIP: 0033:0x7f22cdbad68e
[  270.493412][ T8028] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  270.493433][ T8028] RSP: 002b:00007f22cbe45fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  270.493457][ T8028] RAX: ffffffffffffffda RBX: 00007f22cbe466c0 RCX: 00007f22cdbad68e
[  270.493475][ T8028] RDX: 000000000000000f RSI: 00007f22cbe460a0 RDI: 0000000000000005
[  270.493489][ T8028] RBP: 00007f22cbe46090 R08: 0000000000000000 R09: 0000000000000000
[  270.493504][ T8028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.493518][ T8028] R13: 00007f22cde66038 R14: 00007f22cde65fa0 R15: 00007ffc26ac3198
[  270.493554][ T8028]  </TASK>
[  270.690077][ T1120] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  270.787285][   T38] audit: type=1800 audit(1780074098.990:3): pid=8033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.793" name=01 dev="tmpfs" ino=1094 res=0 errno=0
[  270.898892][ T1120] usb 2-1: Using ep0 maxpacket: 32
[  270.901404][ T1120] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  270.901432][ T1120] usb 2-1: config 0 has no interface number 0
[  270.901500][ T1120] usb 2-1: config 0 interface 12 has no altsetting 0
[  270.946857][ T1120] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  270.946881][ T1120] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.946896][ T1120] usb 2-1: Product: syz
[  270.946907][ T1120] usb 2-1: Manufacturer: syz
[  270.946918][ T1120] usb 2-1: SerialNumber: syz
[  270.990436][ T1120] usb 2-1: config 0 descriptor??
[  271.045683][   T38] audit: type=1800 audit(1780074099.270:4): pid=8039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.795" name=01 dev="tmpfs" ino=794 res=0 errno=0
[  271.047359][ T8039] FAULT_INJECTION: forcing a failure.
[  271.047359][ T8039] name failslab, interval 1, probability 0, space 0, times 0
[  271.047395][ T8039] CPU: 1 UID: 0 PID: 8039 Comm: syz.4.795 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  271.047421][ T8039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  271.047436][ T8039] Call Trace:
[  271.047444][ T8039]  <TASK>
[  271.047456][ T8039]  dump_stack_lvl+0xe8/0x150
[  271.047489][ T8039]  should_fail_ex+0x46b/0x600
[  271.047528][ T8039]  should_failslab+0xa8/0x100
[  271.047559][ T8039]  __kmalloc_cache_noprof+0x84/0x690
[  271.047591][ T8039]  ? __vb2_init_fileio+0x1e8/0xff0
[  271.047622][ T8039]  ? aa_file_perm+0x192/0x15f0
[  271.047653][ T8039]  __vb2_init_fileio+0x1e8/0xff0
[  271.047715][ T8039]  ? do_raw_spin_lock+0x12b/0x2f0
[  271.047737][ T8039]  ? lock_acquire+0x106/0x350
[  271.047773][ T8039]  __vb2_perform_fileio+0x282/0x1620
[  271.047814][ T8039]  ? mutex_lock_interruptible_nested+0x152/0x1d0
[  271.047843][ T8039]  ? vb2_fop_write+0x11a/0x350
[  271.047874][ T8039]  vb2_fop_write+0x235/0x350
[  271.047909][ T8039]  v4l2_write+0x19f/0x2c0
[  271.047940][ T8039]  ? __pfx_v4l2_write+0x10/0x10
[  271.047971][ T8039]  vfs_write+0x2a3/0xba0
[  271.048012][ T8039]  ? __pfx_vfs_write+0x10/0x10
[  271.048047][ T8039]  ? __fget_files+0x2a/0x420
[  271.048077][ T8039]  ? __fget_files+0x2a/0x420
[  271.048108][ T8039]  ? __fget_files+0x3a6/0x420
[  271.048134][ T8039]  ? __fget_files+0x2a/0x420
[  271.048171][ T8039]  ksys_write+0x156/0x270
[  271.048213][ T8039]  ? __pfx_ksys_write+0x10/0x10
[  271.048256][ T8039]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.048282][ T8039]  do_syscall_64+0x174/0x580
[  271.048318][ T8039]  ? clear_bhb_loop+0x40/0x90
[  271.048347][ T8039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.048369][ T8039] RIP: 0033:0x7f22cdbece59
[  271.048390][ T8039] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  271.048411][ T8039] RSP: 002b:00007f22cbe46028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  271.048436][ T8039] RAX: ffffffffffffffda RBX: 00007f22cde65fa0 RCX: 00007f22cdbece59
[  271.048453][ T8039] RDX: 000000000000ca80 RSI: 0000200000000340 RDI: 0000000000000005
[  271.048468][ T8039] RBP: 00007f22cbe46090 R08: 0000000000000000 R09: 0000000000000000
[  271.048482][ T8039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.048495][ T8039] R13: 00007f22cde66038 R14: 00007f22cde65fa0 R15: 00007ffc26ac3198
[  271.048529][ T8039]  </TASK>
[  271.587005][ T1120] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  271.587064][ T1120] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[  271.587083][ T1120] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  271.587182][ T1120] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[  271.656282][   T60] Bluetooth: hci4: SCO packet for unknown connection handle 201
[  271.675136][ T1120] usb 2-1: USB disconnect, device number 49
[  271.805994][ T8047] input: syz0 as /devices/virtual/input/input21
[  272.595084][   T60] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  273.128907][ T1120] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  273.280123][ T8085] FAULT_INJECTION: forcing a failure.
