last executing test programs: 14.69157837s ago: executing program 0 (id=1833): r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000140)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x3}}, './file0\x00'}) syz_usb_connect$midi(0x3, 0x3e, &(0x7f0000000180)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x582, 0x4d, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2c, 0x1, 0x1, 0x8b, 0x70, 0x4, "", {{{0x9, 0x4, 0x0, 0x0, 0x2, 0x1, 0x3, 0x0, 0x5, [], [{{0x9, 0x5, 0xa, 0xe, 0x8, 0x7f, 0xf7, 0x40, {0x4}}}, {{0x9, 0x5, 0x87, 0x2, 0x40, 0x3, 0x9, 0x8, {0x4}}}]}}}}}]}}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0}) r1 = socket$inet6(0xa, 0x3, 0x5) r2 = socket$igmp(0x2, 0x3, 0x2) r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040000) getsockopt$inet_int(r2, 0x0, 0x32, 0x0, &(0x7f0000000100)) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x2000, 0x11, 0xb}, 0x18) syz_create_resource$binfmt(&(0x7f0000000100)='./file0\x00') r8 = syz_create_resource$binfmt(&(0x7f0000000140)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r8, 0x42, 0x1ff) execveat$binfmt(r7, r8, &(0x7f0000000240)={[&(0x7f0000000500)='\r\x00\xca\x8b\x86\xd1\xb1v\xe1*\xc2\xa9\xe5\xcf\xbfJE\x17*\xd7\xad\xf6]\xd9\x15[\a\v\xe6\xb8+\xf9f]\xa9\xec^\xa2\xd5?\xe9\xcf,\x7f!\xf6\x9e\x11vu\x92R\x88\x91\xfe\x86\xd6*a\xa2\xe7\xe7\xaeO\x1dpG\x885\t\x94\xc5\xf2h\xfeU\xe0\xc4\x02\x10\xef8\xbb\x86\xea\xa2\xd7\xffl\x16k\xbc\x02\xdeBz\xc6\xa4m\x02>\xbdce\xf1\x9a)\xe8k\xa1\x1d\xbdr\xce\xab\xca\xf2\x9ej%z\xab\xcf\x9a\x9a\xee3\r\x1dj\xc7\xb7']}, &(0x7f0000000300), 0x800) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r4, &(0x7f0000003700)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100ffffffff000000008100100008000300", @ANYRES32=r6, @ANYBLOB="060066008e88000014003300a4000100505050505050ffffffffffff0a000600ffffffffffff000004006700"], 0x48}, 0x1, 0x0, 0x0, 0x15}, 0x850) r9 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_netfilter(0x10, 0x3, 0xc) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0xb4, 0x3f, 0x107, 0x70bd2b, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x2fc}, @nested={0x85, 0x1, 0x0, 0x1, [@generic="834df5d6c13385b06d76719ba938444573e5045cac29ac4466a1dff4a7fec9aebc20f20b5c52e30e33a72c208e34b95b18c80253980cdad1bf561ac198daf47da705f984083780a1f3273f12e9fad585033ea75176e6bf057bf31ff57902d4ced1831ca2cf94ef1fa8898e6beb81187cee16b7369eecdb45a388e21dfd8ec69836"]}, @nested={0xc, 0x2, 0x0, 0x1, [@typed={0x5, 0x23, 0x0, 0x0, @str='\x00'}]}, @typed={0x8, 0x5, 0x0, 0x0, @fd=r10}]}, 0xb4}, 0x1, 0x0, 0x0, 0xc000}, 0x4040) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r4) sendmmsg(r1, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x108}}], 0x2, 0xc040) 14.400930754s ago: executing program 0 (id=1834): pipe(&(0x7f0000002680)={0xffffffffffffffff, 0xffffffffffffffff}) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f00000005c0)='fd', 0x0, r0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(0xffffffffffffffff, 0x0, 0x2) fchdir(r1) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0x9360, 0x0) 14.050046807s ago: executing program 0 (id=1836): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000001200)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x9, 0x6a76) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) preadv2(r1, &(0x7f0000000400)=[{&(0x7f0000001200)=""/4093, 0xffd}, {&(0x7f0000003200)=""/4099, 0x1003}], 0x2, 0x0, 0x0, 0x1) 13.76151243s ago: executing program 0 (id=1837): socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x29e9c934, 0x5, 0x0, 0x4}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010800000000000000000a0000000c0000800800", @ANYRES16=r0], 0x20}, 0x1, 0x0, 0x0, 0x240c0811}, 0x0) 13.416605281s ago: executing program 0 (id=1839): r0 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000180)={'team_slave_1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}) 13.220387448s ago: executing program 0 (id=1840): r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) read$FUSE(r0, &(0x7f0000000540)={0x2020}, 0x2020) r1 = syz_open_dev$usbmon(&(0x7f0000000480), 0x7492, 0x4000) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r1, {0x8b}}, './file0\x00'}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) futex_waitv(&(0x7f0000000400)=[{0x2eb, &(0x7f0000000200)=0xfffffffffffffffe, 0x86}], 0x1, 0x0, 0x0, 0x1) r3 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1201000000000040f30455070000000000010902240001000040b109040000010300010009210101000122050009058103"], 0x0) syz_usb_control_io(r3, 0x0, 0x0) syz_usb_control_io(r3, &(0x7f0000000000)={0x2c, &(0x7f0000000400)=ANY=[@ANYBLOB="201205"], 0x0, 0x0, 0x0, 0x0}, 0x0) recvmmsg(r2, &(0x7f00000021c0)=[{{&(0x7f00000000c0)=@nfc, 0x80, &(0x7f0000000780)=[{&(0x7f0000000140)=""/75, 0x4b}, {&(0x7f0000000240)=""/182, 0xb6}, {&(0x7f0000000300)=""/193, 0xc1}, {&(0x7f0000000500)=""/129, 0x81}, {&(0x7f0000003300)=""/4097, 0x1001}, {&(0x7f00000006c0)=""/129, 0x81}], 0x6, &(0x7f0000000440)=""/6, 0x6}, 0x9}, {{&(0x7f0000001780)=@nfc, 0x80, &(0x7f0000001900)=[{&(0x7f0000001800)=""/34, 0x22}, {&(0x7f0000001840)=""/156, 0x9c}], 0x2, &(0x7f0000001940)=""/242, 0xf2}, 0xfffffffd}, {{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000001a40)=""/43, 0x2b}, {&(0x7f0000001a80)=""/116, 0x74}, {&(0x7f00000001c0)=""/41, 0x29}, {&(0x7f0000001b40)=""/6, 0x6}], 0x4}, 0x9}, {{&(0x7f0000001bc0)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000002080)=[{&(0x7f0000001c40)=""/210, 0xd2}, {&(0x7f0000001d40)=""/194, 0xc2}, {&(0x7f0000001e40)=""/30, 0x1e}, {&(0x7f0000001e80)=""/233, 0xe9}, {&(0x7f0000001f80)=""/196, 0xc4}], 0x5, &(0x7f0000002100)=""/155, 0x9b}, 0xffffffff}], 0x4, 0x2100, 0x0) r4 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x1}) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x94, 0x7fff0000}]}) close_range(r5, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0x1e, 0x1, 0x0) recvmsg(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000080)=""/248, 0xf8}], 0x1, 0x0, 0x18}, 0x10100) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=ANY=[@ANYBLOB="280000001100010002000000f6dbdf2507000000130000000800ff00", @ANYRES32=r7, @ANYBLOB="08001a80fa"], 0x28}], 0x1}, 0x0) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="7000000002060500000000000000000000000000120003006269746d61703a69702c6d616300000005000400000000000900020073797a3000000000240007800c00028008000140410080020c0001800800014000000000080006400000170005000500020000000500010006"], 0x70}}, 0x0) r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8916, 0x0) r9 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0) ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) 4.872390252s ago: executing program 2 (id=1867): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}) 4.519073362s ago: executing program 2 (id=1870): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000004c0)={0x0, 0x0, 0x0, &(0x7f0000000480)=""/64, 0x0, 0x3000}) (async, rerun: 32) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32) sendmsg$IPSET_CMD_ADD(r1, 0x0, 0x8002) (async, rerun: 32) connect$netlink(r1, &(0x7f0000000240)=@unspec, 0xc) (rerun: 32) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)) (async) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401) ioctl$SG_BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000500)={'\x00', 0x1, 0x6, 0x54, 0x0, 0xbd2}) (async, rerun: 32) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, 0x0}) (async, rerun: 32) r3 = socket$netlink(0x10, 0x3, 0x10) ioctl$sock_ifreq(r3, 0x891d, &(0x7f0000000100)={'geneve0\x00', @ifru_settings={0x9, 0x0, @fr_pvc_info=0x0}}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) (async) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}) (async, rerun: 64) ioctl$HIDIOCGRDESCSIZE(0xffffffffffffffff, 0x80044801, &(0x7f0000000200)) (async, rerun: 64) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[@ANYBLOB="2001000010003b620000000000000000fe8000000000000000000000000000bbac1414bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000002b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000108001d000000000008001e000000000014000e"], 0x120}}, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000) (async) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000140)='veth1_to_bridge\x00', 0x10) (async) getsockopt$sock_buf(r5, 0x1, 0x19, &(0x7f0000006080)=""/241, &(0x7f0000000280)=0xf1) (async, rerun: 32) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) (rerun: 32) ioctl$KDFONTOP_SET_DEF(r6, 0x4b72, &(0x7f0000000840)={0x2, 0x1, 0x8, 0xb, 0x1fe, 0x0}) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@hyper}) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000240)={0x1, 0x0, &(0x7f0000000080)=""/33, &(0x7f0000000100)=""/150, &(0x7f0000000200), 0xeeef0000}) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000025000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x0, 0x4e, 0x0, 0x0) (async) ioctl$KVM_RUN(r9, 0xae80, 0x0) 4.518570001s ago: executing program 3 (id=1871): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000f40)=ANY=[@ANYBLOB="12010000dc3f6e4013080100083a000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000280)={0x44, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x54, &(0x7f0000000040)=0x80, 0x4) syz_usb_control_io(r0, 0x0, &(0x7f00000006c0)={0x84, &(0x7f00000001c0)={0x0, 0x15}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 4.249487624s ago: executing program 2 (id=1872): r0 = socket$rds(0x15, 0x5, 0x0) connect$rds(r0, &(0x7f0000000000)={0x2, 0x4e24, @multicast1}, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x220200, 0x0) recvfrom$phonet(r2, &(0x7f00000000c0)=""/20, 0x14, 0x1, 0x0, 0x0) (async) connect$bt_l2cap(r2, &(0x7f0000000100)={0x1f, 0xfff, @none, 0x8}, 0xe) (async, rerun: 32) connect$bt_l2cap(r2, &(0x7f0000000140)={0x1f, 0x1, @none, 0x9, 0x2}, 0xe) (rerun: 32) ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000180)={@empty, @ipv4={'\x00', '\xff\xff', @local}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0xd3a4, 0x2, 0x0, 0xd, 0x800000, r1}) r3 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff) write$binfmt_elf64(r3, &(0x7f0000000200)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x5, 0x5, 0x4, 0x3, 0x3, 0x3, 0xc, 0x31b, 0x40, 0x51, 0xd, 0xb, 0x38, 0x3, 0x96c7, 0xb, 0xbc70}, [{0x1, 0x7ff, 0x4, 0x5, 0x80000000, 0x7fff, 0x200, 0x11}, {0x3, 0x2, 0x4, 0x9, 0x80000001, 0x10001, 0xff, 0xc}, {0x7, 0x6, 0x0, 0x1, 0x1, 0x800, 0xf904, 0xfff}], "784413fd11d19377440603c6874701fc7f247a2f601da93864da2fef38aff471ceda11007f960ac6bf1c998b65a6fa86861ac5c13649bb27b9eab063315bc49e1943ef89dee53d74e5a23ccb26", ['\x00']}, 0x235) ioctl$BLKFLSBUF(r2, 0x1261, &(0x7f0000000440)=0x7fff) (async) ioctl$SNDRV_PCM_IOCTL_DRAIN(0xffffffffffffffff, 0x4144, 0x0) (async, rerun: 64) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0xa8, 0x2, 0x1, 0x201, 0x0, 0x0, {0x5, 0x0, 0x4}, [@CTA_NAT_DST={0x34, 0xd, 0x0, 0x1, [@CTA_NAT_V4_MINIP={0x8, 0x1, @loopback}, @CTA_NAT_V6_MINIP={0x14, 0x4, @mcast1}, @CTA_NAT_V6_MINIP={0x14, 0x4, @private0}]}, @CTA_LABELS={0x1c, 0x16, 0x1, 0x0, [0x4, 0x8, 0x9, 0x8, 0xb, 0x7]}, @CTA_SEQ_ADJ_ORIG={0xc, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xa}]}, @CTA_LABELS={0xc, 0x16, 0x1, 0x0, [0x5, 0xffffffff]}, @CTA_STATUS={0x8}, @CTA_STATUS={0x8}, @CTA_SYNPROXY={0x1c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0xfffffff7}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x4}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8000000}, 0x0) (rerun: 64) connect$tipc(r2, &(0x7f0000000600)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x4}}, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000680), r2) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000740)={'syztnl2\x00', &(0x7f00000006c0)={'syztnl1\x00', r1, 0x29, 0x9, 0x9, 0x0, 0x1, @loopback, @private2, 0x8000, 0x1, 0xfffffffd, 0x8}}) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000800)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x24, r4, 0x200, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r5}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4040000) syz_genetlink_get_family_id$SEG6(&(0x7f0000000840), r2) (async, rerun: 32) recvfrom$phonet(r2, &(0x7f0000000880)=""/52, 0x34, 0x0, &(0x7f00000008c0)={0x23, 0x2, 0xe5, 0x9}, 0x10) (rerun: 32) write$binfmt_script(r3, &(0x7f0000000900)={'#! ', '.', [{0x20, 'syztnl2\x00'}, {0x20, 'syztnl2\x00'}, {}, {0x20, '&^#'}, {0x20, '/dev/vsock\x00'}, {0x20, '\x00'}, {0x20, '\x00'}, {}, {0x20, '\x00'}], 0xa, "40ea5eb071a5410f12c219bb66b35297f40dc20a4973e08292e9a724aa956505ed80ddaf2db6964941d5847f3b0f50a47766dde560f985f255d21d6a4f55ff67ab326c8a928b0834c0423872a3418f4008cc2b2ab72da6df5546e6553e5e2fbe8b39fb0ad259e4e3a1325651b3ac2bc3bff9bef73c256d96975171ae0b6496afc9772fcc70a48165e65d85aca46158"}, 0xbe) (async) r6 = ioctl$KVM_GET_STATS_FD_vm(r2, 0xaece) (async, rerun: 64) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r2) (rerun: 64) sendmsg$NL80211_CMD_GET_SURVEY(r6, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x14, r7, 0x800, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4014}, 0x20000840) (async) setsockopt$bt_hci_HCI_DATA_DIR(r2, 0x0, 0x1, &(0x7f0000000b00)=0x2, 0x4) (async, rerun: 32) fstat(r3, &(0x7f0000000b40)) (async, rerun: 32) ioctl$IOMMU_VFIO_IOAS$GET(r2, 0x3b88, &(0x7f0000000bc0)={0xc, 0x0}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r6, 0x3ba0, &(0x7f0000000c00)={0x48, 0x1, r8, 0x0, 0xffffffffffffffff, 0x16d3}) read$watch_queue(r2, &(0x7f0000000c80)=""/60, 0x3c) setsockopt$IP_VS_SO_SET_ADDDEST(r6, 0x0, 0x487, &(0x7f0000000cc0)={{0x32, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24, 0x4, 'nq\x00', 0x23, 0x4, 0xb}, {@dev={0xac, 0x14, 0x14, 0x34}, 0x4e20, 0x4, 0x3, 0x0, 0xb0}}, 0x44) socket$inet_udp(0x2, 0x2, 0x0) 4.155245746s ago: executing program 2 (id=1873): socket$pppl2tp(0x18, 0x1, 0x1) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@get={0xe0, 0x13, 0x1, 0x0, 0x0, {{'xchacha20\x00'}}}, 0xe0}}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r2, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='veth0_to_team\x00', 0x10) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x810) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller1\x00', 0xc201}) r3 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) write$tun(r0, &(0x7f0000001240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x12d, 0xb29, 0x14}, @ipv4=@gre={{0x10, 0x4, 0x0, 0x3a, 0x137, 0x67, 0x0, 0x3, 0x2f, 0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0xa}, {[@timestamp={0x44, 0x18, 0x6, 0x0, 0x4, [0x2, 0x8000, 0xa, 0x7fff, 0x6]}, @ra={0x94, 0x4}, @generic={0x7, 0xd, "90f4a2d2ce5054c6694d24"}]}}, {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x2, [0xffff]}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [], "b3e3ab2f22eefc19b491b9d073d65c618cb2abbc57421ed9609f0e2bc98347cac9e171e6e23aaa2707dd93e73e18f0425e199b8e964ddf7b5cc1868b5afb5b9ce1f210"}, {0x8, 0x88be, 0x2, {{0xd, 0x1, 0x8, 0x2, 0x0, 0x0, 0x1, 0x4}, 0x1, {0x3}}}, {0x8, 0x22eb, 0x1, {{0x5, 0x2, 0x3, 0x0, 0x0, 0x0, 0x5, 0x6}, 0x2, {0x7fffffff, 0x6, 0x0, 0x6, 0x0, 0x1, 0x0, 0x0, 0x1}}}, {0x8, 0x6558, 0x3, "5995bfe845124ee37e2f5bdded4a6da5c92f8b287a3e2b474bfeeae907af898330911545e235b04a7fc11c3726a283984d349e6a4290c02de0419ede95bc9798f5a2c5f42a3026f3fad7a49b0090ae5f31950a41d2310ae75c4aa9caa284d8db76f754e8a7e1b0eed8317661fc80"}}}}, 0xfffffffffffffcd5) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'dh\x00', 0x10, 0x5, 0x2d}, 0x2c) 2.776819548s ago: executing program 2 (id=1877): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x82, 0x0) r2 = open(&(0x7f0000000380)='./bus\x00', 0x105040, 0x147) r3 = creat(&(0x7f0000000200)='./bus\x00', 0x84) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000240)=ANY=[@ANYBLOB='+\x00\x00\x00', @ANYRES32=r2], 0x2b) sendfile(r4, r2, 0x0, 0x4000000053d2) r5 = socket$kcm(0x23, 0x2, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r6, 0x6, 0x7, 0x0, &(0x7f0000000040)) sendmsg$sock(r5, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) close(0x3) r7 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r8 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_LOCK(r8, 0xb) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20020000) close(r9) ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e) shmctl$IPC_RMID(r8, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000100)) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000000)) 2.607301639s ago: executing program 1 (id=1879): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x204}) sendmsg$NL80211_CMD_SET_MAC_ACL(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000200)=ANY=[@ANYRES32=r0, @ANYRES16=0x0, @ANYBLOB="040028bd70e1fedbdf250300", @ANYRES8=r0, @ANYBLOB="1c00a6800a00060008021100000100000a000600ffffffffffff00000800a500010000001c00a6800a00060008021100000100000a000600ffffffffffff00007000a6800a00060008021100000100000a00060008021100000100000a00060008021100000100000a00060008021100000000000a00060008021100000000000a00060008021100000100000a00060008021100000100000a00060008021100000000000a000600ffffffffffff00000800a500010000007000a6800a00060008021100000000000a000600ffffffffffff00000a00060008021100000100000a000600ffffffffffff00000a000600ffffffffffff00000a00060008021100000000000a00060008021100000100000a000600ffffffffffff00000a00060008021100000100001c00a6800a000600ffffffffffff00000a000600ffffffffffff0000", @ANYRES32=r0, @ANYRES8=r0], 0x160}, 0x1, 0x0, 0x0, 0x480d1}, 0x4004884) syz_usb_connect(0x0, 0x24, &(0x7f0000000600)=ANY=[@ANYBLOB="1201000047ff4f40d3131132677a010203010902120001760fb30f0904"], 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) 2.485192206s ago: executing program 3 (id=1880): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0xffffeffe, 0x4) connect$inet6(r0, &(0x7f0000000380)={0xa, 0x4e21, 0x1, @loopback, 0x400014}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x38, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x20, 0x16, 0xa, 0x801, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}]}], {0x14}}, 0x80}}, 0x4048010) r1 = syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x88003) r2 = fsopen(&(0x7f0000000180)='ntfs3\x00', 0x1) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0) capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0xe, 0x13e, 0x89, 0x2, 0x6}) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000040)=0x85) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x1a, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_256={{0x303}, '\x00', "be130001a91a11f103e04235b2c8b5338f21fdc40200000000004000cf00", 'H1N\x00', "37081bc76810440d"}, 0x38) socket$nl_generic(0x10, 0x3, 0x10) recvfrom$inet6(r0, 0x0, 