last executing test programs:

17.282114725s ago: executing program 0 (id=843):
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000000)=0x201, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="1cef2b1e19f52c89d5bd70c2000000", @ANYRES32=0x0, @ANYBLOB="3bd25e4421c000000017ef91ee618f1ee200a97d1b13d3097862ec3ce95c7e723da2b68f128a2ab523a661eee50bf73e0dc2627eda0800000000000000baeb73ef78ef3f37b9fdf7578981", @ANYRESOCT=r0, @ANYRES64=<r1=>r0], 0x1c}, 0x1, 0x0, 0x0, 0x20044080}, 0x0)
r2 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000000000407d1e9c3100000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000400)={0x2c, &(0x7f0000000180)=ANY=[@ANYRES8=r1, @ANYRES16=r2, @ANYRESHEX=0x0], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000000a40)={0x84, &(0x7f0000000480)=ANY=[@ANYBLOB="200b040000003fe37a4ace976d1574ccf305e67cb8bfbe0d3974439b9a1cc84f12f4190ffd5bacae7f6a0bccc59b60760f7724919aedc29853dd0d375410ed3cf4157e13e9412d408689fea2952e3877caf5888d174f1198385189baeb5611ad31e02d7574"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_procfs(0x0, &(0x7f00000007c0)='numa_maps\x00')
r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0)
flock(r3, 0x2)
fsetxattr$trusted_overlay_nlink(r3, &(0x7f00000000c0), &(0x7f0000000140)={'L+', 0x6}, 0x16, 0x3)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
shmctl$IPC_STAT(0x0, 0x2, 0x0)
r4 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f00000001c0))
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r5, &(0x7f0000000100)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r5, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee", 0x4b}], 0x1}}], 0x1, 0x20008000)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x4000000000001, 0x0, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_tcp_TLS_TX(r5, 0x6, 0x1, &(0x7f0000000080)=@gcm_128={{}, "9005451377480361", "bbad434d19477339418b5b79f10c141a", "dc717b03", "72f2ea1a3290afcc"}, 0x28)
socket$packet(0x11, 0x2, 0x300)
sendto$packet(r4, &(0x7f0000000080)="a9ac40842059d80cd9b51a420b909d9cbd5cd55920086c1da9fbc07cc14b2ba1bb9f438978081d52ff4c4eabffc4ff0107a5e7b0784f23ac0cf588970a6b9b159a63b8d9bcc8be1f641ceace97ccc02fc692cfb5cba0401c9839474afff8852904713ee41ff3a169f67f1ab4530f914e5760fbc65ac7e1d5f9fb85dbedc8a0e3d2f2b0091536475e541dfee38bfb16a087ed10959bec617e37b6574cd61e077e9e1bd5", 0xa3, 0x1, &(0x7f0000000140)={0x11, 0x15, 0x0, 0x1, 0x4, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}}, 0x14)

11.552100256s ago: executing program 0 (id=865):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x6, 0x8, 0x8, 0x40}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000ff90850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

11.178507243s ago: executing program 0 (id=869):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000bdf7130870270c936a8d010203010902120001000000000904"], 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x34, &(0x7f00000000c0), 0x4)

9.185764694s ago: executing program 0 (id=883):
sched_setscheduler(0x0, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x3414, &(0x7f0000006680))
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x153)

5.118740499s ago: executing program 3 (id=907):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = memfd_create(&(0x7f00000002c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f^\xd5\xfd\xa9\r\xac7A\x94\xeb\xcd\t\x00\x90k\xd6\x05\r\x84\x87\x1c\b\x8c`\xea\x13A\x90m\xb6&\xd0\x9daA\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2_\xdb\xc0\x8b\x19\x17\xb7Rvd\xcb:\b\xeeC0\xa3\xa6\xcf\x00\x00\xac\xc5h&+\t\x98\'\xfd|\x11\x99\xa2*6{\xd2C>2\x0e\"\xbc\xda\xee\xb0\xd8\xbf\xaf)\xf58c\x189K\x82\xd1(\xceY*\xcb\x9b\xbdn\x8e\x98m\x10L\xec\xfdWF\x7fj\x19\xb8<\xd2\x9d\xf0\xe9Qy\xe32\xed\x16f\xfe&\x1a\xdb\xeb\xad\xaaE\b\xa9\xf8\xa9s\xc4d\xd4\x03\xf1\xb7xO\x99\x804m[Ai\x13\x02\xf0\x84c2s\xd5P\t`\x9b\x12&\x8cx\x8eg\x9d\xe6g', 0x0)
ftruncate(r2, 0x7)
splice(r2, 0x0, r1, 0x0, 0x100002, 0x9)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000001680))
r4 = eventfd2(0x0, 0x1)
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000001c0)={0x0, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0x1000})
memfd_create(&(0x7f00000002c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9\xd6\x1c\x1b*\x9a!?\x7f\xa5\xad\x9a,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{&\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+\x02\x00\x00\x00\x00\x00\x00\x00\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5', 0x2)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x83, &(0x7f0000000480)={0x0, 0x2}, 0x8)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000000)={0x0, r4})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f00000000c0)=0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
pipe2$9p(&(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x4800)
tee(r0, r7, 0x81, 0xb)
vmsplice(r6, &(0x7f0000000140)=[{&(0x7f00000000c0)="6404733134642d", 0x7}], 0x1, 0x6)
futex(&(0x7f0000000500)=0x2, 0x8c, 0x1, 0x0, 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e21, 0x2, @empty, 0x6}], 0x1c)
listen(r8, 0x10000003)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r9, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e24, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x4000094}, 0x81)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r9, 0x84, 0x7b, &(0x7f00000001c0)={0x0, 0x1}, 0x8)
dup(r9)

4.688853771s ago: executing program 0 (id=914):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x400, 0x0)
mount(&(0x7f0000000000)=@filename='./file0\x00', &(0x7f0000000080)='.\x00', &(0x7f0000000040)='ocfs2_dlmfs\x00', 0x0, 0x0)
r1 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
write$smack_current(r1, 0x0, 0x3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
sync()
timerfd_settime(0xffffffffffffffff, 0x2, &(0x7f0000000000)={{0x0, 0x989680}}, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000040)={'das08_isa\x00', [0x3, 0x1ff, 0x7ff, 0x2, 0x3, 0x8, 0x3, 0x3, 0x6, 0xa4, 0x6, 0x3, 0x3, 0x0, 0x7f, 0x0, 0x80000001, 0x5, 0x80000001, 0x14, 0xd111, 0x3, 0x212, 0x2, 0x6, 0x3, 0x101, 0x0, 0x4d99, 0x5, 0x6, 0x2]})
r2 = syz_usb_connect(0x0, 0x202, &(0x7f0000000180)=ANY=[@ANYBLOB="1201100152018b401e040740185d000000010902f00101040000030904"], 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
syz_usb_control_io$hid(r2, 0x0, &(0x7f0000000040)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="1cd926ede8390f21"], 0x0, 0x0, 0x0, 0x0})
ioctl$COMEDI_CMDTEST(r0, 0x8050640a, 0x0)

3.870675743s ago: executing program 3 (id=919):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r0)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x3c, r1, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x5}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x3c}}, 0x48040) (fail_nth: 1)

3.255332269s ago: executing program 3 (id=923):
socket(0x1d, 0x2, 0x6)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$inet(0x2, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$XFS_IOC_PATH_TO_FSHANDLE(r0, 0xc0385868, &(0x7f0000000140)={<r3=>r1, &(0x7f0000000000)='\x00', 0xc800, &(0x7f0000000040)={@_ha_fsid={[0x3, 0x4]}, {0xe579, 0xffff, 0x6, 0x2}}, 0x1760, &(0x7f0000000080), &(0x7f0000000100)=0x400})
r4 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_emit_ethernet(0x46, &(0x7f0000000140)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c6dd00", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x89, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x4100}}}}}}, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0})
sendto$inet(r3, &(0x7f0000000180)="2d6c684d4d7d4c6cbc85a144e8dcdaf0d3d86f4b755c72d19bb99223ec6185e94ecbe4b90ae3a492ae71cba37eff88250d", 0x31, 0x4, 0x0, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000240)={&(0x7f0000000200), 0x0, 0x2})
socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdbfe, 0x8}, 0xc)
socket$can_raw(0x1d, 0x3, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$tipc(0x1e, 0x2, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES16=r5], 0xc4}}, 0x0)

3.085966413s ago: executing program 4 (id=925):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/mem_sleep', 0x82, 0x10a)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_FM_4OP_ENABLE(r0, 0x4004510f, &(0x7f0000000040)=0x7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000380)='syz_tun\x00', 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002280)={{0x14}, [@NFT_MSG_NEWRULE={0x1c, 0x6, 0xa, 0x101, 0x0, 0x0, {0xed797bdc502434b, 0x0, 0x3}, [@NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x1}]}], {0x14}}, 0x44}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r3, 0x10000)
sendfile(r1, r3, 0x0, 0x7ffff004)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x5, &(0x7f0000000080)=[{0xc14, 0x90, 0x80, 0xffff}, {0x81, 0x4, 0x90, 0x1}, {0x7f, 0x0, 0x9, 0x3}, {0x7, 0xe, 0x4, 0x1}, {0x81, 0x80, 0x1, 0x5}]})
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000002140)={0xa, 0x4e25, 0x1, @mcast2, 0x5}, 0x1c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000005200016605bd7000"], 0x1c}}, 0x20040000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffb"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r5, 0xfeffff, 0x1c0, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)

3.011507564s ago: executing program 3 (id=928):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
r1 = socket(0x2000000000000021, 0x2, 0x2)
shutdown(r1, 0x2)
setsockopt$RXRPC_SECURITY_KEYRING(r1, 0x110, 0x2, 0x0, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x20802, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0) (async)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000380)={'syzkaller0\x00'})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) (async)
setsockopt(0xffffffffffffffff, 0xc, 0x7f, 0x0, 0x0) (async)
ioctl$sock_netdev_private(r6, 0x8914, &(0x7f0000000000)) (async)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$sock_rose_SIOCADDRT(r4, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) (async)
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r7, 0x890b, &(0x7f00000007c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x5, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bpq0, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null, @null, @null, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}) (async)
connect$rose(r7, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @null}, 0x1c) (async)
connect$rose(r7, &(0x7f00000000c0)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x3, [@bcast, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x40) (async)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) (async)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) (async)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0) (async)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'wrr\x00', 0x15, 0xff, 0xf}, 0x2c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYRES8=r2, @ANYBLOB="0315000000000000480012800b0001006772657461700000380002800400120008001500d570020005", @ANYRES32, @ANYBLOB, @ANYRES32], 0x78}, 0x1, 0x0, 0x0, 0x24000891}, 0x0)

2.747077968s ago: executing program 4 (id=932):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2649baca85309be96d5a45bbbdb5ff7ffffffd075b3eee14473f51be98db7efbb059842badcfc81364470e8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c11071adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee988ea2dbee528678eb47efb7b3f19046c6f1bd1bf56e5853ed96137f95b3a11954ed1c8a8676468cf2405e48723d4b1ff"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x1000, &(0x7f0000001400)=""/4106, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x2ffc, @private0, 0x8001}}, 0x0, 0xffff, 0x6, 0x0, 0x11, 0x0, 0x2}, 0x9c)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$alg(0x26, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_sctp(0x2, 0x5, 0x84)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240), 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
userfaultfd(0x1)
socket$kcm(0x29, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, &(0x7f0000000840), &(0x7f0000000880)=r2}, 0x20)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r2, r4, 0x25, 0x2}, 0x14)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[], 0x0)

2.744537527s ago: executing program 3 (id=933):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket(0x2000000000000021, 0x2, 0x2)
socket(0x400000000010, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r0, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @null}, 0x1c)
connect$rose(r0, &(0x7f00000000c0)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x3, [@bcast, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x40) (fail_nth: 1)

2.339855412s ago: executing program 3 (id=936):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xd, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x3)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0xffe0) (fail_nth: 1)

2.264225223s ago: executing program 4 (id=938):
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x10000, 0x106, 0x21}, 0x18)
fchmodat(r0, &(0x7f0000000080)='./file0\x00', 0x108)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x2000, 0x2, &(0x7f00008a7000/0x2000)=nil)
mprotect(&(0x7f00005aa000/0x13000)=nil, 0x13000, 0x1000000)

2.04788083s ago: executing program 4 (id=941):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000380), 0x4)
setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040)={{}, 0x6d}, 0x10)

1.669768962s ago: executing program 4 (id=945):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000000), 0x4)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r1, 0xc0285628, &(0x7f0000000080)={0x1, @win={{0x2, 0x8000}, 0x9, 0x0, &(0x7f0000000040)={{0x51, 0x0, 0xfffffffd}}, 0x0, 0x0, 0x40}})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000002c0)=0x4553, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r6 = fanotify_init(0x40, 0x1)
fsopen(0x0, 0x1)
fchdir(0xffffffffffffffff)
readv(r6, &(0x7f00000003c0), 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0xa880, 0x97)
fanotify_mark(r6, 0x1, 0x40001019, r7, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
sendmmsg$inet(r2, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x8, 0x32, 0xffffffffffffffff, 0x0)
recvfrom(r2, &(0x7f0000000200)=""/131, 0xf92e58a67d38802c, 0x2101, 0x0, 0x0)
r8 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x22902, 0x0)
ioctl$FBIOBLANK(r8, 0x4611, 0x3)
ioctl$FBIO_WAITFORVSYNC(r8, 0x40044620, 0x0)

1.587416305s ago: executing program 1 (id=947):
unshare(0x2000400)
readv(0xffffffffffffffff, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffff9c, 0x0, 0x800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
prctl$PR_SET_THP_DISABLE(0x29, 0x1)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001800)=ANY=[@ANYBLOB="180000002500010324bd7002ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0)
recvmmsg(r5, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}, 0xac}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000480)=""/92, 0x5c}, {&(0x7f00000018c0)=""/4108, 0x100c}, {&(0x7f0000001680)=""/109, 0x6d}, {&(0x7f0000001740)=""/72, 0x48}, {&(0x7f00000005c0)=""/61, 0x3d}], 0x5}, 0x7}, {{0x0, 0x0, 0x0}, 0xd3a7}, {{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x8000005}, {{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x10001}, {{0x0, 0x0, 0x0}, 0xa9e5}], 0x4000000000003c4, 0x2000, 0x0)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000000)='batadv_slave_0\x00', 0x10)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x40000095, 0x0, 0xfffffffffffffffd}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x49, &(0x7f0000000040)=0x7fff, 0x4)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000280)=0x11)
ioctl$TCSETS(r7, 0x89f2, 0x0)

1.428595459s ago: executing program 1 (id=948):
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffee0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001d00000020000180140002006e657464657673696d30000000000000080003"], 0x34}}, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
readv(r2, &(0x7f00000006c0)=[{&(0x7f0000002480)=""/4110, 0x100e}], 0x1)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000200), 0x40, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x2)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000640)=[{&(0x7f00000004c0)="580000001500add427323b472545b45602117fffffff81004e230e227f000001925aa800207d7b00090080007f000001e809000000ff0000f03ac710aa7d0000ffffffffffffffffff5d1001870000000000000200000000", 0x58}], 0x1)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000580)={'syztnl2\x00', &(0x7f0000000500)={'gretap0\x00', <r7=>0x0, 0x40, 0x66, 0xc2c5, 0xfff, {{0xc, 0x4, 0x3, 0x12, 0x30, 0x68, 0x0, 0x2d, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x11}, @multicast1, {[@rr={0x7, 0x1b, 0xcb, [@multicast1, @private=0xa010100, @loopback, @loopback, @broadcast, @dev={0xac, 0x14, 0x14, 0x3a}]}]}}}}})
sendmsg$nl_route(r3, &(0x7f0000001280)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001240)={&(0x7f0000001040)=@mpls_getroute={0x1dc, 0x1a, 0x100, 0x70bd28, 0x25dfdbfd, {0x1c, 0x10, 0x14, 0xda, 0xff, 0x0, 0xc8, 0xb, 0x1500}, [@RTA_NEWDST={0x84, 0x13, [{0x1}, {0x8}, {0x560}, {0x8, 0x0, 0x1}, {0x9}, {0xa}, {0x7ff}, {}, {0x5}, {0x5}, {0x8, 0x0, 0x1}, {0x7ff}, {0x5, 0x0, 0x1}, {0x9, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0xbc5f9, 0x0, 0x1}, {0x6}, {0x3}, {0x10, 0x0, 0x1}, {0x7f, 0x0, 0x1}, {0x800}, {0x6}, {0x1}, {0xffff7}, {0x5, 0x0, 0x1}, {0x3}, {0x8, 0x0, 0x1}, {0xe9ac, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0x1}, {0x8}, {0x9, 0x0, 0x1}]}, @RTA_NEWDST={0x84, 0x13, [{0xe}, {0x6c5, 0x0, 0x1}, {0xfff}, {0x4, 0x0, 0x1}, {0x7}, {0xffffb, 0x0, 0x1}, {0x7f, 0x0, 0x1}, {0x3}, {0x29b3}, {0x8, 0x0, 0x1}, {0x5}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x9}, {0x6, 0x0, 0x1}, {0x29}, {0x1ff, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0x9}, {0x81}, {0xffff, 0x0, 0x1}, {0x6, 0x0, 0x1}, {0x986}, {0x63}, {0x3}, {}, {0x1}, {0x1}, {0xa33}, {0x3}, {0x10}, {0x1}]}, @RTA_DST={0x8, 0x1, {0xfff}}, @RTA_TTL_PROPAGATE={0x5, 0x1a, 0x9}, @RTA_NEWDST={0x84, 0x13, [{0xfff, 0x0, 0x1}, {0x8, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x4, 0x0, 0x1}, {0xc}, {0x0, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0x2, 0x0, 0x1}, {0x8, 0x0, 0x1}, {0x7}, {0x0, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x800, 0x0, 0x1}, {0x4}, {0x80, 0x0, 0x1}, {0x3}, {0x8}, {0x4, 0x0, 0x1}, {0xf}, {}, {0x9}, {0x69}, {0x9}, {0x8001, 0x0, 0x1}, {0x7}, {0x5, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x8}, {0x10}, {0xc, 0x0, 0x1}]}, @RTA_TTL_PROPAGATE={0x5, 0x1a, 0x2}, @RTA_OIF={0x8, 0x4, r7}, @RTA_VIA={0x14, 0x12, {0x5643c3a721933bb1, "1f9c95d84dffdb188c64a242dc1d"}}]}, 0x1dc}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000b40)={{0x9, 0x4, 0x6, 0x80, 'syz1\x00', 0x7}, 0x1, [0x1, 0x2, 0x3, 0x400, 0x2, 0x0, 0x0, 0x71, 0x10001, 0x200, 0x6, 0x7, 0x5, 0x3, 0x8, 0x400, 0x5, 0x0, 0x8, 0x8, 0x81, 0x5f, 0x400, 0x2e98, 0x9c6, 0x2, 0xc, 0x4, 0x3, 0x8, 0xfffffffffffffff9, 0x5, 0x883, 0x8, 0xfff, 0x2, 0x1c000000, 0x59, 0x5, 0x6, 0x3, 0x5, 0x2863, 0x1, 0x9, 0x8001, 0xff, 0x7ff, 0x6, 0x7, 0x100000001, 0x8, 0x85, 0x196, 0x5, 0x0, 0x6, 0x8, 0x80, 0x6, 0x0, 0x4, 0x26e, 0x7, 0x9, 0xe00000000000, 0x0, 0x2, 0x7, 0x7b29835e, 0x10, 0x7000, 0x2, 0x8000, 0xfffffffffffffffb, 0x2, 0x7f, 0x9, 0x6, 0x91f0, 0x3, 0x9, 0x2, 0x8000, 0xdc5, 0x3, 0x7fffffffffffffff, 0xaa, 0x9, 0x8, 0x5, 0x9, 0x2, 0x3, 0x7a000000, 0x4, 0x10, 0x9, 0x1, 0x40, 0x1, 0x9, 0x87, 0x1000, 0x7, 0x1, 0x7fffffff, 0xfff, 0x6, 0x594, 0x3ff, 0x6, 0x1, 0x7fff, 0x7, 0x80000001, 0x2, 0x5, 0x40, 0x0, 0x2, 0xd, 0x100000000, 0x2, 0x6, 0x100000000, 0x10001, 0x80000001]})
read$char_usb(0xffffffffffffffff, &(0x7f0000000a80)=""/188, 0xba)
syz_usb_disconnect(0xffffffffffffffff)

1.339634126s ago: executing program 2 (id=949):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x183001, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ff1000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r2 = io_uring_setup(0x1c6c, &(0x7f0000000040)={0x0, 0xaebb, 0xd000, 0x20000a, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40005}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0xb, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x2, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04d, 0xffff, 0x80000000, 0xbb2, 0xffffffffffffffff, 0x4000000006, 0x0, 0x100, 0x4, 0x2, 0x80005, 0x3, 0xc, 0xb})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f0000000180)=r3, 0x4)
sendmsg$inet(r4, &(0x7f0000000140)={&(0x7f0000000100)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="2c000000000000000000000007000000441c0503e0"], 0x30}, 0x40880)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000280)={0xfffffffb, {{0x2, 0x4e21, @empty}}, {{0x2, 0x4e22, @private=0xa010102}}}, 0x108)
setsockopt$inet_int(r5, 0x0, 0x6, &(0x7f0000000200)=0x8, 0x4)
syz_usb_connect(0x0, 0x48, &(0x7f0000000180)=ANY=[@ANYBLOB="12010002f9baa30810141090b300010203010902360002080700020904a12003020600800905020010006c030409050d022950cc12511d000492bd55627d0c7ea8e9f70009050f00400040a40e09"], 0x0)

