last executing test programs:

8.976447261s ago: executing program 4 (id=4250):
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x8b, 0x8c41)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)

8.692914862s ago: executing program 4 (id=4254):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
openat$kvm(0xffffffffffffff9c, &(0x7f00000010c0), 0x0, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x1, 0xffffffff, @loopback={0xffffffffffff0000}, 0x92}, 0x1c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x40002c)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r2 = syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000005bcca2023380100eb030102030109021b000100000000090400000198dc4a00090585", @ANYRESDEC], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={<r3=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000640)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@rights={{0x10, 0x1, 0x1, [r4]}}], 0x10, 0x50}}], 0x1, 0x404c040)
setrlimit(0x7, &(0x7f0000000000))
sendmmsg$inet(r5, &(0x7f0000000600)=[{{0x0, 0x0, 0x0}}], 0x43, 0x4000)
preadv(r0, &(0x7f0000001200)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x9, 0x6a76)
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
shutdown(r7, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000aff000000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000031200048008000240000000120800014000000000140003006e65746465767369"], 0xac}}, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@bridge_delneigh={0x1c, 0x1e, 0x1, 0x0, 0x25dfdbfb, {0x1c, 0x0, 0x700, 0x0, 0x0, 0x88}}, 0x1c}}, 0x0)
ioctl$VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000140)={0x5, 0x6, 0x20, "0506ddff1600000000000037ff00050200000000000000000000000000020008", 0x3447504d})

7.696938832s ago: executing program 0 (id=4258):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f0000000340)={0x0, 0x80006, 0x1, 0x2, '\x00', '\x00', '\x00', 0x7, 0x1, 0x2000100, 0x0, "a900"})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r4, 0x400454c9, 0x1)
ioctl$TUNSETPERSIST(r4, 0x400454cb, 0x1)
ioctl$TUNSETPERSIST(r4, 0x400454cb, 0x0)
syz_open_dev$usbfs(&(0x7f00000001c0), 0xd37, 0x1554c0)
fstat(r1, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1b, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001780)=ANY=[@ANYBLOB="44000000100001040000000000000000000000005c7f6f0fca5b639529af54f466c5ab2d9d9f472722c3f74717af92fa67d41697a6aaaaba514cf8160dc05f7fccbc06aadddc9df6c7179570af771942aed67ecef36c41f6eb8c96444f339c394c98e7c886e8c28bd683865a3be0af12a1fbc4bba3296773c0d6bb9a6a2f2191aa24057e3db2b843d0cbf87680c6cfe4f1a63773f053e5d0963accf518d33b22c258f932a563add0356f16d17f792ce89464750e00b3200fa23aa4b1208c58b1e960581129940437dfb52be8fae1", @ANYRES32=r0, @ANYBLOB="00001700000000001c0037800b0001006970768a616e08000c0002800600010000000000050027"], 0x44}, 0x1, 0x0, 0x0, 0x4008010}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f0000000000), 0x4000000000001f2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000000)={<r6=>0xffffffffffffffff})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_buf(r7, 0x1, 0x6, &(0x7f0000000740)=""/4096, &(0x7f0000000040)=0x1000)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r6, 0x0, r8, 0x0, 0x40000000000080, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
fchdir(r4)
syz_usb_connect(0x3, 0x429, &(0x7f0000001740)={{0x12, 0x1, 0x250, 0xaa, 0xf8, 0xd2, 0x40, 0xbb4, 0xa44, 0xa45, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x417, 0x2, 0x56, 0x24, 0x0, 0x8}}]}}, &(0x7f0000001c00)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x300, 0x3, 0x5f, 0x4, 0x8, 0x5}, 0x1c, &(0x7f0000000480)={0x5, 0xf, 0x1c, 0x2, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x40, "83ef2434318aeab5934354fac20bd9fe"}]}, 0x6, [{0xff, &(0x7f0000000500)=@string={0xff, 0x3, "4545d4d54ac11f3ea8d440e509390f12738c7b6053d1c62d5d8a4b1672629c579a735a4bf4b8836c4ba7d29749433a5def6378c6ad83add7b1c85cba918eba9ecc703cbbb81af76bf82e39ed917456763bc482da29e785ce40bfc2a423bc5408376a016549f3c89ab5da2dfa0242c32c4baffdb6ef84dc3fcbeea6f3aacd0862b3a6ed9ba6e374f8422ea0f7c910f882eb2bf33e340374ea2227cc7d50b2c6c717f10010091b62b53cc5b928512ef72a0ac8c31cd8a579efc24f3775e55bba31f91ab35259418b66c13016ed26ae082779d89540f6f04661363eb80b9675680e4da5d878b8d8736924fcbc32962888d76099e2cf62a5c67259309b61db"}}, {0x45, &(0x7f0000000600)=@string={0x45, 0x3, "0c7b5ff78f2120bc62970934298d1f3ae829a31362b119934bd1ceaa78bd48fea0930ab80225b720919a79f1a439583ea9b3b22a8afe84a774977fa3183fbeb75cf2aa"}}, {0x0, 0x0}, {0x2, &(0x7f0000001b80)=@string={0x2}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x2401}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x81a}}]})
r9 = syz_usb_connect(0x0, 0x371, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000057ec0020c215dcff30bd0102030109025f03019b000000090400000b403b4e000905e2379c"], 0x0)
syz_usb_control_io$cdc_ncm(r9, 0x0, 0x0)
syz_usb_control_io$uac1(r9, 0x0, 0x0)

6.137600407s ago: executing program 2 (id=4261):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, 0x0, 0x90)

6.028505608s ago: executing program 1 (id=4262):
socket$nl_generic(0x10, 0x3, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)={0x34, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x10, 0x2, 0x0, 0x1, [@nested={0xc, 0x17, 0x0, 0x1, [@typed={0x4, 0xd, 0x0, 0x0, @binary}, @nested={0x4, 0x18}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4c881, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x400c404)
io_setup(0x1, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000002340)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006d61637365630000140002800500090000000000050008000000000008000500", @ANYRES32=r1], 0x4c}}, 0x0)

5.943982261s ago: executing program 2 (id=4263):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
pipe2(&(0x7f0000000580)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r2, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000001300)=@raw={'raw\x00', 0x3c1, 0x3, 0x3b8, 0x0, 0x9403, 0x0, 0x1e0, 0x2c0, 0x2f0, 0x3d8, 0x3d8, 0x2f0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x1bc, 0x1e0, 0x0, {}, [@common=@srh1={{0x8c}, {0x6, 0x8a, 0x1, 0xb, 0x3, @mcast2, @local, @local, [0x0, 0xffffffff, 0x0, 0xffffffff], [0xffffff00, 0xff000000, 0xffffff00, 0xff], [0xffffffff, 0xff000000, 0x0, 0x7550ccb710be24b3], 0x4000, 0x6}}, @common=@srh1={{0x8c}, {0x16, 0xb9, 0x50, 0x40, 0x3, @remote, @private2={0xfc, 0x2, '\x00', 0xfe}, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, [0xff, 0xffffff00, 0x0, 0xff000000], [0xffffff00, 0xff000000, 0xff000000], [0x0, 0xffffffff, 0x0, 0xff000000], 0x407, 0x1060}}]}, @common=@unspec=@CLASSIFY={0x24}}, {{@uncond, 0x0, 0xc8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x1}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x414)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x24, r4, 0x1, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x8}]}, 0x24}}, 0x8000)
r8 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x6}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x40010)
r9 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x202000)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001840)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x60}}, 0x0)
file_setattr(r9, 0x0, &(0x7f0000000000)={0x2000, 0xfffffffc, 0xed, 0x0, 0x400}, 0x18, 0x1000)
r11 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r11, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
pipe2(&(0x7f0000001180)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff}, 0x4000)
vmsplice(r13, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f00000001c0)={0x16, 0x98, 0xfa00, {&(0x7f0000000180), 0x3, 0xffffffffffffffff, 0x10, 0x0, @in6={0xa, 0x4e23, 0x9, @empty, 0x401}}}, 0xa0)
fcntl$setpipe(r13, 0x407, 0x5)
ioctl$KVM_CREATE_GUEST_MEMFD(r12, 0xc040aed4, &(0x7f0000000080)={0x4, 0x100000000})
setsockopt$sock_attach_bpf(r11, 0x1, 0x32, &(0x7f0000000000)=r13, 0x4)
ioctl$DMA_BUF_IOCTL_SYNC(r13, 0x40086200, &(0x7f0000000000)=0x2)

5.928193601s ago: executing program 0 (id=4264):
add_key$user(0x0, 0x0, &(0x7f0000000180)="d3a24845fed3b644db111f6660fcd399052be391b829c18141634298ceeb56ee051e22d30dbb5f2c5ab2078c2c8cf5b9a0385ac162b836c795", 0x39, 0xffffffffffffffff)
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000200)={0x5422, 0x0, 0x1ff, 0x5})
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000106a053103000000000001090224000100008000090400101c0300010009210000000122f80409058103"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
r2 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000140)=@secondary)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000000580)={0x24, &(0x7f00000007c0)=ANY=[@ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r1, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
r3 = syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x596, 0x502, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x90, 0x0, "", [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0xfe, 0x2, 0x1, {0x22, 0x29}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x0, 0xf, 0xfd}}, [{{0x9, 0x5, 0x2, 0x3, 0x40, 0x6, 0x46, 0x2}}]}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f00000002c0)={0x2c, &(0x7f00000000c0)={0x20, 0xb, 0x29, {0x29, 0x0, "0444033f9860448f54f7e44f9c58a81360c63831deb3888fd0507640394d71a0ca2d70e2e018d2"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
futex_waitv(&(0x7f0000001c40)=[{0x1, &(0x7f0000000000), 0x82}, {0x1, &(0x7f0000000380)=0x200, 0x2}, {0xe, &(0x7f0000000400), 0x82}, {0x0, &(0x7f0000000480)=0x8, 0x82}, {0x87, &(0x7f0000000800)=0x7, 0x82}, {0x200, &(0x7f0000000840)=0x7fffffff, 0x2}, {0x7, &(0x7f0000000880)=0x2, 0x82}, {0xf8ad, &(0x7f00000008c0)=0x1, 0x82}, {0x8000000000000001, &(0x7f0000000900)=0x5, 0x80}, {0xe, &(0x7f0000000940)=0x8, 0x82}, {0x9, &(0x7f0000000980)=0x80000000, 0x82}, {0x8, &(0x7f00000009c0)=0xf, 0x82}, {0x4, &(0x7f0000000a00), 0x82}, {0x1, &(0x7f0000000a40)=0x9, 0x2}, {0x7, &(0x7f0000000a80)=0xfffffffffffffffc, 0x82}, {0x4, &(0x7f0000000ac0)=0xc24, 0x82}, {0x0, &(0x7f0000000b00)=0x6, 0x2}, {0x4d6, &(0x7f0000000b40)=0x2, 0x2}, {0x6, &(0x7f0000000b80)=0x7}, {0x2, &(0x7f0000000bc0)=0x919, 0x82}, {0x5, &(0x7f0000000c00)=0xdca5, 0x82}, {0xfffffffffffffffe, &(0x7f0000000c40), 0x82}, {0x101, &(0x7f0000000c80)=0x5, 0x2}, {0x9, &(0x7f0000000cc0)=0x9, 0x2}, {0x247, &(0x7f0000000d00)=0x1, 0x2}, {0x2, &(0x7f0000000d40)=0x3, 0x82}, {0x9, &(0x7f0000000d80)=0xc5, 0x2}, {0x8000000000000001, &(0x7f0000000dc0)=0xfffffffffffffffb, 0x2}, {0x3, &(0x7f0000000e00)=0xffffffffffffffff, 0x82}, {0x8fc, &(0x7f0000000e40)=0x3, 0x2}, {0x4, &(0x7f0000000e80)=0x7, 0x2}, {0x2, &(0x7f0000000ec0)=0x1485, 0x82}, {0x1, &(0x7f0000000f00)=0xda, 0x82}, {0x199ee00, &(0x7f0000000f40)=0x5, 0x2}, {0x6, &(0x7f0000000f80)=0xf, 0x82}, {0x5, &(0x7f0000000fc0)=0x3, 0x82}, {0x139, &(0x7f0000001000)=0xd, 0x2}, {0x10000, &(0x7f0000001040)=0xd, 0x2}, {0x9, &(0x7f0000001080)=0x5, 0x3}, {0x2, &(0x7f00000010c0)=0xffffffff00000000, 0x2}, {0x5c, &(0x7f0000001100)=0x3d82aea, 0x2}, {0x3, &(0x7f0000001140)=0xe8f, 0x82}, {0xfff, &(0x7f0000001180)=0x3, 0x2}, {0x2, &(0x7f00000011c0)=0x8, 0x82}, {0x1, &(0x7f0000001200)=0x217d, 0x82}, {0x1, &(0x7f0000001240)=0x7, 0x82}, {0xc3, &(0x7f0000001280)=0x80000001, 0x82}, {0x5, &(0x7f00000012c0), 0x82}, {0x9, &(0x7f0000001300)=0xcf, 0x2}, {0x4, &(0x7f0000001340)=0x1, 0x2}, {0x4, &(0x7f0000001380)=0x8, 0x82}, {0x5, &(0x7f00000013c0)=0x2, 0x2}, {0xcdc, &(0x7f0000001400)=0x5, 0x82}, {0x86d, &(0x7f0000001440), 0x82}, {0x5b2, &(0x7f0000001480)=0x8, 0x2}, {0x3, &(0x7f00000014c0)=0x401, 0x82}, {0x4d, &(0x7f0000001500)=0xd8, 0x82}, {0x9, &(0x7f0000001540), 0x82}, {0xffa, &(0x7f0000001580), 0x2}, {0x10000, &(0x7f00000015c0)=0x8, 0x2}, {0x329, &(0x7f0000001600)=0xe183, 0x82}, {0x1, &(0x7f0000001640)=0x10001, 0x82}, {0x0, &(0x7f0000001680)=0xfffffffffffffffe, 0x82}, {0x8, &(0x7f00000016c0)=0x3, 0x2}, {0x35, &(0x7f0000001700)=0x5, 0x2}, {0x1, &(0x7f0000001740)=0xa0f8, 0x2}, {0x2, &(0x7f0000001780)=0x1, 0x2}, {0x7, &(0x7f00000017c0)=0x7fff, 0x2}, {0x1, &(0x7f0000001800)=0x5, 0x2}, {0xe000000, &(0x7f0000001840)=0x9, 0x2}, {0xd, &(0x7f0000001880)=0x5, 0x82}, {0x1a, &(0x7f00000018c0)=0xe015, 0x82}, {0x2, &(0x7f0000001900)=0x1, 0x2}, {0x7, &(0x7f0000001940)=0x1a770585, 0x82}, {0x3, &(0x7f0000001980)=0x3}, {0x2748, &(0x7f00000019c0)=0xf4a7ec1, 0x82}, {0x10000, &(0x7f0000001a00), 0x2}, {0x6, &(0x7f0000001a40)=0xe1, 0x82}, {0x9, &(0x7f0000001a80)=0x6, 0x2}, {0x69, &(0x7f0000001ac0)=0x2, 0x82}, {0x1, &(0x7f0000001b00)=0x7, 0x82}, {0x1, &(0x7f0000001b40)=0xfffffffffffff043, 0x82}, {0x3, &(0x7f0000001b80)=0x8, 0x2}, {0x6, &(0x7f0000001bc0)=0x6, 0x82}, {0x3d1, &(0x7f0000001c00)=0xffffffffffffff81, 0x82}], 0x55, 0x0, 0x0, 0x1)
syz_usb_control_io$hid(r3, &(0x7f00000001c0)={0x14, &(0x7f00000005c0)={0x40, 0xb, 0xbe, {0xbe, 0x31, "d93fe24c8a08d3b4ccf04cf8a8f75f3c2bc18bfdc0f5ee5aa09f846f7b7abf3616c8d1771e85000847ec4d806ef424697410f105206b247ca9eb0b4aac8d7907eb56bdc9a3f2304cd4284ecfef78189a11220000e006febec63581f726af52cfa35c6fe2c67c48fd7f2489d2a5bff2133eef34cddfc1b527ec420f42a99de2d9271216c2280b787c38b2dd50917b72d5345e838785969290baab9544e930ad221ea86fac7cbad66aa7c990464db0b7763f047eb04b486115367cb362"}}, &(0x7f00000006c0)={0x0, 0x3, 0xc3, @string={0xc3, 0x3, "385022dffef1e31fe10aaf25eef968cc5aaecfc066d1ebcb080c94e060e97a790baca489b6faf31b33e774019068e3167f377371a112b03193d2121322ed6e18ba221a189fc12b853ea5b7db989364dd8e0b2392f82218940ec253ebb748ac5ac796958bd3cd56192bf667279c7b90ed6682b00ad97620a4796c4d2ef160f575c630beae5da128a3777cecd62158c17c564b069a4203b0068670ceaaa6752081b53876b984539c7a7f05fc6323905dcd834d4a4003aaf216f3753cbe96d3c1ad7b"}}, &(0x7f0000000080)={0x0, 0x22, 0xc, {[@main=@item_4={0x3, 0x0, 0xb, "b05dc1eb"}, @main=@item_4={0x3, 0x0, 0x9, "e9f8185d"}, @local=@item_012={0x1, 0x2, 0x1, "d9"}]}}, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x6, 0x28, 0x1, {0x22, 0xd28}}}}, &(0x7f00000004c0)={0x18, &(0x7f0000000500)={0x20, 0xf, 0x20, "feced1a6e562098f404e0d1ddeada7c1a147c1c96371a7511c035e8a3ee55b86"}, &(0x7f00000003c0)={0x0, 0xa, 0x1, 0x13}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000440)={0x20, 0x1, 0x24, "cf978c487d0d29afaf35eca69e14e3b8a67967f8f9a03a59c937c059e234ad4ff7949649"}, &(0x7f0000000240)={0x20, 0x3, 0x1, 0x7}})

5.783649698s ago: executing program 1 (id=4265):
syz_usb_connect(0x3, 0x98, &(0x7f0000000180)=ANY=[@ANYBLOB="12011001186360088d0e3f76239b010203010902860003a2000000090454020317987b5b0a24010a00060201020c2408050600070d0a329ce2090586100004f40804072501832f08000905000040008103ff0905091b08000c078009040201042e2b1503090509000000030004090502020002f7810609050303ff030840040705a6c6415a9f0905850340000b020b0904034b00a7d801073594931eb6b6472dbaeceec563b4fc2f0e9fa476f9392ee4e3e1f63c34b1ce7ba6505105013de723c0d65c001deb52c14a7d32ae081c88905f3767a4eafbf626973180783142cc39834d2ebc"], 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000600)=@mangle={'mangle\x00', 0x44, 0x6, 0x580, 0x12c, 0x98, 0x12c, 0x3d0, 0x3d0, 0x4ec, 0x4ec, 0x4ec, 0x4ec, 0x4ec, 0x6, 0x0, {[{{@ip={@remote, @broadcast, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00', {0xff}, {}, 0x0, 0x0, 0x18}, 0x0, 0x70, 0x98, 0x0, {0x0, 0x2000000}}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x5, 0xd, 0x1}}}, {{@ip={@multicast2, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11}, 0x0, 0x70, 0x94}, @unspec=@CHECKSUM={0x24}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'nicvf0\x00', 'nr0\x00', {0xff}, {}, 0x6, 0x0, 0x2}, 0x0, 0xa8, 0xcc, 0x0, {}, [@common=@unspec=@time={{0x38}, {0xfffff38f, 0x8000, 0x8d84, 0xcafc, 0xffffff8e, 0x70, 0x1}}]}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0xb0, 0x1d8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x2, 0x2, 0x2, 0x4, 0x4, 0x1]}}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:dbusd_etc_t:s0\x00'}}}, {{@uncond, 0x0, 0xe0, 0x11c, 0x0, {}, [@common=@socket0={{0x20}}, @common=@osf={{0x50}, {'syz1\x00', 0x0, 0x0, 0x1, 0x1}}]}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x3, 0x8, @ipv6=@local, 0x5e20}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x5dc)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0100000000000080", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
sendmsg$qrtr(r3, &(0x7f0000002180)={0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f00000004c0)="1a0487cfa60ba42dc27e927e4cf385e1e386f5112c6a6ff242f24761165513cca06f78574f874bc12f8cae180a1b8f6aa4d110a396a444941cbe5b81eeaacd56262e29bb8414f15ba468b1d330109032644e77feb22b8308889da7ade1763eeac3bc0701393f08ebcb79b2768b280ca31ca50dd425d05d7c6c0a3c37eb4548f6a0467bbc2bfed7e41d0cdb28986a355abdcfa6ae581efc79a4b769ca724ac2bd56d29767676057cf803cbe8c84d6ffd38dbe7be376cb2a5332ae7b18d0ff0b128f8dfb9547e6985c58c0755a59c357424d2df40f2ba1186b37f5ebb0c17f1657", 0xe0}, {&(0x7f00000000c0)="2e3a91a24d73d372024b93da9bd3e6f88dce268494d0a615c7703c35ffa7e4", 0x1f}, {&(0x7f0000000300)="2f0a3724757487902f6093eb4bc4dda8956450021378d9e6bda044d1a78cc3035291799f433212e2946b2c5915f05fe62ca6069ba4e19ba4eb327c49828b56a9a6", 0x41}, {&(0x7f00000003c0)="eb5dbd811b61cc87acc427181374d686d7a5c1ee150154790042d41c70acea27ca930580a75b8ff6e3fd4f50cb52d752ff83d03f8339136e08058cac5a093f5eaea77a4f0ac37020d06db86114c6b6239d80bbd1afb519b46571066c1f3cceda86e63dfd2286064e020d94c5bba4335d3d97451689630c5833191f7c3f93b5e2625f46c3474d02c5fc666b0a0144d36f", 0x90}, {&(0x7f0000000c00)="25f6106818676975862f6a10a6b41a0f81ec24ebfacbb649446a2ca733b3c2fd7f7dd9931e21c9bf6a6e8c195e828655f7c56cc3f51f74cfe89e31cf06197dfd7e551a797680f16401106cac3f0095e85b1ca854a94823df43f99c0a15f8665d9e8abfd8a4f3684c6203de52d46f89fc7cd10f7b6b33bc4137551855f1b573f7e4da6f116f3e8c62eedc6e2caa5b9374fbfe6e3b4cd79c8d816301178eebcfeedee57fac9b31f0ee26fdb92f9524", 0xae}, {&(0x7f0000000cc0)="9f498cf1cc526f6b1ed470b0cb62e119672c642431f028c56c8134c8b33c0d4ac2550447d4cda770ac10b4236d232d7fb165073ef0dabbffbf1e994b8b0c3eed4840b99269e2e562df4b20d2d7d32b205b7d8ea4cac2ec748ac1f02d99277b04f78e77d079bf39f5c2edf7957cb4ed9c40680762c5f6097bf2e5457733bed58c0d786eda05ba26182ae3e67321d9c8a224ba7bef9738e007de89e2908630d468707549b407233fd8d5826ff8d3da30bb41153622cfcdb8afea0e637a512e660483a0c41ad3fd9f71d87765e203d01de8c896ec2300980d444acdf13baf55b8c98b673315c2cf0601320f", 0xea}, {&(0x7f00000021c0)="c6c0cd10eece21787da22826459cbc791e4b386171d55642113892115b77b1b086e9e9966371a5054128f642c4955ec6ccb65b19aa008094dedb4f8f0087", 0x3e}, {&(0x7f00000005c0)="cb032dc0a5541226a4f97030e0f3a7", 0xf}], 0x8, &(0x7f0000000e00)=[{0x84, 0x110, 0xfff, "564f7d5ebeb5f81aa6309908006006f2818decdf85cd83fbc30791c7fa71feed501f2dca0705223d8b1ef296325a320d1fdfc045cf598784a159abecde522c08bf80c09a8973e479db498d95106451844484669f8270664162670a382d98d8474e3455cb79d88db01d7caa6e42e6282312e25c1cdf"}, {0x8c, 0x116, 0x4, "5b00bceb754ea2722f8ce60d55a4ed24c8bf60b97b291b6f6b804716b4bdeb8d859d4f92e98d8ca6af733fcbc4dd7af357dda30e8b6f3e45ef2bdaddf29b0a4736df718057c882634e54f3bc53fbd60b95dad719c816b3f2d329c7c5d2886ee68e18daa42afe7f7db0666e2d4898c23f0228bd821817acb50870383a5bd5"}, {0x90, 0x102, 0x2, "5f5ed8eb313c685cdb6a12edbb5c080f498848d517c53d1af9c07afc748f03472b539ddf2376c260509af298a47c403d21df10ce2aed8d46fdf9fd4279371d7cf304c9657ae245868b6a4d90bcd681e4cffd1216e1666a8350f2037d965b980a69d3ba2ac83ceb8371df35dcb892e378006de73772441e77a00d140b0cd513b332"}, {0x78, 0x10a, 0x4, "09240c056c1330f8f26c4f865cdd282f846c32f4f6d16b4bb731555cb202fc9b79b750bfb50a608d388a3c96d48770ff7af192fe12148d6b824683854028ea76e0fab621dab4a6c1dd496f2920c575bc756d592450e64831b176a56371d824ddb43b00e9c79b1ca98963d2cd"}, {0xd8, 0x1, 0xf, "6eb4066684ffafac46df78d6413d546d24d3831b6d163f142c8229fa970413cfbd640997dd14c3dcbfbeb96c39dac7f926dc2b62cdeada111ae192643f540bab3269f232c3d552b83165a2549bb0f1101c74970d79360591efcb9407b5497e9daa706232985f0649ccfa732b657fb6a1bab36460b2c3b1a50a33f0d0becc9d5bd1654885fb891fb72269aee785bf73f18e37012822890173751fe9cdb4492a3bd378534014a9ae711d9dfafaf26f9d235706153cffcf06a522bbe45bf97330daf43dda48561126cd820b"}], 0x2f0, 0x804}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)=@ipv6_newroute={0x20, 0x18, 0x111, 0x1, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_METRICS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x5c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x12982}, [@IFLA_IFNAME={0x14, 0x3, 'ip6tnl0\x00'}, @IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}]}}}]}, 0x5c}}, 0x0)
r5 = creat(&(0x7f00000001c0)='./file0\x00', 0x8)
write$FUSE_INTERRUPT(r5, &(0x7f0000000240)={0x10}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000004, 0x3b071, 0xffffffffffffffff, 0x0)
r6 = socket$inet6(0xa, 0x1, 0x84)
setsockopt$inet6_int(r6, 0x29, 0x1a, &(0x7f0000000080)=0x5, 0x4)
sendto$inet6(r6, 0x0, 0x0, 0x20040012, &(0x7f00000000c0)={0xa, 0x4e22, 0x27b6a97, @local, 0x9}, 0x1c)
getsockopt$bt_hci(r6, 0x84, 0x6d, &(0x7f00000006c0)=""/4097, &(0x7f0000000040)=0x1001)
ioctl$VIDIOC_S_FMT(r5, 0xc0cc5605, &(0x7f0000002200)={0xe, @sdr={0x20493859, 0x9}})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES32], 0x20)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x20004000)