[  273.280123][ T8085] name failslab, interval 1, probability 0, space 0, times 0
[  273.280151][ T8085] CPU: 1 UID: 0 PID: 8085 Comm: syz.4.815 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  273.280173][ T8085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  273.280183][ T8085] Call Trace:
[  273.280189][ T8085]  <TASK>
[  273.280196][ T8085]  dump_stack_lvl+0xe8/0x150
[  273.280220][ T8085]  should_fail_ex+0x46b/0x600
[  273.280252][ T8085]  should_failslab+0xa8/0x100
[  273.280275][ T8085]  __kmalloc_noprof+0xdf/0x7b0
[  273.280294][ T8085]  ? kfree+0x4d/0x6c0
[  273.280310][ T8085]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  273.280334][ T8085]  tomoyo_realpath_from_path+0xe3/0x5d0
[  273.280355][ T8085]  ? tomoyo_domain+0xd7/0x130
[  273.280378][ T8085]  ? tomoyo_path_number_perm+0x219/0x630
[  273.280404][ T8085]  tomoyo_path_number_perm+0x246/0x630
[  273.280432][ T8085]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  273.280456][ T8085]  ? __lock_acquire+0x6b5/0x2d10
[  273.280478][ T8085]  ? do_raw_spin_lock+0x12b/0x2f0
[  273.280517][ T8085]  ? __fget_files+0x2a/0x420
[  273.280539][ T8085]  ? __fget_files+0x2a/0x420
[  273.280556][ T8085]  ? __fget_files+0x3a6/0x420
[  273.280575][ T8085]  ? __fget_files+0x2a/0x420
[  273.280596][ T8085]  security_file_ioctl+0xc3/0x2a0
[  273.280622][ T8085]  __se_sys_ioctl+0x47/0x170
[  273.280646][ T8085]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.280671][ T8085]  do_syscall_64+0x174/0x580
[  273.280695][ T8085]  ? trace_irq_disable+0x3b/0x140
[  273.280714][ T8085]  ? clear_bhb_loop+0x40/0x90
[  273.280734][ T8085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.280750][ T8085] RIP: 0033:0x7f22cdbece59
[  273.280766][ T8085] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  273.280780][ T8085] RSP: 002b:00007f22cbe46028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  273.280796][ T8085] RAX: ffffffffffffffda RBX: 00007f22cde65fa0 RCX: 00007f22cdbece59
[  273.280808][ T8085] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  273.280817][ T8085] RBP: 00007f22cbe46090 R08: 0000000000000000 R09: 0000000000000000
[  273.280827][ T8085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.280837][ T8085] R13: 00007f22cde66038 R14: 00007f22cde65fa0 R15: 00007ffc26ac3198
[  273.280861][ T8085]  </TASK>
[  273.280953][ T8085] ERROR: Out of memory at tomoyo_realpath_from_path.
[  273.292810][ T1120] usb 1-1: Using ep0 maxpacket: 32
[  273.323936][ T1120] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  273.324007][ T1120] usb 1-1: config 0 has no interface number 0
[  273.340791][ T1120] usb 1-1: config 0 interface 12 has no altsetting 0
[  273.411517][ T1120] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  273.411646][ T1120] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.411708][ T1120] usb 1-1: Product: syz
[  273.411758][ T1120] usb 1-1: Manufacturer: syz
[  273.411794][ T1120] usb 1-1: SerialNumber: syz
[  273.503969][ T1120] usb 1-1: config 0 descriptor??
[  274.011981][ T1120] f81534 1-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  274.012035][ T1120] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[  274.012055][ T1120] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  274.012140][ T1120] f81534 1-1:0.12: probe with driver f81534 failed with error -71
[  274.095342][ T1120] usb 1-1: USB disconnect, device number 41
[  274.116291][   T60] Bluetooth: hci5: SCO packet for unknown connection handle 201
[  275.002113][ T8118] FAULT_INJECTION: forcing a failure.
[  275.002113][ T8118] name failslab, interval 1, probability 0, space 0, times 0
[  275.002142][ T8118] CPU: 1 UID: 0 PID: 8118 Comm: syz.5.827 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  275.002161][ T8118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  275.002171][ T8118] Call Trace:
[  275.002178][ T8118]  <TASK>
[  275.002184][ T8118]  dump_stack_lvl+0xe8/0x150
[  275.002208][ T8118]  should_fail_ex+0x46b/0x600
[  275.002237][ T8118]  should_failslab+0xa8/0x100
[  275.002260][ T8118]  __kmalloc_noprof+0xdf/0x7b0
[  275.002279][ T8118]  ? kfree+0x4d/0x6c0
[  275.002294][ T8118]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  275.002319][ T8118]  tomoyo_realpath_from_path+0xe3/0x5d0
[  275.002339][ T8118]  ? tomoyo_domain+0xd7/0x130
[  275.002363][ T8118]  ? tomoyo_path_number_perm+0x219/0x630
[  275.002388][ T8118]  tomoyo_path_number_perm+0x246/0x630
[  275.002416][ T8118]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  275.002441][ T8118]  ? __lock_acquire+0x6b5/0x2d10
[  275.002462][ T8118]  ? do_raw_spin_lock+0x12b/0x2f0
[  275.002542][ T8118]  ? __fget_files+0x2a/0x420
[  275.002573][ T8118]  ? __fget_files+0x2a/0x420
[  275.002599][ T8118]  ? __fget_files+0x3a6/0x420
[  275.002624][ T8118]  ? __fget_files+0x2a/0x420
[  275.002646][ T8118]  security_file_ioctl+0xc3/0x2a0
[  275.002671][ T8118]  __se_sys_ioctl+0x47/0x170
[  275.002695][ T8118]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.002713][ T8118]  do_syscall_64+0x174/0x580
[  275.002737][ T8118]  ? trace_irq_disable+0x3b/0x140
[  275.002756][ T8118]  ? clear_bhb_loop+0x40/0x90
[  275.002775][ T8118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.002792][ T8118] RIP: 0033:0x7fe5bb07ce59
[  275.002807][ T8118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  275.002821][ T8118] RSP: 002b:00007fe5b92d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  275.002838][ T8118] RAX: ffffffffffffffda RBX: 00007fe5bb2f5fa0 RCX: 00007fe5bb07ce59
[  275.002850][ T8118] RDX: 0000200000000140 RSI: 000000004400ae8f RDI: 0000000000000006
[  275.002860][ T8118] RBP: 00007fe5b92d6090 R08: 0000000000000000 R09: 0000000000000000
[  275.002870][ T8118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  275.002880][ T8118] R13: 00007fe5bb2f6038 R14: 00007fe5bb2f5fa0 R15: 00007ffd1eabdda8
[  275.002904][ T8118]  </TASK>
[  275.002910][ T8118] ERROR: Out of memory at tomoyo_realpath_from_path.
[  275.312891][   T60] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  275.838757][  T823] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  275.978943][   T10] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  275.988762][  T823] usb 6-1: Using ep0 maxpacket: 32
[  275.996338][  T823] usb 6-1: config 0 has an invalid interface number: 12 but max is 0
[  275.996414][  T823] usb 6-1: config 0 has no interface number 0
[  275.996507][  T823] usb 6-1: config 0 interface 12 has no altsetting 0
[  276.026346][  T823] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  276.026380][  T823] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.026402][  T823] usb 6-1: Product: syz
[  276.026424][  T823] usb 6-1: Manufacturer: syz
[  276.026441][  T823] usb 6-1: SerialNumber: syz
[  276.035563][  T823] usb 6-1: config 0 descriptor??