1.248326513s ago: executing program 1 (id=950):
syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
unshare(0x8000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
open$dir(0x0, 0xa001, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000100)={0x3, 0x980900})
r3 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r3, 0x4020565a, &(0x7f0000000280)={0x3, 0x980900, 0x2eae0342ca72d7e8})
ioctl$VIDIOC_QUERYMENU(r3, 0xc008561c, &(0x7f00000001c0)={0x980900, 0xfffffff2, @value=0x9})
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000003a00010326bd7000fcfeffff060000001338231bb104"], 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r4, &(0x7f0000000180)={0xa, 0x0, 0x403ffd, @loopback, 0x7cfd1f0f}, 0x20)
socket$l2tp6(0xa, 0x2, 0x73)
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4)
syz_clone(0x840980, 0x0, 0x0, &(0x7f0000000100), &(0x7f0000000380), 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), r1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
r6 = syz_create_resource$binfmt(&(0x7f0000000040)='./file0\x00')
r7 = openat$binfmt(0xffffffffffffff9c, r6, 0x41, 0x1ff)
write$binfmt_elf32(r7, &(0x7f0000000680)=ANY=[@ANYBLOB="7f454c46fc0306000800000000000000030003002f5000003501000038000000c40100000a000000a10020000100080022006e0e00000000030000001c0000007a00000008000000ff0300000900000009000000090000004fd8ee90cbf74604d61aabdc5d636261752dcfe999a466bd816d1b748a9156d35f3e568feee8a7ff87d5cc24b3b487c9a9486092e894cce34afcdf64d3151ef4e048fdbbcb3be4db93eba2970d95e901d58b87148df29b51edc4163bad398454798a288a03e2ce6d9a54675ae169b2e342a3333f08514b0b98758e525aced6b4d6264f513988aaa43efb1da4dbee89a076476fb70a7a7b9d1401d914e9cde7010fb7d3ba67ede5137b1d5060e6023a2894f8fc51710e42e9fb5e05dd5d7c6faae1595246af28f3e83dfa61f14e2a3bb9733f04a93becc9d64af6abf16c2613149ce8a290609a2869406b"], 0x146)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000004700))

1.198303659s ago: executing program 0 (id=951):
r0 = syz_usb_connect(0x0, 0x371, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000057ec0020c215dcff30bd0102030109025f03019b000000090400000b403b4e000905e2379c"], 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000005c0)={0xffffffffffffffff, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x12, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x8, 0x40000000000000]}})
read$eventfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000086c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd700001dcdf251900000008000300", @ANYRES32=r6, @ANYBLOB="06006d"], 0x2c}, 0x1, 0x0, 0x0, 0x20000044}, 0x40)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x34, r2, 0x621, 0x70bd28, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x10}, @ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x20008000)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x600008d0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r7, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r8 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r8, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
r9 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r9, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @remote}, 0xc)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x1c)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_disconnect(r0)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r10, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x8001, 0x4, 0x6, 0xfffffff7}, 0x14)
r11 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
r12 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000012c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x9, [@enum64={0xd, 0x2, 0x0, 0x13, 0x0, 0x8, [{0xc, 0x2, 0x400}, {0xf, 0xc, 0xffffff38}]}]}, {0x0, [0x5f, 0x61, 0x61, 0x30, 0x5f, 0x5f, 0x5f]}}, &(0x7f00000002c0)=""/4096, 0x45, 0x1000, 0x0, 0x1, 0x10000}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x81, 0xfffffffe, 0x0, 0xffffffffffffffff, 0x20, '\x00', 0x0, r12, 0x0, 0x3}, 0x50)
write$char_usb(r11, 0x0, 0x0)

1.152082323s ago: executing program 2 (id=952):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)={0x24, 0x23, 0x409, 0x70bd25, 0x25dfd3ff, {0x2}, [@typed={0x8, 0x1, 0x0, 0x0, @ipv4=@remote}, @typed={0x8, 0xb, 0x0, 0x0, @uid}]}, 0x24}, 0x1, 0x0, 0x0, 0x24040811}, 0x8410)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
r3 = socket(0x40000000015, 0x5, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=""/13, 0xd}, 0x5}], 0x1, 0x40000023, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f0000000100)=0x5, 0x4)
sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000000d80), 0x36f, 0x20102, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00221200000083"], 0x0}, 0x0)
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x80, 0x0)
write$proc_mixer(r4, &(0x7f0000000100)=ANY=[@ANYBLOB="4449474954414c310a494741494e0a53594e5448202753796e74682043e709cc92e61d1d62fc8f5b617074757265205377697463682720"], 0x71)
r6 = dup3(r5, r4, 0x0)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000580)={<r7=>0x0, @multicast1, @initdev}, &(0x7f00000005c0)=0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x9, 0x2, 0x1, 0xdb7e, 0x40000, r6, 0x7fffffff, '\x00', r7, r6, 0x3, 0x4, 0x3}, 0x50)

1.084455451s ago: executing program 2 (id=953):
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000000)=0x201, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="1cef2b1e19f52c89d5bd70c2000000", @ANYRES32=0x0, @ANYBLOB="3bd25e4421c000000017ef91ee618f1ee200a97d1b13d3097862ec3ce95c7e723da2b68f128a2ab523a661eee50bf73e0dc2627eda0800000000000000baeb73ef78ef3f37b9fdf7578981", @ANYRESOCT=r0, @ANYRES64=<r1=>r0], 0x1c}, 0x1, 0x0, 0x0, 0x20044080}, 0x0)
r2 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000000000407d1e9c3100000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000400)={0x2c, &(0x7f0000000180)=ANY=[@ANYRES8=r1, @ANYRES16=r2, @ANYRESHEX=0x0], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000000a40)={0x84, &(0x7f0000000480)=ANY=[@ANYBLOB="200b040000003fe37a4ace976d1574ccf305e67cb8bfbe0d3974439b9a1cc84f12f4190ffd5bacae7f6a0bccc59b60760f7724919aedc29853dd0d375410ed3cf4157e13e9412d408689fea2952e3877caf5888d174f1198385189baeb5611ad31e02d7574"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_procfs(0x0, &(0x7f00000007c0)='numa_maps\x00')
r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0)
flock(r3, 0x2)
fsetxattr$trusted_overlay_nlink(r3, &(0x7f00000000c0), &(0x7f0000000140)={'L+', 0x6}, 0x16, 0x3)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000240)=""/226)
r4 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f00000001c0))
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r5, &(0x7f0000000100)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r5, 0x0, 0x0, 0x20008000)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x4000000000001, 0x0, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_tcp_TLS_TX(r5, 0x6, 0x1, &(0x7f0000000080)=@gcm_128={{}, "9005451377480361", "bbad434d19477339418b5b79f10c141a", "dc717b03", "72f2ea1a3290afcc"}, 0x28)
socket$packet(0x11, 0x2, 0x300)
sendto$packet(r4, &(0x7f0000000080)="a9ac40842059d80cd9b51a420b909d9cbd5cd55920086c1da9fbc07cc14b2ba1bb9f438978081d52ff4c4eabffc4ff0107a5e7b0784f23ac0cf588970a6b9b159a63b8d9bcc8be1f641ceace97ccc02fc692cfb5cba0401c9839474afff8852904713ee41ff3a169f67f1ab4530f914e5760fbc65ac7e1d5f9fb85dbedc8a0e3d2f2b0091536475e541dfee38bfb16a087ed10959bec617e37b6574cd61e077e9e1bd5", 0xa3, 0x1, &(0x7f0000000140)={0x11, 0x15, 0x0, 0x1, 0x4, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}}, 0x14)

969.677595ms ago: executing program 2 (id=954):
r0 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x68c200, 0x0)
fchdir(r0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8)
timer_create(0xfffffffd, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3fd, 0x7, 0x0, 0x4, 0x0, 0x0, 0x61, 0x0, 0x0, 0xff, 0x8, 0xfffffffffffffffc, 0x0, 0x0, 0x4, 0x0, 0x9, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffffffff000, 0x0, 0x3})
ioctl$TFD_IOC_SET_TICKS(r3, 0x40085400, &(0x7f0000000100)=0xf)
sendto$inet6(r2, 0x0, 0x0, 0x48000, &(0x7f000005ffe4)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, 0x0, 0x0)
write$USERIO_CMD_REGISTER(0xffffffffffffffff, &(0x7f00000000c0), 0x2)
ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0585605, &(0x7f0000000680)={0x1, 0x0, {0x0, 0x0, 0x201a, 0x1, 0xa, 0x4}})
read(0xffffffffffffffff, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)

892.09989ms ago: executing program 1 (id=955):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x22)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="a000"], 0xa0}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
writev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000001040)="478c18eb0a51631b3ff7cf4a9ce3a65c69c7cc614964996cbca84d8d9818d829cc74877aeb2f3a202d988e3afca44b26fa582c7b41043d14f8d9398dd6763517d07f247349", 0x45}], 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000010000004200000040"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000040), 0x3ff, r2}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000280)={0x0, &(0x7f0000001200)=""/119, &(0x7f00000002c0), &(0x7f00000007c0), 0x7, r2}, 0x38)
landlock_restrict_self(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1c1)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
socket(0x840000000002, 0x3, 0xff)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000640), 0x4000, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',cache=fscache,version=9p200\",cache=loose,mmap,cache=mmap,access=', @ANYRESDEC=0x0, @ANYBLOB=',debug=0x000000000000000a,uname=,dfltuid=', @ANYRESHEX=0x0, @ANYBLOB=',\x00'])
landlock_restrict_self(r1, 0x9)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
r6 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
r7 = landlock_create_ruleset(&(0x7f0000000000)={0x1c48}, 0x18, 0x0)
landlock_restrict_self(r7, 0x0)
landlock_restrict_self(r6, 0x8)
landlock_restrict_self(r6, 0x1)
landlock_restrict_self(r6, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x1c0)

891.641807ms ago: executing program 2 (id=956):
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f0000000080)={&(0x7f0000ffc000/0x3000)=nil, 0x6ef, 0x3})
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000000c0)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="02030002100000002cbd7040fcdbdf25030006000000000002004e22ac1e0001000000000000000002000100000000000000090c00000080030005000000000002004e22ac144247e519008000000000060008000801"], 0x80}, 0x1, 0x7}, 0x0)

749.664387ms ago: executing program 1 (id=957):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = memfd_create(&(0x7f00000002c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f^\xd5\xfd\xa9\r\xac7A\x94\xeb\xcd\t\x00\x90k\xd6\x05\r\x84\x87\x1c\b\x8c`\xea\x13A\x90m\xb6&\xd0\x9daA\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2_\xdb\xc0\x8b\x19\x17\xb7Rvd\xcb:\b\xeeC0\xa3\xa6\xcf\x00\x00\xac\xc5h&+\t\x98\'\xfd|\x11\x99\xa2*6{\xd2C>2\x0e\"\xbc\xda\xee\xb0\xd8\xbf\xaf)\xf58c\x189K\x82\xd1(\xceY*\xcb\x9b\xbdn\x8e\x98m\x10L\xec\xfdWF\x7fj\x19\xb8<\xd2\x9d\xf0\xe9Qy\xe32\xed\x16f\xfe&\x1a\xdb\xeb\xad\xaaE\b\xa9\xf8\xa9s\xc4d\xd4\x03\xf1\xb7xO\x99\x804m[Ai\x13\x02\xf0\x84c2s\xd5P\t`\x9b\x12&\x8cx\x8eg\x9d\xe6g', 0x0)
ftruncate(r2, 0x7)
splice(r2, 0x0, r1, 0x0, 0x100002, 0x9)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000001680))
r4 = eventfd2(0x0, 0x1)
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000001c0)={0x0, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0x1000})
memfd_create(&(0x7f00000002c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9\xd6\x1c\x1b*\x9a!?\x7f\xa5\xad\x9a,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{&\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+\x02\x00\x00\x00\x00\x00\x00\x00\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5', 0x2)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x83, &(0x7f0000000480)={0x0, 0x2}, 0x8)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000000)={0x0, r4})
ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000140)={@my=0x1})
socket$vsock_stream(0x28, 0x1, 0x0)
pipe2$9p(&(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x4800)
tee(r0, r7, 0x81, 0xb)
vmsplice(r6, &(0x7f0000000140)=[{&(0x7f00000000c0)="6404733134642d", 0x7}], 0x1, 0x6)
futex(&(0x7f0000000500)=0x2, 0x8c, 0x1, 0x0, 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e21, 0x2, @empty, 0x6}], 0x1c)
listen(r8, 0x10000003)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r9, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e24, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x4000094}, 0x81)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r9, 0x84, 0x7b, &(0x7f00000001c0)={0x0, 0x1}, 0x8)
dup(r9)

723.081471ms ago: executing program 2 (id=958):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r1) (fail_nth: 1)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)={0x34, 0x0, 0x400, 0x70bd26, 0x25dfdafd, {}, [@ETHTOOL_A_RINGS_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4818}, 0x4000080)

509.685714ms ago: executing program 4 (id=959):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r0)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r2)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x20, r3, 0x321, 0x70bd25, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x404c010)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000001680)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001640)={&(0x7f0000000440)={0x11f4, r3, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x5}, @ETHTOOL_A_LINKMODES_OURS={0x11d8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "f3a6bb89eb740fa9f92d02cb1bc9f409e9778b2e300f20250d3fe35ea5d84ae91e97733cd026cc968dc637b84c6f50bfb2424e611d93f5ce80ee48f979350951b2cb9bed3d3f4b56cb9bf66b9546e538eb2a507e22b98ccde06dec54de3de38af7d7b9c93ae067d7bc61e50c93cca46e830ca909495b2ecf9992decd541de21ac421d5b4c05a895d18945afe36f46de78c585bdcf54816831fcb5d7a37e568f6f9a13fffcd2c0042b5d0bd4cfdf10058364fbf96810beeffb5d8636f2244d8082fa2065108b264f33af8b01c6f643b5f60e630c5fce2839fa93d20bc8d0b78af046bf1f865a3cd8c6d15262ff17c30975c86fc910b24d2bc8e60ac98f7ced04ef86e9a6e2645c5ae9e617698b2b1fe927636ed108b5d66865a825abea79a253f2db758e1ecfc75e87123655c2de311ed2c7c57f7de21f6fa64f6dd35aea8349fafab52bdc2207a9a97973274235f16bfb57e5b97b8cf4171dd45b4a3299707434c34b71c3d5736bbf32822acd3563a7352ec2c0b419ff30af48dd90c7a0bdd44d5ebdf9dbb218b5812ea9932bcf5208d0f56136480d8859e468774f51d126b91eb954f6d6d1a7ef4160c8b5de2985ddaddbe573ea77fbd492d1a6ee0f3a1a7f19aadd02b8be9737e2f6b3ca4205c261d9f870e8bf71e90dd3c05085fd717c39a5d2cfa26b362789f10fb89f96369ce24dc75625c6ae1a2814a41db9c918c749ab230e381bff2f5850bfeb9f659a629f7167dd3010d5b70075ca55ebcdf7c34accdcccc5b850010c288231fce79899d3dc8a3a85c6a7cfab02f53a3c544f8977f8ea2ee228c3a3a881923ac1842dd341b871b20a69416a0f1972141757199d509657008460bc7783b9fe010cf6d1ea0f0bad862e72c5d7c43fad787c7841e3f590ac528fc310e3580d02c46257bcacb9087234dfd31b0ef0c475be41268c646d358aa4350a4cc2f51393df30a3c024a56bb3b147127f9e75f620260699ac52354b19687911f0f5679ab122701ac970f2bfe44b61986b9b90d100d3891c10376eb3e753ccfe6807ba87296043e5444ff50f3b909ef6ecae6986a6e75c0dfcb5fc7c51b752f886a245752088dd98e91e4abe971c6658caef1ab5d6f6edc3b32ae59991dcfdbb4714eab000cc2cd211adc9593fe92c83d099fba00a8e0add9f239a1a9ba9c0e00370868c555839442748ff3068b34fa465ff7c9e9c5bca3e6122b2d8a228946ec5ac53f520eb9f4276f2b4c3f538193a4724ed3bdf99eb86a935ecea813b94fe4a246ed676034b5ab960b6cd561bd071d27099977ae62f4ceaf6a7b3bdae0101dab4b87a37acf08727f85fc51b342fb1fe53d0c96eee11ca24346978b735851c95db4db8884ae33bfd5397540dda1c93012194b06841ea10d89dce416dee1723a1212ccf8aa40f587e290864152d9bca86b1fc230e78c2151bfd5eae543267709edbffda4f5cb58593da63d851c5a1daf45b45272c0e8817a36837e58b99d524eff2c21169a138f38614f4ee1a8a9c7f9454f8bb0086b99e4e5b539c28e24452bb6a9b0b589a24416a81615170b1606f0a2b953a9a1f21420b70e4123e90cf4ec3ce403c8a2bb1549100a42ab5d2397a25d6221e4b0cb98705b1cf8190cae0794b434d6f7ddc7174107d12672506f24cbdf5275410a2678ad42169a0ec3834a4158b022bd23c6a4d102cbf1965b817527be9de2a8e4ef41a14888eb6d59fa4dc39821dceca6bd4e3a42330070ee5b85af46a1afb30f4c3352ff2e433b69d9d3d86693ea774ca99a6cd919640864db12222a1e5927dcbca8bcceb5e83084a37d88d7bc59ff23f1c8239b169126f9b44e70f14c2100045f661e7c9157d40dae792c05bf5f6499c295198a6182c30fd2240b080d3d2e4e2bd592af4d8ec31d778f4874edc221b447bfdde335a8f3cb7e930f124e131e2b4a8110766fdc318c3a9f7114f90c5c377a80a50563f8b3ea4e99a2dee74172367ff647f76aa4607a38d809f108622ea77decb34cf1b0f6abd5ec11336e357ed88aa10a7ba97ae00e5f6f5cd44718cbc49f68ec3c361d2643bdcaa9392199e879c6adb7fd30551320a26ecfecfdeff162d917b1cc94c83eeeed9ec0116bded68a5e28e19811dc132a3e4027f5340910e7c4f8ca5e6b03a4f970f7fbe1000a98da41784ad754553ee875f9be6eb1c2d3f7e42e2842ca069c7280c263c6e35247e03f930b6933a1047e4b7eac25cdd4a6af381f3b57f2d23575d7df8c4551c6e4833bcf1ff56f7860a5810d361ed405e76f44b3b722358ee09dda1ffb67371da9aed5987fb3ce1aeb1a428881cf0ff309ea84a3beb6b4f5f98baaeae525666ccd45b9f5b72984bbb1513c9d99cf00fddb86c5b85897454b4c0941321d587cb96b9a4162d16886b33e1bf101a2bae424bf211ca1492090c085f7144f111528f1b9bed8c020fb7e5a063337aa068d3cea3ba38e0fbdc140dbb337b744cb310ee2a0bcfb4973cdc5aed5edf68153f5e863bc9ea2a02fb3bf832d834e0a1f796b75133660713ae1f87ac72843b250ab04bd2e5f7e137a15c9eab0c05d9cb75b515aa6c3398576b02d386096c0435b84a3d0f9052f7ad63f6aa3906004fbc44ed580e3f3e28b1e6a9a2d3c0f49af461f2fc9138d1ea8a9395a77dd3cb8a4375578fce2a41700816c0a6613831b62f6b7c036419b76f9349544f414a068b37acdf00ff86951a21f500e8803a704d6efa585cb068fdad27f18ab47cb847548a6a60d2e4c075b5767a5250969c49889a70b1a9e6db35a1f460710797fbdaf0113f1cd025009a32c18b9fdc24dc09785640b228429343f7ec583f3324455ccd989eecfae20bb9ad6072865a055ec0fc035d4943c8a1ea9ae96647dbc5aaad907b5c12a673b463fac1bd92da0918cf2aade66923739b39f4dae70fe1ebd85f2eceb7244ec36f40c3510ab6bdc0a522e2d89b54b42bd80dbea520b796c274d358155c763795b572d1113e81b7ecdcea02bf1f857e568a8ebade9896e3f27ad064591462ac8a35505687ffd8e986052357612e9174cf4c6d23f424b73a6d994467f29da0a0817812e826267374973601f14d947a297be31888cf9122343feda87901c416b694f415ffac8ee900cec4c91ac667aabf49d91ba137a9d3406a743e494f1de28c44c434bd9d21422fc94c24530d023e4d7edd4ad61e3ccaff64df7aa7caacb78efcae229f6a74a3fa58481f365a989ecab34e673f36e4d73b2a9971e2d19b28d00d7cb807b161c18bcd74bab7cc199e6e98857e889cdac99b297a6dc04c007584bf51173bf482dca0451f430f97a275c8090c504caf650861e14c297f95e9797ebfeb8c94eb717b94e5a1dcf88763d2a1f17fdf75dc4d36c48011bd8bfa55c6d6a1cc819268ee10435676a5f56f1950358272268807d48e83e58beeeedd26343be0f2d4c49f07084d43d9ad7a103ccaa030d46fb05c1cd0bc7a9775be362aec7858aa1bca7f7933f5f52478acdb04b0a7ff76dea083322666d48a5f1c802de778d99b5913b808404488ac2a6da4bb2156a5fc33d7f6e1609369dfc76bffec132dc403e77cdb2f154b29e52ce9a2230977e7fa5b5a90e53920a29fac9990bb6b838b2903edb989456dc764221c6383450fab331eac6822796987a874dbf6d8f9b36f32b840042ca6ee7722f2b4010e28b8180348f39433c600f5a1eceb9e84ad67d3c2b9c0cf25cf1dc0b2482cdcdf2d42109a8675fb235d414f833248449a1a5656657aa1336f173fed5f4c6b7263794a61dbb15c8978c00c1bb5a574bc93682394d3457792ce825f39186eb78a21ea5013eeb179f5469ddab22721b2d686745055b3b570feddd4bd8964aa34ddbb994302e764fa53165d3670c598d1b13da14aed4fcd56906c1bbc6c07e1b03b1192a6b546bf5d487f32bdddcd042cfb556ba2ceb8e45a0e7a5607d96bc114f07a058f10dc9cb70dfd535528d25e3eadb8e99e6c0de9f7d979f5f7e57bba73014b6ab56ca6da3b879cd9afe1f5ad612a461f89d3efe0abcdba4242a5abfb81de25166890ba18d67ccf1c1bcde1dacd60c88d25564a92a378382e1e4904d837743d4f50a64af1e0a59660e9a742a519b7f5af2abec8a237d7ccaf2ac60a4b0e61d2f8b2dbd4ee078bfd0a30ba4b1f886be7e8389b8917b5ef6629152b5eb54d27325b613ff52fe4ecab20739b629804a0f3a0aa4b90839ceb70eb837c9f1fa926b93865d0352981ce25a264cf46e0a48aa4924b0f8489ddd87359a3ad16cb07eb017323cd03c7d52b2ef001384af6bee66f5d83a98a1b5e6450cc86878b472459c605ac873e794076df26c09f4f2a074fecf26e393c970c2041f35889a17f39335e60d9054aae7d2a0fe0da7234883a90f8b44440c5ba9233d7d1524c0c63522c4b9cb58607b7e78d3e4dbc127d17fb6df142ea7c7826e405920a45f0eacb7ce07a40651fb1953398a158d0bdf5ae78f2efc0da89aa28bb79eb04284dd95f089cfd055a6dcd751a5a512626c33ad631d75b9667e59424e23432eb7163ad0f209694aff03bd47cabe9b5671ec7183a53c1d49a2f23e9b5ef1abbb8f135e38f64e3de35c144c2167eb048b23b06bed76443310f9ecb4ae66cf0d5558fb40ba2530803ef0426c0e10346a88f6559529b879b43351807028b6a93bd7e3929a70270e0d0cf61625af400a5022b7eadb93e1dbade266b504cbf682e4b8cb025498407c2e93ff545ae26fa227d78642e12732066d4a95e18d2913ee935bc4cd253f4c35c33af698b002303117685bf1f50395ea787fe6b6e7a51b661e3361727e3820865637063c7092f24e168e723185f296925ca08bc62f9a97ebd9e994e4c6868afb46d952d7163e5b048439ae62dfb4a895eac86d94a5e6932c4ac93dbd2cebcb456fdc427120e7a91a1504ea9633e6a7ff913ba064ade87e4e417c3b0239f4fae810135407a25ca6b857b956033dafd476a9308f499e709ee3b6f63783551bd49374be3db63b9526259fb161fcad3941e4ae03c7a8d4e86d0797fbdaab41e9fb2b9f6b4650d26f77805c431199bb1bba364817b1b01e5e7ef819085a80dcd6264c6e333f69089ce7d8dc0b05bf715ee0eac55344f89cf7c0f6d7c21258af92a5e31da086651e0b7cc5dd946f497c912eb32a9b758e3a65e8753de0d1d3a66748314ad348599d7bac88588a3d56641ead1f557c1b9a06e155f76e4b160d497885cc796930df71176c38e9e691b82d4a309a868a1d5f33bf6298829a5d6f2914d66d4fb520cd0f235f6611258b648eaca2aa5a9d830af38f27023bba64f943eab5aea3988d9b7d00220963ce881b5c218428e41dbbeea92d1445689a3e33982e38a346fed66c20ef1544f619636a30b939494dda3d97f889b9695456c79bcd9f42ab2eae0785f09ea7085d09e74b2fe6261874425e85ec3161223ceb566fd2b269f81aa42bfed1864a82833cb9c66e521a595c6720f4186e6bf42e3406467a978e6028b595b006ad2c2a7ece17a781670c59176e21f78ed5b5b89dc0260abaa39f3bbf21b29b3e7b6f3898f5caad678743f614b0884c2494fd9141238d91efa49bdbb255d1757c75837ccef48ef8347c7ff3170e4bbe0985050093adb4b6f8797ff3d47c23ce6163f17a01dd8b5372beff4fed356c07732b8a7d9a7397099daf33f8e161daf39de6dd3d91aeece9ebda7d114e2e5fbd3515ecfbf2f8b34ea1e71cca0237f5d22d0532987e16fd1de741c3226cb4937b53b31b5f0d33d78f56fbfea825904c5d7ea2a4ce6e3eecfb82749ed4e6cf13b56d6fede885990b21"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x67}, @ETHTOOL_A_BITSET_VALUE={0x97, 0x4, "1ea6281228a9edca6e706a0179babf0ee242e68e179a1e5b8a3e940ba58f31b47fbb7b3d64ef5e699974b4c326597a58917d92abc45dbff366055511fcae5ae22575dae75371d2d1fabc738841f276a6838dd4b229531a90e90b6cda9c46e3ffefcf8f602ef64d6d6c3d6c5a3ee04c3d8bd95f9d949d746ac9864be39403f73147272caa8e4a0b5e334ad92e5ad3b132bbbbf0"}, @ETHTOOL_A_BITSET_BITS={0x130, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '\xe1!.\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x72f}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '${!]/\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x45c719b4}]}, {0x4}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, '/dev/ubi_ctrl\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}]}, {0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'skcipher\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, '/dev/ubi_ctrl\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0xf, 0x2, '}$---@)\\.*\x00'}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x11, 0x2, 'xts(serpent)\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6e}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffd}]}]}]}]}, 0x11f4}, 0x1, 0x0, 0x0, 0x20004001}, 0x8000)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r1)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdafd, {}, [@ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x5}, @ETHTOOL_A_RINGS_TX={0x8}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x9}]}, 0x33}, 0x1, 0x0, 0x0, 0x4818}, 0x4000080)