0x0, 0x300, 0x0, 0x0) 2.409060317s ago: executing program 3 (id=1881): socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$key(0xf, 0x3, 0x2) socket$kcm(0xf, 0x3, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) eventfd2(0x6, 0x80800) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, 0x0) sendmmsg$inet(r0, 0x0, 0x0, 0x8000) syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) socket$nl_crypto(0x10, 0x3, 0x15) socket$kcm(0x10, 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYRES16=r2], 0xc4}}, 0x0) 1.996459076s ago: executing program 2 (id=1882): r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) ioctl$FE_SET_TONE(r0, 0x6f42, 0x0) r1 = socket$nl_sock_diag(0x10, 0x3, 0x4) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) setsockopt$CAN_RAW_LOOPBACK(r2, 0x65, 0x3, &(0x7f0000000000), 0x4) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000052000100000000000000000002000000090001"], 0x20}}, 0x0) sendmsg$can_raw(r6, &(0x7f00000046c0)={&(0x7f0000000140)={0x1d, r3}, 0x10, &(0x7f00000001c0)={&(0x7f0000000180)=@can={{0x0, 0x1, 0x0, 0x1}, 0x3, 0x0, 0x0, 0x0, "2834725006b22c0a"}, 0x10}, 0x1, 0x0, 0x0, 0x800}, 0x1) r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60) ioctl$KVM_CREATE_PIT2(r9, 0x4040ae77, &(0x7f0000000180)={0x1}) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f0000000240)={[0x0, 0x5, 0x40, 0x40, 0x0, 0x3, 0x2004cb, 0x4000000000000000, 0x2, 0x3, 0x0, 0x1, 0x0, 0x2, 0x9, 0x1], 0x80a0000, 0x450}) ioctl$KVM_RUN(r10, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x59, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r7, 0x4080aebf, &(0x7f00000005c0)=@svm={0x100, 0x1, 0x1080, {0x10000000}, {"8d422c6cdf236069ded6dff45581047ca5f722977acf799dab28241ef9503f739b41d9dab4a17077b1ff8ba29833678f0ec6b8856192b55a0550e474d20f804b504e505cf8b59f9c2eda77e47a2f34326975cda2a01b835d39739cd29b209ad2f15245132eb973343af0d8fc2f259dcb9adabb7437f7e41090e80fb0a91e7293413a139b9e53a8c8cddd746ba1f719aaa4325f9157993929cfe11106a31b95d67285b94521625158b47224c4a1202527d62a52be0592e5d891468d0742d1724af992a6ee7094a9317d556317ff64e53ba8e7d1d5cc053f186cc237cb62cbe8d5c9b091493698d317e9b4ee1049184f864145225c557478d730b3ae2e85f593f15567d7e12b226cf0730fed7a3954af9ed089fcf87a540a0eca72ba2acc332f9c9ac1da3263dab313a4bb99a87a54e2a7e980d7a215538b713027a23b6b14f4e0f94ab0fe04e4714dea0ee34e7e4610a620b361e143d0cc288f339b4e37ad97cb704bb7c041549ee1c07ea457d56fda7b624e4b7ee830b9a6c4365d7f09779f54e4ab0ad7f321cbab00916923e749d915226a4babe542b85be9ce187be5b4e784eb590052fbef063a6f0ad9fc0488b5b258f9b2ccc91bacffe7568f07fbbfe34908cfd3c18d3e9775398e202f7e0989f14481bd3a84bd5294c3a426ed31246f57e88b847b41b593d0ab0b4c6f7e3a411f48d4e6211fb68989cb41a5348077156a89db805f306c7b3a71c956c1f6688ff442b10b951b5124d5e8fbee405cbed199a2b6d07c4714558a00f39aee9d1c3ae2c9a5d1c0fa416ccccf540830d32c0ae398766c6121395a1c0bcf5faf60d89f671e24a0a11452aeab905e1d2cab61079ee84c204005a43aaaff6e28f1d03c2a3dc393e2318fbaf14909e59d9da815e376bd3b28ff1f59a76ba54fd9f6b37106ad1a9c306b6aa97cd1fce4053c336795296373c7446184dfe73661b393ab19e751fab9fca06e7e4c40ae0bdc741c9e5ba6059e0de1853d50e7f0c053bf2d988b7d23c4440ab9714e275d483fca4df09dcb2b581d5c8e2d852071380fc7e54bcf138a471ddc157adf62b1bc12ef8b1310b4a4011a0784710f3efcef064755a69eec95dc9a85f116450d80fed1989369b38986e9a07c2ac583a12b4b12eda541fa7980748b9d82872dc14d37bffcb985f203935bef0758ce585580be64514822b34c28bad2c1d59a118bcfb9fde5a4f4c9f5cef505ccc4814321ba7dd956815b00d727e4459a9510b2041db999f52400d9c5fe9dc5450c43cd9605a38e17f18abcccf794de3d53aacad792488b440aa85100f8cb9b3550dbf666dfdf338482430db6ddc5540b142dad6e1bd2b0ea4142e5589cb2793ef50d600dbe5263b2e4f71abef4501cf5113fe3151d4e405d37cced70282d9c382c851d4eb8c76c26142605bf357703029e47896fee8ab4f57bccd0bb6d8a9a18cb1bb54e6d8bb9167840c669ad57cde4233070f7958bf7010738efa7bc699d27c3898b7e9ca12d4fa21c5af70b442424397d594745513944121499e20505efcc521557d8cd99a73d37fba53ad8797c0fbde257249726f2e4c95e8d3c27a919022e51d48255267af44e34e80ca6da8b211ee8562b1ca8be351552f4a38df8618cafea9bb3f8b7a837125fe2a26acf5dc086780f9dea0dd36143fc6e554263f5ff77aec7d5a7f2f8ec1daa0f7024996db087ff8686c5fc0cdfe68ae2f603fd065aaf4ed8addd43c380266b7fa8eb7ee309f8e7566af25bef0bc7c76dd7f91d503c4eb9aa8965f644f3ce3d7a080d599906e1a9561933be039f8da9506932fdbb65877d2ebfd0a11d5f0f631eca746a2b0997185b645a4900d5b5d4e7cc07ba385321731761b7e84b259a93b6126c0073579812b1e9c7db6c7b403fe7864f28a0b252bf9dca7f55181e90e128242a22e1054732780995e089325148af4a3cf2800080cc2154149d6d488b684a2318c12f0b18735f558126bf0d5d01be6ef54657b5e6a18982762f9663770fcc75171995e313dcace8eab7b462bd046375fd5ad6b68edfcd8f5c4e5e1c83f74897101425cb99883a968fa4d89de0e69fde662a663131ca2041049e538d3ae6610ada48989c6a6253f6677639e880ff307e45b0c4f04cc67d5b0d8072e1968494646cd75ba3e619913dd2f03b4f9b1f3e72d4a88eeae1d81036f9664386e39b602d2f8708cf9335ec4a91808b5fa2f4bbba7ceea82116f7251ab6befce4cccf92db1c24af4a92058835aff74582f18803de400839a0dcb6616ab1330180a245ff1dfe532b3efadb2e8c55334a94eb609d96aec53bad21fd81e6944ef7027317b15ca10ad6a331f1c3b6e00b9f75807b0f078cb6e9f395a4f1fbf6af76612ab8f9c9b2196b91333fe9cfd3af74a87810f1d17a07e6e8f96bb5798291f4eb5d623f3bee7a699499e60464b54e33287b113370412a17531d6d0b8fbd099826d1c9f346b9f14b841a88f53deac3d368e02f89ef033cd4478605154bad0fae4b4763a29b4da3714b685b646769e0e1b6dd04dad7c862d7d252adef382fcadc58f9ab90630c415916e9675fd53305462910c692632b36e2b71e6be2c98e5400b2ca229ca63960f7a1086d611875a6cac3ac39a78cf96d60fe033c8fed2cf3eb14c06c901038da0e1b4933d09528b4d38f2af2af311bb9b8b2bc289bfe2d73935af7092b1200daced2c57c61db309424acd65ae3b917da5df81749527b9f2b313a08368e7c07000d8206468eb8d6622bb6a1123f49f253ccbe51d00a6824ecce0489a0351cf45c0c2d1a72744b590bc346340cac7b2e6f7ae961ba3a18022397bf90c6344c32703630c77cc28cb67c17f5289038e98d10a73226a30a6c6d80264b77aca4a108981fe82433eeff0362716b50aad8a0f52459ff2b36ebc0b6c8fd65ad269ceaecee2e705b8c447edc0767bd3f998af68e72738be00aa964748692801072d06dacc3d24c1971624940c73d81b2fba0e257fe50436886c96e99e7876147409e146354114718947961de67428734fedf64b9c6c5f0f35a69c9fc6c3bb62b8a20dfb923894ce8a8722d7fb9d2354eb3c4a700a9fbe5caea97189a2c79f07c683600dec724effe9f7e0173e5ad23c20b15cf8441a1ea3867b03fecd8e3cdfca02f3d9c1d91c69a7f5c5f9c6f81b9652737e4e12f092d2b9b58099a500d375ee5694d860413abda24711a24a199183a9fcdc1021b64cbd4b978b93c2cdd41ae2159eb03f8a2da710f73de1be1289f5c697e1fa8ee811953d9ac7090f84ececd8fe6c71a5fb9f3e52f9aa10fe9f07877e196dd1503424bdd661b0288742e398632df43e8daf78d13d647932748ef73af9961d3a9810a59522fbd0f59ee1384e45497ee86c84ab99fccee324f7a9e6565221867763a2663f508cca92bbabf3c33c461eba613dcae5852309dce42954c7cbdee4b159bdba7b8ca7101827f6c9d58eb59fe08f84a04522c030cbe65f0252a23f42f6d3fc6272c8d8dabf55ef96d8f531c4daa935cea1e08fcd9f4bf680dbfabd24af655d04eef357e8ad32fc979c3903937beaf02cfaa8d77899ebefce492419f8027e3fd2af42ca0104555dba14fc81bd5c1109d6a1163724f1b67e27e54ed6a4c3ecfb7f3ab7c7897cbeae6b23f9185727bb51c9b8bc725067c543e82db790b143695481aae20479dc5a6a8803eac2dc84e4b3309c8a0f3d17ea06a56c9bf1b6d548f0c1e301e42b5134d93671f543b6a6cc9692e8c402ec072ca59632fbcf58d13e0c875ef8b8da4fa4de04b8b020c0456a5ab82ef3a86a9b19377ffd5bdbbf05e199ebdb901b6a42361c2a5be4d2a9a0fe8e8f5191a14b2c8bf001e98f8ceb1fc593cb38a1b9b9cf446c63866c93858847e86debba6ee6b1237e62d6c6eb7d6146f834f4588d1f84530769498e08b8b6e80a1b9f66262fd44a565182c87383ae1ba94ccba41a511b517ae794cc8427e474cd3fbca732e13f6f3789ead6497a01662fbd6d2c2a25e28fe34de1f832b076ad096517307db14074ca44bd9777566a285e34837e4d0bf56898c9c6845c792194a40233f1f3a6b3f5ebee2200b6d30e3b31708c3405930fe5ce2197823ab1f65f6697e2ea3fd5e973cedefd09e73e358ede2bc0839b1bfb9c09927f315830fecccd3ada58a2d9c8deac5582c21df220898f189e80b3c0f1edfccfe31b500a3ca56a6b2930195ddec12d4723f2020d41b19413a24d72a6ea0db43e57330e754794712dc80784eea1792ab2c5a7e31af93aae27be688501a26d2731af2ce5a5de9f11edca27525a03ada7cf352862ba0264a2759846863e47db043bd03858641332cbfe7f8bd4e6477a53dd99d41f8b0bd0d730088581e2372ef6108f1cab24133724d1adecf9b971e900cf48af1ce225d3b1e8586f192af44d1c567dc13af3416a4548dd5ae6d6f7d536d1ede08c6ef751674354fdf3080c11b000dab3ce02f40811e286b35907597e0da3607e36fe9ee1ce914faa63bc8487dee2c805611ef9975896e842d3f2d14f74375a1ff29baa435e781ceec27f243366b040459e92e6d3ca2b929dcddbaaf883695be4d225532d675d7d1d5b6a82b7f79f4c67a8a8d9d8548ce7b53989c38fa3f73a168bdfa3442bc01670d1d4838f7dd362e668387543e2dd1b66d3201ad9dd149d7adbeb87788afd7dd59194901fd803a407d213a890f404173981a2ba37ecfdcb6d136839a6fdf4a02935942aa3ddda4a3d5997c2f43ec2fa777c3315b591dcd76a9a0c7b1b7c293a2b0c8e0c79425a4d4157c3da2fff415e7e9efd754aae9f1ef144e90eeab710ecf7bc023862cccbae721860e3b49123fa97ef326743ab9ad7243dcf7923c57f0ea0e94b873ccbff9b932ebd9ba846e5c1cd6bb4314ecc9c8a4f5bdb3757cbdc05255ec95b7a094abbb69914204e55826a00858665101198b10728acce1844466fa830cdb1691a2afb8696c884b9c54a37bce334de5186f4a923a5ee37a7f4151072d12515dd22233882578aac708f0618b94aaab33fd500a570d888b2045c815ddf27d50e1799c03fed850880f1d3a42d87237065cd56fc05a60513c54cb4965189e06bb07e763430c9d26b0caac4b5fc2517e70d555693823d4842d2711bfd3b8f792e904cf73109bd1078ab8cf936408c85002bb4387772b00b6a387c959787e4bce6c879768ed77755581bcad926acc1ddf37c9c40569fbdfd1431baf499a97c8a16516d542aa7724851069e05635c086a5b24980c14aeb88544915d90af44eaf850014da54a5dc5329d458ca0a926ec0c46ae925be72b381590759791ba806d1891a81510fc5c7f1a2ca4dffadb09b8af8a4bcf1c7a99228525ba535b14e4ab7967ccbd445f0a1a42af75903eec67f465a2648a048c333b2e01cdfaf89be4eb387ede19f025564413bf6c8c3fff1f2baad2cd9170f5a51202d835e84f50b188e1b6386d6ca363be5eeeec19d99c5b8b03a3fb6475a05abca985bf286aeb36ce09ab668b38c979ea65cd96c54e37541eaf83f87d6184abe5a897e1268a671be221152003c7ec7f44c3a3fb2c70bcd11997772eb57731ebfaef9eff19cf795fd25608a74a769a83f955c018608def1125afafcbe34a3b95318ec36c72c73f8e688666c476e24956067c5f64809eef2de3e86d9abfecb43ba2be31880c9d9d90e2fe34b96b6dfa593398f95506bb8c426f9f8fe543bff8108a4e83507a5f098be2f426c717ceb81db7e010de01392cd2406faab68959de9e65e57a07416c4401c6cdc11c6dc4c032cc5f4e50137d52ac7a719d8effa2a12c7ee0d1d"}}) ioctl$KVM_GET_NESTED_STATE(r7, 0xc080aebe, &(0x7f0000002640)=@vmx={0x10a, 0x0, 0x2080, {0x54000, 0xdddd1000, {0x2}, 0x0, 0x800}, {"f2ba37a114c4bbc9b682d885c2cbcc83f064750cb6b67429e6273e05ffe2044031d8ae3f0c73e045cd843462c8c597b32a0159517de34f74bc87923f12e561b6df7a9c727c35c5d93c8f0c1343b922b9363761bdb6fa9b1cf049a9594c31445c7750fe994ba01584b344a14e97d1df8df0fedc0aa291c9394b6d5b291612ab7909f98edf0de3901ce3e2af8be395ac53b47427066b270fe4848e3f8e32571bb856ffeeb3eec69dcfbea323a93304dfd924dfce3d075567822325a66aa4202945b4cb9f0599f39da248a83297b1e30302d3ddaa756bd1028aea8b26c8a1715b1d74f46b6a2cdb22681fec0ad4e8dc40e86834dafc2ac399a85db70a5c46a2109f23019cee452c742960d5d3024aaf9f0c6416535b7ac7ccb947daf6e141ebe88105a8ef7545365520a6f1fecb79f6dad0b92ac3e12d5e8ceb4926d6248bb53480e13e96499f1c53600bd1b33c07ee4728bbf0e8ec19594322c5c051c83f2954586709e329b92822eea3724f8cbe87c67e321030786582e52e3a2e7833a1ed40203f8cc14639f23b0f369deb8949e6976fc7a80afa28e0950ab9de1f4072cf0a3fabdcdb54b4c408abdd9325d2c88202981eb397b815e1309065643d1c8a8bcd7353d08d6edbcf0ce45226940d4cbde0601cea0a2bf74883f15cc55d52a47a60bfcd36aca689cfb1fdaae30c0d16f4edd45c0694bf1c3f2ea4fa8cc89e2c04c6561406eb78354dfcf73f78221af3a626778634bbcd6abf5b08f355a2a4d0c18dc6bafea567b7d25a2ee7dbb17c9f1716aaac77bb62b3ecd2ee0863c6b5740e183d20139e11e61fafc649ad9caca98686d981bcb91495e14f42e71929df9f27923ae2f292fdb1d522faa49d4514930bad44bddc169adf2e510816e2774f6fc2c7f856e14f3deb45c8b3b26f9040f938a06b2299de3f298966f796c9ddfe6eaa9c76ea631a872feebad299c6f262f9958840760c9a914e4fe1f8f587ec71030ddf7ae91c4ce3592b65e4d507b2d5ed6a19be7130da2fffa5095851ae50aa1ff836ea59aac9180e876567d40b5141e751ce1533f53d17cd98b3358ce9723f6432ad43d34bba8285ba0fec481e36fba20cddeb35e343f3cd9ccf201de5e3c73a1debda42263a55c10862a3b026ec5487d3c460a464741139ba5c45b90ea352edfa358a9e18e1e73dd654f2da1337ae92b5f78171fa10c9d47fc70d7d5309e24fb926a9db1daafe41090bb018ba1c748e3f33f751364e0cc47e8f6ad59b7f87007b8cb2edac525cd1344ef7fa14aef145499381221ac27d9c773011da88941cf62db882aab9e27d5b7dea72c84a05e4ecb6d25867d35034e173107f92eb8e318c4eeef0495a3654ba713d846a4413aaf8ca8b128a1a94b1653f59a0124d3b54c22e8b584a327614223ab440f63d379991b668fd9363a5f2f9a4921f45f34cc310f2917af20f49f1dcd64491c8b1bc3bc167cacbf76b04cf64b64a7451863ac186707f31bbc3511fc2da802247b1f22f851b7d08c44d51319d44f9be690d7891cfe8929297500afde0eab80728c51bba47dace919033d7fe276c7a4f7fa2b264b3580b0c875d734516d1770685a06efd887530acde96eb15be9c12fe05bb5fec351b06edf5f69d06de1fac774586171e9f1625392aa80e0548a423575bc1ca22ff5d86b495c12ba99c4c3e7abe76353da37d063a3e63cd785fabbfd18cf229a50c7ff1b44bf9d0020a036eb51dd8ff213d3992abcc60f516820b795467e293826dc0c2e1f4d95880f72df30b10a38e348d639aadf12971a09d89324b09d43ba6432d2d5261aeebd5e1b3762be538564659993208878ca19841bdcf3918b523bf48a1e1b4e7444e5dfac99a1f7b045b282c9f2ef06196f251c4cc33d1d0985c1227bc06d6b28e6560b903accecaba4f60e29efdc687d567d896942044f19b0580ecf41ea1dd4ab65cb83659c36db59e5470914441efca5040e2e6f294ec6868a91a745073d218ebad1d203fc224f20fe7c0f97caa526907d7c03b646585e9d90418d4a0c4510c904cdb9d96fd6b92705cd7f7def8afa58a00296459bccdc85884f7c927e157e9620e816a5bd78ca966b8e53f7643ea99059580996e43509c5fff9dc9ec80581fbcc74bd102746915d4d8cb0142e4fbb757f4f8283fcd94a4bf856146e54466d4a7cd1e87fcfa950fb9275d15869425b2e2cc49f13309177469e29447897c62bde05b097f423a7d2c5f1c8ad3b46cce7cf6b49d546aad6db7581e57b7f87923d8aa158c790c2a0f0832edc890ba993a58815e044b22f2c2167d5f527418efd5d1c743afda25e8f6add6c7e8b7bf150de21a1a1303abab49a87624c5efc2000441e9131b63083a45df98edc5977c15c0244a89f217dea9d09d83dfcf528c14fa5d67e8c178428d2ba0a321dfe66631f7290ab8b956ed15a01df623b5e303655622eba1d2a06bde5c3cc5e1fa2776057843fe20ab93696192eb959cd4eb2d6b3a889fe3b52c11b3ca67baff15c30316286624056b6e285d353337d33552b6d7a62760f34036a3fd43c9e26202688023a7344c0679dd5988edbfb4c5a64ecad18df5b4edd0b7a650e11795a61c27f256dc58d3636683d3a91c11aecddc4cb5a84626fcede290607a51fcebe682f165eaa29579479fbec515fe4aaf751bf5e21b47262d62127b77072a185cd7f8857c9f7c766908017e143e9d196c1e68ca6ca75a5c4015e4ae2227afa5d1a2c4f3e02396f792aedf4e35d9d2a2f1c0a9cb6e2fa32584038c9ee5a9631ffe667dcd1813e96235fe7ce2bd332830219015fe88447bae86c3ef13195bcb3e7166b4fa24f230a763cd87c4345846c4e5e0554b9b491e63f01b41eb568e53a2d2559651957fd5425f601e1a92969ca46cd2d3b6875523b9b300a2026c93f0a5900fca144b657d3028895899f271c59c4ed92c294ad80d0a42cd71d5b5e53153789a051d92b56a928b34873efaf7ed4116327009a74a75981f1e3469f73cbff0ea7ace1f31b15f9d1bf416215ef41f10814d2c6735cbbe496297cf9bb95b24b7720c8ba18a08ce2af2765446848f7b93fbf01e8201de5d5dd1738744b8926bfd35f7f21c363a235010dd694e5c90de08c4285abc6c03fb410d1e28ec7844e2048fba506465a9872484894fae90a8bfe17f50da96bdeee4b0a6e5d8a2cab3e0fff80948d514952696c899c69abe63034163375676fa29331aba7f3190fe7a37dfb2aa78d1605b6d68ece3332094272bd781a2a8226690dd3c2a21d961a7be3740c54cb93ae77f7e2d716c578f180cb0e7c846f2ce79a18868d2fa29c3784fad8b7d4901a22ec21b0b2bee61db3647d0c7ef4d853288cc3d0a76406198f1c55ea7402cf6741fcfb19a9d8a8c5cc72d70f7c420cd85f6d8d8c0915b2bb91fa1be017383b5ad8bdd000a50dc742824a61ad97c195b567217fd8217c32efb9765a61139171711d8dd3730c038f75bedd5a31acb1243a7c57d61203ef26ecac9ad8cc9ee4619bfa60f987489acdced02778f917aaab0327fadd0b5879704c7b6bac01bb878d5563639644eb9a863ece168cc4d1d60d3b47c6ef166abad47e9c26d09d4e4282a369a9120c6c89acd666ad11c299f5c76e6010381f26b798119c9f746293dff6fc1354ff3133ba6039694d0ee58d1db4a417e632d04f1617f71eae34b224e7d4117c0aa49ec3659be5e1bbf14936bd3949ceb4c250c276cd9b8698ae9a31d869e1bb25e0e9d6a955af32e8e69ca7a14e27dc94389659b408cf8f0b7d201068f3418ea73080149e9f51d2ae53d0ddb9facff8599e743d8c1b1290e55fa93748136ed0bddaa88b79f0129f284a7bc44aa20be5c4e76564ff4a2ef97adc68d949a317558251b7c145514ccbfe9bd0d171bae4e8b6558fb0c58479648272e019e064c3a3a4dd7c32cdbdd8956324ebc0cd7fad735939736c241ec1c7e4c6602440f7d0aefa0be024415fca379a075cdfc3fe4973a95d32de4f08746aa4dd5abe3efc0dc908828067bbb2711c188d8c67a18962daf1a0099f81348ce4974cfe76219b05ed7a5f9f69db8fb3dd4ee25af59a4f43c40f4c4046b67eabdd8539ec63ee3a5f4f759b512ef5a8c6ddf95616b45c6a804ac8f9b38be44f602b165ce2f17334ecafd4771fbd2f2cfa405a19f9b48f95daeba73dcdafb73ac6d6cd870bb56dc42dbc2a0a412313a9de871de1deae0fab4bfb948e820c91837f3ee502ce7e93a1e408e0ee813e1db51691c08a48bad621f284d31e5acd73f0e336d7deb3190ccc83a2b8b6fa8d881816b3c6301aa1bf95cbf5138d0ef865ad774effc4388d424e9d3b56dc3576fb99cd9f22266311588b6438750c0fcf5b3dfc650066a641316ff8ba7d30a5cdac1de89bd39de4f5694224089603eb09d8082decc81a4903e506fcc671469ba415c00293616c2ed4736ce2dcdc90ca4a4e5a1bdabddc309d784db8ecd61ba8c9f39ce558ef47c3d23b4caa6f8794b218b7073556425bf9e6bb587de549fa2d6dec2da8ad2a0be9f0a6175cc2d2a4c625c5163ba8851c4ed1889111e58035f1334bad2c82d816bdc8eeb782e28e7adcc7f0af207725b823a707e15661dc7e653b5230c6581581ba7fbccb8e784187483546ed44121ef0aaa1be27a0a9c56322f96cd5d3918ab8bc6d13dcc4ed313ce486a8aab8fc137f6752c51e6679cfbc1878e8883c9f996b98732f5e346212bc3134b11a93486b9b0fbcb46fe0f68a2ccd451097f9eaf0e13817fc2648af0ffce17b4215726b0ec3b7c55a2ce5c8e61236a8c7a0ad8101a3db1683828a55ffe4b2bfb2d787f769c1906fcc540bdcd8bcb50baa0891b5e21abc049bc1c1523a18f9f7d268079a264a0602ce3915b2f217fc7dcb38234de3dec3ab701e237f855399be9279024ffa28721b9bac04d722621ea1a588f38a9ad001e920cc551131c07ca7b1f77aa1bcb47a9bf33e07087ddfa9c270b77d19cd3c6c8011983c2f6b8ffa497ac25becb508732db4996b52ff51346762313dae3c08a52a47890357d79312da2423bca128966e1a213198eef7826008208731c6ede21d66fe011a0b0851c8aa0c67b721a257da2c251357154093fa5ef9c7bc53d2b445d5dea6f4b404d4fa414603ded1c9a40a44e48fc901660a8a798358d9489b2975676b26220955e51aac463eff9d553a211d5510cdd122355bae497076ba2dcce2e8eb309c80d8d88c0039966da21c885bfd64847c4e82efd69605bb03db380b4f6f44e231abc6dd11c485f914eb682ce2a8a27cd4a4c610f7bf7ea50c73bc28fcf5787e78d167ecbc5cfbc163b166cb7d7a36d9b93b3cea9a7044974069e97096b5e8ad9d8e9d3fe850d9b61dcf75c72317d88f7d861998ede667137f75e8af091945016c3e07c577098d9de9b2ba7aea3dbb597e939dd8c66e8740b684b7d65f4cd1b4141759c44a60a750fe577f019915485472e6796d8d2adac2bfdca36cc796f7a38ba8ac88d9313c3de9cb547d65f40d8f40ca2737de571729a5699a76111e21a96d0a4e5a9133143c54ecb8027c3a85c19ff1c56e6e032482de8908edbd506b8972d08d636a1cc8ecc8e2452d799758dc3716bd962daca833815e8354a05813ad238c3b745b18bb882612aeefd0a99c3abb27cdfd75e975238a169f4343663b2cc2c48978d0aa9706ac66354c88c959844b519e1cf856559d7745cc12c0093c083bf34426d27cd84c2166a3ff8364eefe508fa689ada398fcf3f19e3962a3260c0f02d9b347805f796379ae6aba94c559d88ea016672c8271288482bc540b0a007aa0541", "5f1f263493272427ad8bc81e70386bb18246abb93db91aaad8473de7673b6f7ed36af74e5169a7c2062f68af9d0f04b7269ec15d40997ad8d00d7285d4a01f28ac3caddfff890325fba88548cbe52b1ba45f332ded5697a4b9fdc98438e186a6aeba470e0e319e263c2aec37477b253e475409ba68b03584e4d803bfba7e773b087155b029da984e7ecbe9996c5edee7184d0c13c14573bcfbe34010cd8a9bc1864c0df50c0609886f90df509d5272a2b1db0ca3328357409e605142a2a2d31fcc33f93de2800248db846bed31abce837dc276971e35ed84720