last executing test programs:

9.015001784s ago: executing program 3 (id=219):
r0 = syz_usb_connect(0x3, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000b5403340861a22753635010203010902120001000000000904", @ANYRES8], 0x0)
landlock_create_ruleset(0x0, 0x0, 0x5)
r1 = openat$panthor(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
ioctl$DRM_IOCTL_VERSION(r1, 0xc0406400, &(0x7f0000001440)={0x1, 0x7, 0x7a6, 0x0, 0x0, 0x0, 0x0, 0x73, &(0x7f00000013c0)=""/115})
timer_create(0x0, &(0x7f00000004c0)={0x0, 0x1c, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000500)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000540)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f0000000580))
r3 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000200)=ANY=[], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000000000)={0x2, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$rtl8150(r0, &(0x7f00000006c0)={0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="201162000000621152df7af65f824d2970ec7eb599f448be13a725ae8e3ac1d4e62eb8f38e28d8138dfac903f6923249f345971e5ec199567d7a7b83a540812460b5721b4e799ab4798192b035a520ecdb868977c08bdb96fbda0c80e211e30acbadf625df5fb6166e094c34fe57776d515e1af23d8a58770105c9bbdca90b371390c3b754f07831101ded3151af919defc5ad050034804844d1ac0050654ba0b2af6a9ed543d522bf3ee31190ca2ada2b"], &(0x7f00000005c0)=ANY=[@ANYBLOB="0003ef000000ef03568577209c7d3d9406b7f3771e46973969145d1db106a262d3a656bf64317d77a47014227f0527024f004b4f58e997084902c7654e5f00463ff89b5f7959ffad26616330a903fd8e9fe63b765c9d48a8dbcbc5ad2dae8ec116ba79af1a6f8735741c3b0b9231b14e4056de06958afdb9e3904c25815d26cf209771183a36bdaf17c7cf9d8429678734a71cdedd33d26aa437d905cbc2d9f694f6a5f490eda7cf3e79e541ab6afe3845a552c8bd5f630e6f957370debfeb2358c875f79b890cf9a29e240b65e1e9758ff608fbae266126cc0d2cea3d44bb9b29ee58d901e9ea1b45cd2b28d508e10f39171a9040"]}, &(0x7f00000008c0)={0x2c, &(0x7f0000000700)=ANY=[@ANYBLOB="20007b00000073ac621618b872288d3812b8e667a742108c2e79a7c4b3cf31d45db088eadc33377f193f92fae808316b8123d6094e9b8b4b4cbc9c5c878902cfae40def9e4d668fddf26b3375c8e49b52b961776d297142ef48eb2f68fdd24761b74e1d4fc34c81851a99a3600f46e8202d7addfec93833b48be176a2c791c2af4"], &(0x7f00000007c0)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000140)=ANY=[@ANYBLOB="c12a4b6fec7b7c022231b4b6c067ae70fdf641e09b106c273321846325f8512cac0c545787e47d03b9272e97fbf34802fff1298e441e3d90d70034e8f457b047aa1c8499096f458326362733af645469e56328ec2506a891b2ed7249622063542c389dbed3c7b4fbfe8cadc67fbd9788128891bde82c3bea91b315f671d299aa49c0"], &(0x7f0000000880)=ANY=[@ANYBLOB="4005060000001f6e639b93df"]})
io_setup(0x202, 0x0)
openat$urandom(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
preadv2(r4, &(0x7f0000000280)=[{&(0x7f0000002200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0xfdef)
ioctl$TCSBRK(r4, 0x5409, 0x80000000)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x11, 0x3, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x2, 0x300)

6.826044021s ago: executing program 3 (id=233):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0xfffffff8, "07bbfeb30c52d28881875bac175ccb0d6c446593aa7eaba9a256d98e03ab46af", <r1=>0xffffffffffffffff})
ioctl$BLKCRYPTOIMPORTKEY(r1, 0xc0401289, 0x0) (async)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000bec9ff10cd0631016016af02030109021b0001002fe70009046b00016a93f000090588ae"], 0x0)

6.254809381s ago: executing program 1 (id=238):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x900, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="043e1f0a00c9000201"], 0x22)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
r1 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
landlock_restrict_self(r1, 0xe)
io_submit(0x0, 0x47f, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000003c0)="951aa14bd6f68579cac67c83bf8d4500e5cea1bb1596d4ee6645fa16fa7cacb9214070a622a2c57b89075f59b85c7b5b2c41edc9d2cd5a2c95ed1c2cf72425be9c1a2df1b60a309bc3228d7e85b300f0d7a042a40166b9208e9d2e423c32ad8e47adedf5dc425c6bcb031fb2230835d41afc23476eae602bad3246417e5ac757", 0x80}])
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010800000000000000000a0000000c0000800800", @ANYRES16=r2], 0x20}, 0x1, 0x0, 0x0, 0x240c0811}, 0x0)

6.120195839s ago: executing program 0 (id=240):
r0 = memfd_secret(0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1f000000010401010000000000000000030000010500010002df0000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x1abf0737765c88b0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x13, r0, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)

5.869304523s ago: executing program 0 (id=242):
r0 = syz_usb_connect(0x3, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000b5403340861a22753635010203010902120001000000000904", @ANYRES8], 0x0)
landlock_create_ruleset(0x0, 0x0, 0x5)
r1 = openat$panthor(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
ioctl$DRM_IOCTL_VERSION(r1, 0xc0406400, &(0x7f0000001440)={0x1, 0x7, 0x7a6, 0x0, 0x0, 0x0, 0x0, 0x73, &(0x7f00000013c0)=""/115})
timer_create(0x0, &(0x7f00000004c0)={0x0, 0x1c, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000500)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000540)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f0000000580))
r3 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000200)=ANY=[], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000000000)={0x2, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$rtl8150(r0, &(0x7f00000006c0)={0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="201162000000621152df7af65f824d2970ec7eb599f448be13a725ae8e3ac1d4e62eb8f38e28d8138dfac903f6923249f345971e5ec199567d7a7b83a540812460b5721b4e799ab4798192b035a520ecdb868977c08bdb96fbda0c80e211e30acbadf625df5fb6166e094c34fe57776d515e1af23d8a58770105c9bbdca90b371390c3b754f07831101ded3151af919defc5ad050034804844d1ac0050654ba0b2af6a9ed543d522bf3ee31190ca2ada2b"], &(0x7f00000005c0)=ANY=[@ANYBLOB="0003ef000000ef03568577209c7d3d9406b7f3771e46973969145d1db106a262d3a656bf64317d77a47014227f0527024f004b4f58e997084902c7654e5f00463ff89b5f7959ffad26616330a903fd8e9fe63b765c9d48a8dbcbc5ad2dae8ec116ba79af1a6f8735741c3b0b9231b14e4056de06958afdb9e3904c25815d26cf209771183a36bdaf17c7cf9d8429678734a71cdedd33d26aa437d905cbc2d9f694f6a5f490eda7cf3e79e541ab6afe3845a552c8bd5f630e6f957370debfeb2358c875f79b890cf9a29e240b65e1e9758ff608fbae266126cc0d2cea3d44bb9b29ee58d901e9ea1b45cd2b28d508e10f39171a9040"]}, &(0x7f00000008c0)={0x2c, &(0x7f0000000700)=ANY=[@ANYBLOB="20007b00000073ac621618b872288d3812b8e667a742108c2e79a7c4b3cf31d45db088eadc33377f193f92fae808316b8123d6094e9b8b4b4cbc9c5c878902cfae40def9e4d668fddf26b3375c8e49b52b961776d297142ef48eb2f68fdd24761b74e1d4fc34c81851a99a3600f46e8202d7addfec93833b48be176a2c791c2af4"], &(0x7f00000007c0)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000140)=ANY=[@ANYBLOB="c12a4b6fec7b7c022231b4b6c067ae70fdf641e09b106c273321846325f8512cac0c545787e47d03b9272e97fbf34802fff1298e441e3d90d70034e8f457b047aa1c8499096f458326362733af645469e56328ec2506a891b2ed7249622063542c389dbed3c7b4fbfe8cadc67fbd9788128891bde82c3bea91b315f671d299aa49c0"], &(0x7f0000000880)=ANY=[@ANYBLOB="4005060000001f6e639b93df"]})
io_setup(0x202, 0x0)
openat$urandom(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
preadv2(r4, &(0x7f0000000280)=[{&(0x7f0000002200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0xfdef)
ioctl$TCSBRK(r4, 0x5409, 0x80000000)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x11, 0x3, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$packet(0x11, 0x2, 0x300)

5.636014471s ago: executing program 1 (id=243):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r1 = socket(0x2, 0x80805, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
kexec_load(0x3, 0x1, &(0x7f00000005c0)=[{&(0x7f0000000100)="047715ac7141c111fab2fcda5de4dc8b278029bcb1bd17524f177856cac105f463c77e2d2ab44d875217dc82baa911f236f959fb9227524d4fe6b621a19823457d04c399283edbac755852", 0x4b, 0x5, 0xffffffff}], 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x80, 0x0)
sendmmsg$alg(r4, &(0x7f0000007640)=[{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000740)="bd9c629b909dddebc0508bf412865663aded7919352b141faa7dc00680ce5a44ff1ed1c813c6c1e58e28c509cd269d0e79fff4d2ea4c1da69fa672c4f5eb15788aa929e9f5c94e443cf68a1759ee805958a7c76c8c7f11a39ea32c019c2f2c8cce48d92d659f623081974c0135dc1fe2a057f725a843c083e0620ffa607d3b9570a5b4094fca255491844b3d5cb63bab3d76ad07f9503d1450f1fb860b18ac983285f983e51262c539312073482f1538d9588323b836e6e2b7704dff3cbf89c2b828c7613310eafd664c946b1a6728154b1877257a8abe3d983344da083b86ae", 0xe0}], 0x1, &(0x7f0000000cc0)=ANY=[@ANYRESHEX=r1, @ANYRES16=r2, @ANYRES64=r3, @ANYRESHEX=r0, @ANYRESOCT, @ANYRESHEX=r1, @ANYBLOB="8d364767c5cb64a235f0e74b0eb3bcef066d629b1f9491e0b291b24d7056206babee830382bbd6c463c7b5cbc305ebfe488fa979ac3ea2c8572b7fae6c15317b7b356e809896e5ada057b50f21e0bd7f85a9981a590c0242f985d39c4270b04f333f9352f6e3b77db04dc6807879f09a90cb0444836074d2ba9b2fe3509fc3c1144095c67b3c9e7d7d91f51e3739010a28bee09e7ccc9b42dd71f1b0958d56419733c1bcfbfe347f9b5c905e", @ANYRES8=r1, @ANYRESOCT, @ANYRESHEX], 0x80, 0x40800}, {0x0, 0x0, &(0x7f0000003900)=[{&(0x7f00000009c0)="c2debd9e2d4617d17e01e704d3576f8b26b757ffa164a105efcaa28e5d52d4383258c148e95e4ee927dab4ba9cdbf4dbf6b0e19f8b7e9a95211ec6aedfd78a09200b7076afabdae9c87c6837e202845b6cf3ac6b728856d66eef286087e0154a40c153e5fe7505615fb53b33f629928c80aeea7fd091180968d44cd4544b6bb4c116f4d6c4c3d148eb273bd4fa76ad8f709ed07bd2a91564fc364f1b971b0e005f", 0xa1}, {&(0x7f00000000c0)="3fe4c8", 0x3}, {&(0x7f00000002c0)="86545d2157716172b8d4eba2f1edebd77815818bfd0e1457556266898579380233e0e385464c3e4a118a5a2bcc52eeea6b2dc4fc32c3c001f2", 0x39}, {&(0x7f0000000b40)="0d4842ef613cd072196eae2d888039b1a23acbea852fb54afae1761845284c6e484aa5154a2b418ffe2ac1d636300800d8d2d75a71eb8000000000000000a0a760f5e028016a68fc07407f5671a5a4a8c91e9d056039df63390376a7359c6fc2059d1e3ffeec1ff0f4c09099e8e61c268324d0fc621f6dc2912e4bd5316ff808ac5126ade9b759e1489c04a517e9929df469c0c906000e0f82c089ec12677e7ade15e68a0000000000000000e34209971497356d7535fabd3dfc7c6cd5d924c21c56af5d22460a4ee0d2ce8b908ed1655cb9df2d93a9bf28ddf3b7c6633956df122ea892fda53ac780e6cbbd2b404c29fcca0725fa275e0d8af3998c0652a08601f5d7967d6fd5a53c3f70e286174b8934a001bb15d019f3fd36ce2d87ad66ba2fb8c038d937c1a629a9fc2a667d276b2d89486f5e68fbc1ecdb3a472d4dbb8a0e31afaa5921968241d2c518a2cea8cf1cc80300000000000000eef05f55adc3bcea997f217af04e8cddfc4c622878ba", 0x170}, {&(0x7f00000001c0)="7edb39aa76e39c9fc185dd49e1d028ba5e90ec3bb54d3c486f189f406945a495fe7b4ad51446c162f581368e4d711db9add53f7917e1dc55ae", 0x39}], 0x5, 0x0, 0x0, 0xc0}], 0x2, 0x48040)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f58dbca38f03d96def301a7f00000069", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f6a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801700d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11000000000000000000", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x40000)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)}, 0x2301)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x32)
r8 = syz_open_dev$video4linux(&(0x7f0000000000), 0x6, 0x109000)
ioctl$VIDIOC_S_STD(r8, 0xc0405626, &(0x7f0000000100)=0x8)
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r9, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f00000006c0)="f30f0966b92c09000066b80c00000066ba000000000f3036f00001360f234edcfc660f38827254baf80c66b80800e18766efbafc0cb88300ef0f01c50f4d98c900f0ff4179", 0x45}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000240)={0x0, 0xa49a, 0x30}, 0xc)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = open(&(0x7f0000000300)='.\x00', 0x100000, 0x0)
flock(r11, 0x1)
ioctl$SNDRV_PCM_IOCTL_XRUN(r11, 0x4148, 0x0)
sendmsg$IPSET_CMD_DEL(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYRES8=r5], 0x2c}}, 0x0)

5.103722481s ago: executing program 3 (id=244):
ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000080)={[{0x5, 0x1, 0xa, 0xd, 0x3, 0x7, 0xc, 0x2d, 0x7f, 0x5, 0x8, 0xf5, 0x9}, {0xf, 0x9, 0x4, 0x9, 0x8, 0xe, 0xc, 0x1, 0x8, 0x0, 0x46, 0xe8, 0x6}, {0x0, 0x7, 0xe8, 0x7f, 0x2, 0x7, 0x0, 0x4, 0x6, 0x8, 0x4, 0x4, 0x2}], 0xf})
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000280)={0x48})

4.436809577s ago: executing program 2 (id=246):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, 0x0, &(0x7f0000000040))

4.276323329s ago: executing program 2 (id=247):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x1000000, &(0x7f0000000600)="df"})

4.275878453s ago: executing program 1 (id=248):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x38, r0, 0xd55319eec59dfa33, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'rose0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x8004}, 0x20082090)

4.06078979s ago: executing program 0 (id=249):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x1000000, &(0x7f0000000600)="df"})

3.996193581s ago: executing program 1 (id=250):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080010000000e8fe55a1180015000600142603600e12050021", 0x2b}], 0x1}, 0x0)
syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x400)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d65746100000000140002800800014000000012080002400000001f"], 0xc4}}, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r3=>0x0, <r4=>0x0], &(0x7f0000000300), 0x2, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000580)={0x300, 0x1, &(0x7f0000000180)=[r2], &(0x7f00000000c0)=[0x3], &(0x7f0000000640)=[r4, r3, r4], &(0x7f0000000340), 0x0, 0xffffffffffffffff})

3.719434349s ago: executing program 0 (id=251):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x900, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="043e1f0a00c9000201"], 0x22)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
r1 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
landlock_restrict_self(r1, 0xe)
io_submit(0x0, 0x47f, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000003c0)="951aa14bd6f68579cac67c83bf8d4500e5cea1bb1596d4ee6645fa16fa7cacb9214070a622a2c57b89075f59b85c7b5b2c41edc9d2cd5a2c95ed1c2cf72425be9c1a2df1b60a309bc3228d7e85b300f0d7a042a40166b9208e9d2e423c32ad8e47adedf5dc425c6bcb031fb2230835d41afc23476eae602bad3246417e5ac757", 0x80}])
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010800000000000000000a0000000c0000800800", @ANYRES16=r2], 0x20}, 0x1, 0x0, 0x0, 0x240c0811}, 0x0)

3.549465396s ago: executing program 2 (id=252):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000800)="21ae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122", 0x122}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf2acfb793a610b3738b393eed8633fc8e8f630932206960e9076c7d7fc99fce018701c50d39b811a7427a7a9fcb340c2755541f228462010ec40ba945a0febd460dad5d548f1be090f5dbaa8ae8835dc4", 0x1ad}, {&(0x7f0000000140)="f610e61ac81cc3edc86f0500194d27a5a443f10dfd1ecda0fd0ed9a444b7fb76afe3a0002f0a5eafcd3555a6cad574af080de74a37f54ee5f10fe3f42b445293ca980200000000000000ecfd6cc1b3a9a9263506e88c5557069d0ca055991454ec1307b7411892a1beaef9ae548331", 0x6f}], 0x3, 0x0, 0x0, 0x900}}], 0x1, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, r2, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
sendmsg$key(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x160}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001ec0)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)=""/215, 0xd7}], 0x1}, 0xffff}], 0x1, 0x0, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000000)=""/102, 0x365}, {&(0x7f0000000280)=""/76, 0x14c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/92, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x188}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

3.328050944s ago: executing program 3 (id=253):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e28, @local}, 0x10)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000000000901020000000000000000030000030900010073797a3000000000300002002c0001801400030000000000000000000000ffffffffffff14000400ff020000000000000000800000000001"], 0x50}}, 0x20000015)

3.208693606s ago: executing program 0 (id=254):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prlimit64(0x0, 0x7, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

3.132173598s ago: executing program 2 (id=255):
r0 = syz_usb_connect(0x5, 0x1b, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x72, 0x4e, 0xc8, 0x10, 0x856, 0xac44, 0x635b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9, 0x0, 0x3, 0x10, 0x20, 0x1}}]}}, 0x0)
syz_usb_ep_read(r0, 0x1, 0x0, 0x0)