0s ago: executing program 1 (id=960):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002840)=ANY=[@ANYBLOB="b7000000fdffffffbfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff000000000f040000000000001d4002000000000065040000000000001f030000000000001d440000000000007a0a00fe000000000f14000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b1100886475923906f88b53987ad0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d64364f56e24e6d2105bd901128c7e0ec82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7dfcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c22ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b884114f244a9bf93f04bf072f0861f5c0b000000004000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2811e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96735600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca311a28ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da7418fd3aa81cff202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0d0274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbf34c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cbf5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200"/2745], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r0, &(0x7f0000000140), &(0x7f0000000200)=""/221}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000808106fb5ebf3855cd0400000000000000"], &(0x7f0000000080)='GPL\x00', 0x5}, 0x94)
r1 = socket(0x10, 0x800, 0xa8)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000004c0)=[{0x6, 0x80, 0x80}]}, 0x10)
bind$alg(r1, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm(aes))\x00'}, 0x58)
r2 = memfd_secret(0x80000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x13, r2, 0x0)
bpf$LINK_DETACH(0x22, &(0x7f0000000040)=r2, 0x4)

kernel console output (not intermixed with test programs):

endor=05d1, idProduct=2001, bcdDevice=10.00
[  229.489145][ T5873] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.489166][ T5873] usb 5-1: Product: syz
[  229.489181][ T5873] usb 5-1: Manufacturer: syz
[  229.489196][ T5873] usb 5-1: SerialNumber: syz
[  229.531404][ T5873] usb 5-1: config 0 descriptor??
[  229.543112][ T5873] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  229.564932][ T5873] usb 5-1: Detected FT-X
[  229.622271][ T5872] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  229.756894][ T7379] FAULT_INJECTION: forcing a failure.
[  229.756894][ T7379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.756930][ T7379] CPU: 0 UID: 0 PID: 7379 Comm: syz.2.512 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  229.756956][ T7379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  229.756971][ T7379] Call Trace:
[  229.756980][ T7379]  <TASK>
[  229.756990][ T7379]  dump_stack_lvl+0xe8/0x150
[  229.757029][ T7379]  should_fail_ex+0x46b/0x600
[  229.757075][ T7379]  _copy_to_user+0x31/0xb0
[  229.757101][ T7379]  simple_read_from_buffer+0xe1/0x170
[  229.757136][ T7379]  proc_fail_nth_read+0x1be/0x230
[  229.757169][ T7379]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  229.757201][ T7379]  ? rw_verify_area+0x2ac/0x4e0
[  229.757234][ T7379]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  229.757264][ T7379]  vfs_read+0x212/0xa80
[  229.757307][ T7379]  ? __pfx_vfs_read+0x10/0x10
[  229.757343][ T7379]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  229.757370][ T7379]  ? lockdep_hardirqs_on+0x7a/0x110
[  229.757418][ T7379]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  229.757443][ T7379]  ? mutex_lock_nested+0x152/0x1d0
[  229.757476][ T7379]  ? fdget_pos+0x252/0x320
[  229.757515][ T7379]  ksys_read+0x156/0x270
[  229.757550][ T7379]  ? __pfx_ksys_read+0x10/0x10
[  229.757597][ T7379]  do_syscall_64+0x14d/0xf80
[  229.757622][ T7379]  ? trace_irq_disable+0x3b/0x150
[  229.757650][ T7379]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.757674][ T7379]  ? clear_bhb_loop+0x40/0x90
[  229.757701][ T7379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.757723][ T7379] RIP: 0033:0x7fe6b609d04e
[  229.757744][ T7379] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  229.757764][ T7379] RSP: 002b:00007fe6b430cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  229.757788][ T7379] RAX: ffffffffffffffda RBX: 00007fe6b430d6c0 RCX: 00007fe6b609d04e
[  229.757804][ T7379] RDX: 000000000000000f RSI: 00007fe6b430d0a0 RDI: 0000000000000004
[  229.757818][ T7379] RBP: 00007fe6b430d090 R08: 0000000000000000 R09: 0000000000000000
[  229.757831][ T7379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.757844][ T7379] R13: 00007fe6b6356128 R14: 00007fe6b6356090 R15: 00007ffe640175d8
[  229.757880][ T7379]  </TASK>
[  229.789382][ T5872] usb 1-1: Using ep0 maxpacket: 8
[  230.017756][ T5872] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[  230.017787][ T5872] usb 1-1: config 0 has no interface number 0
[  230.027198][ T5872] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  230.027223][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.027288][ T5872] usb 1-1: Product: syz
[  230.027299][ T5872] usb 1-1: Manufacturer: syz
[  230.027310][ T5872] usb 1-1: SerialNumber: syz
[  230.128921][ T7359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.129946][ T7359] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.194088][ T5872] usb 1-1: config 0 descriptor??
[  230.219059][ T5872] gspca_main: sq930x-2.14.0 probing 2770:930c
[  230.421656][ T5872] gspca_sq930x: reg_r 001f failed -71
[  230.421987][ T5872] sq930x 1-1:0.128: probe with driver sq930x failed with error -71
[  230.479904][ T5872] usb 1-1: USB disconnect, device number 11
[  230.592472][ T5873] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  230.604867][ T5873] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  230.654524][ T5873] usb 5-1: USB disconnect, device number 9
[  230.682496][ T5873] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  230.683289][ T5873] ftdi_sio 5-1:0.0: device disconnected
[  231.397670][    T9] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  231.857983][    T9] usb 1-1: Using ep0 maxpacket: 8
[  231.919671][    T9] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  231.919703][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.979387][    T9] pvrusb2: Hardware description: Terratec Grabster AV400
[  231.979404][    T9] pvrusb2: **********
[  231.979410][    T9] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  231.979418][    T9] pvrusb2: Important functionality might not be entirely working.
[  231.979424][    T9] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  231.979432][    T9] pvrusb2: **********
[  232.421858][ T5872] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  232.492315][ T2373] pvrusb2: Invalid write control endpoint
[  232.549240][    T9] usb 1-1: USB disconnect, device number 12
[  232.609622][ T5872] usb 4-1: Using ep0 maxpacket: 8
[  232.622197][ T5872] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  232.622236][ T5872] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  232.622264][ T5872] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  232.622289][ T5872] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  232.622397][ T5872] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  232.622423][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.979352][ T2373] pvrusb2: Invalid write control endpoint
[  232.979369][ T2373] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  232.979380][ T2373] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  232.979390][ T2373] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  232.979407][ T2373] pvrusb2: Device being rendered inoperable
[  233.001141][ T2373] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  233.001273][ T2373] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  233.049500][ T2373] pvrusb2: Attached sub-driver cx25840
[  233.049517][ T2373] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  233.049529][ T2373] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  233.169937][ T5872] usb 4-1: GET_CAPABILITIES returned 0
[  233.169981][ T5872] usbtmc 4-1:16.0: can't read capabilities
[  233.802688][ T7448] FAULT_INJECTION: forcing a failure.
[  233.802688][ T7448] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.802714][ T7448] CPU: 1 UID: 0 PID: 7448 Comm: syz.0.541 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  233.802733][ T7448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  233.802743][ T7448] Call Trace:
[  233.802749][ T7448]  <TASK>
[  233.802756][ T7448]  dump_stack_lvl+0xe8/0x150
[  233.802786][ T7448]  should_fail_ex+0x46b/0x600
[  233.802817][ T7448]  _copy_from_user+0x2d/0xb0
[  233.802833][ T7448]  __sys_bind+0x1cc/0x410
[  233.802861][ T7448]  ? __pfx___sys_bind+0x10/0x10
[  233.802894][ T7448]  ? __pfx_ksys_write+0x10/0x10
[  233.802926][ T7448]  __x64_sys_bind+0x7a/0x90
[  233.802951][ T7448]  do_syscall_64+0x14d/0xf80
[  233.802969][ T7448]  ? trace_irq_disable+0x3b/0x150
[  233.802989][ T7448]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.803005][ T7448]  ? clear_bhb_loop+0x40/0x90
[  233.803025][ T7448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.803040][ T7448] RIP: 0033:0x7f111fd6c819
[  233.803055][ T7448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  233.803069][ T7448] RSP: 002b:00007f111dfbe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  233.803085][ T7448] RAX: ffffffffffffffda RBX: 00007f111ffe5fa0 RCX: 00007f111fd6c819
[  233.803097][ T7448] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000004
[  233.803107][ T7448] RBP: 00007f111dfbe090 R08: 0000000000000000 R09: 0000000000000000
[  233.803117][ T7448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.803126][ T7448] R13: 00007f111ffe6038 R14: 00007f111ffe5fa0 R15: 00007ffe4823c388
[  233.803150][ T7448]  </TASK>
[  234.535867][ T7468] netlink: 12 bytes leftover after parsing attributes in process `syz.0.548'.
[  234.550861][ T7468] openvswitch: netlink: IPv4 tun info is not correct
[  234.949236][ T7484] FAULT_INJECTION: forcing a failure.
[  234.949236][ T7484] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.949273][ T7484] CPU: 1 UID: 0 PID: 7484 Comm: syz.1.555 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  234.949297][ T7484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  234.949311][ T7484] Call Trace:
[  234.949320][ T7484]  <TASK>
[  234.949329][ T7484]  dump_stack_lvl+0xe8/0x150
[  234.949368][ T7484]  should_fail_ex+0x46b/0x600
[  234.949405][ T7484]  _copy_to_user+0x31/0xb0
[  234.949431][ T7484]  simple_read_from_buffer+0xe1/0x170
[  234.949464][ T7484]  proc_fail_nth_read+0x1be/0x230
[  234.949496][ T7484]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.949527][ T7484]  ? rw_verify_area+0x2ac/0x4e0
[  234.949564][ T7484]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.949595][ T7484]  vfs_read+0x212/0xa80
[  234.949638][ T7484]  ? __pfx_vfs_read+0x10/0x10
[  234.949675][ T7484]  ? kmem_cache_free+0x185/0x6b0
[  234.949696][ T7484]  ? do_sys_openat2+0x14c/0x200
[  234.949741][ T7484]  ksys_read+0x156/0x270
[  234.949776][ T7484]  ? __pfx_ksys_read+0x10/0x10
[  234.949823][ T7484]  do_syscall_64+0x14d/0xf80
[  234.949847][ T7484]  ? trace_irq_disable+0x3b/0x150
[  234.949873][ T7484]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.949897][ T7484]  ? clear_bhb_loop+0x40/0x90
[  234.949924][ T7484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.949946][ T7484] RIP: 0033:0x7f2b9856d04e
[  234.949966][ T7484] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  234.949986][ T7484] RSP: 002b:00007f2b96805fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  234.950010][ T7484] RAX: ffffffffffffffda RBX: 00007f2b968066c0 RCX: 00007f2b9856d04e
[  234.950027][ T7484] RDX: 000000000000000f RSI: 00007f2b968060a0 RDI: 0000000000000003
[  234.950040][ T7484] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  234.950053][ T7484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.950066][ T7484] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  234.950101][ T7484]  </TASK>
[  235.082696][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  235.264403][    T9] usb 5-1: Using ep0 maxpacket: 8
[  235.266944][    T9] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  235.266985][    T9] usb 5-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  235.267074][    T9] usb 5-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  235.267104][    T9] usb 5-1: config 168 interface 0 altsetting 188 has an invalid descriptor for endpoint zero, skipping
[  235.267127][    T9] usb 5-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  235.267155][    T9] usb 5-1: config 168 interface 0 has no altsetting 0
[  235.268596][    T9] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  235.268635][    T9] usb 5-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  235.268676][    T9] usb 5-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  235.268706][    T9] usb 5-1: config 168 interface 0 altsetting 188 has an invalid descriptor for endpoint zero, skipping
[  235.268728][    T9] usb 5-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  235.268756][    T9] usb 5-1: config 168 interface 0 has no altsetting 0
[  235.271746][    T9] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  235.271785][    T9] usb 5-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  235.271828][    T9] usb 5-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  235.271857][    T9] usb 5-1: config 168 interface 0 altsetting 188 has an invalid descriptor for endpoint zero, skipping
[  235.271880][    T9] usb 5-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  235.271909][    T9] usb 5-1: config 168 interface 0 has no altsetting 0
[  235.362246][    T9] usb 5-1: string descriptor 0 read error: -22
[  235.362397][    T9] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  235.362423][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.535955][    T9] adutux 5-1:168.0: interrupt endpoints not found
[  235.541011][ T5872] usb 4-1: USB disconnect, device number 21
[  235.881963][ T7502] FAULT_INJECTION: forcing a failure.
[  235.881963][ T7502] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.881999][ T7502] CPU: 1 UID: 0 PID: 7502 Comm: syz.0.565 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  235.882024][ T7502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  235.882038][ T7502] Call Trace:
[  235.882046][ T7502]  <TASK>
[  235.882057][ T7502]  dump_stack_lvl+0xe8/0x150
[  235.882095][ T7502]  should_fail_ex+0x46b/0x600
[  235.882131][ T7502]  _copy_from_user+0x2d/0xb0
[  235.882153][ T7502]  __sys_bind+0x1cc/0x410
[  235.882190][ T7502]  ? __pfx___sys_bind+0x10/0x10
[  235.882236][ T7502]  ? __pfx_ksys_write+0x10/0x10
[  235.882278][ T7502]  __x64_sys_bind+0x7a/0x90
[  235.882313][ T7502]  do_syscall_64+0x14d/0xf80
[  235.882337][ T7502]  ? trace_irq_disable+0x3b/0x150
[  235.882362][ T7502]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.882385][ T7502]  ? clear_bhb_loop+0x40/0x90
[  235.882414][ T7502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.882443][ T7502] RIP: 0033:0x7f111fd6c819
[  235.882464][ T7502] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  235.882483][ T7502] RSP: 002b:00007f111dfbe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  235.882506][ T7502] RAX: ffffffffffffffda RBX: 00007f111ffe5fa0 RCX: 00007f111fd6c819
[  235.882523][ T7502] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000004
[  235.882537][ T7502] RBP: 00007f111dfbe090 R08: 0000000000000000 R09: 0000000000000000
[  235.882552][ T7502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.882565][ T7502] R13: 00007f111ffe6038 R14: 00007f111ffe5fa0 R15: 00007ffe4823c388
[  235.882601][ T7502]  </TASK>
[  235.958675][    T9] usb 5-1: USB disconnect, device number 10
[  236.237846][ T7508] netlink: 28 bytes leftover after parsing attributes in process `syz.0.567'.
[  236.237875][ T7508] netlink: 'syz.0.567': attribute type 2 has an invalid length.
[  236.237890][ T7508] netlink: 'syz.0.567': attribute type 1 has an invalid length.
[  236.237902][ T7508] netlink: 92 bytes leftover after parsing attributes in process `syz.0.567'.
[  236.435555][ T7515] FAULT_INJECTION: forcing a failure.
[  236.435555][ T7515] name failslab, interval 1, probability 0, space 0, times 0
[  236.435593][ T7515] CPU: 1 UID: 0 PID: 7515 Comm: syz.2.569 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  236.435616][ T7515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  236.435630][ T7515] Call Trace:
[  236.435639][ T7515]  <TASK>
[  236.435648][ T7515]  dump_stack_lvl+0xe8/0x150
[  236.435687][ T7515]  should_fail_ex+0x46b/0x600
[  236.435725][ T7515]  should_failslab+0xa8/0x100
[  236.435751][ T7515]  __kmalloc_noprof+0xdf/0x7b0
[  236.435773][ T7515]  ? tomoyo_encode2+0x27f/0x530
[  236.435807][ T7515]  tomoyo_encode2+0x27f/0x530
[  236.435842][ T7515]  tomoyo_check_unix_address+0x3d9/0x7f0
[  236.435870][ T7515]  ? get_pid_task+0x20/0x1f0
[  236.435891][ T7515]  ? get_pid_task+0x20/0x1f0
[  236.435920][ T7515]  ? tomoyo_check_unix_address+0x167/0x7f0
[  236.435949][ T7515]  ? __pfx_tomoyo_check_unix_address+0x10/0x10
[  236.435986][ T7515]  ? sb_end_write+0xe9/0x1c0
[  236.436013][ T7515]  ? unix_getname+0x18b/0x300
[  236.436056][ T7515]  tomoyo_socket_listen_permission+0x2e1/0x3a0
[  236.436094][ T7515]  ? __pfx_tomoyo_socket_listen_permission+0x10/0x10
[  236.436138][ T7515]  ? ksys_write+0x202/0x270
[  236.436180][ T7515]  security_socket_listen+0x8d/0x260
[  236.436218][ T7515]  __x64_sys_listen+0x153/0x240
[  236.436259][ T7515]  do_syscall_64+0x14d/0xf80
[  236.436282][ T7515]  ? trace_irq_disable+0x3b/0x150
[  236.436308][ T7515]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.436331][ T7515]  ? clear_bhb_loop+0x40/0x90
[  236.436367][ T7515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.436390][ T7515] RIP: 0033:0x7fe6b60dc819
[  236.436410][ T7515] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  236.436430][ T7515] RSP: 002b:00007fe6b432e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000032
[  236.436455][ T7515] RAX: ffffffffffffffda RBX: 00007fe6b6355fa0 RCX: 00007fe6b60dc819
[  236.436471][ T7515] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000003
[  236.436484][ T7515] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  236.436498][ T7515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.436517][ T7515] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  236.436554][ T7515]  </TASK>
[  239.669983][ T7555] FAULT_INJECTION: forcing a failure.
[  239.669983][ T7555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.670032][ T7555] CPU: 1 UID: 0 PID: 7555 Comm: syz.2.586 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  239.670057][ T7555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  239.670072][ T7555] Call Trace:
[  239.670081][ T7555]  <TASK>
[  239.670090][ T7555]  dump_stack_lvl+0xe8/0x150
[  239.670129][ T7555]  should_fail_ex+0x46b/0x600
[  239.670165][ T7555]  _copy_from_user+0x2d/0xb0
[  239.670206][ T7555]  do_sock_getsockopt+0x165/0x3f0
[  239.670236][ T7555]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  239.670264][ T7555]  ? __fget_files+0x3a6/0x420
[  239.670291][ T7555]  ? __fget_files+0x2a/0x420
[  239.670328][ T7555]  __x64_sys_getsockopt+0x1aa/0x250
[  239.670364][ T7555]  do_syscall_64+0x14d/0xf80
[  239.670389][ T7555]  ? trace_irq_disable+0x3b/0x150
[  239.670415][ T7555]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.670438][ T7555]  ? clear_bhb_loop+0x40/0x90
[  239.670465][ T7555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.670488][ T7555] RIP: 0033:0x7fe6b60dc819
[  239.670509][ T7555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  239.670528][ T7555] RSP: 002b:00007fe6b432e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  239.670552][ T7555] RAX: ffffffffffffffda RBX: 00007fe6b6355fa0 RCX: 00007fe6b60dc819
[  239.670568][ T7555] RDX: 0000000000000003 RSI: 0000000000000006 RDI: 0000000000000004
[  239.670581][ T7555] RBP: 00007fe6b432e090 R08: 0000200000000080 R09: 0000000000000000
[  239.670596][ T7555] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  239.670616][ T7555] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  239.670651][ T7555]  </TASK>
[  240.489828][ T5872] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  240.691698][ T5872] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  240.691734][ T5872] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.691755][ T5872] usb 5-1: Product: syz
[  240.691771][ T5872] usb 5-1: Manufacturer: syz
[  240.691786][ T5872] usb 5-1: SerialNumber: syz
[  240.791878][ T5872] usb 5-1: config 0 descriptor??
[  241.021017][ T5872] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  241.500726][ T7592] FAULT_INJECTION: forcing a failure.
[  241.500726][ T7592] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.500766][ T7592] CPU: 0 UID: 0 PID: 7592 Comm: syz.1.601 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  241.500792][ T7592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  241.500807][ T7592] Call Trace:
[  241.500815][ T7592]  <TASK>