5.403237038s ago: executing program 2 (id=4266):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$DVB_DEMUX_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000040)={0x8, 0x0, <r1=>r0})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@cgroup, 0x12, 0x0, 0x3, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0}, 0x40)
r3 = openat$cgroup_root(0xffffff9c, &(0x7f0000000300)='./cgroup.net/syz0\x00', 0x200002, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000000080)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd8456a18f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x102b}}, 0x2000)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@cgroup=r3, 0xffffffffffffffff, 0xb, 0x2000, r1, @value=r5, @void, @void, @void, r2}, 0x20)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
bind$netlink(r7, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r7, &(0x7f0000000600)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200e3}, [@IFLA_MASTER={0x8, 0xa, r8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

5.274236318s ago: executing program 4 (id=4267):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xe0000000, 0x5, 0xb7, 0x2, 0x1, 0x1, 0x4, 0x3, 0x1}}}}]}, 0x58}}, 0x4000)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newtfilter={0xa4, 0x2c, 0xd2b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xb, 0x3}, {}, {0x1, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x70, 0x2, [@TCA_U32_SEL={0x14, 0x5, {0x7, 0x6, 0x0, 0x9, 0x401, 0x1000, 0x8a0, 0xd5}}, @TCA_U32_ACT={0x58, 0x7, [@m_skbmod={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0xffffffffffffff89, 0x2, {{0x4cc0, 0x3, 0x4, 0x7, 0x400000}, 0x8c}}]}, {0x4, 0x6, "841bf0ea0acd7e11177e17b434fb240ceb7c2db2482281f0569f951d476cb6bfafeb307ac7e08320eee5a995688d654a130b4d29aec1c57767bbb8898f2134add1b4c0bc3bc66e29b61fabcc8d8cdc60351b9c5181f9d5bc82503d83573ba958e58a3b48558557901f59925e282631583a80c821fc9471141a83acca5b012b87601890bd066dbe2cf94a7b00b5"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0x2}}]}, 0x24}, 0x1, 0x0, 0x0, 0x81}, 0x800)

5.111411329s ago: executing program 2 (id=4268):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x226e03, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
close(r0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1e9000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x1000000)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x226e03, 0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
close(r0) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1e9000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x1000000) (async)

4.868601891s ago: executing program 2 (id=4269):
socket(0x200000000000011, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
futex(0x0, 0xa, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
symlink(&(0x7f00000000c0)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x8)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x800, &(0x7f00000003c0)=ANY=[])
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
getsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000100), 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f0000002100)={0x2020, 0x0, 0x0, 0x0, <r3=>0x0, <r4=>0x0}, 0xfffffffffffffd97)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="eb76517e354265416b9debfbedbda2edadcf674c7aa8197c4a5dc6b5106c36a72545d72ae35bc2615545ba872bf671fc022485c61c2f034de320fc26e33613f3ffb314ac3c82c79c06dcb9a21cd3c3724e0c3c795dd2efb0ec884b32bd4402e745095e953f4e1a7d1e5963ba95c5c008ce80848b7900c09e872625ff1269ff05cc4d2c9fe475a3e15f26b65d5e45886851ef443445cb4db21b5e4062dc7ddd47118ada6b9ba6e40d", @ANYRES32=r3, @ANYBLOB="a19602f83c0b514d69b9cb541e94efd0283ceb827bcad5ec369905f272f827d2", @ANYRES64=r4], 0x40}, 0x1, 0x0, 0x0, 0x14}, 0x20000801)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = socket$inet(0x2, 0x3, 0x1)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000080)={'gretap0\x00', 0x0})
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/hci\x00')
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r8, 0x8918, &(0x7f0000000040)={'ipvlan0\x00', {0x2, 0x4f22, @rand_addr=0x64010100}})

4.867781534s ago: executing program 4 (id=4270):
r0 = shmget$private(0x0, 0x800000, 0x54003f00, &(0x7f0000800000/0x800000)=nil)
shmat(r0, &(0x7f0000000000/0x4000)=nil, 0xbbdccba4532b703b)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'wlan0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000d80)=@newqdisc={0x3c, 0x24, 0x1, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xd, 0xffff}, {0x17, 0xf}}, [@qdisc_kind_options=@q_gred={{0x9}, {0xc, 0x2, [@TCA_GRED_LIMIT={0x8, 0x5, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22040041}, 0x8800)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r4 = socket(0xa, 0x3, 0xf762)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000001d040000000000007f000000000000005504000017ffff162500000017ffff17ce040000000000007b0a00fe000000002d04000000000000d6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236ed200073826593c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f6260a483632a2ab447f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe91c921ac1476027772c87d172ab29967e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f522df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb520400000000000000c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399fa5ee0b41e14a6fe6894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014fa841061e63d40f4e536314beda5738fee012365f963b2a85e7d8075c333475b9f0284405e30700000041285fbe0bdd37220e31d4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe8c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed90000800847683c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68ad9fa2b2528798df1c36fc438d9c98f168490b41e158bb2e2d8ed19d44b9cce67c79f9f7bfae7ebe09e441745c592ce69c522b5136be09ed1b97ea3d5b317508df23e92c56fc2eb74d27d3861d91745b8fb9f6cc20e9f8b174000c62c4a2b212332a073fc5d0be7347e41454cb27e081c43e92ae7f9f046600db85d945a4666b588629ce0809d5c8506308688db21ec04d365497bf902126ca2ec1589f1423ae3a655121"], &(0x7f00000001c0)='GPL\x00'}, 0x48)
r6 = fsopen(&(0x7f0000000580)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000040)='source', &(0x7f0000000080)='//', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r8 = gettid()
sigaltstack(&(0x7f0000000480)={&(0x7f0000002340)=""/4126, 0x80000001, 0x101e}, 0x0)
openat$sequencer2(0xffffff9c, &(0x7f0000000e40), 0x20800, 0x0)
rt_sigqueueinfo(r8, 0x21, &(0x7f0000000100)={0x1f})
r9 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r9, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff81054e220000000058000b480400945f64009400050038925a01000000000000008000f0fffeffe809000000fff5dd000000100001000b080800418e224e0004fcff", 0x58}], 0x1)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000240)='./file0/../file0\x00', 0x6)
accept4(r4, &(0x7f0000000e80)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @broadcast}}}}, &(0x7f0000000000)=0x80, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001980)={0x1, 0x3, &(0x7f00000013c0)=ANY=[@ANYBLOB="180000000000000000000017af0000009500000000000000"], &(0x7f0000001400)='syzkaller\x00'}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={r10, 0x108, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffcd, 0xffffffffffffff2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000e00)={@fallback=r4, 0x0, 0x1, 0x7fffffff, &(0x7f0000000040)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f0000000dc0)=[0x0, 0x0], &(0x7f0000000d80), &(0x7f0000000d00)=[0x0, 0x0], <r11=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000f40)=ANY=[@ANYRES32, @ANYRES32=r5, @ANYBLOB="1c00000002000000", @ANYRES32=r10, @ANYBLOB="3f1a49f48ed7bd5dffd5125d39c4f2230be204dad16170d8910f9ce1c1c658840fafafcc0ff75e41e3dc9db1ba9c4d41f38f9b26c60c96c9925baa8c6d8aa327ecbf8babbe97133599b64ed93082c3b3f1825104b89bbc75de4ca79bcb661edadbd6f7546d5ef9cabdddcf029ea3d1c6522e462cf2dd133abb82e6f879", @ANYRES32=r5, @ANYBLOB, @ANYRES64=r11], 0x20)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c0000006d00010027bd70c902dbdf25ac2a2f5a273500000000", @ANYRES32=0x0, @ANYBLOB="0a0000000828020018003480140035006d616376746170300000000000000000140035006d616376746170300000000000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x24000045}, 0x40000)

4.189872849s ago: executing program 4 (id=4272):
socket(0x9, 0x800, 0x80000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f00000003c0)='./bus\x00', 0x0)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x18d03e, 0x0)
r3 = open(&(0x7f00000004c0)='./bus\x00', 0xc2802, 0x181)
ftruncate(r3, 0x2008002)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x402c5829, 0x0)
r4 = gettid()
process_vm_writev(r4, &(0x7f0000c22000)=[{&(0x7f000034afa4)=""/1, 0x1f80}], 0x2b, &(0x7f0000c22fa0)=[{&(0x7f0000000080)=""/1, 0x2034afa5}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

3.561201379s ago: executing program 0 (id=4274):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000082}, 0x90)

3.558432313s ago: executing program 1 (id=4275):
r0 = socket(0x2b, 0x1, 0xfffffffe)
setsockopt$inet_mreqn(r0, 0x0, 0x3, 0x0, 0x0)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000000)='.\x00', 0x400017e)
setxattr$trusted_overlay_upper(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180), &(0x7f0000000340)={0x0, 0xfb, 0x84, 0x1, 0x80, "86020a1b551c5e5fd9d3e10b6e81465e", "c43f8f5ac554bf919a61811e849630559a7bc4c1544d3409554b1e21264a373693618b693277684d0ef8da4f1c569f45036ca59a4aafaaa3cb5b3c0db632c8898b23271ec2e7522787582a5424859a217661ba188382d766ce952cfae00d2fb6643e35592d8e0d41d147b084db8402"}, 0x84, 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
symlink(&(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', &(0x7f00000002c0)='.\x02\x00')
unshare(0x22020600)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141b82, 0x0)
write$cgroup_int(r3, &(0x7f0000000000)=0x700, 0x12)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r4=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r4, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x59616d61, 0x1, 0x6, 0x8, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x4000cd5)
unlink(&(0x7f0000000000)='./file0\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=@newlink={0x5c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50a7a, 0x823}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @loopback={0x0, 0x3f}}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast2}}]}}}]}, 0x5c}}, 0x24000000)
close_range(r2, 0xffffffffffffffff, 0x0)

3.427140319s ago: executing program 0 (id=4276):
ioctl$TIOCL_SELLOADLUT(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x5, 0x1, 0x6bd, 0x2, 0x3})
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x10000, {{@in=@multicast2, @in=@empty, 0x0, 0x10, 0x0, 0x0, 0xa, 0x20, 0x0, 0x62}, {0x8, 0x10, 0x100000002, 0x0, 0xfff, 0xffffffffffffb473, 0xffffffffffffffff}, {0x1000000000, 0x2000000000000003, 0x2, 0xffffffffffffffff}, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0xb8}}, 0x4004)
sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@updpolicy={0xb4, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x4}, {0x0, 0x0, 0x200000000000000, 0x3}, 0x0, 0x6e6bc0}}, 0xb4}}, 0x2c000010)
sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x800, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x800, 0x1000, 0x0, 0xa, 0x20}, {}, {0x1, 0x6, 0x0, 0xfffffffffffffffe}, 0x0, 0x6e6bbc}}, 0xb8}, 0x1, 0x0, 0x0, 0x404c830}, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x109042, 0x0)
r2 = openat$vimc2(0xffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r2, 0xc040564a, &(0x7f0000000340)={0x7, 0x0, 0x2021, 0x1000, 0x7fff, 0x80a0e936, 0x5b1, 0x1})
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x0, &(0x7f0000007000/0x1000)=nil)
write$P9_RSTATu(r1, &(0x7f0000000080)={0x233, 0x7d, 0x2, {{0x500, 0xf2, 0x0, 0x4, {0x0, 0x1, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0xf, '\xcf\xc2m\xd7\xc5\xb4\x99\xbf\xb4+\x93\x80~\x8bZ', 0x5d, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\xa6\x1dR\xc3l\xde{\a\xdb\xda\xb2\x88K\xaf\x05\x00~\x04\xe6\x9d\xb0\xc3\xca\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x9e\x95?\xa5\xe0R\x15t\x80\xe8\x00'/93}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4U\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0xee01}}, 0x233)

3.426333817s ago: executing program 3 (id=4277):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x109042, 0x0)
write$P9_RSTATu(r0, &(0x7f0000000080)={0x233, 0x7d, 0x2, {{0x500, 0xf2, 0x0, 0x4, {0x0, 0x1, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0xf, '\xcf\xc2m\xd7\xc5\xb4\x99\xbf\xb4+\x93\x80~\x8bZ', 0x5d, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\xa6\x1dR\xc3l\xde{\a\xdb\xda\xb2\x88K\xaf\x05\x00~\x04\xe6\x9d\xb0\xc3\xca\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x9e\x95?\xa5\xe0R\x15t\x80\xe8\x00'/93}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4U\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0xee01}}, 0x233) (fail_nth: 5)

2.890649764s ago: executing program 3 (id=4278):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001040)={0x2c, 0xd, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000) (fail_nth: 5)

2.367141568s ago: executing program 0 (id=4279):
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
unshare(0x2040400)
syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
r0 = socket$tipc(0x1e, 0x0, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000), &(0x7f0000000080)=0x4)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
r2 = socket$inet(0x2, 0x3, 0x2)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000180)=ANY=[@ANYBLOB="e0000002ac1414aa0100000002"], 0x18)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0x4}}}}}, 0x0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa00"], 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x10001}}}}}, 0x0)
r4 = eventfd2(0xff, 0x80801)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f00000000c0)={0x0, r4})

2.191971853s ago: executing program 3 (id=4280):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x2, 0x7fff8000}]})
close_range(r1, 0xffffffffffffffff, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0) (fail_nth: 2)

2.096102727s ago: executing program 1 (id=4281):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_emit_ethernet(0x3a, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff810037008902"], 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x1, 0x6000000, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @remote}]}}}]}, 0x3c}, 0x1, 0x2}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000003c0)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0xd, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={r4, 0x1}, &(0x7f0000000140)=0x8)

2.003215591s ago: executing program 2 (id=4282):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x20400, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000c80)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10) (async)
bind$inet(r2, &(0x7f0000000c80)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8}, @NFTA_IMMEDIATE_DATA={0x8, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc0}}, 0x40)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x262)
openat$autofs(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x400c806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10) (async)
sendto$inet(r2, 0x0, 0x0, 0x400c806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x4004085, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x1f0268bc, @empty, 0x6}}, 0x0, 0x0, 0x3fc, 0x1, 0x32, 0xb}, 0x9c) (async)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x1f0268bc, @empty, 0x6}}, 0x0, 0x0, 0x3fc, 0x1, 0x32, 0xb}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x300, 0x0, 0x0, 0x54}, 0x9c) (async)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x300, 0x0, 0x0, 0x54}, 0x9c)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x37)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={0x1, 0x58}, 0x10)
sendmsg$nl_xfrm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="480000001f0001002fbd7000fcdbdf25760101030000000000000000000000aa40784603f97e2c6af730790500000004d402003200fc00000000000000000000000000000100180001000100"], 0x48}}, 0x0) (async)
sendmsg$nl_xfrm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="480000001f0001002fbd7000fcdbdf25760101030000000000000000000000aa40784603f97e2c6af730790500000004d402003200fc00000000000000000000000000000100180001000100"], 0x48}}, 0x0)

1.720573577s ago: executing program 3 (id=4283):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

1.666735369s ago: executing program 3 (id=4284):
r0 = socket$netlink(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x17, 0x0, 0x0, 0x4, 0x7, 0x0, 0x0, 0x0, 0x20, 0x4, [0x2, 0x0, 0x0, 0x100, 0x5, 0x0, 0x0, 0x2]}}) (fail_nth: 5)

1.224145032s ago: executing program 3 (id=4285):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
pipe2(&(0x7f0000000580)={<r0=>0xffffffffffffffff}, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x2000)
ioctl$TUNSETNOCSUM(0xffffffffffffffff, 0xc040ff0b, 0x200000000003)
fcntl$lock(r1, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="028c000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000200))

1.041233252s ago: executing program 4 (id=4286):
syz_usb_connect(0x3, 0x98, &(0x7f0000000180)=ANY=[@ANYBLOB="12011001186360088d0e3f76239b010203010902860003a2000000090454020317987b5b0a24010a00060201020c2408050600070d0a329ce2090586100004f40804072501832f08000905000040008103ff0905091b08000c078009040201042e2b1503090509000000030004090502020002f7810609050303ff030840040705a6c6415a9f0905850340000b020b0904034b00a7d801073594931eb6b6472dbaeceec563b4fc2f0e9fa476f9392ee4e3e1f63c34b1ce7ba6505105013de723c0d65c001deb52c14a7d32ae081c88905f3767a4eafbf626973180783142cc39834d2ebc"], 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000600)=@mangle={'mangle\x00', 0x44, 0x6, 0x580, 0x12c, 0x98, 0x12c, 0x3d0, 0x3d0, 0x4ec, 0x4ec, 0x4ec, 0x4ec, 0x4ec, 0x6, 0x0, {[{{@ip={@remote, @broadcast, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00', {0xff}, {}, 0x0, 0x0, 0x18}, 0x0, 0x70, 0x98, 0x0, {0x0, 0x2000000}}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x5, 0xd, 0x1}}}, {{@ip={@multicast2, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11}, 0x0, 0x70, 0x94}, @unspec=@CHECKSUM={0x24}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'nicvf0\x00', 'nr0\x00', {0xff}, {}, 0x6, 0x0, 0x2}, 0x0, 0xa8, 0xcc, 0x0, {}, [@common=@unspec=@time={{0x38}, {0xfffff38f, 0x8000, 0x8d84, 0xcafc, 0xffffff8e, 0x70, 0x1}}]}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0xb0, 0x1d8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x2, 0x2, 0x2, 0x4, 0x4, 0x1]}}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:dbusd_etc_t:s0\x00'}}}, {{@uncond, 0x0, 0xe0, 0x11c, 0x0, {}, [@common=@socket0={{0x20}}, @common=@osf={{0x50}, {'syz1\x00', 0x0, 0x0, 0x1, 0x1}}]}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x3, 0x8, @ipv6=@local, 0x5e20}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x5dc)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0100000000000080", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
sendmsg$qrtr(r3, &(0x7f0000002180)={0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f00000004c0)="1a0487cfa60ba42dc27e927e4cf385e1e386f5112c6a6ff242f24761165513cca06f78574f874bc12f8cae180a1b8f6aa4d110a396a444941cbe5b81eeaacd56262e29bb8414f15ba468b1d330109032644e77feb22b8308889da7ade1763eeac3bc0701393f08ebcb79b2768b280ca31ca50dd425d05d7c6c0a3c37eb4548f6a0467bbc2bfed7e41d0cdb28986a355abdcfa6ae581efc79a4b769ca724ac2bd56d29767676057cf803cbe8c84d6ffd38dbe7be376cb2a5332ae7b18d0ff0b128f8dfb9547e6985c58c0755a59c357424d2df40f2ba1186b37f5ebb0c17f1657", 0xe0}, {&(0x7f00000000c0)="2e3a91a24d73d372024b93da9bd3e6f88dce268494d0a615c7703c35ffa7e4", 0x1f}, {&(0x7f0000000300)="2f0a3724757487902f6093eb4bc4dda8956450021378d9e6bda044d1a78cc3035291799f433212e2946b2c5915f05fe62ca6069ba4e19ba4eb327c49828b56a9a6", 0x41}, {&(0x7f00000003c0)="eb5dbd811b61cc87acc427181374d686d7a5c1ee150154790042d41c70acea27ca930580a75b8ff6e3fd4f50cb52d752ff83d03f8339136e08058cac5a093f5eaea77a4f0ac37020d06db86114c6b6239d80bbd1afb519b46571066c1f3cceda86e63dfd2286064e020d94c5bba4335d3d97451689630c5833191f7c3f93b5e2625f46c3474d02c5fc666b0a0144d36f", 0x90}, {&(0x7f0000000c00)="25f6106818676975862f6a10a6b41a0f81ec24ebfacbb649446a2ca733b3c2fd7f7dd9931e21c9bf6a6e8c195e828655f7c56cc3f51f74cfe89e31cf06197dfd7e551a797680f16401106cac3f0095e85b1ca854a94823df43f99c0a15f8665d9e8abfd8a4f3684c6203de52d46f89fc7cd10f7b6b33bc4137551855f1b573f7e4da6f116f3e8c62eedc6e2caa5b9374fbfe6e3b4cd79c8d816301178eebcfeedee57fac9b31f0ee26fdb92f9524", 0xae}, {&(0x7f0000000cc0)="9f498cf1cc526f6b1ed470b0cb62e119672c642431f028c56c8134c8b33c0d4ac2550447d4cda770ac10b4236d232d7fb165073ef0dabbffbf1e994b8b0c3eed4840b99269e2e562df4b20d2d7d32b205b7d8ea4cac2ec748ac1f02d99277b04f78e77d079bf39f5c2edf7957cb4ed9c40680762c5f6097bf2e5457733bed58c0d786eda05ba26182ae3e67321d9c8a224ba7bef9738e007de89e2908630d468707549b407233fd8d5826ff8d3da30bb41153622cfcdb8afea0e637a512e660483a0c41ad3fd9f71d87765e203d01de8c896ec2300980d444acdf13baf55b8c98b673315c2cf0601320f", 0xea}, {&(0x7f00000021c0)="c6c0cd10eece21787da22826459cbc791e4b386171d55642113892115b77b1b086e9e9966371a5054128f642c4955ec6ccb65b19aa008094dedb4f8f0087", 0x3e}, {&(0x7f00000005c0)="cb032dc0a5541226a4f97030e0f3a7", 0xf}], 0x8, &(0x7f0000000e00)=[{0x84, 0x110, 0xfff, "564f7d5ebeb5f81aa6309908006006f2818decdf85cd83fbc30791c7fa71feed501f2dca0705223d8b1ef296325a320d1fdfc045cf598784a159abecde522c08bf80c09a8973e479db498d95106451844484669f8270664162670a382d98d8474e3455cb79d88db01d7caa6e42e6282312e25c1cdf"}, {0x8c, 0x116, 0x4, "5b00bceb754ea2722f8ce60d55a4ed24c8bf60b97b291b6f6b804716b4bdeb8d859d4f92e98d8ca6af733fcbc4dd7af357dda30e8b6f3e45ef2bdaddf29b0a4736df718057c882634e54f3bc53fbd60b95dad719c816b3f2d329c7c5d2886ee68e18daa42afe7f7db0666e2d4898c23f0228bd821817acb50870383a5bd5"}, {0x90, 0x102, 0x2, "5f5ed8eb313c685cdb6a12edbb5c080f498848d517c53d1af9c07afc748f03472b539ddf2376c260509af298a47c403d21df10ce2aed8d46fdf9fd4279371d7cf304c9657ae245868b6a4d90bcd681e4cffd1216e1666a8350f2037d965b980a69d3ba2ac83ceb8371df35dcb892e378006de73772441e77a00d140b0cd513b332"}, {0x78, 0x10a, 0x4, "09240c056c1330f8f26c4f865cdd282f846c32f4f6d16b4bb731555cb202fc9b79b750bfb50a608d388a3c96d48770ff7af192fe12148d6b824683854028ea76e0fab621dab4a6c1dd496f2920c575bc756d592450e64831b176a56371d824ddb43b00e9c79b1ca98963d2cd"}, {0xd8, 0x1, 0xf, "6eb4066684ffafac46df78d6413d546d24d3831b6d163f142c8229fa970413cfbd640997dd14c3dcbfbeb96c39dac7f926dc2b62cdeada111ae192643f540bab3269f232c3d552b83165a2549bb0f1101c74970d79360591efcb9407b5497e9daa706232985f0649ccfa732b657fb6a1bab36460b2c3b1a50a33f0d0becc9d5bd1654885fb891fb72269aee785bf73f18e37012822890173751fe9cdb4492a3bd378534014a9ae711d9dfafaf26f9d235706153cffcf06a522bbe45bf97330daf43dda48561126cd820b"}], 0x2f0, 0x804}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)=@ipv6_newroute={0x20, 0x18, 0x111, 0x1, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_METRICS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x5c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x12982}, [@IFLA_IFNAME={0x14, 0x3, 'ip6tnl0\x00'}, @IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}]}}}]}, 0x5c}}, 0x0)
r5 = creat(&(0x7f00000001c0)='./file0\x00', 0x8)
write$FUSE_INTERRUPT(r5, &(0x7f0000000240)={0x10}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000004, 0x3b071, 0xffffffffffffffff, 0x0)
r6 = socket$inet6(0xa, 0x1, 0x84)
setsockopt$inet6_int(r6, 0x29, 0x1a, &(0x7f0000000080)=0x5, 0x4)
sendto$inet6(r6, 0x0, 0x0, 0x20040012, &(0x7f00000000c0)={0xa, 0x4e22, 0x27b6a97, @local, 0x9}, 0x1c)
getsockopt$bt_hci(r6, 0x84, 0x6d, &(0x7f00000006c0)=""/4097, &(0x7f0000000040)=0x1001)
ioctl$VIDIOC_S_FMT(r5, 0xc0cc5605, &(0x7f0000002200)={0xe, @sdr={0x20493859, 0x9}})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES32], 0x20)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x20004000)