2.963995009s ago: executing program 3 (id=256):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x24008010)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@mcast2, 0x0, 0x0, 0xffff, 0x0, 0x2}, {0x0, 0x28c, 0x1, 0x0, 0x0, 0x0, 0x2}, {0x7}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010102, 0x2000000, 0x33}, 0x0, @in6=@loopback, 0x0, 0x3, 0x3, 0xb7, 0x0, 0x8000000}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

1.926155978s ago: executing program 0 (id=257):
r0 = syz_usb_connect(0x3, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000b5403340861a22753635010203010902120001000000000904", @ANYRES8], 0x0)
landlock_create_ruleset(0x0, 0x0, 0x5)
r1 = openat$panthor(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
ioctl$DRM_IOCTL_VERSION(r1, 0xc0406400, &(0x7f0000001440)={0x1, 0x7, 0x7a6, 0x0, 0x0, 0x0, 0x0, 0x73, &(0x7f00000013c0)=""/115})
timer_create(0x0, &(0x7f00000004c0)={0x0, 0x1c, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000500)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000540)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f0000000580))
r3 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000200)=ANY=[], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000000000)={0x2, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$rtl8150(r0, &(0x7f00000006c0)={0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="201162000000621152df7af65f824d2970ec7eb599f448be13a725ae8e3ac1d4e62eb8f38e28d8138dfac903f6923249f345971e5ec199567d7a7b83a540812460b5721b4e799ab4798192b035a520ecdb868977c08bdb96fbda0c80e211e30acbadf625df5fb6166e094c34fe57776d515e1af23d8a58770105c9bbdca90b371390c3b754f07831101ded3151af919defc5ad050034804844d1ac0050654ba0b2af6a9ed543d522bf3ee31190ca2ada2b"], &(0x7f00000005c0)=ANY=[@ANYBLOB="0003ef000000ef03568577209c7d3d9406b7f3771e46973969145d1db106a262d3a656bf64317d77a47014227f0527024f004b4f58e997084902c7654e5f00463ff89b5f7959ffad26616330a903fd8e9fe63b765c9d48a8dbcbc5ad2dae8ec116ba79af1a6f8735741c3b0b9231b14e4056de06958afdb9e3904c25815d26cf209771183a36bdaf17c7cf9d8429678734a71cdedd33d26aa437d905cbc2d9f694f6a5f490eda7cf3e79e541ab6afe3845a552c8bd5f630e6f957370debfeb2358c875f79b890cf9a29e240b65e1e9758ff608fbae266126cc0d2cea3d44bb9b29ee58d901e9ea1b45cd2b28d508e10f39171a9040"]}, &(0x7f00000008c0)={0x2c, &(0x7f0000000700)=ANY=[@ANYBLOB="20007b00000073ac621618b872288d3812b8e667a742108c2e79a7c4b3cf31d45db088eadc33377f193f92fae808316b8123d6094e9b8b4b4cbc9c5c878902cfae40def9e4d668fddf26b3375c8e49b52b961776d297142ef48eb2f68fdd24761b74e1d4fc34c81851a99a3600f46e8202d7addfec93833b48be176a2c791c2af4"], &(0x7f00000007c0)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000000800)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000140)=ANY=[@ANYBLOB="c12a4b6fec7b7c022231b4b6c067ae70fdf641e09b106c273321846325f8512cac0c545787e47d03b9272e97fbf34802fff1298e441e3d90d70034e8f457b047aa1c8499096f458326362733af645469e56328ec2506a891b2ed7249622063542c389dbed3c7b4fbfe8cadc67fbd9788128891bde82c3bea91b315f671d299aa49c0"], &(0x7f0000000880)=ANY=[@ANYBLOB="4005060000001f6e639b93df"]})
io_setup(0x202, 0x0)
openat$urandom(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
preadv2(r4, &(0x7f0000000280)=[{&(0x7f0000002200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0xfdef)
ioctl$TCSBRK(r4, 0x5409, 0x80000000)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x11, 0x3, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)

1.082647226s ago: executing program 1 (id=258):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x38, r1, 0xd55319eec59dfa33, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'rose0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x8004}, 0x20082090)

1.023194632s ago: executing program 3 (id=259):
r0 = syz_open_dev$I2C(&(0x7f00000001c0), 0x0, 0x40080)
ioctl$FS_IOC_FSSETXATTR(r0, 0x703, 0x0)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x240000d4, 0x0, 0x0)
r1 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000680)=ANY=[@ANYRES16=0x0, @ANYRES8=r0, @ANYRESHEX=r0, @ANYBLOB="e78967b236b45255714e80d2f504500c14944acf91ed2ae43199f6823e9a2e33861c40c0f50ebcde709a5adcf9409ff5099a429049dbbbbf02f4bdc8309c6c0516f1928f462a1f7533166486643ab9a72a9eae034bf58897bd8fdd6553bc70ad9fca5f65270fc87bc990b5b8f8037a81fdb578b41bdb72b6f2c642469f9067e18ddfaacffcd6265d4f3e12ff742cf48f8e14dfcdb8bfddbe2ad4d04a26eeb60f0235e01bf313b3d0e427ce4b139f0d648d0f255a134c67f17ffc376c9f7d2b141b481d70d28ac60d3aa08c2fa5663c71a49726e400ade7268a66a27c186ca1944effe7395fed38ddb69be39514fb7cc11f6be608e1c6768c", @ANYRESOCT=r0, @ANYBLOB="aaf425abd1ce37222a9b67106f35d36be444e625b280825e21ef71146c0bc29a2c967dd43818f18f80d1d2ec6a98916644a1990f381d65580b6c7616a910ce1bb0838d8abc51b5187223eff443f85426ded7d030ede13522956f9cedf300fd3710928d0823be958039c1306be6e9e90cdbfa60a1066ee1d7c0bccb0c2fc710e2", @ANYBLOB="f8d69316479480de7d927b3adff74801d22a77961aa847f92cddd83286282d1c840543ee897b8a209e943e09e5e2a91edb99594fb0bc66a75e99f74b3dd8cc5dff9cb6c549ebcfadfc1d5dd7470f92ebf3edf6fc02ea454b337e6c6f3823ea1593293bd446d8aca49a1e4d7ad5768956e652bd7b25afc3554b62908c"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000400)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00!\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)

414.853239ms ago: executing program 2 (id=260):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
getsockopt$sock_buf(r0, 0x1, 0x3b, &(0x7f0000001680)=""/193, &(0x7f0000000180)=0xea)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000000)={0x7})
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6(0xa, 0x4, 0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, 0x0, &(0x7f0000000040))

413.571995ms ago: executing program 1 (id=261):
ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, &(0x7f0000000080)={[{0x5, 0x1, 0xa, 0xd, 0x3, 0x7, 0xc, 0x2d, 0x7f, 0x5, 0x8, 0xf5, 0x9}, {0xf, 0x9, 0x4, 0x9, 0x8, 0xe, 0xc, 0x1, 0x8, 0x0, 0x46, 0xe8, 0x6}, {0x0, 0x7, 0xe8, 0x7f, 0x2, 0x7, 0x0, 0x4, 0x6, 0x8, 0x4, 0x4, 0x2}], 0xf})
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a9b30d24"], 0x0)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000280)={0x48})

0s ago: executing program 2 (id=262):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x900, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="043e1f0a00c9000201"], 0x22)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
r1 = landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
landlock_restrict_self(r1, 0xe)
syz_ublk_setup_io_uring(0x4bca, &(0x7f0000000300)={0x0, 0x7f2b, 0x400, 0x2, 0x25b}, &(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400))
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010800000000000000000a0000000c0000800800", @ANYRES16=r2], 0x20}, 0x1, 0x0, 0x0, 0x240c0811}, 0x0)

kernel console output (not intermixed with test programs):