[  241.500825][ T7592]  dump_stack_lvl+0xe8/0x150
[  241.500864][ T7592]  should_fail_ex+0x46b/0x600
[  241.500899][ T7592]  _copy_from_user+0x2d/0xb0
[  241.500923][ T7592]  ___sys_sendmsg+0x1c6/0x360
[  241.500956][ T7592]  ? __pfx____sys_sendmsg+0x10/0x10
[  241.501021][ T7592]  ? __fget_files+0x2a/0x420
[  241.501050][ T7592]  ? __fget_files+0x3a6/0x420
[  241.501089][ T7592]  __x64_sys_sendmsg+0x1c3/0x2a0
[  241.501120][ T7592]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  241.501158][ T7592]  ? __pfx_ksys_write+0x10/0x10
[  241.501204][ T7592]  do_syscall_64+0x14d/0xf80
[  241.501228][ T7592]  ? trace_irq_disable+0x3b/0x150
[  241.501255][ T7592]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.501279][ T7592]  ? clear_bhb_loop+0x40/0x90
[  241.501308][ T7592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.501331][ T7592] RIP: 0033:0x7f2b985ac819
[  241.501351][ T7592] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  241.501369][ T7592] RSP: 002b:00007f2b96806028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  241.501393][ T7592] RAX: ffffffffffffffda RBX: 00007f2b98825fa0 RCX: 00007f2b985ac819
[  241.501409][ T7592] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004
[  241.501424][ T7592] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  241.501438][ T7592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.501452][ T7592] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  241.501487][ T7592]  </TASK>
[  243.044567][ T5872] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  243.710630][ T7621] FAULT_INJECTION: forcing a failure.
[  243.710630][ T7621] name failslab, interval 1, probability 0, space 0, times 0
[  243.710700][ T7621] CPU: 0 UID: 0 PID: 7621 Comm: syz.1.612 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  243.710733][ T7621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  243.710752][ T7621] Call Trace:
[  243.710761][ T7621]  <TASK>
[  243.710771][ T7621]  dump_stack_lvl+0xe8/0x150
[  243.710810][ T7621]  should_fail_ex+0x46b/0x600
[  243.710848][ T7621]  should_failslab+0xa8/0x100
[  243.710873][ T7621]  __kmalloc_noprof+0xdf/0x7b0
[  243.710893][ T7621]  ? kfree+0x4d/0x6c0
[  243.710923][ T7621]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  243.710961][ T7621]  tomoyo_realpath_from_path+0xe3/0x5d0
[  243.711002][ T7621]  ? tomoyo_path_number_perm+0x219/0x630
[  243.711027][ T7621]  tomoyo_path_number_perm+0x246/0x630
[  243.711055][ T7621]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  243.711087][ T7621]  ? __lock_acquire+0x6b5/0x2cf0
[  243.711147][ T7621]  ? __fget_files+0x2a/0x420
[  243.711179][ T7621]  ? __fget_files+0x2a/0x420
[  243.711206][ T7621]  ? __fget_files+0x3a6/0x420
[  243.711235][ T7621]  ? __fget_files+0x2a/0x420
[  243.711270][ T7621]  security_file_ioctl+0xc3/0x2a0
[  243.711297][ T7621]  __se_sys_ioctl+0x47/0x170
[  243.711324][ T7621]  do_syscall_64+0x14d/0xf80
[  243.711349][ T7621]  ? trace_irq_disable+0x3b/0x150
[  243.711375][ T7621]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.711397][ T7621]  ? clear_bhb_loop+0x40/0x90
[  243.711420][ T7621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.711439][ T7621] RIP: 0033:0x7f2b985ac819
[  243.711459][ T7621] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  243.711478][ T7621] RSP: 002b:00007f2b96806028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  243.711502][ T7621] RAX: ffffffffffffffda RBX: 00007f2b98825fa0 RCX: 00007f2b985ac819
[  243.711519][ T7621] RDX: 0000200000000300 RSI: 00000000000089f3 RDI: 0000000000000003
[  243.711534][ T7621] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  243.711548][ T7621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.711561][ T7621] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  243.711596][ T7621]  </TASK>
[  243.711728][ T7621] ERROR: Out of memory at tomoyo_realpath_from_path.
[  243.738554][   T31] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  243.962817][   T31] usb 4-1: Using ep0 maxpacket: 16
[  243.999101][   T31] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  243.999134][   T31] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.999155][   T31] usb 4-1: Product: syz
[  243.999171][   T31] usb 4-1: Manufacturer: syz
[  243.999187][   T31] usb 4-1: SerialNumber: syz
[  244.049419][   T31] usb 4-1: config 0 descriptor??
[  244.622559][    T9] usb 5-1: USB disconnect, device number 11
[  244.710891][   T31] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  244.719260][   T31] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  244.722630][   T31] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  244.722689][   T31] usb 4-1: media controller created
[  244.940864][   T31] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  245.020896][ T5814] Bluetooth: hci0: unexpected event for opcode 0x0c7d
[  245.337260][   T31] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  245.337282][   T31] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  245.524724][ T7646] FAULT_INJECTION: forcing a failure.
[  245.524724][ T7646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.524762][ T7646] CPU: 1 UID: 0 PID: 7646 Comm: syz.1.621 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  245.524786][ T7646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  245.524799][ T7646] Call Trace:
[  245.524808][ T7646]  <TASK>
[  245.524817][ T7646]  dump_stack_lvl+0xe8/0x150
[  245.524857][ T7646]  should_fail_ex+0x46b/0x600
[  245.524893][ T7646]  _copy_from_user+0x2d/0xb0
[  245.524917][ T7646]  ___sys_recvmsg+0x175/0x590
[  245.524950][ T7646]  ? __pfx____sys_recvmsg+0x10/0x10
[  245.525006][ T7646]  ? __fget_files+0x3a6/0x420
[  245.525047][ T7646]  __x64_sys_recvmsg+0x1c0/0x2a0
[  245.525077][ T7646]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  245.525116][ T7646]  ? __pfx_ksys_write+0x10/0x10
[  245.525162][ T7646]  do_syscall_64+0x14d/0xf80
[  245.525248][ T7646]  ? trace_irq_disable+0x3b/0x150
[  245.525274][ T7646]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.525298][ T7646]  ? clear_bhb_loop+0x40/0x90
[  245.525326][ T7646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.525348][ T7646] RIP: 0033:0x7f2b985ac819
[  245.525369][ T7646] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  245.525388][ T7646] RSP: 002b:00007f2b96806028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  245.525412][ T7646] RAX: ffffffffffffffda RBX: 00007f2b98825fa0 RCX: 00007f2b985ac819
[  245.525428][ T7646] RDX: 0000000000012100 RSI: 0000200000000080 RDI: 0000000000000003
[  245.525442][ T7646] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  245.525460][ T7646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.525474][ T7646] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  245.525510][ T7646]  </TASK>
[  245.547841][ T7644] netlink: 12 bytes leftover after parsing attributes in process `syz.4.620'.
[  245.547941][ T7644] netlink: 8 bytes leftover after parsing attributes in process `syz.4.620'.
[  246.098752][ T5872] usb 4-1: USB disconnect, device number 22
[  246.229004][ T5872] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  246.744382][ T7673] netlink: 172 bytes leftover after parsing attributes in process `syz.0.631'.
[  246.901461][ T5872] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  247.068674][ T5872] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  247.068706][ T5872] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.068727][ T5872] usb 5-1: Product: syz
[  247.068742][ T5872] usb 5-1: Manufacturer: syz
[  247.068756][ T5872] usb 5-1: SerialNumber: syz
[  247.119669][ T5872] usb 5-1: config 0 descriptor??
[  247.309713][ T7683] FAULT_INJECTION: forcing a failure.
[  247.309713][ T7683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  247.309750][ T7683] CPU: 1 UID: 0 PID: 7683 Comm: syz.2.636 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  247.309776][ T7683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  247.309790][ T7683] Call Trace:
[  247.309802][ T7683]  <TASK>
[  247.309811][ T7683]  dump_stack_lvl+0xe8/0x150
[  247.309850][ T7683]  should_fail_ex+0x46b/0x600
[  247.309886][ T7683]  _copy_to_user+0x31/0xb0
[  247.309912][ T7683]  simple_read_from_buffer+0xe1/0x170
[  247.309944][ T7683]  proc_fail_nth_read+0x1be/0x230
[  247.309976][ T7683]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  247.310009][ T7683]  ? rw_verify_area+0x2ac/0x4e0
[  247.310042][ T7683]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  247.310071][ T7683]  vfs_read+0x212/0xa80
[  247.310114][ T7683]  ? __pfx_vfs_read+0x10/0x10
[  247.310151][ T7683]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  247.310178][ T7683]  ? lockdep_hardirqs_on+0x7a/0x110
[  247.310204][ T7683]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  247.310230][ T7683]  ? mutex_lock_nested+0x152/0x1d0
[  247.310261][ T7683]  ? fdget_pos+0x252/0x320
[  247.310307][ T7683]  ksys_read+0x156/0x270
[  247.310345][ T7683]  ? __pfx_ksys_read+0x10/0x10
[  247.310390][ T7683]  do_syscall_64+0x14d/0xf80
[  247.310415][ T7683]  ? trace_irq_disable+0x3b/0x150
[  247.310441][ T7683]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.310464][ T7683]  ? clear_bhb_loop+0x40/0x90
[  247.310492][ T7683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.310514][ T7683] RIP: 0033:0x7fe6b609d04e
[  247.310534][ T7683] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  247.310553][ T7683] RSP: 002b:00007fe6b432dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  247.310576][ T7683] RAX: ffffffffffffffda RBX: 00007fe6b432e6c0 RCX: 00007fe6b609d04e
[  247.310592][ T7683] RDX: 000000000000000f RSI: 00007fe6b432e0a0 RDI: 0000000000000006
[  247.310605][ T7683] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  247.310619][ T7683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.310631][ T7683] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  247.310666][ T7683]  </TASK>
[  247.548832][ T5872] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  247.952115][ T7703] FAULT_INJECTION: forcing a failure.
[  247.952115][ T7703] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  247.952216][ T7703] CPU: 1 UID: 0 PID: 7703 Comm: syz.2.644 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  247.952242][ T7703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  247.952256][ T7703] Call Trace:
[  247.952265][ T7703]  <TASK>
[  247.952281][ T7703]  dump_stack_lvl+0xe8/0x150
[  247.952324][ T7703]  should_fail_ex+0x46b/0x600
[  247.952360][ T7703]  prepare_alloc_pages+0x22a/0x6b0
[  247.952395][ T7703]  __alloc_frozen_pages_noprof+0x12f/0x380
[  247.952426][ T7703]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  247.952457][ T7703]  ? __pfx_policy_nodemask+0x10/0x10
[  247.952479][ T7703]  ? __lock_acquire+0x6b5/0x2cf0
[  247.952504][ T7703]  ? __lock_acquire+0x6b5/0x2cf0
[  247.952529][ T7703]  alloc_pages_mpol+0xd1/0x380
[  247.952556][ T7703]  vma_alloc_folio_noprof+0xea/0x290
[  247.952585][ T7703]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  247.952620][ T7703]  do_pte_missing+0x7f9/0x29e0
[  247.952661][ T7703]  handle_mm_fault+0xd0a/0x13c0
[  247.952704][ T7703]  ? handle_mm_fault+0xe7/0x13c0
[  247.952740][ T7703]  ? __pfx_handle_mm_fault+0x10/0x10
[  247.952772][ T7703]  ? lock_vma_under_rcu+0x45a/0x500
[  247.952825][ T7703]  do_user_addr_fault+0xa73/0x1340
[  247.952867][ T7703]  ? rcu_is_watching+0x15/0xb0
[  247.952893][ T7703]  ? trace_page_fault_user+0x84/0x210
[  247.952928][ T7703]  exc_page_fault+0x6a/0xc0
[  247.952954][ T7703]  asm_exc_page_fault+0x26/0x30
[  247.952976][ T7703] RIP: 0033:0x7fe6b5f9dfcb
[  247.952997][ T7703] Code: 00 00 00 48 8d 3d bd a6 1a 00 48 89 c1 31 c0 e8 5b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d f1 a6 1a 00 48 89 34 24 48 8b 14 24 48 8b
[  247.953016][ T7703] RSP: 002b:00007fe6b432cfa0 EFLAGS: 00010206
[  247.953037][ T7703] RAX: 0000000000000000 RBX: 00007fe6b6355fa0 RCX: 0000000000000000
[  247.953051][ T7703] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000200000000280
[  247.953064][ T7703] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  247.953078][ T7703] R10: 0000200000000280 R11: 0000000000000000 R12: 0000000000000001
[  247.953091][ T7703] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  247.953126][ T7703]  </TASK>
[  247.955524][ T7703] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  249.798824][ T5872] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  250.333332][ T7738] netlink: 8 bytes leftover after parsing attributes in process `syz.3.658'.
[  250.445536][ T7742] FAULT_INJECTION: forcing a failure.
[  250.445536][ T7742] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.445573][ T7742] CPU: 0 UID: 0 PID: 7742 Comm: syz.1.660 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  250.445598][ T7742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  250.445613][ T7742] Call Trace:
[  250.445622][ T7742]  <TASK>
[  250.445631][ T7742]  dump_stack_lvl+0xe8/0x150
[  250.445669][ T7742]  should_fail_ex+0x46b/0x600
[  250.445706][ T7742]  _copy_from_user+0x2d/0xb0
[  250.445730][ T7742]  io_submit_one+0xd3/0x14c0
[  250.445755][ T7742]  ? irqentry_exit+0x59e/0x620
[  250.445781][ T7742]  ? lockdep_hardirqs_on+0x7a/0x110
[  250.445805][ T7742]  ? irqentry_exit+0x59e/0x620
[  250.445829][ T7742]  ? trace_irq_disable+0x3b/0x150
[  250.445861][ T7742]  ? __pfx_io_submit_one+0x10/0x10
[  250.445899][ T7742]  ? __might_fault+0xaf/0x130
[  250.445925][ T7742]  __se_sys_io_submit+0x195/0x340
[  250.445968][ T7742]  ? __pfx___se_sys_io_submit+0x10/0x10
[  250.446004][ T7742]  ? ksys_write+0x248/0x270
[  250.446056][ T7742]  do_syscall_64+0x14d/0xf80
[  250.446080][ T7742]  ? trace_irq_disable+0x3b/0x150
[  250.446105][ T7742]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.446128][ T7742]  ? clear_bhb_loop+0x40/0x90
[  250.446155][ T7742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.446177][ T7742] RIP: 0033:0x7f2b985ac819
[  250.446199][ T7742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  250.446218][ T7742] RSP: 002b:00007f2b96806028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  250.446243][ T7742] RAX: ffffffffffffffda RBX: 00007f2b98825fa0 RCX: 00007f2b985ac819
[  250.446260][ T7742] RDX: 0000200000001440 RSI: 2000000000000225 RDI: 00007f2b9935f000
[  250.446276][ T7742] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  250.446291][ T7742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.446304][ T7742] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  250.446339][ T7742]  </TASK>
[  250.652391][ T5947] usb 1-1: new full-speed USB device number 13 using dummy_hcd
[  251.797043][ T5914] usb 5-1: USB disconnect, device number 12
[  251.903209][ T5947] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  251.903246][ T5947] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.903286][ T5947] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  251.903309][ T5947] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.908654][ T5947] usb 1-1: config 0 descriptor??
[  252.230281][ T7758] FAULT_INJECTION: forcing a failure.
[  252.230281][ T7758] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  252.230319][ T7758] CPU: 0 UID: 0 PID: 7758 Comm: syz.1.665 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  252.230344][ T7758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  252.230362][ T7758] Call Trace:
[  252.230371][ T7758]  <TASK>
[  252.230381][ T7758]  dump_stack_lvl+0xe8/0x150
[  252.230419][ T7758]  should_fail_ex+0x46b/0x600
[  252.230454][ T7758]  _copy_from_user+0x2d/0xb0
[  252.230477][ T7758]  io_submit_one+0xd3/0x14c0
[  252.230501][ T7758]  ? irqentry_exit+0x59e/0x620
[  252.230525][ T7758]  ? lockdep_hardirqs_on+0x7a/0x110
[  252.230557][ T7758]  ? irqentry_exit+0x59e/0x620
[  252.230580][ T7758]  ? trace_irq_disable+0x3b/0x150
[  252.230612][ T7758]  ? __pfx_io_submit_one+0x10/0x10
[  252.230649][ T7758]  ? __might_fault+0xaf/0x130
[  252.230675][ T7758]  __se_sys_io_submit+0x195/0x340
[  252.230711][ T7758]  ? __pfx___se_sys_io_submit+0x10/0x10
[  252.230740][ T7758]  ? ksys_write+0x248/0x270
[  252.230791][ T7758]  do_syscall_64+0x14d/0xf80
[  252.230815][ T7758]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.230838][ T7758]  ? clear_bhb_loop+0x40/0x90
[  252.230865][ T7758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.230887][ T7758] RIP: 0033:0x7f2b985ac819
[  252.230907][ T7758] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  252.230927][ T7758] RSP: 002b:00007f2b96806028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  252.230951][ T7758] RAX: ffffffffffffffda RBX: 00007f2b98825fa0 RCX: 00007f2b985ac819
[  252.230968][ T7758] RDX: 0000200000001440 RSI: 0000000000000001 RDI: 00007f2b9935f000
[  252.230983][ T7758] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  252.230998][ T7758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.231011][ T7758] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  252.231045][ T7758]  </TASK>
[  252.277099][ T7752] netlink: 52 bytes leftover after parsing attributes in process `syz.4.664'.
[  253.495686][ T7772] FAULT_INJECTION: forcing a failure.
[  253.495686][ T7772] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.495723][ T7772] CPU: 0 UID: 0 PID: 7772 Comm: syz.2.672 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  253.495748][ T7772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  253.495763][ T7772] Call Trace:
[  253.495771][ T7772]  <TASK>
[  253.495785][ T7772]  dump_stack_lvl+0xe8/0x150
[  253.495822][ T7772]  should_fail_ex+0x46b/0x600
[  253.495858][ T7772]  _copy_from_user+0x2d/0xb0
[  253.495880][ T7772]  ___sys_sendmsg+0x1c6/0x360
[  253.495914][ T7772]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.495977][ T7772]  ? __fget_files+0x2a/0x420
[  253.496005][ T7772]  ? __fget_files+0x3a6/0x420
[  253.496045][ T7772]  __x64_sys_sendmsg+0x1c3/0x2a0
[  253.496075][ T7772]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  253.496113][ T7772]  ? __pfx_ksys_write+0x10/0x10
[  253.496159][ T7772]  do_syscall_64+0x14d/0xf80
[  253.496183][ T7772]  ? trace_irq_disable+0x3b/0x150
[  253.496211][ T7772]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.496235][ T7772]  ? clear_bhb_loop+0x40/0x90
[  253.496262][ T7772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.496284][ T7772] RIP: 0033:0x7fe6b60dc819
[  253.496305][ T7772] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  253.496323][ T7772] RSP: 002b:00007fe6b432e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.496348][ T7772] RAX: ffffffffffffffda RBX: 00007fe6b6355fa0 RCX: 00007fe6b60dc819
[  253.496364][ T7772] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[  253.496377][ T7772] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  253.496390][ T7772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.496412][ T7772] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  253.496446][ T7772]  </TASK>
[  253.795895][ T5914] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[  253.991552][ T5914] usb 4-1: too many endpoints for config 0 interface 0 altsetting 2: 254, using maximum allowed: 30
[  253.992039][ T5914] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  253.992069][ T5914] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.992092][ T5914] usb 4-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  253.992345][ T5914] usb 4-1: config 0 interface 0 has no altsetting 0
[  253.992384][ T5914] usb 4-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  253.992408][ T5914] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.110061][ T5914] usb 4-1: config 0 descriptor??
[  254.354353][ T7788] FAULT_INJECTION: forcing a failure.
[  254.354353][ T7788] name failslab, interval 1, probability 0, space 0, times 0
[  254.354644][ T7788] CPU: 0 UID: 0 PID: 7788 Comm: syz.2.678 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  254.354671][ T7788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  254.354685][ T7788] Call Trace:
[  254.354694][ T7788]  <TASK>
[  254.354704][ T7788]  dump_stack_lvl+0xe8/0x150
[  254.354748][ T7788]  should_fail_ex+0x46b/0x600
[  254.354786][ T7788]  should_failslab+0xa8/0x100
[  254.354812][ T7788]  __kmalloc_noprof+0xdf/0x7b0
[  254.354833][ T7788]  ? kfree+0x4d/0x6c0
[  254.354862][ T7788]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  254.354899][ T7788]  tomoyo_realpath_from_path+0xe3/0x5d0
[  254.354941][ T7788]  ? tomoyo_path_number_perm+0x219/0x630
[  254.354964][ T7788]  tomoyo_path_number_perm+0x246/0x630
[  254.354998][ T7788]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  254.355025][ T7788]  ? __lock_acquire+0x6b5/0x2cf0
[  254.355088][ T7788]  ? __fget_files+0x2a/0x420
[  254.355120][ T7788]  ? __fget_files+0x2a/0x420
[  254.355147][ T7788]  ? __fget_files+0x3a6/0x420
[  254.355175][ T7788]  ? __fget_files+0x2a/0x420
[  254.355208][ T7788]  security_file_ioctl+0xc3/0x2a0
[  254.355236][ T7788]  __se_sys_ioctl+0x47/0x170
[  254.355263][ T7788]  do_syscall_64+0x14d/0xf80
[  254.355288][ T7788]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.355310][ T7788]  ? clear_bhb_loop+0x40/0x90