[  276.143770][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.143826][   T10] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  276.143854][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.181463][   T10] usb 1-1: config 0 descriptor??
[  276.355486][ T8141] FAULT_INJECTION: forcing a failure.
[  276.355486][ T8141] name failslab, interval 1, probability 0, space 0, times 0
[  276.355523][ T8141] CPU: 1 UID: 0 PID: 8141 Comm: syz.1.836 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  276.355552][ T8141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  276.355566][ T8141] Call Trace:
[  276.355575][ T8141]  <TASK>
[  276.355585][ T8141]  dump_stack_lvl+0xe8/0x150
[  276.355618][ T8141]  should_fail_ex+0x46b/0x600
[  276.355655][ T8141]  should_failslab+0xa8/0x100
[  276.355683][ T8141]  __kmalloc_noprof+0xdf/0x7b0
[  276.355702][ T8141]  ? kfree+0x4d/0x6c0
[  276.355734][ T8141]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  276.355768][ T8141]  tomoyo_realpath_from_path+0xe3/0x5d0
[  276.355797][ T8141]  ? tomoyo_domain+0xd7/0x130
[  276.355828][ T8141]  ? tomoyo_path_number_perm+0x219/0x630
[  276.355864][ T8141]  tomoyo_path_number_perm+0x246/0x630
[  276.355900][ T8141]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  276.355936][ T8141]  ? __lock_acquire+0x6b5/0x2d10
[  276.355964][ T8141]  ? do_raw_spin_lock+0x12b/0x2f0
[  276.356035][ T8141]  ? __fget_files+0x2a/0x420
[  276.356071][ T8141]  ? __fget_files+0x2a/0x420
[  276.356098][ T8141]  ? __fget_files+0x3a6/0x420
[  276.356126][ T8141]  ? __fget_files+0x2a/0x420
[  276.356156][ T8141]  security_file_ioctl+0xc3/0x2a0
[  276.356194][ T8141]  __se_sys_ioctl+0x47/0x170
[  276.356218][ T8141]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.356250][ T8141]  do_syscall_64+0x174/0x580
[  276.356288][ T8141]  ? clear_bhb_loop+0x40/0x90
[  276.356316][ T8141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.356345][ T8141] RIP: 0033:0x7f6ea148ce59
[  276.356367][ T8141] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  276.356381][ T8141] RSP: 002b:00007f6e9f6e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  276.356398][ T8141] RAX: ffffffffffffffda RBX: 00007f6ea1705fa0 RCX: 00007f6ea148ce59
[  276.356424][ T8141] RDX: 0000200000000040 RSI: 0000000000005411 RDI: 0000000000000003
[  276.356439][ T8141] RBP: 00007f6e9f6e6090 R08: 0000000000000000 R09: 0000000000000000
[  276.356455][ T8141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.356469][ T8141] R13: 00007f6ea1706038 R14: 00007f6ea1705fa0 R15: 00007ffd4c448ad8
[  276.356504][ T8141]  </TASK>
[  276.356566][ T8141] ERROR: Out of memory at tomoyo_realpath_from_path.
[  276.423199][ T8135] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  276.427589][ T8135] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.653069][  T823] f81534 6-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  276.653131][  T823] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71
[  276.653152][  T823] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  276.653248][  T823] f81534 6-1:0.12: probe with driver f81534 failed with error -71
[  276.695666][  T823] usb 6-1: USB disconnect, device number 17
[  276.813415][   T10] usbhid 1-1:0.0: can't add hid device: -71
[  276.813554][   T10] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  276.816953][   T60] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  276.845201][   T10] usb 1-1: USB disconnect, device number 42
[  277.308996][   T38] audit: type=1326 audit(1780074105.530:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8105 comm="syz.4.821" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22cdbece59 code=0x7fc00000
[  278.046494][   T60] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  278.252081][ T8179] netlink: 8 bytes leftover after parsing attributes in process `syz.1.850'.
[  278.348761][   T32] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  278.368307][   T10] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  278.504896][   T32] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  278.504951][   T32] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  278.504978][   T32] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.517399][   T32] usb 5-1: config 0 descriptor??
[  278.542811][   T10] usb 1-1: Using ep0 maxpacket: 32
[  278.544907][   T10] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  278.544935][   T10] usb 1-1: config 0 has no interface number 0
[  278.544981][   T10] usb 1-1: config 0 interface 12 has no altsetting 0
[  278.553876][   T10] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  278.553907][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.553930][   T10] usb 1-1: Product: syz
[  278.553945][   T10] usb 1-1: Manufacturer: syz
[  278.553961][   T10] usb 1-1: SerialNumber: syz
[  278.621859][   T10] usb 1-1: config 0 descriptor??
[  278.744689][ T8175] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  278.746218][ T8175] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  279.080021][   T10] f81534 1-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  279.080072][   T10] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[  279.080090][   T10] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  279.080177][   T10] f81534 1-1:0.12: probe with driver f81534 failed with error -71
[  279.093990][   T32] usbhid 5-1:0.0: can't add hid device: -71
[  279.094295][   T32] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  279.130727][ T8189] loop8: detected capacity change from 0 to 1
[  279.142957][   T32] usb 5-1: USB disconnect, device number 32
[  279.194887][ T8189] Dev loop8: unable to read RDB block 1
[  279.194933][ T8189]  loop8: unable to read partition table
[  279.195183][ T8189] loop8: partition table beyond EOD, truncated
[  279.195205][ T8189] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  279.246612][   T10] usb 1-1: USB disconnect, device number 43
[  279.605915][ T8195] FAULT_INJECTION: forcing a failure.