5613] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  117.595589][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  117.618103][ T5613] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  117.657474][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  117.678418][ T5613] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  117.716873][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  117.760837][ T5613] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  117.793132][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  117.997906][ T5611] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  118.055913][ T5611] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  118.076399][ T5611] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  118.113403][ T5611] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  118.117805][ T5611] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  118.155370][ T5611] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  118.194818][ T5611] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  118.245422][ T5611] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  118.453770][ T5610] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  118.508162][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  118.533778][ T5610] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  118.608386][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  118.623784][ T5610] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  118.657639][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  118.701653][   T61] Bluetooth: hci3: command tx timeout
[  118.708467][ T5610] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  118.739266][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  118.782460][   T61] Bluetooth: hci0: command tx timeout
[  118.946318][   T61] Bluetooth: hci1: command tx timeout
[  119.026687][   T61] Bluetooth: hci2: command tx timeout
[  119.038785][ T5612] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  119.076626][ T5612] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  119.105962][ T5612] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  119.146732][ T5612] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  119.176488][ T5612] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  119.218436][ T5612] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  119.248926][ T5612] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  119.286571][ T5612] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  119.350584][ T5613] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.533439][ T5613] 8021q: adding VLAN 0 to HW filter on device team0
[  119.605032][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.605247][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.707371][ T1171] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.720912][ T1171] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.772767][ T5611] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.986121][ T5611] 8021q: adding VLAN 0 to HW filter on device team0
[  120.036301][ T5610] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.070727][ T1456] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.070922][ T1456] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.144898][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.145079][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.253123][ T5610] 8021q: adding VLAN 0 to HW filter on device team0
[  120.397885][ T1456] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.398159][ T1456] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.461378][ T5612] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.521859][ T1456] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.522460][ T1456] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.688615][ T5612] 8021q: adding VLAN 0 to HW filter on device team0
[  120.769973][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.770136][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.920769][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.946568][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  121.773975][ T5613] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.609418][ T5613] veth0_vlan: entered promiscuous mode
[  122.767857][ T5613] veth1_vlan: entered promiscuous mode
[  123.004029][ T5611] 8021q: adding VLAN 0 to HW filter on device batadv0
[  123.123290][ T5610] 8021q: adding VLAN 0 to HW filter on device batadv0
[  123.167553][ T5612] 8021q: adding VLAN 0 to HW filter on device batadv0
[  123.184907][ T5613] veth0_macvtap: entered promiscuous mode
[  123.222872][ T5613] veth1_macvtap: entered promiscuous mode
[  123.405933][ T5613] batman_adv: batadv0: Interface activated: batadv_slave_0
[  123.460667][ T5613] batman_adv: batadv0: Interface activated: batadv_slave_1
[  123.522809][ T5611] veth0_vlan: entered promiscuous mode
[  123.576819][ T1171] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.623759][ T1171] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.656624][ T5612] veth0_vlan: entered promiscuous mode
[  123.668927][ T1171] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.673780][ T5610] veth0_vlan: entered promiscuous mode
[  123.692272][ T5611] veth1_vlan: entered promiscuous mode
[  123.717150][ T1171] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.921403][ T5612] veth1_vlan: entered promiscuous mode
[  123.952246][ T5610] veth1_vlan: entered promiscuous mode
[  124.403165][ T5611] veth0_macvtap: entered promiscuous mode
[  124.497719][ T5611] veth1_macvtap: entered promiscuous mode
[  124.543113][ T5612] veth0_macvtap: entered promiscuous mode
[  124.555826][ T5610] veth0_macvtap: entered promiscuous mode
[  124.640400][ T1519] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.640423][ T1519] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.675520][ T5612] veth1_macvtap: entered promiscuous mode
[  124.706471][ T5610] veth1_macvtap: entered promiscuous mode
[  124.801226][ T5611] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.854463][ T1519] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.854481][ T1519] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.880827][ T5611] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.905277][ T5612] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.916346][ T5610] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.042657][ T5612] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.084038][ T5610] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.098937][  T156] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.124756][  T156] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.149213][  T156] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.205739][  T156] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.244855][  T156] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.247663][  T156] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.279897][  T156] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.360308][  T156] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.425567][  T156] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.428941][  T156] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.429719][  T156] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.434708][  T156] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.548485][   T61] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  126.548541][   T61] CPU: 0 UID: 0 PID: 61 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  126.548567][   T61] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  126.548582][   T61] Workqueue: hci3 hci_rx_work
[  126.548631][   T61] Call Trace:
[  126.548644][   T61]  <TASK>
[  126.548655][   T61]  dump_stack_lvl+0xe8/0x150
[  126.548688][   T61]  sysfs_create_dir_ns+0x271/0x2a0
[  126.548724][   T61]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  126.548750][   T61]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  126.548791][   T61]  ? rt_spin_unlock+0x160/0x200
[  126.548817][   T61]  kobject_add_internal+0x631/0xd10
[  126.548863][   T61]  kobject_add+0x163/0x240
[  126.548915][   T61]  ? __pfx_kobject_add+0x10/0x10
[  126.548957][   T61]  ? get_device_parent+0x370/0x3a0
[  126.548990][   T61]  device_add+0x408/0xb90
[  126.549022][   T61]  hci_conn_add_sysfs+0xd5/0x210
[  126.549047][   T61]  le_conn_complete_evt+0x10e6/0x16b0
[  126.549086][   T61]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  126.549119][   T61]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  126.549147][   T61]  ? lockdep_hardirqs_on+0x7a/0x110
[  126.549188][   T61]  ? skb_pull_data+0xfb/0x200
[  126.549222][   T61]  hci_le_enh_conn_complete_evt+0x189/0x490
[  126.549252][   T61]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  126.549287][   T61]  hci_event_packet+0x659/0xef0
[  126.549320][   T61]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  126.549342][   T61]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  126.549370][   T61]  ? __pfx_hci_event_packet+0x10/0x10
[  126.549395][   T61]  ? rt_spin_unlock+0x14f/0x200
[  126.549542][   T61]  ? hci_send_to_monitor+0xe2/0x590
[  126.549592][   T61]  hci_rx_work+0x3ee/0x1040
[  126.549631][   T61]  ? process_one_work+0x8be/0x1630
[  126.549663][   T61]  process_one_work+0x98b/0x1630
[  126.549712][   T61]  ? __pfx_process_one_work+0x10/0x10
[  126.549742][   T61]  ? do_raw_spin_lock+0x12b/0x2f0
[  126.549784][   T61]  worker_thread+0xb49/0x1140
[  126.549844][   T61]  kthread+0x388/0x470
[  126.549869][   T61]  ? __pfx_worker_thread+0x10/0x10
[  126.549903][   T61]  ? __pfx_kthread+0x10/0x10
[  126.549931][   T61]  ret_from_fork+0x514/0xb70
[  126.549964][   T61]  ? __pfx_ret_from_fork+0x10/0x10
[  126.549993][   T61]  ? __switch_to+0xc79/0x1410
[  126.550021][   T61]  ? __pfx_kthread+0x10/0x10
[  126.550049][   T61]  ret_from_fork_asm+0x1a/0x30
[  126.550098][   T61]  </TASK>
[  126.550139][   T61] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  126.550184][   T61] Bluetooth: hci3: failed to register connection device
[  127.412544][ T5759] netlink: 'syz.0.1': attribute type 11 has an invalid length.
[  127.454777][ T5759] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[  127.625955][ T5757] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[  127.660769][ T1519] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.660790][ T1519] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.898783][ T1456] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.898827][ T1456] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.093341][ T5756] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  128.093497][ T5756] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  128.124115][ T1456] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.124138][ T1456] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.199252][ T1171] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.199275][ T1171] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.460741][ T5756] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  128.612866][ T5756] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  128.707048][ T5756] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  128.707125][ T5756] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  128.853120][ T5756] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  128.904831][ T5762] FAULT_INJECTION: forcing a failure.
[  128.904831][ T5762] name failslab, interval 1, probability 0, space 0, times 1
[  128.904868][ T5762] CPU: 0 UID: 0 PID: 5762 Comm: syz.3.4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  128.904893][ T5762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  128.904907][ T5762] Call Trace:
[  128.904915][ T5762]  <TASK>
[  128.904924][ T5762]  dump_stack_lvl+0xe8/0x150
[  128.904957][ T5762]  should_fail_ex+0x46b/0x600
[  128.904995][ T5762]  should_failslab+0xa8/0x100
[  128.905023][ T5762]  __kmalloc_noprof+0xfe/0x7e0
[  128.905047][ T5762]  ? tomoyo_encode+0x28b/0x550
[  128.905071][ T5762]  ? tomoyo_encode+0x28b/0x550
[  128.905103][ T5762]  tomoyo_encode+0x28b/0x550
[  128.905134][ T5762]  tomoyo_realpath_from_path+0x58d/0x5d0
[  128.905164][ T5762]  ? tomoyo_domain+0xd7/0x130
[  128.905196][ T5762]  ? tomoyo_path_number_perm+0x219/0x630
[  128.905230][ T5762]  tomoyo_path_number_perm+0x246/0x630
[  128.905270][ T5762]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  128.905305][ T5762]  ? __lock_acquire+0x6b5/0x2d10
[  128.905337][ T5762]  ? do_raw_spin_lock+0x12b/0x2f0
[  128.905384][ T5762]  ? __fget_files+0x2a/0x420
[  128.905404][ T5762]  ? __fget_files+0x2a/0x420
[  128.905421][ T5762]  ? __fget_files+0x3a6/0x420
[  128.905437][ T5762]  ? __fget_files+0x2a/0x420
[  128.905457][ T5762]  security_file_ioctl+0xc3/0x2a0
[  128.905484][ T5762]  __se_sys_ioctl+0x47/0x170
[  128.905507][ T5762]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.905526][ T5762]  do_syscall_64+0x174/0x580
[  128.905549][ T5762]  ? trace_irq_disable+0x3b/0x140
[  128.905571][ T5762]  ? clear_bhb_loop+0x40/0x90
[  128.905592][ T5762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.905609][ T5762] RIP: 0033:0x7f60370cce59
[  128.905636][ T5762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  128.905651][ T5762] RSP: 002b:00007f6035326028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  128.905670][ T5762] RAX: ffffffffffffffda RBX: 00007f6037345fa0 RCX: 00007f60370cce59
[  128.905682][ T5762] RDX: 00002000000001c0 RSI: 00000000400442c8 RDI: 0000000000000004
[  128.905697][ T5762] RBP: 00007f6035326090 R08: 0000000000000000 R09: 0000000000000000
[  128.905708][ T5762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.905718][ T5762] R13: 00007f6037346038 R14: 00007f6037345fa0 R15: 00007ffe3c60d558
[  128.905751][ T5762]  </TASK>
[  128.905800][ T5762] ERROR: Out of memory at tomoyo_realpath_from_path.
[  129.235118][ T5756] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  129.235220][ T5756] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  129.415035][ T5756] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  129.581458][   T61] Bluetooth: hci3: command 0x0c1a tx timeout
[  129.723936][ T5756] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  129.724105][ T5756] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  129.948048][ T5756] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  130.492012][ T5773] netlink: 'syz.2.6': attribute type 15 has an invalid length.
[  130.782903][   T61] Bluetooth: hci2: command 0x0c1a tx timeout
[  130.944850][   T25] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.944871][   T25] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.193420][ T5779] FAULT_INJECTION: forcing a failure.
[  131.193420][ T5779] name failslab, interval 1, probability 0, space 0, times 0
[  131.193454][ T5779] CPU: 0 UID: 0 PID: 5779 Comm: syz.0.8 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  131.193476][ T5779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  131.193488][ T5779] Call Trace:
[  131.193495][ T5779]  <TASK>
[  131.193504][ T5779]  dump_stack_lvl+0xe8/0x150
[  131.193534][ T5779]  should_fail_ex+0x46b/0x600
[  131.193699][ T5779]  should_failslab+0xa8/0x100
[  131.193727][ T5779]  __kmalloc_noprof+0xfe/0x7e0
[  131.193751][ T5779]  ? tomoyo_encode+0x28b/0x550
[  131.193774][ T5779]  ? tomoyo_encode+0x28b/0x550
[  131.193805][ T5779]  tomoyo_encode+0x28b/0x550
[  131.193847][ T5779]  tomoyo_realpath_from_path+0x58d/0x5d0
[  131.193885][ T5779]  ? tomoyo_path_number_perm+0x219/0x630
[  131.193917][ T5779]  tomoyo_path_number_perm+0x246/0x630
[  131.193953][ T5779]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  131.193983][ T5779]  ? __lock_acquire+0x6b5/0x2d10
[  131.194012][ T5779]  ? do_raw_spin_lock+0x12b/0x2f0
[  131.194061][ T5779]  ? __fget_files+0x2a/0x420
[  131.194096][ T5779]  ? __fget_files+0x2a/0x420
[  131.194122][ T5779]  ? __fget_files+0x3a6/0x420
[  131.194141][ T5779]  ? __fget_files+0x2a/0x420
[  131.194168][ T5779]  security_file_ioctl+0xc3/0x2a0
[  131.194201][ T5779]  __se_sys_ioctl+0x47/0x170
[  131.194232][ T5779]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.194256][ T5779]  do_syscall_64+0x174/0x580
[  131.194285][ T5779]  ? trace_irq_disable+0x3b/0x140
[  131.194315][ T5779]  ? clear_bhb_loop+0x40/0x90
[  131.194343][ T5779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.194366][ T5779] RIP: 0033:0x7efecfa2ce59
[  131.194387][ T5779] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  131.194403][ T5779] RSP: 002b:00007efecdc86028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.194425][ T5779] RAX: ffffffffffffffda RBX: 00007efecfca5fa0 RCX: 00007efecfa2ce59
[  131.194439][ T5779] RDX: 0000200000000040 RSI: 00000000c0185500 RDI: 0000000000000004
[  131.194452][ T5779] RBP: 00007efecdc86090 R08: 0000000000000000 R09: 0000000000000000
[  131.194464][ T5779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.194476][ T5779] R13: 00007efecfca6038 R14: 00007efecfca5fa0 R15: 00007ffcd90b2f48
[  131.194512][ T5779]  </TASK>
[  131.194588][ T5779] ERROR: Out of memory at tomoyo_realpath_from_path.
[  131.289131][   T61] Bluetooth: hci0: command 0x0c1a tx timeout
[  131.561128][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  131.561151][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.662222][   T61] Bluetooth: hci3: command 0x0c1a tx timeout
[  131.681851][ T5754] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  131.741499][   T61] Bluetooth: hci1: command 0x0c1a tx timeout
[  132.075208][ T5754] usb 3-1: Using ep0 maxpacket: 8
[  132.219877][ T5754] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  132.219911][ T5754] usb 3-1: config 179 has no interface number 0
[  132.219963][ T5754] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  132.219991][ T5754] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  132.220022][ T5754] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  132.220055][ T5754] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  132.220085][ T5754] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  132.220136][ T5754] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  132.220160][ T5754] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.728424][   T61] Bluetooth: hci2: Unknown advertising packet type: 0x18
[  132.728451][   T61] Bluetooth: hci2: Unknown advertising packet type: 0x1e
[  132.728480][   T61] Bluetooth: hci2: Unknown advertising packet type: 0x30
[  132.728615][   T61] Bluetooth: hci2: Unknown advertising packet type: 0x36
[  132.728631][   T61] Bluetooth: hci2: Malformed LE Event: 0x0d
[  133.130114][   T61] Bluetooth: hci2: command 0x0c1a tx timeout
[  133.285600][ T5774] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  133.343314][   T61] Bluetooth: hci0: command 0x0c1a tx timeout
[  133.747064][   T61] Bluetooth: hci3: command 0x0c1a tx timeout
[  133.848960][   T61] Bluetooth: hci1: command 0x0c1a tx timeout
[  135.181960][   T61] Bluetooth: hci2: command 0x0c1a tx timeout
[  135.422420][   T61] Bluetooth: hci0: command 0x0c1a tx timeout
[  135.821443][   T61] Bluetooth: hci3: command 0x0c1a tx timeout
[  135.893383][ T5798] FAULT_INJECTION: forcing a failure.
[  135.893383][ T5798] name failslab, interval 1, probability 0, space 0, times 0
[  135.893419][ T5798] CPU: 0 UID: 0 PID: 5798 Comm: syz.1.2 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  135.893442][ T5798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  135.893455][ T5798] Call Trace:
[  135.893463][ T5798]  <TASK>
[  135.893471][ T5798]  dump_stack_lvl+0xe8/0x150
[  135.893502][ T5798]  should_fail_ex+0x46b/0x600
[  135.893535][ T5798]  should_failslab+0xa8/0x100
[  135.893557][ T5798]  __kmalloc_noprof+0xfe/0x7e0
[  135.893575][ T5798]  ? tomoyo_encode+0x28b/0x550
[  135.893594][ T5798]  ? tomoyo_encode+0x28b/0x550
[  135.893618][ T5798]  tomoyo_encode+0x28b/0x550
[  135.893641][ T5798]  tomoyo_realpath_from_path+0x58d/0x5d0
[  135.893671][ T5798]  ? tomoyo_path_number_perm+0x219/0x630
[  135.893700][ T5798]  tomoyo_path_number_perm+0x246/0x630
[  135.893744][ T5798]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  135.893775][ T5798]  ? __lock_acquire+0x6b5/0x2d10
[  135.893803][ T5798]  ? do_raw_spin_lock+0x12b/0x2f0
[  135.893851][ T5798]  ? __fget_files+0x2a/0x420
[  135.893873][ T5798]  ? __fget_files+0x2a/0x420
[  135.893891][ T5798]  ? __fget_files+0x3a6/0x420
[  135.893909][ T5798]  ? __fget_files+0x2a/0x420
[  135.893932][ T5798]  security_file_ioctl+0xc3/0x2a0
[  135.893964][ T5798]  __se_sys_ioctl+0x47/0x170
[  135.893990][ T5798]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.894009][ T5798]  do_syscall_64+0x174/0x580
[  135.894032][ T5798]  ? trace_irq_disable+0x3b/0x140