[  254.355336][ T7788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.355357][ T7788] RIP: 0033:0x7fe6b60dc819
[  254.355378][ T7788] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  254.355397][ T7788] RSP: 002b:00007fe6b432e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  254.355420][ T7788] RAX: ffffffffffffffda RBX: 00007fe6b6355fa0 RCX: 00007fe6b60dc819
[  254.355437][ T7788] RDX: 0000000000000000 RSI: 0000000040946400 RDI: 0000000000000004
[  254.355450][ T7788] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  254.355463][ T7788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.355476][ T7788] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  254.355510][ T7788]  </TASK>
[  254.414117][ T7788] ERROR: Out of memory at tomoyo_realpath_from_path.
[  254.676519][ T5947] usbhid 1-1:0.0: can't add hid device: -71
[  254.676643][ T5947] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  254.687762][ T5914] ryos 0003:1E7D:3138.0001: item fetching failed at offset 3/5
[  254.688652][ T5914] ryos 0003:1E7D:3138.0001: parse failed
[  254.688733][ T5914] ryos 0003:1E7D:3138.0001: probe with driver ryos failed with error -22
[  254.772934][ T5947] usb 1-1: USB disconnect, device number 13
[  254.777115][   T37] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  254.823271][  T810] usb 4-1: USB disconnect, device number 23
[  254.932505][ T7794] FAULT_INJECTION: forcing a failure.
[  254.932505][ T7794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.932674][ T7794] CPU: 1 UID: 0 PID: 7794 Comm: syz.4.680 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  254.932701][ T7794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  254.932715][ T7794] Call Trace:
[  254.932724][ T7794]  <TASK>
[  254.932734][ T7794]  dump_stack_lvl+0xe8/0x150
[  254.932774][ T7794]  should_fail_ex+0x46b/0x600
[  254.932811][ T7794]  _copy_to_user+0x31/0xb0
[  254.932835][ T7794]  simple_read_from_buffer+0xe1/0x170
[  254.932870][ T7794]  proc_fail_nth_read+0x1be/0x230
[  254.932900][ T7794]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  254.932933][ T7794]  ? rw_verify_area+0x2ac/0x4e0
[  254.932964][ T7794]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  254.932993][ T7794]  vfs_read+0x212/0xa80
[  254.933034][ T7794]  ? __pfx_vfs_read+0x10/0x10
[  254.933076][ T7794]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  254.933102][ T7794]  ? lockdep_hardirqs_on+0x7a/0x110
[  254.933128][ T7794]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  254.933154][ T7794]  ? mutex_lock_nested+0x152/0x1d0
[  254.933184][ T7794]  ? fdget_pos+0x252/0x320
[  254.933222][ T7794]  ksys_read+0x156/0x270
[  254.933258][ T7794]  ? __pfx_ksys_read+0x10/0x10
[  254.933348][ T7794]  do_syscall_64+0x14d/0xf80
[  254.933373][ T7794]  ? trace_irq_disable+0x3b/0x150
[  254.933399][ T7794]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.933422][ T7794]  ? clear_bhb_loop+0x40/0x90
[  254.933451][ T7794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.933473][ T7794] RIP: 0033:0x7f5baeb2d04e
[  254.933493][ T7794] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  254.933513][ T7794] RSP: 002b:00007f5bacdbdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  254.933537][ T7794] RAX: ffffffffffffffda RBX: 00007f5bacdbe6c0 RCX: 00007f5baeb2d04e
[  254.933553][ T7794] RDX: 000000000000000f RSI: 00007f5bacdbe0a0 RDI: 0000000000000006
[  254.933566][ T7794] RBP: 00007f5bacdbe090 R08: 0000000000000000 R09: 0000000000000000
[  254.933579][ T7794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.933592][ T7794] R13: 00007f5baede6038 R14: 00007f5baede5fa0 R15: 00007ffe095b2b18
[  254.933627][ T7794]  </TASK>
[  255.003218][   T37] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  255.003300][   T37] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.082928][   T37] usb 3-1: config 0 descriptor??
[  255.191973][   T37] cp210x 3-1:0.0: cp210x converter detected
[  255.535938][   T37] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  255.536421][   T37] cp210x 3-1:0.0: failed to get vendor val 0x3711 size 2: -71
[  255.536445][   T37] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  255.548778][   T37] usb 3-1: cp210x converter now attached to ttyUSB0
[  255.616683][   T37] usb 3-1: USB disconnect, device number 4
[  255.683722][   T37] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  255.700915][   T37] cp210x 3-1:0.0: device disconnected
[  256.375350][ T7827] IPVS: set_ctl: invalid protocol: 51 172.20.20.31:20002
[  256.583918][ T7838] FAULT_INJECTION: forcing a failure.
[  256.583918][ T7838] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.583955][ T7838] CPU: 0 UID: 0 PID: 7838 Comm: syz.2.700 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  256.583980][ T7838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  256.583995][ T7838] Call Trace:
[  256.584003][ T7838]  <TASK>
[  256.584012][ T7838]  dump_stack_lvl+0xe8/0x150
[  256.584051][ T7838]  should_fail_ex+0x46b/0x600
[  256.584088][ T7838]  _copy_from_user+0x2d/0xb0
[  256.584112][ T7838]  ___sys_sendmsg+0x1c6/0x360
[  256.584146][ T7838]  ? __pfx____sys_sendmsg+0x10/0x10
[  256.584179][ T7838]  ? kstrtouint+0x6e/0xe0
[  256.584235][ T7838]  ? __fget_files+0x2a/0x420
[  256.584265][ T7838]  ? __fget_files+0x3a6/0x420
[  256.584305][ T7838]  __sys_sendmmsg+0x282/0x4e0
[  256.584338][ T7838]  ? __pfx___sys_sendmmsg+0x10/0x10
[  256.584381][ T7838]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  256.584429][ T7838]  ? ksys_write+0x248/0x270
[  256.584465][ T7838]  ? __pfx_ksys_write+0x10/0x10
[  256.584506][ T7838]  __x64_sys_sendmmsg+0xa0/0xc0
[  256.584534][ T7838]  do_syscall_64+0x14d/0xf80
[  256.584559][ T7838]  ? trace_irq_disable+0x3b/0x150
[  256.584586][ T7838]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.584609][ T7838]  ? clear_bhb_loop+0x40/0x90
[  256.584636][ T7838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.584659][ T7838] RIP: 0033:0x7fe6b60dc819
[  256.584679][ T7838] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  256.584698][ T7838] RSP: 002b:00007fe6b432e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  256.584721][ T7838] RAX: ffffffffffffffda RBX: 00007fe6b6355fa0 RCX: 00007fe6b60dc819
[  256.584737][ T7838] RDX: 0307017fdb7a66cb RSI: 0000200000002dc0 RDI: 0000000000000004
[  256.584752][ T7838] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  256.584766][ T7838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.584779][ T7838] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  256.584814][ T7838]  </TASK>
[  256.775606][   T37] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  256.889451][ T7842] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  256.907644][ T7842] batman_adv: batadv0: Adding interface: macsec1
[  256.907663][ T7842] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  256.907701][ T7842] batman_adv: batadv0: Interface activated: macsec1
[  256.967186][   T37] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  256.967220][   T37] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.967242][   T37] usb 1-1: Product: syz
[  256.967256][   T37] usb 1-1: Manufacturer: syz
[  256.967272][   T37] usb 1-1: SerialNumber: syz
[  257.010791][   T37] usb 1-1: config 0 descriptor??
[  257.137701][ T7848] FAULT_INJECTION: forcing a failure.
[  257.137701][ T7848] name failslab, interval 1, probability 0, space 0, times 0
[  257.137738][ T7848] CPU: 0 UID: 0 PID: 7848 Comm: syz.3.704 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  257.137762][ T7848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  257.137776][ T7848] Call Trace:
[  257.137785][ T7848]  <TASK>
[  257.137794][ T7848]  dump_stack_lvl+0xe8/0x150
[  257.137834][ T7848]  should_fail_ex+0x46b/0x600
[  257.137871][ T7848]  should_failslab+0xa8/0x100
[  257.137897][ T7848]  __kvmalloc_node_noprof+0x170/0x8e0
[  257.137923][ T7848]  ? listxattr+0x51/0x2a0
[  257.137951][ T7848]  listxattr+0x51/0x2a0
[  257.137976][ T7848]  __x64_sys_flistxattr+0x135/0x1b0
[  257.138014][ T7848]  do_syscall_64+0x14d/0xf80
[  257.138039][ T7848]  ? trace_irq_disable+0x3b/0x150
[  257.138081][ T7848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.138104][ T7848]  ? clear_bhb_loop+0x40/0x90
[  257.138132][ T7848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.138154][ T7848] RIP: 0033:0x7fcd2b16c819
[  257.138174][ T7848] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  257.138193][ T7848] RSP: 002b:00007fcd293be028 EFLAGS: 00000246 ORIG_RAX: 00000000000000c4
[  257.138218][ T7848] RAX: ffffffffffffffda RBX: 00007fcd2b3e5fa0 RCX: 00007fcd2b16c819
[  257.138234][ T7848] RDX: 00000000000000f5 RSI: 00002000000001c0 RDI: 0000000000000003
[  257.138248][ T7848] RBP: 00007fcd293be090 R08: 0000000000000000 R09: 0000000000000000
[  257.138262][ T7848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.138274][ T7848] R13: 00007fcd2b3e6038 R14: 00007fcd2b3e5fa0 R15: 00007ffc2959b478
[  257.138308][ T7848]  </TASK>
[  257.359677][   T37] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  259.716141][   T37] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  259.800365][ T7897] FAULT_INJECTION: forcing a failure.
[  259.800365][ T7897] name failslab, interval 1, probability 0, space 0, times 0
[  259.800402][ T7897] CPU: 1 UID: 0 PID: 7897 Comm: syz.2.723 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  259.800427][ T7897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  259.800442][ T7897] Call Trace:
[  259.800451][ T7897]  <TASK>
[  259.800461][ T7897]  dump_stack_lvl+0xe8/0x150
[  259.800500][ T7897]  should_fail_ex+0x46b/0x600
[  259.800538][ T7897]  should_failslab+0xa8/0x100
[  259.800564][ T7897]  __kmalloc_noprof+0xdf/0x7b0
[  259.800584][ T7897]  ? kfree+0x4d/0x6c0
[  259.800613][ T7897]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  259.800648][ T7897]  tomoyo_realpath_from_path+0xe3/0x5d0
[  259.800688][ T7897]  ? tomoyo_path_number_perm+0x219/0x630
[  259.800712][ T7897]  tomoyo_path_number_perm+0x246/0x630
[  259.800740][ T7897]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  259.800767][ T7897]  ? __lock_acquire+0x6b5/0x2cf0
[  259.800834][ T7897]  ? __fget_files+0x2a/0x420
[  259.800866][ T7897]  ? __fget_files+0x2a/0x420
[  259.800893][ T7897]  ? __fget_files+0x3a6/0x420
[  259.800921][ T7897]  ? __fget_files+0x2a/0x420
[  259.800957][ T7897]  security_file_ioctl+0xc3/0x2a0
[  259.800984][ T7897]  __se_sys_ioctl+0x47/0x170
[  259.801009][ T7897]  do_syscall_64+0x14d/0xf80
[  259.801034][ T7897]  ? trace_irq_disable+0x3b/0x150
[  259.801060][ T7897]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.801082][ T7897]  ? clear_bhb_loop+0x40/0x90
[  259.801109][ T7897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.801132][ T7897] RIP: 0033:0x7fe6b60dc819
[  259.801152][ T7897] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  259.801171][ T7897] RSP: 002b:00007fe6b432e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.801195][ T7897] RAX: ffffffffffffffda RBX: 00007fe6b6355fa0 RCX: 00007fe6b60dc819
[  259.801211][ T7897] RDX: 0000200000000140 RSI: 00000000c05c6104 RDI: 0000000000000003
[  259.801226][ T7897] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  259.801241][ T7897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.801254][ T7897] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  259.801290][ T7897]  </TASK>
[  259.805624][ T7897] ERROR: Out of memory at tomoyo_realpath_from_path.
[  260.298803][ T7908] FAULT_INJECTION: forcing a failure.
[  260.298803][ T7908] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.299161][ T7908] CPU: 0 UID: 0 PID: 7908 Comm: syz.3.726 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  260.299188][ T7908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  260.299202][ T7908] Call Trace:
[  260.299211][ T7908]  <TASK>
[  260.299220][ T7908]  dump_stack_lvl+0xe8/0x150
[  260.299259][ T7908]  should_fail_ex+0x46b/0x600
[  260.299296][ T7908]  copy_fpstate_to_sigframe+0xada/0xd90
[  260.299341][ T7908]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  260.299379][ T7908]  ? do_raw_spin_lock+0x12b/0x2f0
[  260.299429][ T7908]  ? fpu__alloc_mathframe+0xac/0x130
[  260.299463][ T7908]  get_sigframe+0x5f7/0x820
[  260.299501][ T7908]  ? __pfx_get_sigframe+0x10/0x10
[  260.299529][ T7908]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  260.299571][ T7908]  ? reacquire_held_locks+0x104/0x190
[  260.299597][ T7908]  ? rt_spin_lock+0x1e0/0x400
[  260.299637][ T7908]  x64_setup_rt_frame+0x161/0xcb0
[  260.299664][ T7908]  ? rt_spin_unlock+0x14f/0x200
[  260.299701][ T7908]  ? rt_spin_unlock+0x160/0x200
[  260.299743][ T7908]  ? get_signal+0x1120/0x1310
[  260.299782][ T7908]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  260.299820][ T7908]  arch_do_signal_or_restart+0x429/0x830
[  260.299853][ T7908]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  260.299890][ T7908]  ? ksys_read+0x248/0x270
[  260.299934][ T7908]  exit_to_user_mode_loop+0x86/0x480
[  260.299966][ T7908]  ? rcu_is_watching+0x15/0xb0
[  260.300004][ T7908]  do_syscall_64+0x32d/0xf80
[  260.300027][ T7908]  ? trace_irq_disable+0x3b/0x150
[  260.300052][ T7908]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.300075][ T7908]  ? clear_bhb_loop+0x40/0x90
[  260.300104][ T7908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.300126][ T7908] RIP: 0033:0x7fcd2b16c817
[  260.300147][ T7908] Code: 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89
[  260.300166][ T7908] RSP: 002b:00007fcd293be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  260.300190][ T7908] RAX: 0000000000000000 RBX: 00007fcd2b3e5fa0 RCX: 00007fcd2b16c819
[  260.300206][ T7908] RDX: 000000000000002c RSI: 0000200000000280 RDI: 0000000000000005
[  260.300220][ T7908] RBP: 00007fcd293be090 R08: 0000000000000000 R09: 0000000000000000
[  260.300235][ T7908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.300248][ T7908] R13: 00007fcd2b3e6038 R14: 00007fcd2b3e5fa0 R15: 00007ffc2959b478
[  260.300284][ T7908]  </TASK>
[  260.478968][ T7909] capability: warning: `syz.2.727' uses deprecated v2 capabilities in a way that may be insecure
[  260.811744][ T7916] netlink: 8 bytes leftover after parsing attributes in process `syz.3.729'.
[  260.977295][ T5947] usb 1-1: USB disconnect, device number 14
[  261.654785][ T7925] FAULT_INJECTION: forcing a failure.
[  261.654785][ T7925] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.654814][ T7925] CPU: 0 UID: 0 PID: 7925 Comm: syz.0.733 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  261.654832][ T7925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  261.654843][ T7925] Call Trace:
[  261.654849][ T7925]  <TASK>
[  261.654855][ T7925]  dump_stack_lvl+0xe8/0x150
[  261.654884][ T7925]  should_fail_ex+0x46b/0x600
[  261.654910][ T7925]  _copy_from_user+0x2d/0xb0
[  261.654926][ T7925]  ___sys_recvmsg+0x175/0x590
[  261.654950][ T7925]  ? __pfx____sys_recvmsg+0x10/0x10
[  261.654987][ T7925]  ? __fget_files+0x3a6/0x420
[  261.655015][ T7925]  __x64_sys_recvmsg+0x1c0/0x2a0
[  261.655033][ T7925]  ? irqentry_exit+0x59e/0x620
[  261.655053][ T7925]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  261.655089][ T7925]  do_syscall_64+0x14d/0xf80
[  261.655107][ T7925]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.655122][ T7925]  ? clear_bhb_loop+0x40/0x90
[  261.655142][ T7925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.655157][ T7925] RIP: 0033:0x7f111fd6c819
[  261.655171][ T7925] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  261.655185][ T7925] RSP: 002b:00007f111dfbe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  261.655202][ T7925] RAX: ffffffffffffffda RBX: 00007f111ffe5fa0 RCX: 00007f111fd6c819
[  261.655213][ T7925] RDX: 000000000000001c RSI: 0000200000000540 RDI: 0000000000000004
[  261.655224][ T7925] RBP: 00007f111dfbe090 R08: 0000000000000000 R09: 0000000000000000
[  261.655233][ T7925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.655243][ T7925] R13: 00007f111ffe6038 R14: 00007f111ffe5fa0 R15: 00007ffe4823c388
[  261.655267][ T7925]  </TASK>
[  263.674505][ T7965] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  265.141135][ T7988] FAULT_INJECTION: forcing a failure.
[  265.141135][ T7988] name failslab, interval 1, probability 0, space 0, times 0
[  265.141173][ T7988] CPU: 0 UID: 0 PID: 7988 Comm: syz.0.754 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  265.141229][ T7988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  265.141243][ T7988] Call Trace:
[  265.141252][ T7988]  <TASK>
[  265.141261][ T7988]  dump_stack_lvl+0xe8/0x150
[  265.141300][ T7988]  should_fail_ex+0x46b/0x600
[  265.141335][ T7988]  should_failslab+0xa8/0x100
[  265.141361][ T7988]  kmem_cache_alloc_noprof+0x87/0x680
[  265.141395][ T7988]  ? do_getname+0x2e/0x250
[  265.141417][ T7988]  ? lock_vma_under_rcu+0x45a/0x500
[  265.141445][ T7988]  do_getname+0x2e/0x250
[  265.141468][ T7988]  ? getname_flags+0x11/0x20
[  265.141495][ T7988]  do_sys_openat2+0xca/0x200
[  265.141527][ T7988]  ? __pfx_do_sys_openat2+0x10/0x10
[  265.141556][ T7988]  ? exc_page_fault+0x6a/0xc0
[  265.141589][ T7988]  ? do_user_addr_fault+0xc6f/0x1340
[  265.141625][ T7988]  __x64_sys_openat+0x138/0x170
[  265.141660][ T7988]  do_syscall_64+0x14d/0xf80
[  265.141683][ T7988]  ? trace_irq_disable+0x3b/0x150
[  265.141708][ T7988]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.141731][ T7988]  ? clear_bhb_loop+0x40/0x90
[  265.141759][ T7988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.141781][ T7988] RIP: 0033:0x7f111fd2d04e
[  265.141800][ T7988] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  265.141820][ T7988] RSP: 002b:00007f111dfbdb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  265.141843][ T7988] RAX: ffffffffffffffda RBX: 00007f111dfbe6c0 RCX: 00007f111fd2d04e
[  265.141858][ T7988] RDX: 0000000000101301 RSI: 00007f111dfbdc00 RDI: ffffffffffffff9c
[  265.141872][ T7988] RBP: 00007f111dfbdc00 R08: 0000000000000000 R09: 0000000000000000
[  265.141885][ T7988] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  265.141899][ T7988] R13: 00007f111ffe6038 R14: 00007f111ffe5fa0 R15: 00007ffe4823c388
[  265.141932][ T7988]  </TASK>
[  265.283210][ T7991] netlink: 'syz.4.755': attribute type 1 has an invalid length.
[  265.891643][ T7965] wlan1: No basic rates, using min rate instead
[  265.944467][ T7965] wlan1: authenticate with 50:50:50:50:50:50 (local address=08:02:11:00:00:01)
[  265.944521][ T7965] wlan1: send auth to 50:50:50:50:50:50 (try 1/3)
[  265.999023][ T4751] wlan1: send auth to 50:50:50:50:50:50 (try 2/3)
[  266.023710][ T4751] wlan1: send auth to 50:50:50:50:50:50 (try 3/3)
[  266.023951][ T4751] wlan1: authentication with 50:50:50:50:50:50 timed out
[  266.068778][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[  266.068851][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[  266.343520][ T7998] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  268.518253][ T8043] netlink: 'syz.3.769': attribute type 1 has an invalid length.
[  269.211258][   T31] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  269.425395][ T8049] FAULT_INJECTION: forcing a failure.
[  269.425395][ T8049] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.425433][ T8049] CPU: 1 UID: 0 PID: 8049 Comm: syz.3.774 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  269.425458][ T8049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  269.425472][ T8049] Call Trace:
[  269.425480][ T8049]  <TASK>
[  269.425489][ T8049]  dump_stack_lvl+0xe8/0x150
[  269.425530][ T8049]  should_fail_ex+0x46b/0x600
[  269.425567][ T8049]  _copy_to_user+0x31/0xb0
[  269.425592][ T8049]  simple_read_from_buffer+0xe1/0x170
[  269.425628][ T8049]  proc_fail_nth_read+0x1be/0x230
[  269.425659][ T8049]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  269.425693][ T8049]  ? rw_verify_area+0x2ac/0x4e0
[  269.425726][ T8049]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  269.425757][ T8049]  vfs_read+0x212/0xa80
[  269.425800][ T8049]  ? __pfx_vfs_read+0x10/0x10
[  269.425838][ T8049]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  269.425865][ T8049]  ? lockdep_hardirqs_on+0x7a/0x110
[  269.425890][ T8049]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  269.425916][ T8049]  ? mutex_lock_nested+0x152/0x1d0
[  269.425947][ T8049]  ? fdget_pos+0x252/0x320
[  269.425986][ T8049]  ksys_read+0x156/0x270
[  269.426024][ T8049]  ? __pfx_ksys_read+0x10/0x10
[  269.426063][ T8049]  ? arch_syscall_is_vdso_sigreturn+0x11f/0x1a0
[  269.426103][ T8049]  do_syscall_64+0x14d/0xf80
[  269.426128][ T8049]  ? trace_irq_disable+0x3b/0x150
[  269.426155][ T8049]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.426178][ T8049]  ? clear_bhb_loop+0x40/0x90
[  269.426207][ T8049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.426230][ T8049] RIP: 0033:0x7fcd2b12d04e
[  269.426251][ T8049] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  269.426270][ T8049] RSP: 002b:00007fcd293bdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  269.426294][ T8049] RAX: ffffffffffffffda RBX: 00007fcd293be6c0 RCX: 00007fcd2b12d04e