1.015338364s ago: executing program 1 (id=4287):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000082}, 0x90)

776.648303ms ago: executing program 1 (id=4288):
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
io_setup(0x4, &(0x7f00000014c0))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x7f, 0x7ffc0002}]})
syz_emit_ethernet(0x7e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa000000000000810000008add605f106000442f00fc000000000000000000000000000000ff0200"/59], 0x0)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x80000)
setsockopt$sock_int(r2, 0x1, 0x2b, &(0x7f0000000080)=0x2, 0x4)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$rds(0x15, 0x5, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INFO(r3, 0x0, 0x80, &(0x7f0000000280)={'nat\x00', 0x0, 0x0, 0x0, [0x10001, 0x2, 0xefffffffffffb5b2, 0x3a8e5b6d, 0x0, 0x8]}, &(0x7f0000000200)=0x78)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x8003, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0x9, 0x6, 0x401, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x20000000, 0x6, 0x63, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c19, 0x1, 0xa8, 0xd, 0x9, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x5, 0xe, 0x0, 0x80008071, 0x4, 0x6, 0xffffffff, 0x7, 0x80000000, 0x3e, 0x10008f, 0x6, 0x6, 0x7, 0x5, 0x4, 0x8, 0x200003ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x3d], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e2, 0x5, 0xf9, 0xe, 0x2bf, 0x1, 0x9, 0xfffffffc, 0x4, 0x10001, 0xfffffff3, 0x5, 0x4, 0xb, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x3, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0x1, 0xa, 0x2, 0x4, 0xb, 0x4, 0x9, 0x4, 0xd, 0x0, 0x47, 0x8000, 0x1, 0xfe000000, 0xfa0, 0x2, 0x4, 0xa, 0x3, 0x83, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x5, 0x408, 0x4, 0x5, 0xfffffffe, 0x122, 0x2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x4, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x6, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x2, 0x83, 0x0, 0x4, 0x2950bfaf, 0x3, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xacb, 0xbf, 0x4002, 0x3, 0x7ff, 0x12b, 0x4, 0x2, 0xa, 0x0, 0x5, 0x1c, 0x120002, 0x3, 0x3, 0x80a2ea, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x6, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0xfffffffe, 0x4, 0xc8, 0x1, 0xfffff000, 0x5, 0x40003, 0x7e, 0xff, 0x9602, 0x7, 0xaf, 0x8, 0xffff19b1, 0x227, 0x8001, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf44, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0x5, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
add_key(&(0x7f00000003c0)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000080)="00000102", 0xfffff, r0)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001d00070f000000000000000007000000", @ANYRES32=r5, @ANYBLOB="40005200060010"], 0x24}, 0x1, 0x0, 0x0, 0x4000014}, 0x40)
request_key(0x0, &(0x7f0000000100)={'syz', 0x3}, 0x0, r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r6 = socket$inet6(0xa, 0x800, 0x97b2)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r7, 0x11c, 0x4, 0x0, &(0x7f0000000080))
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000300)={0x1, &(0x7f0000000240)=[{0x2, 0x7f, 0xe, 0xffffffff}]})
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x4, 0x1}]}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)

0s ago: executing program 0 (id=4289):
r0 = socket$netlink(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x15, 0x0, 0x0, 0x4, 0x7, 0x0, 0x0, 0x0, 0x20, 0x4, [0x2, 0x0, 0x0, 0x100, 0x5, 0x0, 0x0, 0x2]}})

kernel console output (not intermixed with test programs):