[  279.605915][ T8195] name failslab, interval 1, probability 0, space 0, times 0
[  279.605962][ T8195] CPU: 0 UID: 0 PID: 8195 Comm: syz.5.857 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  279.605988][ T8195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  279.606004][ T8195] Call Trace:
[  279.606013][ T8195]  <TASK>
[  279.606022][ T8195]  dump_stack_lvl+0xe8/0x150
[  279.606056][ T8195]  should_fail_ex+0x46b/0x600
[  279.606097][ T8195]  should_failslab+0xa8/0x100
[  279.606128][ T8195]  __kmalloc_noprof+0xdf/0x7b0
[  279.606155][ T8195]  ? kfree+0x4d/0x6c0
[  279.606177][ T8195]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  279.606213][ T8195]  tomoyo_realpath_from_path+0xe3/0x5d0
[  279.606242][ T8195]  ? tomoyo_domain+0xd7/0x130
[  279.606277][ T8195]  ? tomoyo_path_number_perm+0x219/0x630
[  279.606314][ T8195]  tomoyo_path_number_perm+0x246/0x630
[  279.606354][ T8195]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  279.606388][ T8195]  ? __lock_acquire+0x6b5/0x2d10
[  279.606418][ T8195]  ? do_raw_spin_lock+0x12b/0x2f0
[  279.606475][ T8195]  ? __fget_files+0x2a/0x420
[  279.606505][ T8195]  ? __fget_files+0x2a/0x420
[  279.606531][ T8195]  ? __fget_files+0x3a6/0x420
[  279.606556][ T8195]  ? __fget_files+0x2a/0x420
[  279.606591][ T8195]  security_file_ioctl+0xc3/0x2a0
[  279.606628][ T8195]  __se_sys_ioctl+0x47/0x170
[  279.606662][ T8195]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.606688][ T8195]  do_syscall_64+0x174/0x580
[  279.606723][ T8195]  ? trace_irq_disable+0x3b/0x140
[  279.606749][ T8195]  ? clear_bhb_loop+0x40/0x90
[  279.606778][ T8195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.606801][ T8195] RIP: 0033:0x7fe5bb07ce59
[  279.606822][ T8195] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  279.606842][ T8195] RSP: 002b:00007fe5b92d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  279.606866][ T8195] RAX: ffffffffffffffda RBX: 00007fe5bb2f5fa0 RCX: 00007fe5bb07ce59
[  279.606883][ T8195] RDX: 0000200000000040 RSI: 00000000c01064d1 RDI: 0000000000000003
[  279.606897][ T8195] RBP: 00007fe5b92d6090 R08: 0000000000000000 R09: 0000000000000000
[  279.606911][ T8195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.606926][ T8195] R13: 00007fe5bb2f6038 R14: 00007fe5bb2f5fa0 R15: 00007ffd1eabdda8
[  279.606983][ T8195]  </TASK>
[  279.607015][ T8195] ERROR: Out of memory at tomoyo_realpath_from_path.
[  280.010329][   T60] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  280.370219][   T32] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  280.521705][   T32] usb 2-1: Using ep0 maxpacket: 8
[  280.524554][   T32] usb 2-1: config index 0 descriptor too short (expected 26, got 18)
[  280.528331][   T32] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  280.528363][   T32] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.528405][   T32] usb 2-1: Product: syz
[  280.528422][   T32] usb 2-1: Manufacturer: syz
[  280.528439][   T32] usb 2-1: SerialNumber: syz
[  280.634883][   T32] usb 2-1: config 0 descriptor??
[  280.670027][   T32] gspca_main: sq930x-2.14.0 probing 2770:930c
[  280.822760][ T8212] FAULT_INJECTION: forcing a failure.
[  280.822760][ T8212] name failslab, interval 1, probability 0, space 0, times 0
[  280.822800][ T8212] CPU: 0 UID: 0 PID: 8212 Comm: syz.5.865 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  280.822827][ T8212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  280.822842][ T8212] Call Trace:
[  280.822850][ T8212]  <TASK>
[  280.822860][ T8212]  dump_stack_lvl+0xe8/0x150
[  280.822893][ T8212]  should_fail_ex+0x46b/0x600
[  280.822930][ T8212]  should_failslab+0xa8/0x100
[  280.822964][ T8212]  __kmalloc_noprof+0xdf/0x7b0
[  280.822992][ T8212]  ? kfree+0x4d/0x6c0
[  280.823016][ T8212]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  280.823051][ T8212]  tomoyo_realpath_from_path+0xe3/0x5d0
[  280.823082][ T8212]  ? tomoyo_domain+0xd7/0x130
[  280.823115][ T8212]  ? tomoyo_path_number_perm+0x219/0x630
[  280.823153][ T8212]  tomoyo_path_number_perm+0x246/0x630
[  280.823194][ T8212]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  280.823230][ T8212]  ? __lock_acquire+0x6b5/0x2d10
[  280.823261][ T8212]  ? do_raw_spin_lock+0x12b/0x2f0
[  280.823322][ T8212]  ? __fget_files+0x2a/0x420
[  280.823354][ T8212]  ? __fget_files+0x2a/0x420
[  280.823381][ T8212]  ? __fget_files+0x3a6/0x420
[  280.823416][ T8212]  ? __fget_files+0x2a/0x420
[  280.823448][ T8212]  security_file_ioctl+0xc3/0x2a0
[  280.823485][ T8212]  __se_sys_ioctl+0x47/0x170
[  280.823520][ T8212]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.823545][ T8212]  do_syscall_64+0x174/0x580
[  280.823579][ T8212]  ? trace_irq_disable+0x3b/0x140
[  280.823604][ T8212]  ? clear_bhb_loop+0x40/0x90
[  280.823633][ T8212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.823657][ T8212] RIP: 0033:0x7fe5bb07ce59
[  280.823679][ T8212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  280.823700][ T8212] RSP: 002b:00007fe5b92d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  280.823725][ T8212] RAX: ffffffffffffffda RBX: 00007fe5bb2f5fa0 RCX: 00007fe5bb07ce59
[  280.823742][ T8212] RDX: 0000200000000000 RSI: 00000000c028aa03 RDI: 0000000000000003
[  280.823758][ T8212] RBP: 00007fe5b92d6090 R08: 0000000000000000 R09: 0000000000000000
[  280.823773][ T8212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.823788][ T8212] R13: 00007fe5bb2f6038 R14: 00007fe5bb2f5fa0 R15: 00007ffd1eabdda8
[  280.823824][ T8212]  </TASK>
[  280.823861][ T8212] ERROR: Out of memory at tomoyo_realpath_from_path.