[  135.894055][ T5798]  ? clear_bhb_loop+0x40/0x90
[  135.894078][ T5798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.894096][ T5798] RIP: 0033:0x7f90faecce59
[  135.894115][ T5798] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  135.894130][ T5798] RSP: 002b:00007f90f9126028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  135.894149][ T5798] RAX: ffffffffffffffda RBX: 00007f90fb145fa0 RCX: 00007f90faecce59
[  135.894162][ T5798] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  135.894173][ T5798] RBP: 00007f90f9126090 R08: 0000000000000000 R09: 0000000000000000
[  135.894184][ T5798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.894194][ T5798] R13: 00007f90fb146038 R14: 00007f90fb145fa0 R15: 00007ffedaafc558
[  135.894222][ T5798]  </TASK>
[  135.894245][ T5798] ERROR: Out of memory at tomoyo_realpath_from_path.
[  135.911486][   T61] Bluetooth: hci1: command 0x0c1a tx timeout
[  137.306229][ T5807] capability: warning: `syz.3.14' uses 32-bit capabilities (legacy support in use)
[  137.314219][ T5807] program syz.3.14 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  137.978677][ T5817] FAULT_INJECTION: forcing a failure.
[  137.978677][ T5817] name failslab, interval 1, probability 0, space 0, times 0
[  137.978718][ T5817] CPU: 0 UID: 0 PID: 5817 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  137.978746][ T5817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  137.978761][ T5817] Call Trace:
[  137.978770][ T5817]  <TASK>
[  137.978780][ T5817]  dump_stack_lvl+0xe8/0x150
[  137.978817][ T5817]  should_fail_ex+0x46b/0x600
[  137.978860][ T5817]  should_failslab+0xa8/0x100
[  137.978891][ T5817]  __kmalloc_noprof+0xfe/0x7e0
[  137.978918][ T5817]  ? tomoyo_encode+0x28b/0x550
[  137.978943][ T5817]  ? tomoyo_encode+0x28b/0x550
[  137.978989][ T5817]  tomoyo_encode+0x28b/0x550
[  137.979023][ T5817]  tomoyo_realpath_from_path+0x58d/0x5d0
[  137.979064][ T5817]  ? tomoyo_path_number_perm+0x219/0x630
[  137.979104][ T5817]  tomoyo_path_number_perm+0x246/0x630
[  137.979146][ T5817]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  137.979182][ T5817]  ? __lock_acquire+0x6b5/0x2d10
[  137.979221][ T5817]  ? do_raw_spin_lock+0x12b/0x2f0
[  137.979282][ T5817]  ? __fget_files+0x2a/0x420
[  137.979308][ T5817]  ? __fget_files+0x2a/0x420
[  137.979326][ T5817]  ? __fget_files+0x3a6/0x420
[  137.979343][ T5817]  ? __fget_files+0x2a/0x420
[  137.979371][ T5817]  security_file_ioctl+0xc3/0x2a0
[  137.979410][ T5817]  __se_sys_ioctl+0x47/0x170
[  137.979443][ T5817]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.979471][ T5817]  do_syscall_64+0x174/0x580
[  137.979503][ T5817]  ? trace_irq_disable+0x3b/0x140
[  137.979533][ T5817]  ? clear_bhb_loop+0x40/0x90
[  137.979564][ T5817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.979592][ T5817] RIP: 0033:0x7efecfa2ce59
[  137.979615][ T5817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  137.979635][ T5817] RSP: 002b:00007efecdc86028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  137.979661][ T5817] RAX: ffffffffffffffda RBX: 00007efecfca5fa0 RCX: 00007efecfa2ce59
[  137.979680][ T5817] RDX: 0000200000000080 RSI: 000000004008af00 RDI: 0000000000000003
[  137.979696][ T5817] RBP: 00007efecdc86090 R08: 0000000000000000 R09: 0000000000000000
[  137.979711][ T5817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.979725][ T5817] R13: 00007efecfca6038 R14: 00007efecfca5fa0 R15: 00007ffcd90b2f48
[  137.979762][ T5817]  </TASK>
[  137.987242][ T5816] FAULT_INJECTION: forcing a failure.
[  137.987242][ T5816] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  137.987283][ T5816] CPU: 0 UID: 0 PID: 5816 Comm: syz.3.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  137.987306][ T5816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  137.987318][ T5816] Call Trace:
[  137.987571][ T5816]  <TASK>
[  137.987588][ T5816]  dump_stack_lvl+0xe8/0x150
[  137.987623][ T5816]  should_fail_ex+0x46b/0x600
[  137.987662][ T5816]  _copy_to_user+0x31/0xb0
[  137.987691][ T5816]  simple_read_from_buffer+0xe1/0x170
[  137.987715][ T5816]  proc_fail_nth_read+0x1be/0x230
[  137.987738][ T5816]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.987764][ T5816]  ? rw_verify_area+0x2ac/0x4e0
[  137.987786][ T5816]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.987806][ T5816]  vfs_read+0x212/0xa80
[  137.987845][ T5816]  ? __pfx_vfs_read+0x10/0x10
[  137.987870][ T5816]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  137.987905][ T5816]  ? lockdep_hardirqs_on+0x7a/0x110
[  137.987930][ T5816]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  137.987953][ T5816]  ? mutex_lock_nested+0x152/0x1d0
[  137.987988][ T5816]  ? fdget_pos+0x252/0x320
[  137.988014][ T5816]  ksys_read+0x156/0x270
[  137.988043][ T5816]  ? __pfx_ksys_read+0x10/0x10
[  137.988077][ T5816]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.988098][ T5816]  do_syscall_64+0x174/0x580
[  137.988130][ T5816]  ? trace_irq_disable+0x3b/0x140
[  137.988154][ T5816]  ? clear_bhb_loop+0x40/0x90
[  137.988177][ T5816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.988198][ T5816] RIP: 0033:0x7f603708d68e
[  137.988227][ T5816] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  137.988244][ T5816] RSP: 002b:00007f6035325fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  137.988268][ T5816] RAX: ffffffffffffffda RBX: 00007f60353266c0 RCX: 00007f603708d68e
[  137.988283][ T5816] RDX: 000000000000000f RSI: 00007f60353260a0 RDI: 0000000000000004
[  137.988296][ T5816] RBP: 00007f6035326090 R08: 0000000000000000 R09: 0000000000000000
[  137.988309][ T5816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.988321][ T5816] R13: 00007f6037346038 R14: 00007f6037345fa0 R15: 00007ffe3c60d558
[  137.988356][ T5816]  </TASK>
[  138.283153][ T5817] ERROR: Out of memory at tomoyo_realpath_from_path.
[  138.311447][ T5815] netlink: 56 bytes leftover after parsing attributes in process `syz.1.18'.
[  139.286967][    C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  139.287042][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  139.323098][ T1339] ieee802154 phy0 wpan0: encryption failed: -22
[  139.323369][ T1339] ieee802154 phy1 wpan1: encryption failed: -22
[  139.496138][ T5754] usb 3-1: USB disconnect, device number 2
[  139.771401][ T5831] warning: `syz.2.22' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  139.917211][ T5834] FAULT_INJECTION: forcing a failure.
[  139.917211][ T5834] name failslab, interval 1, probability 0, space 0, times 0
[  139.917252][ T5834] CPU: 0 UID: 0 PID: 5834 Comm: syz.3.24 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  139.917279][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  139.917294][ T5834] Call Trace:
[  139.917303][ T5834]  <TASK>
[  139.917314][ T5834]  dump_stack_lvl+0xe8/0x150
[  139.917350][ T5834]  should_fail_ex+0x46b/0x600
[  139.917391][ T5834]  should_failslab+0xa8/0x100
[  139.917422][ T5834]  __kmalloc_noprof+0xfe/0x7e0
[  139.917448][ T5834]  ? tomoyo_encode+0x28b/0x550
[  139.917474][ T5834]  ? tomoyo_encode+0x28b/0x550
[  139.917513][ T5834]  tomoyo_encode+0x28b/0x550
[  139.917548][ T5834]  tomoyo_realpath_from_path+0x58d/0x5d0
[  139.917580][ T5834]  ? tomoyo_domain+0xd7/0x130
[  139.917636][ T5834]  ? tomoyo_path_number_perm+0x219/0x630
[  139.917676][ T5834]  tomoyo_path_number_perm+0x246/0x630
[  139.917717][ T5834]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  139.917769][ T5834]  ? __lock_acquire+0x6b5/0x2d10
[  139.917805][ T5834]  ? do_raw_spin_lock+0x12b/0x2f0
[  139.917875][ T5834]  ? __fget_files+0x2a/0x420
[  139.917902][ T5834]  ? __fget_files+0x2a/0x420
[  139.917922][ T5834]  ? __fget_files+0x3a6/0x420
[  139.917940][ T5834]  ? __fget_files+0x2a/0x420
[  139.917962][ T5834]  security_file_ioctl+0xc3/0x2a0
[  139.917992][ T5834]  __se_sys_ioctl+0x47/0x170
[  139.918017][ T5834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.918038][ T5834]  do_syscall_64+0x174/0x580
[  139.918070][ T5834]  ? trace_irq_disable+0x3b/0x140
[  139.918094][ T5834]  ? clear_bhb_loop+0x40/0x90
[  139.918117][ T5834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.918136][ T5834] RIP: 0033:0x7f60370cce59
[  139.918156][ T5834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  139.918171][ T5834] RSP: 002b:00007f6035326028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  139.918191][ T5834] RAX: ffffffffffffffda RBX: 00007f6037345fa0 RCX: 00007f60370cce59
[  139.918205][ T5834] RDX: 0000200000000040 RSI: 0000000000008b22 RDI: 0000000000000003
[  139.918217][ T5834] RBP: 00007f6035326090 R08: 0000000000000000 R09: 0000000000000000
[  139.918228][ T5834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.918239][ T5834] R13: 00007f6037346038 R14: 00007f6037345fa0 R15: 00007ffe3c60d558
[  139.918301][ T5834]  </TASK>
[  140.006293][ T5834] ERROR: Out of memory at tomoyo_realpath_from_path.
[  140.683359][ T5846] syz.1.27 uses obsolete (PF_INET,SOCK_PACKET)
[  140.684825][ T5845] ptrace attach of "ci-upstream-rust-kasan-gce/syz-executor exec"[5612] was attempted by ""[5845]
[  140.830258][ T5843] syz.1.27 (5843) used greatest stack depth: 19072 bytes left
[  140.896886][ T5853] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  141.303935][ T5754] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  141.477038][ T5865] netlink: 12 bytes leftover after parsing attributes in process `syz.0.34'.
[  141.479452][ T5754] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  141.597701][ T5754] usb 3-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38
[  141.597748][ T5754] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.597771][ T5754] usb 3-1: Product: syz
[  141.597787][ T5754] usb 3-1: Manufacturer: syz
[  141.597803][ T5754] usb 3-1: SerialNumber: syz
[  141.626491][ T5867] capability: warning: `syz.3.33' uses deprecated v2 capabilities in a way that may be insecure
[  141.706732][ T5754] usb 3-1: config 0 descriptor??
[  141.855189][    C0] [drm:vkms_crtc_handle_vblank_timeout] *ERROR* vkms failure on handling vblank
[  142.100477][ T5791] usb 3-1: USB disconnect, device number 3
[  142.318381][ T5874] FAULT_INJECTION: forcing a failure.
[  142.318381][ T5874] name failslab, interval 1, probability 0, space 0, times 0
[  142.318419][ T5874] CPU: 1 UID: 0 PID: 5874 Comm: syz.0.35 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  142.318444][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  142.318458][ T5874] Call Trace:
[  142.318471][ T5874]  <TASK>
[  142.318481][ T5874]  dump_stack_lvl+0xe8/0x150
[  142.318514][ T5874]  should_fail_ex+0x46b/0x600
[  142.318558][ T5874]  should_failslab+0xa8/0x100
[  142.318586][ T5874]  __kmalloc_noprof+0xfe/0x7e0
[  142.318610][ T5874]  ? tomoyo_encode+0x28b/0x550
[  142.318635][ T5874]  ? tomoyo_encode+0x28b/0x550
[  142.318667][ T5874]  tomoyo_encode+0x28b/0x550
[  142.318698][ T5874]  tomoyo_realpath_from_path+0x58d/0x5d0
[  142.318735][ T5874]  ? tomoyo_path_number_perm+0x219/0x630
[  142.318779][ T5874]  tomoyo_path_number_perm+0x246/0x630
[  142.318816][ T5874]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  142.318849][ T5874]  ? __lock_acquire+0x6b5/0x2d10
[  142.318882][ T5874]  ? do_raw_spin_lock+0x12b/0x2f0
[  142.318943][ T5874]  ? __fget_files+0x2a/0x420
[  142.318970][ T5874]  ? __fget_files+0x2a/0x420
[  142.318992][ T5874]  ? __fget_files+0x3a6/0x420
[  142.319014][ T5874]  ? __fget_files+0x2a/0x420
[  142.319046][ T5874]  security_file_ioctl+0xc3/0x2a0
[  142.319082][ T5874]  __se_sys_ioctl+0x47/0x170
[  142.319118][ T5874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.319143][ T5874]  do_syscall_64+0x174/0x580
[  142.319171][ T5874]  ? trace_irq_disable+0x3b/0x140
[  142.319199][ T5874]  ? clear_bhb_loop+0x40/0x90
[  142.319226][ T5874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.319254][ T5874] RIP: 0033:0x7efecfa2ce59
[  142.319275][ T5874] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  142.319307][ T5874] RSP: 002b:00007efecdc86028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  142.319331][ T5874] RAX: ffffffffffffffda RBX: 00007efecfca5fa0 RCX: 00007efecfa2ce59
[  142.319349][ T5874] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  142.319364][ T5874] RBP: 00007efecdc86090 R08: 0000000000000000 R09: 0000000000000000
[  142.319379][ T5874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.319393][ T5874] R13: 00007efecfca6038 R14: 00007efecfca5fa0 R15: 00007ffcd90b2f48
[  142.319429][ T5874]  </TASK>
[  142.319479][ T5874] ERROR: Out of memory at tomoyo_realpath_from_path.
[  142.355663][ T5872] tmpfs: Bad value for 'mpol'
[  142.971478][ T5791] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  143.001261][ T5795] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  143.162006][ T5791] usb 1-1: Using ep0 maxpacket: 8
[  143.168686][ T5791] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  143.168728][ T5791] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.168742][ T5791] usb 1-1: Product: syz
[  143.168753][ T5791] usb 1-1: Manufacturer: syz
[  143.168763][ T5791] usb 1-1: SerialNumber: syz
[  143.204622][ T5795] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  143.204650][ T5795] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  143.204668][ T5795] usb 4-1: config 220 has no interface number 2
[  143.204739][ T5795] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  143.204766][ T5795] usb 4-1: config 220 interface 0 has no altsetting 0
[  143.204783][ T5795] usb 4-1: config 220 interface 76 has no altsetting 0
[  143.204800][ T5795] usb 4-1: config 220 interface 1 has no altsetting 0
[  143.221180][ T5795] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  143.221214][ T5795] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.221235][ T5795] usb 4-1: Product: syz
[  143.221250][ T5795] usb 4-1: Manufacturer: syz
[  143.221266][ T5795] usb 4-1: SerialNumber: syz
[  143.396804][ T5791] usb 1-1: config 0 descriptor??
[  143.596714][ T5878] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.611119][ T5878] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.644572][ T5791] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  143.735959][ T5795] usb 4-1: selecting invalid altsetting 0
[  143.757567][ T5795] usb 4-1: selecting invalid altsetting 0
[  143.758487][ T5795] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  143.758537][ T5795] uvcvideo 4-1:220.0: No valid video chain found.
[  143.827814][ T5795] usb 4-1: selecting invalid altsetting 0
[  143.827854][ T5795] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  143.857692][ T5795] usb 4-1: USB disconnect, device number 2
[  144.217382][ T5898] netlink: 244 bytes leftover after parsing attributes in process `syz.2.46'.
[  144.652851][ T5908] netlink: 64 bytes leftover after parsing attributes in process `syz.1.47'.
[  144.705096][ T5907] netlink: 8 bytes leftover after parsing attributes in process `syz.1.47'.
[  144.757405][ T5911] FAULT_INJECTION: forcing a failure.
[  144.757405][ T5911] name failslab, interval 1, probability 0, space 0, times 0
[  144.757443][ T5911] CPU: 1 UID: 0 PID: 5911 Comm: syz.3.49 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  144.757579][ T5911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  144.757594][ T5911] Call Trace:
[  144.757603][ T5911]  <TASK>
[  144.757613][ T5911]  dump_stack_lvl+0xe8/0x150
[  144.757649][ T5911]  should_fail_ex+0x46b/0x600
[  144.757688][ T5911]  should_failslab+0xa8/0x100
[  144.757722][ T5911]  kmem_cache_alloc_node_noprof+0xae/0x710
[  144.757763][ T5911]  ? __alloc_skb+0x1d0/0x7d0
[  144.757786][ T5911]  ? __alloc_skb+0x1d0/0x7d0
[  144.757817][ T5911]  __alloc_skb+0x1d0/0x7d0
[  144.757847][ T5911]  netlink_sendmsg+0x5d4/0xb40
[  144.757890][ T5911]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.757923][ T5911]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  144.757956][ T5911]  ? aa_sock_msg_perm+0x122/0x200
[  144.757982][ T5911]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.758032][ T5911]  sock_sendmsg_nosec+0x13a/0x180
[  144.758078][ T5911]  ____sys_sendmsg+0x55c/0x870
[  144.758113][ T5911]  ? __pfx_____sys_sendmsg+0x10/0x10
[  144.758151][ T5911]  ? import_iovec+0x73/0xa0
[  144.758181][ T5911]  ___sys_sendmsg+0x2a5/0x360
[  144.758208][ T5911]  ? __lock_acquire+0x6b5/0x2d10
[  144.758244][ T5911]  ? __pfx____sys_sendmsg+0x10/0x10
[  144.758309][ T5911]  ? __fget_files+0x2a/0x420
[  144.758333][ T5911]  ? __fget_files+0x3a6/0x420
[  144.758367][ T5911]  __x64_sys_sendmsg+0x1b7/0x290
[  144.758400][ T5911]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  144.758447][ T5911]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.758483][ T5911]  do_syscall_64+0x174/0x580
[  144.758514][ T5911]  ? trace_irq_disable+0x3b/0x140
[  144.758543][ T5911]  ? clear_bhb_loop+0x40/0x90
[  144.758571][ T5911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.758595][ T5911] RIP: 0033:0x7f60370cce59
[  144.758617][ T5911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  144.758654][ T5911] RSP: 002b:00007f6035326028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  144.758677][ T5911] RAX: ffffffffffffffda RBX: 00007f6037345fa0 RCX: 00007f60370cce59
[  144.758694][ T5911] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  144.758708][ T5911] RBP: 00007f6035326090 R08: 0000000000000000 R09: 0000000000000000
[  144.758723][ T5911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.758736][ T5911] R13: 00007f6037346038 R14: 00007f6037345fa0 R15: 00007ffe3c60d558
[  144.758771][ T5911]  </TASK>
[  145.127472][ T5903] could not allocate digest TFM handle blake2s-224-x86
[  145.147751][ T5791] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  145.172249][ T5907] netlink: 8 bytes leftover after parsing attributes in process `syz.1.47'.
[  145.209375][ T5903] mmap: syz.1.47 (5903) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  145.230007][ T5791] usb 1-1: USB disconnect, device number 2
[  145.974925][ T5928] comedi: No check for data length of config insn id 5 is implemented
[  145.974946][ T5928] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  145.974961][ T5928] comedi: Assuming n=8012 is correct
[  146.201066][ T5684] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  146.362976][ T5684] usb 4-1: Using ep0 maxpacket: 16
[  146.368453][ T5684] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  146.368484][ T5684] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.368505][ T5684] usb 4-1: Product: syz
[  146.368519][ T5684] usb 4-1: Manufacturer: syz
[  146.368535][ T5684] usb 4-1: SerialNumber: syz
[  146.411055][ T5684] r8152-cfgselector 4-1: Unknown version 0x0000
[  146.411082][ T5684] r8152-cfgselector 4-1: config 0 descriptor??
[  146.433433][ T1247] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  146.500282][ T5944] netlink: 48 bytes leftover after parsing attributes in process `syz.2.60'.
[  146.593702][ T1247] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  146.593731][ T1247] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  146.593750][ T1247] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  146.593771][ T1247] usb 2-1: config 220 has no interface number 2
[  146.593853][ T1247] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  146.593883][ T1247] usb 2-1: config 220 interface 0 has no altsetting 0
[  146.593902][ T1247] usb 2-1: config 220 interface 76 has no altsetting 0
[  146.593922][ T1247] usb 2-1: config 220 interface 1 has no altsetting 0
[  146.654084][ T1247] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  146.654111][ T1247] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.654128][ T1247] usb 2-1: Product: syz
[  146.654140][ T1247] usb 2-1: Manufacturer: syz
[  146.654153][ T1247] usb 2-1: SerialNumber: syz
[  146.938702][ T5927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  146.945380][ T5927] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.033052][ T1247] usb 2-1: selecting invalid altsetting 0
[  147.033482][ T1247] uvcvideo 2-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  147.033512][ T1247] uvcvideo 2-1:220.0: No valid video chain found.
[  147.079620][ T1247] usb 2-1: selecting invalid altsetting 0
[  147.079654][ T1247] usbtest 2-1:220.1: probe with driver usbtest failed with error -22
[  147.080267][ T5955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  147.099238][ T5754] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  147.138189][ T5955] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.167621][ T1247] usb 2-1: USB disconnect, device number 2
[  147.252415][  T822] r8152-cfgselector 4-1: USB disconnect, device number 3