 1146.572797][T20604] usb usb8: usbfs: process 20604 (syz.0.4017) did not claim interface 2 before use
[ 1146.584468][T20604] openvswitch: netlink: Flow key attr not present in new flow.
[ 1147.894419][T20613] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1147.935847][T20613] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1148.096144][T18374] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1148.256290][T18374] usb 5-1: Using ep0 maxpacket: 16
[ 1148.267900][T18374] usb 5-1: config 0 has no interfaces?
[ 1148.274799][T18374] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1148.284898][T18374] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1148.293670][T18374] usb 5-1: Manufacturer: syz
[ 1148.307113][T18374] usb 5-1: config 0 descriptor??
[ 1148.407234][T20625] FAULT_INJECTION: forcing a failure.
[ 1148.407234][T20625] name failslab, interval 1, probability 0, space 0, times 0
[ 1148.435063][T20625] CPU: 0 UID: 0 PID: 20625 Comm: syz.1.4024 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1148.435096][T20625] Tainted: [L]=SOFTLOCKUP
[ 1148.435105][T20625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1148.435117][T20625] Call Trace:
[ 1148.435125][T20625]  <TASK>
[ 1148.435135][T20625]  dump_stack_lvl+0xe8/0x150
[ 1148.435171][T20625]  should_fail_ex+0x412/0x560
[ 1148.435208][T20625]  should_failslab+0xa8/0x100
[ 1148.435235][T20625]  ? skb_clone+0x212/0x3a0
[ 1148.435261][T20625]  kmem_cache_alloc_noprof+0x87/0x650
[ 1148.435283][T20625]  ? __netlink_lookup+0xc6/0x8b0
[ 1148.435312][T20625]  skb_clone+0x212/0x3a0
[ 1148.435341][T20625]  __netlink_deliver_tap+0x404/0x850
[ 1148.435385][T20625]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1148.435419][T20625]  netlink_deliver_tap+0x19c/0x1b0
[ 1148.435451][T20625]  netlink_unicast+0x7e3/0x9b0
[ 1148.435485][T20625]  ? __pfx_netlink_unicast+0x10/0x10
[ 1148.435516][T20625]  ? netlink_sendmsg+0x650/0xb40
[ 1148.435545][T20625]  ? skb_put+0x11b/0x210
[ 1148.435571][T20625]  netlink_sendmsg+0x813/0xb40
[ 1148.435610][T20625]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1148.435645][T20625]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1148.435677][T20625]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1148.435704][T20625]  ____sys_sendmsg+0x972/0x9f0
[ 1148.435738][T20625]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1148.435775][T20625]  ? kstrtoull+0x12f/0x1d0
[ 1148.435811][T20625]  ___sys_sendmsg+0x2a5/0x360
[ 1148.435840][T20625]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1148.435866][T20625]  ? get_pid_task+0x20/0x1f0
[ 1148.435886][T20625]  ? get_pid_task+0x20/0x1f0
[ 1148.435903][T20625]  ? get_pid_task+0x20/0x1f0
[ 1148.435950][T20625]  ? __fget_files+0x2a/0x420
[ 1148.435980][T20625]  ? __fget_files+0x3a0/0x420
[ 1148.436025][T20625]  __sys_sendmsg+0x183/0x260
[ 1148.436049][T20625]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1148.436095][T20625]  __do_fast_syscall_32+0x20d/0x640
[ 1148.436123][T20625]  ? do_fast_syscall_32+0x33/0x70
[ 1148.436144][T20625]  ? asm_int80_emulation+0x1a/0x20
[ 1148.436164][T20625]  ? do_int80_emulation+0x274/0x4d0
[ 1148.436193][T20625]  do_fast_syscall_32+0x33/0x70
[ 1148.436218][T20625]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1148.436244][T20625] RIP: 0023:0xf7fe4f6c
[ 1148.436263][T20625] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1148.436281][T20625] RSP: 002b:00000000f54a650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1148.436303][T20625] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1148.436317][T20625] RDX: 0000000024008080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1148.436329][T20625] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1148.436341][T20625] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1148.436353][T20625] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1148.436383][T20625]  </TASK>
[ 1148.807898][T18374] usb 5-1: USB disconnect, device number 16
[ 1149.436537][T18374] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 1149.718596][T18372] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[ 1149.980429][T18372] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1149.989063][T18372] usb 5-1: config 0 has no interface number 0
[ 1149.995350][T18372] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1150.007577][T18372] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1150.026980][T18372] usb 5-1: config 0 descriptor??
[ 1150.081445][T18372] usb 5-1: selecting invalid altsetting 1
[ 1150.158913][T18372] dvb_ttusb_budget: ttusb_init_controller: error
[ 1150.181121][T18372] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1150.329457][T20641] netlink: 'syz.4.4029': attribute type 25 has an invalid length.
[ 1150.834458][T18372] DVB: Unable to find symbol cx22700_attach()
[ 1151.454507][T18372] DVB: Unable to find symbol tda10046_attach()
[ 1151.570037][T18372] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1151.676496][T18372] usb 5-1: USB disconnect, device number 17
[ 1151.995069][T20660] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4032'.
[ 1152.103121][T20662] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4033'.
[ 1152.276909][T20662] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1152.298625][T20662] team0: Port device batadv1 added
[ 1152.339331][   T35] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1152.471475][T20664] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1152.575280][T20662] openvswitch: netlink: Flow key attr not present in new flow.
[ 1152.600417][   T29] kauditd_printk_skb: 161 callbacks suppressed
[ 1152.600439][   T29] audit: type=1326 audit(1773674475.475:5908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.0.4036" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf704ef6c code=0x0
[ 1152.872263][T10545] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1152.945549][T20673] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1152.989693][T20673] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1153.071763][T20673] set match dimension is over the limit!
[ 1153.080125][T20673] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 1154.368054][T20691] FAULT_INJECTION: forcing a failure.
[ 1154.368054][T20691] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1154.383017][T20691] CPU: 0 UID: 0 PID: 20691 Comm: syz.2.4046 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1154.383050][T20691] Tainted: [L]=SOFTLOCKUP
[ 1154.383059][T20691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1154.383072][T20691] Call Trace:
[ 1154.383080][T20691]  <TASK>
[ 1154.383089][T20691]  dump_stack_lvl+0xe8/0x150
[ 1154.383124][T20691]  should_fail_ex+0x412/0x560
[ 1154.383161][T20691]  _copy_to_user+0x31/0xb0
[ 1154.383188][T20691]  simple_read_from_buffer+0xe1/0x170
[ 1154.383224][T20691]  proc_fail_nth_read+0x1bb/0x230
[ 1154.383259][T20691]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1154.383292][T20691]  ? rw_verify_area+0x2a6/0x4d0
[ 1154.383315][T20691]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1154.383356][T20691]  vfs_read+0x20c/0xa70
[ 1154.383377][T20691]  ? fdget_pos+0x246/0x320
[ 1154.383406][T20691]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1154.383437][T20691]  ? __pfx___mutex_lock+0x10/0x10
[ 1154.383462][T20691]  ? __pfx_vfs_read+0x10/0x10
[ 1154.383485][T20691]  ? __fget_files+0x2a/0x420
[ 1154.383520][T20691]  ? __fget_files+0x3a0/0x420
[ 1154.383547][T20691]  ? __fget_files+0x2a/0x420
[ 1154.383585][T20691]  ksys_read+0x150/0x270
[ 1154.383611][T20691]  ? __pfx_ksys_read+0x10/0x10
[ 1154.383638][T20691]  ? asm_int80_emulation+0x1a/0x20
[ 1154.383664][T20691]  do_int80_emulation+0x173/0x4d0
[ 1154.383687][T20691]  ? trace_irq_disable+0x3b/0x150
[ 1154.383718][T20691]  ? asm_int80_emulation+0x1a/0x20
[ 1154.383739][T20691]  ? clear_bhb_loop+0x40/0x90
[ 1154.383759][T20691]  ? clear_bhb_loop+0x40/0x90
[ 1154.383785][T20691]  asm_int80_emulation+0x1a/0x20
[ 1154.383804][T20691] RIP: 0023:0xf71b5cab
[ 1154.383823][T20691] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1154.383840][T20691] RSP: 002b:00000000f54764bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1154.383867][T20691] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54765d0
[ 1154.383881][T20691] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1154.383893][T20691] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1154.383905][T20691] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1154.383917][T20691] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1154.383949][T20691]  </TASK>
[ 1154.676221][T18398] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[ 1154.838658][T18398] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1154.851723][T18398] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1154.875402][T18398] usb 5-1: Product: syz
[ 1154.886481][T18398] usb 5-1: Manufacturer: syz
[ 1154.893456][T18398] usb 5-1: SerialNumber: syz
[ 1154.915337][T18398] usb 5-1: config 0 descriptor??
[ 1155.128351][T18398] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1155.290830][T20680] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4040'.
[ 1156.356155][T10545] usb 2-1: device descriptor read/64, error -71
[ 1156.435280][T20709] FAULT_INJECTION: forcing a failure.
[ 1156.435280][T20709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1156.466599][T20709] CPU: 1 UID: 0 PID: 20709 Comm: syz.0.4051 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1156.466636][T20709] Tainted: [L]=SOFTLOCKUP
[ 1156.466644][T20709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1156.466658][T20709] Call Trace:
[ 1156.466667][T20709]  <TASK>
[ 1156.466676][T20709]  dump_stack_lvl+0xe8/0x150
[ 1156.466711][T20709]  should_fail_ex+0x412/0x560
[ 1156.466746][T20709]  _copy_to_user+0x31/0xb0
[ 1156.466772][T20709]  simple_read_from_buffer+0xe1/0x170
[ 1156.466808][T20709]  proc_fail_nth_read+0x1bb/0x230
[ 1156.466843][T20709]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1156.466876][T20709]  ? rw_verify_area+0x2a6/0x4d0
[ 1156.466898][T20709]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1156.466928][T20709]  vfs_read+0x20c/0xa70
[ 1156.466948][T20709]  ? fdget_pos+0x246/0x320
[ 1156.466983][T20709]  ? __pfx___mutex_lock+0x10/0x10
[ 1156.467009][T20709]  ? __pfx_vfs_read+0x10/0x10
[ 1156.467032][T20709]  ? __fget_files+0x2a/0x420
[ 1156.467067][T20709]  ? __fget_files+0x3a0/0x420
[ 1156.467104][T20709]  ? __fget_files+0x2a/0x420
[ 1156.467143][T20709]  ksys_read+0x150/0x270
[ 1156.467168][T20709]  ? __pfx_ksys_read+0x10/0x10
[ 1156.467195][T20709]  ? asm_int80_emulation+0x1a/0x20
[ 1156.467222][T20709]  do_int80_emulation+0x173/0x4d0
[ 1156.467246][T20709]  ? trace_irq_disable+0x3b/0x150
[ 1156.467276][T20709]  ? asm_int80_emulation+0x1a/0x20
[ 1156.467295][T20709]  ? clear_bhb_loop+0x40/0x90
[ 1156.467316][T20709]  ? clear_bhb_loop+0x40/0x90
[ 1156.467342][T20709]  asm_int80_emulation+0x1a/0x20
[ 1156.467362][T20709] RIP: 0023:0xf7185cab
[ 1156.467381][T20709] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1156.467398][T20709] RSP: 002b:00000000f543d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1156.467419][T20709] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543d5d0
[ 1156.467433][T20709] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1156.467445][T20709] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1156.467456][T20709] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1156.467468][T20709] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1156.467499][T20709]  </TASK>
[ 1156.859747][T18398] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1156.871368][T18398] usb 5-1: USB disconnect, device number 18
[ 1156.986235][T10545] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1157.149537][T10545] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1157.166158][T10545] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1157.188813][T10545] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1157.206215][T10545] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1157.221784][T10545] usb 2-1: Manufacturer: syz
[ 1157.227414][T20715] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1157.240760][T10545] usb 2-1: config 0 descriptor??
[ 1157.254689][T20715] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1157.266464][T20719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1157.275296][T20719] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1157.295875][T20721] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4054'.
[ 1157.307819][T20721] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1157.312548][T20721] team0: Port device batadv1 added
[ 1157.334913][T20719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4055'.
[ 1157.375069][T20721] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1157.415400][T20721] usb usb8: usbfs: process 20721 (syz.2.4054) did not claim interface 2 before use
[ 1157.422117][T20721] openvswitch: netlink: Flow key attr not present in new flow.
[ 1157.448507][T10545] rc_core: IR keymap rc-hauppauge not found
[ 1157.448532][T10545] Registered IR keymap rc-empty
[ 1157.450759][T10545] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1157.458752][T10545] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input41
[ 1157.460069][T20705] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1157.470760][T20705] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1157.810736][T20726] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4049'.
[ 1158.194040][T20730] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1158.216870][T20730] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1158.280435][T20732] netlink: 'syz.4.4059': attribute type 10 has an invalid length.
[ 1158.297947][T20734] netlink: 'syz.3.4058': attribute type 25 has an invalid length.
[ 1158.367460][T20732] bond0: (slave dummy0): Releasing active interface
[ 1158.411192][T20732] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1158.420360][T20732] team0: Failed to send options change via netlink (err -105)
[ 1158.516165][T20732] team0: Port device dummy0 added
[ 1159.040816][T10545] usb 2-1: USB disconnect, device number 38
[ 1159.357347][T20749] netlink: 'syz.2.4066': attribute type 10 has an invalid length.
[ 1159.396461][T18370] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1159.435127][T20749] team0: Failed to send options change via netlink (err -105)
[ 1159.449040][T20749] team0: Port device dummy0 added
[ 1159.483913][T20752] binder: 20746:20752 ioctl c0306201 80000180 returned -14
[ 1159.569446][T18370] usb 5-1: Using ep0 maxpacket: 32
[ 1159.583182][T18370] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1159.598351][T18370] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1159.616523][T18370] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1159.645158][T18370] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1159.674845][T18370] usb 5-1: config 0 descriptor??
[ 1159.936326][T18370] usbhid 5-1:0.0: can't add hid device: -71
[ 1159.968026][T18370] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1160.006432][T18370] usb 5-1: USB disconnect, device number 19
[ 1160.021090][T20767] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4069'.
[ 1160.054923][T20767] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4069'.
[ 1160.645318][T20780] FAULT_INJECTION: forcing a failure.
[ 1160.645318][T20780] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1160.662022][T20780] CPU: 0 UID: 0 PID: 20780 Comm: syz.0.4076 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1160.662056][T20780] Tainted: [L]=SOFTLOCKUP
[ 1160.662065][T20780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1160.662078][T20780] Call Trace:
[ 1160.662088][T20780]  <TASK>
[ 1160.662098][T20780]  dump_stack_lvl+0xe8/0x150
[ 1160.662134][T20780]  should_fail_ex+0x412/0x560
[ 1160.662169][T20780]  _copy_to_user+0x31/0xb0
[ 1160.662196][T20780]  video_usercopy+0xe0a/0x14b0
[ 1160.662246][T20780]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1160.662279][T20780]  ? __pfx_video_usercopy+0x10/0x10
[ 1160.662325][T20780]  ? __fget_files+0x2a/0x420
[ 1160.662359][T20780]  v4l2_ioctl+0x18d/0x1e0
[ 1160.662392][T20780]  v4l2_compat_ioctl32+0x1d7/0x280
[ 1160.662422][T20780]  __ia32_compat_sys_ioctl+0x5ea/0x950
[ 1160.662452][T20780]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 1160.662482][T20780]  ? __fget_files+0x3a0/0x420
[ 1160.662519][T20780]  ? fput+0xa0/0xd0
[ 1160.662549][T20780]  ? ksys_write+0x242/0x270
[ 1160.662584][T20780]  __do_fast_syscall_32+0x20d/0x640
[ 1160.662612][T20780]  ? do_fast_syscall_32+0x33/0x70
[ 1160.662635][T20780]  ? asm_int80_emulation+0x1a/0x20
[ 1160.662655][T20780]  ? do_int80_emulation+0x274/0x4d0
[ 1160.662678][T20780]  ? trace_irq_disable+0x3b/0x150
[ 1160.662714][T20780]  do_fast_syscall_32+0x33/0x70
[ 1160.662739][T20780]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1160.662764][T20780] RIP: 0023:0xf704ef6c
[ 1160.662783][T20780] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1160.662802][T20780] RSP: 002b:00000000f543d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 1160.662824][T20780] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0d05640
[ 1160.662839][T20780] RDX: 0000000080000500 RSI: 0000000000000000 RDI: 0000000000000000
[ 1160.662852][T20780] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1160.662864][T20780] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1160.662876][T20780] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1160.662906][T20780]  </TASK>
[ 1161.106160][T18372] usb 2-1: new full-speed USB device number 39 using dummy_hcd
[ 1161.301614][T18372] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1161.309739][T18372] usb 2-1: config 0 has no interface number 0
[ 1161.315905][T18372] usb 2-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1161.359961][T18372] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1161.389748][T18372] usb 2-1: config 0 descriptor??
[ 1161.696990][T18372] usb 2-1: selecting invalid altsetting 1
[ 1161.702993][T18372] dvb_ttusb_budget: ttusb_init_controller: error
[ 1161.714438][T18372] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1161.811863][T20776] netlink: 'syz.1.4074': attribute type 25 has an invalid length.
[ 1161.839486][T18370] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1161.849995][   T29] audit: type=1326 audit(1773674484.735:5909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20794 comm="syz.3.4082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1161.955293][T18372] DVB: Unable to find symbol cx22700_attach()
[ 1161.968804][   T29] audit: type=1326 audit(1773674484.735:5910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20794 comm="syz.3.4082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1161.986468][T18370] usb 3-1: device descriptor read/64, error -71
[ 1162.065667][   T29] audit: type=1326 audit(1773674484.785:5911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20794 comm="syz.3.4082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf71a5cab code=0x7ffc0000
[ 1162.139940][   T29] audit: type=1326 audit(1773674484.785:5912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20794 comm="syz.3.4082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1162.173344][T18372] DVB: Unable to find symbol tda10046_attach()
[ 1162.187985][   T29] audit: type=1326 audit(1773674484.785:5913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20794 comm="syz.3.4082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1162.196296][T18372] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1162.212878][   T29] audit: type=1326 audit(1773674484.785:5914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20794 comm="syz.3.4082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1162.263293][T18370] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 1162.369425][   T29] audit: type=1326 audit(1773674484.785:5915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20794 comm="syz.3.4082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1162.421206][T18372] usb 2-1: USB disconnect, device number 39
[ 1162.425798][   T29] audit: type=1326 audit(1773674484.785:5916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20794 comm="syz.3.4082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1162.427580][T18370] usb 3-1: device descriptor read/64, error -71
[ 1162.527220][   T29] audit: type=1326 audit(1773674484.785:5917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20794 comm="syz.3.4082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1162.604421][   T29] audit: type=1326 audit(1773674484.785:5918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20794 comm="syz.3.4082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1162.633375][T18370] usb usb3-port1: attempt power cycle
[ 1162.746879][T20809] GUP no longer grows the stack in syz.4.4085 (20809): 80009000-8000a000 (80005000)
[ 1162.771890][T20809] CPU: 1 UID: 0 PID: 20809 Comm: syz.4.4085 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1162.771928][T20809] Tainted: [L]=SOFTLOCKUP
[ 1162.771938][T20809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1162.771952][T20809] Call Trace:
[ 1162.771962][T20809]  <TASK>
[ 1162.771972][T20809]  dump_stack_lvl+0xe8/0x150
[ 1162.772011][T20809]  __get_user_pages+0x2453/0x29d0
[ 1162.772048][T20809]  ? __lock_acquire+0x6b5/0x2cf0
[ 1162.772105][T20809]  ? __gup_longterm_locked+0xc4e/0x1630
[ 1162.772140][T20809]  ? down_read_killable+0x1bb/0x340
[ 1162.772175][T20809]  __gup_longterm_locked+0xdcf/0x1630
[ 1162.772235][T20809]  gup_fast_fallback+0x1d82/0x22e0
[ 1162.772301][T20809]  ? __pfx_gup_fast_fallback+0x10/0x10
[ 1162.772332][T20809]  ? futex_unqueue+0x22/0x240
[ 1162.772358][T20809]  ? futex_unqueue+0x22/0x240
[ 1162.772383][T20809]  ? is_valid_gup_args+0x11f/0x200
[ 1162.772417][T20809]  ? get_user_pages_fast+0x4d/0xb0
[ 1162.772451][T20809]  __iov_iter_get_pages_alloc+0x3b6/0xb10
[ 1162.772484][T20809]  ? __pfx_pipe_clear_nowait+0x10/0x10
[ 1162.772512][T20809]  iov_iter_get_pages2+0x5e/0xa0
[ 1162.772538][T20809]  __se_sys_vmsplice+0x7b3/0x1490
[ 1162.772591][T20809]  ? __pfx___se_sys_vmsplice+0x10/0x10
[ 1162.772625][T20809]  ? clear_bhb_loop+0x40/0x90
[ 1162.772647][T20809]  ? clear_bhb_loop+0x40/0x90
[ 1162.772669][T20809]  ? clear_bhb_loop+0x40/0x90
[ 1162.772690][T20809]  ? clear_bhb_loop+0x40/0x90
[ 1162.772712][T20809]  ? clear_bhb_loop+0x40/0x90
[ 1162.772734][T20809]  ? clear_bhb_loop+0xe/0x90
[ 1162.772818][T20809]  ? __secure_computing+0xe1/0x2a0
[ 1162.772849][T20809]  __do_fast_syscall_32+0x20d/0x640
[ 1162.772875][T20809]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1162.772899][T20809]  ? do_fast_syscall_32+0x33/0x70
[ 1162.772923][T20809]  ? irqentry_exit+0x10e/0x620
[ 1162.772945][T20809]  ? trace_irq_disable+0x3b/0x150
[ 1162.772982][T20809]  do_fast_syscall_32+0x33/0x70
[ 1162.773008][T20809]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1162.773035][T20809] RIP: 0023:0xf706ef6c
[ 1162.773055][T20809] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1162.773081][T20809] RSP: 002b:00000000f545d50c EFLAGS: 00000206 ORIG_RAX: 000000000000013c
[ 1162.773106][T20809] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000280
[ 1162.773121][T20809] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 1162.773134][T20809] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1162.773147][T20809] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1162.773161][T20809] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1162.773193][T20809]  </TASK>
[ 1162.986635][T18370] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1163.322803][T20795] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4082'.
[ 1163.358396][T18370] usb 3-1: device descriptor read/8, error -71
[ 1163.616132][T18370] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 1163.661050][T18370] usb 3-1: device descriptor read/8, error -71
[ 1163.861538][T18370] usb usb3-port1: unable to enumerate USB device
[ 1164.061621][T18374] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1164.154261][T20823] FAULT_INJECTION: forcing a failure.
[ 1164.154261][T20823] name failslab, interval 1, probability 0, space 0, times 0
[ 1164.182069][T20823] CPU: 1 UID: 0 PID: 20823 Comm: syz.3.4089 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1164.182095][T20823] Tainted: [L]=SOFTLOCKUP
[ 1164.182101][T20823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1164.182111][T20823] Call Trace:
[ 1164.182117][T20823]  <TASK>
[ 1164.182124][T20823]  dump_stack_lvl+0xe8/0x150
[ 1164.182151][T20823]  should_fail_ex+0x412/0x560
[ 1164.182177][T20823]  should_failslab+0xa8/0x100
[ 1164.182199][T20823]  __kmalloc_cache_noprof+0x88/0x660
[ 1164.182216][T20823]  ? rxrpc_net+0x45/0x270
[ 1164.182302][T20823]  ? rxrpc_lookup_local+0x578/0x1500
[ 1164.182322][T20823]  rxrpc_lookup_local+0x578/0x1500
[ 1164.182345][T20823]  ? __pfx_rxrpc_lookup_local+0x10/0x10
[ 1164.182363][T20823]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1164.182388][T20823]  ? rxrpc_sendmsg+0x136/0x710
[ 1164.182446][T20823]  ? __local_bh_enable_ip+0xd0/0x130
[ 1164.182469][T20823]  rxrpc_sendmsg+0x399/0x710
[ 1164.182497][T20823]  ____sys_sendmsg+0x972/0x9f0
[ 1164.182522][T20823]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1164.182542][T20823]  ? kstrtoull+0x12f/0x1d0
[ 1164.182568][T20823]  ___sys_sendmsg+0x2a5/0x360
[ 1164.182589][T20823]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1164.182608][T20823]  ? get_pid_task+0x20/0x1f0
[ 1164.182622][T20823]  ? get_pid_task+0x20/0x1f0
[ 1164.182635][T20823]  ? get_pid_task+0x20/0x1f0
[ 1164.182668][T20823]  ? __fget_files+0x2a/0x420
[ 1164.182690][T20823]  ? __fget_files+0x3a0/0x420
[ 1164.182719][T20823]  __sys_sendmsg+0x183/0x260
[ 1164.182738][T20823]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1164.182770][T20823]  __do_fast_syscall_32+0x20d/0x640
[ 1164.182790][T20823]  ? do_fast_syscall_32+0x33/0x70
[ 1164.182807][T20823]  ? asm_int80_emulation+0x1a/0x20
[ 1164.182822][T20823]  ? do_int80_emulation+0x274/0x4d0
[ 1164.182838][T20823]  ? trace_irq_disable+0x3b/0x150
[ 1164.182863][T20823]  do_fast_syscall_32+0x33/0x70
[ 1164.182890][T20823]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1164.182909][T20823] RIP: 0023:0xf706ef6c
[ 1164.182923][T20823] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1164.182935][T20823] RSP: 002b:00000000f545d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1164.182951][T20823] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[ 1164.182962][T20823] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[ 1164.182971][T20823] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1164.182980][T20823] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1164.182989][T20823] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1164.183032][T20823]  </TASK>
[ 1164.447201][T18374] usb 5-1: device descriptor read/64, error -71
[ 1164.686179][T18374] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1164.826192][T18374] usb 5-1: device descriptor read/64, error -71
[ 1164.946473][T18374] usb usb5-port1: attempt power cycle
[ 1165.140823][T20837] FAULT_INJECTION: forcing a failure.
[ 1165.140823][T20837] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1165.177074][T20837] CPU: 0 UID: 0 PID: 20837 Comm: syz.3.4093 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1165.177107][T20837] Tainted: [L]=SOFTLOCKUP