[  281.216246][   T32] gspca_sq930x: reg_r 001f failed -110
[  281.216385][   T32] sq930x 2-1:0.0: probe with driver sq930x failed with error -110
[  281.450188][   T10] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  281.570906][ T1120] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  281.608905][   T10] usb 5-1: Using ep0 maxpacket: 32
[  281.613063][   T10] usb 5-1: config 0 has an invalid interface number: 12 but max is 0
[  281.613114][   T10] usb 5-1: config 0 has no interface number 0
[  281.613165][   T10] usb 5-1: config 0 interface 12 has no altsetting 0
[  281.643777][   T10] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  281.643812][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.643835][   T10] usb 5-1: Product: syz
[  281.643851][   T10] usb 5-1: Manufacturer: syz
[  281.643869][   T10] usb 5-1: SerialNumber: syz
[  281.691296][   T10] usb 5-1: config 0 descriptor??
[  281.733138][   T60] Bluetooth: hci4: SCO packet for unknown connection handle 201
[  281.744212][ T1120] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  281.744267][ T1120] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  281.744363][ T1120] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.806607][ T1120] usb 1-1: config 0 descriptor??
[  282.028067][ T8218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  282.041349][ T8218] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  282.161667][   T10] f81534 5-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  282.161782][   T10] f81534 5-1:0.12: f81534_find_config_idx: read failed: -71
[  282.161803][   T10] f81534 5-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  282.161958][   T10] f81534 5-1:0.12: probe with driver f81534 failed with error -71
[  282.236702][   T10] usb 5-1: USB disconnect, device number 33
[  282.324831][ T1120] usbhid 1-1:0.0: can't add hid device: -71
[  282.324941][ T1120] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  282.349875][ T1120] usb 1-1: USB disconnect, device number 44
[  282.962267][ T8236] x_tables: ip_tables: bpf.1 match: invalid size 528 (kernel) != (user) 544
[  283.073112][ T8238] FAULT_INJECTION: forcing a failure.
[  283.073112][ T8238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.073149][ T8238] CPU: 1 UID: 0 PID: 8238 Comm: syz.0.876 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  283.073174][ T8238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  283.073189][ T8238] Call Trace:
[  283.073197][ T8238]  <TASK>
[  283.073207][ T8238]  dump_stack_lvl+0xe8/0x150
[  283.073240][ T8238]  should_fail_ex+0x46b/0x600
[  283.073280][ T8238]  _copy_from_user+0x2d/0xb0
[  283.073309][ T8238]  ___sys_sendmsg+0x1c6/0x360
[  283.073344][ T8238]  ? __lock_acquire+0x6b5/0x2d10
[  283.073375][ T8238]  ? __pfx____sys_sendmsg+0x10/0x10
[  283.073445][ T8238]  ? __fget_files+0x2a/0x420
[  283.073472][ T8238]  ? __fget_files+0x3a6/0x420
[  283.073507][ T8238]  __x64_sys_sendmsg+0x1c3/0x2a0
[  283.073546][ T8238]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  283.073592][ T8238]  ? __pfx_ksys_write+0x10/0x10
[  283.073634][ T8238]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.073659][ T8238]  do_syscall_64+0x174/0x580
[  283.073695][ T8238]  ? trace_irq_disable+0x3b/0x140
[  283.073734][ T8238]  ? clear_bhb_loop+0x40/0x90
[  283.073764][ T8238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.073787][ T8238] RIP: 0033:0x7fcc71b2ce59
[  283.073809][ T8238] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  283.073830][ T8238] RSP: 002b:00007fcc6fd86028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.073855][ T8238] RAX: ffffffffffffffda RBX: 00007fcc71da5fa0 RCX: 00007fcc71b2ce59
[  283.073872][ T8238] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000003
[  283.073887][ T8238] RBP: 00007fcc6fd86090 R08: 0000000000000000 R09: 0000000000000000
[  283.073902][ T8238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.073916][ T8238] R13: 00007fcc71da6038 R14: 00007fcc71da5fa0 R15: 00007ffd419df298
[  283.073951][ T8238]  </TASK>
[  283.394251][ T5605] usb 2-1: USB disconnect, device number 50
[  283.857103][ T8249] netlink: 4 bytes leftover after parsing attributes in process `syz.5.881'.
[  285.837666][ T8285] tipc: Started in network mode
[  285.837700][ T8285] tipc: Node identity 22a853c993de, cluster identity 4711
[  285.838282][ T8285] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  286.120013][ T8287] random: crng reseeded on system resumption
[  287.260249][ T8284] tipc: Disabling bearer <eth:syzkaller0>
[  287.469099][ T5348] tipc: Node number set to 2977321929
[  287.503764][ T5605] IPVS: starting estimator thread 0...
[  287.728750][ T8297] IPVS: using max 8 ests per chain, 19200 per kthread
[  289.833703][ T8334] netlink: 'syz.0.911': attribute type 9 has an invalid length.
[  291.741710][ T8355] atomic_op ffff88803db07218 conn xmit_atomic 0000000000000000
[  292.128242][ T8333] vivid-000: kernel_thread() failed
[  294.972239][ T8405] netlink: 12960 bytes leftover after parsing attributes in process `syz.5.935'.
[  297.285505][ T8436] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  297.287303][ T8436] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  297.287552][ T8436] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  297.287741][ T8436] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  297.287927][ T8436] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  299.177680][ T5621] Bluetooth: hci1: command 0x0406 tx timeout
[  299.448495][ T5625] Bluetooth: hci4: command 0x0c1a tx timeout
[  299.448601][ T5621] Bluetooth: hci5: command 0x0c1a tx timeout
[  299.496336][ T5625] Bluetooth: hci2: command 0x0406 tx timeout
[  299.496405][ T5621] Bluetooth: hci3: command 0x0406 tx timeout
[  303.727701][ T8515] netlink: 12960 bytes leftover after parsing attributes in process `syz.4.972'.
[  304.380653][ T1120] usb 2-1: new full-speed USB device number 51 using dummy_hcd
[  304.578665][ T1120] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  304.578698][ T1120] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.578721][ T1120] usb 2-1: Product: syz
[  304.578737][ T1120] usb 2-1: Manufacturer: syz
[  304.578752][ T1120] usb 2-1: SerialNumber: syz
[  304.620042][ T1120] usb 2-1: config 0 descriptor??
[  304.858725][ T1120] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  305.034891][ T8550] netlink: 12960 bytes leftover after parsing attributes in process `syz.4.987'.