[  147.286821][ T5754] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  147.286860][ T5754] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  147.286891][ T5754] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  147.286908][ T5754] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.362573][ T5950] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  147.483148][ T5754] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  147.602879][ T5684] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  147.777745][ T5684] usb 1-1: Using ep0 maxpacket: 32
[  147.783433][ T5684] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  147.818919][ T5684] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  147.818950][ T5684] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  147.818971][ T5684] usb 1-1: Product: syz
[  147.818986][ T5684] usb 1-1: Manufacturer: syz
[  147.819002][ T5684] usb 1-1: SerialNumber: syz
[  147.929661][ T5684] usb 1-1: config 0 descriptor??
[  147.931495][ T5956] raw-gadget.4 gadget.0: fail, usb_ep_enable returned -22
[  147.961240][  T822] usb 2-1: new low-speed USB device number 3 using dummy_hcd
[  147.969978][ T5684] hub 1-1:0.0: bad descriptor, ignoring hub
[  147.970020][ T5684] hub 1-1:0.0: probe with driver hub failed with error -5
[  148.119437][  T822] usb 2-1: Invalid ep0 maxpacket: 16
[  148.301152][ T1247] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  148.311143][  T822] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[  148.554052][ T1247] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  148.554187][ T1247] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.561180][  T822] usb 2-1: Invalid ep0 maxpacket: 16
[  148.563698][  T822] usb usb2-port1: attempt power cycle
[  148.573133][ T5684] usb 1-1: USB disconnect, device number 3
[  148.813628][ T1247] usb 4-1: config 0 descriptor??
[  148.889789][ T1247] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  148.929992][ T5754] usb 3-1: USB disconnect, device number 4
[  149.114709][  T822] usb 2-1: new low-speed USB device number 5 using dummy_hcd
[  149.134585][  T822] usb 2-1: Invalid ep0 maxpacket: 16
[  149.236238][ T1247] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  149.236276][ T1247] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  149.275940][  T822] usb 2-1: new low-speed USB device number 6 using dummy_hcd
[  149.303859][  T822] usb 2-1: Invalid ep0 maxpacket: 16
[  149.309614][  T822] usb usb2-port1: unable to enumerate USB device
[  149.477034][ T1247] usb 4-1: USB disconnect, device number 4
[  149.503702][ T5984] comedi: No check for data length of config insn id 5 is implemented
[  149.503722][ T5984] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  149.503736][ T5984] comedi: Assuming n=8011 is correct
[  149.741931][ T5990] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  149.742025][ T5990] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  149.847351][ T5990] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  149.849336][ T5990] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  149.850330][ T5990] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  150.238394][ T6002] faux_driver vgem: [drm] Unknown color mode 3; guessing buffer size.
[  150.671141][  T822] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  151.043887][  T822] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  151.043918][  T822] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  151.043939][  T822] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  151.043959][  T822] usb 4-1: config 220 has no interface number 2
[  151.044051][  T822] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  151.044081][  T822] usb 4-1: config 220 interface 0 has no altsetting 0
[  151.044101][  T822] usb 4-1: config 220 interface 76 has no altsetting 0
[  151.044122][  T822] usb 4-1: config 220 interface 1 has no altsetting 0
[  151.047641][  T822] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  151.047673][  T822] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.047695][  T822] usb 4-1: Product: syz
[  151.047710][  T822] usb 4-1: Manufacturer: syz
[  151.047726][  T822] usb 4-1: SerialNumber: syz
[  151.410250][  T822] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  151.410288][  T822] uvcvideo 4-1:220.0: No valid video chain found.
[  151.410352][  T822] usb 4-1: selecting invalid altsetting 0
[  151.503826][  T822] usb 4-1: selecting invalid altsetting 0
[  151.503876][  T822] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  151.538611][  T822] usb 4-1: USB disconnect, device number 5
[  151.832198][   T61] Bluetooth: hci3: command 0x0c1a tx timeout
[  151.902791][   T61] Bluetooth: hci2: command 0x0c1a tx timeout
[  151.902837][   T61] Bluetooth: hci0: command 0x0c1a tx timeout
[  152.089416][   T61] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  152.190796][   T61] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  152.192086][   T61] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  152.193265][   T61] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  152.221935][   T61] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  152.441285][ T6026] netlink: 104 bytes leftover after parsing attributes in process `syz.3.77'.
[  152.514868][ T1171] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.691468][ T5791] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  152.821445][ T5791] usb 4-1: device descriptor read/64, error -71
[  152.998668][ T1171] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.103180][ T5791] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  153.103357][ T1247] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  153.231208][ T5791] usb 4-1: device descriptor read/64, error -71
[  153.258197][ T1247] usb 1-1: config 8 has an invalid interface number: 223 but max is 0
[  153.258228][ T1247] usb 1-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  153.258249][ T1247] usb 1-1: config 8 has no interface number 0
[  153.258297][ T1247] usb 1-1: config 8 interface 223 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  153.314987][ T1247] usb 1-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d
[  153.315021][ T1247] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.315043][ T1247] usb 1-1: Product: syz
[  153.315058][ T1247] usb 1-1: Manufacturer: syz
[  153.315074][ T1247] usb 1-1: SerialNumber: syz
[  153.397242][ T5791] usb usb4-port1: attempt power cycle
[  153.879850][ T1171] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.946242][ T6054] FAULT_INJECTION: forcing a failure.
[  153.946242][ T6054] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.946279][ T6054] CPU: 1 UID: 0 PID: 6054 Comm: syz.1.84 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  153.946305][ T6054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  153.946319][ T6054] Call Trace:
[  153.946328][ T6054]  <TASK>
[  153.946337][ T6054]  dump_stack_lvl+0xe8/0x150
[  153.946371][ T6054]  should_fail_ex+0x46b/0x600
[  153.946410][ T6054]  strncpy_from_user+0x36/0x2b0
[  153.946446][ T6054]  do_getname+0x77/0x250
[  153.946485][ T6054]  user_path_at+0x2a/0x160
[  153.946514][ T6054]  __se_sys_inotify_add_watch+0x18d/0xf60
[  153.946556][ T6054]  ? fput+0xa0/0xd0
[  153.946577][ T6054]  ? ksys_write+0x248/0x270
[  153.946609][ T6054]  ? __pfx___se_sys_inotify_add_watch+0x10/0x10
[  153.946656][ T6054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.946682][ T6054]  do_syscall_64+0x174/0x580
[  153.946712][ T6054]  ? trace_irq_disable+0x3b/0x140
[  153.946750][ T6054]  ? clear_bhb_loop+0x40/0x90
[  153.946779][ T6054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.946803][ T6054] RIP: 0033:0x7f90faecce59
[  153.946824][ T6054] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  153.946854][ T6054] RSP: 002b:00007f90f90e4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe
[  153.946878][ T6054] RAX: ffffffffffffffda RBX: 00007f90fb146180 RCX: 00007f90faecce59
[  153.946895][ T6054] RDX: 00000000000000aa RSI: 00002000000006c0 RDI: 0000000000000005
[  153.946910][ T6054] RBP: 00007f90f90e4090 R08: 0000000000000000 R09: 0000000000000000
[  153.946924][ T6054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.946938][ T6054] R13: 00007f90fb146218 R14: 00007f90fb146180 R15: 00007ffedaafc558
[  153.946973][ T6054]  </TASK>
[  154.080573][ T1247] usb 1-1: USB disconnect, device number 4
[  154.878039][ T5791] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  154.888784][ T5616] Bluetooth: hci1: command tx timeout
[  154.889413][   T61] Bluetooth: hci3: command 0x0c1a tx timeout
[  154.893361][ T5791] usb 4-1: device descriptor read/8, error -71
[  155.191127][ T5791] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  155.215235][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[  155.215379][ T5791] usb 4-1: device descriptor read/8, error -32
[  155.460020][ T5791] usb usb4-port1: unable to enumerate USB device
[  156.622742][ T6063] netlink: 'syz.0.86': attribute type 12 has an invalid length.
[  156.915940][ T6067] FAULT_INJECTION: forcing a failure.
[  156.915940][ T6067] name failslab, interval 1, probability 0, space 0, times 0
[  156.915978][ T6067] CPU: 1 UID: 0 PID: 6067 Comm: syz.3.87 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  156.916003][ T6067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  156.916018][ T6067] Call Trace:
[  156.916026][ T6067]  <TASK>
[  156.916035][ T6067]  dump_stack_lvl+0xe8/0x150
[  156.916068][ T6067]  should_fail_ex+0x46b/0x600
[  156.916105][ T6067]  should_failslab+0xa8/0x100
[  156.916132][ T6067]  __kmalloc_noprof+0xfe/0x7e0
[  156.916157][ T6067]  ? tomoyo_encode+0x28b/0x550
[  156.916180][ T6067]  ? tomoyo_encode+0x28b/0x550
[  156.916211][ T6067]  tomoyo_encode+0x28b/0x550
[  156.916242][ T6067]  tomoyo_realpath_from_path+0x58d/0x5d0
[  156.916280][ T6067]  ? tomoyo_path_number_perm+0x219/0x630
[  156.916315][ T6067]  tomoyo_path_number_perm+0x246/0x630
[  156.916354][ T6067]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  156.916387][ T6067]  ? __lock_acquire+0x6b5/0x2d10
[  156.916427][ T6067]  ? do_raw_spin_lock+0x12b/0x2f0
[  156.916486][ T6067]  ? __fget_files+0x2a/0x420
[  156.916512][ T6067]  ? __fget_files+0x2a/0x420
[  156.916533][ T6067]  ? __fget_files+0x3a6/0x420
[  156.916555][ T6067]  ? __fget_files+0x2a/0x420
[  156.916582][ T6067]  security_file_ioctl+0xc3/0x2a0
[  156.916615][ T6067]  __se_sys_ioctl+0x47/0x170
[  156.916645][ T6067]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.916669][ T6067]  do_syscall_64+0x174/0x580
[  156.916698][ T6067]  ? trace_irq_disable+0x3b/0x140
[  156.916726][ T6067]  ? clear_bhb_loop+0x40/0x90
[  156.916754][ T6067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.916776][ T6067] RIP: 0033:0x7f60370cce59
[  156.916796][ T6067] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  156.916814][ T6067] RSP: 002b:00007f6035326028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  156.916838][ T6067] RAX: ffffffffffffffda RBX: 00007f6037345fa0 RCX: 00007f60370cce59
[  156.916855][ T6067] RDX: 0000200000000280 RSI: 0000000040605346 RDI: 0000000000000005
[  156.916870][ T6067] RBP: 00007f6035326090 R08: 0000000000000000 R09: 0000000000000000
[  156.916884][ T6067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.916897][ T6067] R13: 00007f6037346038 R14: 00007f6037345fa0 R15: 00007ffe3c60d558
[  156.916932][ T6067]  </TASK>
[  156.916953][ T6067] ERROR: Out of memory at tomoyo_realpath_from_path.
[  156.942606][   T61] Bluetooth: hci1: command tx timeout
[  157.579675][ T6075] FAULT_INJECTION: forcing a failure.
[  157.579675][ T6075] name failslab, interval 1, probability 0, space 0, times 0
[  157.579708][ T6075] CPU: 1 UID: 0 PID: 6075 Comm: syz.3.89 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  157.579728][ T6075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  157.579738][ T6075] Call Trace:
[  157.579745][ T6075]  <TASK>
[  157.579752][ T6075]  dump_stack_lvl+0xe8/0x150
[  157.579780][ T6075]  should_fail_ex+0x46b/0x600
[  157.579810][ T6075]  should_failslab+0xa8/0x100
[  157.579844][ T6075]  kmem_cache_alloc_noprof+0xa4/0x6c0
[  157.579873][ T6075]  ? security_inode_alloc+0x39/0x310
[  157.579892][ T6075]  ? security_inode_alloc+0x39/0x310
[  157.579915][ T6075]  security_inode_alloc+0x39/0x310
[  157.579936][ T6075]  inode_init_always_gfp+0x99a/0xd50
[  157.579969][ T6075]  ? __pfx_sock_alloc_inode+0x10/0x10
[  157.579997][ T6075]  alloc_inode+0x82/0x1b0
[  157.580028][ T6075]  __sock_create+0x11e/0x960
[  157.580058][ T6075]  ? __might_fault+0xaf/0x130
[  157.580079][ T6075]  __sys_socketpair+0x193/0x750
[  157.580103][ T6075]  __x64_sys_socketpair+0x9b/0xb0
[  157.580121][ T6075]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.580139][ T6075]  do_syscall_64+0x174/0x580
[  157.580161][ T6075]  ? trace_irq_disable+0x3b/0x140
[  157.580183][ T6075]  ? clear_bhb_loop+0x40/0x90
[  157.580204][ T6075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.580221][ T6075] RIP: 0033:0x7f60370cce59
[  157.580238][ T6075] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  157.580252][ T6075] RSP: 002b:00007f6035305028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  157.580271][ T6075] RAX: ffffffffffffffda RBX: 00007f6037346090 RCX: 00007f60370cce59
[  157.580284][ T6075] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  157.580296][ T6075] RBP: 00007f6035305090 R08: 0000000000000000 R09: 0000000000000000
[  157.580307][ T6075] R10: 00002000000029c0 R11: 0000000000000246 R12: 0000000000000001
[  157.580317][ T6075] R13: 00007f6037346128 R14: 00007f6037346090 R15: 00007ffe3c60d558
[  157.580345][ T6075]  </TASK>
[  157.598016][ T6075] socket: no more sockets
[  157.838775][ T1171] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.327760][ T6085] FAULT_INJECTION: forcing a failure.
[  158.327760][ T6085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.327799][ T6085] CPU: 1 UID: 0 PID: 6085 Comm: syz.3.95 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  158.327825][ T6085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  158.327840][ T6085] Call Trace:
[  158.327849][ T6085]  <TASK>
[  158.327859][ T6085]  dump_stack_lvl+0xe8/0x150
[  158.327914][ T6085]  should_fail_ex+0x46b/0x600
[  158.327955][ T6085]  _copy_to_user+0x31/0xb0
[  158.327984][ T6085]  simple_read_from_buffer+0xe1/0x170
[  158.328015][ T6085]  proc_fail_nth_read+0x1be/0x230
[  158.328043][ T6085]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  158.328072][ T6085]  ? rw_verify_area+0x2ac/0x4e0
[  158.328100][ T6085]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  158.328126][ T6085]  vfs_read+0x212/0xa80
[  158.328163][ T6085]  ? __pfx_vfs_read+0x10/0x10
[  158.328194][ T6085]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  158.328224][ T6085]  ? lockdep_hardirqs_on+0x7a/0x110
[  158.328253][ T6085]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  158.328302][ T6085]  ? mutex_lock_nested+0x152/0x1d0
[  158.328336][ T6085]  ? fdget_pos+0x252/0x320
[  158.328369][ T6085]  ksys_read+0x156/0x270
[  158.328399][ T6085]  ? __pfx_ksys_read+0x10/0x10
[  158.328435][ T6085]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.328461][ T6085]  do_syscall_64+0x174/0x580
[  158.328489][ T6085]  ? trace_irq_disable+0x3b/0x140
[  158.328518][ T6085]  ? clear_bhb_loop+0x40/0x90
[  158.328548][ T6085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.328575][ T6085] RIP: 0033:0x7f603708d68e
[  158.328595][ T6085] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  158.328613][ T6085] RSP: 002b:00007f6035325fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  158.328646][ T6085] RAX: ffffffffffffffda RBX: 00007f60353266c0 RCX: 00007f603708d68e
[  158.328663][ T6085] RDX: 000000000000000f RSI: 00007f60353260a0 RDI: 0000000000000004
[  158.328677][ T6085] RBP: 00007f6035326090 R08: 0000000000000000 R09: 0000000000000000
[  158.328691][ T6085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.328704][ T6085] R13: 00007f6037346038 R14: 00007f6037345fa0 R15: 00007ffe3c60d558
[  158.328739][ T6085]  </TASK>
[  158.896562][ T6092] netlink: 8 bytes leftover after parsing attributes in process `syz.3.97'.
[  159.026886][   T61] Bluetooth: hci1: command tx timeout
[  159.381695][ T6106] FAULT_INJECTION: forcing a failure.
[  159.381695][ T6106] name failslab, interval 1, probability 0, space 0, times 0
[  159.381730][ T6106] CPU: 1 UID: 0 PID: 6106 Comm: syz.0.103 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  159.381764][ T6106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  159.381778][ T6106] Call Trace:
[  159.381787][ T6106]  <TASK>
[  159.381796][ T6106]  dump_stack_lvl+0xe8/0x150
[  159.381829][ T6106]  should_fail_ex+0x46b/0x600
[  159.381866][ T6106]  should_failslab+0xa8/0x100
[  159.381894][ T6106]  kmem_cache_alloc_node_noprof+0xae/0x710
[  159.381933][ T6106]  ? __alloc_skb+0x1d0/0x7d0
[  159.381956][ T6106]  ? __alloc_skb+0x1d0/0x7d0
[  159.381987][ T6106]  __alloc_skb+0x1d0/0x7d0
[  159.382010][ T6106]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  159.382040][ T6106]  netlink_sendmsg+0x5d4/0xb40
[  159.382080][ T6106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.382112][ T6106]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  159.382145][ T6106]  ? aa_sock_msg_perm+0x122/0x200
[  159.382169][ T6106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.382197][ T6106]  sock_sendmsg_nosec+0x13a/0x180
[  159.382236][ T6106]  ____sys_sendmsg+0x55c/0x870
[  159.382271][ T6106]  ? __pfx_____sys_sendmsg+0x10/0x10
[  159.382309][ T6106]  ? import_iovec+0x73/0xa0
[  159.382337][ T6106]  ___sys_sendmsg+0x2a5/0x360
[  159.382364][ T6106]  ? __lock_acquire+0x6b5/0x2d10
[  159.382398][ T6106]  ? __pfx____sys_sendmsg+0x10/0x10
[  159.382518][ T6106]  ? __fget_files+0x2a/0x420
[  159.382541][ T6106]  ? __fget_files+0x3a6/0x420
[  159.382574][ T6106]  __x64_sys_sendmsg+0x1b7/0x290
[  159.382606][ T6106]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  159.382653][ T6106]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.382676][ T6106]  do_syscall_64+0x174/0x580
[  159.382705][ T6106]  ? trace_irq_disable+0x3b/0x140
[  159.382734][ T6106]  ? clear_bhb_loop+0x40/0x90
[  159.382769][ T6106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.382793][ T6106] RIP: 0033:0x7efecfa2ce59
[  159.382814][ T6106] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  159.382832][ T6106] RSP: 002b:00007efecdc86028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  159.382856][ T6106] RAX: ffffffffffffffda RBX: 00007efecfca5fa0 RCX: 00007efecfa2ce59
[  159.382873][ T6106] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[  159.382887][ T6106] RBP: 00007efecdc86090 R08: 0000000000000000 R09: 0000000000000000
[  159.382901][ T6106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.382914][ T6106] R13: 00007efecfca6038 R14: 00007efecfca5fa0 R15: 00007ffcd90b2f48
[  159.382948][ T6106]  </TASK>
[  159.401064][  T822] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  159.631195][  T822] usb 4-1: Using ep0 maxpacket: 32
[  159.666060][  T822] usb 4-1: config 1 has an invalid interface number: 236 but max is 0
[  159.666104][  T822] usb 4-1: config 1 has no interface number 0
[  159.666151][  T822] usb 4-1: config 1 interface 236 altsetting 2 endpoint 0x5 has invalid wMaxPacketSize 0
[  159.666175][  T822] usb 4-1: config 1 interface 236 altsetting 2 bulk endpoint 0x5 has invalid maxpacket 0
[  159.666201][  T822] usb 4-1: config 1 interface 236 has no altsetting 0
[  159.722046][  T822] usb 4-1: config 1 has an invalid interface number: 236 but max is 0
[  159.722297][  T822] usb 4-1: config 1 has no interface number 0
[  159.722430][  T822] usb 4-1: config 1 interface 236 altsetting 2 endpoint 0x5 has invalid wMaxPacketSize 0
[  159.722495][  T822] usb 4-1: config 1 interface 236 altsetting 2 bulk endpoint 0x5 has invalid maxpacket 0
[  159.722522][  T822] usb 4-1: config 1 interface 236 has no altsetting 0
[  159.795442][  T822] usb 4-1: New USB device found, idVendor=0451, idProduct=5152, bcdDevice=aa.6a
[  159.795476][  T822] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.795498][  T822] usb 4-1: Product: syz
[  159.795513][  T822] usb 4-1: Manufacturer: syz
[  159.795529][  T822] usb 4-1: SerialNumber: syz
[  159.974309][ T6110] FAULT_INJECTION: forcing a failure.
[  159.974309][ T6110] name failslab, interval 1, probability 0, space 0, times 0
[  159.974346][ T6110] CPU: 1 UID: 0 PID: 6110 Comm: syz.1.105 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  159.974372][ T6110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  159.974386][ T6110] Call Trace:
[  159.974395][ T6110]  <TASK>
[  159.974405][ T6110]  dump_stack_lvl+0xe8/0x150
[  159.974439][ T6110]  should_fail_ex+0x46b/0x600
[  159.974477][ T6110]  should_failslab+0xa8/0x100