[ 1165.177115][T20837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1165.177128][T20837] Call Trace:
[ 1165.177137][T20837]  <TASK>
[ 1165.177147][T20837]  dump_stack_lvl+0xe8/0x150
[ 1165.177182][T20837]  should_fail_ex+0x412/0x560
[ 1165.177226][T20837]  _copy_to_user+0x31/0xb0
[ 1165.177252][T20837]  simple_read_from_buffer+0xe1/0x170
[ 1165.177285][T20837]  proc_fail_nth_read+0x1bb/0x230
[ 1165.177318][T20837]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1165.177351][T20837]  ? rw_verify_area+0x2a6/0x4d0
[ 1165.177375][T20837]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1165.177405][T20837]  vfs_read+0x20c/0xa70
[ 1165.177425][T20837]  ? fdget_pos+0x246/0x320
[ 1165.177460][T20837]  ? __pfx___mutex_lock+0x10/0x10
[ 1165.177485][T20837]  ? __pfx_vfs_read+0x10/0x10
[ 1165.177507][T20837]  ? __fget_files+0x2a/0x420
[ 1165.177540][T20837]  ? __fget_files+0x3a0/0x420
[ 1165.177568][T20837]  ? __fget_files+0x2a/0x420
[ 1165.177606][T20837]  ksys_read+0x150/0x270
[ 1165.177630][T20837]  ? __pfx_ksys_read+0x10/0x10
[ 1165.177658][T20837]  ? asm_int80_emulation+0x1a/0x20
[ 1165.177686][T20837]  do_int80_emulation+0x173/0x4d0
[ 1165.177710][T20837]  ? trace_irq_disable+0x3b/0x150
[ 1165.177741][T20837]  ? asm_int80_emulation+0x1a/0x20
[ 1165.177761][T20837]  ? clear_bhb_loop+0x40/0x90
[ 1165.177783][T20837]  ? clear_bhb_loop+0x40/0x90
[ 1165.177809][T20837]  asm_int80_emulation+0x1a/0x20
[ 1165.177829][T20837] RIP: 0023:0xf71a5cab
[ 1165.177849][T20837] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1165.177869][T20837] RSP: 002b:00000000f545d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1165.177892][T20837] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f545d5d0
[ 1165.177907][T20837] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1165.177919][T20837] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1165.177932][T20837] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1165.177945][T20837] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1165.177976][T20837]  </TASK>
[ 1165.498446][T18374] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1165.662918][T18374] usb 5-1: device descriptor read/8, error -71
[ 1165.907363][T18374] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1165.936958][T18374] usb 5-1: device descriptor read/8, error -71
[ 1166.066757][T18374] usb usb5-port1: unable to enumerate USB device
[ 1166.626523][T10545] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1166.796649][T10545] usb 3-1: Using ep0 maxpacket: 32
[ 1167.001700][T20868] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1167.168597][T20876] FAULT_INJECTION: forcing a failure.
[ 1167.168597][T20876] name failslab, interval 1, probability 0, space 0, times 0
[ 1167.187849][T10545] usb 3-1: config 0 has an invalid interface number: 255 but max is 0
[ 1167.188051][T20876] CPU: 0 UID: 0 PID: 20876 Comm: syz.4.4106 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1167.188135][T20876] Tainted: [L]=SOFTLOCKUP
[ 1167.188160][T20876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1167.188193][T20876] Call Trace:
[ 1167.188221][T20876]  <TASK>
[ 1167.188244][T20876]  dump_stack_lvl+0xe8/0x150
[ 1167.188338][T20876]  should_fail_ex+0x412/0x560
[ 1167.188434][T20876]  should_failslab+0xa8/0x100
[ 1167.188500][T20876]  ? skb_clone+0x212/0x3a0
[ 1167.188565][T20876]  kmem_cache_alloc_noprof+0x87/0x650
[ 1167.188621][T20876]  ? __netlink_lookup+0xc6/0x8b0
[ 1167.188705][T20876]  skb_clone+0x212/0x3a0
[ 1167.188778][T20876]  __netlink_deliver_tap+0x404/0x850
[ 1167.188886][T20876]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1167.188974][T20876]  netlink_deliver_tap+0x19c/0x1b0
[ 1167.189069][T20876]  netlink_unicast+0x7e3/0x9b0
[ 1167.189165][T20876]  ? __pfx_netlink_unicast+0x10/0x10
[ 1167.189199][T20876]  ? netlink_sendmsg+0x650/0xb40
[ 1167.189273][T20876]  ? skb_put+0x11b/0x210
[ 1167.189337][T20876]  netlink_sendmsg+0x813/0xb40
[ 1167.189470][T20876]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1167.189583][T20876]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1167.189667][T20876]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1167.189739][T20876]  ____sys_sendmsg+0x972/0x9f0
[ 1167.189824][T20876]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1167.189903][T20876]  ? kstrtoull+0x12f/0x1d0
[ 1167.190000][T20876]  ___sys_sendmsg+0x2a5/0x360
[ 1167.190081][T20876]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1167.190145][T20876]  ? get_pid_task+0x20/0x1f0
[ 1167.190196][T20876]  ? get_pid_task+0x20/0x1f0
[ 1167.190246][T20876]  ? get_pid_task+0x20/0x1f0
[ 1167.190362][T20876]  ? __fget_files+0x2a/0x420
[ 1167.190435][T20876]  ? __fget_files+0x3a0/0x420
[ 1167.190539][T20876]  __sys_sendmsg+0x183/0x260
[ 1167.190606][T20876]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1167.190709][T20876]  __do_fast_syscall_32+0x20d/0x640
[ 1167.190822][T20876]  ? do_fast_syscall_32+0x33/0x70
[ 1167.190897][T20876]  ? asm_int80_emulation+0x1a/0x20
[ 1167.190959][T20876]  ? do_int80_emulation+0x274/0x4d0
[ 1167.191026][T20876]  ? trace_irq_disable+0x3b/0x150
[ 1167.191115][T20876]  do_fast_syscall_32+0x33/0x70
[ 1167.191178][T20876]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1167.191243][T20876] RIP: 0023:0xf706ef6c
[ 1167.191296][T20876] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1167.191347][T20876] RSP: 002b:00000000f545d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1167.191409][T20876] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[ 1167.191445][T20876] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1167.191477][T20876] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1167.191510][T20876] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1167.191542][T20876] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1167.191618][T20876]  </TASK>
[ 1167.573833][T10545] usb 3-1: config 0 has no interface number 0
[ 1167.582401][T10545] usb 3-1: config 0 interface 255 has no altsetting 0
[ 1167.678359][T10545] usb 3-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f
[ 1167.698403][T10545] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1167.781208][T10545] usb 3-1: Product: syz
[ 1167.887985][T10545] usb 3-1: Manufacturer: syz
[ 1167.892656][T10545] usb 3-1: SerialNumber: syz
[ 1167.919628][T10545] usb 3-1: config 0 descriptor??
[ 1167.959673][T10545] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state.
[ 1167.970921][   T29] kauditd_printk_skb: 114 callbacks suppressed
[ 1167.970941][   T29] audit: type=1326 audit(1773674490.855:6033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20848 comm="syz.3.4099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1167.977245][T10545] dvb-usb: bulk message failed: -22 (4/0)
[ 1167.977267][T10545] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1167.977383][T10545] dvb-usb: bulk message failed: -22 (5/0)
[ 1167.977400][T10545] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1168.120189][T10545] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1168.143267][   T29] audit: type=1326 audit(1773674490.855:6034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20848 comm="syz.3.4099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1168.177364][T20849] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4099'.
[ 1168.227080][T10545] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0)
[ 1168.246225][T10545] usb 3-1: media controller created
[ 1168.286447][   T29] audit: type=1326 audit(1773674490.855:6035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20848 comm="syz.3.4099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1168.372742][T10545] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1168.451336][   T29] audit: type=1326 audit(1773674490.855:6036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20848 comm="syz.3.4099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1168.576616][T10545] ttusb2: set interface to alts=3 failed
[ 1168.586225][   T29] audit: type=1326 audit(1773674490.925:6037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20848 comm="syz.3.4099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1168.942967][   T29] audit: type=1326 audit(1773674491.055:6038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20848 comm="syz.3.4099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1169.028103][   T29] audit: type=1326 audit(1773674491.055:6039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20848 comm="syz.3.4099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1169.051838][   T29] audit: type=1326 audit(1773674491.055:6040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20848 comm="syz.3.4099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1169.074225][   T29] audit: type=1326 audit(1773674491.055:6041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20848 comm="syz.3.4099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=309 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1169.139027][T10545] DVB: Unable to find symbol tda10086_attach()
[ 1169.162194][T10545] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0'
[ 1169.180477][   T29] audit: type=1326 audit(1773674491.055:6042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20848 comm="syz.3.4099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000
[ 1169.202876][T10545] dvb-usb: bulk message failed: -22 (4/0)
[ 1169.202902][T10545] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1169.203018][T10545] dvb-usb: bulk message failed: -22 (5/0)
[ 1169.203035][T10545] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1169.203101][T10545] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected.
[ 1169.226332][T10545] usb 3-1: USB disconnect, device number 12
[ 1169.409073][T10545] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected.
[ 1169.632256][T20894] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1169.642959][T20894] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1169.948691][T20906] FAULT_INJECTION: forcing a failure.
[ 1169.948691][T20906] name failslab, interval 1, probability 0, space 0, times 0
[ 1170.029883][T20906] CPU: 1 UID: 0 PID: 20906 Comm: syz.0.4116 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1170.029917][T20906] Tainted: [L]=SOFTLOCKUP
[ 1170.029925][T20906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1170.029938][T20906] Call Trace:
[ 1170.029946][T20906]  <TASK>
[ 1170.029963][T20906]  dump_stack_lvl+0xe8/0x150
[ 1170.029989][T20906]  should_fail_ex+0x412/0x560
[ 1170.030015][T20906]  should_failslab+0xa8/0x100
[ 1170.030037][T20906]  ? skb_clone+0x212/0x3a0
[ 1170.030055][T20906]  kmem_cache_alloc_noprof+0x87/0x650
[ 1170.030071][T20906]  ? __netlink_lookup+0xc6/0x8b0
[ 1170.030091][T20906]  skb_clone+0x212/0x3a0
[ 1170.030111][T20906]  __netlink_deliver_tap+0x404/0x850
[ 1170.030142][T20906]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1170.030165][T20906]  netlink_deliver_tap+0x19c/0x1b0
[ 1170.030188][T20906]  netlink_unicast+0x7e3/0x9b0
[ 1170.030214][T20906]  ? __pfx_netlink_unicast+0x10/0x10
[ 1170.030236][T20906]  ? netlink_sendmsg+0x650/0xb40
[ 1170.030259][T20906]  ? skb_put+0x11b/0x210
[ 1170.030277][T20906]  netlink_sendmsg+0x813/0xb40
[ 1170.030306][T20906]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1170.030331][T20906]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1170.030354][T20906]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1170.030375][T20906]  ____sys_sendmsg+0x972/0x9f0
[ 1170.030398][T20906]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1170.030419][T20906]  ? kstrtoull+0x12f/0x1d0
[ 1170.030445][T20906]  ___sys_sendmsg+0x2a5/0x360
[ 1170.030466][T20906]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1170.030498][T20906]  ? get_pid_task+0x20/0x1f0
[ 1170.030513][T20906]  ? get_pid_task+0x20/0x1f0
[ 1170.030525][T20906]  ? get_pid_task+0x20/0x1f0
[ 1170.030558][T20906]  ? __fget_files+0x2a/0x420
[ 1170.030580][T20906]  ? __fget_files+0x3a0/0x420
[ 1170.030609][T20906]  __sys_sendmsg+0x183/0x260
[ 1170.030628][T20906]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1170.030660][T20906]  __do_fast_syscall_32+0x20d/0x640
[ 1170.030680][T20906]  ? do_fast_syscall_32+0x33/0x70
[ 1170.030696][T20906]  ? asm_int80_emulation+0x1a/0x20
[ 1170.030711][T20906]  ? do_int80_emulation+0x274/0x4d0
[ 1170.030727][T20906]  ? trace_irq_disable+0x3b/0x150
[ 1170.030759][T20906]  do_fast_syscall_32+0x33/0x70
[ 1170.030778][T20906]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1170.030797][T20906] RIP: 0023:0xf704ef6c
[ 1170.030810][T20906] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1170.030823][T20906] RSP: 002b:00000000f543d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1170.030839][T20906] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[ 1170.030850][T20906] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1170.030859][T20906] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1170.030867][T20906] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1170.030876][T20906] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1170.030897][T20906]  </TASK>
[ 1170.361824][T10545] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1170.536197][T10545] usb 2-1: Using ep0 maxpacket: 16
[ 1170.543413][T10545] usb 2-1: config 254 has an invalid interface number: 235 but max is 0
[ 1170.552494][T10545] usb 2-1: config 254 has no interface number 0
[ 1170.558887][T10545] usb 2-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32
[ 1170.569049][T10545] usb 2-1: config 254 interface 235 altsetting 2 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1170.580944][T10545] usb 2-1: config 254 interface 235 altsetting 2 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1170.592308][T10545] usb 2-1: config 254 interface 235 altsetting 2 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1170.602425][T10545] usb 2-1: config 254 interface 235 has no altsetting 0
[ 1170.617640][T10545] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1
[ 1170.627229][T10545] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1170.635293][T10545] usb 2-1: Product: syz
[ 1170.640044][T10545] usb 2-1: Manufacturer: syz
[ 1170.645087][T10545] usb 2-1: SerialNumber: syz
[ 1170.663867][T20904] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1170.970029][T20904] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1171.093331][T10545] usbtest 2-1:254.235: Linux gadget zero
[ 1171.120532][T10545] usbtest 2-1:254.235: high-speed {control in/out bulk-out int-in} tests (+alt)
[ 1171.137423][T18370] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1171.290875][T18370] usb 5-1: device descriptor read/64, error -71
[ 1171.324940][T20924] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4115'.
[ 1171.353540][T10545] usb 2-1: USB disconnect, device number 40
[ 1171.614486][T18370] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1171.786270][T18370] usb 5-1: device descriptor read/64, error -71
[ 1171.896380][T18370] usb usb5-port1: attempt power cycle
[ 1172.286290][T18370] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 1172.396758][T18370] usb 5-1: device descriptor read/8, error -71
[ 1172.589794][T20933] syz_tun: entered promiscuous mode
[ 1172.595214][T20933] vlan2: entered promiscuous mode
[ 1172.636121][T18370] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[ 1172.668892][T18370] usb 5-1: device descriptor read/8, error -71
[ 1172.778838][T18370] usb usb5-port1: unable to enumerate USB device
[ 1172.878670][T20943] FAULT_INJECTION: forcing a failure.
[ 1172.878670][T20943] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1172.892091][T20943] CPU: 1 UID: 0 PID: 20943 Comm: syz.3.4127 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1172.892125][T20943] Tainted: [L]=SOFTLOCKUP
[ 1172.892134][T20943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1172.892148][T20943] Call Trace:
[ 1172.892158][T20943]  <TASK>
[ 1172.892168][T20943]  dump_stack_lvl+0xe8/0x150
[ 1172.892204][T20943]  should_fail_ex+0x412/0x560
[ 1172.892239][T20943]  _copy_from_user+0x2d/0xb0
[ 1172.892265][T20943]  kstrtouint_from_user+0xd6/0x180
[ 1172.892300][T20943]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1172.892347][T20943]  proc_fail_nth_write+0x8e/0x210
[ 1172.892377][T20943]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1172.892413][T20943]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1172.892445][T20943]  vfs_write+0x29a/0xb90
[ 1172.892478][T20943]  ? __pfx_vfs_write+0x10/0x10
[ 1172.892502][T20943]  ? __fget_files+0x2a/0x420
[ 1172.892546][T20943]  ? __fget_files+0x3a0/0x420
[ 1172.892575][T20943]  ? __fget_files+0x2a/0x420
[ 1172.892613][T20943]  ksys_write+0x150/0x270
[ 1172.892639][T20943]  ? __pfx_ksys_write+0x10/0x10
[ 1172.892676][T20943]  ? asm_int80_emulation+0x1a/0x20
[ 1172.892703][T20943]  do_int80_emulation+0x173/0x4d0
[ 1172.892728][T20943]  ? trace_irq_disable+0x3b/0x150
[ 1172.892758][T20943]  ? asm_int80_emulation+0x1a/0x20
[ 1172.892777][T20943]  ? clear_bhb_loop+0x40/0x90
[ 1172.892798][T20943]  ? clear_bhb_loop+0x40/0x90
[ 1172.892824][T20943]  asm_int80_emulation+0x1a/0x20
[ 1172.892845][T20943] RIP: 0023:0xf71a5cab
[ 1172.892871][T20943] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1172.892890][T20943] RSP: 002b:00000000f545d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[ 1172.892913][T20943] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f545d5d0
[ 1172.892927][T20943] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 1172.892939][T20943] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1172.892951][T20943] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1172.892964][T20943] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1172.892995][T20943]  </TASK>
[ 1173.140893][   T29] kauditd_printk_skb: 46 callbacks suppressed
[ 1173.140911][   T29] audit: type=1326 audit(1773674496.025:6089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb2f6c code=0x7ffc0000
[ 1173.193670][T20930] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4122'.
[ 1173.239186][   T29] audit: type=1326 audit(1773674496.025:6090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f6c code=0x7ffc0000
[ 1173.276450][   T29] audit: type=1326 audit(1773674496.025:6091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f6c code=0x7ffc0000
[ 1173.321708][   T29] audit: type=1326 audit(1773674496.025:6092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7fb2f6c code=0x7ffc0000
[ 1173.614576][   T29] audit: type=1326 audit(1773674496.075:6093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f6c code=0x7ffc0000
[ 1173.650561][   T29] audit: type=1326 audit(1773674496.075:6094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f6c code=0x7ffc0000
[ 1173.700894][   T29] audit: type=1326 audit(1773674496.075:6095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fb2f6c code=0x7ffc0000
[ 1173.862798][   T29] audit: type=1326 audit(1773674496.075:6096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f6c code=0x7ffc0000
[ 1173.904569][   T29] audit: type=1326 audit(1773674496.075:6097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2f6c code=0x7ffc0000
[ 1173.980364][   T29] audit: type=1326 audit(1773674496.075:6098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.2.4122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=309 compat=1 ip=0xf7fb2f6c code=0x7ffc0000
[ 1174.512166][T20963] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4131'.
[ 1174.538840][T20963] RDS: rds_bind could not find a transport for fe80::25, load rds_tcp or rds_rdma?
[ 1174.586346][T20965] FAULT_INJECTION: forcing a failure.
[ 1174.586346][T20965] name failslab, interval 1, probability 0, space 0, times 0
[ 1174.606377][T20965] CPU: 0 UID: 0 PID: 20965 Comm: syz.4.4132 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1174.606411][T20965] Tainted: [L]=SOFTLOCKUP
[ 1174.606420][T20965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1174.606433][T20965] Call Trace:
[ 1174.606442][T20965]  <TASK>
[ 1174.606451][T20965]  dump_stack_lvl+0xe8/0x150
[ 1174.606486][T20965]  should_fail_ex+0x412/0x560
[ 1174.606523][T20965]  should_failslab+0xa8/0x100
[ 1174.606550][T20965]  ? skb_clone+0x212/0x3a0
[ 1174.606576][T20965]  kmem_cache_alloc_noprof+0x87/0x650
[ 1174.606597][T20965]  ? __netlink_lookup+0xc6/0x8b0
[ 1174.606626][T20965]  skb_clone+0x212/0x3a0
[ 1174.606653][T20965]  __netlink_deliver_tap+0x404/0x850
[ 1174.606697][T20965]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1174.606730][T20965]  netlink_deliver_tap+0x19c/0x1b0
[ 1174.606762][T20965]  netlink_unicast+0x7e3/0x9b0
[ 1174.606798][T20965]  ? __pfx_netlink_unicast+0x10/0x10
[ 1174.606828][T20965]  ? netlink_sendmsg+0x650/0xb40
[ 1174.606858][T20965]  ? skb_put+0x11b/0x210
[ 1174.606883][T20965]  netlink_sendmsg+0x813/0xb40
[ 1174.606923][T20965]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1174.606956][T20965]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1174.606995][T20965]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1174.607024][T20965]  ____sys_sendmsg+0x972/0x9f0
[ 1174.607058][T20965]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1174.607086][T20965]  ? kstrtoull+0x12f/0x1d0
[ 1174.607122][T20965]  ___sys_sendmsg+0x2a5/0x360
[ 1174.607152][T20965]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1174.607179][T20965]  ? get_pid_task+0x20/0x1f0
[ 1174.607199][T20965]  ? get_pid_task+0x20/0x1f0
[ 1174.607216][T20965]  ? get_pid_task+0x20/0x1f0
[ 1174.607263][T20965]  ? __fget_files+0x2a/0x420
[ 1174.607293][T20965]  ? __fget_files+0x3a0/0x420
[ 1174.607333][T20965]  __sys_sendmsg+0x183/0x260
[ 1174.607359][T20965]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1174.607401][T20965]  __do_fast_syscall_32+0x20d/0x640
[ 1174.607429][T20965]  ? do_fast_syscall_32+0x33/0x70
[ 1174.607452][T20965]  ? asm_int80_emulation+0x1a/0x20
[ 1174.607472][T20965]  ? do_int80_emulation+0x274/0x4d0
[ 1174.607493][T20965]  ? trace_irq_disable+0x3b/0x150
[ 1174.607527][T20965]  do_fast_syscall_32+0x33/0x70
[ 1174.607552][T20965]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1174.607577][T20965] RIP: 0023:0xf706ef6c
[ 1174.607596][T20965] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1174.607614][T20965] RSP: 002b:00000000f545d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1174.607636][T20965] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[ 1174.607651][T20965] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1174.607663][T20965] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1174.607675][T20965] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1174.607688][T20965] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1174.607718][T20965]  </TASK>
[ 1174.649618][T20965] team0: Port device dummy0 removed
[ 1175.006978][T20965] batman_adv: batadv0: Adding interface: dummy0
[ 1175.041582][T20965] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1175.109596][T20965] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[ 1175.438996][T20973] support for the xor transformation has been removed.
[ 1175.692447][T20988] FAULT_INJECTION: forcing a failure.
[ 1175.692447][T20988] name failslab, interval 1, probability 0, space 0, times 0
[ 1175.705162][T20988] CPU: 0 UID: 0 PID: 20988 Comm: syz.0.4140 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1175.705196][T20988] Tainted: [L]=SOFTLOCKUP
[ 1175.705204][T20988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1175.705217][T20988] Call Trace:
[ 1175.705228][T20988]  <TASK>
[ 1175.705237][T20988]  dump_stack_lvl+0xe8/0x150
[ 1175.705275][T20988]  should_fail_ex+0x412/0x560
[ 1175.705301][T20988]  should_failslab+0xa8/0x100
[ 1175.705323][T20988]  __kmalloc_noprof+0xe8/0x760
[ 1175.705340][T20988]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1175.705364][T20988]  ? stack_trace_save+0xa9/0x100
[ 1175.705382][T20988]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1175.705416][T20988]  tomoyo_check_open_permission+0x229/0x470
[ 1175.705437][T20988]  ? tomoyo_check_open_permission+0x1d3/0x470
[ 1175.705456][T20988]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1175.705506][T20988]  security_file_open+0xa9/0x240
[ 1175.705526][T20988]  do_dentry_open+0x384/0x14e0
[ 1175.705551][T20988]  ? vfs_open+0x31/0x340
[ 1175.705575][T20988]  vfs_open+0x3b/0x340
[ 1175.705597][T20988]  dentry_open+0x61/0xa0
[ 1175.705618][T20988]  open_namespace+0x104/0x1c0
[ 1175.705640][T20988]  ? __pfx_open_namespace+0x10/0x10
[ 1175.705662][T20988]  ? do_raw_spin_unlock+0xf5/0x210
[ 1175.705683][T20988]  pidfd_ioctl+0x22d6/0x3280
[ 1175.705708][T20988]  ? __pfx_pidfd_ioctl+0x10/0x10
[ 1175.705730][T20988]  ? __fget_files+0x2a/0x420
[ 1175.705755][T20988]  ? __fget_files+0x3a0/0x420
[ 1175.705776][T20988]  ? __fget_files+0x2a/0x420
[ 1175.705799][T20988]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[ 1175.705836][T20988]  __ia32_compat_sys_ioctl+0x5ea/0x950
[ 1175.705858][T20988]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 1175.705879][T20988]  ? __fget_files+0x3a0/0x420
[ 1175.705911][T20988]  ? fput+0xa0/0xd0
[ 1175.705941][T20988]  ? ksys_write+0x242/0x270
[ 1175.705966][T20988]  __do_fast_syscall_32+0x20d/0x640
[ 1175.705986][T20988]  ? do_fast_syscall_32+0x33/0x70
[ 1175.706002][T20988]  ? asm_int80_emulation+0x1a/0x20
[ 1175.706046][T20988]  ? do_int80_emulation+0x274/0x4d0
[ 1175.706103][T20988]  ? trace_irq_disable+0x3b/0x150
[ 1175.706137][T20988]  do_fast_syscall_32+0x33/0x70
[ 1175.706167][T20988]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1175.706192][T20988] RIP: 0023:0xf704ef6c
[ 1175.706212][T20988] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1175.706230][T20988] RSP: 002b:00000000f543d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 1175.706256][T20988] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ff08
[ 1175.706270][T20988] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1175.706282][T20988] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1175.706294][T20988] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1175.706306][T20988] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1175.706337][T20988]  </TASK>
[ 1176.045944][T20988] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1176.066251][T18393] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 1176.257091][T18393] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1176.296115][T18393] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[ 1176.370011][T18393] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1176.395800][T18393] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1176.409224][T18393] usb 2-1: Product: syz
[ 1176.414154][T18393] usb 2-1: Manufacturer: syz
[ 1176.421676][T18393] usb 2-1: SerialNumber: syz
[ 1176.467433][T18393] usb 2-1: config 0 descriptor??
[ 1176.587487][T18370] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1176.785598][T18370] usb 3-1: Using ep0 maxpacket: 32
[ 1176.816686][T18370] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1176.825922][T18370] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 120, changing to 7
[ 1176.872651][T18370] usb 3-1: string descriptor 0 read error: -22
[ 1176.879765][T18370] usb 3-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice= 0.40