[  269.426310][ T8049] RDX: 000000000000000f RSI: 00007fcd293be0a0 RDI: 0000000000000003
[  269.426323][ T8049] RBP: 00007fcd293be090 R08: 0000000000000000 R09: 0000000000000000
[  269.426336][ T8049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.426349][ T8049] R13: 00007fcd2b3e6038 R14: 00007fcd2b3e5fa0 R15: 00007ffc2959b478
[  269.426385][ T8049]  </TASK>
[  269.658166][   T31] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  269.658204][   T31] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  269.658229][   T31] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  269.658277][   T31] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  269.658302][   T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.774103][   T31] usb 3-1: config 0 descriptor??
[  270.018271][ T8056] netlink: 4376 bytes leftover after parsing attributes in process `syz.3.776'.
[  270.018315][ T8056] netlink: 4376 bytes leftover after parsing attributes in process `syz.3.776'.
[  270.071952][   T31] usbhid 3-1:0.0: can't add hid device: -71
[  270.073811][   T31] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  270.077994][   T31] usb 3-1: USB disconnect, device number 5
[  270.752719][  T810] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  270.793601][ T8082] FAULT_INJECTION: forcing a failure.
[  270.793601][ T8082] name failslab, interval 1, probability 0, space 0, times 0
[  270.793645][ T8082] CPU: 0 UID: 0 PID: 8082 Comm: syz.2.787 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  270.793670][ T8082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  270.793684][ T8082] Call Trace:
[  270.793693][ T8082]  <TASK>
[  270.793703][ T8082]  dump_stack_lvl+0xe8/0x150
[  270.793741][ T8082]  should_fail_ex+0x46b/0x600
[  270.793778][ T8082]  should_failslab+0xa8/0x100
[  270.793803][ T8082]  __kmalloc_noprof+0xdf/0x7b0
[  270.793823][ T8082]  ? kfree+0x4d/0x6c0
[  270.793851][ T8082]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  270.793887][ T8082]  tomoyo_realpath_from_path+0xe3/0x5d0
[  270.793927][ T8082]  ? tomoyo_path_number_perm+0x219/0x630
[  270.793950][ T8082]  tomoyo_path_number_perm+0x246/0x630
[  270.793977][ T8082]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  270.794003][ T8082]  ? __lock_acquire+0x6b5/0x2cf0
[  270.794062][ T8082]  ? __fget_files+0x2a/0x420
[  270.794095][ T8082]  ? __fget_files+0x2a/0x420
[  270.794122][ T8082]  ? __fget_files+0x3a6/0x420
[  270.794150][ T8082]  ? __fget_files+0x2a/0x420
[  270.794184][ T8082]  security_file_ioctl+0xc3/0x2a0
[  270.794210][ T8082]  __se_sys_ioctl+0x47/0x170
[  270.794235][ T8082]  do_syscall_64+0x14d/0xf80
[  270.794259][ T8082]  ? trace_irq_disable+0x3b/0x150
[  270.794285][ T8082]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.794308][ T8082]  ? clear_bhb_loop+0x40/0x90
[  270.794335][ T8082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.794357][ T8082] RIP: 0033:0x7fe6b60dc819
[  270.794377][ T8082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  270.794396][ T8082] RSP: 002b:00007fe6b432e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  270.794420][ T8082] RAX: ffffffffffffffda RBX: 00007fe6b6355fa0 RCX: 00007fe6b60dc819
[  270.794436][ T8082] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  270.794450][ T8082] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  270.794464][ T8082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.794477][ T8082] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  270.794513][ T8082]  </TASK>
[  270.794522][ T8082] ERROR: Out of memory at tomoyo_realpath_from_path.
[  270.970493][  T810] usb 1-1: Using ep0 maxpacket: 8
[  271.011836][  T810] usb 1-1: config 8 has an invalid interface number: 161 but max is 1
[  271.011927][  T810] usb 1-1: config 8 has an invalid descriptor of length 29, skipping remainder of the config
[  271.011990][  T810] usb 1-1: config 8 has 1 interface, different from the descriptor's value: 2
[  271.012047][  T810] usb 1-1: config 8 has no interface number 0
[  271.012176][  T810] usb 1-1: config 8 interface 161 altsetting 32 endpoint 0xD has invalid maxpacket 20521, setting to 1024
[  271.012253][  T810] usb 1-1: config 8 interface 161 altsetting 32 bulk endpoint 0xD has invalid maxpacket 1024
[  271.012319][  T810] usb 1-1: config 8 interface 161 altsetting 32 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  271.012388][  T810] usb 1-1: config 8 interface 161 has no altsetting 0
[  271.125020][  T810] usb 1-1: New USB device found, idVendor=1410, idProduct=9010, bcdDevice= 0.b3
[  271.125054][  T810] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.125076][  T810] usb 1-1: Product: syz
[  271.125091][  T810] usb 1-1: Manufacturer: syz
[  271.125106][  T810] usb 1-1: SerialNumber: syz
[  271.173588][ T8071] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  271.447762][  T810] usb 1-1: USB disconnect, device number 15
[  271.672185][ T8104] FAULT_INJECTION: forcing a failure.
[  271.672185][ T8104] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.672223][ T8104] CPU: 1 UID: 0 PID: 8104 Comm: syz.1.796 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  271.672249][ T8104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  271.672263][ T8104] Call Trace:
[  271.672272][ T8104]  <TASK>
[  271.672281][ T8104]  dump_stack_lvl+0xe8/0x150
[  271.672319][ T8104]  should_fail_ex+0x46b/0x600
[  271.672355][ T8104]  _copy_from_user+0x2d/0xb0
[  271.672378][ T8104]  ___sys_sendmsg+0x1c6/0x360
[  271.672411][ T8104]  ? __pfx____sys_sendmsg+0x10/0x10
[  271.672474][ T8104]  ? __fget_files+0x2a/0x420
[  271.672502][ T8104]  ? __fget_files+0x3a6/0x420
[  271.672542][ T8104]  __x64_sys_sendmsg+0x1c3/0x2a0
[  271.672570][ T8104]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  271.672609][ T8104]  ? __pfx_ksys_write+0x10/0x10
[  271.672655][ T8104]  do_syscall_64+0x14d/0xf80
[  271.672679][ T8104]  ? trace_irq_disable+0x3b/0x150
[  271.672705][ T8104]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.672728][ T8104]  ? clear_bhb_loop+0x40/0x90
[  271.672755][ T8104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.672778][ T8104] RIP: 0033:0x7f2b985ac819
[  271.672798][ T8104] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  271.672818][ T8104] RSP: 002b:00007f2b96806028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  271.672849][ T8104] RAX: ffffffffffffffda RBX: 00007f2b98825fa0 RCX: 00007f2b985ac819
[  271.672866][ T8104] RDX: 0000000000004000 RSI: 0000200000000100 RDI: 0000000000000003
[  271.672881][ T8104] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  271.672895][ T8104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.672909][ T8104] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  271.672944][ T8104]  </TASK>
[  272.081949][ T8113] FAULT_INJECTION: forcing a failure.
[  272.081949][ T8113] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.081987][ T8113] CPU: 0 UID: 0 PID: 8113 Comm: syz.1.801 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  272.082011][ T8113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  272.082026][ T8113] Call Trace:
[  272.082034][ T8113]  <TASK>
[  272.082044][ T8113]  dump_stack_lvl+0xe8/0x150
[  272.082081][ T8113]  should_fail_ex+0x46b/0x600
[  272.082118][ T8113]  _copy_from_user+0x2d/0xb0
[  272.082141][ T8113]  rds_setsockopt+0x610/0xd90
[  272.082169][ T8113]  ? __pfx_rds_setsockopt+0x10/0x10
[  272.082192][ T8113]  ? kmem_cache_free+0x185/0x6b0
[  272.082214][ T8113]  ? do_sys_openat2+0x14c/0x200
[  272.082258][ T8113]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  272.082293][ T8113]  ? __pfx_rds_setsockopt+0x10/0x10
[  272.082317][ T8113]  do_sock_setsockopt+0x17c/0x1b0
[  272.082347][ T8113]  __x64_sys_setsockopt+0x143/0x1b0
[  272.082376][ T8113]  do_syscall_64+0x14d/0xf80
[  272.082400][ T8113]  ? trace_irq_disable+0x3b/0x150
[  272.082426][ T8113]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.082448][ T8113]  ? clear_bhb_loop+0x40/0x90
[  272.082474][ T8113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.082500][ T8113] RIP: 0033:0x7f2b985ac819
[  272.082522][ T8113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  272.082541][ T8113] RSP: 002b:00007f2b96806028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  272.082564][ T8113] RAX: ffffffffffffffda RBX: 00007f2b98825fa0 RCX: 00007f2b985ac819
[  272.082581][ T8113] RDX: 000000000000000a RSI: 0000000000000114 RDI: 0000000000000003
[  272.082594][ T8113] RBP: 00007f2b96806090 R08: 0000000000000004 R09: 0000000000000000
[  272.082608][ T8113] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.082622][ T8113] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  272.082656][ T8113]  </TASK>
[  272.407446][ T8121] netlink: 8 bytes leftover after parsing attributes in process `syz.4.804'.
[  272.466975][ T8123] FAULT_INJECTION: forcing a failure.
[  272.466975][ T8123] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.467013][ T8123] CPU: 0 UID: 0 PID: 8123 Comm: syz.1.805 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  272.467038][ T8123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  272.467052][ T8123] Call Trace:
[  272.467061][ T8123]  <TASK>
[  272.467070][ T8123]  dump_stack_lvl+0xe8/0x150
[  272.467109][ T8123]  should_fail_ex+0x46b/0x600
[  272.467146][ T8123]  _copy_to_user+0x31/0xb0
[  272.467170][ T8123]  simple_read_from_buffer+0xe1/0x170
[  272.467205][ T8123]  proc_fail_nth_read+0x1be/0x230
[  272.467237][ T8123]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.467268][ T8123]  ? rw_verify_area+0x2ac/0x4e0
[  272.467301][ T8123]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.467337][ T8123]  vfs_read+0x212/0xa80
[  272.467379][ T8123]  ? __pfx_vfs_read+0x10/0x10
[  272.467415][ T8123]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  272.467447][ T8123]  ? lockdep_hardirqs_on+0x7a/0x110
[  272.467477][ T8123]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  272.467503][ T8123]  ? mutex_lock_nested+0x152/0x1d0
[  272.467533][ T8123]  ? fdget_pos+0x252/0x320
[  272.467571][ T8123]  ksys_read+0x156/0x270
[  272.467605][ T8123]  ? __pfx_ksys_read+0x10/0x10
[  272.467651][ T8123]  do_syscall_64+0x14d/0xf80
[  272.467674][ T8123]  ? trace_irq_disable+0x3b/0x150
[  272.467701][ T8123]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.467724][ T8123]  ? clear_bhb_loop+0x40/0x90
[  272.467751][ T8123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.467773][ T8123] RIP: 0033:0x7f2b9856d04e
[  272.467793][ T8123] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  272.467812][ T8123] RSP: 002b:00007f2b96805fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  272.467835][ T8123] RAX: ffffffffffffffda RBX: 00007f2b968066c0 RCX: 00007f2b9856d04e
[  272.467851][ T8123] RDX: 000000000000000f RSI: 00007f2b968060a0 RDI: 0000000000000004
[  272.467864][ T8123] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  272.467877][ T8123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.467890][ T8123] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  272.467925][ T8123]  </TASK>
[  272.657827][ T5947] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  272.889824][ T5947] usb 1-1: Using ep0 maxpacket: 16
[  273.882352][ T5947] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  273.882395][ T5947] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  273.979755][ T5947] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  273.979789][ T5947] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.979811][ T5947] usb 1-1: Product: syz
[  273.979826][ T5947] usb 1-1: Manufacturer: syz
[  273.979840][ T5947] usb 1-1: SerialNumber: syz
[  274.017262][ T5947] usb 1-1: config 0 descriptor??
[  274.066993][ T5947] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  274.067035][ T5947] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[  274.610266][ T8142] netlink: 'syz.3.810': attribute type 1 has an invalid length.
[  275.880034][ T5947] em28xx 1-1:0.0: chip ID is em2874
[  276.076309][   T37] usb 1-1: USB disconnect, device number 16
[  276.078765][   T37] em28xx 1-1:0.0: Disconnecting em28xx
[  276.162109][   T37] em28xx 1-1:0.0: Freeing device
[  276.186142][ T8158] FAULT_INJECTION: forcing a failure.
[  276.186142][ T8158] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.186178][ T8158] CPU: 0 UID: 0 PID: 8158 Comm: syz.2.820 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  276.186203][ T8158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  276.186218][ T8158] Call Trace:
[  276.186226][ T8158]  <TASK>
[  276.186236][ T8158]  dump_stack_lvl+0xe8/0x150
[  276.186275][ T8158]  should_fail_ex+0x46b/0x600
[  276.186311][ T8158]  _copy_from_user+0x2d/0xb0
[  276.186335][ T8158]  ___sys_sendmsg+0x1c6/0x360
[  276.186367][ T8158]  ? __pfx____sys_sendmsg+0x10/0x10
[  276.186430][ T8158]  ? __fget_files+0x2a/0x420
[  276.186458][ T8158]  ? __fget_files+0x3a6/0x420
[  276.186497][ T8158]  __x64_sys_sendmsg+0x1c3/0x2a0
[  276.186527][ T8158]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  276.186564][ T8158]  ? __pfx_ksys_write+0x10/0x10
[  276.186610][ T8158]  do_syscall_64+0x14d/0xf80
[  276.186635][ T8158]  ? trace_irq_disable+0x3b/0x150
[  276.186662][ T8158]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.186684][ T8158]  ? clear_bhb_loop+0x40/0x90
[  276.186713][ T8158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.186736][ T8158] RIP: 0033:0x7fe6b60dc819
[  276.186756][ T8158] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  276.186775][ T8158] RSP: 002b:00007fe6b432e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  276.186798][ T8158] RAX: ffffffffffffffda RBX: 00007fe6b6355fa0 RCX: 00007fe6b60dc819
[  276.186814][ T8158] RDX: 0000000000008001 RSI: 00002000000001c0 RDI: 0000000000000005
[  276.186828][ T8158] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  276.186842][ T8158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.186855][ T8158] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  276.186891][ T8158]  </TASK>
[  276.673602][   T38] kauditd_printk_skb: 132 callbacks suppressed
[  276.673623][   T38] audit: type=1326 audit(2000000005.792:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8166 comm="syz.4.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5baeb6c819 code=0x7ffc0000
[  276.675609][   T38] audit: type=1326 audit(2000000005.792:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8166 comm="syz.4.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5baeb6c819 code=0x7ffc0000
[  276.676049][   T38] audit: type=1326 audit(2000000005.792:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8166 comm="syz.4.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5baeb6c819 code=0x7ffc0000
[  276.676110][   T38] audit: type=1326 audit(2000000005.792:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8166 comm="syz.4.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f5baeb6c819 code=0x7ffc0000
[  276.676628][   T38] audit: type=1326 audit(2000000005.792:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8166 comm="syz.4.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5baeb6c819 code=0x7ffc0000
[  276.677125][   T38] audit: type=1326 audit(2000000005.792:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8166 comm="syz.4.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5baeb6c819 code=0x7ffc0000
[  276.677176][   T38] audit: type=1326 audit(2000000005.792:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8166 comm="syz.4.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5baeb6c819 code=0x7ffc0000
[  276.679229][   T38] audit: type=1326 audit(2000000005.792:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8166 comm="syz.4.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f5baeb6c819 code=0x7ffc0000
[  276.784816][   T37] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[  276.912599][   T38] audit: type=1326 audit(2000000005.792:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8166 comm="syz.4.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5baeb6c819 code=0x7ffc0000
[  276.965427][   T37] usb 1-1: config 0 has an invalid interface number: 214 but max is 0
[  276.965456][   T37] usb 1-1: config 0 has no interface number 0
[  276.965503][   T37] usb 1-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  276.966535][   T38] audit: type=1326 audit(2000000006.064:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8166 comm="syz.4.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5baeb6c819 code=0x7ffc0000
[  276.967473][   T37] usb 1-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  276.967502][   T37] usb 1-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3
[  276.967522][   T37] usb 1-1: Manufacturer: syz
[  276.967536][   T37] usb 1-1: SerialNumber: syz
[  277.031381][ T8176] comedi comedi4: comedi_config --init_data is deprecated
[  277.055736][   T37] usb 1-1: config 0 descriptor??
[  277.185338][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  277.346803][    T9] usb 3-1: Using ep0 maxpacket: 8
[  277.351168][    T9] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  277.351199][    T9] usb 3-1: config 0 has no interface number 0
[  277.351243][    T9] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  277.351277][    T9] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  277.351305][    T9] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  277.351333][    T9] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  277.351356][    T9] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  277.351402][    T9] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  277.351426][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.406014][    T9] usb 3-1: config 0 descriptor??
[  277.526371][    T9] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  277.623833][ T5914] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  277.633259][ T8175] FAULT_INJECTION: forcing a failure.
[  277.633259][ T8175] name failslab, interval 1, probability 0, space 0, times 0
[  277.633295][ T8175] CPU: 0 UID: 0 PID: 8175 Comm: syz.2.827 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  277.633320][ T8175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  277.633335][ T8175] Call Trace:
[  277.633344][ T8175]  <TASK>
[  277.633353][ T8175]  dump_stack_lvl+0xe8/0x150
[  277.633394][ T8175]  should_fail_ex+0x46b/0x600
[  277.633432][ T8175]  should_failslab+0xa8/0x100
[  277.633458][ T8175]  kmem_cache_alloc_noprof+0x87/0x680
[  277.633496][ T8175]  ? lockdep_hardirqs_on+0x7a/0x110
[  277.633520][ T8175]  ? do_getname+0x2e/0x250
[  277.633550][ T8175]  do_getname+0x2e/0x250
[  277.633574][ T8175]  ? getname_flags+0x11/0x20
[  277.633603][ T8175]  do_sys_openat2+0xca/0x200
[  277.633636][ T8175]  ? __pfx_do_sys_openat2+0x10/0x10
[  277.633666][ T8175]  ? ksys_write+0x248/0x270
[  277.633701][ T8175]  ? __pfx_ksys_write+0x10/0x10
[  277.633741][ T8175]  __x64_sys_openat+0x138/0x170
[  277.633776][ T8175]  do_syscall_64+0x14d/0xf80
[  277.633801][ T8175]  ? trace_irq_disable+0x3b/0x150
[  277.633832][ T8175]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.633856][ T8175]  ? clear_bhb_loop+0x40/0x90
[  277.633883][ T8175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.633907][ T8175] RIP: 0033:0x7fe6b609d04e
[  277.633928][ T8175] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  277.633947][ T8175] RSP: 002b:00007fe6b432db28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  277.633978][ T8175] RAX: ffffffffffffffda RBX: 00007fe6b432e6c0 RCX: 00007fe6b609d04e
[  277.633995][ T8175] RDX: 0000000000000002 RSI: 00007fe6b432dc00 RDI: ffffffffffffff9c
[  277.634009][ T8175] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  277.634022][ T8175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.634034][ T8175] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  277.634067][ T8175]  </TASK>
[  277.662782][    T9] usb 3-1: USB disconnect, device number 6
[  277.816708][   T37] usbtouchscreen 1-1:0.214: probe with driver usbtouchscreen failed with error -71
[  277.933117][ T5914] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  277.933220][ T5914] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  277.933245][ T5914] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.978784][   T37] usb 1-1: USB disconnect, device number 17
[  278.043764][ T5914] gspca_main: stv0680-2.14.0 probing 041e:4007
[  278.069991][    T9] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  278.445033][ T8184] FAULT_INJECTION: forcing a failure.
[  278.445033][ T8184] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.445075][ T8184] CPU: 0 UID: 0 PID: 8184 Comm: syz.1.831 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  278.445102][ T8184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  278.445116][ T8184] Call Trace:
[  278.445125][ T8184]  <TASK>
[  278.445135][ T8184]  dump_stack_lvl+0xe8/0x150
[  278.445183][ T8184]  should_fail_ex+0x46b/0x600
[  278.445221][ T8184]  copy_fpstate_to_sigframe+0xada/0xd90
[  278.445266][ T8184]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  278.445305][ T8184]  ? do_raw_spin_lock+0x12b/0x2f0