[  159.974504][ T6110]  __kmalloc_noprof+0xfe/0x7e0
[  159.974526][ T6110]  ? rcu_is_watching+0x15/0xb0
[  159.974559][ T6110]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  159.974585][ T6110]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  159.974618][ T6110]  tomoyo_realpath_from_path+0xe3/0x5d0
[  159.974646][ T6110]  ? tomoyo_domain+0xd7/0x130
[  159.974687][ T6110]  ? tomoyo_path_number_perm+0x219/0x630
[  159.974722][ T6110]  tomoyo_path_number_perm+0x246/0x630
[  159.974762][ T6110]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  159.974796][ T6110]  ? __lock_acquire+0x6b5/0x2d10
[  159.974829][ T6110]  ? do_raw_spin_lock+0x12b/0x2f0
[  159.974885][ T6110]  ? __fget_files+0x2a/0x420
[  159.974913][ T6110]  ? __fget_files+0x2a/0x420
[  159.974934][ T6110]  ? __fget_files+0x3a6/0x420
[  159.974956][ T6110]  ? __fget_files+0x2a/0x420
[  159.974984][ T6110]  security_file_ioctl+0xc3/0x2a0
[  159.975019][ T6110]  __se_sys_ioctl+0x47/0x170
[  159.975049][ T6110]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.975073][ T6110]  do_syscall_64+0x174/0x580
[  159.975102][ T6110]  ? trace_irq_disable+0x3b/0x140
[  159.975130][ T6110]  ? clear_bhb_loop+0x40/0x90
[  159.975157][ T6110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.975177][ T6110] RIP: 0033:0x7f90faecce59
[  159.975194][ T6110] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  159.975212][ T6110] RSP: 002b:00007f90f9126028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  159.975235][ T6110] RAX: ffffffffffffffda RBX: 00007f90fb145fa0 RCX: 00007f90faecce59
[  159.975252][ T6110] RDX: 0000200000000080 RSI: 0000000080045017 RDI: 0000000000000003
[  159.975267][ T6110] RBP: 00007f90f9126090 R08: 0000000000000000 R09: 0000000000000000
[  159.975281][ T6110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.975293][ T6110] R13: 00007f90fb146038 R14: 00007f90fb145fa0 R15: 00007ffedaafc558
[  159.975328][ T6110]  </TASK>
[  159.975338][ T6110] ERROR: Out of memory at tomoyo_realpath_from_path.
[  160.640597][  T822] ti_usb_3410_5052 4-1:1.236: TI USB 5052 2 port adapter converter detected
[  161.071846][ T6118] netlink: 36 bytes leftover after parsing attributes in process `syz.1.106'.
[  161.106289][   T61] Bluetooth: hci1: command tx timeout
[  161.219571][   T33] usb 4-1: USB disconnect, device number 10
[  161.243536][ T1171] bridge_slave_1: left allmulticast mode
[  161.243737][ T1171] bridge_slave_1: left promiscuous mode
[  161.311949][ T1171] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.556568][ T1171] bridge_slave_0: left allmulticast mode
[  161.556607][ T1171] bridge_slave_0: left promiscuous mode
[  161.576513][ T1171] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.925567][ T6145] netlink: 48 bytes leftover after parsing attributes in process `syz.3.112'.
[  161.968964][ T6145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.112'.
[  162.193346][ T1247] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  162.362840][ T1247] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  162.362871][ T1247] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  162.362897][ T1247] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  162.362912][ T1247] usb 1-1: config 220 has no interface number 2
[  162.363012][ T1247] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  162.363032][ T1247] usb 1-1: config 220 interface 0 has no altsetting 0
[  162.363045][ T1247] usb 1-1: config 220 interface 76 has no altsetting 0
[  162.363059][ T1247] usb 1-1: config 220 interface 1 has no altsetting 0
[  162.365595][ T1247] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  162.365628][ T1247] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.365643][ T1247] usb 1-1: Product: syz
[  162.365653][ T1247] usb 1-1: Manufacturer: syz
[  162.365664][ T1247] usb 1-1: SerialNumber: syz
[  162.493937][  T822] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  162.609677][ T1247] usb 1-1: selecting invalid altsetting 0
[  162.610048][ T1247] uvcvideo 1-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  162.610080][ T1247] uvcvideo 1-1:220.0: No valid video chain found.
[  162.641485][ T1247] usb 1-1: selecting invalid altsetting 0
[  162.641523][ T1247] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  162.661242][ T1247] usb 1-1: USB disconnect, device number 5
[  162.685601][  T822] usb 2-1: config 0 has an invalid interface number: 255 but max is 0
[  162.685632][  T822] usb 2-1: config 0 has no interface number 0
[  162.709063][  T822] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  162.709094][  T822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.709115][  T822] usb 2-1: Product: syz
[  162.709130][  T822] usb 2-1: Manufacturer: syz
[  162.709145][  T822] usb 2-1: SerialNumber: syz
[  162.808737][  T822] usb 2-1: config 0 descriptor??
[  162.846185][  T822] ch341 2-1:0.255: ch341-uart converter detected
[  163.038606][ T6151] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  163.039223][ T6151] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  163.242216][ T1171] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  163.269243][ T6151] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  163.269878][ T6151] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  163.294441][ T6153] comedi: No check for data length of config insn id 5 is implemented
[  163.294461][ T6153] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  163.294474][ T6153] comedi: Assuming n=8005 is correct
[  163.364267][ T1171] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  163.457730][  T822] usb 2-1: failed to send control message: -71
[  163.457792][  T822] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  163.483725][ T1171] bond0 (unregistering): Released all slaves
[  163.544786][  T822] usb 2-1: USB disconnect, device number 7
[  163.571837][  T822] ch341 2-1:0.255: device disconnected
[  163.663826][ T5267] 8021q: adding VLAN 0 to HW filter on device eth1
[  164.666048][ T6177] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  164.667070][ T6177] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  164.667202][ T6177] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  164.765925][ T6177] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  164.766221][ T6177] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  164.766986][ T6177] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  164.864218][ T6177] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  164.989764][ T6198] comedi: No check for data length of config insn id 5 is implemented
[  164.989783][ T6198] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  164.989797][ T6198] comedi: Assuming n=8004 is correct
[  165.077501][ T6182] netlink: 'syz.3.123': attribute type 11 has an invalid length.
[  165.221312][   T10] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  165.399240][   T10] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  165.399271][   T10] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  165.399297][   T10] usb 2-1: config 220 has no interface number 2
[  165.399353][   T10] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  165.399375][   T10] usb 2-1: config 220 interface 0 has no altsetting 0
[  165.399464][   T10] usb 2-1: config 220 interface 76 has no altsetting 0
[  165.399487][   T10] usb 2-1: config 220 interface 1 has no altsetting 0
[  165.431134][   T10] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  165.431166][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.431185][   T10] usb 2-1: Product: syz
[  165.431199][   T10] usb 2-1: Manufacturer: syz
[  165.431215][   T10] usb 2-1: SerialNumber: syz
[  165.554411][ T6205] netlink: 132 bytes leftover after parsing attributes in process `syz.0.128'.
[  165.886176][   T10] usb 2-1: selecting invalid altsetting 0
[  165.899596][   T10] uvcvideo 2-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  165.899632][   T10] uvcvideo 2-1:220.0: No valid video chain found.
[  165.964929][ T5616] Bluetooth: hci2: connection err: -111
[  166.021213][   T10] usb 2-1: selecting invalid altsetting 0
[  166.021241][   T10] usbtest 2-1:220.1: probe with driver usbtest failed with error -22
[  166.092579][   T10] usb 2-1: USB disconnect, device number 8
[  166.233800][ T5616] Bluetooth: hci3: adv larger than maximum supported
[  166.233819][ T5616] Bluetooth: hci3: Malformed LE Event: 0x0d
[  166.324300][ T6020] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.326108][ T6020] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.326442][ T6020] bridge_slave_0: entered allmulticast mode
[  166.346094][ T6020] bridge_slave_0: entered promiscuous mode
[  166.386963][ T6020] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.392598][ T6020] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.393693][ T6020] bridge_slave_1: entered allmulticast mode
[  166.409407][ T6020] bridge_slave_1: entered promiscuous mode
[  166.587976][ T6020] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.605377][ T6020] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.718422][ T5616] Bluetooth: hci2: command 0x0c1a tx timeout
[  166.718472][ T5616] Bluetooth: hci3: command 0x0c1a tx timeout
[  166.784023][   T61] Bluetooth: hci1: command 0x0c1a tx timeout
[  166.784257][   T61] Bluetooth: hci0: command 0x0c1a tx timeout
[  167.217929][ T6230] FAULT_INJECTION: forcing a failure.
[  167.217929][ T6230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.217968][ T6230] CPU: 1 UID: 0 PID: 6230 Comm: syz.1.134 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  167.217993][ T6230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  167.218008][ T6230] Call Trace:
[  167.218016][ T6230]  <TASK>
[  167.218026][ T6230]  dump_stack_lvl+0xe8/0x150
[  167.218059][ T6230]  should_fail_ex+0x46b/0x600
[  167.218103][ T6230]  _copy_from_user+0x2d/0xb0
[  167.218128][ T6230]  ___sys_recvmsg+0x175/0x5a0
[  167.218162][ T6230]  ? __pfx_task_work_run+0x10/0x10
[  167.218190][ T6230]  ? __pfx____sys_recvmsg+0x10/0x10
[  167.218229][ T6230]  ? __fget_files+0x2a/0x420
[  167.218270][ T6230]  ? __fget_files+0x3a6/0x420
[  167.218303][ T6230]  __x64_sys_recvmsg+0x1b4/0x290
[  167.218335][ T6230]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  167.218383][ T6230]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.218408][ T6230]  do_syscall_64+0x174/0x580
[  167.218435][ T6230]  ? trace_irq_disable+0x3b/0x140
[  167.218466][ T6230]  ? clear_bhb_loop+0x40/0x90
[  167.218494][ T6230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.218516][ T6230] RIP: 0033:0x7f90faecce59
[  167.218537][ T6230] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  167.218555][ T6230] RSP: 002b:00007f90f9126028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  167.218578][ T6230] RAX: ffffffffffffffda RBX: 00007f90fb145fa0 RCX: 00007f90faecce59
[  167.218595][ T6230] RDX: 0000000000000020 RSI: 0000200000000100 RDI: 0000000000000004
[  167.218609][ T6230] RBP: 00007f90f9126090 R08: 0000000000000000 R09: 0000000000000000
[  167.218623][ T6230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.218636][ T6230] R13: 00007f90fb146038 R14: 00007f90fb145fa0 R15: 00007ffedaafc558
[  167.218698][ T6230]  </TASK>
[  168.118377][ T6020] team0: Port device team_slave_0 added
[  168.159402][ T6020] team0: Port device team_slave_1 added
[  168.174708][ T5267] 8021q: adding VLAN 0 to HW filter on device eth2
[  168.201317][ T6255] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  168.201605][ T6255] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  168.201880][ T6255] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  168.202002][ T6255] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  168.287910][ T6255] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  168.502713][ T1171] hsr_slave_0: left promiscuous mode
[  168.521228][   T33] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  168.541153][ T1171] hsr_slave_1: left promiscuous mode
[  168.548614][ T1171] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.548925][ T1171] batman_adv: batadv0: Removing interface: batadv_slave_0
[  168.593231][ T1171] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  168.593253][ T1171] batman_adv: batadv0: Removing interface: batadv_slave_1
[  168.681172][   T33] usb 4-1: Using ep0 maxpacket: 32
[  168.684273][   T33] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  168.684304][   T33] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.690158][   T33] usb 4-1: config 0 descriptor??
[  168.725217][   T33] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  168.745307][ T1171] veth1_macvtap: left promiscuous mode
[  168.745662][ T1171] veth0_macvtap: left promiscuous mode
[  168.746030][ T1171] veth1_vlan: left promiscuous mode
[  168.746393][ T1171] veth0_vlan: left promiscuous mode
[  168.916820][   T33] gspca_vc032x: reg_r err -71
[  168.916865][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916875][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916885][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916894][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916903][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916912][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916921][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916930][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916939][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916947][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916956][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916965][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916974][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916983][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.916991][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.917000][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.917009][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.917017][   T33] gspca_vc032x: I2c Bus Busy Wait 00
[  168.917030][   T33] gspca_vc032x: Unknown sensor...
[  168.917113][   T33] vc032x 4-1:0.0: probe with driver vc032x failed with error -22
[  169.050615][   T33] usb 4-1: USB disconnect, device number 11
[  169.645586][ T6266] FAULT_INJECTION: forcing a failure.
[  169.645586][ T6266] name failslab, interval 1, probability 0, space 0, times 0
[  169.645612][ T6266] CPU: 0 UID: 0 PID: 6266 Comm: syz.3.140 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  169.645631][ T6266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  169.645648][ T6266] Call Trace:
[  169.645654][ T6266]  <TASK>
[  169.645666][ T6266]  dump_stack_lvl+0xe8/0x150
[  169.645689][ T6266]  should_fail_ex+0x46b/0x600
[  169.645716][ T6266]  should_failslab+0xa8/0x100
[  169.645736][ T6266]  kmem_cache_alloc_node_noprof+0xae/0x710
[  169.645763][ T6266]  ? __alloc_skb+0x1d0/0x7d0
[  169.645779][ T6266]  ? __alloc_skb+0x1d0/0x7d0
[  169.645801][ T6266]  __alloc_skb+0x1d0/0x7d0
[  169.645821][ T6266]  sock_wmalloc+0xb2/0x130
[  169.645844][ T6266]  pppoe_sendmsg+0x2b4/0x7c0
[  169.645868][ T6266]  ? __pfx_pppoe_sendmsg+0x10/0x10
[  169.645893][ T6266]  ? aa_sock_msg_perm+0x122/0x200
[  169.645910][ T6266]  ? __pfx_pppoe_sendmsg+0x10/0x10
[  169.645929][ T6266]  sock_sendmsg_nosec+0x13a/0x180
[  169.645956][ T6266]  ____sys_sendmsg+0x55c/0x870
[  169.645981][ T6266]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.646010][ T6266]  ? import_iovec+0x73/0xa0
[  169.646030][ T6266]  ___sys_sendmsg+0x2a5/0x360
[  169.646049][ T6266]  ? __lock_acquire+0x6b5/0x2d10
[  169.646073][ T6266]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.646097][ T6266]  ? kstrtouint+0x6e/0xe0
[  169.646138][ T6266]  ? __fget_files+0x2a/0x420
[  169.646153][ T6266]  ? __fget_files+0x3a6/0x420
[  169.646177][ T6266]  __sys_sendmmsg+0x279/0x4d0
[  169.646201][ T6266]  ? __pfx___sys_sendmmsg+0x10/0x10
[  169.646228][ T6266]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  169.646254][ T6266]  ? ksys_write+0x248/0x270
[  169.646276][ T6266]  ? __pfx_ksys_write+0x10/0x10
[  169.646300][ T6266]  __x64_sys_sendmmsg+0xa0/0xc0
[  169.646320][ T6266]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.646337][ T6266]  do_syscall_64+0x174/0x580
[  169.646357][ T6266]  ? trace_irq_disable+0x3b/0x140
[  169.646377][ T6266]  ? clear_bhb_loop+0x40/0x90
[  169.646396][ T6266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.646412][ T6266] RIP: 0033:0x7f60370cce59
[  169.646427][ T6266] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  169.646440][ T6266] RSP: 002b:00007f6035326028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  169.646459][ T6266] RAX: ffffffffffffffda RBX: 00007f6037345fa0 RCX: 00007f60370cce59
[  169.646471][ T6266] RDX: 00000000000003e8 RSI: 0000200000002340 RDI: 0000000000000003
[  169.646488][ T6266] RBP: 00007f6035326090 R08: 0000000000000000 R09: 0000000000000000
[  169.646498][ T6266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.646507][ T6266] R13: 00007f6037346038 R14: 00007f6037345fa0 R15: 00007ffe3c60d558
[  169.646531][ T6266]  </TASK>
[  170.112175][ T1171] team0 (unregistering): Port device team_slave_1 removed
[  170.172863][ T1171] team0 (unregistering): Port device team_slave_0 removed
[  170.222939][   T61] Bluetooth: hci2: command 0x0c1a tx timeout
[  170.222979][   T61] Bluetooth: hci3: command 0x0c1a tx timeout
[  170.223036][ T5616] Bluetooth: hci0: command 0x0c1a tx timeout
[  170.311323][ T5616] Bluetooth: hci1: command 0x0c1a tx timeout
[  170.497571][ T6020] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.497584][ T6020] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  170.497605][ T6020] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.767896][ T6020] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.767910][ T6020] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  170.767931][ T6020] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.943710][ T5616] Bluetooth: hci0: adv larger than maximum supported
[  170.943729][ T5616] Bluetooth: hci0: Malformed LE Event: 0x0d
[  171.076766][ T6020] hsr_slave_0: entered promiscuous mode
[  171.079951][ T6020] hsr_slave_1: entered promiscuous mode
[  171.094188][ T6020] debugfs: 'hsr0' already exists in 'hsr'
[  171.094216][ T6020] Cannot create hsr debugfs directory
[  172.301130][ T5616] Bluetooth: hci0: command 0x0c1a tx timeout
[  172.391152][ T5616] Bluetooth: hci1: command 0x0c1a tx timeout
[  172.713552][ T6312] comedi: No check for data length of config insn id 5 is implemented
[  172.713572][ T6312] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  172.713587][ T6312] comedi: Assuming n=8000 is correct
[  172.923024][ T6310] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  172.923237][ T6310] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  172.923423][ T6310] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  172.923505][ T6310] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  173.076221][ T5616] Bluetooth: hci3: adv larger than maximum supported
[  173.076240][ T5616] Bluetooth: hci3: Malformed LE Event: 0x0d
[  173.518948][ T6310] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  174.123599][ T6334] program syz.0.159 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  174.325656][ T6343] comedi: No check for data length of config insn id 5 is implemented
[  174.325674][ T6343] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  174.325688][ T6343] comedi: Assuming n=7999 is correct
[  174.366820][ T6339] Zero length message leads to an empty skb
[  174.951228][ T5616] Bluetooth: hci3: adv larger than maximum supported
[  174.951246][ T5616] Bluetooth: hci3: Malformed LE Event: 0x0d
[  175.271134][   T61] Bluetooth: hci0: command 0x0c1a tx timeout
[  175.271182][   T61] Bluetooth: hci2: command 0x0c1a tx timeout
[  175.271295][ T5616] Bluetooth: hci3: command 0x0c1a tx timeout
[  175.583624][ T5616] Bluetooth: hci1: command 0x0c1a tx timeout
[  175.651410][ T6364] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  175.651630][ T6364] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  175.689317][ T6364] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  175.689410][ T6364] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  175.792900][ T6364] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  176.191927][ T5684] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  176.293573][ T6381] program syz.1.171 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  176.364214][ T6020] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  176.413485][ T5684] usb 1-1: config 2 has an invalid descriptor of length 1, skipping remainder of the config
[  176.413540][ T5684] usb 1-1: config 2 interface 0 altsetting 178 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  176.413570][ T5684] usb 1-1: config 2 interface 0 has no altsetting 0