[ 1176.893888][T18370] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1176.949360][T21005] syzkaller0: entered allmulticast mode
[ 1177.270285][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.277652][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.294238][T21007] usb usb7: usbfs: process 21007 (syz.2.4143) did not claim interface 0 before use
[ 1177.329015][T18393] usb 2-1: USB disconnect, device number 41
[ 1177.524174][T21012] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1177.631428][T20992] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4141'.
[ 1178.383592][T21025] input: syz0 as /devices/virtual/input/input42
[ 1178.936571][T21042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1178.964307][T21031] netlink: 'syz.4.4152': attribute type 2 has an invalid length.
[ 1178.976869][T21042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1178.999544][T21031] netlink: 'syz.4.4152': attribute type 2 has an invalid length.
[ 1179.012101][T21042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1179.131981][T21042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1179.425438][T21046] syzkaller0: entered allmulticast mode
[ 1179.501587][T18370] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found
[ 1179.516983][T18370] usb 3-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[ 1179.863950][T12606] udevd[12606]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1179.898521][T18370] usb 3-1: USB disconnect, device number 13
[ 1180.146563][T18393] usb 2-1: new full-speed USB device number 42 using dummy_hcd
[ 1180.184378][T21059] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1180.196404][T18398] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[ 1180.213969][T21059] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1180.287250][T21062] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1180.301036][T21062] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1180.322797][T18393] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1180.342001][T18393] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[ 1180.373875][T18393] usb 2-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24
[ 1180.385137][T18393] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1180.417711][T18398] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1180.429630][T18398] usb 5-1: config 1 has an invalid descriptor of length 56, skipping remainder of the config
[ 1180.473573][T18398] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1180.484107][T18393] usb 2-1: Product: syz
[ 1180.484228][T18372] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 1180.496837][T18393] usb 2-1: Manufacturer: syz
[ 1180.501464][T18393] usb 2-1: SerialNumber: syz
[ 1180.507515][T18398] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1180.524941][T18398] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1180.539012][T18398] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1180.548562][T18393] usb 2-1: config 0 descriptor??
[ 1180.557768][T18398] usb 5-1: Product: syz
[ 1180.563374][T18398] usb 5-1: Manufacturer: syz
[ 1180.571072][T21036] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1180.592133][T18398] cdc_wdm 5-1:1.0: skipping garbage
[ 1180.677034][T18398] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1180.746319][T18370] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1180.766143][T18372] usb 1-1: Using ep0 maxpacket: 8
[ 1180.799030][T18372] usb 1-1: config 162 has an invalid interface number: 84 but max is 2
[ 1180.827430][T18372] usb 1-1: config 162 has an invalid interface number: 3 but max is 2
[ 1180.848230][T18372] usb 1-1: config 162 has no interface number 0
[ 1180.861679][T18372] usb 1-1: config 162 has no interface number 1
[ 1180.883063][T18372] usb 1-1: config 162 interface 84 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1180.912895][T18372] usb 1-1: config 162 interface 2 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[ 1180.943030][T18372] usb 1-1: config 162 interface 2 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1180.955327][T18370] usb 3-1: Using ep0 maxpacket: 16
[ 1180.975649][T18370] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1180.996298][T18370] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1181.005270][T18372] usb 1-1: config 162 interface 2 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[ 1181.034134][T18370] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1181.047782][T18372] usb 1-1: config 162 interface 2 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[ 1181.061396][T18370] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1181.072168][T18372] usb 1-1: config 162 interface 2 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[ 1181.086206][T18370] usb 3-1: Product: syz
[ 1181.092491][T18370] usb 3-1: Manufacturer: syz
[ 1181.103245][T18370] usb 3-1: SerialNumber: syz
[ 1181.108541][T18372] usb 1-1: config 162 interface 84 has no altsetting 0
[ 1181.124520][T18372] usb 1-1: config 162 interface 2 has no altsetting 0
[ 1181.150892][T18372] usb 1-1: config 162 interface 3 has no altsetting 0
[ 1181.170393][T18372] usb 1-1: New USB device found, idVendor=0e8d, idProduct=763f, bcdDevice=9b.23
[ 1181.192039][T18372] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1181.212279][T18372] usb 1-1: Product: syz
[ 1181.222446][T18372] usb 1-1: Manufacturer: syz
[ 1181.231425][T18372] usb 1-1: SerialNumber: syz
[ 1181.242053][T21072] FAULT_INJECTION: forcing a failure.
[ 1181.242053][T21072] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1181.262328][T21072] CPU: 1 UID: 0 PID: 21072 Comm: syz.4.4159 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1181.262364][T21072] Tainted: [L]=SOFTLOCKUP
[ 1181.262373][T21072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1181.262387][T21072] Call Trace:
[ 1181.262397][T21072]  <TASK>
[ 1181.262407][T21072]  dump_stack_lvl+0xe8/0x150
[ 1181.262442][T21072]  should_fail_ex+0x412/0x560
[ 1181.262479][T21072]  prepare_alloc_pages+0x22a/0x650
[ 1181.262516][T21072]  __alloc_frozen_pages_noprof+0x12f/0x380
[ 1181.262548][T21072]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1181.262579][T21072]  ? __pfx_policy_nodemask+0x10/0x10
[ 1181.262604][T21072]  ? __lock_acquire+0x6b5/0x2cf0
[ 1181.262637][T21072]  ? __lock_acquire+0x6b5/0x2cf0
[ 1181.262667][T21072]  alloc_pages_mpol+0x232/0x4a0
[ 1181.262700][T21072]  vma_alloc_folio_noprof+0xea/0x210
[ 1181.262740][T21072]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1181.262767][T21072]  ? __lock_acquire+0x6b5/0x2cf0
[ 1181.262805][T21072]  do_pte_missing+0x1656/0x3490
[ 1181.262850][T21072]  handle_mm_fault+0x1bec/0x3310
[ 1181.262897][T21072]  ? handle_mm_fault+0xee/0x3310
[ 1181.262937][T21072]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1181.262990][T21072]  ? lock_mm_and_find_vma+0xa7/0x340
[ 1181.263017][T21072]  do_user_addr_fault+0x75b/0x1340
[ 1181.263064][T21072]  exc_page_fault+0x6a/0xc0
[ 1181.263089][T21072]  asm_exc_page_fault+0x26/0x30
[ 1181.263110][T21072] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1181.263140][T21072] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1181.263158][T21072] RSP: 0018:ffffc90004f577f8 EFLAGS: 00050206
[ 1181.263178][T21072] RAX: ffffffff84ac6601 RBX: ffff88807cd58001 RCX: 0000000000000767
[ 1181.263193][T21072] RDX: 0000000000000000 RSI: ffff88807cd58001 RDI: 0000000080002100
[ 1181.263206][T21072] RBP: ffffc90004f57970 R08: ffff88807cd58767 R09: 1ffff1100f9ab0ec
[ 1181.263221][T21072] R10: dffffc0000000000 R11: ffffed100f9ab0ed R12: dffffc0000000000
[ 1181.263236][T21072] R13: 0000000000000000 R14: 00007ffffffff000 R15: 0000000000000767
[ 1181.263259][T21072]  ? _copy_to_iter+0x3b1/0x17d0
[ 1181.263298][T21072]  _copy_to_iter+0x493/0x17d0
[ 1181.263344][T21072]  ? snd_info_seq_show+0xd9/0x100
[ 1181.263444][T21072]  ? __pfx__copy_to_iter+0x10/0x10
[ 1181.263475][T21072]  ? single_next+0xd/0x40
[ 1181.263500][T21072]  ? single_stop+0x9/0x10
[ 1181.263524][T21072]  ? traverse+0x544/0x580
[ 1181.263562][T21072]  seq_read_iter+0x2e9/0xe10
[ 1181.263599][T21072]  ? __asan_memset+0x22/0x50
[ 1181.263627][T21072]  seq_read+0x367/0x480
[ 1181.263662][T21072]  ? __pfx_seq_read+0x10/0x10
[ 1181.263696][T21072]  ? apparmor_file_permission+0x1f4/0x300
[ 1181.263737][T21072]  ? __pfx_seq_read+0x10/0x10
[ 1181.263760][T21072]  proc_reg_read+0x1e9/0x2e0
[ 1181.263786][T21072]  vfs_readv+0x587/0x840
[ 1181.263818][T21072]  ? __pfx_proc_reg_read+0x10/0x10
[ 1181.263843][T21072]  ? __pfx_vfs_readv+0x10/0x10
[ 1181.263886][T21072]  ? __fget_files+0x2a/0x420
[ 1181.263922][T21072]  ? __fget_files+0x3a0/0x420
[ 1181.263951][T21072]  ? __fget_files+0x2a/0x420
[ 1181.263991][T21072]  __ia32_compat_sys_preadv+0x1c6/0x2c0
[ 1181.264022][T21072]  ? __pfx___ia32_compat_sys_preadv+0x10/0x10
[ 1181.264062][T21072]  __do_fast_syscall_32+0x20d/0x640
[ 1181.264088][T21072]  ? do_fast_syscall_32+0x33/0x70
[ 1181.264111][T21072]  ? asm_int80_emulation+0x1a/0x20
[ 1181.264131][T21072]  ? do_int80_emulation+0x274/0x4d0
[ 1181.264154][T21072]  ? trace_irq_disable+0x3b/0x150
[ 1181.264190][T21072]  do_fast_syscall_32+0x33/0x70
[ 1181.264215][T21072]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1181.264240][T21072] RIP: 0023:0xf706ef6c
[ 1181.264259][T21072] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1181.264276][T21072] RSP: 002b:00000000f543c50c EFLAGS: 00000206 ORIG_RAX: 000000000000014d
[ 1181.264298][T21072] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080003240
[ 1181.264312][T21072] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000
[ 1181.264324][T21072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1181.264336][T21072] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1181.264348][T21072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1181.264379][T21072]  </TASK>
[ 1181.805018][T10545] usb 5-1: USB disconnect, device number 28
[ 1181.869711][T18370] usb 3-1: 0:2 : does not exist
[ 1181.904985][T21061] set match dimension is over the limit!
[ 1181.934571][T18370] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1181.996264][ T5146] Bluetooth: hci4: Opcode 0x0c03 failed: -71
[ 1182.040849][T18372] usb 1-1: USB disconnect, device number 7
[ 1182.219986][T18370] usb 3-1: USB disconnect, device number 14
[ 1182.343938][T12609] udevd[12609]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1182.728716][T21084] syzkaller0: entered allmulticast mode
[ 1183.010885][T18393] powermate: unknown product id 0240
[ 1183.016318][T18393] powermate: Expected payload of 3--6 bytes, found 64 bytes!
[ 1183.061424][T18393] input: Griffin SoundKnob as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input43
[ 1183.114179][    C1] powermate: config urb returned -71
[ 1183.120018][    C1] powermate: config urb returned -71
[ 1183.125704][    C1] powermate: config urb returned -71
[ 1183.131240][    C1] powermate: config urb returned -71
[ 1183.145927][T18393] usb 2-1: USB disconnect, device number 42
[ 1183.145972][    C1] powermate 2-1:0.0: powermate_irq - usb_submit_urb failed with result: -19
[ 1183.580399][T21101] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4176'.
[ 1183.589508][T21101] netlink: 'syz.0.4176': attribute type 15 has an invalid length.
[ 1183.597504][T21101] netlink: 'syz.0.4176': attribute type 18 has an invalid length.
[ 1184.328165][T11003] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1184.719997][T21129] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4183'.
[ 1185.559370][T21136] FAULT_INJECTION: forcing a failure.
[ 1185.559370][T21136] name failslab, interval 1, probability 0, space 0, times 0
[ 1185.574990][T21136] CPU: 0 UID: 0 PID: 21136 Comm: syz.1.4186 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1185.575023][T21136] Tainted: [L]=SOFTLOCKUP
[ 1185.575032][T21136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1185.575045][T21136] Call Trace:
[ 1185.575054][T21136]  <TASK>
[ 1185.575064][T21136]  dump_stack_lvl+0xe8/0x150
[ 1185.575099][T21136]  should_fail_ex+0x412/0x560
[ 1185.575134][T21136]  should_failslab+0xa8/0x100
[ 1185.575164][T21136]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1185.575187][T21136]  ? __alloc_skb+0x186/0x7d0
[ 1185.575207][T21136]  ? __alloc_skb+0x1d0/0x7d0
[ 1185.575225][T21136]  ? __local_bh_enable_ip+0xd0/0x130
[ 1185.575257][T21136]  __alloc_skb+0x1d0/0x7d0
[ 1185.575277][T21136]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[ 1185.575306][T21136]  netlink_sendmsg+0x5d4/0xb40
[ 1185.575348][T21136]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1185.575382][T21136]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1185.575423][T21136]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1185.575450][T21136]  ____sys_sendmsg+0x972/0x9f0
[ 1185.575483][T21136]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1185.575512][T21136]  ? kstrtoull+0x12f/0x1d0
[ 1185.575548][T21136]  ___sys_sendmsg+0x2a5/0x360
[ 1185.575577][T21136]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1185.575603][T21136]  ? get_pid_task+0x20/0x1f0
[ 1185.575623][T21136]  ? get_pid_task+0x20/0x1f0
[ 1185.575640][T21136]  ? get_pid_task+0x20/0x1f0
[ 1185.575686][T21136]  ? __fget_files+0x2a/0x420
[ 1185.575716][T21136]  ? __fget_files+0x3a0/0x420
[ 1185.575756][T21136]  __sys_sendmsg+0x183/0x260
[ 1185.575782][T21136]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1185.575827][T21136]  __do_fast_syscall_32+0x20d/0x640
[ 1185.575855][T21136]  ? do_fast_syscall_32+0x33/0x70
[ 1185.575877][T21136]  ? asm_int80_emulation+0x1a/0x20
[ 1185.575898][T21136]  ? do_int80_emulation+0x274/0x4d0
[ 1185.575921][T21136]  ? trace_irq_disable+0x3b/0x150
[ 1185.575956][T21136]  do_fast_syscall_32+0x33/0x70
[ 1185.575981][T21136]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1185.576011][T21136] RIP: 0023:0xf7fe4f6c
[ 1185.576030][T21136] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1185.576047][T21136] RSP: 002b:00000000f54a650c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1185.576068][T21136] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0
[ 1185.576082][T21136] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[ 1185.576094][T21136] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1185.576106][T21136] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1185.576119][T21136] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1185.576149][T21136]  </TASK>
[ 1186.617273][T21139] syzkaller0: entered allmulticast mode
[ 1187.368683][T21153] FAULT_INJECTION: forcing a failure.
[ 1187.368683][T21153] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1187.384314][T21153] CPU: 1 UID: 0 PID: 21153 Comm: syz.2.4193 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1187.384347][T21153] Tainted: [L]=SOFTLOCKUP
[ 1187.384356][T21153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1187.384369][T21153] Call Trace:
[ 1187.384378][T21153]  <TASK>
[ 1187.384388][T21153]  dump_stack_lvl+0xe8/0x150
[ 1187.384423][T21153]  should_fail_ex+0x412/0x560
[ 1187.384459][T21153]  fpu__restore_sig+0x233/0x1250
[ 1187.384498][T21153]  ? __pfx_fpu__restore_sig+0x10/0x10
[ 1187.384551][T21153]  ia32_restore_sigcontext+0x42b/0x580
[ 1187.384581][T21153]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1187.384604][T21153]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[ 1187.384646][T21153]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1187.384672][T21153]  __ia32_compat_sys_rt_sigreturn+0x1ad/0x270
[ 1187.384701][T21153]  ? __task_pid_nr_ns+0x28/0x470
[ 1187.384722][T21153]  ? __pfx___ia32_compat_sys_rt_sigreturn+0x10/0x10
[ 1187.384757][T21153]  ? asm_int80_emulation+0x1a/0x20
[ 1187.384783][T21153]  do_int80_emulation+0x173/0x4d0
[ 1187.384807][T21153]  ? trace_irq_disable+0x3b/0x150
[ 1187.384837][T21153]  ? asm_int80_emulation+0x1a/0x20
[ 1187.384856][T21153]  ? clear_bhb_loop+0x40/0x90
[ 1187.384878][T21153]  ? clear_bhb_loop+0x40/0x90
[ 1187.384903][T21153]  asm_int80_emulation+0x1a/0x20
[ 1187.384923][T21153] RIP: 0023:0xf7fb2f6a
[ 1187.384942][T21153] Code: 03 c9 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1187.384960][T21153] RSP: 002b:00000000f547650c EFLAGS: 00000206
[ 1187.384979][T21153] RAX: 000000000000017a RBX: 0000000000000003 RCX: 0000000080000080
[ 1187.384993][T21153] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 1187.385006][T21153] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[ 1187.385018][T21153] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1187.385029][T21153] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1187.385058][T21153]  </TASK>
[ 1187.970182][T21156] syzkaller0: entered promiscuous mode
[ 1187.983082][T21156] syzkaller0: entered allmulticast mode
[ 1188.183307][T21164] FAULT_INJECTION: forcing a failure.
[ 1188.183307][T21164] name failslab, interval 1, probability 0, space 0, times 0
[ 1188.216228][T21164] CPU: 0 UID: 0 PID: 21164 Comm: syz.0.4197 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1188.216263][T21164] Tainted: [L]=SOFTLOCKUP
[ 1188.216272][T21164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1188.216286][T21164] Call Trace:
[ 1188.216295][T21164]  <TASK>
[ 1188.216305][T21164]  dump_stack_lvl+0xe8/0x150
[ 1188.216341][T21164]  should_fail_ex+0x412/0x560
[ 1188.216378][T21164]  should_failslab+0xa8/0x100
[ 1188.216405][T21164]  ? skb_clone+0x212/0x3a0
[ 1188.216430][T21164]  kmem_cache_alloc_noprof+0x87/0x650
[ 1188.216453][T21164]  ? __netlink_lookup+0xc6/0x8b0
[ 1188.216481][T21164]  skb_clone+0x212/0x3a0
[ 1188.216509][T21164]  __netlink_deliver_tap+0x404/0x850
[ 1188.216551][T21164]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1188.216584][T21164]  netlink_deliver_tap+0x19c/0x1b0
[ 1188.216616][T21164]  netlink_unicast+0x7e3/0x9b0
[ 1188.216653][T21164]  ? __pfx_netlink_unicast+0x10/0x10
[ 1188.216684][T21164]  ? netlink_sendmsg+0x650/0xb40
[ 1188.216713][T21164]  ? skb_put+0x11b/0x210
[ 1188.216738][T21164]  netlink_sendmsg+0x813/0xb40
[ 1188.216779][T21164]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1188.216813][T21164]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1188.216845][T21164]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1188.216873][T21164]  ____sys_sendmsg+0x972/0x9f0
[ 1188.216907][T21164]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1188.216935][T21164]  ? kstrtoull+0x12f/0x1d0
[ 1188.216968][T21164]  ___sys_sendmsg+0x2a5/0x360
[ 1188.216998][T21164]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1188.217024][T21164]  ? get_pid_task+0x20/0x1f0
[ 1188.217044][T21164]  ? get_pid_task+0x20/0x1f0
[ 1188.217062][T21164]  ? get_pid_task+0x20/0x1f0
[ 1188.217117][T21164]  ? __fget_files+0x2a/0x420
[ 1188.217147][T21164]  ? __fget_files+0x3a0/0x420
[ 1188.217191][T21164]  __sys_sendmsg+0x183/0x260
[ 1188.217217][T21164]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1188.217260][T21164]  __do_fast_syscall_32+0x20d/0x640
[ 1188.217288][T21164]  ? do_fast_syscall_32+0x33/0x70
[ 1188.217310][T21164]  ? asm_int80_emulation+0x1a/0x20
[ 1188.217329][T21164]  ? do_int80_emulation+0x274/0x4d0
[ 1188.217350][T21164]  ? trace_irq_disable+0x3b/0x150
[ 1188.217384][T21164]  do_fast_syscall_32+0x33/0x70
[ 1188.217408][T21164]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1188.217433][T21164] RIP: 0023:0xf704ef6c
[ 1188.217451][T21164] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1188.217468][T21164] RSP: 002b:00000000f543d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1188.217490][T21164] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[ 1188.217504][T21164] RDX: 00000000240008c4 RSI: 0000000000000000 RDI: 0000000000000000
[ 1188.217517][T21164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1188.217528][T21164] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1188.217540][T21164] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1188.217571][T21164]  </TASK>
[ 1188.647866][T18398] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[ 1188.816271][T18398] usb 5-1: Using ep0 maxpacket: 8
[ 1188.824093][T18398] usb 5-1: config 162 has an invalid interface number: 84 but max is 2
[ 1188.839973][T18398] usb 5-1: config 162 has an invalid interface number: 3 but max is 2
[ 1188.849084][T18398] usb 5-1: config 162 has no interface number 0
[ 1188.855485][T18398] usb 5-1: config 162 has no interface number 1
[ 1188.862330][T18398] usb 5-1: config 162 interface 84 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1188.892872][T18398] usb 5-1: config 162 interface 2 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[ 1188.904129][T18398] usb 5-1: config 162 interface 2 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1188.916493][T18398] usb 5-1: config 162 interface 2 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[ 1188.928256][T18398] usb 5-1: config 162 interface 2 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[ 1188.938802][T18398] usb 5-1: config 162 interface 2 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[ 1188.952553][T18398] usb 5-1: config 162 interface 84 has no altsetting 0
[ 1188.959717][T18398] usb 5-1: config 162 interface 2 has no altsetting 0
[ 1188.966920][T18398] usb 5-1: config 162 interface 3 has no altsetting 0
[ 1188.975866][T18398] usb 5-1: New USB device found, idVendor=0e8d, idProduct=763f, bcdDevice=9b.23
[ 1188.988176][T18398] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1188.996401][T18398] usb 5-1: Product: syz
[ 1189.000610][T18398] usb 5-1: Manufacturer: syz
[ 1189.005268][T18398] usb 5-1: SerialNumber: syz
[ 1189.249827][T21163] set match dimension is over the limit!
[ 1191.419798][ T5146] Bluetooth: hci4: Opcode 0x0c03 failed: -71
[ 1191.476649][T18398] usb 5-1: USB disconnect, device number 29
[ 1191.751642][T21196] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4209'.
[ 1192.066168][T10545] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 1192.219697][T10545] usb 2-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1192.232648][T10545] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1192.253435][T10545] usb 2-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53
[ 1192.411104][T10545] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1192.456470][T10545] usb 2-1: config 0 descriptor??
[ 1192.617170][T21210] FAULT_INJECTION: forcing a failure.
[ 1192.617170][T21210] name failslab, interval 1, probability 0, space 0, times 0
[ 1192.619530][T21208] syzkaller0: entered promiscuous mode
[ 1192.639362][T21208] syzkaller0: entered allmulticast mode
[ 1192.679565][T21210] CPU: 0 UID: 0 PID: 21210 Comm: syz.3.4215 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1192.679601][T21210] Tainted: [L]=SOFTLOCKUP
[ 1192.679610][T21210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1192.679623][T21210] Call Trace:
[ 1192.679632][T21210]  <TASK>
[ 1192.679642][T21210]  dump_stack_lvl+0xe8/0x150
[ 1192.679682][T21210]  should_fail_ex+0x412/0x560
[ 1192.679708][T21210]  should_failslab+0xa8/0x100
[ 1192.679750][T21210]  __kmalloc_noprof+0xe8/0x760
[ 1192.679776][T21210]  ? security_sk_alloc+0x52/0x360
[ 1192.679804][T21210]  security_sk_alloc+0x52/0x360
[ 1192.679834][T21210]  sk_prot_alloc+0x101/0x210
[ 1192.679854][T21210]  sk_alloc+0x3a/0x390
[ 1192.679872][T21210]  inet_create+0x7a0/0x1000
[ 1192.679918][T21210]  ? inet_create+0x9c/0x1000
[ 1192.679948][T21210]  __sock_create+0x4b2/0x9d0
[ 1192.679994][T21210]  mptcp_subflow_create_socket+0xfb/0x800
[ 1192.680032][T21210]  ? aa_label_sk_perm+0x532/0x6e0
[ 1192.680073][T21210]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[ 1192.680104][T21210]  ? __pfx_aa_label_sk_perm+0x10/0x10
[ 1192.680135][T21210]  __mptcp_nmpc_sk+0x155/0x790
[ 1192.680163][T21210]  ? register_lock_class+0x31/0x2e0
[ 1192.680184][T21210]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[ 1192.680218][T21210]  ? __lock_acquire+0x6b5/0x2cf0
[ 1192.680253][T21210]  mptcp_connect+0x71/0x830
[ 1192.680278][T21210]  __inet_stream_connect+0x25a/0xdd0
[ 1192.680311][T21210]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1192.680329][T21210]  ? __pfx___inet_stream_connect+0x10/0x10
[ 1192.680349][T21210]  ? inet_stream_connect+0x51/0xa0
[ 1192.680385][T21210]  ? __local_bh_enable_ip+0xd0/0x130
[ 1192.680417][T21210]  inet_stream_connect+0x66/0xa0
[ 1192.680444][T21210]  __sys_connect+0x312/0x450
[ 1192.680470][T21210]  ? __pfx___sys_connect+0x10/0x10
[ 1192.680500][T21210]  __ia32_sys_connect+0x7a/0x90
[ 1192.680529][T21210]  __do_fast_syscall_32+0x20d/0x640
[ 1192.680557][T21210]  ? do_fast_syscall_32+0x33/0x70
[ 1192.680579][T21210]  ? asm_int80_emulation+0x1a/0x20
[ 1192.680599][T21210]  ? do_int80_emulation+0x274/0x4d0
[ 1192.680624][T21210]  ? trace_irq_disable+0x3b/0x150
[ 1192.680650][T21210]  do_fast_syscall_32+0x33/0x70
[ 1192.680668][T21210]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1192.680706][T21210] RIP: 0023:0xf706ef6c
[ 1192.680725][T21210] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1192.680742][T21210] RSP: 002b:00000000f545d50c EFLAGS: 00000206 ORIG_RAX: 000000000000016a
[ 1192.680763][T21210] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000
[ 1192.680781][T21210] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[ 1192.680790][T21210] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1192.680798][T21210] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1192.680807][T21210] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1192.680842][T21210]  </TASK>
[ 1193.320209][T10545] usb 2-1: string descriptor 0 read error: -71
[ 1193.531998][T10545] usb 2-1: USB disconnect, device number 43
[ 1193.544826][T21213] FAULT_INJECTION: forcing a failure.
[ 1193.544826][T21213] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1193.587801][T21213] CPU: 1 UID: 0 PID: 21213 Comm: syz.3.4216 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1193.587836][T21213] Tainted: [L]=SOFTLOCKUP
[ 1193.587844][T21213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1193.587856][T21213] Call Trace:
[ 1193.587932][T21213]  <TASK>
[ 1193.587958][T21213]  dump_stack_lvl+0xe8/0x150
[ 1193.588142][T21213]  should_fail_ex+0x412/0x560
[ 1193.588262][T21213]  _copy_from_user+0x2d/0xb0
[ 1193.588302][T21213]  get_compat_msghdr+0xb3/0x4c0
[ 1193.588431][T21213]  ? __lock_acquire+0x6b5/0x2cf0
[ 1193.588514][T21213]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1193.588537][T21213]  ? kstrtoull+0x12f/0x1d0
[ 1193.588573][T21213]  ___sys_sendmsg+0x201/0x360
[ 1193.588644][T21213]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1193.588671][T21213]  ? get_pid_task+0x20/0x1f0
[ 1193.588705][T21213]  ? get_pid_task+0x20/0x1f0
[ 1193.588723][T21213]  ? get_pid_task+0x20/0x1f0
[ 1193.588766][T21213]  ? __fget_files+0x2a/0x420
[ 1193.588849][T21213]  ? __fget_files+0x3a0/0x420
[ 1193.588889][T21213]  __sys_sendmsg+0x183/0x260
[ 1193.588915][T21213]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1193.588961][T21213]  __do_fast_syscall_32+0x20d/0x640
[ 1193.589059][T21213]  ? do_fast_syscall_32+0x33/0x70
[ 1193.589081][T21213]  ? asm_int80_emulation+0x1a/0x20
[ 1193.589147][T21213]  ? do_int80_emulation+0x274/0x4d0
[ 1193.589169][T21213]  ? trace_irq_disable+0x3b/0x150
[ 1193.589219][T21213]  do_fast_syscall_32+0x33/0x70
[ 1193.589244][T21213]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1193.589269][T21213] RIP: 0023:0xf706ef6c