[  278.445354][ T8184]  ? fpu__alloc_mathframe+0xac/0x130
[  278.445385][ T8184]  get_sigframe+0x5f7/0x820
[  278.445420][ T8184]  ? __pfx_get_sigframe+0x10/0x10
[  278.445447][ T8184]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  278.445480][ T8184]  ? reacquire_held_locks+0x104/0x190
[  278.445504][ T8184]  ? rt_spin_lock+0x1e0/0x400
[  278.445543][ T8184]  x64_setup_rt_frame+0x161/0xcb0
[  278.445570][ T8184]  ? rt_spin_unlock+0x14f/0x200
[  278.445606][ T8184]  ? rt_spin_unlock+0x160/0x200
[  278.445640][ T8184]  ? get_signal+0x1120/0x1310
[  278.445678][ T8184]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  278.445717][ T8184]  arch_do_signal_or_restart+0x429/0x830
[  278.445749][ T8184]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  278.445787][ T8184]  ? ksys_write+0x248/0x270
[  278.445831][ T8184]  exit_to_user_mode_loop+0x86/0x480
[  278.445863][ T8184]  ? rcu_is_watching+0x15/0xb0
[  278.445891][ T8184]  do_syscall_64+0x32d/0xf80
[  278.445916][ T8184]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.445939][ T8184]  ? clear_bhb_loop+0x40/0x90
[  278.445969][ T8184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.445992][ T8184] RIP: 0033:0x7f2b985ac817
[  278.446012][ T8184] Code: 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89
[  278.446029][ T8184] RSP: 002b:00007f2b96806028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  278.446052][ T8184] RAX: 0000000000000001 RBX: 00007f2b98825fa0 RCX: 00007f2b985ac819
[  278.446067][ T8184] RDX: 0000000000000078 RSI: 0000000000000000 RDI: 0000000000000006
[  278.446080][ T8184] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  278.446093][ T8184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  278.446107][ T8184] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  278.446141][ T8184]  </TASK>
[  279.176817][ T5914] stv0680 5-1:4.0: STV(e): camera ping failed!!
[  279.396303][ T5914] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  279.396330][ T5914] stv0680 5-1:4.0: last error: 0,  command = 0x0
[  279.427495][ T5914] usb 5-1: USB disconnect, device number 13
[  279.513679][ T8197] netlink: 8 bytes leftover after parsing attributes in process `syz.3.835'.
[  280.270196][ T8226] FAULT_INJECTION: forcing a failure.
[  280.270196][ T8226] name failslab, interval 1, probability 0, space 0, times 0
[  280.270233][ T8226] CPU: 1 UID: 0 PID: 8226 Comm: syz.2.847 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  280.270258][ T8226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  280.270272][ T8226] Call Trace:
[  280.270280][ T8226]  <TASK>
[  280.270290][ T8226]  dump_stack_lvl+0xe8/0x150
[  280.270328][ T8226]  should_fail_ex+0x46b/0x600
[  280.270365][ T8226]  should_failslab+0xa8/0x100
[  280.270390][ T8226]  kmem_cache_alloc_noprof+0x87/0x680
[  280.270424][ T8226]  ? locks_get_lock_context+0x33f/0x5e0
[  280.270455][ T8226]  ? flock_lock_inode+0x23a/0x1340
[  280.270493][ T8226]  flock_lock_inode+0x23a/0x1340
[  280.270527][ T8226]  ? __lock_acquire+0x6b5/0x2cf0
[  280.270557][ T8226]  ? __pfx_smack_log+0x10/0x10
[  280.270590][ T8226]  ? __pfx_flock_lock_inode+0x10/0x10
[  280.270634][ T8226]  locks_lock_inode_wait+0x10d/0x460
[  280.270668][ T8226]  ? __pfx_locks_lock_inode_wait+0x10/0x10
[  280.270767][ T8226]  ? __rt_spin_lock_init+0x3e/0x50
[  280.270806][ T8226]  __se_sys_flock+0x4ba/0x660
[  280.270840][ T8226]  ? __pfx___se_sys_flock+0x10/0x10
[  280.270903][ T8226]  ? __pfx_ksys_write+0x10/0x10
[  280.270948][ T8226]  do_syscall_64+0x14d/0xf80
[  280.270972][ T8226]  ? trace_irq_disable+0x3b/0x150
[  280.270998][ T8226]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.271021][ T8226]  ? clear_bhb_loop+0x40/0x90
[  280.271049][ T8226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.271071][ T8226] RIP: 0033:0x7fe6b60dc819
[  280.271090][ T8226] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  280.271109][ T8226] RSP: 002b:00007fe6b430d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000049
[  280.271134][ T8226] RAX: ffffffffffffffda RBX: 00007fe6b6356090 RCX: 00007fe6b60dc819
[  280.271151][ T8226] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000004
[  280.271164][ T8226] RBP: 00007fe6b430d090 R08: 0000000000000000 R09: 0000000000000000
[  280.271178][ T8226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.271191][ T8226] R13: 00007fe6b6356128 R14: 00007fe6b6356090 R15: 00007ffe640175d8
[  280.271226][ T8226]  </TASK>
[  280.273777][ T5872] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  280.648907][ T5872] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  280.648943][ T5872] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  280.648982][ T5872] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  280.649006][ T5872] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.692643][ T8229] FAULT_INJECTION: forcing a failure.
[  280.692643][ T8229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.692761][ T8229] CPU: 0 UID: 0 PID: 8229 Comm: syz.3.852 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  280.692850][ T8229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  280.692900][ T8229] Call Trace:
[  280.692923][ T8229]  <TASK>
[  280.692946][ T8229]  dump_stack_lvl+0xe8/0x150
[  280.693058][ T8229]  should_fail_ex+0x46b/0x600
[  280.693159][ T8229]  _copy_from_user+0x2d/0xb0
[  280.693224][ T8229]  ___sys_sendmsg+0x1c6/0x360
[  280.693311][ T8229]  ? __pfx____sys_sendmsg+0x10/0x10
[  280.693480][ T8229]  ? __fget_files+0x2a/0x420
[  280.693556][ T8229]  ? __fget_files+0x3a6/0x420
[  280.693651][ T8229]  __x64_sys_sendmsg+0x1c3/0x2a0
[  280.693733][ T8229]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  280.693823][ T8229]  ? __pfx_ksys_write+0x10/0x10
[  280.693944][ T8229]  do_syscall_64+0x14d/0xf80
[  280.694019][ T8229]  ? trace_irq_disable+0x3b/0x150
[  280.694088][ T8229]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.694161][ T8229]  ? clear_bhb_loop+0x40/0x90
[  280.694256][ T8229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.694314][ T8229] RIP: 0033:0x7fcd2b16c819
[  280.694371][ T8229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  280.694425][ T8229] RSP: 002b:00007fcd293be028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  280.694483][ T8229] RAX: ffffffffffffffda RBX: 00007fcd2b3e5fa0 RCX: 00007fcd2b16c819
[  280.694519][ T8229] RDX: 0000000020000084 RSI: 0000200000000000 RDI: 0000000000000004
[  280.694555][ T8229] RBP: 00007fcd293be090 R08: 0000000000000000 R09: 0000000000000000
[  280.694596][ T8229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.694630][ T8229] R13: 00007fcd2b3e6038 R14: 00007fcd2b3e5fa0 R15: 00007ffc2959b478
[  280.694722][ T8229]  </TASK>
[  280.880226][ T5872] usb 1-1: config 0 descriptor??
[  281.223137][ T8238] program syz.1.855 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  281.243715][ T8238] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  281.563344][ T8243] netlink: 'syz.3.854': attribute type 1 has an invalid length.
[  283.113399][ T8251] FAULT_INJECTION: forcing a failure.
[  283.113399][ T8251] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.113434][ T8251] CPU: 0 UID: 0 PID: 8251 Comm: syz.2.858 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  283.113458][ T8251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  283.113471][ T8251] Call Trace:
[  283.113480][ T8251]  <TASK>
[  283.113489][ T8251]  dump_stack_lvl+0xe8/0x150
[  283.113529][ T8251]  should_fail_ex+0x46b/0x600
[  283.113566][ T8251]  _copy_to_user+0x31/0xb0
[  283.113590][ T8251]  simple_read_from_buffer+0xe1/0x170
[  283.113623][ T8251]  proc_fail_nth_read+0x1be/0x230
[  283.113681][ T8251]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  283.113712][ T8251]  ? rw_verify_area+0x2ac/0x4e0
[  283.113747][ T8251]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  283.113776][ T8251]  vfs_read+0x212/0xa80
[  283.113818][ T8251]  ? __pfx_vfs_read+0x10/0x10
[  283.113855][ T8251]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  283.113883][ T8251]  ? lockdep_hardirqs_on+0x7a/0x110
[  283.113907][ T8251]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  283.113932][ T8251]  ? mutex_lock_nested+0x152/0x1d0
[  283.113963][ T8251]  ? fdget_pos+0x252/0x320
[  283.114004][ T8251]  ksys_read+0x156/0x270
[  283.114042][ T8251]  ? __pfx_ksys_read+0x10/0x10
[  283.114095][ T8251]  do_syscall_64+0x14d/0xf80
[  283.114120][ T8251]  ? trace_irq_disable+0x3b/0x150
[  283.114146][ T8251]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.114170][ T8251]  ? clear_bhb_loop+0x40/0x90
[  283.114199][ T8251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.114222][ T8251] RIP: 0033:0x7fe6b609d04e
[  283.114242][ T8251] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  283.114262][ T8251] RSP: 002b:00007fe6b430cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  283.114286][ T8251] RAX: ffffffffffffffda RBX: 00007fe6b430d6c0 RCX: 00007fe6b609d04e
[  283.114302][ T8251] RDX: 000000000000000f RSI: 00007fe6b430d0a0 RDI: 0000000000000006
[  283.114315][ T8251] RBP: 00007fe6b430d090 R08: 0000000000000000 R09: 0000000000000000
[  283.114329][ T8251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.114342][ T8251] R13: 00007fe6b6356128 R14: 00007fe6b6356090 R15: 00007ffe640175d8
[  283.114378][ T8251]  </TASK>
[  283.799596][  T810] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  284.920359][ T8212] syz.0.843 (8212) used greatest stack depth: 18232 bytes left
[  284.922447][  T810] usb 4-1: Using ep0 maxpacket: 8
[  284.928169][  T810] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  284.928212][  T810] usb 4-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  284.928263][  T810] usb 4-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  284.928292][  T810] usb 4-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  284.928318][  T810] usb 4-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  284.928344][  T810] usb 4-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  284.928372][  T810] usb 4-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  284.928400][  T810] usb 4-1: config 168 interface 0 has no altsetting 0
[  284.930436][  T810] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  284.930475][  T810] usb 4-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  284.930520][  T810] usb 4-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  284.930549][  T810] usb 4-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  284.930576][  T810] usb 4-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  284.930604][  T810] usb 4-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  284.930632][  T810] usb 4-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  284.930661][  T810] usb 4-1: config 168 interface 0 has no altsetting 0
[  285.135478][  T810] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  285.135521][  T810] usb 4-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  285.135573][  T810] usb 4-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  285.135603][  T810] usb 4-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  285.135630][  T810] usb 4-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  285.135656][  T810] usb 4-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  285.135684][  T810] usb 4-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  285.135712][  T810] usb 4-1: config 168 interface 0 has no altsetting 0
[  285.141971][  T810] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  285.142003][  T810] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.142023][  T810] usb 4-1: Manufacturer: 嫉樚㮴緦腏눛ﻵɳ摬딊谋⚆贖扵Ⳉ௸狔旯뼇⮌ﲆ앓鿇팄檶릾ꇯ鱽㎶죣럷蔘掙᭺➒㭨営흘泘缍㯫跿獛᭐큇ベዻ䊐찭핟뿗趔꺓鼑硻烝낂哬ꈆ廌⠜ꀷ䯷ꓞ줱
[  285.142051][  T810] usb 4-1: SerialNumber: 쳞ᭈꯢ鉔튜鍊泟䀨ᶵ詽푅䶰숓拎珷噑챵큳┇ᢱ⳻샚誣샜✦㇝䴖蹚Ƣⵦ昆ꍫ틜鿫悀ퟝ䣌郭⟢컛뇜拾澷툚굠푧Î궈ꃤ氘䣲켪□岗킀뒘뛲퀉솢ꭥᗾ烌覗慓Ὃꨖ࿰ꑸ뾶űⲑ斑⑜鏶Ꭵ
[  285.313383][ T5872] usbhid 1-1:0.0: can't add hid device: -71
[  285.313524][ T5872] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  285.394284][ T5872] usb 1-1: USB disconnect, device number 18
[  285.593646][  T810] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  285.638015][  T810] usb 4-1: USB disconnect, device number 24
[  285.890865][ T8277] FAULT_INJECTION: forcing a failure.
[  285.890865][ T8277] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.890901][ T8277] CPU: 0 UID: 0 PID: 8277 Comm: syz.1.867 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  285.890925][ T8277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  285.890938][ T8277] Call Trace:
[  285.890947][ T8277]  <TASK>
[  285.890956][ T8277]  dump_stack_lvl+0xe8/0x150
[  285.890994][ T8277]  should_fail_ex+0x46b/0x600
[  285.891030][ T8277]  _copy_from_user+0x2d/0xb0
[  285.891053][ T8277]  __sys_bind+0x1cc/0x410
[  285.891090][ T8277]  ? __pfx___sys_bind+0x10/0x10
[  285.891137][ T8277]  ? __pfx_ksys_write+0x10/0x10
[  285.891179][ T8277]  __x64_sys_bind+0x7a/0x90
[  285.891213][ T8277]  do_syscall_64+0x14d/0xf80
[  285.891236][ T8277]  ? trace_irq_disable+0x3b/0x150
[  285.891262][ T8277]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.891285][ T8277]  ? clear_bhb_loop+0x40/0x90
[  285.891312][ T8277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.891334][ T8277] RIP: 0033:0x7f2b985ac819
[  285.891354][ T8277] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  285.891374][ T8277] RSP: 002b:00007f2b96806028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  285.891398][ T8277] RAX: ffffffffffffffda RBX: 00007f2b98825fa0 RCX: 00007f2b985ac819
[  285.891414][ T8277] RDX: 0000000000000048 RSI: 00002000000004c0 RDI: 0000000000000004
[  285.891435][ T8277] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  285.891449][ T8277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.891463][ T8277] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  285.891499][ T8277]  </TASK>
[  286.417535][ T5872] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  286.458416][ T8293] netlink: 8 bytes leftover after parsing attributes in process `syz.2.875'.
[  286.578490][ T5872] usb 1-1: Using ep0 maxpacket: 8
[  286.584585][ T5872] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  286.584618][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.584639][ T5872] usb 1-1: Product: syz
[  286.584654][ T5872] usb 1-1: Manufacturer: syz
[  286.584669][ T5872] usb 1-1: SerialNumber: syz
[  286.593215][ T5872] usb 1-1: config 0 descriptor??
[  286.636323][ T5872] gspca_main: sq930x-2.14.0 probing 2770:930c
[  286.716742][ T5889] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  286.835357][ T5872] gspca_sq930x: reg_r 001f failed -71
[  286.835458][ T5872] sq930x 1-1:0.0: probe with driver sq930x failed with error -71
[  286.852032][ T5872] usb 1-1: USB disconnect, device number 19
[  286.885567][ T5889] usb 3-1: Using ep0 maxpacket: 8
[  287.062254][ T5889] usb 3-1: New USB device found, idVendor=18d1, idProduct=2d04, bcdDevice= 0.40
[  287.062296][ T5889] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.062318][ T5889] usb 3-1: Product: syz
[  287.062334][ T5889] usb 3-1: Manufacturer: syz
[  287.062349][ T5889] usb 3-1: SerialNumber: syz
[  287.270344][ T8307] netlink: 'syz.4.878': attribute type 1 has an invalid length.
[  288.048325][ T5889] usb 3-1: 1:1: invalid format type 0x1002 is detected, processed as PCM
[  288.048356][ T5889] usb 3-1: 1:1 : unsupported sample bitwidth 5 in 15 bytes
[  288.055644][ T5889] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  288.127688][ T5889] usb 3-1: USB disconnect, device number 7
[  288.431046][ T5859] udevd[5859]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  289.544114][ T8335] FAULT_INJECTION: forcing a failure.
[  289.544114][ T8335] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.544149][ T8335] CPU: 0 UID: 0 PID: 8335 Comm: syz.2.893 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  289.544174][ T8335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  289.544189][ T8335] Call Trace:
[  289.544198][ T8335]  <TASK>
[  289.544207][ T8335]  dump_stack_lvl+0xe8/0x150
[  289.544244][ T8335]  should_fail_ex+0x46b/0x600
[  289.544282][ T8335]  _copy_from_user+0x2d/0xb0
[  289.544305][ T8335]  __sys_bpf+0x229/0x950
[  289.544336][ T8335]  ? __pfx___sys_bpf+0x10/0x10
[  289.544362][ T8335]  ? rt_mutex_slowunlock+0x1cb/0x300
[  289.544411][ T8335]  ? ksys_write+0x248/0x270
[  289.544447][ T8335]  ? __pfx_ksys_write+0x10/0x10
[  289.544488][ T8335]  __x64_sys_bpf+0x7c/0x90
[  289.544515][ T8335]  do_syscall_64+0x14d/0xf80
[  289.544539][ T8335]  ? trace_irq_disable+0x3b/0x150
[  289.544566][ T8335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.544588][ T8335]  ? clear_bhb_loop+0x40/0x90
[  289.544616][ T8335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.544638][ T8335] RIP: 0033:0x7fe6b60dc819
[  289.544658][ T8335] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  289.544677][ T8335] RSP: 002b:00007fe6b432e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  289.544701][ T8335] RAX: ffffffffffffffda RBX: 00007fe6b6355fa0 RCX: 00007fe6b60dc819
[  289.544718][ T8335] RDX: 0000000000000050 RSI: 0000200000000280 RDI: 000000000000000a
[  289.544732][ T8335] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  289.544746][ T8335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.544759][ T8335] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  289.544794][ T8335]  </TASK>
[  290.086750][ T8340] netlink: 'syz.4.894': attribute type 1 has an invalid length.
[  291.316037][ T8350] FAULT_INJECTION: forcing a failure.
[  291.316037][ T8350] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  291.316076][ T8350] CPU: 1 UID: 0 PID: 8350 Comm: syz.3.898 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  291.316100][ T8350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  291.316114][ T8350] Call Trace:
[  291.316123][ T8350]  <TASK>
[  291.316133][ T8350]  dump_stack_lvl+0xe8/0x150
[  291.316171][ T8350]  should_fail_ex+0x46b/0x600
[  291.316208][ T8350]  _copy_from_user+0x2d/0xb0
[  291.316231][ T8350]  ___sys_sendmsg+0x1c6/0x360
[  291.316265][ T8350]  ? __pfx____sys_sendmsg+0x10/0x10
[  291.316327][ T8350]  ? __fget_files+0x2a/0x420
[  291.316358][ T8350]  ? __fget_files+0x3a6/0x420
[  291.316399][ T8350]  __x64_sys_sendmsg+0x1c3/0x2a0
[  291.316429][ T8350]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  291.316466][ T8350]  ? rcu_is_watching+0x15/0xb0
[  291.316505][ T8350]  do_syscall_64+0x14d/0xf80
[  291.316529][ T8350]  ? trace_irq_disable+0x3b/0x150
[  291.316557][ T8350]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.316579][ T8350]  ? clear_bhb_loop+0x40/0x90
[  291.316607][ T8350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.316629][ T8350] RIP: 0033:0x7fcd2b16c819
[  291.316649][ T8350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  291.316668][ T8350] RSP: 002b:00007fcd293be028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  291.316691][ T8350] RAX: ffffffffffffffda RBX: 00007fcd2b3e5fa0 RCX: 00007fcd2b16c819
[  291.316708][ T8350] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  291.316722][ T8350] RBP: 00007fcd293be090 R08: 0000000000000000 R09: 0000000000000000
[  291.316736][ T8350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.316750][ T8350] R13: 00007fcd2b3e6038 R14: 00007fcd2b3e5fa0 R15: 00007ffc2959b478
[  291.316785][ T8350]  </TASK>
[  291.675992][ T8356] netlink: 24 bytes leftover after parsing attributes in process `syz.4.902'.
[  291.739622][ T8359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.903'.
[  291.817885][ T8363] FAULT_INJECTION: forcing a failure.
[  291.817885][ T8363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  291.817923][ T8363] CPU: 0 UID: 0 PID: 8363 Comm: syz.4.902 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  291.817948][ T8363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  291.817962][ T8363] Call Trace:
[  291.817971][ T8363]  <TASK>
[  291.817980][ T8363]  dump_stack_lvl+0xe8/0x150
[  291.818024][ T8363]  should_fail_ex+0x46b/0x600
[  291.818061][ T8363]  _copy_from_user+0x2d/0xb0
[  291.818084][ T8363]  ___sys_sendmsg+0x1c6/0x360
[  291.818117][ T8363]  ? __pfx____sys_sendmsg+0x10/0x10
[  291.818181][ T8363]  ? __fget_files+0x2a/0x420
[  291.818209][ T8363]  ? __fget_files+0x3a6/0x420
[  291.818250][ T8363]  __x64_sys_sendmsg+0x1c3/0x2a0
[  291.818279][ T8363]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  291.818316][ T8363]  ? __pfx_ksys_write+0x10/0x10
[  291.818362][ T8363]  do_syscall_64+0x14d/0xf80
[  291.818387][ T8363]  ? trace_irq_disable+0x3b/0x150
[  291.818412][ T8363]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.818435][ T8363]  ? clear_bhb_loop+0x40/0x90
[  291.818462][ T8363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.818483][ T8363] RIP: 0033:0x7f5baeb6c819
[  291.818504][ T8363] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  291.818539][ T8363] RSP: 002b:00007f5bacd7c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  291.818562][ T8363] RAX: ffffffffffffffda RBX: 00007f5baede6180 RCX: 00007f5baeb6c819