aa175cc85e23acade86c2e80d2151ffaa0c523d162b6356bed1f929b6033134e3b406b6c7362edf6328f4000369ae4c34ba78afe8ac50f966bebe3dfe85ae0185759b1cf64506135f3d072c6f37a3a2b0a9d67646a2e1b6cbc9823ee3fdf8d9c90fe4060ea7dd96c2c9690ce4743070ba474f113a88943315872a44f4561f663c1e218c71efa12a8ad724477eab1cebe864605c0a8f33d2ab857ddb87a1185ff6b4b5c4db8fe91ce4095090c8f00d78f07b763c9fefe9d65e0afc113abcb2e44f6fce427f9021ad67198c3a84edd0d5fa0097f7aebce4ee6fdc9cd0e10dc21f9c98b6863f1e006e40ff5e7bcbf8e40310cb2ba47d6d5657e21c2f88e8023d1b14472333e3368705deec649428cfb0302486814c2a1c35726b477bf61e71d41e2cf3a3df48bf9bcd1d2226c1b54c9b75e9fd96d63b2d8f0653bfea21009729320b68fce6d6b530130fd0fdb6734d7594097fdd36f72fd5d65278219e56a1976493de440aee4b9977ed65b02de830539662b4114a78d6cff01e0af52f4d9515371abf88f719bfe8b359491b52691c03ab2f5b8e5af82272e7d64315dd6229836428cfcc9bcb89629ecafad6e6824aa748c7a652c4c892b687de4249e90aa1c11beb764f175cc89c25833d0986155fb75b6a973ab46e9b3481e09507e2d228a6cd9f7f38797e546a9e367deace6f074aed0cd3e032ac7d665477fa680eb04fddbd07d086a91bb875c7ac9245092036810904adb48111cb4fd412f2adaa08e4cb947135540be8eca3818061548100a6e064fd7c91f552ea7076d9c054a919f5ebfcc72b9f39a95af9c2ff91a26b244972ad9df89aa8b45933f289a7ef33a3f8bf7f357f4c621931f9b35d15602fbfa8a14270e51b5a3651a15749e68e67301a64364a696ad881a7b53218120af898fbe14af2936f70a36ab94f72188619d8181d8920cb7884a0fe36d125de70841406cc340dff45123ead3f2d684c39bae47b237158abac606ca6287851484e2d5d3b117b623a8789a0f1fbb1adae82fedd34c6f4798c24aca40fc6bf5805dc858eee148e3200db4308b1271623b458726f876641a2c298bcc196994b5dc78a31ffbec8ce397e0d2699058fd4d1a9a480c6d31bd078d3ef34123378b6ee9e2d3297d8bac694092c02c8cdda125e1c32358fc3c67dfdb303d0145259b076383b1fa2fef9fcc8f3d01ca6ffb2dbde2f198a6d626486f5c12c7dde3b5f12deee3b17025428e306b7cc767f4fa465fbd80c7fa094c6ce3613c5641ad11fbe796fa844b3cc904d33e03fa60510ad09f202340b8fc12decb2ee7a4526d37ec91f6fcef9664dac2709fd0270b375d5884a467cc726ac6a5f12510a345ed7242d92197921eb3811852569f625373b96468346779bc273732c3bea32a14989a555fac800eb1ae1dff64f08e61dce16f69c036ee23faf11533d5efe9ca7cd6a50f110fa9adbbc16d02de7f587614e771e788da7b095d2c0d9b34488966aee352a1211db30b9e07e2e8568b3885ecf47b4594bf581ff5b3ea65a45cd82aa57336b119049eaa13cd9b0d351dee5b04d7ba7d0aadf46ec6f7fbb00cc4e9decd51cc75f6e24383ac1ef6b6934a9423d492d1071048b9844fccee89a195bc2b46222d024c64f5a0c2581f8c34bc709174f8a48f87fcd19c2399fc85779d319e801ffd3ac9b956e5854026fcbe44d972e9f5ac607700fa272f226cde2a655601ba2ad29329eab763c6fc8efda442eab4086002f6e142080aa3c4f6f5cef904277cced6daf598e3f1097a3bd65bfaa5bd50b03d8176d80e2d804376a00c2c88c861c04e81c7a73f2f7457b46603ca311da540d97b83d49b57f57e08728d99455f30877f06fc0dcd50ed0e33c3ceecc12365be9e6d8c193d90deea772a7118c5f2c6d95060d5e287b10ee6fcdd85a20118a5c7f498fc5e9bb5928a31a5396ea9aa747e7c70498351046aa384df57eda7436f165f0990812a4fe0ddcbfe43c23de5570c1e4ff1031bd301cb7947da3455d8b823d352f41f885e9d0ecfff6774f971e6aa83bbf30bbedbcc0329b904b4af0c0e8b4dab2dbb41fdbbab988648c11cb756aff6da4f6ac27a5c61b0ad49972ccdf6a4612250aaa2a17d1359625ee0a93c512a5bfa8debc653477cc9da33d2e3748887af660b28d99ced2c48f705439f082a989ccf8863c7a4926b05f74fdc43840fcf18d3263f73a19a4afda58b146d86fb1793a2ad2b76ba0b86865ad92d0ba8d2f9fbe73b638779882430f7727206d5cc0013fe1a1c17ff3eece9dc2b0f8a92e436432097b41672b2141ac2bd7f6c8def5ac70598a60c57770f9d101481d4be91f655f55ac49cae20684ec917d1444626b1c77027538cc847d3c622798c581ad9c251b30f59231186ec311da4b25f0b5beed4ec5782b99c1c280bf50d45dffe49a1179e69e77a75d3b7c3367dfe836c6ddaf1348d614efe0ca2522bc0dcf4f14a37b7172308ff02373aeb5232f5c272e013b6bd97465b65099caf9e1ecf822e2505b9e3e76f77f9ed33f241776571638475b2791f520e6eed0419074beeb6890dc6f913d0729ae6c6ff49305c95de0daee25242bddd934aae193891f875d865e70e0e74e4b5361a7f027c5543ed548877a9c4e1701f5490e3b40a9cf2283f5785f9818ac62839a832b59ce608a3d7fc5332b80ad7c6e38aca768a1e8cfe9d11dec8d65ada340e01c57f821ab969d1153600fd5203181589ac643c1da5d904b9f4c52f439964f46bb2cefe473b4f8f1ef43a232795871a21f883b9b6cfb5cb04c34077d14af3485c265dcd3553b6f0547cb6116111bafbd52968971b141531e282bcd491b5b7b13fcbd8a095fe0ec24c0d6877a82a3eebf0ddb082c59698de7a96c366bacd1f94e873d98c0713183178c8b8c1acef964b43fd16ed06f616617feed220d024615fca0a759a51d868961d28f4a1487e92ecf74877ac82c78953d4b21004a2ed608f105e078b9782a1a2399032f89c50bb087d9738dca0283751dd00171fd01a59ac41bd3cbb0fd0912059f022c919fe9dccdc1348acdcc24c37d7cb7c15de4a4b788dc5c81c1532fa759839626b737650ee09885bda5b47b502b40f21e828c59a919daded6bae8facbed0ba08b3495fa1543348ac9b2946c5e27345376abaebac09cc46034677363c33ba5f9a461077475abf6bb36de1c73865824ad2ab7c25be692c4d6821befc685b68a44a3d0be54270090381fb1a124629ac0e5f1b87014d5072dd0ede2777f5942a597bafce4d76bbb1008fce995cf3067b19d0472b946a1c2f0bc05d6af57982df4ae006be31735f6c7c6c916b3ecd59e044e01bc4416da5243233d9df888a0c43f878cdabf938d588acfd95aa5704cfd74f4a26d00bd8a4f5b1897a4405999ae642c2803f2218b88955c64406ee972a3e20f936a98c997493db6c790972a059d6ba1dbed3bbed9616970e5a148b1b605c9637e75028ac7b6d0bf4a12e389c4d7a6dd41368382a2b7551a87a6dd6bf0434da4b938961995996e8d58293dd1eb235b5fd423281df36d432c021d365c34e027325f520447549103eedde174ba85dab934824be844b3805808975c7980112503dd39dc660d9ae32c801c93669a1552dd62186b11e1b7f48f696c5aded32fa677ac15ceac185d2e20eddb522404d4783313b3168e6804f358792eb6180376c058c2f71bc65f2b32b351d028f79f1195748cc8836033d6e72d4b50960785704a3075f338acb9e2149622904b8b2987d888000e70676571ca21cae90706a771989b87392b4a071e2b2fef0281c6f84a45332c231b54c7980cd1b77ff4092c6751bf6cec0ac343afdf41e2295dcb63d54f09f8ed4481b312a02a5e894d9559a795d817db42db1e46bd8b21cb85afef7090457935582173e657cdf95b254e004f67db1cbdb8c8e0a5cfc9c5ed554cddb5b7774ee996b71328ec17c094925dc5e5c6ccd7b60fa4915d8d5f2fc28057446d1dc68f11cfd67c50ce6df633b1ffc4c14aa5540ec726d17d7c54c4d0dfbda10fd5a01c0e1d4321c353ea57ccf8c6ab5df9255eca757174fac9cadb951d7d9eba0005fb93b670ee5fbb6bd203714c5a39d27a66453998353a03b81b2ec71661c715e2eb72d7101775f21c920c251abc9138758c73c8b70827618726a1985e9ed466469bf21d4280fde5f1f906b56e9b964f9334e868312e19db300e54777da9f1a6d84b46ac9e509c39af1b3ccfce18604943ab66ed010c026eb9c203caa72f070cc1001bcd6466a6dc1aef623a6e2293539fd9e4ce21b9bc240d9589f24f549eba09b60af876a1410f40af67360702e37e1bf5c4ec217ec9f9ab62d3771c219c8ba30e0d3a914749b3a8e7d5a0eb4888bac17fc7a7e96c15bf5cc51f7082ebe81caa7a7737e4193fc0a957e1063cf2823607ff6e126597b3c742c83840b24b85162da8a9b3ba24f553d162370e9d8fc3bddd3fd7f9c30ad18c3c88666a0c62ac173593d2561a5029ca6d24750c9a45073ec2f7ba1fef6e4595dff8e5312aee34c44c29a20130bbfc80dbb5ddb99cd45f2d283db7b97c6db2b137c121fd5580310bdc5cb8489c0716472680a55cfcedf3211ccc84f2668064325c3f67c7f955f0e849521ccd5273d62438a2c9097218c7a393fa2b65d58391d6cc1c712833b967c67fc3f43895bac68edb8c89921eb7a55d27f6c0cd3c268083f1690d3399dc51ec77093945a0341ff35735af68d1c3b774a37e50e958d805d5d4746c85905cd8ce34f7d8e91ad0c4e3b8b7eb6e70d153c33867333f178ae9098696ad2ee4f1aaf985f19626268d83ca87d65a9605971252ede3b74e4417b2548293e28f530bac8a4cef0eae7614d93e826f39652ecdad516b435af82897cc7e8e3e0333aeaa1aa85ad014fd41b3c130ecabf0acdc87e85922169f14762b84c65b70d25a5756d56528bcf427a7dc291e833b336e578e52ac722195507dd70bce625547bbbdc403d60d8fa3940adb7281c5696581838a8e6675bd1ad3d67ad55e4ad93b28a8477e0d3e85186ee5d36983cfd2d1e0c4c908fbfa672b2666af95f69d3004073c105e7ea96ea35e1ed95f2f9f2d39db4bfa259598ddf63b52a3a3d8b65a005797d8cf7875be4cb54fffb41fc536aedba723af78a718c5faa2d7f4d17842a93bc20f8c5c794360aae1589a29b8edcdb430c770c6ee49deb8a5ef862f2d5b4d76b8a223b660fb1e48958ecb5a3b5834ced8dcc56e0a1496f81a8cd43604a1dfbc5116e957cce37a3f12675875d57044402530e122a7c9e27994f47a03f825eca2f8619d1501ccc959396b7e5529937f70e91b14b3a4ffb6b832796866a6eaa53fd103a6883f4478afa1a7a179f2d862e201c503c5cdc7af930250715279ab9a9070b74fda8f18be4a8fd3fab0132793d7fd0774a74bf63f95dc9784a045f1d02760f5d5e557b3b0c82d7cf6bc77438c00f430317b4a2d6109df830bbc6f06f532313be26fe7b4aa49"}}) sendmsg$can_raw(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x1d, r3}, 0x10, &(0x7f00000003c0)={&(0x7f0000000200)=@can={{0x1, 0x0, 0x1, 0x1}, 0x7, 0x2, 0x0, 0x0, "eb778610de7e3023"}, 0x10}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000040) sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={&(0x7f0000000300)={0x210, 0x12, 0x100, 0x70bd2c, 0x25dfdbfe, {0x11, 0x9, 0x5, 0x4, {0x4e24, 0x4e22, [0x3, 0x4, 0x7, 0xcc4], [0xfffffffe, 0x3, 0x9c, 0x81], r3, [0x2, 0x8fb]}, 0x2, 0x81}, [@INET_DIAG_REQ_BYTECODE={0x4}, @INET_DIAG_REQ_BYTECODE={0x4a, 0x1, "b11798fd5e2dc758c4de254e8dc4c1bd0290aac72fecf548625fec654159b714b76ee1b697204c90402276adf12105239854badccacccefce19d950a4eefb9dab20106baf307"}, @INET_DIAG_REQ_BYTECODE={0x38, 0x1, "c3e1b43e87759bc69a554899205d8a791b653271e2afd709d465265ae5266c68aab7c04944d670329d49c90cac7d36732dc36514"}, @INET_DIAG_REQ_BYTECODE={0x78, 0x1, "5b9752b4ac7c35cd63cb8c35dc96c1ca6a1297308089d52284197bbcaf869493817fdce314f764abf16e7282e42d2745e23b1097f3d3c385614456d01f2bb4ddac45d8187ccab3a3c9fc679dd24ad414c36f6bbfac99602e7902e3ca7ba04b7b98341041ede508efa05fe68283f9b4eb0194a835"}, @INET_DIAG_REQ_BYTECODE={0xc2, 0x1, "eaad603a4a86dc70d9283acef5ddf2010b9ab19060f8c75be084cdcb97429e3936eef3d642fca3afd034fa59ec5dd5b925540a547b045f9872c7dc26fa9914bd2ef2c4b91f432ca71479ad1c9019aa67e61c0674023205eba777b91ce2901634c633f1bbde8b6e0354e233d917443ad3a46eb8973f449ea1a25aa124b41139ceedba91da4b63f39853448bf5142778083d9f61950e03c57b0b753f89de296c3bb42ebbbf3eeb7bb023bab1f536ddbacf3840fb8806495b7c54968f953d7c"}]}, 0x210}, 0x1, 0x0, 0x0, 0x8805}, 0x44880) sendmsg$SOCK_DIAG_BY_FAMILY(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x14, 0x14, 0x1, 0x70bd2c, 0x25dfdbfe, {0x28, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x20040000) 1.887256602s ago: executing program 3 (id=1883): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000180)={{0xc, 0xdcfbd04361b2f564, 0xfffffff9, 0xc, 'syz1\x00', 0x2}, 0x6, 0x20, 0x7, r0, 0x2, 0xfffffffe, 'syz0\x00', &(0x7f00000000c0)=['\xb5\x00', '\x00'], 0x3}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 1.793138068s ago: executing program 3 (id=1884): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000207d1e512d00000000000109022400010000000009040000010300020009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x1, {[@global=@item_012={0x0, 0x1, 0x9}]}}, 0x0}, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r2 = syz_usb_connect$uac3(0x0, 0xdf, &(0x7f00000000c0)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x30, 0x582, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xcd, 0x3, 0x1, 0x5, 0x80, 0x21, {0x8, 0xb, 0x2, 0x1, 0x1, 0x20, 0x30, 0x8}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x1, 0x41, 0x9}, [@power_domain={0xa, 0x24, 0x10, 0xa, 0x4, 0x3, 0x81, 'D'}, @extension_unit={0x19, 0x24, 0xa, 0x2, 0x6, [0x1, 0x2, 0x2, 0x0, 0x0]}, @multiply_unit={0xb, 0x24, 0xd, 0xff, 0x6a, 0x1, 0x1000}, @feature_unit={0x9, 0x24, 0x7, 0x5, 0x2, [0xd]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@format_type_ii_discrete={0xd, 0x24, 0x2, 0x2, 0xf481, 0x3, 0x3, "99f53562"}, @format_type_i_descriptor={0x6, 0x24, 0x2, 0x1, 0x2, 0xd}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0xc, 0x1, 0x2, 0x60, "ac6422a1"}]}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x0, 0x1, 0x8, {0xa, 0x25, 0x25, 0xabb, 0x7, 0x6}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x7f, 0x6, 0x4}]}, {{0x9, 0x5, 0x82, 0x9, 0x400, 0x3, 0x8, 0xff, {0xa, 0x25, 0x25, 0x4f, 0x8, 0xfffb}}}}}}}}]}}, &(0x7f0000000580)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x200, 0xff, 0x0, 0x8, 0x8, 0x5}, 0xf, &(0x7f0000000240)={0x5, 0xf, 0xf, 0x1, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x5, 0x0, 0x9}]}, 0x4, [{0xdc, &(0x7f0000000280)=@string={0xdc, 0x3, "8ca3d0c58789c88cc2b20e1c5cf755a251c35adbb784e0e39fa2b196033143f579aa305df962dd5afbee63f1606dcb50a7af645390e5b2ae0d3710cb16082a86af64953a4f86fc21b185e5c025a230fae36b0a96e35737fce25bfd6e9758d2ef1cc5cac33c86b194bba7cf8312774aa5b365e6a0e49c04d7e5db0af1f4774109e8dba97b7b4ee65c55931549d423c87b3277fe9e491b717a0f48fe95ac1492a3057b5fd3e1b2703e5539890e036f5f50b4a2ab6f0de341f10bc413371fc3fb183d45398bd7631a677f3732747540ae38a63e6060510f569386b9"}}, {0xca, &(0x7f0000000380)=@string={0xca, 0x3, "0dcfcb5b6f751aef84004ae7e25a4f66eac79a3613c473a889475e598c1f2bf1ff6bd413ad9d61455c2f16d957272de78fa4cdf1b0503040a0f9721455523ae1ba8cf287d3733bf2e139243a3ae4aed0cdb0465b91a47c2c59f8dfe9685687f39ebccb2c3831f36f3e7009c4c6a486a3438c8e37bf6c210759ff406683efd764c7854a735e20289eaa8b481ce6f165da572e59b3bbcd2ed6647000d577b1540ad8cc38247f5bfecd66c2e2ad76538dd1a2451b8ce4e315718348b62740c7b2d60cd02ce6725b85e6"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x41c}}, {0xa3, &(0x7f00000004c0)=@string={0xa3, 0x3, "2a774f51c3044dfafb83ba6142fc906345316007cd11382fdcade2b8cf512858224eec27905b9e5c9a2f8b252c236207cd9deb2e46d1a581101edc180a037498d1f19f1f342fed9453a77d6e50eff65c65d23b43135d4c53bd90907b733124ce3f42c51bd23def88a229d4c7ddaf1478f70c60a52aa05115c2908cbf2d44441d59877c7241acb5c45a4bcfc257500a9719c55a4f4ac7e427702870f6f78e9013ea"}}]}) syz_usb_control_io$uac3(r2, &(0x7f0000000680)={0x14, &(0x7f0000000600)={0x40, 0xb, 0x29, {0x29, 0x24, "fc46f5ea931bb14f83e0e72c061948a54e15a50981492df9b3ea22a9d0d1d98911b52f0b30605e"}}, &(0x7f0000000640)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x419}}}, &(0x7f00000008c0)={0x44, &(0x7f00000006c0)={0x20, 0x11, 0x28, "5cb85751aab1c7346a129235ce9be8656ae3d0ef3b367c55b2bde2e7e1bb9f6daed5e4edf041128e"}, &(0x7f0000000700)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000740)={0x0, 0x8, 0x1}, &(0x7f0000000780)={0x20, 0x81, 0x3, "00eb6a"}, &(0x7f00000007c0)={0x20, 0x82, 0x3, "b7d3ac"}, &(0x7f0000000800)={0x20, 0x83, 0x1, "fd"}, &(0x7f0000000840)={0x20, 0x84, 0x3, "42fab2"}, &(0x7f0000000880)={0x20, 0x85, 0x3, "50ebdd"}}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) 1.16441043s ago: executing program 1 (id=1885): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000140)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x4000000, @mcast1}}}, 0x32) sendmmsg(r1, &(0x7f0000004380)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60}}], 0x34000, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast2}, 0x10) 491.543167ms ago: executing program 1 (id=1886): pipe(0x0) r0 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000005c0)='fd', 0x0, 0xffffffffffffffff) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x2) fchdir(r1) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0x9360, 0x0) 245.463404ms ago: executing program 1 (id=1887): r0 = fsopen(&(0x7f0000000000)='bfs\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) setxattr$security_ima(&(0x7f0000000000)='./file0\x00', &(0x7f00000002c0), &(0x7f0000000300)=@v2={0x3, 0x2, 0x0, 0x5}, 0x9, 0x2) r1 = fsmount(r0, 0x0, 0x0) r2 = openat(r1, &(0x7f0000000280)='.\x00', 0x2000, 0x0) r3 = syz_open_dev$video4linux(&(0x7f0000000600), 0x4, 0x141080) ioctl$VIDIOC_QUERY_DV_TIMINGS(r3, 0x80845663, 0x0) ioctl$BTRFS_IOC_DEFRAG(r1, 0x50009402, 0x0) ioctl$SNDRV_PCM_IOCTL_DELAY(r1, 0x80084121, &(0x7f0000000140)) open_by_handle_at(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="34940b869566a31b481a1abf3ae4f8d9714bb33277a684e71015e3d653bac8075ba65760e8c04df7d14430652784e7d27bd946a1e27959996eb7a2edb604941e2ff899e68f2e6f7d854cbddf4305185c60c69846ec63fecf8f79410894a05d505b151b48b6031f20ca5d9d6774a9d4c633ad550aac5ad256288fbab97fdaa9a8104ca3623c81150a9f162fcb1070f188"], 0x0) 52.441249ms ago: executing program 1 (id=1888): r0 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000340)={0x0, 0x0, 0x100, 0xfffffffe, 0x1e5}, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, r3, &(0x7f0000000280)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd_index=0x8, 0xf, 0xa9, 0x8, 0xd, 0x1, {0x0, 0x0, r0}}) syz_ublk_add_dev(r0, r1, r2, r3, &(0x7f00000003c0)={0x2e, 0x5, 0xfcff, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f0000000200)=@any_dev={0x4, 0xd74, 0x0, 0x0, 0x1000, 0x68ba, 0x0, 0x0, 0x10}}}, &(0x7f0000000440)) 32.523035ms ago: executing program 3 (id=1889): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) r1 = syz_usb_connect(0x0, 0x3f, &(0x7f00000012c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109024a0001100000000904000003fe03010009cd8d1f00020000000905050200067e001009058b1e", @ANYRESHEX], 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0) ioctl$RTC_SET_TIME(r2, 0x40187013, &(0x7f0000000100)={0x2b, 0x22, 0xd, 0x0, 0x8, 0xac, 0x5, 0x1, 0x1}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x181141) ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, &(0x7f0000000000)={0x0, 0x1, 0x3, 0x3, 0x0, 0x7, 0x0}) sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a3100000000000000000000000a20000000050a01020000797a3100000000140000001100010000de0000000000000000000ad4b1fb7e1af4efd918d391a2f5ed433652bc021901d19b0700000000000000bb793ca037215baa3d8b7500"/151], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0) prctl$PR_SCHED_CORE(0x53564d41, 0x0, 0x0, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000090900010073797a30008000004c000000090a01040000000000000000070000000900020073797a31000000000900010073797a3000000000080005400000001c08000a4000000000080003400000004008"], 0xdc}}, 0x4000000) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r5, 0x3ba0, &(0x7f00000000c0)={0x48, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0xb}) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)=ANY=[@ANYBLOB="14010000290001002dbd7000fcdbdf2503014e8008002f00", @ANYRES32=r7, @ANYBLOB="1400000000"], 0x114}], 0x1, 0x0, 0x0, 0x40004}, 0x0) syz_usb_control_io$uac2(r1, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000180)={0x40, 0x15}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r8, &(0x7f0000001340)="06b02b6c752a9a17fd38f43fbf5e05cbd29e5e2f16b012d3b49c6db5f8d035cc15a4892f23e1fdea42cb8fecd628936858403a804b84e17665ffc9e41c70b60466ea64c8f6ec6494c24e9bf8632d14bc116a10d1477b3f9864a1cad7a6e94cba7a46064155d6c56a93d14382085c992b4f86fa0fa7aca377cad489e9ba58eb41798f2304f0750110e5f6389baa7518456973e21d91d03dbc3414a29b9c57eba3af99fde58f8fb5cf6a4baef559c89a3e58f298d341df41f550fc5011c1069182f6eba78213d4b31923b01131c5e4557855a630e9be3559bbad347d0d5ac892e926ec26c8efb65eea49607aecbed49337c162a6d372f9c6df0f4dacf8a5d7610a38eaaf5fa39e4689c4bfdfe98e8912898f88a6ff8636cb03244cb9bf19bdd0575191236b1b920aa0f09ab00b5c77b7ca411891e6031d959453396435f4fc5ee63aefa4e6f079d956c9877f6f69315d43faace35306a7014169e71f622d8c80f2ea6a5372dd3ffd4dc2b164849f0f4dbb39510783a780b0c341dea3bd42092e2581cf011c3d13a551ffa318c443584c355a83ff5f540161cc278f654d7457c3f7fbe7ac9f486a84bded405dd978cf2930cd63e89dce9b00c10665e98a72586a4c5b0ee7c7acf0659014a552b96dea095cb83f0c0e281713b49b30652d62ac0964f32a57d0a3ec4cc130376ba349bd1f2b3ba04c6579d0fa6cd7cfb2e9fb93b99ea3b615d6835081f8633a43b26b05ca90d237e742d50d36f439ee6c93cae308a7c4b525c6f0792d72e329dbc9b8cc3944d9b0cbaa647df2988b0f43d8d7df760f6029ee55cf701eeb83606d996857225182cdc358d8e895b5df12f3d3a24f0063f42518587da1befe7a5e26dec03258529149996a23f013b2ea30665d54d4db625fc3802a65a56bf38fd1ca7ae6d5728666bc4f4da01e8a0b51c9883434f95cb31fbe4cf54bb995241ac388c87a8813d5620cb8f31a8702e95fb71804c2c58aa476d4a53e74940694924ae7f2e60b83b9d2561d8e7450682f659d8e0c12592c83ebdb44fd842928f9aad3cb0fa37bf272d8d648e8a1e1a980d5d2d207fa3560cfc53886dcf42e9f64b885c50bb196d212903b8957b6c546d1f4b34b05b9fc87c07c79b9fb16882759a44b2032781f5c5e4ef59ee4fb4a34dba6603635914bb55f30ff78bb60c2673cf906fc01ac6a17377206fc614f954f2e3830591271ca615a3c312d66f61f715a74befc815db5d98feb9b259f8f49a4e34b331d409c918aa9e3b5b4b5fc2d90034d9a3cc3d50c9e1d7bf1a98447fb39be2cf307bf7644bbac760ba33fc679755392d139f165923d56600211529d4dfafe0b3a25b555fa7bfe3fb57e953318d5c59ac43bb7140f80c4f57d574cbe25574872350729fc15310589d4725a", 