[ 1193.589305][T21213] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1193.589323][T21213] RSP: 002b:00000000f545d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1193.589363][T21213] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[ 1193.589378][T21213] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1193.589390][T21213] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1193.589402][T21213] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1193.589415][T21213] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1193.589445][T21213]  </TASK>
[ 1194.153350][T21222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1194.185670][T21222] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1194.239206][T21222] set match dimension is over the limit!
[ 1194.246883][T21222] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 1194.356122][T18370] usb 2-1: new full-speed USB device number 44 using dummy_hcd
[ 1194.521586][T18370] usb 2-1: New USB device found, idVendor=1235, idProduct=8215, bcdDevice= 0.40
[ 1194.552490][T18370] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1194.580247][T18370] usb 2-1: Product: syz
[ 1194.593520][T18370] usb 2-1: Manufacturer: syz
[ 1194.600563][T18370] usb 2-1: SerialNumber: syz
[ 1194.843481][T18370] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found
[ 1194.858567][T18370] usb 2-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 1194.871627][T18370] usb 2-1: 0:3 : does not exist
[ 1194.878696][T18370] usb 2-1: 0:4 : does not exist
[ 1194.897357][T18370] usb 2-1: 0:5 : does not exist
[ 1194.902382][T18370] usb 2-1: 0:6 : does not exist
[ 1194.910829][T18370] usb 2-1: 0:7 : does not exist
[ 1194.921082][T18370] usb 2-1: 0:8 : does not exist
[ 1194.931782][T18370] usb 2-1: 0:9 : does not exist
[ 1194.943712][T18370] usb 2-1: 0:10 : does not exist
[ 1194.954655][T18370] usb 2-1: Focusrite Scarlett Gen 3 Mixer Driver enabled (pid=0x8215); report any issues to https://github.com/geoffreybennett/scarlett-gen2/issues
[ 1195.050222][T21241] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4227'.
[ 1195.070973][T18370] usb 2-1: Error initialising Scarlett Gen 3 Mixer Driver: -22
[ 1195.252689][T21249] netlink: 'syz.3.4232': attribute type 2 has an invalid length.
[ 1195.349122][T18370] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1195.427406][T18370] usb 2-1: USB disconnect, device number 44
[ 1195.535326][T21255] FAULT_INJECTION: forcing a failure.
[ 1195.535326][T21255] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1195.686227][T21255] CPU: 0 UID: 0 PID: 21255 Comm: syz.0.4233 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1195.686252][T21255] Tainted: [L]=SOFTLOCKUP
[ 1195.686258][T21255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1195.686268][T21255] Call Trace:
[ 1195.686275][T21255]  <TASK>
[ 1195.686282][T21255]  dump_stack_lvl+0xe8/0x150
[ 1195.686309][T21255]  should_fail_ex+0x412/0x560
[ 1195.686335][T21255]  _copy_from_user+0x2d/0xb0
[ 1195.686353][T21255]  get_compat_msghdr+0xb3/0x4c0
[ 1195.686371][T21255]  ? __lock_acquire+0x6b5/0x2cf0
[ 1195.686394][T21255]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1195.686410][T21255]  ? kstrtoull+0x12f/0x1d0
[ 1195.686436][T21255]  ___sys_sendmsg+0x201/0x360
[ 1195.686457][T21255]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1195.686476][T21255]  ? get_pid_task+0x20/0x1f0
[ 1195.686490][T21255]  ? get_pid_task+0x20/0x1f0
[ 1195.686503][T21255]  ? get_pid_task+0x20/0x1f0
[ 1195.686535][T21255]  ? __fget_files+0x2a/0x420
[ 1195.686557][T21255]  ? __fget_files+0x3a0/0x420
[ 1195.686586][T21255]  __sys_sendmsg+0x183/0x260
[ 1195.686604][T21255]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1195.686636][T21255]  __do_fast_syscall_32+0x20d/0x640
[ 1195.686659][T21255]  ? do_fast_syscall_32+0x33/0x70
[ 1195.686676][T21255]  ? asm_int80_emulation+0x1a/0x20
[ 1195.686690][T21255]  ? do_int80_emulation+0x274/0x4d0
[ 1195.686706][T21255]  ? trace_irq_disable+0x3b/0x150
[ 1195.686731][T21255]  do_fast_syscall_32+0x33/0x70
[ 1195.686749][T21255]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1195.686768][T21255] RIP: 0023:0xf704ef6c
[ 1195.686781][T21255] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1195.686794][T21255] RSP: 002b:00000000f543d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1195.686810][T21255] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080009b40
[ 1195.686821][T21255] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[ 1195.686830][T21255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1195.686838][T21255] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1195.686848][T21255] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1195.686868][T21255]  </TASK>
[ 1196.104728][T12646] udevd[12646]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1196.282262][T21261] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1196.303767][T21261] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1196.773919][T21274] netlink: 'syz.0.4240': attribute type 7 has an invalid length.
[ 1196.956534][T18370] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1197.038359][T21285] FAULT_INJECTION: forcing a failure.
[ 1197.038359][T21285] name failslab, interval 1, probability 0, space 0, times 0
[ 1197.056130][T21285] CPU: 1 UID: 0 PID: 21285 Comm: syz.0.4244 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1197.056164][T21285] Tainted: [L]=SOFTLOCKUP
[ 1197.056172][T21285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1197.056185][T21285] Call Trace:
[ 1197.056194][T21285]  <TASK>
[ 1197.056203][T21285]  dump_stack_lvl+0xe8/0x150
[ 1197.056237][T21285]  should_fail_ex+0x412/0x560
[ 1197.056273][T21285]  should_failslab+0xa8/0x100
[ 1197.056350][T21285]  __kmalloc_cache_noprof+0x88/0x660
[ 1197.056386][T21285]  ? snd_pcm_oss_change_params_locked+0x1da/0x3e00
[ 1197.056440][T21285]  ? __kmalloc_cache_noprof+0x15b/0x660
[ 1197.056460][T21285]  snd_pcm_oss_change_params_locked+0x1da/0x3e00
[ 1197.056484][T21285]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1197.056510][T21285]  ? rcu_is_watching+0x15/0xb0
[ 1197.056549][T21285]  ? trace_contention_end+0x3d/0x150
[ 1197.056573][T21285]  ? __mutex_lock+0x319/0x1300
[ 1197.056600][T21285]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1197.056625][T21285]  ? __pfx___mutex_lock+0x10/0x10
[ 1197.056650][T21285]  ? __fget_files+0x2a/0x420
[ 1197.056675][T21285]  snd_pcm_oss_get_active_substream+0x1e2/0x280
[ 1197.056703][T21285]  snd_pcm_oss_ioctl+0x89e/0xdf0
[ 1197.056726][T21285]  __ia32_compat_sys_ioctl+0x5ea/0x950
[ 1197.056759][T21285]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 1197.056779][T21285]  ? __fget_files+0x3a0/0x420
[ 1197.056805][T21285]  ? fput+0xa0/0xd0
[ 1197.056827][T21285]  ? ksys_write+0x242/0x270
[ 1197.056852][T21285]  __do_fast_syscall_32+0x20d/0x640
[ 1197.056872][T21285]  ? do_fast_syscall_32+0x33/0x70
[ 1197.056893][T21285]  ? asm_int80_emulation+0x1a/0x20
[ 1197.056908][T21285]  ? do_int80_emulation+0x274/0x4d0
[ 1197.056924][T21285]  ? trace_irq_disable+0x3b/0x150
[ 1197.056949][T21285]  do_fast_syscall_32+0x33/0x70
[ 1197.056967][T21285]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1197.056986][T21285] RIP: 0023:0xf704ef6c
[ 1197.057000][T21285] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1197.057013][T21285] RSP: 002b:00000000f543d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 1197.057030][T21285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080045005
[ 1197.057041][T21285] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1197.057050][T21285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1197.057059][T21285] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1197.057068][T21285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1197.057089][T21285]  </TASK>
[ 1197.320617][T18370] usb 3-1: Using ep0 maxpacket: 8
[ 1197.409783][T10545] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[ 1197.416364][T18370] usb 3-1: config 162 has an invalid interface number: 84 but max is 2
[ 1197.425670][T18370] usb 3-1: config 162 has an invalid interface number: 3 but max is 2
[ 1197.444694][T18370] usb 3-1: config 162 has no interface number 0
[ 1197.501833][T18370] usb 3-1: config 162 has no interface number 1
[ 1197.519632][T18370] usb 3-1: config 162 interface 84 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1197.596262][T10545] usb 5-1: Using ep0 maxpacket: 32
[ 1197.848058][T18370] usb 3-1: config 162 interface 2 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[ 1197.861200][T18370] usb 3-1: config 162 interface 2 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1197.873758][T18370] usb 3-1: config 162 interface 2 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[ 1197.887792][T18370] usb 3-1: config 162 interface 2 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[ 1197.910913][T10545] usb 5-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 1197.956832][T10545] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1197.977012][T10545] usb 5-1: Product: syz
[ 1197.981261][T10545] usb 5-1: Manufacturer: syz
[ 1197.985911][T10545] usb 5-1: SerialNumber: syz
[ 1198.014094][T10545] usb 5-1: config 0 descriptor??
[ 1198.026493][T21288] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4245'.
[ 1198.034285][T18370] usb 3-1: config 162 interface 2 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[ 1198.047303][T21288] bond0: option arp_all_targets: invalid value (172)
[ 1198.091339][T18370] usb 3-1: config 162 interface 84 has no altsetting 0
[ 1198.111031][T18370] usb 3-1: config 162 interface 2 has no altsetting 0
[ 1198.127691][T18370] usb 3-1: config 162 interface 3 has no altsetting 0
[ 1198.148303][T18370] usb 3-1: New USB device found, idVendor=0e8d, idProduct=763f, bcdDevice=9b.23
[ 1198.157599][T18370] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1198.179079][T18370] usb 3-1: Product: syz
[ 1198.187563][T18370] usb 3-1: Manufacturer: syz
[ 1198.198819][T18370] usb 3-1: SerialNumber: syz
[ 1198.261628][T21278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1198.282286][T21278] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1198.368594][T10545] airspy 5-1:0.0: usb_control_msg() failed -71 request 09
[ 1198.409309][T10545] airspy 5-1:0.0: Could not detect board
[ 1198.425052][T10545] airspy 5-1:0.0: probe with driver airspy failed with error -71
[ 1198.433853][T21272] set match dimension is over the limit!
[ 1198.452059][T21272] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 1198.466738][T10545] usb 5-1: USB disconnect, device number 30
[ 1198.610651][ T5146] Bluetooth: hci4: Opcode 0x0c03 failed: -71
[ 1198.636591][T18370] usb 3-1: USB disconnect, device number 15
[ 1199.072073][   T29] kauditd_printk_skb: 106 callbacks suppressed
[ 1199.072089][   T29] audit: type=1326 audit(1773674521.955:6205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21312 comm="syz.4.4254" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706ef6c code=0x0
[ 1199.168103][T18372] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1199.230234][T21316] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4255'.
[ 1199.344341][T18372] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1199.355935][T18372] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1199.368424][T18372] usb 2-1: config 0 descriptor??
[ 1199.377598][T18372] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1199.396604][T10545] usb 5-1: new full-speed USB device number 31 using dummy_hcd
[ 1199.596345][T13222] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1199.620187][T21320] tc_dump_action: action bad kind
[ 1199.627778][T10545] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 52, changing to 4
[ 1199.645865][T10545] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 13368, setting to 1023
[ 1199.672868][T10545] usb 5-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb
[ 1199.722888][T10545] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1199.751176][T13222] usb 3-1: Using ep0 maxpacket: 16
[ 1199.756760][T10545] usb 5-1: Product: syz
[ 1199.761060][T10545] usb 5-1: Manufacturer: syz
[ 1199.782114][T13222] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1199.800124][T10545] usb 5-1: SerialNumber: syz
[ 1199.832302][T13222] usb 3-1: config 102 has an invalid interface number: 21 but max is 0
[ 1199.843591][T10545] usb 5-1: config 0 descriptor??
[ 1199.849698][T13222] usb 3-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1199.860679][T13222] usb 3-1: config 102 has no interface number 0
[ 1199.870772][T13222] usb 3-1: config 102 interface 21 has no altsetting 0
[ 1199.882800][T13222] usb 3-1: New USB device found, idVendor=0421, idProduct=02e3, bcdDevice=e8.e7
[ 1199.896217][T13222] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1199.904893][T13222] usb 3-1: Product: syz
[ 1199.910013][T13222] usb 3-1: Manufacturer: syz
[ 1199.915035][T13222] usb 3-1: SerialNumber: syz
[ 1199.949356][T21322] tun0: tun_chr_ioctl cmd 1074025675
[ 1199.954745][T21322] tun0: persist enabled
[ 1199.963963][T21322] tun0: tun_chr_ioctl cmd 1074025675
[ 1199.973212][T21322] tun0: persist disabled
[ 1199.980011][T21322] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4258'.
[ 1200.078668][T10545] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input44
[ 1200.102041][T21325] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1200.140550][T21325] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1200.366403][T10545] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 1200.542409][T10545] usb 1-1: config 86 has an invalid descriptor of length 0, skipping remainder of the config
[ 1200.559027][T10545] usb 1-1: config 86 has 0 interfaces, different from the descriptor's value: 2
[ 1200.580548][T10545] usb 1-1: New USB device found, idVendor=0bb4, idProduct=0a44, bcdDevice= a.45
[ 1200.590305][T10545] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1200.601199][T10545] usb 1-1: Manufacturer: 笌↏밠面㐉贩㨟⧨Ꭳ녢錙텋꫎뵸﹈鎠렊│₷骑㦤㹘뎩⪲ﺊꞄ靴ꍿ㼘랾
[ 1200.622710][T18372] usb 2-1: USB disconnect, device number 45
[ 1200.896963][T21322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1200.905924][T21322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1200.939149][T10545] usb 1-1: USB disconnect, device number 8
[ 1200.963430][T13222] rndis_host 3-1:102.21: More than one union descriptor, skipping ...
[ 1200.976647][T13222] usb 3-1: bad CDC descriptors
[ 1201.097471][T13222] cdc_acm 3-1:102.21: More than one union descriptor, skipping ...
[ 1201.179798][T13222] usb 3-1: USB disconnect, device number 16
[ 1201.550357][T21339] openvswitch: netlink: Missing valid actions attribute.
[ 1201.559205][T21339] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1201.806226][T18374] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 1201.846933][T21341] ip6t_srh: unknown srh match flags  4000
[ 1201.916136][T13222] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 1201.956242][T18374] usb 1-1: Using ep0 maxpacket: 16
[ 1201.967135][T18374] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1201.989160][T18374] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1202.007764][T18374] usb 1-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[ 1202.025534][T18374] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1202.033190][T18374] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1202.042857][T18374] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1202.054249][T18374] usb 1-1: config 0 descriptor??
[ 1202.067351][T13222] usb 2-1: Using ep0 maxpacket: 8
[ 1202.085317][T13222] usb 2-1: config 162 has an invalid interface number: 84 but max is 2
[ 1202.103143][T13222] usb 2-1: config 162 has an invalid interface number: 3 but max is 2
[ 1202.114763][T10545] usb 5-1: USB disconnect, device number 31
[ 1202.130265][T13222] usb 2-1: config 162 has no interface number 0
[ 1202.140685][T21346] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1202.176105][T13222] usb 2-1: config 162 has no interface number 1
[ 1202.186450][T13222] usb 2-1: config 162 interface 84 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1202.232316][T13222] usb 2-1: config 162 interface 2 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[ 1202.259165][T13222] usb 2-1: config 162 interface 2 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1202.290740][T13222] usb 2-1: config 162 interface 2 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[ 1202.317300][T13222] usb 2-1: config 162 interface 2 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[ 1202.342131][T13222] usb 2-1: config 162 interface 2 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[ 1202.356382][T13222] usb 2-1: config 162 interface 84 has no altsetting 0
[ 1202.363322][T13222] usb 2-1: config 162 interface 2 has no altsetting 0
[ 1202.390724][T13222] usb 2-1: config 162 interface 3 has no altsetting 0
[ 1202.411158][T13222] usb 2-1: New USB device found, idVendor=0e8d, idProduct=763f, bcdDevice=9b.23
[ 1202.427375][T13222] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1202.440321][T13222] usb 2-1: Product: syz
[ 1202.451710][T13222] usb 2-1: Manufacturer: syz
[ 1202.462613][T13222] usb 2-1: SerialNumber: syz
[ 1202.755313][T21360] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4270'.
[ 1202.794364][T21338] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1202.814145][T21343] set match dimension is over the limit!
[ 1202.823389][T21338] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1202.890079][T21343] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 1202.954721][ T5146] Bluetooth: hci4: Opcode 0x0c03 failed: -71
[ 1203.011714][T18374] usbhid 1-1:0.0: can't add hid device: -71
[ 1203.020976][T18374] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1203.204970][T18374] usb 1-1: USB disconnect, device number 9
[ 1203.242483][T13222] usb 2-1: USB disconnect, device number 46
[ 1203.521164][   T29] audit: type=1800 audit(1773674526.405:6206): pid=21370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4272" name="bus" dev="tmpfs" ino=1924 res=0 errno=0
[ 1204.067335][T21377] FAULT_INJECTION: forcing a failure.
[ 1204.067335][T21377] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1204.112293][T21377] CPU: 0 UID: 0 PID: 21377 Comm: syz.3.4277 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1204.112326][T21377] Tainted: [L]=SOFTLOCKUP
[ 1204.112335][T21377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1204.112347][T21377] Call Trace:
[ 1204.112356][T21377]  <TASK>
[ 1204.112366][T21377]  dump_stack_lvl+0xe8/0x150
[ 1204.112402][T21377]  should_fail_ex+0x412/0x560
[ 1204.112437][T21377]  _copy_from_user+0x2d/0xb0
[ 1204.112462][T21377]  snd_seq_oss_write+0x5b1/0x8e0
[ 1204.112621][T21377]  ? __pfx_snd_seq_oss_write+0x10/0x10
[ 1204.112654][T21377]  ? apparmor_file_permission+0x1f4/0x300
[ 1204.112728][T21377]  ? security_file_permission+0x75/0x260
[ 1204.112758][T21377]  odev_write+0x5a/0x80
[ 1204.112782][T21377]  ? __pfx_odev_write+0x10/0x10
[ 1204.112808][T21377]  vfs_write+0x29a/0xb90
[ 1204.112840][T21377]  ? __pfx_vfs_write+0x10/0x10
[ 1204.112865][T21377]  ? __fget_files+0x2a/0x420
[ 1204.112897][T21377]  ? __fget_files+0x2a/0x420
[ 1204.112924][T21377]  ? __fget_files+0x3a0/0x420
[ 1204.112952][T21377]  ? __fget_files+0x2a/0x420
[ 1204.112988][T21377]  ksys_write+0x150/0x270
[ 1204.113012][T21377]  ? __pfx_ksys_write+0x10/0x10
[ 1204.113042][T21377]  __do_fast_syscall_32+0x20d/0x640
[ 1204.113069][T21377]  ? do_fast_syscall_32+0x33/0x70
[ 1204.113090][T21377]  ? asm_int80_emulation+0x1a/0x20
[ 1204.113108][T21377]  ? do_int80_emulation+0x274/0x4d0
[ 1204.113131][T21377]  ? trace_irq_disable+0x3b/0x150
[ 1204.113165][T21377]  do_fast_syscall_32+0x33/0x70
[ 1204.113190][T21377]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1204.113216][T21377] RIP: 0023:0xf706ef6c
[ 1204.113244][T21377] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1204.113262][T21377] RSP: 002b:00000000f545d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[ 1204.113284][T21377] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[ 1204.113299][T21377] RDX: 0000000000000233 RSI: 0000000000000000 RDI: 0000000000000000
[ 1204.113310][T21377] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1204.113322][T21377] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1204.113333][T21377] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1204.113361][T21377]  </TASK>
[ 1204.357719][T21379] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4276'.
[ 1204.368671][T21379] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4276'.
[ 1204.377935][T21379] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4276'.
[ 1204.492699][T21382] FAULT_INJECTION: forcing a failure.
[ 1204.492699][T21382] name failslab, interval 1, probability 0, space 0, times 0
[ 1204.516120][T21382] CPU: 1 UID: 0 PID: 21382 Comm: syz.3.4278 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1204.516154][T21382] Tainted: [L]=SOFTLOCKUP
[ 1204.516162][T21382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1204.516175][T21382] Call Trace:
[ 1204.516183][T21382]  <TASK>
[ 1204.516192][T21382]  dump_stack_lvl+0xe8/0x150
[ 1204.516229][T21382]  should_fail_ex+0x412/0x560
[ 1204.516266][T21382]  should_failslab+0xa8/0x100
[ 1204.516298][T21382]  __kmalloc_node_track_caller_noprof+0xeb/0x7b0
[ 1204.516326][T21382]  ? nf_tables_dump_set_start+0x49/0x80
[ 1204.516509][T21382]  kmemdup_noprof+0x2b/0x70
[ 1204.516564][T21382]  nf_tables_dump_set_start+0x49/0x80
[ 1204.516598][T21382]  __netlink_dump_start+0x469/0x7e0
[ 1204.516654][T21382]  ? nft_netlink_dump_start_rcu+0xb6/0x1a0
[ 1204.516683][T21382]  nft_netlink_dump_start_rcu+0xdb/0x1a0
[ 1204.516715][T21382]  nf_tables_getsetelem+0x33f/0x1150
[ 1204.516753][T21382]  ? stack_trace_save+0xa9/0x100
[ 1204.516786][T21382]  ? __pfx_nf_tables_getsetelem+0x10/0x10
[ 1204.516817][T21382]  ? __nla_validate_parse+0x2480/0x2dc0
[ 1204.516859][T21382]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1204.516883][T21382]  ? unwind_next_frame+0xa5/0x23c0
[ 1204.516954][T21382]  ? nfnl_pernet+0x23/0x240
[ 1204.516983][T21382]  ? __pfx_nf_tables_dump_set_start+0x10/0x10
[ 1204.517014][T21382]  ? __pfx_nf_tables_dump_set+0x10/0x10
[ 1204.517044][T21382]  ? __pfx_nf_tables_dump_set_done+0x10/0x10
[ 1204.517082][T21382]  ? __nla_parse+0x40/0x60
[ 1204.517104][T21382]  ? __pfx_nf_tables_getsetelem+0x10/0x10
[ 1204.517133][T21382]  nfnetlink_rcv_msg+0x8ae/0x12c0
[ 1204.517163][T21382]  ? nfnetlink_rcv_msg+0x229/0x12c0
[ 1204.517210][T21382]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1204.517292][T21382]  netlink_rcv_skb+0x232/0x4b0
[ 1204.517326][T21382]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1204.517358][T21382]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1204.517401][T21382]  ? bpf_lsm_capable+0x9/0x20
[ 1204.517446][T21382]  ? security_capable+0x7e/0x2c0
[ 1204.517485][T21382]  nfnetlink_rcv+0x2c0/0x27b0
[ 1204.517512][T21382]  ? is_bpf_text_address+0x26/0x2b0
[ 1204.517558][T21382]  ? is_bpf_text_address+0x292/0x2b0
[ 1204.517580][T21382]  ? is_bpf_text_address+0x26/0x2b0
[ 1204.517607][T21382]  ? kernel_text_address+0xa5/0xe0
[ 1204.517631][T21382]  ? __kernel_text_address+0xd/0x30
[ 1204.517654][T21382]  ? unwind_get_return_address+0x4d/0x90
[ 1204.517685][T21382]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1204.517707][T21382]  ? arch_stack_walk+0xfb/0x150
[ 1204.517805][T21382]  ? __lock_acquire+0x6b5/0x2cf0
[ 1204.517833][T21382]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1204.517862][T21382]  ? __pfx_stack_trace_save+0x10/0x10
[ 1204.517893][T21382]  ? __lock_acquire+0x6b5/0x2cf0
[ 1204.517929][T21382]  ? __lock_acquire+0x6b5/0x2cf0
[ 1204.517963][T21382]  ? __netlink_lookup+0xc6/0x8b0
[ 1204.517989][T21382]  ? __netlink_lookup+0x7e4/0x8b0
[ 1204.518019][T21382]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1204.518057][T21382]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1204.518098][T21382]  netlink_unicast+0x80f/0x9b0
[ 1204.518136][T21382]  ? __pfx_netlink_unicast+0x10/0x10
[ 1204.518168][T21382]  ? netlink_sendmsg+0x650/0xb40
[ 1204.518198][T21382]  ? skb_put+0x11b/0x210
[ 1204.518224][T21382]  netlink_sendmsg+0x813/0xb40
[ 1204.518266][T21382]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1204.518302][T21382]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1204.518337][T21382]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1204.518383][T21382]  ____sys_sendmsg+0x972/0x9f0
[ 1204.518424][T21382]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1204.518454][T21382]  ? kstrtoull+0x12f/0x1d0
[ 1204.518491][T21382]  ___sys_sendmsg+0x2a5/0x360
[ 1204.518523][T21382]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1204.518549][T21382]  ? get_pid_task+0x20/0x1f0
[ 1204.518570][T21382]  ? get_pid_task+0x20/0x1f0
[ 1204.518588][T21382]  ? get_pid_task+0x20/0x1f0
[ 1204.518636][T21382]  ? __fget_files+0x2a/0x420
[ 1204.518667][T21382]  ? __fget_files+0x3a0/0x420
[ 1204.518711][T21382]  __sys_sendmsg+0x183/0x260
[ 1204.518739][T21382]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1204.518794][T21382]  __do_fast_syscall_32+0x20d/0x640
[ 1204.518824][T21382]  ? do_fast_syscall_32+0x33/0x70
[ 1204.518849][T21382]  ? asm_int80_emulation+0x1a/0x20
[ 1204.518870][T21382]  ? do_int80_emulation+0x274/0x4d0
[ 1204.518894][T21382]  ? trace_irq_disable+0x3b/0x150
[ 1204.518928][T21382]  do_fast_syscall_32+0x33/0x70
[ 1204.518955][T21382]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1204.518982][T21382] RIP: 0023:0xf706ef6c
[ 1204.519002][T21382] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1204.519023][T21382] RSP: 002b:00000000f545d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 1204.519045][T21382] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[ 1204.519061][T21382] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1204.519074][T21382] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1204.519087][T21382] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1204.519100][T21382] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1204.519132][T21382]  </TASK>
[ 1205.346587][T21386] FAULT_INJECTION: forcing a failure.
[ 1205.346587][T21386] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1205.410681][T21386] CPU: 0 UID: 0 PID: 21386 Comm: syz.3.4280 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1205.410716][T21386] Tainted: [L]=SOFTLOCKUP
[ 1205.410725][T21386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1205.410748][T21386] Call Trace:
[ 1205.410758][T21386]  <TASK>
[ 1205.410767][T21386]  dump_stack_lvl+0xe8/0x150
[ 1205.410803][T21386]  should_fail_ex+0x412/0x560
[ 1205.410839][T21386]  strncpy_from_user+0x36/0x2b0
[ 1205.410870][T21386]  do_getname+0x77/0x250
[ 1205.410901][T21386]  __se_sys_mkdirat+0x24/0x150
[ 1205.410928][T21386]  __do_fast_syscall_32+0x20d/0x640
[ 1205.410955][T21386]  ? do_fast_syscall_32+0x33/0x70
[ 1205.410977][T21386]  ? asm_int80_emulation+0x1a/0x20
[ 1205.410996][T21386]  ? do_int80_emulation+0x274/0x4d0
[ 1205.411019][T21386]  ? trace_irq_disable+0x3b/0x150
[ 1205.411052][T21386]  do_fast_syscall_32+0x33/0x70
[ 1205.411076][T21386]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1205.411101][T21386] RIP: 0023:0xf706ef6c