[  305.523795][ T1120] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  308.029881][ T8583] syz.0.999 (8583): drop_caches: 2
[  308.098935][ T1120] usb 2-1: USB disconnect, device number 51
[  308.323942][ T8591] netlink: 12960 bytes leftover after parsing attributes in process `syz.1.1001'.
[  309.019509][ T8617] netlink: 12960 bytes leftover after parsing attributes in process `syz.1.1012'.
[  311.617793][   T32] IPVS: starting estimator thread 0...
[  311.710847][ T8673] IPVS: using max 12 ests per chain, 28800 per kthread
[  311.957571][ T8682] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1038'.
[  312.146604][ T8687] fuse: root generation should be zero
[  312.925135][   T32] IPVS: starting estimator thread 0...
[  313.016827][ T8710] IPVS: using max 8 ests per chain, 19200 per kthread
[  314.242726][ T8713] evm: overlay not supported
[  316.138189][ T8756] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  318.237099][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  318.237216][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  319.680749][    C0] wlan0: beacon TX faster than countdown (channel/color switch) completion
[  320.362733][  T823] IPVS: starting estimator thread 0...
[  320.463888][ T8798] IPVS: using max 9 ests per chain, 21600 per kthread
[  323.497354][ T8872] 9pnet_virtio: no channels available for device 127.0.0.1
[  324.127819][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  324.149184][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  324.159880][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  331.576133][  T823] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  331.748215][  T823] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  331.748265][  T823] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  331.748294][  T823] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  331.748318][  T823] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  331.752892][  T823] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  331.752926][  T823] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  331.752949][  T823] usb 5-1: Manufacturer: syz
[  331.803730][  T823] usb 5-1: config 0 descriptor??
[  332.319111][  T823] appleir 0003:05AC:8243.0008: unknown main item tag 0x0
[  332.374837][  T823] appleir 0003:05AC:8243.0008: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  335.654666][ T5348] usb 5-1: USB disconnect, device number 34
[  336.421585][ T9042] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1160'.
[  339.007557][ T9082] usb usb7: usbfs: process 9082 (syz.5.1176) did not claim interface 0 before use
[  342.515382][ T9151] input: syz1 as /devices/virtual/input/input22
[  345.333586][ T9194] gfs2: error -5 reading superblock
[  347.721654][ T9203] veth0: entered promiscuous mode
[  347.723543][ T9203] veth0: left promiscuous mode
[  349.571299][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  351.169644][ T9234] Bluetooth: MGMT ver 1.23
[  352.531481][ T5712] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  353.926348][ T5712] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  353.926426][ T5712] usb 2-1: config 0 has no interface number 0
[  353.926500][ T5712] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  353.926551][ T5712] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  353.926599][ T5712] usb 2-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  353.928551][ T5712] usb 2-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[  353.928584][ T5712] usb 2-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0
[  353.928608][ T5712] usb 2-1: Product: syz
[  354.058438][ T5712] usb 2-1: config 0 descriptor??
[  355.139146][ T5712] chicony 0003:04F2:1421.0009: collection stack underflow
[  355.139183][ T5712] chicony 0003:04F2:1421.0009: item 0 1 0 12 parsing failed
[  355.139952][ T5712] chicony 0003:04F2:1421.0009: Chicony hid parse failed: -22
[  355.140050][ T5712] chicony 0003:04F2:1421.0009: probe with driver chicony failed with error -22
[  355.172209][ T5712] usb 2-1: USB disconnect, device number 52
[  356.041698][   T39] INFO: tas[  356.041698][   T39] INFO: task syz.3.504:7151 blocked for more than 143 seconds.
[  356.041727][   T39]       Not tainted syzkaller #0
[  356.041738][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  356.041749][   T39] task:syz.3.504       state:D stack:27920 pid:7151  tgid:7148  ppid:5618   task_flags:0x400040 flags:0x00080002
[  356.041817][   T39] Call Trace:
[  356.041899][   T39]  <TASK>
[  356.041972][   T39]  __schedule+0x16f9/0x5500
[  356.042077][   T39]  ? _raw_spin_unlock_irqrestore+0x47/0x80
[  356.042141][   T39]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  356.042184][   T39]  ? __pfx___schedule+0x10/0x10
[  356.042225][   T39]  ? schedule+0x90/0x360
[  356.042260][   T39]  schedule+0x164/0x360
[  356.042293][   T39]  cgroup_lock_and_drain_offline+0x516/0x650
[  356.042333][   T39]  ? __pfx_cgroup_lock_and_drain_offline+0x10/0x10
[  356.042359][   T39]  ? __pfx_autoremove_wake_function+0x10/0x10
[  356.042400][   T39]  cgroup_kn_lock_live+0x120/0x230
[  356.042426][   T39]  cgroup_subtree_control_write+0x4b3/0x10a0
[  356.042465][   T39]  ? __pfx_cgroup_subtree_control_write+0x10/0x10
[  356.042490][   T39]  ? kernfs_root+0x1c/0x230
[  356.042515][   T39]  ? kernfs_root+0x1c/0x230
[  356.042542][   T39]  ? kernfs_root+0x1ea/0x230
[  356.042575][   T39]  ? __pfx_cgroup_subtree_control_write+0x10/0x10
[  356.042597][   T39]  cgroup_file_write+0x331/0x8f0
[  356.042636][   T39]  ? __pfx_cgroup_file_write+0x10/0x10
[  356.042788][   T39]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  356.043668][   T39]  ? lockdep_hardirqs_on+0x7a/0x110
[  356.043721][   T39]  ? __pfx_cgroup_file_write+0x10/0x10
[  356.043758][   T39]  kernfs_fop_write_iter+0x3b0/0x540