[  176.417556][ T5684] usb 1-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47
[  176.417588][ T5684] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.417608][ T5684] usb 1-1: Product: syz
[  176.417623][ T5684] usb 1-1: Manufacturer: syz
[  176.417639][ T5684] usb 1-1: SerialNumber: syz
[  176.540578][ T6367] netlink: 'syz.3.169': attribute type 10 has an invalid length.
[  176.572330][ T6020] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  176.920355][ T6392] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.932981][ T6392] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.190084][ T6398] comedi: No check for data length of config insn id 5 is implemented
[  177.190101][ T6398] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  177.190114][ T6398] comedi: Assuming n=7998 is correct
[  177.464200][ T6020] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  177.577469][ T6020] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  177.579380][ T6020] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  177.661221][ T5614] Bluetooth: hci2: command 0x0c1a tx timeout
[  177.661348][ T5616] Bluetooth: hci3: command 0x0c1a tx timeout
[  177.752946][ T5616] Bluetooth: hci0: command 0x0c1a tx timeout
[  177.778946][ T6020] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  177.797154][ T6020] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  177.821163][ T5616] Bluetooth: hci1: command 0x0c1a tx timeout
[  177.946193][ T6020] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  178.428099][ T5616] Bluetooth: hci2: adv larger than maximum supported
[  178.428181][ T5616] Bluetooth: hci2: Malformed LE Event: 0x0d
[  179.154474][ T6424] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  179.154727][ T6424] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  179.158789][ T6424] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  179.158913][ T6424] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  179.194316][ T6020] 8021q: adding VLAN 0 to HW filter on device bond0
[  179.248006][ T6020] 8021q: adding VLAN 0 to HW filter on device team0
[  179.279572][ T1519] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.279846][ T1519] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.354287][ T6424] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  179.408670][ T1519] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.408846][ T1519] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.751238][   T33] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  179.970660][   T33] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  179.970693][   T33] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  179.970714][   T33] usb 4-1: config 220 has no interface number 2
[  179.970860][   T33] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  179.970891][   T33] usb 4-1: config 220 interface 0 has no altsetting 0
[  179.971041][   T33] usb 4-1: config 220 interface 76 has no altsetting 0
[  179.971064][   T33] usb 4-1: config 220 interface 1 has no altsetting 0
[  180.046532][   T33] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  180.046651][   T33] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.046673][   T33] usb 4-1: Product: syz
[  180.046689][   T33] usb 4-1: Manufacturer: syz
[  180.046704][   T33] usb 4-1: SerialNumber: syz
[  180.504101][   T33] usb 4-1: selecting invalid altsetting 0
[  180.522344][   T33] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  180.522377][   T33] uvcvideo 4-1:220.0: No valid video chain found.
[  180.636577][   T33] usb 4-1: selecting invalid altsetting 0
[  180.636620][   T33] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  180.681995][   T33] usb 4-1: USB disconnect, device number 12
[  181.022082][ T5616] Bluetooth: hci3: command 0x0c1a tx timeout
[  181.181199][ T5614] Bluetooth: hci2: command 0x0c1a tx timeout
[  181.181260][ T5616] Bluetooth: hci0: command 0x0c1a tx timeout
[  181.421854][ T5616] Bluetooth: hci1: command 0x0c1a tx timeout
[  181.934458][  T822] usb 1-1: USB disconnect, device number 6
[  182.024789][ T6485] netlink: 4268 bytes leftover after parsing attributes in process `syz.1.187'.
[  182.024916][ T6485] netlink: 4268 bytes leftover after parsing attributes in process `syz.1.187'.
[  182.345920][ T6020] 8021q: adding VLAN 0 to HW filter on device batadv0
[  182.547415][ T6020] veth0_vlan: entered promiscuous mode
[  182.603287][ T6020] veth1_vlan: entered promiscuous mode
[  182.721095][ T5790] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  182.789875][ T6020] veth0_macvtap: entered promiscuous mode
[  182.807968][ T6020] veth1_macvtap: entered promiscuous mode
[  182.842495][ T6020] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.861098][ T5790] usb 2-1: device descriptor read/64, error -71
[  182.864045][ T6494] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  182.864247][ T6494] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  182.864344][ T6494] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  182.904128][ T6020] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.928240][  T156] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.928920][  T156] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.928967][  T156] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.929006][  T156] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.965642][ T6494] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  182.989975][ T6494] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  183.151049][ T5790] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  183.302951][ T5790] usb 2-1: device descriptor read/64, error -71
[  183.434498][ T5790] usb usb2-port1: attempt power cycle
[  183.735708][ T1519] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.735731][ T1519] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.888132][  T156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.888154][  T156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.917978][ T5790] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  183.949173][ T5790] usb 2-1: device descriptor read/8, error -71
[  183.981739][ T5754] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  184.154883][ T5754] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  184.154916][ T5754] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  184.154937][ T5754] usb 1-1: config 220 has no interface number 2
[  184.155009][ T5754] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  184.155040][ T5754] usb 1-1: config 220 interface 0 has no altsetting 0
[  184.155061][ T5754] usb 1-1: config 220 interface 76 has no altsetting 0
[  184.155082][ T5754] usb 1-1: config 220 interface 1 has no altsetting 0
[  184.191100][ T5790] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  184.212266][ T5790] usb 2-1: device descriptor read/8, error -71
[  184.238648][ T5754] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  184.238672][ T5754] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.238687][ T5754] usb 1-1: Product: syz
[  184.238697][ T5754] usb 1-1: Manufacturer: syz
[  184.238707][ T5754] usb 1-1: SerialNumber: syz
[  184.321845][ T5790] usb usb2-port1: unable to enumerate USB device
[  184.411387][ T1246] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  184.519095][ T5754] usb 1-1: selecting invalid altsetting 0
[  184.519477][ T5754] uvcvideo 1-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  184.519511][ T5754] uvcvideo 1-1:220.0: No valid video chain found.
[  184.561514][ T1246] usb 3-1: device descriptor read/64, error -71
[  184.580154][ T5754] usb 1-1: selecting invalid altsetting 0
[  184.580210][ T5754] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  184.640469][ T5754] usb 1-1: USB disconnect, device number 7
[  184.801112][ T1246] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  184.931132][ T1246] usb 3-1: device descriptor read/64, error -71
[  184.952529][ T5614] Bluetooth: hci3: command 0x0c1a tx timeout
[  184.952609][ T5616] Bluetooth: hci2: command 0x0c1a tx timeout
[  185.022803][ T5614] Bluetooth: hci0: command 0x0c1a tx timeout
[  185.022863][ T5616] Bluetooth: hci1: command 0x0c1a tx timeout
[  185.043630][ T1246] usb usb3-port1: attempt power cycle
[  185.640590][ T6533] binder: 6532:6533 ioctl c0306201 0 returned -14
[  185.722612][ T1246] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  185.766408][ T6525] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  185.766634][ T6525] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  185.766829][ T6525] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  185.766912][ T6525] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  185.767955][ T1246] usb 3-1: device descriptor read/8, error -71
[  185.877102][ T6525] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  186.001629][ T1246] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  186.022224][ T1246] usb 3-1: device descriptor read/8, error -71
[  186.131599][ T1246] usb usb3-port1: unable to enumerate USB device
[  186.262086][ T6545] FAULT_INJECTION: forcing a failure.
[  186.262086][ T6545] name failslab, interval 1, probability 0, space 0, times 0
[  186.262123][ T6545] CPU: 0 UID: 0 PID: 6545 Comm: syz.3.204 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  186.262148][ T6545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  186.262161][ T6545] Call Trace:
[  186.262170][ T6545]  <TASK>
[  186.262180][ T6545]  dump_stack_lvl+0xe8/0x150
[  186.262214][ T6545]  should_fail_ex+0x46b/0x600
[  186.262251][ T6545]  should_failslab+0xa8/0x100
[  186.262278][ T6545]  __kmalloc_noprof+0xfe/0x7e0
[  186.262302][ T6545]  ? sock_kmalloc+0xd6/0x160
[  186.262331][ T6545]  ? sock_kmalloc+0xd6/0x160
[  186.262366][ T6545]  sock_kmalloc+0xd6/0x160
[  186.262399][ T6545]  af_alg_alloc_areq+0x8c/0x200
[  186.262429][ T6545]  skcipher_recvmsg+0x315/0xe10
[  186.262479][ T6545]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  186.262507][ T6545]  ? __lock_acquire+0x6b5/0x2d10
[  186.262541][ T6545]  ? aa_sock_msg_perm+0x122/0x200
[  186.262563][ T6545]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  186.262594][ T6545]  sock_recvmsg_nosec+0x130/0x170
[  186.262632][ T6545]  ____sys_recvmsg+0x23d/0x4f0
[  186.262671][ T6545]  ? __pfx_____sys_recvmsg+0x10/0x10
[  186.262717][ T6545]  ? import_iovec+0x73/0xa0
[  186.262745][ T6545]  ___sys_recvmsg+0x215/0x5a0
[  186.262780][ T6545]  ? __pfx____sys_recvmsg+0x10/0x10
[  186.262814][ T6545]  ? __fget_files+0x2a/0x420
[  186.262855][ T6545]  ? __fget_files+0x3a6/0x420
[  186.262889][ T6545]  __x64_sys_recvmsg+0x1b4/0x290
[  186.262921][ T6545]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  186.262970][ T6545]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.262995][ T6545]  do_syscall_64+0x174/0x580
[  186.263032][ T6545]  ? trace_irq_disable+0x3b/0x140
[  186.263058][ T6545]  ? clear_bhb_loop+0x40/0x90
[  186.263086][ T6545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.263109][ T6545] RIP: 0033:0x7f60370cce59
[  186.263129][ T6545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  186.263148][ T6545] RSP: 002b:00007f6035326028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  186.263172][ T6545] RAX: ffffffffffffffda RBX: 00007f6037345fa0 RCX: 00007f60370cce59
[  186.263189][ T6545] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  186.263202][ T6545] RBP: 00007f6035326090 R08: 0000000000000000 R09: 0000000000000000
[  186.263216][ T6545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.263229][ T6545] R13: 00007f6037346038 R14: 00007f6037345fa0 R15: 00007ffe3c60d558
[  186.263265][ T6545]  </TASK>
[  186.625889][ T6549] program syz.3.207 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  186.799729][ T1246] kernel write not supported for file /vcs (pid: 1246 comm: kworker/0:2)
[  187.031551][   T33] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  187.058852][ T6557] FAULT_INJECTION: forcing a failure.
[  187.058852][ T6557] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.058879][ T6557] CPU: 0 UID: 0 PID: 6557 Comm: syz.0.210 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  187.058898][ T6557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  187.058908][ T6557] Call Trace:
[  187.058914][ T6557]  <TASK>
[  187.058920][ T6557]  dump_stack_lvl+0xe8/0x150
[  187.058946][ T6557]  should_fail_ex+0x46b/0x600
[  187.058974][ T6557]  _copy_from_user+0x2d/0xb0
[  187.058993][ T6557]  input_event_from_user+0xb1/0x290
[  187.059014][ T6557]  ? __pfx_input_event_from_user+0x10/0x10
[  187.059035][ T6557]  ? rt_spin_unlock+0x160/0x200
[  187.059054][ T6557]  evdev_write+0x2ca/0x4c0
[  187.059073][ T6557]  ? __pfx_evdev_write+0x10/0x10
[  187.059089][ T6557]  ? __pfx_evdev_write+0x10/0x10
[  187.059104][ T6557]  ? vfs_write+0x288/0xba0
[  187.059125][ T6557]  ? __pfx_evdev_write+0x10/0x10
[  187.059141][ T6557]  vfs_write+0x2a3/0xba0
[  187.059166][ T6557]  ? __pfx_vfs_write+0x10/0x10
[  187.059187][ T6557]  ? __fget_files+0x2a/0x420
[  187.059206][ T6557]  ? __fget_files+0x2a/0x420
[  187.059220][ T6557]  ? __fget_files+0x3a6/0x420
[  187.059235][ T6557]  ? __fget_files+0x2a/0x420
[  187.059257][ T6557]  ksys_write+0x156/0x270
[  187.059278][ T6557]  ? __pfx_ksys_write+0x10/0x10
[  187.059303][ T6557]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.059321][ T6557]  do_syscall_64+0x174/0x580
[  187.059341][ T6557]  ? trace_irq_disable+0x3b/0x140
[  187.059362][ T6557]  ? clear_bhb_loop+0x40/0x90
[  187.059381][ T6557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.059397][ T6557] RIP: 0033:0x7efecfa2ce59
[  187.059411][ T6557] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  187.059424][ T6557] RSP: 002b:00007efecdc86028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  187.059446][ T6557] RAX: ffffffffffffffda RBX: 00007efecfca5fa0 RCX: 00007efecfa2ce59
[  187.059458][ T6557] RDX: 000000000000ff0f RSI: 0000200000000040 RDI: 0000000000000003
[  187.059468][ T6557] RBP: 00007efecdc86090 R08: 0000000000000000 R09: 0000000000000000
[  187.059478][ T6557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.059487][ T6557] R13: 00007efecfca6038 R14: 00007efecfca5fa0 R15: 00007ffcd90b2f48
[  187.059511][ T6557]  </TASK>
[  187.260064][   T33] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  187.260093][   T33] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  187.260115][   T33] usb 4-1: config 220 has no interface number 2
[  187.260203][   T33] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  187.260232][   T33] usb 4-1: config 220 interface 0 has no altsetting 0
[  187.260251][   T33] usb 4-1: config 220 interface 76 has no altsetting 0
[  187.260271][   T33] usb 4-1: config 220 interface 1 has no altsetting 0
[  187.352541][   T33] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  187.352572][   T33] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.352593][   T33] usb 4-1: Product: syz
[  187.352608][   T33] usb 4-1: Manufacturer: syz
[  187.352623][   T33] usb 4-1: SerialNumber: syz
[  187.639838][   T33] usb 4-1: selecting invalid altsetting 0
[  187.648440][   T33] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  187.648477][   T33] uvcvideo 4-1:220.0: No valid video chain found.
[  187.703228][   T33] usb 4-1: selecting invalid altsetting 0
[  187.703269][   T33] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  187.735382][   T33] usb 4-1: USB disconnect, device number 13
[  187.821106][ T5616] Bluetooth: hci3: command 0x0c1a tx timeout
[  187.821152][ T5616] Bluetooth: hci2: command 0x0c1a tx timeout
[  187.821181][ T5616] Bluetooth: hci0: command 0x0c1a tx timeout
[  187.887062][ T6567] process 'syz.2.214' launched './file2' with NULL argv: empty string added
[  187.901038][ T5614] Bluetooth: hci1: command 0x0c1a tx timeout
[  187.934179][ T6560] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  187.934304][ T6560] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  188.019861][ T6560] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  188.020150][ T6560] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  188.031321][ T6560] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  188.114207][ T6571] program syz.1.216 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  188.214373][ T6574] =======================================================
[  188.214373][ T6574] WARNING: The mand mount option has been deprecated and
[  188.214373][ T6574]          and is ignored by this kernel. Remove the mand
[  188.214373][ T6574]          option from the mount to silence this warning.
[  188.214373][ T6574] =======================================================
[  188.214487][ T6574] cgroup: subsys name conflicts with all
[  188.347120][ T6579] comedi: No check for data length of config insn id 5 is implemented
[  188.347138][ T6579] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  188.347151][ T6579] comedi: Assuming n=7991 is correct
[  188.565743][   T33] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  188.719253][   T33] usb 4-1: config 0 has an invalid interface number: 255 but max is 0
[  188.719284][   T33] usb 4-1: config 0 has no interface number 0
[  188.736935][   T33] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  188.736969][   T33] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.736992][   T33] usb 4-1: Product: syz
[  188.737008][   T33] usb 4-1: Manufacturer: syz
[  188.737024][   T33] usb 4-1: SerialNumber: syz
[  188.738825][ T6590] FAULT_INJECTION: forcing a failure.
[  188.738825][ T6590] name failslab, interval 1, probability 0, space 0, times 0
[  188.738866][ T6590] CPU: 0 UID: 0 PID: 6590 Comm: syz.1.224 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  188.738890][ T6590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  188.738905][ T6590] Call Trace:
[  188.738913][ T6590]  <TASK>
[  188.738923][ T6590]  dump_stack_lvl+0xe8/0x150
[  188.738957][ T6590]  should_fail_ex+0x46b/0x600
[  188.738996][ T6590]  should_failslab+0xa8/0x100
[  188.739024][ T6590]  __kmalloc_noprof+0xfe/0x7e0
[  188.739049][ T6590]  ? tomoyo_encode+0x28b/0x550
[  188.739074][ T6590]  ? tomoyo_encode+0x28b/0x550
[  188.739106][ T6590]  tomoyo_encode+0x28b/0x550
[  188.739138][ T6590]  tomoyo_realpath_from_path+0x58d/0x5d0
[  188.739176][ T6590]  ? tomoyo_path_number_perm+0x219/0x630
[  188.739210][ T6590]  tomoyo_path_number_perm+0x246/0x630
[  188.739249][ T6590]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  188.739282][ T6590]  ? __lock_acquire+0x6b5/0x2d10
[  188.739315][ T6590]  ? do_raw_spin_lock+0x12b/0x2f0
[  188.739374][ T6590]  ? __fget_files+0x2a/0x420
[  188.739401][ T6590]  ? __fget_files+0x2a/0x420
[  188.739423][ T6590]  ? __fget_files+0x3a6/0x420
[  188.739445][ T6590]  ? __fget_files+0x2a/0x420
[  188.739472][ T6590]  security_file_ioctl+0xc3/0x2a0
[  188.739505][ T6590]  __se_sys_ioctl+0x47/0x170
[  188.739535][ T6590]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.739561][ T6590]  do_syscall_64+0x174/0x580
[  188.739590][ T6590]  ? trace_irq_disable+0x3b/0x140
[  188.739619][ T6590]  ? clear_bhb_loop+0x40/0x90
[  188.739647][ T6590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.739670][ T6590] RIP: 0033:0x7f90faecce59
[  188.739691][ T6590] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  188.739710][ T6590] RSP: 002b:00007f90f9126028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  188.739734][ T6590] RAX: ffffffffffffffda RBX: 00007f90fb145fa0 RCX: 00007f90faecce59
[  188.739750][ T6590] RDX: 0000200000001880 RSI: 00000000000007b1 RDI: 0000000000000003
[  188.739764][ T6590] RBP: 00007f90f9126090 R08: 0000000000000000 R09: 0000000000000000
[  188.739778][ T6590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.739792][ T6590] R13: 00007f90fb146038 R14: 00007f90fb145fa0 R15: 00007ffedaafc558
[  188.739833][ T6590]  </TASK>
[  188.739855][ T6590] ERROR: Out of memory at tomoyo_realpath_from_path.
[  188.855461][ T6592] program syz.0.225 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  189.042133][   T33] usb 4-1: config 0 descriptor??
[  189.085910][   T33] ch341 4-1:0.255: ch341-uart converter detected
[  189.286466][ T6576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  189.287106][ T6576] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  189.492185][ T6599] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  189.518177][ T6599] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  189.518415][ T6599] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  189.518620][ T6599] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  189.518724][ T6599] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  189.552656][ T5790] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  189.630720][   T33] usb 4-1: failed to send control message: -71