0x3e4) r9 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120100007882b740422c0917b7ca010203010902120001000000000904"], 0x0) connect$x25(0xffffffffffffffff, &(0x7f0000000140)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x0}}, 0x12) syz_usb_control_io$cdc_ecm(r9, &(0x7f00000001c0)={0x14, &(0x7f00000000c0)={0x0, 0x11, 0x2, {0x2, 0x10}}, &(0x7f0000000180)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000300)={0x1c, &(0x7f0000000200)={0x40, 0x13, 0x3a, "4b8ae43f31b786630f31f1eeb92fafe3ff06f088a029f09d7680ee2c4f6a268edc4183ab813160662c24d6f9a83f41aa56057914a6168e2f701b"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x10}, 0x0}) r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) setsockopt$bt_BT_POWER(r10, 0x112, 0x9, 0x0, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r11, 0xc04064a0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffd4a, 0x1}) ioctl$DRM_IOCTL_MODE_SETPROPERTY(0xffffffffffffffff, 0xc01064ab, &(0x7f0000000040)={0xcf12}) 0s ago: executing program 1 (id=1890): socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$key(0xf, 0x3, 0x2) socket$kcm(0xf, 0x3, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) eventfd2(0x6, 0x80800) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, 0x0) sendmmsg$inet(r0, 0x0, 0x0, 0x8000) syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) socket$nl_crypto(0x10, 0x3, 0x15) socket$kcm(0x10, 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYRES16=r2], 0xc4}}, 0x0) kernel console output (not intermixed with test programs): lockdep_hardirqs_on+0x7a/0x110 [ 340.303074][ T9534] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 340.303095][ T9534] ? mutex_lock_nested+0x152/0x1d0 [ 340.303120][ T9534] ? do_epoll_ctl_file+0x3ff/0xf00 [ 340.303144][ T9534] do_epoll_ctl_file+0x792/0xf00 [ 340.303172][ T9534] ? __pfx_do_epoll_ctl_file+0x10/0x10 [ 340.303196][ T9534] ? __fget_files+0x3a8/0x420 [ 340.303214][ T9534] ? __fget_files+0x2a/0x420 [ 340.303239][ T9534] __se_sys_epoll_ctl+0x162/0x230 [ 340.303263][ T9534] ? __pfx___se_sys_epoll_ctl+0x10/0x10 [ 340.303293][ T9534] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.303311][ T9534] do_syscall_64+0x174/0x580 [ 340.303335][ T9534] ? clear_bhb_loop+0x40/0x90 [ 340.303366][ T9534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.303383][ T9534] RIP: 0033:0x7f5c603ace59 [ 340.303401][ T9534] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 340.303416][ T9534] RSP: 002b:00007f5c5e5dd028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 340.303435][ T9534] RAX: ffffffffffffffda RBX: 00007f5c60626090 RCX: 00007f5c603ace59 [ 340.303448][ T9534] RDX: 0000000000000005 RSI: 0000000000000003 RDI: 0000000000000003 [ 340.303459][ T9534] RBP: 00007f5c5e5dd090 R08: 0000000000000000 R09: 0000000000000000 [ 340.303470][ T9534] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000002 [ 340.303482][ T9534] R13: 00007f5c60626128 R14: 00007f5c60626090 R15: 00007ffcb1eb6438 [ 340.303508][ T9534] [ 340.835546][ T9535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 340.842727][ T9535] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 340.971913][ T5616] usb 4-1: USB disconnect, device number 73 [ 341.161722][ T9549] FAULT_INJECTION: forcing a failure. [ 341.161722][ T9549] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 341.161751][ T9549] CPU: 0 UID: 0 PID: 9549 Comm: syz.1.1471 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 341.161773][ T9549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 341.161783][ T9549] Call Trace: [ 341.161790][ T9549] [ 341.161796][ T9549] dump_stack_lvl+0xe8/0x150 [ 341.161819][ T9549] should_fail_ex+0x467/0x600 [ 341.161858][ T9549] strncpy_from_user+0x36/0x2c0 [ 341.161884][ T9549] do_getname+0x77/0x250 [ 341.161913][ T9549] __x64_sys_execveat+0xad/0xf0 [ 341.161934][ T9549] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.161957][ T9549] do_syscall_64+0x174/0x580 [ 341.161977][ T9549] ? trace_irq_disable+0x3b/0x140 [ 341.161999][ T9549] ? clear_bhb_loop+0x40/0x90 [ 341.162019][ T9549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.162035][ T9549] RIP: 0033:0x7fb1af2bce59 [ 341.162049][ T9549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 341.162064][ T9549] RSP: 002b:00007fb1ad4ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 341.162081][ T9549] RAX: ffffffffffffffda RBX: 00007fb1af536090 RCX: 00007fb1af2bce59 [ 341.162093][ T9549] RDX: 0000000000000000 RSI: 0000200000001400 RDI: ffffffffffffff9c [ 341.162105][ T9549] RBP: 00007fb1ad4ed090 R08: 0000000000000100 R09: 0000000000000000 [ 341.162115][ T9549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 341.162125][ T9549] R13: 00007fb1af536128 R14: 00007fb1af536090 R15: 00007ffc3ea74e48 [ 341.162149][ T9549] [ 341.231119][ T5717] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 341.426954][ T5717] usb 1-1: config 0 interface 0 has no altsetting 0 [ 341.427001][ T5717] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 341.427027][ T5717] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.463164][ T5717] usb 1-1: config 0 descriptor?? [ 341.771134][ T5616] usb 4-1: new full-speed USB device number 74 using dummy_hcd [ 341.978314][ T5616] usb 4-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=c7.b3 [ 341.978348][ T5616] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.978370][ T5616] usb 4-1: Product: syz [ 341.978384][ T5616] usb 4-1: Manufacturer: syz [ 341.978399][ T5616] usb 4-1: SerialNumber: syz [ 342.017804][ T5616] usb 4-1: config 0 descriptor?? [ 342.034205][ T5616] cypress_cy7c63 4-1:0.0: Cypress CY7C63xxx device now attached [ 342.172904][ T5717] video4linux radio48: keene_cmd_set failed (-71) [ 342.172935][ T5717] radio-keene 1-1:0.0: V4L2 device registered as radio48 [ 342.179586][ T9562] FAULT_INJECTION: forcing a failure. [ 342.179586][ T9562] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 342.179622][ T9562] CPU: 0 UID: 0 PID: 9562 Comm: syz.2.1476 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 342.179647][ T9562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 342.179661][ T9562] Call Trace: [ 342.179670][ T9562] [ 342.179681][ T9562] dump_stack_lvl+0xe8/0x150 [ 342.179712][ T9562] should_fail_ex+0x467/0x600 [ 342.179750][ T9562] _copy_to_user+0x31/0xb0 [ 342.179781][ T9562] simple_read_from_buffer+0xe1/0x170 [ 342.179810][ T9562] proc_fail_nth_read+0x1be/0x230 [ 342.179923][ T9562] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 342.180055][ T9562] ? rw_verify_area+0x250/0x4d0 [ 342.180150][ T9562] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 342.180209][ T9562] vfs_read+0x219/0xa90 [ 342.180299][ T9562] ? __pfx_vfs_read+0x10/0x10 [ 342.180383][ T9562] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 342.180459][ T9562] ? lockdep_hardirqs_on+0x7a/0x110 [ 342.180535][ T9562] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 342.180611][ T9562] ? mutex_lock_nested+0x152/0x1d0 [ 342.180701][ T9562] ? fdget_pos+0x252/0x320 [ 342.180780][ T9562] ksys_read+0x156/0x270 [ 342.180857][ T9562] ? __pfx_ksys_read+0x10/0x10 [ 342.180910][ T9562] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 342.180947][ T9562] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.180973][ T9562] do_syscall_64+0x174/0x580 [ 342.181001][ T9562] ? clear_bhb_loop+0x40/0x90 [ 342.181028][ T9562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.181050][ T9562] RIP: 0033:0x7f3b4fc3d68e [ 342.181071][ T9562] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 342.181090][ T9562] RSP: 002b:00007f3b4decdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 342.181114][ T9562] RAX: ffffffffffffffda RBX: 00007f3b4dece6c0 RCX: 00007f3b4fc3d68e [ 342.181129][ T9562] RDX: 000000000000000f RSI: 00007f3b4dece0a0 RDI: 0000000000000006 [ 342.181142][ T9562] RBP: 00007f3b4dece090 R08: 0000000000000000 R09: 0000000000000000 [ 342.181155][ T9562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 342.181168][ T9562] R13: 00007f3b4fef6038 R14: 00007f3b4fef5fa0 R15: 00007ffe56abe348 [ 342.181201][ T9562] [ 342.290852][ T5717] usb 1-1: USB disconnect, device number 35 [ 342.314721][ T5616] usb 4-1: USB disconnect, device number 74 [ 342.331616][ T5616] cypress_cy7c63 4-1:0.0: Cypress CY7C63xxx device now disconnected [ 343.176960][ T1263] usb 4-1: new high-speed USB device number 75 using dummy_hcd [ 343.209719][ T9602] FAULT_INJECTION: forcing a failure. [ 343.209719][ T9602] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 343.209754][ T9602] CPU: 0 UID: 0 PID: 9602 Comm: syz.1.1489 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 343.209780][ T9602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 343.209794][ T9602] Call Trace: [ 343.209803][ T9602] [ 343.209813][ T9602] dump_stack_lvl+0xe8/0x150 [ 343.209845][ T9602] should_fail_ex+0x467/0x600 [ 343.209886][ T9602] _copy_to_user+0x31/0xb0 [ 343.209917][ T9602] simple_read_from_buffer+0xe1/0x170 [ 343.209947][ T9602] proc_fail_nth_read+0x1be/0x230 [ 343.209974][ T9602] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 343.210002][ T9602] ? rw_verify_area+0x250/0x4d0 [ 343.210033][ T9602] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 343.210057][ T9602] vfs_read+0x219/0xa90 [ 343.210094][ T9602] ? __pfx_vfs_read+0x10/0x10 [ 343.210134][ T9602] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 343.210164][ T9602] ? lockdep_hardirqs_on+0x7a/0x110 [ 343.210192][ T9602] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 343.210221][ T9602] ? mutex_lock_nested+0x152/0x1d0 [ 343.210255][ T9602] ? fdget_pos+0x252/0x320 [ 343.210289][ T9602] ksys_read+0x156/0x270 [ 343.210321][ T9602] ? __pfx_ksys_read+0x10/0x10 [ 343.210349][ T9602] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 343.210386][ T9602] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.210411][ T9602] do_syscall_64+0x174/0x580 [ 343.210441][ T9602] ? clear_bhb_loop+0x40/0x90 [ 343.210470][ T9602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.210493][ T9602] RIP: 0033:0x7fb1af27d68e [ 343.210514][ T9602] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 343.210535][ T9602] RSP: 002b:00007fb1ad4ecfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 343.210559][ T9602] RAX: ffffffffffffffda RBX: 00007fb1ad4ed6c0 RCX: 00007fb1af27d68e [ 343.210575][ T9602] RDX: 000000000000000f RSI: 00007fb1ad4ed0a0 RDI: 0000000000000004 [ 343.210589][ T9602] RBP: 00007fb1ad4ed090 R08: 0000000000000000 R09: 0000000000000000 [ 343.210603][ T9602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 343.210617][ T9602] R13: 00007fb1af536128 R14: 00007fb1af536090 R15: 00007ffc3ea74e48 [ 343.210652][ T9602] [ 343.467065][ T1263] usb 4-1: unable to get BOS descriptor set [ 343.468343][ T1263] usb 4-1: config 6 has an invalid interface number: 252 but max is 0 [ 343.468369][ T1263] usb 4-1: config 6 has no interface number 0 [ 343.468403][ T1263] usb 4-1: config 6 interface 252 has no altsetting 0 [ 343.481889][ T1263] usb 4-1: New USB device found, idVendor=1199, idProduct=6815, bcdDevice=dd.bf [ 343.481976][ T1263] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.482038][ T1263] usb 4-1: Product: 쀻㓔洏뻬懄ራ찳௃窾乑䲸ⱞ䒍㖥络火빚읠깦浽톮拁蟎㼼竈ᐐ䢵嘮喟ᓜᓇ쿔ᤱ厙೷⒉⓺᫠싄郿㡨㐁趵7…뫉곀પ왐 [ 343.482130][ T1263] usb 4-1: Manufacturer: ј [ 343.482216][ T1263] usb 4-1: SerialNumber: М [ 343.777853][ T1263] sierra 4-1:6.252: Sierra USB modem converter detected [ 343.827041][ T1263] usb 4-1: Sierra USB modem converter now attached to ttyUSB0 [ 343.849806][ T1263] usb 4-1: USB disconnect, device number 75 [ 343.868045][ T1263] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 343.869947][ T1263] sierra 4-1:6.252: device disconnected [ 344.125697][ T9633] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1502'. [ 344.125966][ T9633] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1502'. [ 344.183468][ T9635] FAULT_INJECTION: forcing a failure. [ 344.183468][ T9635] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 344.183505][ T9635] CPU: 1 UID: 0 PID: 9635 Comm: syz.1.1503 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 344.183541][ T9635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 344.183555][ T9635] Call Trace: [ 344.183565][ T9635] [ 344.183574][ T9635] dump_stack_lvl+0xe8/0x150 [ 344.183604][ T9635] should_fail_ex+0x467/0x600 [ 344.183644][ T9635] prepare_alloc_pages+0x223/0x690 [ 344.183677][ T9635] __alloc_frozen_pages_noprof+0x12f/0x380 [ 344.183711][ T9635] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 344.183747][ T9635] ? __pfx_policy_nodemask+0x10/0x10 [ 344.183781][ T9635] ? mtree_range_walk+0x70a/0x8c0 [ 344.183821][ T9635] alloc_pages_mpol+0xce/0x280 [ 344.183854][ T9635] alloc_pages_noprof+0xd2/0x2f0 [ 344.183885][ T9635] __pud_alloc+0x3a/0x460 [ 344.183914][ T9635] handle_mm_fault+0xf40/0x1520 [ 344.183943][ T9635] ? handle_mm_fault+0xe9/0x1520 [ 344.183969][ T9635] ? __pfx_handle_mm_fault+0x10/0x10 [ 344.184005][ T9635] ? __lock_acquire+0x683/0x2ce0 [ 344.184040][ T9635] ? lock_mm_and_find_vma+0xa7/0x340 [ 344.184072][ T9635] do_user_addr_fault+0x744/0x1340 [ 344.184115][ T9635] exc_page_fault+0x6a/0xc0 [ 344.184144][ T9635] asm_exc_page_fault+0x26/0x30 [ 344.184166][ T9635] RIP: 0010:__put_user_4+0xd/0x30 [ 344.184194][ T9635] Code: 66 89 01 31 c9 0f 01 ca e9 c0 5b 04 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 97 5b 04 00 90 90 90 90 90 90 90 90 90 90 [ 344.184215][ T9635] RSP: 0018:ffffc9001b7bfc90 EFLAGS: 00050206 [ 344.184236][ T9635] RAX: 0000000000000044 RBX: 0000000000000000 RCX: 0000200000000000 [ 344.184251][ T9635] RDX: 0000000000000000 RSI: ffffffff8d9c7f1c RDI: ffffffff8babac80 [ 344.184266][ T9635] RBP: 0000000000004bfa R08: ffffffff82194eaf R09: 0000000000000000 [ 344.184280][ T9635] R10: 0000000000000000 R11: ffff88803e413a30 R12: 0000000000000330 [ 344.184293][ T9635] R13: 0000200000000000 R14: ffff88805dfe0000 R15: 0000200000000000 [ 344.184316][ T9635] ? __might_fault+0xaf/0x130 [ 344.184348][ T9635] vt_do_diacrit+0x41c/0xac0 [ 344.184382][ T9635] vt_ioctl+0x10dd/0x20d0 [ 344.184405][ T9635] ? vt_ioctl+0xb1/0x20d0 [ 344.184430][ T9635] ? __pfx_vt_ioctl+0x10/0x10 [ 344.184467][ T9635] ? __fget_files+0x2a/0x420 [ 344.184495][ T9635] ? tty_jobctrl_ioctl+0x358/0xb50 [ 344.184517][ T9635] ? __fget_files+0x2a/0x420 [ 344.184551][ T9635] tty_ioctl+0x926/0xde0 [ 344.184581][ T9635] ? __pfx_tty_ioctl+0x10/0x10 [ 344.184609][ T9635] __se_sys_ioctl+0xff/0x170 [ 344.184639][ T9635] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.184664][ T9635] do_syscall_64+0x174/0x580 [ 344.184691][ T9635] ? trace_irq_disable+0x3b/0x140 [ 344.184720][ T9635] ? clear_bhb_loop+0x40/0x90 [ 344.184769][ T9635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.184791][ T9635] RIP: 0033:0x7fb1af2bce59 [ 344.184812][ T9635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 344.184831][ T9635] RSP: 002b:00007fb1ad50e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 344.184854][ T9635] RAX: ffffffffffffffda RBX: 00007fb1af535fa0 RCX: 00007fb1af2bce59 [ 344.184876][ T9635] RDX: 0000200000000000 RSI: 0000000000004bfa RDI: 0000000000000003 [ 344.184890][ T9635] RBP: 00007fb1ad50e090 R08: 0000000000000000 R09: 0000000000000000 [ 344.184910][ T9635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 344.184923][ T9635] R13: 00007fb1af536038 R14: 00007fb1af535fa0 R15: 00007ffc3ea74e48 [ 344.184959][ T9635] [ 344.622409][ T9639] FAULT_INJECTION: forcing a failure. [ 344.622409][ T9639] name failslab, interval 1, probability 0, space 0, times 0 [ 344.622448][ T9639] CPU: 1 UID: 0 PID: 9639 Comm: syz.1.1505 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 344.622473][ T9639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 344.622488][ T9639] Call Trace: [ 344.622497][ T9639] [ 344.622507][ T9639] dump_stack_lvl+0xe8/0x150 [ 344.622539][ T9639] should_fail_ex+0x467/0x600 [ 344.622578][ T9639] should_failslab+0xa8/0x100 [ 344.622608][ T9639] kmem_cache_alloc_noprof+0xa4/0x650 [ 344.622631][ T9639] ? security_inode_alloc+0x39/0x310 [ 344.622661][ T9639] ? security_inode_alloc+0x39/0x310 [ 344.622708][ T9639] security_inode_alloc+0x39/0x310 [ 344.622744][ T9639] inode_init_always_gfp+0x983/0xd40 [ 344.622774][ T9639] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 344.622810][ T9639] alloc_inode+0x82/0x1b0 [ 344.622835][ T9639] new_inode+0x1f/0x170 [ 344.622862][ T9639] hugetlbfs_get_inode+0x73/0x660 [ 344.622893][ T9639] ? fput+0xa0/0xd0 [ 344.622920][ T9639] hugetlb_file_setup+0x21d/0x630 [ 344.622956][ T9639] ksys_mmap_pgoff+0x1ec/0x720 [ 344.622980][ T9639] ? __x64_sys_mmap+0x7f/0x140 [ 344.623010][ T9639] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.623034][ T9639] do_syscall_64+0x174/0x580 [ 344.623062][ T9639] ? trace_irq_disable+0x3b/0x140 [ 344.623098][ T9639] ? clear_bhb_loop+0x40/0x90 [ 344.623133][ T9639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.623158][ T9639] RIP: 0033:0x7fb1af2bce59 [ 344.623179][ T9639] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 344.623200][ T9639] RSP: 002b:00007fb1ad50e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 344.623224][ T9639] RAX: ffffffffffffffda RBX: 00007fb1af535fa0 RCX: 00007fb1af2bce59 [ 344.623241][ T9639] RDX: 0000000001000002 RSI: 0000000000ff5000 RDI: 0000200000000000 [ 344.623257][ T9639] RBP: 00007fb1ad50e090 R08: ffffffffffffffff R09: 0000000000000000 [ 344.623274][ T9639] R10: 000200000005c831 R11: 0000000000000246 R12: 0000000000000001 [ 344.623290][ T9639] R13: 00007fb1af536038 R14: 00007fb1af535fa0 R15: 00007ffc3ea74e48 [ 344.623324][ T9639] [ 345.361282][ T1263] usb 4-1: new high-speed USB device number 76 using dummy_hcd [ 345.521114][ T1263] usb 4-1: Using ep0 maxpacket: 8 [ 345.527151][ T1263] usb 4-1: unable to get BOS descriptor or descriptor too short [ 345.529454][ T1263] usb 4-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x95, changing to 0x85 [ 345.529485][ T1263] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 345.571370][ T1263] usb 4-1: string descriptor 0 read error: -22 [ 345.571530][ T1263] usb 4-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40 [ 345.571557][ T1263] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.612580][ T9657] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 345.637311][ T1263] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 345.637777][ T1263] usb 4-1: MIDIStreaming interface descriptor not found [ 345.974609][ T1263] usb 4-1: USB disconnect, device number 76 [ 346.034360][ T37] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 346.182493][ T37] usb 3-1: Using ep0 maxpacket: 32 [ 346.192494][ T37] usb 3-1: config index 0 descriptor too short (expected 29220, got 36) [ 346.192523][ T37] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 346.192545][ T37] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 346.192598][ T37] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 346.192622][ T37] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 346.192647][ T37] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 346.192670][ T37] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 346.192694][ T37] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 346.192738][ T37] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 346.192762][ T37] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 346.321551][ T37] usb 3-1: config 0 descriptor?? [ 346.666049][ T37] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 54 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 346.682074][ T5624] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 346.682376][ T37] usb 3-1: USB disconnect, device number 54 [ 346.711682][ T37] usblp0: removed [ 346.717072][ T5624] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 346.719918][ T5624] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 346.765924][ T5624] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 346.766950][ T5624] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 347.151227][ T37] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 347.301119][ T37] usb 3-1: Using ep0 maxpacket: 32 [ 347.305361][ T37] usb 3-1: config index 0 descriptor too short (expected 29220, got 36) [ 347.305391][ T37] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 347.305413][ T37] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 347.305464][ T37] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 347.305486][ T37] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 347.305511][ T37] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 347.305534][ T37] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 347.305558][ T37] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 347.305602][ T37] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 347.305627][ T37] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 347.420023][ T37] usb 3-1: config 0 descriptor?? [ 347.635651][ T37] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 55 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 347.751033][ T32] usb 4-1: new high-speed USB device number 77 using dummy_hcd [ 347.877642][ T5616] usb 3-1: USB disconnect, device number 55 [ 347.909640][ T5616] usblp0: removed [ 347.917675][ T32] usb 4-1: unable to get BOS descriptor or descriptor too short [ 347.920310][ T32] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 347.920335][ T32] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 347.967112][ T32] usb 4-1: New USB device found, idVendor=1235, idProduct=8010, bcdDevice= 0.40 [ 347.967145][ T32] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 347.967167][ T32] usb 4-1: Product: syz [ 347.967182][ T32] usb 4-1: Manufacturer: syz [ 347.967197][ T32] usb 4-1: SerialNumber: syz [ 348.866228][ T60] Bluetooth: hci4: command tx timeout [ 349.199091][ T32] usb 4-1: unit 3 not found! [ 349.295638][ T9755] FAULT_INJECTION: forcing a failure. [ 349.295638][ T9755] name failslab, interval 1, probability 0, space 0, times 0 [ 349.295675][ T9755] CPU: 0 UID: 0 PID: 9755 Comm: syz.3.1553 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 349.295704][ T9755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 349.295718][ T9755] Call Trace: [ 349.295727][ T9755] [ 349.295738][ T9755] dump_stack_lvl+0xe8/0x150 [ 349.295767][ T9755] should_fail_ex+0x467/0x600 [ 349.295808][ T9755] should_failslab+0xa8/0x100 [ 349.295837][ T9755] __kmalloc_noprof+0xfe/0x780 [ 349.295863][ T9755] ? hash_ipportnet6_add+0x121d/0x2b90 [ 349.295891][ T9755] ? hash_ipportnet6_add+0x121d/0x2b90 [ 349.295928][ T9755] hash_ipportnet6_add+0x121d/0x2b90 [ 349.295961][ T9755] ? __schedule+0x171f/0x5530 [ 349.295986][ T9755] ? hash_ipportnet6_add+0x7f/0x2b90 [ 349.296018][ T9755] ? ip_set_get_ipaddr6+0x18a/0x260 [ 349.296053][ T9755] ? __pfx_ip_set_get_ipaddr6+0x10/0x10 [ 349.296083][ T9755] ? irqentry_exit+0x218/0x8f0 [ 349.296125][ T9755] hash_ipportnet6_uadt+0xa57/0xde0 [ 349.296158][ T9755] ? __pfx_hash_ipportnet6_add+0x10/0x10 [ 349.296191][ T9755] ? __pfx_hash_ipportnet6_uadt+0x10/0x10 [ 349.296218][ T9755] ? __nla_validate_parse+0x2429/0x2d50 [ 349.296268][ T9755] call_ad+0x2ee/0xa30 [ 349.296307][ T9755] ? __pfx_call_ad+0x10/0x10 [ 349.296334][ T9755] ? ip_set_pernet+0x23/0x240 [ 349.296376][ T9755] ? __nla_parse+0x40/0x60 [ 349.296403][ T9755] ip_set_ad+0x82a/0x9d0 [ 349.296442][ T9755] ? __pfx_ip_set_ad+0x10/0x10 [ 349.296496][ T9755] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 349.296526][ T9755] ? lockdep_hardirqs_on+0x7a/0x110 [ 349.296554][ T9755] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 349.296599][ T9755] nfnetlink_rcv_msg+0xcd6/0x12c0 [ 349.296630][ T9755] ? nfnetlink_rcv_msg+0x22e/0x12c0 [ 349.296680][ T9755] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 349.296737][ T9755] ? __lock_acquire+0x683/0x2ce0 [ 349.296779][ T9755] ? __lock_acquire+0x683/0x2ce0 [ 349.296808][ T9755] ? sock_sendmsg_nosec+0x13a/0x180 [ 349.296839][ T9755] netlink_rcv_skb+0x226/0x4a0 [ 349.296869][ T9755] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 349.296900][ T9755] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 349.296945][ T9755] ? bpf_lsm_capable+0x9/0x20 [ 349.296974][ T9755] ? security_capable+0x7e/0x2c0 [ 349.297014][ T9755] nfnetlink_rcv+0x2b9/0x28d0 [ 349.297046][ T9755] ? sock_sendmsg_nosec+0x13a/0x180 [ 349.297069][ T9755] ? __pfx_snprintf+0x10/0x10 [ 349.297095][ T9755] ? unwind_get_return_address+0x4d/0x90 [ 349.297127][ T9755] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 349.297165][ T9755] ? trim_netdev_trace+0x791/0x820 [ 349.297205][ T9755] ? __pfx_trim_netdev_trace+0x10/0x10 [ 349.297236][ T9755] ? stack_trace_save+0xa9/0x100 [ 349.297266][ T9755] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 349.297296][ T9755] ? save_netdev_trace_buffer+0x18f/0x5e0 [ 349.297334][ T9755] ? save_netdev_trace_buffer+0x4c3/0x5e0 [ 349.297376][ T9755] ? __pfx_save_netdev_trace_buffer+0x10/0x10 [ 349.297410][ T9755] ? ref_tracker_free+0x668/0x820 [ 349.297431][ T9755] ? __netlink_deliver_tap+0x600/0x880 [ 349.297460][ T9755] ? netlink_deliver_tap+0x19c/0x1b0 [ 349.297489][ T9755] ? netlink_unicast+0x7b8/0x990 [ 349.297516][ T9755] ? netlink_sendmsg+0x813/0xb40 [ 349.297545][ T9755] ? sock_sendmsg_nosec+0x13a/0x180 [ 349.297565][ T9755] ? ____sys_sendmsg+0x565/0x870 [ 349.297601][ T9755] ? ___sys_sendmsg+0x2a5/0x360 [ 349.297629][ T9755] ? __x64_sys_sendmsg+0x1b7/0x290 [ 349.297657][ T9755] ? do_syscall_64+0x174/0x580 [ 349.297684][ T9755] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.297717][ T9755] ? __skb_clone+0x449/0x6c0 [ 349.297754][ T9755] ? skb_clone+0x246/0x3a0 [ 349.297790][ T9755] ? __netlink_deliver_tap+0x838/0x880 [ 349.297821][ T9755] ? netlink_deliver_tap+0x2e/0x1b0 [ 349.297858][ T9755] ? netlink_deliver_tap+0x2e/0x1b0 [ 349.297890][ T9755] ? netlink_deliver_tap+0x2e/0x1b0 [ 349.297928][ T9755] netlink_unicast+0x7f5/0x990 [ 349.297969][ T9755] netlink_sendmsg+0x813/0xb40 [ 349.298013][ T9755] ? __pfx_netlink_sendmsg+0x10/0x10 [ 349.298050][ T9755] ? aa_sock_msg_perm+0x122/0x200 [ 349.298092][ T9755] ? __pfx_netlink_sendmsg+0x10/0x10 [ 349.298124][ T9755] sock_sendmsg_nosec+0x13a/0x180 [ 349.298158][ T9755] ____sys_sendmsg+0x565/0x870 [ 349.298194][ T9755] ? __might_fault+0xaf/0x130 [ 349.298226][ T9755] ? __pfx_____sys_sendmsg+0x10/0x10 [ 349.298270][ T9755] ? import_iovec+0x73/0xa0 [ 349.298302][ T9755] ___sys_sendmsg+0x2a5/0x360 [ 349.298330][ T9755] ? __lock_acquire+0x683/0x2ce0 [ 349.298367][ T9755] ? __pfx____sys_sendmsg+0x10/0x10 [ 349.298439][ T9755] ? __fget_files+0x2a/0x420 [ 349.298463][ T9755] ? __fget_files+0x3a8/0x420 [ 349.298500][ T9755] __x64_sys_sendmsg+0x1b7/0x290 [ 349.298535][ T9755] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 349.298597][ T9755] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.298623][ T9755] do_syscall_64+0x174/0x580 [ 349.298650][ T9755] ? trace_irq_disable+0x3b/0x140 [ 349.298680][ T9755] ? clear_bhb_loop+0x40/0x90 [ 349.298708][ T9755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.298732][ T9755] RIP: 0033:0x7efc210fce59 [ 349.298759][ T9755] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 349.298779][ T9755] RSP: 002b:00007efc1f34e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 349.298803][ T9755] RAX: ffffffffffffffda RBX: 00007efc21375fa0 RCX: 00007efc210fce59 [ 349.298820][ T9755] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 349.298833][ T9755] RBP: 00007efc1f34e090 R08: 0000000000000000 R09: 0000000000000000 [ 349.298847][ T9755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 349.298860][ T9755] R13: 00007efc21376038 R14: 00007efc21375fa0 R15: 00007ffd2eabb628 [ 349.298897][ T9755] [ 350.189719][ T32] usb 4-1: USB disconnect, device number 77 [ 350.450478][ T6167] udevd[6167]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 350.626979][ T9775] FAULT_INJECTION: forcing a failure. [ 350.626979][ T9775] name failslab, interval 1, probability 0, space 0, times 0 [ 350.627018][ T9775] CPU: 1 UID: 0 PID: 9775 Comm: syz.0.1558 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 350.627044][ T9775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 350.627058][ T9775] Call Trace: [ 350.627067][ T9775] [ 350.627078][ T9775] dump_stack_lvl+0xe8/0x150 [ 350.627111][ T9775] should_fail_ex+0x467/0x600 [ 350.627154][ T9775] should_failslab+0xa8/0x100 [ 350.627184][ T9775] __kmalloc_cache_noprof+0xa0/0x6b0 [ 350.627211][ T9775] ? landlock_restrict_sibling_threads+0x670/0x1240 [ 350.627245][ T9775] ? landlock_restrict_sibling_threads+0x670/0x1240 [ 350.627288][ T9775] landlock_restrict_sibling_threads+0x670/0x1240 [ 350.627331][ T9775] ? landlock_restrict_sibling_threads+0x295/0x1240 [ 350.627371][ T9775] ? __pfx_landlock_restrict_sibling_threads+0x10/0x10 [ 350.627405][ T9775] ? get_random_u8+0x4bb/0x8a0 [ 350.627481][ T9775] ? landlock_put_ruleset+0x10/0xb0 [ 350.627514][ T9775] __se_sys_landlock_restrict_self+0x555/0x840 [ 350.627550][ T9775] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.627587][ T9775] do_syscall_64+0x174/0x580 [ 350.627620][ T9775] ? clear_bhb_loop+0x40/0x90 [ 350.627650][ T9775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.627674][ T9775] RIP: 0033:0x7f5c603ace59 [ 350.627695][ T9775] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 350.627717][ T9775] RSP: 002b:00007f5c5e5dd028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 350.627742][ T9775] RAX: ffffffffffffffda RBX: 00007f5c60626090 RCX: 00007f5c603ace59 [ 350.627759][ T9775] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000008 [ 350.627772][ T9775] RBP: 00007f5c5e5dd090 R08: 0000000000000000 R09: 0000000000000000 [ 350.627785][ T9775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 350.627799][ T9775] R13: 00007f5c60626128 R14: 00007f5c60626090 R15: 00007ffcb1eb6438 [ 350.627834][ T9775] [ 350.681065][ T32] usb 4-1: new full-speed USB device number 78 using dummy_hcd [ 350.821102][ T32] usb 4-1: device descriptor read/64, error -71 [ 350.941166][ T60] Bluetooth: hci4: command tx timeout [ 351.061081][ T32] usb 4-1: new full-speed USB device number 79 using dummy_hcd [ 351.191089][ T32] usb 4-1: device descriptor read/64, error -71 [ 351.302477][ T32] usb usb4-port1: attempt power cycle [ 351.449029][ T9784] netlink: 'syz.0.1563': attribute type 11 has an invalid length. [ 351.677291][ T32] usb 4-1: new full-speed USB device number 80 using dummy_hcd [ 351.691929][ T32] usb 4-1: device descriptor read/8, error -71 [ 351.746936][ T68] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.830789][ T9784] FAULT_INJECTION: forcing a failure. [ 351.830789][ T9784] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 351.830826][ T9784] CPU: 0 UID: 0 PID: 9784 Comm: syz.0.1563 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 351.830850][ T9784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 351.830864][ T9784] Call Trace: [ 351.830873][ T9784] [ 351.830883][ T9784] dump_stack_lvl+0xe8/0x150 [ 351.830917][ T9784] should_fail_ex+0x467/0x600 [ 351.830958][ T9784] prepare_alloc_pages+0x223/0x690 [ 351.830993][ T9784] __alloc_frozen_pages_noprof+0x12f/0x380 [ 351.831023][ T9784] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 351.831050][ T9784] ? __pfx_policy_nodemask+0x10/0x10 [ 351.831072][ T9784] ? genl_family_rcv_msg_doit+0x233/0x340 [ 351.831091][ T9784] ? genl_rcv_msg+0x614/0x7a0 [ 351.831108][ T9784] ? netlink_rcv_skb+0x226/0x4a0 [ 351.831130][ T9784] ? genl_rcv+0x28/0x40 [ 351.831146][ T9784] ? netlink_unicast+0x7f5/0x990 [ 351.831166][ T9784] ? sock_sendmsg_nosec+0x13a/0x180 [ 351.831189][ T9784] ? ____sys_sendmsg+0x565/0x870 [ 351.831218][ T9784] ? ___sys_sendmsg+0x2a5/0x360 [ 351.831241][ T9784] ? __x64_sys_sendmsg+0x1b7/0x290 [ 351.831264][ T9784] ? do_syscall_64+0x174/0x580 [ 351.831291][ T9784] alloc_pages_mpol+0xce/0x280 [ 351.831318][ T9784] ___kmalloc_large_node+0x4c/0x120 [ 351.831338][ T9784] ? ieee80211_if_add+0x21b/0x1600 [ 351.831366][ T9784] __kmalloc_large_node_noprof+0x18/0x90 [ 351.831393][ T9784] ? ieee80211_if_add+0x21b/0x1600 [ 351.831420][ T9784] __kmalloc_noprof+0x4bd/0x780 [ 351.831441][ T9784] ? ieee80211_if_add+0x21b/0x1600 [ 351.831473][ T9784] ieee80211_if_add+0x21b/0x1600 [ 351.831502][ T9784] ? trace_kmalloc+0x2a/0xf0 [ 351.831525][ T9784] ieee80211_add_iface+0xb4/0x5c0 [ 351.831549][ T9784] ? nl80211_new_interface+0x682/0x1080 [ 351.831581][ T9784] ? __pfx_ieee80211_add_iface+0x10/0x10 [ 351.831607][ T9784] ? __alloc_skb+0x4cc/0x7a0 [ 351.831633][ T9784] nl80211_new_interface+0x7c5/0x1080 [ 351.831670][ T9784] ? __pfx_nl80211_new_interface+0x10/0x10 [ 351.831703][ T9784] ? nl80211_pre_doit+0x564/0x8b0 [ 351.831736][ T9784] genl_family_rcv_msg_doit+0x233/0x340 [ 351.831762][ T9784] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 351.831793][ T9784] ? bpf_lsm_capable+0x9/0x20 [ 351.831817][ T9784] ? security_capable+0x7e/0x2c0 [ 351.831848][ T9784] genl_rcv_msg+0x614/0x7a0 [ 351.831872][ T9784] ? __pfx_genl_rcv_msg+0x10/0x10 [ 351.831891][ T9784] ? ref_tracker_free+0x668/0x820 [ 351.831907][ T9784] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 351.831933][ T9784] ? __pfx_nl80211_new_interface+0x10/0x10 [ 351.831961][ T9784] ? __pfx_nl80211_post_doit+0x10/0x10 [ 351.831987][ T9784] ? ____sys_sendmsg+0x565/0x870 [ 351.832010][ T9784] ? ___sys_sendmsg+0x2a5/0x360 [ 351.832033][ T9784] ? __x64_sys_sendmsg+0x1b7/0x290 [ 351.832056][ T9784] ? do_syscall_64+0x174/0x580 [ 351.832078][ T9784] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.832104][ T9784] netlink_rcv_skb+0x226/0x4a0 [ 351.832130][ T9784] ? __pfx_genl_rcv_msg+0x10/0x10 [ 351.832150][ T9784] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 351.832187][ T9784] ? netlink_deliver_tap+0x2e/0x1b0 [ 351.832211][ T9784] ? netlink_deliver_tap+0x2e/0x1b0 [ 351.832240][ T9784] genl_rcv+0x28/0x40 [ 351.832256][ T9784] netlink_unicast+0x7f5/0x990 [ 351.832288][ T9784] netlink_sendmsg+0x813/0xb40 [ 351.832321][ T9784] ? __pfx_netlink_sendmsg+0x10/0x10 [ 351.832350][ T9784] ? aa_sock_msg_perm+0x122/0x200 [ 351.832464][ T9784] ? __pfx_netlink_sendmsg+0x10/0x10 [ 351.832489][ T9784] sock_sendmsg_nosec+0x13a/0x180 [ 351.832510][ T9784] ____sys_sendmsg+0x565/0x870 [ 351.832534][ T9784] ? __might_fault+0xaf/0x130 [ 351.832559][ T9784] ? __pfx_____sys_sendmsg+0x10/0x10 [ 351.832592][ T9784] ? import_iovec+0x73/0xa0 [ 351.832617][ T9784] ___sys_sendmsg+0x2a5/0x360 [ 351.832641][ T9784] ? __lock_acquire+0x683/0x2ce0 [ 351.832670][ T9784] ? __pfx____sys_sendmsg+0x10/0x10 [ 351.832725][ T9784] ? __fget_files+0x2a/0x420 [ 351.832744][ T9784] ? __fget_files+0x3a8/0x420 [ 351.832805][ T9784] __x64_sys_sendmsg+0x1b7/0x290 [ 351.832833][ T9784] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 351.832874][ T9784] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.832895][ T9784] do_syscall_64+0x174/0x580 [ 351.832917][ T9784] ? trace_irq_disable+0x3b/0x140 [ 351.832941][ T9784] ? clear_bhb_loop+0x40/0x90 [ 351.832963][ T9784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.832982][ T9784] RIP: 0033:0x7f5c603ace59 [ 351.833000][ T9784] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 351.833015][ T9784] RSP: 002b:00007f5c5e5fe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 351.833035][ T9784] RAX: ffffffffffffffda RBX: 00007f5c60625fa0 RCX: 00007f5c603ace59 [ 351.833049][ T9784] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003 [ 351.833061][ T9784] RBP: 00007f5c5e5fe090 R08: 0000000000000000 R09: 0000000000000000 [ 351.833073][ T9784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 351.833084][ T9784] R13: 00007f5c60626038 R14: 00007f5c60625fa0 R15: 00007ffcb1eb6438 [ 351.833112][ T9784] [ 351.970087][ T32] usb 4-1: new full-speed USB device number 81 using dummy_hcd [ 352.025190][ T32] usb 4-1: device descriptor read/8, error -71 [ 352.157989][ T32] usb usb4-port1: unable to enumerate USB device [ 352.490842][ T9696] bridge0: port 1(bridge_slave_0) entered blocking state [ 352.502984][ T9696] bridge0: port 1(bridge_slave_0) entered disabled state [ 352.503343][ T9696] bridge_slave_0: entered allmulticast mode [ 352.506933][ T9696] bridge_slave_0: entered promiscuous mode [ 352.542943][ T9696] bridge0: port 2(bridge_slave_1) entered blocking state [ 352.543417][ T9696] bridge0: port 2(bridge_slave_1) entered disabled state [ 352.544226][ T9696] bridge_slave_1: entered allmulticast mode [ 352.548488][ T9696] bridge_slave_1: entered promiscuous mode [ 352.648400][ T9696] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 352.668442][ T9696] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 352.774696][ T9802] binder_alloc: binder_alloc_mmap_handler: 9800 200000ffd000-200001000000 already mapped failed -16 [ 352.774902][ T9804] binder: BINDER_SET_CONTEXT_MGR already set [ 352.774912][ T9804] binder: 9800:9804 ioctl 4018620d 200000000040 returned -16 [ 353.021089][ T60] Bluetooth: hci4: command tx timeout [ 353.134380][ T9819] FAULT_INJECTION: forcing a failure. [ 353.134380][ T9819] name failslab, interval 1, probability 0, space 0, times 0 [ 353.134417][ T9819] CPU: 0 UID: 0 PID: 9819 Comm: syz.0.1577 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 353.134443][ T9819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 353.134457][ T9819] Call Trace: [ 353.134466][ T9819] [ 353.134475][ T9819] dump_stack_lvl+0xe8/0x150 [ 353.134503][ T9819] should_fail_ex+0x467/0x600 [ 353.134544][ T9819] should_failslab+0xa8/0x100 [ 353.134571][ T9819] kmem_cache_alloc_noprof+0xa4/0x650 [ 353.134592][ T9819] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.134615][ T9819] ? skb_clone+0x212/0x3a0 [ 353.134641][ T9819] ? skb_clone+0x212/0x3a0 [ 353.134684][ T9819] skb_clone+0x212/0x3a0 [ 353.134718][ T9819] __netlink_deliver_tap+0x410/0x880 [ 353.134749][ T9819] ? netlink_deliver_tap+0x2e/0x1b0 [ 353.134797][ T9819] ? netlink_deliver_tap+0x2e/0x1b0 [ 353.134832][ T9819] netlink_deliver_tap+0x19c/0x1b0 [ 353.134866][ T9819] netlink_broadcast_filtered+0xafb/0xea0 [ 353.134913][ T9819] nlmsg_notify+0xe3/0x1a0 [ 353.134947][ T9819] ctnetlink_conntrack_event+0x11e4/0x15f0 [ 353.135009][ T9819] ? __pfx_ctnetlink_conntrack_event+0x10/0x10 [ 353.135049][ T9819] ? __local_bh_enable_ip+0x1ae/0x2b0 [ 353.135090][ T9819] ? __nf_conntrack_eventmask_report+0xc1/0x480 [ 353.135122][ T9819] __nf_conntrack_eventmask_report+0x1fa/0x480 [ 353.135160][ T9819] nf_conntrack_eventmask_report+0x2b5/0x450 [ 353.135196][ T9819] ? __pfx_nf_conntrack_eventmask_report+0x10/0x10 [ 353.135236][ T9819] ? ctnetlink_new_conntrack+0x751/0x2960 [ 353.135265][ T9819] ctnetlink_new_conntrack+0x2389/0x2960 [ 353.135290][ T9819] ? get_symbol_pos+0x322/0x3b0 [ 353.135317][ T9819] ? ctnetlink_new_conntrack+0x751/0x2960 [ 353.135350][ T9819] ? __pfx_ctnetlink_new_conntrack+0x10/0x10 [ 353.135390][ T9819] ? __pfx___nla_validate_parse+0x10/0x10 [ 353.135443][ T9819] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 353.135474][ T9819] ? lockdep_hardirqs_on+0x7a/0x110 [ 353.135503][ T9819] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 353.135539][ T9819] nfnetlink_rcv_msg+0xcd6/0x12c0 [ 353.135568][ T9819] ? nfnetlink_rcv_msg+0x22e/0x12c0 [ 353.135617][ T9819] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 353.135675][ T9819] ? __lock_acquire+0x683/0x2ce0 [ 353.135714][ T9819] ? __lock_acquire+0x683/0x2ce0 [ 353.135743][ T9819] ? sock_sendmsg_nosec+0x13a/0x180 [ 353.135773][ T9819] netlink_rcv_skb+0x226/0x4a0 [ 353.135815][ T9819] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 353.135846][ T9819] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 353.135890][ T9819] ? bpf_lsm_capable+0x9/0x20 [ 353.135918][ T9819] ? security_capable+0x7e/0x2c0 [ 353.135957][ T9819] nfnetlink_rcv+0x2b9/0x28d0 [ 353.135988][ T9819] ? sock_sendmsg_nosec+0x13a/0x180 [ 353.136013][ T9819] ? __pfx_snprintf+0x10/0x10 [ 353.136039][ T9819] ? unwind_get_return_address+0x4d/0x90 [ 353.136072][ T9819] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 353.136110][ T9819] ? trim_netdev_trace+0x791/0x820 [ 353.136150][ T9819] ? __pfx_trim_netdev_trace+0x10/0x10 [ 353.136182][ T9819] ? stack_trace_save+0xa9/0x100 [ 353.136213][ T9819] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 353.136242][ T9819] ? save_netdev_trace_buffer+0x18f/0x5e0 [ 353.136283][ T9819] ? save_netdev_trace_buffer+0x4c3/0x5e0 [ 353.136328][ T9819] ? __pfx_save_netdev_trace_buffer+0x10/0x10 [ 353.136362][ T9819] ? ref_tracker_free+0x668/0x820 [ 353.136383][ T9819] ? __netlink_deliver_tap+0x600/0x880 [ 353.136413][ T9819] ? netlink_deliver_tap+0x19c/0x1b0 [ 353.136443][ T9819] ? netlink_unicast+0x7b8/0x990 [ 353.136469][ T9819] ? netlink_sendmsg+0x813/0xb40 [ 353.136498][ T9819] ? sock_sendmsg_nosec+0x13a/0x180 [ 353.136518][ T9819] ? ____sys_sendmsg+0x565/0x870 [ 353.136546][ T9819] ? ___sys_sendmsg+0x2a5/0x360 [ 353.136574][ T9819] ? __x64_sys_sendmsg+0x1b7/0x290 [ 353.136603][ T9819] ? do_syscall_64+0x174/0x580 [ 353.136631][ T9819] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.136663][ T9819] ? __skb_clone+0x449/0x6c0 [ 353.136702][ T9819] ? skb_clone+0x246/0x3a0 [ 353.136737][ T9819] ? __netlink_deliver_tap+0x838/0x880 [ 353.136768][ T9819] ? netlink_deliver_tap+0x2e/0x1b0 [ 353.136814][ T9819] ? netlink_deliver_tap+0x2e/0x1b0 [ 353.136846][ T9819] ? netlink_deliver_tap+0x2e/0x1b0 [ 353.136884][ T9819] netlink_unicast+0x7f5/0x990 [ 353.136923][ T9819] netlink_sendmsg+0x813/0xb40 [ 353.136965][ T9819] ? __pfx_netlink_sendmsg+0x10/0x10 [ 353.137002][ T9819] ? aa_sock_msg_perm+0x122/0x200 [ 353.137044][ T9819] ? __pfx_netlink_sendmsg+0x10/0x10 [ 353.137075][ T9819] sock_sendmsg_nosec+0x13a/0x180 [ 353.137102][ T9819] ____sys_sendmsg+0x565/0x870 [ 353.137131][ T9819] ? __might_fault+0xaf/0x130 [ 353.137161][ T9819] ? __pfx_____sys_sendmsg+0x10/0x10 [ 353.137204][ T9819] ? import_iovec+0x73/0xa0 [ 353.137233][ T9819] ___sys_sendmsg+0x2a5/0x360 [ 353.137264][ T9819] ? __lock_acquire+0x683/0x2ce0 [ 353.137300][ T9819] ? __pfx____sys_sendmsg+0x10/0x10 [ 353.137371][ T9819] ? __fget_files+0x2a/0x420 [ 353.137400][ T9819] ? __fget_files+0x3a8/0x420 [ 353.137436][ T9819] __x64_sys_sendmsg+0x1b7/0x290 [ 353.137471][ T9819] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 353.137535][ T9819] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.137560][ T9819] do_syscall_64+0x174/0x580 [ 353.137587][ T9819] ? trace_irq_disable+0x3b/0x140 [ 353.137616][ T9819] ? clear_bhb_loop+0x40/0x90 [ 353.137650][ T9819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.137673][ T9819] RIP: 0033:0x7f5c603ace59 [ 353.137694][ T9819] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 353.137714][ T9819] RSP: 002b:00007f5c5e5fe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 353.137738][ T9819] RAX: ffffffffffffffda RBX: 00007f5c60625fa0 RCX: 00007f5c603ace59 [ 353.137753][ T9819] RDX: 000000002000884c RSI: 0000200000000080 RDI: 0000000000000004 [ 353.137767][ T9819] RBP: 00007f5c5e5fe090 R08: 0000000000000000 R09: 0000000000000000 [ 353.137780][ T9819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 353.137802][ T9819] R13: 00007f5c60626038 R14: 00007f5c60625fa0 R15: 00007ffcb1eb6438 [ 353.137837][ T9819] [ 353.213258][ T9817] FAULT_INJECTION: forcing a failure. [ 353.213258][ T9817] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 353.213305][ T9817] CPU: 0 UID: 0 PID: 9817 Comm: syz.2.1576 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 353.213327][ T9817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 353.213340][ T9817] Call Trace: [ 353.213370][ T9817] [ 353.213394][ T9817] dump_stack_lvl+0xe8/0x150 [ 353.213486][ T9817] should_fail_ex+0x467/0x600 [ 353.213590][ T9817] fpu__restore_sig+0x209/0x11f0 [ 353.213668][ T9817] ? restore_altstack+0x2c4/0x4f0 [ 353.213749][ T9817] ? __pfx_fpu__restore_sig+0x10/0x10 [ 353.213907][ T9817] __ia32_sys_rt_sigreturn+0x756/0x8c0 [ 353.213989][ T9817] ? __lock_acquire+0x683/0x2ce0 [ 353.214085][ T9817] ? __pfx___ia32_sys_rt_sigreturn+0x10/0x10 [ 353.214180][ T9817] ? __task_pid_nr_ns+0x28/0x470 [ 353.214254][ T9817] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.214341][ T9817] do_syscall_64+0x174/0x580 [ 353.214430][ T9817] ? trace_irq_disable+0x3b/0x140 [ 353.214511][ T9817] ? clear_bhb_loop+0x40/0x90 [ 353.214583][ T9817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.214638][ T9817] RIP: 0033:0x7f3b4fc7ce57 [ 353.214691][ T9817] Code: 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 [ 353.214742][ T9817] RSP: 002b:00007f3b4dece028 EFLAGS: 00000246 [ 353.214806][ T9817] RAX: 000000000000002d RBX: 00007f3b4fef5fa0 RCX: 00007f3b4fc7ce59 [ 353.214848][ T9817] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 353.214888][ T9817] RBP: 00007f3b4dece090 R08: 0000000000000000 R09: 0000000000000000 [ 353.214921][ T9817] R10: 0000000040000000 R11: 0000000000000246 R12: 0000000000000002 [ 353.214961][ T9817] R13: 00007f3b4fef6038 R14: 00007f3b4fef5fa0 R15: 00007ffe56abe348 [ 353.215047][ T9817] [ 354.098761][ T68] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.136802][ T9829] netlink: 416 bytes leftover after parsing attributes in process `syz.2.1587'. [ 354.140761][ T9831] netlink: 384 bytes leftover after parsing attributes in process `syz.2.1587'. [ 354.180699][ T9696] team0: Port device team_slave_0 added [ 354.330358][ T9696] team0: Port device team_slave_1 added [ 354.679921][ T68] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.711058][ T37] usb 3-1: new low-speed USB device number 56 using dummy_hcd [ 354.735472][ T9696] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 354.735489][ T9696] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 354.735519][ T9696] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 354.753789][ T9696] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 354.753841][ T9696] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 354.753924][ T9696] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 354.882825][ T37] usb 3-1: device descriptor read/64, error -71 [ 355.101190][ T60] Bluetooth: hci4: command tx timeout [ 355.121100][ T32] usb 4-1: new high-speed USB device number 82 using dummy_hcd [ 355.121291][ T37] usb 3-1: new low-speed USB device number 57 using dummy_hcd [ 355.273283][ T37] usb 3-1: device descriptor read/64, error -71 [ 355.277498][ T68] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.295592][ T32] usb 4-1: unable to get BOS descriptor set [ 355.298530][ T32] usb 4-1: config 6 has an invalid interface number: 252 but max is 0 [ 355.298556][ T32] usb 4-1: config 6 has no interface number 0 [ 355.298603][ T32] usb 4-1: config 6 interface 252 altsetting 5 endpoint 0x8 has invalid maxpacket 1024, setting to 64 [ 355.298645][ T32] usb 4-1: config 6 interface 252 has no altsetting 0 [ 355.302670][ T32] usb 4-1: New USB device found, idVendor=1199, idProduct=6815, bcdDevice=dd.bf [ 355.302697][ T32] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.302718][ T32] usb 4-1: Product: 쀻㓔洏뻬懄ራ찳௃窾乑䲸ⱞ䒍㖥络火빚읠깦浽톮拁蟎㼼竈ᐐ䢵嘮喟ᓜᓇ쿔ᤱ厙೷⒉⓺᫠싄郿㡨㐁趵7…뫉곀પ왐 [ 355.302742][ T32] usb 4-1: Manufacturer: ј [ 355.302758][ T32] usb 4-1: SerialNumber: М [ 355.381497][ T37] usb usb3-port1: attempt power cycle [ 355.482744][ T9696] hsr_slave_0: entered promiscuous mode [ 355.485046][ T9696] hsr_slave_1: entered promiscuous mode [ 355.486955][ T9696] debugfs: 'hsr0' already exists in 'hsr' [ 355.486981][ T9696] Cannot create hsr debugfs directory [ 355.622851][ T32] sierra 4-1:6.252: Sierra USB modem converter detected [ 355.653706][ T32] usb 4-1: Sierra USB modem converter now attached to ttyUSB0 [ 355.674217][ T32] usb 4-1: USB disconnect, device number 82 [ 355.721082][ T37] usb 3-1: new low-speed USB device number 58 using dummy_hcd [ 355.743845][ T37] usb 3-1: device descriptor read/8, error -71 [ 355.777106][ T32] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 355.779397][ T32] sierra 4-1:6.252: device disconnected [ 355.981407][ T37] usb 3-1: new low-speed USB device number 59 using dummy_hcd [ 356.001937][ T37] usb 3-1: device descriptor read/8, error -71 [ 356.116333][ T37] usb usb3-port1: unable to enumerate USB device [ 356.957968][ T68] bridge_slave_1: left allmulticast mode [ 356.958158][ T68] bridge_slave_1: left promiscuous mode [ 357.015938][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 357.051135][ T5616] usb 4-1: new high-speed USB device number 83 using dummy_hcd [ 357.222855][ T5616] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 357.225882][ T5616] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 357.225911][ T5616] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 357.225931][ T5616] usb 4-1: Product: syz [ 357.225945][ T5616] usb 4-1: Manufacturer: syz [ 357.225960][ T5616] usb 4-1: SerialNumber: syz [ 357.285469][ T5616] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 357.307478][ T68] bridge_slave_0: left allmulticast mode [ 357.307516][ T68] bridge_slave_0: left promiscuous mode [ 357.307954][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 357.360068][ T9] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 358.235752][ T9927] netlink: 'syz.2.1619': attribute type 1 has an invalid length. [ 358.768043][ T9936] FAULT_INJECTION: forcing a failure. [ 358.768043][ T9936] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 358.768092][ T9936] CPU: 1 UID: 0 PID: 9936 Comm: syz.0.1622 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 358.768113][ T9936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 358.768128][ T9936] Call Trace: [ 358.768140][ T9936] [ 358.768148][ T9936] dump_stack_lvl+0xe8/0x150 [ 358.768175][ T9936] should_fail_ex+0x467/0x600 [ 358.768207][ T9936] _copy_to_user+0x31/0xb0 [ 358.768231][ T9936] simple_read_from_buffer+0xe1/0x170 [ 358.768256][ T9936] proc_fail_nth_read+0x1be/0x230 [ 358.768280][ T9936] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 358.768303][ T9936] ? rw_verify_area+0x250/0x4d0 [ 358.768329][ T9936] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 358.768350][ T9936] vfs_read+0x219/0xa90 [ 358.768383][ T9936] ? __pfx_vfs_read+0x10/0x10 [ 358.768406][ T9936] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 358.768429][ T9936] ? lockdep_hardirqs_on+0x7a/0x110 [ 358.768450][ T9936] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 358.768471][ T9936] ? mutex_lock_nested+0x152/0x1d0 [ 358.768504][ T9936] ? fdget_pos+0x252/0x320 [ 358.768530][ T9936] ksys_read+0x156/0x270 [ 358.768560][ T9936] ? __pfx_ksys_read+0x10/0x10 [ 358.768589][ T9936] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.768608][ T9936] do_syscall_64+0x174/0x580 [ 358.768632][ T9936] ? clear_bhb_loop+0x40/0x90 [ 358.768653][ T9936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.768671][ T9936] RIP: 0033:0x7f5c6036d68e [ 358.768688][ T9936] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 358.768704][ T9936] RSP: 002b:00007f5c5e5dcfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 358.768724][ T9936] RAX: ffffffffffffffda RBX: 00007f5c5e5dd6c0 RCX: 00007f5c6036d68e [ 358.768739][ T9936] RDX: 000000000000000f RSI: 00007f5c5e5dd0a0 RDI: 0000000000000004 [ 358.768751][ T9936] RBP: 00007f5c5e5dd090 R08: 0000000000000000 R09: 0000000000000000 [ 358.768768][ T9936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 358.768778][ T9936] R13: 00007f5c60626128 R14: 00007f5c60626090 R15: 00007ffcb1eb6438 [ 358.768805][ T9936] [ 358.792249][ T9] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 359.078064][ T9] ath9k_htc: Failed to initialize the device [ 359.244430][ T9941] FAULT_INJECTION: forcing a failure. [ 359.244430][ T9941] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 359.244467][ T9941] CPU: 1 UID: 0 PID: 9941 Comm: syz.0.1625 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 359.244493][ T9941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 359.244508][ T9941] Call Trace: [ 359.244517][ T9941] [ 359.244527][ T9941] dump_stack_lvl+0xe8/0x150 [ 359.244557][ T9941] should_fail_ex+0x467/0x600 [ 359.244602][ T9941] _copy_to_user+0x31/0xb0 [ 359.244632][ T9941] drm_ioctl+0x736/0xba0 [ 359.244674][ T9941] ? __pfx_drm_mode_dirtyfb_ioctl+0x10/0x10 [ 359.244701][ T9941] ? __pfx_drm_ioctl+0x10/0x10 [ 359.244747][ T9941] ? __fget_files+0x2a/0x420 [ 359.244776][ T9941] ? bpf_lsm_file_ioctl+0x9/0x20 [ 359.244805][ T9941] ? __pfx_drm_ioctl+0x10/0x10 [ 359.244846][ T9941] __se_sys_ioctl+0xff/0x170 [ 359.244876][ T9941] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.244901][ T9941] do_syscall_64+0x174/0x580 [ 359.244928][ T9941] ? trace_irq_disable+0x3b/0x140 [ 359.244957][ T9941] ? clear_bhb_loop+0x40/0x90 [ 359.244984][ T9941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.245007][ T9941] RIP: 0033:0x7f5c603ace59 [ 359.245027][ T9941] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 359.245048][ T9941] RSP: 002b:00007f5c5e5fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 359.245072][ T9941] RAX: ffffffffffffffda RBX: 00007f5c60625fa0 RCX: 00007f5c603ace59 [ 359.245088][ T9941] RDX: 0000200000000040 RSI: 00000000c01864b1 RDI: 0000000000000003 [ 359.245101][ T9941] RBP: 00007f5c5e5fe090 R08: 0000000000000000 R09: 0000000000000000 [ 359.245115][ T9941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 359.245128][ T9941] R13: 00007f5c60626038 R14: 00007f5c60625fa0 R15: 00007ffcb1eb6438 [ 359.245161][ T9941] [ 359.610433][ T9] usb 4-1: ath9k_htc: USB layer deinitialized [ 360.315923][ T7275] Trying to write to read-only block-device nullb0 [ 360.872635][ T68] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 360.956686][ T68] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 361.061260][ T68] bond0 (unregistering): Released all slaves [ 361.444340][ T5271] 8021q: adding VLAN 0 to HW filter on device eth1 [ 361.538086][ T6141] usb 4-1: USB disconnect, device number 83 [ 362.871096][ T9] usb 4-1: new full-speed USB device number 84 using dummy_hcd [ 363.047585][ T9] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 363.047618][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.047638][ T9] usb 4-1: Product: syz [ 363.047653][ T9] usb 4-1: Manufacturer: syz [ 363.047668][ T9] usb 4-1: SerialNumber: syz [ 363.104508][ T9] usb 4-1: config 0 descriptor?? [ 363.168250][T10056] FAULT_INJECTION: forcing a failure. [ 363.168250][T10056] name failslab, interval 1, probability 0, space 0, times 0 [ 363.168280][T10056] CPU: 0 UID: 0 PID: 10056 Comm: syz.0.1671 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 363.168299][T10056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 363.168309][T10056] Call Trace: [ 363.168315][T10056] [ 363.168323][T10056] dump_stack_lvl+0xe8/0x150 [ 363.168346][T10056] should_fail_ex+0x467/0x600 [ 363.168375][T10056] should_failslab+0xa8/0x100 [ 363.168405][T10056] kmem_cache_alloc_noprof+0xa4/0x650 [ 363.168422][T10056] ? ptlock_alloc+0x20/0x70 [ 363.168439][T10056] ? ptlock_alloc+0x20/0x70 [ 363.168460][T10056] ptlock_alloc+0x20/0x70 [ 363.168477][T10056] pte_alloc_one+0x7e/0x380 [ 363.168503][T10056] __pte_alloc+0x25/0x1a0 [ 363.168528][T10056] do_pte_missing+0x1bda/0x28f0 [ 363.168549][T10056] ? rt_spin_unlock+0x163/0x200 [ 363.168567][T10056] ? __pmd_alloc+0x41b/0x5e0 [ 363.168587][T10056] handle_mm_fault+0xe0b/0x1520 [ 363.168608][T10056] ? handle_mm_fault+0xe9/0x1520 [ 363.168626][T10056] ? __pfx_handle_mm_fault+0x10/0x10 [ 363.168657][T10056] ? lock_mm_and_find_vma+0xa7/0x340 [ 363.168679][T10056] do_user_addr_fault+0x744/0x1340 [ 363.168711][T10056] exc_page_fault+0x6a/0xc0 [ 363.168732][T10056] asm_exc_page_fault+0x26/0x30 [ 363.168747][T10056] RIP: 0010:rep_movs_alternative+0x30/0xa0 [ 363.168764][T10056] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 363.168778][T10056] RSP: 0018:ffffc9000b727e28 EFLAGS: 00050216 [ 363.168792][T10056] RAX: 00007ffffffff001 RBX: 0000000000000020 RCX: 0000000000000020 [ 363.168803][T10056] RDX: 0000000000000001 RSI: 0000200000000140 RDI: ffff88803a2003c0 [ 363.168814][T10056] RBP: 0000000000000020 R08: ffff88803a2003df R09: 1ffff1100744007b [ 363.168826][T10056] R10: dffffc0000000000 R11: ffffed100744007c R12: 0000000000000020 [ 363.168837][T10056] R13: 0000000000000000 R14: ffff88803a2003c0 R15: 0000200000000140 [ 363.168861][T10056] _copy_from_user+0x7a/0xb0 [ 363.168882][T10056] memdup_user+0x5e/0xd0 [ 363.168907][T10056] security_setselfattr+0x8d/0x830 [ 363.168936][T10056] __x64_sys_lsm_set_self_attr+0xf3/0x130 [ 363.168960][T10056] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.168977][T10056] do_syscall_64+0x174/0x580 [ 363.168997][T10056] ? trace_irq_disable+0x3b/0x140 [ 363.169018][T10056] ? clear_bhb_loop+0x40/0x90 [ 363.169070][T10056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.169093][T10056] RIP: 0033:0x7f5c603ace59 [ 363.169112][T10056] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 363.169133][T10056] RSP: 002b:00007f5c5e5fe028 EFLAGS: 00000246 ORIG_RAX: 00000000000001cc [ 363.169155][T10056] RAX: ffffffffffffffda RBX: 00007f5c60625fa0 RCX: 00007f5c603ace59 [ 363.169172][T10056] RDX: 0000000000000020 RSI: 0000200000000140 RDI: 0000000000000000 [ 363.169191][T10056] RBP: 00007f5c5e5fe090 R08: 0000000000000000 R09: 0000000000000000 [ 363.169201][T10056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 363.169211][T10056] R13: 00007f5c60626038 R14: 00007f5c60625fa0 R15: 00007ffcb1eb6438 [ 363.169236][T10056] [ 363.545157][ T9] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 363.868570][ T5271] 8021q: adding VLAN 0 to HW filter on device eth2 [ 363.903221][ T9] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 364.005387][ T9] usb 4-1: USB disconnect, device number 84 [ 364.380414][T10079] FAULT_INJECTION: forcing a failure. [ 364.380414][T10079] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 364.380442][T10079] CPU: 0 UID: 0 PID: 10079 Comm: syz.2.1680 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 364.380461][T10079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 364.380471][T10079] Call Trace: [ 364.380477][T10079] [ 364.380484][T10079] dump_stack_lvl+0xe8/0x150 [ 364.380506][T10079] should_fail_ex+0x467/0x600 [ 364.380535][T10079] _copy_to_user+0x31/0xb0 [ 364.380556][T10079] drm_ioctl+0x736/0xba0 [ 364.380585][T10079] ? __pfx_drm_mode_dirtyfb_ioctl+0x10/0x10 [ 364.380604][T10079] ? __pfx_drm_ioctl+0x10/0x10 [ 364.380635][T10079] ? __fget_files+0x2a/0x420 [ 364.380655][T10079] ? bpf_lsm_file_ioctl+0x9/0x20 [ 364.380675][T10079] ? __pfx_drm_ioctl+0x10/0x10 [ 364.380697][T10079] __se_sys_ioctl+0xff/0x170 [ 364.380719][T10079] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.380737][T10079] do_syscall_64+0x174/0x580 [ 364.380757][T10079] ? trace_irq_disable+0x3b/0x140 [ 364.380778][T10079] ? clear_bhb_loop+0x40/0x90 [ 364.380798][T10079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.380822][T10079] RIP: 0033:0x7f3b4fc7ce59 [ 364.380836][T10079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 364.380850][T10079] RSP: 002b:00007f3b4dece028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 364.380868][T10079] RAX: ffffffffffffffda RBX: 00007f3b4fef5fa0 RCX: 00007f3b4fc7ce59 [ 364.380880][T10079] RDX: 0000200000000040 RSI: 00000000c01864b1 RDI: 0000000000000003 [ 364.380917][T10079] RBP: 00007f3b4dece090 R08: 0000000000000000 R09: 0000000000000000 [ 364.380930][T10079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 364.380943][T10079] R13: 00007f3b4fef6038 R14: 00007f3b4fef5fa0 R15: 00007ffe56abe348 [ 364.380977][T10079] [ 364.424052][ T9] usb 4-1: new high-speed USB device number 85 using dummy_hcd [ 364.432172][ T5717] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 364.600036][ T9] usb 4-1: unable to get BOS descriptor or descriptor too short [ 364.601249][ T9] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 364.601341][ T9] usb 4-1: can't read configurations, error -71 [ 364.723346][ T5717] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 364.723379][ T5717] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 364.723405][ T5717] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 364.723427][ T5717] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0 [ 364.727102][ T5717] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 364.727133][ T5717] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 364.727155][ T5717] usb 1-1: Product: syz [ 364.727170][ T5717] usb 1-1: Manufacturer: syz [ 364.727186][ T5717] usb 1-1: SerialNumber: syz [ 364.897798][ T5717] usb 1-1: config 0 descriptor?? [ 364.898830][T10075] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 364.916551][ T5717] usb 1-1: ucan: probing device on interface #0 [ 364.916582][ T5717] usb 1-1: ucan: invalid in_ep MaxPacketSize [ 364.916597][ T5717] usb 1-1: ucan: probe failed; try to update the device firmware [ 365.110663][T10075] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 365.123421][T10075] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 365.150929][T10075] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 365.166534][T10075] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 365.166860][T10087] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 365.196485][T10087] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 365.300825][ T821] usb 1-1: USB disconnect, device number 36 [ 366.701462][ T6141] usb 4-1: new high-speed USB device number 87 using dummy_hcd [ 366.801947][ T68] hsr_slave_0: left promiscuous mode [ 366.844265][ T68] hsr_slave_1: left promiscuous mode [ 366.865414][ T68] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 366.920285][ T68] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 366.921639][ T6141] usb 4-1: unable to get BOS descriptor or descriptor too short [ 366.922711][ T6141] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 366.922747][ T6141] usb 4-1: can't read configurations, error -71 [ 366.986056][ T68] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 366.986086][ T68] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 367.216144][ T68] veth1_macvtap: left promiscuous mode [ 367.216418][ T68] veth0_macvtap: left promiscuous mode [ 367.251435][ T68] veth1_vlan: left promiscuous mode [ 367.252345][ T68] veth0_vlan: left promiscuous mode [ 367.332749][ T9] usb 3-1: new high-speed USB device number 60 using dummy_hcd [ 367.486083][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 367.486139][ T9] usb 3-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 367.486165][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 367.531357][ T9] usb 3-1: config 0 descriptor?? [ 367.737999][ T9] (null): keene_cmd_main failed (-71) [ 367.846466][ T9] video4linux radio48: keene_cmd_main failed (-71) [ 367.846511][ T9] radio-keene 3-1:0.0: V4L2 device registered as radio48 [ 367.910762][ T9] usb 3-1: USB disconnect, device number 60 [ 368.393908][T10199] FAULT_INJECTION: forcing a failure. [ 368.393908][T10199] name failslab, interval 1, probability 0, space 0, times 0 [ 368.393956][T10199] CPU: 1 UID: 0 PID: 10199 Comm: syz.0.1719 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 368.393982][T10199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 368.393997][T10199] Call Trace: [ 368.394006][T10199] [ 368.394016][T10199] dump_stack_lvl+0xe8/0x150 [ 368.394048][T10199] should_fail_ex+0x467/0x600 [ 368.394080][T10199] should_failslab+0xa8/0x100 [ 368.394105][T10199] kmem_cache_alloc_noprof+0xa4/0x650 [ 368.394123][T10199] ? do_getname+0x2e/0x250 [ 368.394148][T10199] ? do_getname+0x2e/0x250 [ 368.394178][T10199] do_getname+0x2e/0x250 [ 368.394204][T10199] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.394224][T10199] __se_sys_link+0x3a/0x2c0 [ 368.394241][T10199] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.394259][T10199] do_syscall_64+0x174/0x580 [ 368.394282][T10199] ? trace_irq_disable+0x3b/0x140 [ 368.394305][T10199] ? clear_bhb_loop+0x40/0x90 [ 368.394326][T10199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.394349][T10199] RIP: 0033:0x7f5c603ace59 [ 368.394365][T10199] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 368.394382][T10199] RSP: 002b:00007f5c5e5fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000056 [ 368.394401][T10199] RAX: ffffffffffffffda RBX: 00007f5c60625fa0 RCX: 00007f5c603ace59 [ 368.394413][T10199] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000200000000200 [ 368.394425][T10199] RBP: 00007f5c5e5fe090 R08: 0000000000000000 R09: 0000000000000000 [ 368.394436][T10199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 368.394446][T10199] R13: 00007f5c60626038 R14: 00007f5c60625fa0 R15: 00007ffcb1eb6438 [ 368.394474][T10199] [ 369.555541][T10237] cgroup2: Unknown parameter 'memory_ng' [ 369.555912][T10239] cgroup2: Unknown parameter 'memory_ng' [ 369.692129][T10244] FAULT_INJECTION: forcing a failure. [ 369.692129][T10244] name failslab, interval 1, probability 0, space 0, times 0 [ 369.692171][T10244] CPU: 0 UID: 0 PID: 10244 Comm: syz.0.1736 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 369.692195][T10244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 369.692210][T10244] Call Trace: [ 369.692219][T10244] [ 369.692229][T10244] dump_stack_lvl+0xe8/0x150 [ 369.692258][T10244] should_fail_ex+0x467/0x600 [ 369.692303][T10244] should_failslab+0xa8/0x100 [ 369.692331][T10244] kmem_cache_alloc_node_noprof+0xae/0x670 [ 369.692357][T10244] ? __alloc_skb+0x1d7/0x7a0 [ 369.692381][T10244] ? __alloc_skb+0x1d7/0x7a0 [ 369.692412][T10244] __alloc_skb+0x1d7/0x7a0 [ 369.692443][T10244] netlink_ack+0x136/0xb30 [ 369.692493][T10244] ? __lock_acquire+0x683/0x2ce0 [ 369.692523][T10244] ? sock_sendmsg_nosec+0x13a/0x180 [ 369.692551][T10244] netlink_rcv_skb+0x2a4/0x4a0 [ 369.692582][T10244] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 369.692612][T10244] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 369.692653][T10244] ? bpf_lsm_capable+0x9/0x20 [ 369.692683][T10244] ? security_capable+0x7e/0x2c0 [ 369.692721][T10244] nfnetlink_rcv+0x2b9/0x28d0 [ 369.692752][T10244] ? sock_sendmsg_nosec+0x13a/0x180 [ 369.692776][T10244] ? __pfx_snprintf+0x10/0x10 [ 369.692801][T10244] ? unwind_get_return_address+0x4d/0x90 [ 369.692833][T10244] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 369.692872][T10244] ? trim_netdev_trace+0x791/0x820 [ 369.692910][T10244] ? __pfx_trim_netdev_trace+0x10/0x10 [ 369.692944][T10244] ? stack_trace_save+0xa9/0x100 [ 369.692975][T10244] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 369.693005][T10244] ? save_netdev_trace_buffer+0x18f/0x5e0 [ 369.693045][T10244] ? save_netdev_trace_buffer+0x4c3/0x5e0 [ 369.693087][T10244] ? __pfx_save_netdev_trace_buffer+0x10/0x10 [ 369.693123][T10244] ? ref_tracker_free+0x668/0x820 [ 369.693144][T10244] ? __netlink_deliver_tap+0x600/0x880 [ 369.693174][T10244] ? netlink_deliver_tap+0x19c/0x1b0 [ 369.693202][T10244] ? netlink_unicast+0x7b8/0x990 [ 369.693228][T10244] ? netlink_sendmsg+0x813/0xb40 [ 369.693258][T10244] ? sock_sendmsg_nosec+0x13a/0x180 [ 369.693278][T10244] ? ____sys_sendmsg+0x565/0x870 [ 369.693307][T10244] ? ___sys_sendmsg+0x2a5/0x360 [ 369.693335][T10244] ? __x64_sys_sendmsg+0x1b7/0x290 [ 369.693364][T10244] ? do_syscall_64+0x174/0x580 [ 369.693391][T10244] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.693422][T10244] ? __skb_clone+0x449/0x6c0 [ 369.693459][T10244] ? skb_clone+0x246/0x3a0 [ 369.693501][T10244] ? __netlink_deliver_tap+0x838/0x880 [ 369.693531][T10244] ? netlink_deliver_tap+0x2e/0x1b0 [ 369.693568][T10244] ? netlink_deliver_tap+0x2e/0x1b0 [ 369.693599][T10244] ? netlink_deliver_tap+0x2e/0x1b0 [ 369.693637][T10244] netlink_unicast+0x7f5/0x990 [ 369.693677][T10244] netlink_sendmsg+0x813/0xb40 [ 369.693717][T10244] ? __pfx_netlink_sendmsg+0x10/0x10 [ 369.693753][T10244] ? aa_sock_msg_perm+0x122/0x200 [ 369.693793][T10244] ? __pfx_netlink_sendmsg+0x10/0x10 [ 369.693823][T10244] sock_sendmsg_nosec+0x13a/0x180 [ 369.693849][T10244] ____sys_sendmsg+0x565/0x870 [ 369.693879][T10244] ? __might_fault+0xaf/0x130 [ 369.693910][T10244] ? __pfx_____sys_sendmsg+0x10/0x10 [ 369.693951][T10244] ? import_iovec+0x73/0xa0 [ 369.693982][T10244] ___sys_sendmsg+0x2a5/0x360 [ 369.694011][T10244] ? __lock_acquire+0x683/0x2ce0 [ 369.694044][T10244] ? __pfx____sys_sendmsg+0x10/0x10 [ 369.694112][T10244] ? __fget_files+0x2a/0x420 [ 369.694135][T10244] ? __fget_files+0x3a8/0x420 [ 369.694172][T10244] __x64_sys_sendmsg+0x1b7/0x290 [ 369.694206][T10244] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 369.694257][T10244] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.694282][T10244] do_syscall_64+0x174/0x580 [ 369.694310][T10244] ? trace_irq_disable+0x3b/0x140 [ 369.694339][T10244] ? clear_bhb_loop+0x40/0x90 [ 369.694365][T10244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.694387][T10244] RIP: 0033:0x7f5c603ace59 [ 369.694407][T10244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 369.694427][T10244] RSP: 002b:00007f5c5e5fe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 369.694452][T10244] RAX: ffffffffffffffda RBX: 00007f5c60625fa0 RCX: 00007f5c603ace59 [ 369.694476][T10244] RDX: 0000000020084884 RSI: 0000200000000040 RDI: 0000000000000003 [ 369.694492][T10244] RBP: 00007f5c5e5fe090 R08: 0000000000000000 R09: 0000000000000000 [ 369.694506][T10244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 369.694520][T10244] R13: 00007f5c60626038 R14: 00007f5c60625fa0 R15: 00007ffcb1eb6438 [ 369.694555][T10244] [ 370.192664][T10246] FAULT_INJECTION: forcing a failure. [ 370.192664][T10246] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 370.192700][T10246] CPU: 0 UID: 0 PID: 10246 Comm: syz.0.1737 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 370.192725][T10246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 370.192739][T10246] Call Trace: [ 370.192748][T10246] [ 370.192758][T10246] dump_stack_lvl+0xe8/0x150 [ 370.192787][T10246] should_fail_ex+0x467/0x600 [ 370.192838][T10246] _copy_from_iter+0x1d3/0x1660 [ 370.192864][T10246] ? rcu_is_watching+0x15/0xb0 [ 370.192902][T10246] ? trace_kmem_cache_alloc+0x29/0xe0 [ 370.192929][T10246] ? kmem_cache_alloc_noprof+0x3bd/0x650 [ 370.192951][T10246] ? skb_ext_add+0x148/0x8e0 [ 370.192978][T10246] ? skb_ext_add+0x148/0x8e0 [ 370.193007][T10246] ? __pfx__copy_from_iter+0x10/0x10 [ 370.193035][T10246] ? skb_ext_add+0x3b3/0x8e0 [ 370.193067][T10246] ? skb_put+0x112/0x210 [ 370.193100][T10246] j1939_sk_sendmsg+0x831/0x1320 [ 370.193132][T10246] ? j1939_sk_sendmsg+0x4ea/0x1320 [ 370.193165][T10246] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 370.193190][T10246] ? aa_sock_msg_perm+0x122/0x200 [ 370.193231][T10246] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 370.193255][T10246] sock_sendmsg_nosec+0x13a/0x180 [ 370.193281][T10246] ____sys_sendmsg+0x565/0x870 [ 370.193321][T10246] ? __pfx_____sys_sendmsg+0x10/0x10 [ 370.193363][T10246] ? import_iovec+0x73/0xa0 [ 370.193394][T10246] ___sys_sendmsg+0x2a5/0x360 [ 370.193425][T10246] ? __lock_acquire+0x683/0x2ce0 [ 370.193460][T10246] ? __pfx____sys_sendmsg+0x10/0x10 [ 370.193536][T10246] ? __fget_files+0x2a/0x420 [ 370.193562][T10246] ? __fget_files+0x3a8/0x420 [ 370.193612][T10246] __x64_sys_sendmsg+0x1b7/0x290 [ 370.193647][T10246] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 370.193699][T10246] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.193725][T10246] do_syscall_64+0x174/0x580 [ 370.193754][T10246] ? trace_irq_disable+0x3b/0x140 [ 370.193784][T10246] ? clear_bhb_loop+0x40/0x90 [ 370.193813][T10246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.193844][T10246] RIP: 0033:0x7f5c603ace59 [ 370.193865][T10246] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 370.193884][T10246] RSP: 002b:00007f5c5e5fe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 370.193909][T10246] RAX: ffffffffffffffda RBX: 00007f5c60625fa0 RCX: 00007f5c603ace59 [ 370.193925][T10246] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 370.193939][T10246] RBP: 00007f5c5e5fe090 R08: 0000000000000000 R09: 0000000000000000 [ 370.193954][T10246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 370.193967][T10246] R13: 00007f5c60626038 R14: 00007f5c60625fa0 R15: 00007ffcb1eb6438 [ 370.194001][T10246] [ 370.705270][ T68] team0 (unregistering): Port device team_slave_1 removed [ 370.802551][ T68] team0 (unregistering): Port device team_slave_0 removed [ 371.253749][ T5717] usb 3-1: new high-speed USB device number 61 using dummy_hcd [ 371.409715][ T5717] usb 3-1: unable to get BOS descriptor or descriptor too short [ 371.421375][ T5717] usb 3-1: config 6 has an invalid interface number: 252 but max is 0 [ 371.421402][ T5717] usb 3-1: config 6 has no interface number 0 [ 371.421443][ T5717] usb 3-1: config 6 interface 252 altsetting 5 endpoint 0x8 has invalid maxpacket 1024, setting to 64 [ 371.421474][ T5717] usb 3-1: config 6 interface 252 has no altsetting 0 [ 371.424284][ T5717] usb 3-1: New USB device found, idVendor=1199, idProduct=6815, bcdDevice=dd.bf [ 371.424312][ T5717] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 371.424334][ T5717] usb 3-1: Product: 쀻㓔洏뻬懄ራ찳௃窾乑䲸ⱞ䒍㖥络火빚읠깦浽톮拁蟎㼼竈ᐐ䢵嘮喟ᓜᓇ쿔ᤱ厙೷⒉⓺᫠싄郿㡨㐁趵7…뫉곀પ왐 [ 371.424359][ T5717] usb 3-1: Manufacturer: ј [ 371.424373][ T5717] usb 3-1: SerialNumber: М [ 371.754442][ T5717] sierra 3-1:6.252: Sierra USB modem converter detected [ 371.783951][ T5717] usb 3-1: Sierra USB modem converter now attached to ttyUSB0 [ 371.790206][ T5717] usb 3-1: Sierra USB modem converter now attached to ttyUSB1 [ 371.818277][ T5717] usb 3-1: USB disconnect, device number 61 [ 371.835422][ T5717] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 371.878532][ T5717] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1 [ 371.892009][ T5717] sierra 3-1:6.252: device disconnected [ 371.920693][T10289] openvswitch: netlink: Actions may not be safe on all matching packets [ 372.390769][T10305] netlink: 'syz.3.1765': attribute type 10 has an