[  356.043804][   T39]  vfs_write+0x629/0xba0
[  356.043849][   T39]  ? __pfx_vfs_write+0x10/0x10
[  356.043894][   T39]  ? mutex_lock_nested+0x168/0x1d0
[  356.043921][   T39]  ? __fget_files+0x2a/0x420
[  356.043960][   T39]  ksys_write+0x156/0x270
[  356.043998][   T39]  ? __pfx_ksys_write+0x10/0x10
[  356.044032][   T39]  ? __pfx_kcov_ioctl+0x10/0x10
[  356.044064][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.044090][   T39]  do_syscall_64+0x174/0x580
[  356.044126][   T39]  ? trace_irq_disable+0x3b/0x140
[  356.044153][   T39]  ? clear_bhb_loop+0x40/0x90
[  356.044183][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.044209][   T39] RIP: 0033:0x7f9df532ce59
[  356.044286][   T39] RSP: 002b:00007f9df3565028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  356.044361][   T39] RAX: ffffffffffffffda RBX: 00007f9df55a6090 RCX: 00007f9df532ce59
[  356.044379][   T39] RDX: 000000000000000b RSI: 0000200000000180 RDI: 0000000000000005
[  356.044395][   T39] RBP: 00007f9df53c2d6f R08: 0000000000000000 R09: 0000000000000000
[  356.044410][   T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  356.044425][   T39] R13: 00007f9df55a6128 R14: 00007f9df55a6090 R15: 00007fffb1cb2818
[  356.044462][   T39]  </TASK>
[  356.044494][   T39] 
[  356.044494][   T39] Showing all locks held in the system:
[  356.044508][   T39] 1 lock held by khungtaskd/39:
[  356.044523][   T39]  #0: ffffffff8e1cac60 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  356.044686][   T39] 2 locks held by kworker/u8:10/1397:
[  356.044728][   T39]  #0: ffff88813fe54138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x897/0x1630
[  356.044796][   T39]  #1: ffffc90006977c40 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630
[  356.044862][   T39] 5 locks held by kworker/u8:15/1528:
[  356.044875][   T39]  #0: ffff888032883938 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_one_work+0x897/0x1630
[  356.044940][   T39]  #1: ffffc90006bf7c40 ((work_completion)(&(&bat_priv->tt.work)->work)){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630
[  356.045006][   T39]  #2: ffffffff8e0613c0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  356.045073][   T39]  #3: ffffffff8e1cac60 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  356.045139][   T39]  #4: ffff888041d1e458 (key#18){+...}-{3:3}, at: batadv_tt_purge+0x138/0xa10
[  356.045207][   T39] 6 locks held by kworker/u8:17/1558:
[  356.045221][   T39]  #0: ffff88813fe54138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x897/0x1630
[  356.045329][   T39]  #1: ffffc90006d47c40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630
[  356.045400][   T39]  #2: ffff8880395f6310 (&devlink->lock_key#3){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbd0
[  356.045470][   T39]  #3: ffff8880394c3120 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbd0
[  356.045535][   T39]  #4: ffffffff8e1cac60 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[  356.045603][   T39]  #5: ffffffff8e1cac60 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame+0xa6/0x2550
[  356.045687][   T39] 2 locks held by getty/5370:
[  356.045699][   T39]  #0: ffff888035be60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  356.045759][   T39]  #1: ffffc90003cc62e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13a0
[  356.045836][   T39] 3 locks held by syz.3.504/7151:
[  356.045849][   T39]  #0: ffff888036c10128 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x252/0x320
[  356.045910][   T39]  #1: ffff888035a08480 (sb_writers#9){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0
[  356.045978][   T39]  #2: ffff888033cbe078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  356.046053][   T39] 2 locks held by syz.1.1249/9282:
[  356.046067][   T39]  #0: ffff88802a81e480 (sb_writers#3){.+.+}-{0:0}, at: direct_splice_actor+0x49/0x160
[  356.046138][   T39]  #1: ffffffff8e2ad938 (lock#3){+.+.}-{4:4}, at: __lru_add_drain_all+0x6b/0x5e0
[  356.046216][   T39] 
[  356.046235][   T39] =============================================
[  356.046235][   T39] 
[  356.046292][   T39] NMI backtrace for cpu 1
[  356.046309][   T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  356.046333][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  356.046348][   T39] Call Trace:
[  356.046357][   T39]  <TASK>
[  356.046365][   T39]  dump_stack_lvl+0xe8/0x150
[  356.046396][   T39]  nmi_cpu_backtrace+0x274/0x2d0
[  356.046426][   T39]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  356.046456][   T39]  nmi_trigger_cpumask_backtrace+0x17a/0x380
[  356.046489][   T39]  sys_info+0x135/0x170
[  356.046514][   T39]  watchdog+0xfd3/0x1030
[  356.046548][   T39]  ? watchdog+0x1c9/0x1030
[  356.046587][   T39]  kthread+0x388/0x470
[  356.046614][   T39]  ? __pfx_watchdog+0x10/0x10
[  356.046637][   T39]  ? __pfx_kthread+0x10/0x10
[  356.046664][   T39]  ret_from_fork+0x514/0xb70
[  356.046696][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[  356.046724][   T39]  ? __switch_to+0xc79/0x1410
[  356.046750][   T39]  ? __pfx_kthread+0x10/0x10
[  356.046778][   T39]  ret_from_fork_asm+0x1a/0x30
[  356.046825][   T39]  </TASK>
[  356.046834][   T39] Sending NMI from CPU 1 to CPUs 0:
[  356.046867][    C0] NMI backtrace for cpu 0
[  356.046884][    C0] CPU: 0 UID: 0 PID: 1558 Comm: kworker/u8:17 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  356.046906][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  356.046919][    C0] Workqueue: events_unbound nsim_dev_trap_report_work
[  356.046945][    C0] RIP: 0010:__lock_acquire+0x5/0x2d10
[  356.046972][    C0] Code: 00 00 00 b9 0a 00 00 00 5b e9 e7 55 00 00 5b e9 41 27 9d 09 cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 <41> 55 41 54 53 48 81 ec e8 00 00 00 65 48 8b 05 17 1a f9 10 48 89