[  291.818576][ T8363] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  291.818587][ T8363] RBP: 00007f5bacd7c090 R08: 0000000000000000 R09: 0000000000000000
[  291.818599][ T8363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.818612][ T8363] R13: 00007f5baede6218 R14: 00007f5baede6180 R15: 00007ffe095b2b18
[  291.818646][ T8363]  </TASK>
[  292.745097][   T38] kauditd_printk_skb: 241 callbacks suppressed
[  292.745116][   T38] audit: type=1326 audit(2000000275.829:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8384 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111fd6c819 code=0x7ffc0000
[  292.746662][   T38] audit: type=1326 audit(2000000275.829:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8384 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111fd6c819 code=0x7ffc0000
[  292.748680][   T38] audit: type=1326 audit(2000000275.829:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8384 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111fd6c819 code=0x7ffc0000
[  292.748734][   T38] audit: type=1326 audit(2000000275.829:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8384 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f111fd6c819 code=0x7ffc0000
[  292.749124][   T38] audit: type=1326 audit(2000000275.829:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8384 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111fd6c819 code=0x7ffc0000
[  292.751265][   T38] audit: type=1326 audit(2000000275.829:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8384 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111fd6c819 code=0x7ffc0000
[  292.751316][   T38] audit: type=1326 audit(2000000275.829:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8384 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f111fd6c819 code=0x7ffc0000
[  292.751623][   T38] audit: type=1326 audit(2000000275.829:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8384 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111fd6c819 code=0x7ffc0000
[  292.940370][   T38] audit: type=1326 audit(2000000276.017:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8384 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f111fd28c6c code=0x7ffc0000
[  292.940426][   T38] audit: type=1326 audit(2000000276.017:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8384 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f111fd28cce code=0x7ffc0000
[  293.288240][ T5889] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  293.430573][ T8400] FAULT_INJECTION: forcing a failure.
[  293.430573][ T8400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.430610][ T8400] CPU: 1 UID: 0 PID: 8400 Comm: syz.3.919 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  293.430642][ T8400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  293.430657][ T8400] Call Trace:
[  293.430666][ T8400]  <TASK>
[  293.430675][ T8400]  dump_stack_lvl+0xe8/0x150
[  293.430714][ T8400]  should_fail_ex+0x46b/0x600
[  293.430751][ T8400]  _copy_from_user+0x2d/0xb0
[  293.430774][ T8400]  ___sys_sendmsg+0x1c6/0x360
[  293.430807][ T8400]  ? __pfx____sys_sendmsg+0x10/0x10
[  293.430879][ T8400]  ? __fget_files+0x2a/0x420
[  293.430907][ T8400]  ? __fget_files+0x3a6/0x420
[  293.430948][ T8400]  __x64_sys_sendmsg+0x1c3/0x2a0
[  293.430978][ T8400]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  293.431014][ T8400]  ? __pfx_ksys_write+0x10/0x10
[  293.431061][ T8400]  do_syscall_64+0x14d/0xf80
[  293.431084][ T8400]  ? trace_irq_disable+0x3b/0x150
[  293.431110][ T8400]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.431134][ T8400]  ? clear_bhb_loop+0x40/0x90
[  293.431162][ T8400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.431188][ T8400] RIP: 0033:0x7fcd2b16c819
[  293.431209][ T8400] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  293.431229][ T8400] RSP: 002b:00007fcd293be028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  293.431253][ T8400] RAX: ffffffffffffffda RBX: 00007fcd2b3e5fa0 RCX: 00007fcd2b16c819
[  293.431270][ T8400] RDX: 0000000000048040 RSI: 00002000000000c0 RDI: 0000000000000004
[  293.431285][ T8400] RBP: 00007fcd293be090 R08: 0000000000000000 R09: 0000000000000000
[  293.431299][ T8400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.431313][ T8400] R13: 00007fcd2b3e6038 R14: 00007fcd2b3e5fa0 R15: 00007ffc2959b478
[  293.431348][ T8400]  </TASK>
[  293.472560][ T5889] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  293.472631][ T5889] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  293.472657][ T5889] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.636682][ T8402] FAULT_INJECTION: forcing a failure.
[  293.636682][ T8402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.636785][ T8402] CPU: 0 UID: 0 PID: 8402 Comm: syz.1.921 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  293.636851][ T8402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  293.636885][ T8402] Call Trace:
[  293.636907][ T8402]  <TASK>
[  293.636931][ T8402]  dump_stack_lvl+0xe8/0x150
[  293.637030][ T8402]  should_fail_ex+0x46b/0x600
[  293.637129][ T8402]  _copy_from_user+0x2d/0xb0
[  293.637187][ T8402]  ___sys_sendmsg+0x1c6/0x360
[  293.637274][ T8402]  ? __pfx____sys_sendmsg+0x10/0x10
[  293.637440][ T8402]  ? __fget_files+0x2a/0x420
[  293.637516][ T8402]  ? __fget_files+0x3a6/0x420
[  293.637623][ T8402]  __x64_sys_sendmsg+0x1c3/0x2a0
[  293.637709][ T8402]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  293.637807][ T8402]  ? __pfx_ksys_write+0x10/0x10
[  293.637907][ T8402]  do_syscall_64+0x14d/0xf80
[  293.637998][ T8402]  ? trace_irq_disable+0x3b/0x150
[  293.638090][ T8402]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.638148][ T8402]  ? clear_bhb_loop+0x40/0x90
[  293.638223][ T8402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.638280][ T8402] RIP: 0033:0x7f2b985ac819
[  293.638320][ T8402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  293.638404][ T8402] RSP: 002b:00007f2b96806028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  293.638462][ T8402] RAX: ffffffffffffffda RBX: 00007f2b98825fa0 RCX: 00007f2b985ac819
[  293.638505][ T8402] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000e
[  293.638547][ T8402] RBP: 00007f2b96806090 R08: 0000000000000000 R09: 0000000000000000
[  293.638581][ T8402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.638609][ T8402] R13: 00007f2b98826038 R14: 00007f2b98825fa0 R15: 00007ffd76677d08
[  293.638707][ T8402]  </TASK>
[  293.870994][ T5889] gspca_main: stv0680-2.14.0 probing 041e:4007
[  294.554916][ T8436] FAULT_INJECTION: forcing a failure.
[  294.554916][ T8436] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  294.554953][ T8436] CPU: 0 UID: 0 PID: 8436 Comm: syz.3.933 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  294.554977][ T8436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  294.554991][ T8436] Call Trace:
[  294.555000][ T8436]  <TASK>
[  294.555009][ T8436]  dump_stack_lvl+0xe8/0x150
[  294.555048][ T8436]  should_fail_ex+0x46b/0x600
[  294.555086][ T8436]  _copy_from_user+0x2d/0xb0
[  294.555110][ T8436]  __sys_connect+0x156/0x450
[  294.555136][ T8436]  ? __pfx___sys_connect+0x10/0x10
[  294.555172][ T8436]  ? __pfx_ksys_write+0x10/0x10
[  294.555216][ T8436]  __x64_sys_connect+0x7a/0x90
[  294.555240][ T8436]  do_syscall_64+0x14d/0xf80
[  294.555265][ T8436]  ? trace_irq_disable+0x3b/0x150
[  294.555291][ T8436]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.555313][ T8436]  ? clear_bhb_loop+0x40/0x90
[  294.555342][ T8436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.555364][ T8436] RIP: 0033:0x7fcd2b16c819
[  294.555384][ T8436] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  294.555404][ T8436] RSP: 002b:00007fcd293be028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  294.555428][ T8436] RAX: ffffffffffffffda RBX: 00007fcd2b3e5fa0 RCX: 00007fcd2b16c819
[  294.555445][ T8436] RDX: 0000000000000040 RSI: 00002000000000c0 RDI: 0000000000000008
[  294.555459][ T8436] RBP: 00007fcd293be090 R08: 0000000000000000 R09: 0000000000000000
[  294.555473][ T8436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.555486][ T8436] R13: 00007fcd2b3e6038 R14: 00007fcd2b3e5fa0 R15: 00007ffc2959b478
[  294.555522][ T8436]  </TASK>
[  295.002155][ T5889] stv0680 1-1:4.0: STV(e): camera ping failed!!
[  295.245498][ T5889] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  295.245517][ T5889] stv0680 1-1:4.0: last error: 0,  command = 0x0
[  295.247786][ T5889] usb 1-1: USB disconnect, device number 20
[  296.376379][ T5889] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  296.600641][ T5889] usb 1-1: Using ep0 maxpacket: 32
[  296.604688][ T5889] usb 1-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  296.604744][ T5889] usb 1-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  296.604772][ T5889] usb 1-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  296.604800][ T5889] usb 1-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  296.608528][ T5889] usb 1-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  296.608557][ T5889] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.608579][ T5889] usb 1-1: Product: syz
[  296.608593][ T5889] usb 1-1: Manufacturer: syz
[  296.608608][ T5889] usb 1-1: SerialNumber: syz
[  296.740481][    C1] imon 1-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  296.780230][ T8496] FAULT_INJECTION: forcing a failure.
[  296.780230][ T8496] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  296.780268][ T8496] CPU: 0 UID: 0 PID: 8496 Comm: syz.2.958 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  296.780315][ T8496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  296.780339][ T8496] Call Trace:
[  296.780359][ T8496]  <TASK>
[  296.780375][ T5889] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:155.0/input/input11
[  296.780369][ T8496]  dump_stack_lvl+0xe8/0x150
[  296.780410][ T8496]  should_fail_ex+0x46b/0x600
[  296.780444][ T8496]  prepare_alloc_pages+0x22a/0x6b0
[  296.780472][ T8496]  __alloc_frozen_pages_noprof+0x12f/0x380
[  296.780496][ T8496]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  296.780523][ T8496]  ? __pfx_policy_nodemask+0x10/0x10
[  296.780542][ T8496]  ? __lock_acquire+0x6b5/0x2cf0
[  296.780561][ T8496]  ? __lock_acquire+0x6b5/0x2cf0
[  296.780581][ T8496]  alloc_pages_mpol+0xd1/0x380
[  296.780604][ T8496]  vma_alloc_folio_noprof+0xea/0x290
[  296.780629][ T8496]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  296.780664][ T8496]  do_pte_missing+0x7f9/0x29e0
[  296.780702][ T8496]  handle_mm_fault+0xd0a/0x13c0
[  296.780736][ T8496]  ? handle_mm_fault+0xe7/0x13c0
[  296.780768][ T8496]  ? __pfx_handle_mm_fault+0x10/0x10
[  296.780797][ T8496]  ? lock_vma_under_rcu+0x45a/0x500
[  296.780848][ T8496]  do_user_addr_fault+0xa73/0x1340
[  296.780887][ T8496]  ? rcu_is_watching+0x15/0xb0
[  296.780928][ T8496]  ? trace_page_fault_user+0x84/0x210
[  296.780963][ T8496]  exc_page_fault+0x6a/0xc0
[  296.780989][ T8496]  asm_exc_page_fault+0x26/0x30
[  296.781009][ T8496] RIP: 0033:0x7fe6b5f9dfcb
[  296.781027][ T8496] Code: 00 00 00 48 8d 3d bd a6 1a 00 48 89 c1 31 c0 e8 5b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d f1 a6 1a 00 48 89 34 24 48 8b 14 24 48 8b
[  296.781046][ T8496] RSP: 002b:00007fe6b432cfa0 EFLAGS: 00010206
[  296.781066][ T8496] RAX: 0000000000000000 RBX: 00007fe6b6355fa0 RCX: 0000000000000000
[  296.781080][ T8496] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000200000000040
[  296.781094][ T8496] RBP: 00007fe6b432e090 R08: 0000000000000000 R09: 0000000000000000
[  296.781107][ T8496] R10: 0000200000000040 R11: 0000000000000000 R12: 0000000000000001
[  296.781121][ T8496] R13: 00007fe6b6356038 R14: 00007fe6b6355fa0 R15: 00007ffe640175d8
[  296.781154][ T8496]  </TASK>
[  296.781168][ T8496] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  297.064114][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.951'.
[  297.156427][ T5889] imon 1-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  297.156450][ T5889]  (id 0x00)
[  297.198582][ T8499] ==================================================================
[  297.198599][ T8499] BUG: KASAN: slab-out-of-bounds in af_alg_pull_tsgl+0x1c6/0x740
[  297.198643][ T8499] Read of size 8 at addr ffff88802561c360 by task syz.4.959/8499
[  297.198662][ T8499] 
[  297.198675][ T8499] CPU: 0 UID: 0 PID: 8499 C[  297.198675][ T8499] CPU: 0 UID: 0 PID: 8499 Comm: syz.4.959 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  297.198700][ T8499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  297.198715][ T8499] Call Trace:
[  297.198725][ T8499]  <TASK>
[  297.198734][ T8499]  dump_stack_lvl+0xe8/0x150
[  297.198773][ T8499]  print_report+0xba/0x230
[  297.198803][ T8499]  ? af_alg_pull_tsgl+0x1c6/0x740
[  297.198864][ T8499]  kasan_report+0x117/0x150
[  297.198899][ T8499]  ? af_alg_pull_tsgl+0x1c6/0x740
[  297.198936][ T8499]  af_alg_pull_tsgl+0x1c6/0x740
[  297.198981][ T8499]  skcipher_recvmsg+0x5df/0x1140
[  297.199018][ T8499]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  297.199046][ T8499]  ? __fget_files+0x3a6/0x420
[  297.199074][ T8499]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  297.199108][ T8499]  ? security_socket_recvmsg+0x7e/0x2c0
[  297.199143][ T8499]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  297.199169][ T8499]  sock_recvmsg+0x172/0x1b0
[  297.199204][ T8499]  __sys_recvfrom+0x23f/0x3d0
[  297.199232][ T8499]  ? __pfx___sys_recvfrom+0x10/0x10
[  297.199255][ T8499]  ? do_futex+0x333/0x420
[  297.199293][ T8499]  ? rcu_is_watching+0x15/0xb0
[  297.199329][ T8499]  __x64_sys_recvfrom+0xde/0x100
[  297.199356][ T8499]  do_syscall_64+0x14d/0xf80
[  297.199382][ T8499]  ? trace_irq_disable+0x3b/0x150
[  297.199409][ T8499]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.199432][ T8499]  ? clear_bhb_loop+0x40/0x90
[  297.199458][ T8499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.199481][ T8499] RIP: 0033:0x7f5baeb2d04e
[  297.199502][ T8499] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  297.199522][ T8499] RSP: 002b:00007f5bacdbce88 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  297.199547][ T8499] RAX: ffffffffffffffda RBX: 00007f5bacdbe6c0 RCX: 00007f5baeb2d04e
[  297.199565][ T8499] RDX: 0000000000001000 RSI: 00007f5bacdbd000 RDI: 0000000000000004
[  297.199580][ T8499] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  297.199593][ T8499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  297.199607][ T8499] R13: 00007f5bacdbcf58 R14: 00007f5bacdbd000 R15: 0000000000000000
[  297.199633][ T8499]  </TASK>
[  297.199642][ T8499] 
[  297.199647][ T8499] Allocated by task 8499:
[  297.199658][ T8499]  kasan_save_track+0x3e/0x80
[  297.199689][ T8499]  __kasan_kmalloc+0x93/0xb0
[  297.199722][ T8499]  __kmalloc_noprof+0x3e7/0x7b0
[  297.199740][ T8499]  sock_kmalloc+0xd6/0x160
[  297.199764][ T8499]  skcipher_recvmsg+0x54d/0x1140
[  297.199786][ T8499]  sock_recvmsg+0x172/0x1b0
[  297.199816][ T8499]  __sys_recvfrom+0x23f/0x3d0
[  297.199835][ T8499]  __x64_sys_recvfrom+0xde/0x100
[  297.199856][ T8499]  do_syscall_64+0x14d/0xf80
[  297.199879][ T8499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.199900][ T8499] 
[  297.199905][ T8499] The buggy address belongs to the object at ffff88802561c340
[  297.199905][ T8499]  which belongs to the cache kmalloc-32 of size 32
[  297.199924][ T8499] The buggy address is located 0 bytes to the right of
[  297.199924][ T8499]  allocated 32-byte region [ffff88802561c340, ffff88802561c360)
[  297.199947][ T8499] 
[  297.199953][ T8499] The buggy address belongs to the physical page:
[  297.199973][ T8499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2561c
[  297.199994][ T8499] flags: 0x80000000000000(node=0|zone=1)
[  297.200017][ T8499] page_type: f5(slab)
[  297.200036][ T8499] raw: 0080000000000000 ffff88813fe1a780 dead000000000100 dead000000000122
[  297.200056][ T8499] raw: 0000000000000000 0000000800400040 00000000f5000000 0000000000000000
[  297.200068][ T8499] page dumped because: kasan: bad access detected
[  297.200084][ T8499] page_owner tracks the page as allocated
[  297.200093][ T8499] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 800, tgid 800 (kworker/u8:8), ts 7240873627, free_ts 7239971470
[  297.200130][ T8499]  post_alloc_hook+0x231/0x280
[  297.200164][ T8499]  get_page_from_freelist+0x28bb/0x2950
[  297.200199][ T8499]  __alloc_frozen_pages_noprof+0x18d/0x380
[  297.200222][ T8499]  allocate_slab+0x77/0x660
[  297.200247][ T8499]  refill_objects+0x334/0x3c0
[  297.200270][ T8499]  __pcs_replace_empty_main+0x35c/0x710
[  297.200297][ T8499]  __kmalloc_cache_noprof+0x44e/0x690
[  297.200322][ T8499]  kmem_cache_free+0x159/0x6b0
[  297.200341][ T8499]  release_task+0xfee/0x16f0
[  297.200362][ T8499]  do_exit+0x1674/0x23c0
[  297.200382][ T8499]  call_usermodehelper_exec_async+0x35a/0x360
[  297.200411][ T8499]  ret_from_fork+0x51e/0xb90
[  297.200438][ T8499]  ret_from_fork_asm+0x1a/0x30
[  297.200457][ T8499] page last free pid 2 tgid 2 stack trace:
[  297.200468][ T8499]  __free_frozen_pages+0xfe3/0x1170
[  297.200486][ T8499]  __kasan_populate_vmalloc+0x1b2/0x1d0
[  297.200515][ T8499]  alloc_vmap_area+0xd73/0x14b0
[  297.200544][ T8499]  __get_vm_area_node+0x226/0x350
[  297.200574][ T8499]  __vmalloc_node_range_noprof+0x372/0x1730
[  297.200605][ T8499]  __vmalloc_node_noprof+0xc2/0x100
[  297.200637][ T8499]  dup_task_struct+0x275/0x9a0
[  297.200666][ T8499]  copy_process+0x508/0x3cd0
[  297.200695][ T8499]  kernel_clone+0x249/0x840
[  297.200725][ T8499]  kernel_thread+0x13f/0x1b0
[  297.200756][ T8499]  kthreadd+0x4ec/0x6e0
[  297.200773][ T8499]  ret_from_fork+0x51e/0xb90
[  297.200801][ T8499]  ret_from_fork_asm+0x1a/0x30
[  297.200819][ T8499] 
[  297.200825][ T8499] Memory state around the buggy address:
[  297.200836][ T8499]  ffff88802561c200: 00 00 00 00 fc fc fc fc 00 00 00 00 fc fc fc fc
[  297.200851][ T8499]  ffff88802561c280: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[  297.200867][ T8499] >ffff88802561c300: 00 00 00 00 fc fc fc fc 00 00 00 00 fc fc fc fc
[  297.200878][ T8499]                                                        ^
[  297.200890][ T8499]  ffff88802561c380: 00 00 00 00 fc fc fc fc 00 00 00 00 fc fc fc fc
[  297.200904][ T8499]  ffff88802561c400: 00 00 00 00 fc fc fc fc 00 00 00 00 fc fc fc fc
[  297.200914][ T8499] ==================================================================
[  297.233334][ T8499] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  297.233392][ T8499] CPU: 0 UID: 0 PID: 8499 Comm: syz.4.959 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  297.233487][ T8499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  297.233522][ T8499] Call Trace:
[  297.233550][ T8499]  <TASK>
[  297.233574][ T8499]  vpanic+0x56c/0xa60
[  297.233671][ T8499]  ? __pfx_vpanic+0x10/0x10
[  297.233764][ T8499]  ? __pfx___schedule+0x10/0x10
[  297.233838][ T8499]  panic+0xc5/0xd0
[  297.233915][ T8499]  ? __pfx_panic+0x10/0x10
[  297.234008][ T8499]  ? preempt_schedule_common+0x82/0xd0
[  297.234066][ T8499]  ? af_alg_pull_tsgl+0x1c6/0x740
[  297.234160][ T8499]  check_panic_on_warn+0x89/0xb0
[  297.234224][ T8499]  ? af_alg_pull_tsgl+0x1c6/0x740
[  297.234318][ T8499]  end_report+0x73/0x180
[  297.234372][ T8499]  ? af_alg_pull_tsgl+0x1c6/0x740
[  297.234464][ T8499]  kasan_report+0x128/0x150
[  297.234526][ T8499]  ? af_alg_pull_tsgl+0x1c6/0x740
[  297.234623][ T8499]  af_alg_pull_tsgl+0x1c6/0x740
[  297.234737][ T8499]  skcipher_recvmsg+0x5df/0x1140
[  297.234852][ T8499]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  297.234943][ T8499]  ? __fget_files+0x3a6/0x420
[  297.235010][ T8499]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  297.235096][ T8499]  ? security_socket_recvmsg+0x7e/0x2c0
[  297.235197][ T8499]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  297.235283][ T8499]  sock_recvmsg+0x172/0x1b0
[  297.235360][ T8499]  __sys_recvfrom+0x23f/0x3d0
[  297.235429][ T8499]  ? __pfx___sys_recvfrom+0x10/0x10
[  297.235492][ T8499]  ? do_futex+0x333/0x420
[  297.235591][ T8499]  ? rcu_is_watching+0x15/0xb0
[  297.235668][ T8499]  __x64_sys_recvfrom+0xde/0x100
[  297.235733][ T8499]  do_syscall_64+0x14d/0xf80
[  297.235800][ T8499]  ? trace_irq_disable+0x3b/0x150
[  297.235875][ T8499]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.235940][ T8499]  ? clear_bhb_loop+0x40/0x90
[  297.236007][ T8499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.236063][ T8499] RIP: 0033:0x7f5baeb2d04e
[  297.236119][ T8499] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  297.236173][ T8499] RSP: 002b:00007f5bacdbce88 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  297.236264][ T8499] RAX: ffffffffffffffda RBX: 00007f5bacdbe6c0 RCX: 00007f5baeb2d04e
[  297.236322][ T8499] RDX: 0000000000001000 RSI: 00007f5bacdbd000 RDI: 0000000000000004
[  297.236372][ T8499] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  297.236406][ T8499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  297.236447][ T8499] R13: 00007f5bacdbcf58 R14: 00007f5bacdbd000 R15: 0000000000000000
[  297.236513][ T8499]  </TASK>
[  297.237136][ T8499] Kernel Offset: disabled