[ 1205.411120][T21386] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1205.411138][T21386] RSP: 002b:00000000f545d378 EFLAGS: 00000206 ORIG_RAX: 0000000000000128
[ 1205.411160][T21386] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000000
[ 1205.411175][T21386] RDX: 00000000000001ff RSI: 0000000080000280 RDI: 0000000000000000
[ 1205.411187][T21386] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1205.411199][T21386] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1205.411211][T21386] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1205.411240][T21386]  </TASK>
[ 1205.636259][T18393] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1205.805019][T21396] FAULT_INJECTION: forcing a failure.
[ 1205.805019][T21396] name failslab, interval 1, probability 0, space 0, times 0
[ 1205.819596][T21396] CPU: 0 UID: 0 PID: 21396 Comm: syz.3.4284 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1205.819629][T21396] Tainted: [L]=SOFTLOCKUP
[ 1205.819638][T21396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1205.819651][T21396] Call Trace:
[ 1205.819660][T21396]  <TASK>
[ 1205.819669][T21396]  dump_stack_lvl+0xe8/0x150
[ 1205.819705][T21396]  should_fail_ex+0x412/0x560
[ 1205.819754][T21396]  should_failslab+0xa8/0x100
[ 1205.819785][T21396]  __kmalloc_cache_noprof+0x88/0x660
[ 1205.819811][T21396]  ? dev_ethtool+0x132/0x1ae0
[ 1205.819841][T21396]  dev_ethtool+0x132/0x1ae0
[ 1205.819871][T21396]  ? do_vfs_ioctl+0x1166/0x1530
[ 1205.819899][T21396]  ? __pfx_dev_ethtool+0x10/0x10
[ 1205.819932][T21396]  ? dev_load+0x21/0x1f0
[ 1205.820050][T21396]  ? dev_load+0x21/0x1f0
[ 1205.820083][T21396]  dev_ioctl+0x392/0x1150
[ 1205.820118][T21396]  compat_sock_ioctl+0xc4d/0xcb0
[ 1205.820152][T21396]  ? __pfx_compat_sock_ioctl+0x10/0x10
[ 1205.820183][T21396]  ? __fget_files+0x3a0/0x420
[ 1205.820212][T21396]  ? __fget_files+0x2a/0x420
[ 1205.820246][T21396]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[ 1205.820278][T21396]  __ia32_compat_sys_ioctl+0x5ea/0x950
[ 1205.820308][T21396]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 1205.820338][T21396]  ? __fget_files+0x3a0/0x420
[ 1205.820375][T21396]  ? fput+0xa0/0xd0
[ 1205.820405][T21396]  ? ksys_write+0x242/0x270
[ 1205.820441][T21396]  __do_fast_syscall_32+0x20d/0x640
[ 1205.820469][T21396]  ? do_fast_syscall_32+0x33/0x70
[ 1205.820505][T21396]  ? asm_int80_emulation+0x1a/0x20
[ 1205.820526][T21396]  ? do_int80_emulation+0x274/0x4d0
[ 1205.820550][T21396]  ? trace_irq_disable+0x3b/0x150
[ 1205.820585][T21396]  do_fast_syscall_32+0x33/0x70
[ 1205.820610][T21396]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1205.820636][T21396] RIP: 0023:0xf706ef6c
[ 1205.820656][T21396] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 1205.820675][T21396] RSP: 002b:00000000f545d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 1205.820699][T21396] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008946
[ 1205.820713][T21396] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1205.820726][T21396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1205.820739][T21396] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1205.820751][T21396] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1205.820780][T21396]  </TASK>
[ 1205.846283][T18393] usb 1-1: Using ep0 maxpacket: 8
[ 1206.088871][T18393] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[ 1206.100958][T18393] usb 1-1: config 179 has no interface number 0
[ 1206.107651][T18393] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1206.119555][T18393] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1206.131084][T18393] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1206.142616][T18393] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1206.195359][T18393] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1206.246347][T18393] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1206.266396][T18393] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1206.298684][T21384] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1206.651595][   T29] audit: type=1326 audit(1773674529.535:6207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21406 comm="syz.1.4288" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4f6c code=0x7ffc0000
[ 1206.686644][   T29] audit: type=1326 audit(1773674529.535:6208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21406 comm="syz.1.4288" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4f6c code=0x7ffc0000
[ 1206.736386][T18374] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[ 1206.767966][   T29] audit: type=1326 audit(1773674529.535:6209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21406 comm="syz.1.4288" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf71e5cab code=0x7ffc0000
[ 1206.844336][   T29] audit: type=1326 audit(1773674529.535:6210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21406 comm="syz.1.4288" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4f6c code=0x7ffc0000
[ 1206.899893][T18374] usb 5-1: Using ep0 maxpacket: 8
[ 1206.916265][   T29] audit: type=1326 audit(1773674529.535:6211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21406 comm="syz.1.4288" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4f6c code=0x7ffc0000
[ 1206.947660][T18374] usb 5-1: config 162 has an invalid interface number: 84 but max is 2
[ 1206.966063][T18374] usb 5-1: config 162 has an invalid interface number: 3 but max is 2
[ 1206.984909][T18374] usb 5-1: config 162 has no interface number 0
[ 1207.016063][T18374] usb 5-1: config 162 has no interface number 1
[ 1207.022511][   T29] audit: type=1326 audit(1773674529.535:6212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21406 comm="syz.1.4288" exe="/root/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7fe4f6c code=0x7ffc0000
[ 1207.044980][T18374] usb 5-1: config 162 interface 84 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1207.078899][T18374] usb 5-1: config 162 interface 2 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[ 1207.090274][   T29] audit: type=1326 audit(1773674529.535:6213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21406 comm="syz.1.4288" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4f6c code=0x7ffc0000
[ 1207.136728][T18374] usb 5-1: config 162 interface 2 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1207.192590][T18374] usb 5-1: config 162 interface 2 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[ 1207.204763][   T29] audit: type=1326 audit(1773674529.535:6214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21406 comm="syz.1.4288" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4f6c code=0x7ffc0000
[ 1207.248867][T18374] usb 5-1: config 162 interface 2 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[ 1207.278251][T18374] usb 5-1: config 162 interface 2 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[ 1207.302054][   T29] audit: type=1326 audit(1773674529.535:6215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21406 comm="syz.1.4288" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe4f6c code=0x7ffc0000
[ 1207.327347][T18374] usb 5-1: config 162 interface 84 has no altsetting 0
[ 1207.334299][T18374] usb 5-1: config 162 interface 2 has no altsetting 0
[ 1207.342215][T18374] usb 5-1: config 162 interface 3 has no altsetting 0
[ 1207.349534][   T29] audit: type=1326 audit(1773674529.535:6216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21406 comm="syz.1.4288" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4f6c code=0x7ffc0000
[ 1207.375881][T18374] usb 5-1: New USB device found, idVendor=0e8d, idProduct=763f, bcdDevice=9b.23
[ 1207.397075][T18372] usb 1-1: USB disconnect, device number 10
[ 1207.397817][    C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1207.411409][    C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1207.420702][    C1] ==================================================================
[ 1207.428848][T18374] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1207.428860][    C1] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x28b/0x2f0
[ 1207.444715][    C1] Read of size 4 at addr ffff88807228f05c by task udevd/5196
[ 1207.452116][    C1] 
[ 1207.454534][    C1] CPU: 1 UID: 0 PID: 5196 Comm: udevd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1207.454611][    C1] Tainted: [L]=SOFTLOCKUP
[ 1207.454619][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1207.454630][    C1] Call Trace:
[ 1207.454638][    C1]  <IRQ>
[ 1207.454645][    C1]  dump_stack_lvl+0xe8/0x150
[ 1207.454673][    C1]  print_report+0xba/0x230
[ 1207.454702][    C1]  ? do_raw_spin_lock+0x28b/0x2f0
[ 1207.454719][    C1]  kasan_report+0x117/0x150
[ 1207.454740][    C1]  ? do_raw_spin_lock+0x28b/0x2f0
[ 1207.454759][    C1]  do_raw_spin_lock+0x28b/0x2f0
[ 1207.454775][    C1]  ? lock_acquire+0xf0/0x2e0
[ 1207.454794][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1207.454814][    C1]  _raw_spin_lock_irqsave+0x4c/0x60
[ 1207.454841][    C1]  __wake_up_common_lock+0x2f/0x1f0
[ 1207.454861][    C1]  __usb_hcd_giveback_urb+0x3b0/0x540
[ 1207.454919][    C1]  dummy_timer+0xbbd/0x45d0
[ 1207.454969][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1207.454999][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1207.455025][    C1]  ? __pfx_dummy_timer+0x10/0x10
[ 1207.455048][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1207.455072][    C1]  ? __pfx_dummy_timer+0x10/0x10
[ 1207.455094][    C1]  ? __pfx_dummy_timer+0x10/0x10
[ 1207.455115][    C1]  __hrtimer_run_queues+0x53a/0xcc0
[ 1207.455165][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1207.455186][    C1]  ? ktime_get_update_offsets_now+0x3b2/0x3d0
[ 1207.455210][    C1]  hrtimer_run_softirq+0x182/0x5a0
[ 1207.455236][    C1]  handle_softirqs+0x22a/0x870
[ 1207.455272][    C1]  ? __irq_exit_rcu+0x5f/0x150
[ 1207.455296][    C1]  __irq_exit_rcu+0x5f/0x150
[ 1207.455316][    C1]  irq_exit_rcu+0x9/0x30
[ 1207.455335][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1207.455352][    C1]  </IRQ>
[ 1207.455358][    C1]  <TASK>
[ 1207.455365][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1207.455382][    C1] RIP: 0010:lock_acquire+0x20b/0x2e0
[ 1207.455405][    C1] Code: e9 30 ff ff ff e8 95 b6 0c 0a f7 c3 00 02 00 00 0f 84 38 ff ff ff 65 48 8b 05 11 74 7a 11 48 3b 44 24 30 75 33 fb 48 83 c4 38 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d 4e 62 73
[ 1207.455419][    C1] RSP: 0018:ffffc90003007438 EFLAGS: 00000282
[ 1207.455435][    C1] RAX: 6a9601330fd3fa00 RBX: 0000000000000246 RCX: 0000000000000046
[ 1207.455447][    C1] RDX: 00000000617de5e9 RSI: ffffffff8e167641 RDI: ffffffff8c27be00
[ 1207.455460][    C1] RBP: 0000000000000000 R08: ffffffff81767e95 R09: ffffffff8e75e520
[ 1207.455472][    C1] R10: ffffc90003007598 R11: ffffffff81b0c240 R12: 0000000000000002
[ 1207.455483][    C1] R13: ffffffff8e75e520 R14: 0000000000000000 R15: 0000000000000000
[ 1207.455496][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1207.455515][    C1]  ? unwind_next_frame+0xa5/0x23c0
[ 1207.455542][    C1]  ? tomoyo_path_perm+0x403/0x560
[ 1207.455564][    C1]  ? unwind_next_frame+0xa5/0x23c0
[ 1207.455587][    C1]  unwind_next_frame+0xc2/0x23c0
[ 1207.455610][    C1]  ? unwind_next_frame+0xa5/0x23c0
[ 1207.455635][    C1]  ? unwind_next_frame+0xa5/0x23c0
[ 1207.455658][    C1]  ? kfree+0x1c1/0x630
[ 1207.455672][    C1]  ? tomoyo_path_perm+0x403/0x560
[ 1207.455692][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1207.455710][    C1]  arch_stack_walk+0x11b/0x150
[ 1207.455736][    C1]  ? tomoyo_path_perm+0x403/0x560
[ 1207.455757][    C1]  stack_trace_save+0xa9/0x100
[ 1207.455774][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1207.455791][    C1]  ? string+0x279/0x2b0
[ 1207.455815][    C1]  kasan_save_track+0x3e/0x80
[ 1207.455831][    C1]  ? kasan_save_track+0x3e/0x80
[ 1207.455847][    C1]  ? kasan_save_free_info+0x46/0x50
[ 1207.455870][    C1]  ? __kasan_slab_free+0x5c/0x80
[ 1207.455887][    C1]  ? kfree+0x1c1/0x630
[ 1207.455900][    C1]  ? tomoyo_path_perm+0x403/0x560
[ 1207.455939][    C1]  kasan_save_free_info+0x46/0x50
[ 1207.455962][    C1]  __kasan_slab_free+0x5c/0x80
[ 1207.455980][    C1]  kfree+0x1c1/0x630
[ 1207.455994][    C1]  ? tomoyo_path_perm+0x403/0x560
[ 1207.456022][    C1]  ? tomoyo_path_permission+0x2a4/0x380
[ 1207.456047][    C1]  tomoyo_path_perm+0x403/0x560
[ 1207.456068][    C1]  ? tomoyo_path_perm+0x251/0x560
[ 1207.456087][    C1]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 1207.456126][    C1]  security_inode_getattr+0x12b/0x310
[ 1207.456144][    C1]  vfs_getattr+0x23/0x70
[ 1207.456167][    C1]  vfs_statx_path+0x2b/0x230
[ 1207.456190][    C1]  ? vfs_statx+0x107/0x200
[ 1207.456211][    C1]  vfs_statx+0x12e/0x200
[ 1207.456233][    C1]  ? __pfx_vfs_statx+0x10/0x10
[ 1207.456253][    C1]  ? strncpy_from_user+0x150/0x2b0
[ 1207.456275][    C1]  ? do_getname+0x151/0x250
[ 1207.456297][    C1]  vfs_fstatat+0x11b/0x170
[ 1207.456319][    C1]  __x64_sys_newfstatat+0x151/0x200
[ 1207.456342][    C1]  ? __pfx___x64_sys_newfstatat+0x10/0x10
[ 1207.456372][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1207.456399][    C1]  do_syscall_64+0x14d/0xf80
[ 1207.456416][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1207.456433][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1207.456451][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1207.456467][    C1] RIP: 0033:0x7f0e94711b0a
[ 1207.456481][    C1] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7
[ 1207.456495][    C1] RSP: 002b:00007ffdcac12158 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
[ 1207.456514][    C1] RAX: ffffffffffffffda RBX: 000055b0a3eba408 RCX: 00007f0e94711b0a
[ 1207.456526][    C1] RDX: 00007ffdcac12160 RSI: 000055b0a3ea8ef3 RDI: 00000000ffffff9c
[ 1207.456537][    C1] RBP: 000055b0a674f148 R08: 00063489548db180 R09: 3fffffffffffffff
[ 1207.456550][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1207.456560][    C1] R13: 00007ffdcac12160 R14: 0000000000000000 R15: 00063489548db180
[ 1207.456578][    C1]  </TASK>
[ 1207.456584][    C1] 
[ 1208.007130][    C1] Allocated by task 18393:
[ 1208.011622][    C1]  kasan_save_track+0x3e/0x80
[ 1208.016319][    C1]  __kasan_kmalloc+0x93/0xb0
[ 1208.020919][    C1]  __kmalloc_cache_noprof+0x31c/0x660
[ 1208.026402][    C1]  xpad_probe+0x428/0x1fc0
[ 1208.030932][    C1]  usb_probe_interface+0x668/0xc90
[ 1208.036104][    C1]  really_probe+0x267/0xaf0
[ 1208.040717][    C1]  __driver_probe_device+0x18c/0x320
[ 1208.046030][    C1]  driver_probe_device+0x4f/0x240
[ 1208.051079][    C1]  __device_attach_driver+0x279/0x430
[ 1208.056470][    C1]  bus_for_each_drv+0x258/0x2f0
[ 1208.061330][    C1]  __device_attach+0x2c5/0x450
[ 1208.066121][    C1]  device_initial_probe+0xa1/0xd0
[ 1208.071185][    C1]  bus_probe_device+0x12a/0x220
[ 1208.076048][    C1]  device_add+0x7b6/0xb70
[ 1208.080477][    C1]  usb_set_configuration+0x1a87/0x2110
[ 1208.085957][    C1]  usb_generic_driver_probe+0x8d/0x150
[ 1208.091515][    C1]  usb_probe_device+0x1c4/0x3b0
[ 1208.096391][    C1]  really_probe+0x267/0xaf0
[ 1208.100924][    C1]  __driver_probe_device+0x18c/0x320
[ 1208.106232][    C1]  driver_probe_device+0x4f/0x240
[ 1208.111300][    C1]  __device_attach_driver+0x279/0x430
[ 1208.116699][    C1]  bus_for_each_drv+0x258/0x2f0
[ 1208.121582][    C1]  __device_attach+0x2c5/0x450
[ 1208.126372][    C1]  device_initial_probe+0xa1/0xd0
[ 1208.131418][    C1]  bus_probe_device+0x12a/0x220
[ 1208.136288][    C1]  device_add+0x7b6/0xb70
[ 1208.140646][    C1]  usb_new_device+0xa08/0x16f0
[ 1208.145426][    C1]  hub_event+0x2a1c/0x4f30
[ 1208.149866][    C1]  process_scheduled_works+0xb6e/0x18c0
[ 1208.155433][    C1]  worker_thread+0xa53/0xfc0
[ 1208.160047][    C1]  kthread+0x388/0x470
[ 1208.164129][    C1]  ret_from_fork+0x51e/0xb90
[ 1208.168742][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1208.173529][    C1] 
[ 1208.175864][    C1] Freed by task 18372:
[ 1208.179941][    C1]  kasan_save_track+0x3e/0x80
[ 1208.184668][    C1]  kasan_save_free_info+0x46/0x50
[ 1208.189723][    C1]  __kasan_slab_free+0x5c/0x80
[ 1208.194590][    C1]  kfree+0x1c1/0x630
[ 1208.198496][    C1]  xpad_disconnect+0x350/0x480
[ 1208.203276][    C1]  usb_unbind_interface+0x26e/0x910
[ 1208.208496][    C1]  device_release_driver_internal+0x4d9/0x860
[ 1208.214590][    C1]  bus_remove_device+0x34d/0x440
[ 1208.219565][    C1]  device_del+0x527/0x8f0
[ 1208.223907][    C1]  usb_disable_device+0x3d4/0x8d0
[ 1208.228943][    C1]  usb_disconnect+0x32f/0x990
[ 1208.233722][    C1]  hub_event+0x1cc9/0x4f30
[ 1208.238161][    C1]  process_scheduled_works+0xb6e/0x18c0
[ 1208.243729][    C1]  worker_thread+0xa53/0xfc0
[ 1208.248342][    C1]  kthread+0x388/0x470
[ 1208.252426][    C1]  ret_from_fork+0x51e/0xb90
[ 1208.257032][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1208.261821][    C1] 
[ 1208.264157][    C1] The buggy address belongs to the object at ffff88807228f000
[ 1208.264157][    C1]  which belongs to the cache kmalloc-1k of size 1024
[ 1208.278318][    C1] The buggy address is located 92 bytes inside of
[ 1208.278318][    C1]  freed 1024-byte region [ffff88807228f000, ffff88807228f400)
[ 1208.292135][    C1] 
[ 1208.294557][    C1] The buggy address belongs to the physical page:
[ 1208.301001][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x72288
[ 1208.309806][    C1] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1208.318319][    C1] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1208.325906][    C1] page_type: f5(slab)
[ 1208.329909][    C1] raw: 00fff00000000040 ffff88813fea5dc0 dead000000000100 dead000000000122
[ 1208.338514][    C1] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 1208.347129][    C1] head: 00fff00000000040 ffff88813fea5dc0 dead000000000100 dead000000000122
[ 1208.355844][    C1] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 1208.364568][    C1] head: 00fff00000000003 ffffea0001c8a201 00000000ffffffff 00000000ffffffff
[ 1208.373291][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1208.381984][    C1] page dumped because: kasan: bad access detected
[ 1208.388427][    C1] page_owner tracks the page as allocated
[ 1208.394178][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1399, tgid 1399 (kworker/u8:10), ts 802320350594, free_ts 801706715880
[ 1208.415300][    C1]  post_alloc_hook+0x231/0x280
[ 1208.420090][    C1]  get_page_from_freelist+0x24dc/0x2580
[ 1208.425664][    C1]  __alloc_frozen_pages_noprof+0x18d/0x380
[ 1208.431481][    C1]  allocate_slab+0x77/0x660
[ 1208.436002][    C1]  refill_objects+0x331/0x3c0
[ 1208.440699][    C1]  __pcs_replace_empty_main+0x2e6/0x730
[ 1208.446269][    C1]  __kmalloc_noprof+0x474/0x760
[ 1208.451147][    C1]  ieee802_11_parse_elems_full+0x159/0x2ab0
[ 1208.457184][    C1]  ieee80211_inform_bss+0x161/0x1160
[ 1208.462608][    C1]  cfg80211_inform_single_bss_data+0xd08/0x1b70
[ 1208.468929][    C1]  cfg80211_inform_bss_data+0x266/0x3c40
[ 1208.474585][    C1]  cfg80211_inform_bss_frame_data+0x3c7/0x760
[ 1208.481020][    C1]  ieee80211_bss_info_update+0x794/0xa40
[ 1208.486673][    C1]  ieee80211_ibss_rx_queued_mgmt+0x1901/0x2cd0
[ 1208.492910][    C1]  ieee80211_iface_work+0x84e/0x1340
[ 1208.498216][    C1]  cfg80211_wiphy_work+0x2ab/0x4a0
[ 1208.503425][    C1] page last free pid 144 tgid 144 stack trace:
[ 1208.509583][    C1]  __free_frozen_pages+0xc2b/0xdb0
[ 1208.514711][    C1]  __slab_free+0x263/0x2b0
[ 1208.519139][    C1]  qlist_free_all+0x97/0x100
[ 1208.523738][    C1]  kasan_quarantine_reduce+0x148/0x160
[ 1208.529208][    C1]  __kasan_slab_alloc+0x22/0x80
[ 1208.534074][    C1]  __kmalloc_cache_noprof+0x2ba/0x660
[ 1208.539463][    C1]  netdevice_event+0x3cb/0x8f0
[ 1208.544408][    C1]  notifier_call_chain+0x1be/0x400
[ 1208.549562][    C1]  unregister_netdevice_many_notify+0x186a/0x2370
[ 1208.556036][    C1]  unregister_netdevice_queue+0x31f/0x360
[ 1208.561797][    C1]  nsim_destroy+0x1e5/0x680
[ 1208.566437][    C1]  __nsim_dev_port_del+0x14d/0x1b0
[ 1208.571570][    C1]  nsim_dev_reload_destroy+0x288/0x490
[ 1208.577048][    C1]  nsim_dev_reload_down+0x8a/0xc0
[ 1208.582085][    C1]  devlink_reload+0x1d1/0x8d0
[ 1208.586840][    C1]  devlink_pernet_pre_exit+0x1e6/0x3f0
[ 1208.592309][    C1] 
[ 1208.594646][    C1] Memory state around the buggy address:
[ 1208.600334][    C1]  ffff88807228ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1208.608411][    C1]  ffff88807228ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1208.616497][    C1] >ffff88807228f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1208.624653][    C1]                                                     ^
[ 1208.631599][    C1]  ffff88807228f080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1208.639673][    C1]  ffff88807228f100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1208.647748][    C1] ==================================================================
[ 1208.655872][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1208.663095][    C1] CPU: 1 UID: 0 PID: 5196 Comm: udevd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1208.673611][    C1] Tainted: [L]=SOFTLOCKUP
[ 1208.677947][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1208.688019][    C1] Call Trace:
[ 1208.691318][    C1]  <IRQ>
[ 1208.694180][    C1]  vpanic+0x56c/0xa60
[ 1208.698190][    C1]  ? __pfx_vpanic+0x10/0x10
[ 1208.702896][    C1]  panic+0xc5/0xd0
[ 1208.706642][    C1]  ? __pfx_panic+0x10/0x10
[ 1208.711083][    C1]  ? do_raw_spin_lock+0x28b/0x2f0
[ 1208.716125][    C1]  ? do_raw_spin_lock+0x28b/0x2f0
[ 1208.721169][    C1]  ? do_raw_spin_lock+0x28b/0x2f0
[ 1208.726211][    C1]  check_panic_on_warn+0x89/0xb0
[ 1208.731262][    C1]  ? do_raw_spin_lock+0x28b/0x2f0
[ 1208.736478][    C1]  end_report+0x73/0x180
[ 1208.740843][    C1]  ? do_raw_spin_lock+0x28b/0x2f0
[ 1208.745912][    C1]  kasan_report+0x128/0x150
[ 1208.750446][    C1]  ? do_raw_spin_lock+0x28b/0x2f0
[ 1208.755494][    C1]  do_raw_spin_lock+0x28b/0x2f0
[ 1208.760360][    C1]  ? lock_acquire+0xf0/0x2e0
[ 1208.764970][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1208.770363][    C1]  _raw_spin_lock_irqsave+0x4c/0x60
[ 1208.775590][    C1]  __wake_up_common_lock+0x2f/0x1f0
[ 1208.780813][    C1]  __usb_hcd_giveback_urb+0x3b0/0x540
[ 1208.786219][    C1]  dummy_timer+0xbbd/0x45d0
[ 1208.790770][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1208.795755][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1208.801158][    C1]  ? __pfx_dummy_timer+0x10/0x10
[ 1208.806124][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1208.811955][    C1]  ? __pfx_dummy_timer+0x10/0x10
[ 1208.816912][    C1]  ? __pfx_dummy_timer+0x10/0x10
[ 1208.821902][    C1]  __hrtimer_run_queues+0x53a/0xcc0
[ 1208.827140][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1208.832881][    C1]  ? ktime_get_update_offsets_now+0x3b2/0x3d0
[ 1208.838973][    C1]  hrtimer_run_softirq+0x182/0x5a0
[ 1208.844111][    C1]  handle_softirqs+0x22a/0x870
[ 1208.848900][    C1]  ? __irq_exit_rcu+0x5f/0x150
[ 1208.853695][    C1]  __irq_exit_rcu+0x5f/0x150
[ 1208.858306][    C1]  irq_exit_rcu+0x9/0x30
[ 1208.862569][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1208.868221][    C1]  </IRQ>
[ 1208.871171][    C1]  <TASK>
[ 1208.874142][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1208.880144][    C1] RIP: 0010:lock_acquire+0x20b/0x2e0
[ 1208.885453][    C1] Code: e9 30 ff ff ff e8 95 b6 0c 0a f7 c3 00 02 00 00 0f 84 38 ff ff ff 65 48 8b 05 11 74 7a 11 48 3b 44 24 30 75 33 fb 48 83 c4 38 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d 4e 62 73
[ 1208.905079][    C1] RSP: 0018:ffffc90003007438 EFLAGS: 00000282
[ 1208.911172][    C1] RAX: 6a9601330fd3fa00 RBX: 0000000000000246 RCX: 0000000000000046
[ 1208.919162][    C1] RDX: 00000000617de5e9 RSI: ffffffff8e167641 RDI: ffffffff8c27be00
[ 1208.927162][    C1] RBP: 0000000000000000 R08: ffffffff81767e95 R09: ffffffff8e75e520
[ 1208.935147][    C1] R10: ffffc90003007598 R11: ffffffff81b0c240 R12: 0000000000000002
[ 1208.943132][    C1] R13: ffffffff8e75e520 R14: 0000000000000000 R15: 0000000000000000
[ 1208.951123][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1208.957328][    C1]  ? unwind_next_frame+0xa5/0x23c0
[ 1208.962479][    C1]  ? tomoyo_path_perm+0x403/0x560
[ 1208.967532][    C1]  ? unwind_next_frame+0xa5/0x23c0
[ 1208.972678][    C1]  unwind_next_frame+0xc2/0x23c0
[ 1208.977658][    C1]  ? unwind_next_frame+0xa5/0x23c0
[ 1208.982792][    C1]  ? unwind_next_frame+0xa5/0x23c0
[ 1208.987930][    C1]  ? kfree+0x1c1/0x630
[ 1208.992014][    C1]  ? tomoyo_path_perm+0x403/0x560
[ 1208.997061][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1209.003244][    C1]  arch_stack_walk+0x11b/0x150
[ 1209.008040][    C1]  ? tomoyo_path_perm+0x403/0x560
[ 1209.013092][    C1]  stack_trace_save+0xa9/0x100
[ 1209.017878][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1209.023267][    C1]  ? string+0x279/0x2b0
[ 1209.027450][    C1]  kasan_save_track+0x3e/0x80
[ 1209.032262][    C1]  ? kasan_save_track+0x3e/0x80
[ 1209.037127][    C1]  ? kasan_save_free_info+0x46/0x50
[ 1209.042344][    C1]  ? __kasan_slab_free+0x5c/0x80
[ 1209.047739][    C1]  ? kfree+0x1c1/0x630
[ 1209.051848][    C1]  ? tomoyo_path_perm+0x403/0x560
[ 1209.056937][    C1]  kasan_save_free_info+0x46/0x50
[ 1209.062004][    C1]  __kasan_slab_free+0x5c/0x80
[ 1209.066799][    C1]  kfree+0x1c1/0x630
[ 1209.070714][    C1]  ? tomoyo_path_perm+0x403/0x560
[ 1209.075760][    C1]  ? tomoyo_path_permission+0x2a4/0x380
[ 1209.081333][    C1]  tomoyo_path_perm+0x403/0x560
[ 1209.086205][    C1]  ? tomoyo_path_perm+0x251/0x560
[ 1209.091273][    C1]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 1209.096683][    C1]  security_inode_getattr+0x12b/0x310
[ 1209.102078][    C1]  vfs_getattr+0x23/0x70
[ 1209.106362][    C1]  vfs_statx_path+0x2b/0x230
[ 1209.110972][    C1]  ? vfs_statx+0x107/0x200
[ 1209.115407][    C1]  vfs_statx+0x12e/0x200
[ 1209.119670][    C1]  ? __pfx_vfs_statx+0x10/0x10
[ 1209.124450][    C1]  ? strncpy_from_user+0x150/0x2b0
[ 1209.129580][    C1]  ? do_getname+0x151/0x250
[ 1209.134102][    C1]  vfs_fstatat+0x11b/0x170
[ 1209.138540][    C1]  __x64_sys_newfstatat+0x151/0x200
[ 1209.143762][    C1]  ? __pfx___x64_sys_newfstatat+0x10/0x10
[ 1209.149534][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1209.154335][    C1]  do_syscall_64+0x14d/0xf80
[ 1209.158958][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1209.165041][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1209.169734][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1209.175651][    C1] RIP: 0033:0x7f0e94711b0a
[ 1209.180107][    C1] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7
[ 1209.199731][    C1] RSP: 002b:00007ffdcac12158 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
[ 1209.208169][    C1] RAX: ffffffffffffffda RBX: 000055b0a3eba408 RCX: 00007f0e94711b0a
[ 1209.216154][    C1] RDX: 00007ffdcac12160 RSI: 000055b0a3ea8ef3 RDI: 00000000ffffff9c
[ 1209.224143][    C1] RBP: 000055b0a674f148 R08: 00063489548db180 R09: 3fffffffffffffff
[ 1209.232129][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1209.240112][    C1] R13: 00007ffdcac12160 R14: 0000000000000000 R15: 00063489548db180
[ 1209.248132][    C1]  </TASK>
[ 1209.251781][    C1] Kernel Offset: disabled
[ 1209.256109][    C1] Rebooting in 86400 seconds..