[  356.047037][    C0] RSP: 0018:ffffc90006d47048 EFLAGS: 00000046
[  356.047062][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  356.047075][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8880b863b8a0
[  356.047087][    C0] RBP: ffffffff8194f3bf R08: 0000000000000001 R09: 0000000000000001
[  356.047099][    C0] R10: dffffc0000000000 R11: ffffed100629d7c1 R12: 0000000000000000
[  356.047112][    C0] R13: ffff8880b863b8a0 R14: 0000000000000001 R15: 0000000000000046
[  356.047124][    C0] FS:  0000000000000000(0000) GS:ffff888125c7e000(0000) knlGS:0000000000000000
[  356.047139][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  356.047153][    C0] CR2: 000000110c2b6324 CR3: 000000003426a000 CR4: 00000000003526f0
[  356.047169][    C0] Call Trace:
[  356.047176][    C0]  <TASK>
[  356.047184][    C0]  ? finish_task_switch+0x15f/0xbe0
[  356.047207][    C0]  lock_acquire+0x106/0x350
[  356.047226][    C0]  ? finish_task_switch+0x15f/0xbe0
[  356.047251][    C0]  ? __schedule+0x28a5/0x5500
[  356.047277][    C0]  finish_task_switch+0x174/0xbe0
[  356.047297][    C0]  ? finish_task_switch+0x15f/0xbe0
[  356.047322][    C0]  __schedule+0x1701/0x5500
[  356.047346][    C0]  ? rcu_is_watching+0x15/0xb0
[  356.047383][    C0]  ? __pfx___schedule+0x10/0x10
[  356.047408][    C0]  ? __lock_acquire+0x6b5/0x2d10
[  356.047433][    C0]  preempt_schedule_irq+0x4d/0xa0
[  356.047458][    C0]  irqentry_exit+0x14f/0x8b0
[  356.047484][    C0]  ? trace_irq_disable+0x3b/0x140
[  356.047506][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  356.047526][    C0] RIP: 0010:lock_acquire+0x221/0x350
[  356.047547][    C0] Code: ff ff ff e8 c1 61 99 09 f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 fb 1b f9 10 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d d8 fe 10
[  356.047563][    C0] RSP: 0018:ffffc90006d474d8 EFLAGS: 00000286
[  356.047578][    C0] RAX: 55770fe304d5a000 RBX: 0000000000000000 RCX: 0000000000000046
[  356.047591][    C0] RDX: 00000000ba7d34dc RSI: ffffffff8d9d04f2 RDI: ffffffff8bac2180
[  356.047604][    C0] RBP: ffffffff81771406 R08: ffffffff81771406 R09: ffffffff8e1cac60
[  356.047618][    C0] R10: ffffc90006d47638 R11: ffffffff81b07a50 R12: 0000000000000002
[  356.047631][    C0] R13: ffffffff8e1cac60 R14: 0000000000000000 R15: 0000000000000246
[  356.047645][    C0]  ? unwind_next_frame+0xa6/0x2550
[  356.047669][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  356.047688][    C0]  ? unwind_next_frame+0xa6/0x2550
[  356.047716][    C0]  ? kasan_save_track+0x3e/0x80
[  356.047744][    C0]  ? unwind_next_frame+0xa6/0x2550
[  356.047766][    C0]  unwind_next_frame+0xc3/0x2550
[  356.047790][    C0]  ? unwind_next_frame+0xa6/0x2550
[  356.047816][    C0]  ? unwind_next_frame+0xa6/0x2550
[  356.047840][    C0]  ? stack_trace_save+0xa9/0x100
[  356.047857][    C0]  ? kasan_save_track+0x3e/0x80
[  356.047878][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  356.047897][    C0]  arch_stack_walk+0x11b/0x150
[  356.047924][    C0]  ? kasan_save_track+0x3e/0x80
[  356.047945][    C0]  stack_trace_save+0xa9/0x100
[  356.047963][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  356.047981][    C0]  ? __lock_acquire+0x6b5/0x2d10
[  356.048002][    C0]  ? stack_depot_save_flags+0x33/0x810
[  356.048029][    C0]  ? ktime_get+0x1f5/0x220
[  356.048048][    C0]  ? __alloc_skb+0x1d0/0x7d0
[  356.048078][    C0]  kasan_save_track+0x3e/0x80
[  356.048097][    C0]  ? kasan_save_track+0x3e/0x80
[  356.048140][    C0]  __kasan_kmalloc+0x93/0xb0
[  356.048161][    C0]  __kmalloc_node_track_caller_noprof+0x372/0x7e0
[  356.048186][    C0]  ? nsim_dev_trap_report_work+0x29f/0xbd0
[  356.048211][    C0]  __alloc_skb+0x2c1/0x7d0
[  356.048235][    C0]  ? rt_spin_unlock+0x160/0x200
[  356.048257][    C0]  nsim_dev_trap_report_work+0x29f/0xbd0
[  356.048289][    C0]  ? process_one_work+0x8be/0x1630
[  356.048314][    C0]  process_one_work+0x98b/0x1630
[  356.048348][    C0]  ? __pfx_process_one_work+0x10/0x10
[  356.048372][    C0]  ? do_raw_spin_lock+0x12b/0x2f0
[  356.048396][    C0]  worker_thread+0xb49/0x1140
[  356.048426][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  356.048460][    C0]  kthread+0x388/0x470
[  356.048478][    C0]  ? __pfx_worker_thread+0x10/0x10
[  356.048504][    C0]  ? __pfx_kthread+0x10/0x10
[  356.048523][    C0]  ret_from_fork+0x514/0xb70
[  356.048545][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  356.048567][    C0]  ? __switch_to+0xc79/0x1410
[  356.048585][    C0]  ? __pfx_kthread+0x10/0x10
[  356.048605][    C0]  ret_from_fork_asm+0x1a/0x30
[  356.048635][    C0]  </TASK>
[  356.050266][   T39] Kernel panic - not syncing: hung_task: blocked tasks
[  356.050302][   T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  356.050370][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  356.050406][   T39] Call Trace:
[  356.050430][   T39]  <TASK>
[  356.050459][   T39]  vpanic+0x56c/0xa60
[  356.050567][   T39]  ? __pfx___schedule+0x10/0x10
[  356.050657][   T39]  ? __pfx_vpanic+0x10/0x10
[  356.050785][   T39]  panic+0xc5/0xd0
[  356.050838][   T39]  ? __pfx_panic+0x10/0x10
[  356.050927][   T39]  ? preempt_schedule_thunk+0x16/0x40
[  356.051039][   T39]  ? nmi_trigger_cpumask_backtrace+0x319/0x380
[  356.051106][   T39]  watchdog+0x102c/0x1030
[  356.051166][   T39]  ? watchdog+0x1c9/0x1030
[  356.051198][   T39]  kthread+0x388/0x470
[  356.051225][   T39]  ? __pfx_watchdog+0x10/0x10
[  356.051247][   T39]  ? __pfx_kthread+0x10/0x10
[  356.051275][   T39]  ret_from_fork+0x514/0xb70
[  356.051307][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[  356.051334][   T39]  ? __switch_to+0xc79/0x1410
[  356.051396][   T39]  ? __pfx_kthread+0x10/0x10
[  356.051470][   T39]  ret_from_fork_asm+0x1a/0x30
[  356.051596][   T39]  </TASK>
[  356.052219][   T39] Kernel Offset: disabled