[  189.630790][   T33] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  189.678218][   T33] usb 4-1: USB disconnect, device number 14
[  189.690251][   T33] ch341 4-1:0.255: device disconnected
[  189.742701][ T5790] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  189.742734][ T5790] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  189.742755][ T5790] usb 1-1: config 220 has no interface number 2
[  189.742828][ T5790] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  189.742858][ T5790] usb 1-1: config 220 interface 0 has no altsetting 0
[  189.742879][ T5790] usb 1-1: config 220 interface 76 has no altsetting 0
[  189.742900][ T5790] usb 1-1: config 220 interface 1 has no altsetting 0
[  189.745971][ T5790] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  189.746001][ T5790] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.746022][ T5790] usb 1-1: Product: syz
[  189.746037][ T5790] usb 1-1: Manufacturer: syz
[  189.746053][ T5790] usb 1-1: SerialNumber: syz
[  190.081752][ T5790] usb 1-1: selecting invalid altsetting 0
[  190.118503][ T6611] FAULT_INJECTION: forcing a failure.
[  190.118503][ T6611] name failslab, interval 1, probability 0, space 0, times 0
[  190.118536][ T6611] CPU: 0 UID: 0 PID: 6611 Comm: syz.2.231 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  190.118557][ T6611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  190.118569][ T6611] Call Trace:
[  190.118576][ T6611]  <TASK>
[  190.118584][ T6611]  dump_stack_lvl+0xe8/0x150
[  190.118612][ T6611]  should_fail_ex+0x46b/0x600
[  190.118648][ T6611]  should_failslab+0xa8/0x100
[  190.118671][ T6611]  kmem_cache_alloc_node_noprof+0xae/0x710
[  190.118707][ T6611]  ? __alloc_skb+0x1d0/0x7d0
[  190.118728][ T6611]  ? __alloc_skb+0x1d0/0x7d0
[  190.118756][ T6611]  __alloc_skb+0x1d0/0x7d0
[  190.118775][ T6611]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  190.118798][ T6611]  netlink_sendmsg+0x5d4/0xb40
[  190.118831][ T6611]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.118867][ T6611]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  190.118892][ T6611]  ? aa_sock_msg_perm+0x122/0x200
[  190.118911][ T6611]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.118933][ T6611]  sock_sendmsg_nosec+0x13a/0x180
[  190.118962][ T6611]  ____sys_sendmsg+0x55c/0x870
[  190.118987][ T6611]  ? __pfx_____sys_sendmsg+0x10/0x10
[  190.119017][ T6611]  ? import_iovec+0x73/0xa0
[  190.119039][ T6611]  ___sys_sendmsg+0x2a5/0x360
[  190.119061][ T6611]  ? __lock_acquire+0x6b5/0x2d10
[  190.119089][ T6611]  ? __pfx____sys_sendmsg+0x10/0x10
[  190.119151][ T6611]  ? __fget_files+0x2a/0x420
[  190.119169][ T6611]  ? __fget_files+0x3a6/0x420
[  190.119194][ T6611]  __x64_sys_sendmsg+0x1b7/0x290
[  190.119219][ T6611]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  190.119253][ T6611]  ? __secure_computing+0xe1/0x2a0
[  190.119281][ T6611]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.119302][ T6611]  do_syscall_64+0x174/0x580
[  190.119326][ T6611]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.119346][ T6611]  ? clear_bhb_loop+0x40/0x90
[  190.119371][ T6611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.119390][ T6611] RIP: 0033:0x7f22dc09ce59
[  190.119408][ T6611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  190.119424][ T6611] RSP: 002b:00007f22da2ee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  190.119445][ T6611] RAX: ffffffffffffffda RBX: 00007f22dc315fa0 RCX: 00007f22dc09ce59
[  190.119459][ T6611] RDX: 0000000024000840 RSI: 0000200000009b40 RDI: 0000000000000004
[  190.119472][ T6611] RBP: 00007f22da2ee090 R08: 0000000000000000 R09: 0000000000000000
[  190.119484][ T6611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.119495][ T6611] R13: 00007f22dc316038 R14: 00007f22dc315fa0 R15: 00007ffeeb951df8
[  190.119523][ T6611]  </TASK>
[  190.119736][ T5790] uvcvideo 1-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  190.119768][ T5790] uvcvideo 1-1:220.0: No valid video chain found.
[  190.224236][ T5790] usb 1-1: selecting invalid altsetting 0
[  190.224277][ T5790] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  190.360753][ T5790] usb 1-1: USB disconnect, device number 8
[  190.656929][ T6619] FAULT_INJECTION: forcing a failure.
[  190.656929][ T6619] name failslab, interval 1, probability 0, space 0, times 0
[  190.656966][ T6619] CPU: 1 UID: 0 PID: 6619 Comm: syz.1.235 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  190.656991][ T6619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  190.657004][ T6619] Call Trace:
[  190.657012][ T6619]  <TASK>
[  190.657021][ T6619]  dump_stack_lvl+0xe8/0x150
[  190.657054][ T6619]  should_fail_ex+0x46b/0x600
[  190.657090][ T6619]  should_failslab+0xa8/0x100
[  190.657118][ T6619]  __kmalloc_noprof+0xfe/0x7e0
[  190.657142][ T6619]  ? sock_kmalloc+0xd6/0x160
[  190.657171][ T6619]  ? sock_kmalloc+0xd6/0x160
[  190.657205][ T6619]  sock_kmalloc+0xd6/0x160
[  190.657241][ T6619]  af_alg_alloc_areq+0x8c/0x200
[  190.657273][ T6619]  skcipher_recvmsg+0x315/0xe10
[  190.657324][ T6619]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  190.657353][ T6619]  ? __lock_acquire+0x6b5/0x2d10
[  190.657387][ T6619]  ? aa_sock_msg_perm+0x122/0x200
[  190.657410][ T6619]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  190.657440][ T6619]  sock_recvmsg_nosec+0x130/0x170
[  190.657479][ T6619]  ____sys_recvmsg+0x23d/0x4f0
[  190.657518][ T6619]  ? __pfx_____sys_recvmsg+0x10/0x10
[  190.657564][ T6619]  ? import_iovec+0x73/0xa0
[  190.657599][ T6619]  ___sys_recvmsg+0x215/0x5a0
[  190.657635][ T6619]  ? __pfx____sys_recvmsg+0x10/0x10
[  190.657669][ T6619]  ? __fget_files+0x2a/0x420
[  190.657711][ T6619]  ? __fget_files+0x3a6/0x420
[  190.657745][ T6619]  __x64_sys_recvmsg+0x1b4/0x290
[  190.657777][ T6619]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  190.657827][ T6619]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.657852][ T6619]  do_syscall_64+0x174/0x580
[  190.657880][ T6619]  ? trace_irq_disable+0x3b/0x140
[  190.657908][ T6619]  ? clear_bhb_loop+0x40/0x90
[  190.657937][ T6619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.657959][ T6619] RIP: 0033:0x7f90faecce59
[  190.657980][ T6619] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  190.657998][ T6619] RSP: 002b:00007f90f9126028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  190.658022][ T6619] RAX: ffffffffffffffda RBX: 00007f90fb145fa0 RCX: 00007f90faecce59
[  190.658039][ T6619] RDX: 0000000000000022 RSI: 0000200000002ac0 RDI: 0000000000000004
[  190.658053][ T6619] RBP: 00007f90f9126090 R08: 0000000000000000 R09: 0000000000000000
[  190.658067][ T6619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.658081][ T6619] R13: 00007f90fb146038 R14: 00007f90fb145fa0 R15: 00007ffedaafc558
[  190.658118][ T6619]  </TASK>
[  191.091178][ T5790] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  191.210815][ T6628] comedi comedi3: pcl726: I/O base address or length out of range
[  191.262000][ T5790] usb 4-1: config 0 has an invalid interface number: 107 but max is 0
[  191.262031][ T5790] usb 4-1: config 0 has no interface number 0
[  191.262090][ T5790] usb 4-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  191.304373][ T5790] usb 4-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[  191.304405][ T5790] usb 4-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  191.304426][ T5790] usb 4-1: Product: syz
[  191.304441][ T5790] usb 4-1: Manufacturer: syz
[  191.304457][ T5790] usb 4-1: SerialNumber: syz
[  191.340566][ T5790] usb 4-1: config 0 descriptor??
[  191.422814][ T6626] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  191.423037][ T6626] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  191.423224][ T6626] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  191.423467][ T6626] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  191.509384][ T6626] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  191.564552][ T5790] keyspan 4-1:0.107: Keyspan 4 port adapter converter detected
[  191.565015][ T5790] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 81
[  191.592352][ T5790] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 1
[  191.598190][ T6635] netlink: 'syz.2.241': attribute type 1 has an invalid length.
[  191.598211][ T6635] netlink: 12 bytes leftover after parsing attributes in process `syz.2.241'.
[  191.714946][ T5790] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  191.733724][ T5790] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 2
[  191.821671][ T5790] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  191.849436][ T5790] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 4
[  191.869432][ T5790] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  191.882829][   T33] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  191.886461][ T5790] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 6
[  191.908895][ T5790] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  191.948157][ T5790] usb 4-1: USB disconnect, device number 15
[  192.011538][ T5790] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  192.036522][   T33] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[  192.036552][   T33] usb 1-1: config 0 has no interface number 0
[  192.040416][   T33] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  192.040445][   T33] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.040466][   T33] usb 1-1: Product: syz
[  192.040494][   T33] usb 1-1: Manufacturer: syz
[  192.040511][   T33] usb 1-1: SerialNumber: syz
[  192.126292][   T33] usb 1-1: config 0 descriptor??
[  192.129958][ T5790] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  192.207400][   T33] ch341 1-1:0.255: ch341-uart converter detected
[  192.238230][ T5790] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  192.377746][ T5790] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  192.413457][ T6638] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.414468][ T6638] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.417089][ T5790] keyspan 4-1:0.107: device disconnected
[  192.720017][   T33] usb 1-1: failed to send control message: -71
[  192.720079][   T33] ch341-uart ttyUSB4: probe with driver ch341-uart failed with error -71
[  192.745807][   T33] usb 1-1: USB disconnect, device number 9
[  192.760789][   T33] ch341 1-1:0.255: device disconnected
[  192.802272][ T5790] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  193.026784][ T6640] kexec: Could not allocate control_code_buffer
[  193.097471][ T5790] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  193.097503][ T5790] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  193.097526][ T5790] usb 4-1: config 220 has no interface number 2
[  193.097600][ T5790] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  193.097631][ T5790] usb 4-1: config 220 interface 0 has no altsetting 0
[  193.097660][ T5790] usb 4-1: config 220 interface 76 has no altsetting 0
[  193.097686][ T5790] usb 4-1: config 220 interface 1 has no altsetting 0
[  193.100733][ T5790] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  193.100765][ T5790] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.100787][ T5790] usb 4-1: Product: syz
[  193.100804][ T5790] usb 4-1: Manufacturer: syz
[  193.100819][ T5790] usb 4-1: SerialNumber: syz
[  193.448897][ T6658] binder: 6654:6658 ioctl c0306201 0 returned -14
[  193.462889][ T5790] usb 4-1: selecting invalid altsetting 0
[  193.463321][ T5790] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  193.463355][ T5790] uvcvideo 4-1:220.0: No valid video chain found.
[  193.502453][ T5616] Bluetooth: hci3: command 0x0c1a tx timeout
[  193.502496][ T5616] Bluetooth: hci2: command 0x0c1a tx timeout
[  193.502528][ T5616] Bluetooth: hci0: command 0x0c1a tx timeout
[  193.553639][ T5790] usb 4-1: selecting invalid altsetting 0
[  193.553683][ T5790] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  193.587783][ T5619] Bluetooth: hci1: command 0x0c1a tx timeout
[  193.626875][ T5790] usb 4-1: USB disconnect, device number 16
[  193.633131][ T1247] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  193.641375][ T6653] binder: 6652:6653 ioctl c0306201 0 returned -14
[  193.787306][ T6662] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  193.787388][ T6662] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  193.807652][ T1247] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  193.807684][ T1247] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.807707][ T1247] usb 2-1: Product: syz
[  193.807724][ T1247] usb 2-1: Manufacturer: syz
[  193.807740][ T1247] usb 2-1: SerialNumber: syz
[  193.860014][ T1247] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  193.936044][ T6662] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  193.936282][ T6662] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  193.936479][ T6662] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  194.073399][ T1246] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  194.310314][   T33] usb 2-1: USB disconnect, device number 13
[  194.346562][ T1246] usb 2-1: ath9k_htc: Unable to allocate URBs
[  194.362073][   T33] usb 2-1: ath9k_htc: USB layer deinitialized
[  194.560997][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  194.580999][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  194.591015][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  194.601000][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  194.611018][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  194.621008][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  194.631040][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  194.641000][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  194.741141][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  194.760997][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  195.215546][ T1247] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  195.552765][ T1247] usb 3-1: Using ep0 maxpacket: 16
[  195.571741][ T1247] usb 3-1: config 3 has no interfaces?
[  195.598598][ T1247] usb 3-1: New USB device found, idVendor=0856, idProduct=ac44, bcdDevice=63.5b
[  195.598632][ T1247] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.598655][ T1247] usb 3-1: Product: syz
[  195.598671][ T1247] usb 3-1: Manufacturer: syz
[  195.598687][ T1247] usb 3-1: SerialNumber: syz
[  195.821682][ T5619] Bluetooth: hci3: command 0x0c1a tx timeout
[  195.981197][   T61] Bluetooth: hci2: command 0x0c1a tx timeout
[  195.981327][ T5614] Bluetooth: hci1: command 0x0c1a tx timeout
[  195.981481][ T5619] Bluetooth: hci0: command 0x0c1a tx timeout
[  196.223295][ T5754] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  196.312317][ T1247] usb 3-1: USB disconnect, device number 9
[  196.416444][ T5754] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[  196.416476][ T5754] usb 1-1: config 0 has no interface number 0
[  196.435310][ T5754] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  196.435345][ T5754] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.435368][ T5754] usb 1-1: Product: syz
[  196.435383][ T5754] usb 1-1: Manufacturer: syz
[  196.435400][ T5754] usb 1-1: SerialNumber: syz
[  196.505584][ T5754] usb 1-1: config 0 descriptor??
[  196.527388][ T5754] ch341 1-1:0.255: ch341-uart converter detected
[  196.867199][ T6707] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  196.892809][ T6707] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.168480][ T5754] usb 1-1: failed to send control message: -71
[  197.168544][ T5754] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  197.203981][ T5754] usb 1-1: USB disconnect, device number 10
[  197.230725][ T5754] ch341 1-1:0.255: device disconnected
[  197.301201][ T5791] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  197.342259][ T5619] ==================================================================
[  197.342276][ T5619] BUG: KASAN: vmalloc-out-of-bounds in __list_del_entry_valid_or_report+0xb5/0x190
[  197.342319][ T5619] Read of size 8 at addr ffffc90005571008 by task kworker/u9:5/5619
[  197.342338][ T5619] 
[  197.342354][ T5619] CPU: 0 UID: 0 PID: 5619 Comm: kworker/u9:5 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  197.342384][ T5619] Tainted: [L]=SOFTLOCKUP
[  197.342392][ T5619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  197.342408][ T5619] Workqueue: hci1 hci_rx_work
[  197.342434][ T5619] Call Trace:
[  197.342443][ T5619]  <TASK>
[  197.342453][ T5619]  dump_stack_lvl+0xe8/0x150
[  197.342479][ T5619]  print_address_description+0x55/0x1e0
[  197.342509][ T5619]  ? __list_del_entry_valid_or_report+0xb5/0x190
[  197.342543][ T5619]  print_report+0x58/0x70
[  197.342570][ T5619]  kasan_report+0x117/0x150
[  197.342593][ T5619]  ? rt_spin_lock+0x20e/0x400
[  197.342616][ T5619]  ? __list_del_entry_valid_or_report+0xb5/0x190
[  197.342655][ T5619]  __list_del_entry_valid_or_report+0xb5/0x190
[  197.342691][ T5619]  kcov_remote_start+0x2af/0x710
[  197.342722][ T5619]  hci_rx_work+0x10f/0x1040
[  197.342750][ T5619]  ? process_one_work+0x8be/0x1630
[  197.342782][ T5619]  process_one_work+0x98b/0x1630
[  197.342825][ T5619]  ? __pfx_process_one_work+0x10/0x10
[  197.342855][ T5619]  ? do_raw_spin_lock+0x12b/0x2f0
[  197.342887][ T5619]  worker_thread+0xb49/0x1140
[  197.342935][ T5619]  kthread+0x388/0x470
[  197.342960][ T5619]  ? __pfx_worker_thread+0x10/0x10
[  197.342993][ T5619]  ? __pfx_kthread+0x10/0x10
[  197.343018][ T5619]  ret_from_fork+0x514/0xb70
[  197.343047][ T5619]  ? __pfx_ret_from_fork+0x10/0x10
[  197.343074][ T5619]  ? __switch_to+0xc79/0x1410
[  197.343098][ T5619]  ? __pfx_kthread+0x10/0x10
[  197.343132][ T5619]  ret_from_fork_asm+0x1a/0x30
[  197.343170][ T5619]  </TASK>
[  197.343178][ T5619] 
[  197.343184][ T5619] The buggy address belongs to a vmalloc virtual mapping
[  197.343202][ T5619] Memory state around the buggy address:
[  197.343215][ T5619]  ffffc90005570f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  197.343230][ T5619]  ffffc90005570f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  197.343246][ T5619] >ffffc90005571000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  197.343257][ T5619]                       ^
[  197.343268][ T5619]  ffffc90005571080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  197.343283][ T5619]  ffffc90005571100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  197.343295][ T5619] ==================================================================
[  197.343326][ T5619] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  197.343345][ T5619] CPU: 0 UID: 0 PID: 5619 Comm: kworker/u9:5 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  197.343375][ T5619] Tainted: [L]=SOFTLOCKUP
[  197.343383][ T5619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  197.343398][ T5619] Workqueue: hci1 hci_rx_work
[  197.343420][ T5619] Call Trace:
[  197.343428][ T5619]  <TASK>
[  197.343437][ T5619]  vpanic+0x56c/0xa60
[  197.343468][ T5619]  ? rcu_is_watching+0x15/0xb0
[  197.343500][ T5619]  ? __pfx_vpanic+0x10/0x10
[  197.343540][ T5619]  panic+0xc5/0xd0
[  197.343571][ T5619]  ? __pfx_panic+0x10/0x10
[  197.343603][ T5619]  ? __list_del_entry_valid_or_report+0xb5/0x190
[  197.343644][ T5619]  ? __list_del_entry_valid_or_report+0xb5/0x190
[  197.343678][ T5619]  check_panic_on_warn+0x89/0xb0
[  197.343706][ T5619]  ? __list_del_entry_valid_or_report+0xb5/0x190
[  197.343740][ T5619]  end_report+0x73/0x170
[  197.343764][ T5619]  ? __list_del_entry_valid_or_report+0xb5/0x190
[  197.343800][ T5619]  kasan_report+0x128/0x150
[  197.343822][ T5619]  ? rt_spin_lock+0x20e/0x400
[  197.343844][ T5619]  ? __list_del_entry_valid_or_report+0xb5/0x190
[  197.343883][ T5619]  __list_del_entry_valid_or_report+0xb5/0x190
[  197.343919][ T5619]  kcov_remote_start+0x2af/0x710
[  197.343946][ T5619]  hci_rx_work+0x10f/0x1040
[  197.343974][ T5619]  ? process_one_work+0x8be/0x1630
[  197.344004][ T5619]  process_one_work+0x98b/0x1630
[  197.344046][ T5619]  ? __pfx_process_one_work+0x10/0x10
[  197.344076][ T5619]  ? do_raw_spin_lock+0x12b/0x2f0
[  197.344107][ T5619]  worker_thread+0xb49/0x1140
[  197.344160][ T5619]  kthread+0x388/0x470
[  197.344184][ T5619]  ? __pfx_worker_thread+0x10/0x10
[  197.344216][ T5619]  ? __pfx_kthread+0x10/0x10
[  197.344241][ T5619]  ret_from_fork+0x514/0xb70
[  197.344267][ T5619]  ? __pfx_ret_from_fork+0x10/0x10
[  197.344293][ T5619]  ? __switch_to+0xc79/0x1410
[  197.344315][ T5619]  ? __pfx_kthread+0x10/0x10
[  197.344340][ T5619]  ret_from_fork_asm+0x1a/0x30
[  197.344376][ T5619]  </TASK>
[  197.344972][ T5619] Kernel Offset: disabled