invalid length. [ 372.536858][T10305] team0: Port device dummy0 added [ 372.679532][ T9696] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 372.765797][T10314] FAULT_INJECTION: forcing a failure. [ 372.765797][T10314] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 372.765829][T10314] CPU: 0 UID: 0 PID: 10314 Comm: syz.0.1768 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 372.765850][T10314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 372.765861][T10314] Call Trace: [ 372.765869][T10314] [ 372.765877][T10314] dump_stack_lvl+0xe8/0x150 [ 372.765901][T10314] should_fail_ex+0x467/0x600 [ 372.765934][T10314] _copy_from_user+0x2d/0xb0 [ 372.765956][T10314] ___sys_recvmsg+0x173/0x5a0 [ 372.765988][T10314] ? __pfx____sys_recvmsg+0x10/0x10 [ 372.766018][T10314] ? __fget_files+0x2a/0x420 [ 372.766066][T10314] do_recvmmsg+0x320/0x7f0 [ 372.766097][T10314] ? __pfx_do_recvmmsg+0x10/0x10 [ 372.766121][T10314] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 372.766151][T10314] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 372.766190][T10314] __x64_sys_recvmmsg+0x198/0x250 [ 372.766219][T10314] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 372.766250][T10314] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.766269][T10314] do_syscall_64+0x174/0x580 [ 372.766291][T10314] ? trace_irq_disable+0x3b/0x140 [ 372.766314][T10314] ? clear_bhb_loop+0x40/0x90 [ 372.766336][T10314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.766353][T10314] RIP: 0033:0x7f5c603ace59 [ 372.766370][T10314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 372.766386][T10314] RSP: 002b:00007f5c5e5fe028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 372.766406][T10314] RAX: ffffffffffffffda RBX: 00007f5c60625fa0 RCX: 00007f5c603ace59 [ 372.766419][T10314] RDX: 0400000000000284 RSI: 0000200000000040 RDI: 0000000000000003 [ 372.766432][T10314] RBP: 00007f5c5e5fe090 R08: 0000000000000000 R09: 0000000000000000 [ 372.766442][T10314] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 372.766453][T10314] R13: 00007f5c60626038 R14: 00007f5c60625fa0 R15: 00007ffcb1eb6438 [ 372.766481][T10314] [ 373.075264][ T9696] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 373.090284][ T9696] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 373.111073][ T6141] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 373.188207][ T9696] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 373.200024][ T9696] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 373.320662][ T6141] usb 4-1: Using ep0 maxpacket: 16 [ 373.339320][ T9696] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 373.348121][ T6141] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 373.348155][ T6141] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 373.348180][ T6141] usb 4-1: config 0 interface 0 has no altsetting 0 [ 373.348217][ T6141] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 373.348242][ T6141] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.355147][ T6141] usb 4-1: config 0 descriptor?? [ 373.494405][ T9696] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 373.731450][ T9696] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 373.847977][ T6141] hid (null): unknown global tag 0xc [ 374.017274][ T821] usb 4-1: USB disconnect, device number 89 [ 374.184336][T10353] Bluetooth: MGMT ver 1.23 [ 374.196182][T10353] FAULT_INJECTION: forcing a failure. [ 374.196182][T10353] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 374.196217][T10353] CPU: 0 UID: 0 PID: 10353 Comm: syz.2.1783 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 374.196242][T10353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 374.196255][T10353] Call Trace: [ 374.196264][T10353] [ 374.196274][T10353] dump_stack_lvl+0xe8/0x150 [ 374.196305][T10353] should_fail_ex+0x467/0x600 [ 374.196347][T10353] _copy_to_user+0x31/0xb0 [ 374.196374][T10353] simple_read_from_buffer+0xe1/0x170 [ 374.196404][T10353] proc_fail_nth_read+0x1be/0x230 [ 374.196431][T10353] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 374.196459][T10353] ? rw_verify_area+0x250/0x4d0 [ 374.196489][T10353] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 374.196512][T10353] vfs_read+0x219/0xa90 [ 374.196550][T10353] ? __pfx_vfs_read+0x10/0x10 [ 374.196580][T10353] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 374.196610][T10353] ? lockdep_hardirqs_on+0x7a/0x110 [ 374.196639][T10353] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 374.196668][T10353] ? mutex_lock_nested+0x152/0x1d0 [ 374.196703][T10353] ? fdget_pos+0x252/0x320 [ 374.196736][T10353] ksys_read+0x156/0x270 [ 374.196768][T10353] ? __pfx_ksys_read+0x10/0x10 [ 374.196806][T10353] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.196831][T10353] do_syscall_64+0x174/0x580 [ 374.196860][T10353] ? trace_irq_disable+0x3b/0x140 [ 374.196889][T10353] ? clear_bhb_loop+0x40/0x90 [ 374.196918][T10353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.196940][T10353] RIP: 0033:0x7f3b4fc3d68e [ 374.196962][T10353] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 374.196982][T10353] RSP: 002b:00007f3b4decdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 374.197006][T10353] RAX: ffffffffffffffda RBX: 00007f3b4dece6c0 RCX: 00007f3b4fc3d68e [ 374.197023][T10353] RDX: 000000000000000f RSI: 00007f3b4dece0a0 RDI: 0000000000000003 [ 374.197047][T10353] RBP: 00007f3b4dece090 R08: 0000000000000000 R09: 0000000000000000 [ 374.197061][T10353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 374.197079][T10353] R13: 00007f3b4fef6038 R14: 00007f3b4fef5fa0 R15: 00007ffe56abe348 [ 374.197116][T10353] [ 374.803922][ T9696] 8021q: adding VLAN 0 to HW filter on device bond0 [ 374.984699][ T9696] 8021q: adding VLAN 0 to HW filter on device team0 [ 375.153990][ T8479] bridge0: port 1(bridge_slave_0) entered blocking state [ 375.154166][ T8479] bridge0: port 1(bridge_slave_0) entered forwarding state [ 375.154612][T10374] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 375.154637][T10374] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 375.154749][T10374] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 375.154768][T10374] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 375.355564][ T8479] bridge0: port 2(bridge_slave_1) entered blocking state [ 375.355761][ T8479] bridge0: port 2(bridge_slave_1) entered forwarding state [ 375.962700][ T5730] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 376.111130][ T5730] usb 4-1: Using ep0 maxpacket: 8 [ 376.117100][ T5730] usb 4-1: config 255 has an invalid interface number: 164 but max is 1 [ 376.117129][ T5730] usb 4-1: config 255 contains an unexpected descriptor of type 0x1, skipping [ 376.117149][ T5730] usb 4-1: config 255 has an invalid interface number: 39 but max is 1 [ 376.117172][ T5730] usb 4-1: config 255 has no interface number 0 [ 376.117190][ T5730] usb 4-1: config 255 has no interface number 1 [ 376.117266][ T5730] usb 4-1: config 255 interface 39 altsetting 3 bulk endpoint 0xE has invalid maxpacket 1023 [ 376.117293][ T5730] usb 4-1: config 255 interface 39 altsetting 3 has an invalid descriptor for endpoint zero, skipping [ 376.117316][ T5730] usb 4-1: config 255 interface 164 has no altsetting 0 [ 376.117336][ T5730] usb 4-1: config 255 interface 39 has no altsetting 0 [ 376.197429][ T5730] usb 4-1: New USB device found, idVendor=06f8, idProduct=0001, bcdDevice=99.fd [ 376.197462][ T5730] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 376.197483][ T5730] usb 4-1: Product: syz [ 376.197497][ T5730] usb 4-1: Manufacturer: syz [ 376.197513][ T5730] usb 4-1: SerialNumber: syz [ 376.515396][ T60] Bluetooth: hci2: unexpected event for opcode 0x080d [ 376.612032][ T5730] uvcvideo 4-1:255.39: Found UVC 0.00 device syz (06f8:0001) [ 376.612068][ T5730] uvcvideo 4-1:255.39: No valid video chain found. [ 376.645011][ T5730] usb 4-1: USB disconnect, device number 90 [ 376.892683][T10420] FAULT_INJECTION: forcing a failure. [ 376.892683][T10420] name failslab, interval 1, probability 0, space 0, times 0 [ 376.959134][T10420] CPU: 1 UID: 0 PID: 10420 Comm: syz.2.1807 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 376.959165][T10420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 376.959178][T10420] Call Trace: [ 376.959188][T10420] [ 376.959198][T10420] dump_stack_lvl+0xe8/0x150 [ 376.959229][T10420] should_fail_ex+0x467/0x600 [ 376.959284][T10420] should_failslab+0xa8/0x100 [ 376.959315][T10420] kmem_cache_alloc_noprof+0xa4/0x650 [ 376.959341][T10420] ? dst_alloc+0x105/0x170 [ 376.959373][T10420] ? dst_alloc+0x105/0x170 [ 376.959411][T10420] ? __pfx_ip6_dst_gc+0x10/0x10 [ 376.959438][T10420] dst_alloc+0x105/0x170 [ 376.959481][T10420] ip6_pol_route+0xbae/0x14e0 [ 376.959508][T10420] ? ip6_pol_route+0x163/0x14e0 [ 376.959541][T10420] ? __pfx_ip6_pol_route+0x10/0x10 [ 376.959568][T10420] ? __lock_acquire+0x683/0x2ce0 [ 376.959604][T10420] ? __lock_acquire+0x683/0x2ce0 [ 376.959648][T10420] fib6_rule_lookup+0x222/0x740 [ 376.959677][T10420] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 376.959706][T10420] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 376.959735][T10420] ? ip6_route_output_flags+0x2e/0x5e0 [ 376.959766][T10420] ? ip6_route_output_flags+0x2e/0x5e0 [ 376.959814][T10420] ip6_route_output_flags+0x364/0x5e0 [ 376.959842][T10420] ? ip6_route_output_flags+0x2e/0x5e0 [ 376.959875][T10420] icmpv6_rt_has_prefsrc+0x50/0x3d0 [ 376.959917][T10420] icmp6_send+0xe77/0x1b50 [ 376.959950][T10420] ? icmp6_send+0x23d/0x1b50 [ 376.960007][T10420] ? __pfx_icmp6_send+0x10/0x10 [ 376.960043][T10420] ? save_dst_trace_buffer+0x43d/0x5b0 [ 376.960106][T10420] ? sock_sendmsg_nosec+0x10e/0x180 [ 376.960128][T10420] ? ____sys_sendmsg+0x565/0x870 [ 376.960157][T10420] ? ___sys_sendmsg+0x2a5/0x360 [ 376.960186][T10420] ? __sys_sendmmsg+0x279/0x4d0 [ 376.960215][T10420] ? __x64_sys_sendmmsg+0xa0/0xc0 [ 376.960282][T10420] ? __pfx_ip6_link_failure+0x10/0x10 [ 376.960307][T10420] ip6_link_failure+0x3b/0x4c0 [ 376.960336][T10420] ? __pfx_ip6_link_failure+0x10/0x10 [ 376.960360][T10420] vti_tunnel_xmit+0x10e1/0x1a60 [ 376.960393][T10420] ? skb_network_protocol+0x23d/0x400 [ 376.960438][T10420] ? __pfx_vti_tunnel_xmit+0x10/0x10 [ 376.960493][T10420] dev_hard_start_xmit+0x2df/0x870 [ 376.960526][T10420] ? validate_xmit_skb+0xcac/0x14f0 [ 376.960575][T10420] __dev_queue_xmit+0x1549/0x3890 [ 376.960627][T10420] ? __dev_queue_xmit+0x291/0x3890 [ 376.960658][T10420] ? __local_bh_enable_ip+0x1ae/0x2b0 [ 376.960695][T10420] ? lockdep_hardirqs_on+0x7a/0x110 [ 376.960730][T10420] ? neigh_connected_output+0x1e7/0x470 [ 376.960759][T10420] ? __pfx___dev_queue_xmit+0x10/0x10 [ 376.960791][T10420] ? neigh_connected_output+0x1e7/0x470 [ 376.960829][T10420] ? read_seqbegin+0xae/0x1e0 [ 376.960853][T10420] ? neigh_connected_output+0x1e7/0x470 [ 376.960883][T10420] ? lockdep_hardirqs_on+0x7a/0x110 [ 376.960911][T10420] ? read_seqbegin+0x1c3/0x1e0 [ 376.960941][T10420] ? neigh_connected_output+0x3bd/0x470 [ 376.960985][T10420] ? ip6_output+0x11e/0x540 [ 376.961014][T10420] ip6_output+0x337/0x540 [ 376.961043][T10420] ? ip6_send_skb+0x10a/0x380 [ 376.961076][T10420] ip6_send_skb+0x1cd/0x380 [ 376.961112][T10420] ping_v6_sendmsg+0xfa0/0x12a0 [ 376.961153][T10420] ? __pfx_ping_v6_sendmsg+0x10/0x10 [ 376.961179][T10420] ? lockdep_hardirqs_on+0x7a/0x110 [ 376.961260][T10420] ? __local_bh_enable_ip+0x1ae/0x2b0 [ 376.961296][T10420] ? lockdep_hardirqs_on+0x7a/0x110 [ 376.961333][T10420] ? inet_sendmsg+0x298/0x320 [ 376.961363][T10420] ? __pfx_inet_sendmsg+0x10/0x10 [ 376.961387][T10420] sock_sendmsg_nosec+0x10e/0x180 [ 376.961416][T10420] ____sys_sendmsg+0x565/0x870 [ 376.961461][T10420] ? __pfx_____sys_sendmsg+0x10/0x10 [ 376.961508][T10420] ? import_iovec+0x73/0xa0 [ 376.961542][T10420] ___sys_sendmsg+0x2a5/0x360 [ 376.961572][T10420] ? __lock_acquire+0x683/0x2ce0 [ 376.961610][T10420] ? __pfx____sys_sendmsg+0x10/0x10 [ 376.961649][T10420] ? kstrtouint+0x6e/0xe0 [ 376.961724][T10420] ? __fget_files+0x2a/0x420 [ 376.961748][T10420] ? __fget_files+0x3a8/0x420 [ 376.961789][T10420] __sys_sendmmsg+0x279/0x4d0 [ 376.961831][T10420] ? __pfx___sys_sendmmsg+0x10/0x10 [ 376.961878][T10420] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 376.961922][T10420] ? ksys_write+0x248/0x270 [ 376.961976][T10420] ? __pfx_ksys_write+0x10/0x10 [ 376.962017][T10420] __x64_sys_sendmmsg+0xa0/0xc0 [ 376.962050][T10420] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.962074][T10420] do_syscall_64+0x174/0x580 [ 376.962103][T10420] ? trace_irq_disable+0x3b/0x140 [ 376.962135][T10420] ? clear_bhb_loop+0x40/0x90 [ 376.962165][T10420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.962189][T10420] RIP: 0033:0x7f3b4fc7ce59 [ 376.962212][T10420] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 376.962233][T10420] RSP: 002b:00007f3b4dece028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 376.962264][T10420] RAX: ffffffffffffffda RBX: 00007f3b4fef5fa0 RCX: 00007f3b4fc7ce59 [ 376.962281][T10420] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003 [ 376.962296][T10420] RBP: 00007f3b4dece090 R08: 0000000000000000 R09: 0000000000000000 [ 376.962310][T10420] R10: 00000000000000d0 R11: 0000000000000246 R12: 0000000000000002 [ 376.962323][T10420] R13: 00007f3b4fef6038 R14: 00007f3b4fef5fa0 R15: 00007ffe56abe348 [ 376.962365][T10420] [ 378.623112][ T5730] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 378.673010][ T9696] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 378.780224][ T5730] usb 4-1: New USB device found, idVendor=13d3, idProduct=3211, bcdDevice=7a.67 [ 378.780255][ T5730] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 378.780277][ T5730] usb 4-1: Product: syz [ 378.780292][ T5730] usb 4-1: Manufacturer: syz [ 378.780307][ T5730] usb 4-1: SerialNumber: syz [ 379.079332][ T5730] dvb-usb: found a 'Pinnacle PCTV 310e' in cold state, will try to load a firmware [ 379.079359][ T5730] dvb-usb: did not find the firmware file '(null)' (status -22). You can use /scripts/get_dvb_firmware to get the firmware [ 379.123377][ T5730] usb 4-1: USB disconnect, device number 91 Stopping sshd: [ 379.221148][ T1263] usb 3-1: new high-speed USB device number 62 using dummy_hcd stopped /usr/sbin/sshd (pid 5360) OK [ 379.371115][ T1263] usb 3-1: Using ep0 maxpacket: 32 [ 379.381825][ T1263] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 379.381859][ T1263] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 379.381907][ T1263] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 379.381931][ T1263] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 379.437096][ T1263] usb 3-1: config 0 descriptor?? [ 379.459662][ T1263] hub 3-1:0.0: USB hub found [ 379.517622][ T9696] veth0_vlan: entered promiscuous mode [ 379.632799][ T9696] veth1_vlan: entered promiscuous mode [ 379.664694][ T1263] hub 3-1:0.0: 1 port detected Stopping crond: [ 380.070767][ T9696] veth0_macvtap: entered promiscuous mode [ 380.139693][ T9696] veth1_macvtap: entered promiscuous mode stopped /usr/sbin/crond (pid 5347) [ 380.309443][ T1263] hub 3-1:0.0: activate --> -90 OK [ 380.458510][ T9696] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 380.752204][ T9696] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 380.805024][T10461] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 380.807175][T10461] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 380.983191][ T8472] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.002421][ T8472] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.002513][ T8472] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.002551][ T8472] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.011455][ T1263] hub 3-1:0.0: hub_ext_port_status failed (err = -71) Stopping dhcpcd... stopped /sbin/dhcpcd (pid 5270) [ 381.245656][ T68] usb 3-1: Failed to suspend device, error -71 [ 381.278816][ T5730] usb 3-1: USB disconnect, device number 62 Stopping network: [ 382.252448][ T1263] usb 3-1: new high-speed USB device number 63 using dummy_hcd [ 382.284761][ T8472] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 382.284792][ T8472] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 382.488502][ T1263] usb 3-1: Using ep0 maxpacket: 16 [ 382.498048][ T1263] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 382.498094][ T1263] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 382.498119][ T1263] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 382.498161][ T1263] usb 3-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 382.498185][ T1263] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.575364][ T1263] usb 3-1: config 0 descriptor?? [ 382.997689][ T1115] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 382.997710][ T1115] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 383.174925][ T1263] hid_parser_main: 304 callbacks suppressed [ 383.174961][ T1263] waterforce 0003:1044:7A4D.000C: unknown main item tag 0x0 [ 383.174992][ T1263] waterforce 0003:1044:7A4D.000C: unknown main item tag 0x0 [ 383.175016][ T1263] waterforce 0003:1044:7A4D.000C: unknown main item tag 0x0 [ 383.175040][ T1263] waterforce 0003:1044:7A4D.000C: unknown main item tag 0x0 [ 383.175066][ T1263] waterforce 0003:1044:7A4D.000C: unknown main item tag 0x0 [ 383.175093][ T1263] waterforce 0003:1044:7A4D.000C: unknown main item tag 0x0 [ 383.175122][ T1263] waterforce 0003:1044:7A4D.000C: unknown main item tag 0x7 [ 383.175148][ T1263] waterforce 0003:1044:7A4D.000C: unexpected long global item [ 383.175861][ T1263] waterforce 0003:1044:7A4D.000C: hid parse failed with -22 [ 383.178342][ T1263] waterforce 0003:1044:7A4D.000C: probe with driver waterforce failed with error -22 [ 383.824658][T10543] FAULT_INJECTION: forcing a failure. [ 383.824658][T10543] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 383.824695][T10543] CPU: 1 UID: 0 PID: 10543 Comm: syz.1.1842 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 383.824720][T10543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 383.824747][T10543] Call Trace: [ 383.824756][T10543] [ 383.824766][T10543] dump_stack_lvl+0xe8/0x150 [ 383.824796][T10543] should_fail_ex+0x467/0x600 [ 383.824836][T10543] _copy_from_iter+0x1d3/0x1660 [ 383.824862][T10543] ? rcu_is_watching+0x15/0xb0 [ 383.824896][T10543] ? trace_kmem_cache_alloc+0x29/0xe0 [ 383.824921][T10543] ? __pfx__copy_from_iter+0x10/0x10 [ 383.824961][T10543] ? __alloc_skb+0x276/0x7a0 [ 383.824987][T10543] ? __alloc_skb+0x276/0x7a0 [ 383.825019][T10543] ? netlink_sendmsg+0x650/0xb40 [ 383.825052][T10543] ? skb_put+0x112/0x210 [ 383.825080][T10543] netlink_sendmsg+0x6c0/0xb40 [ 383.825120][T10543] ? __pfx_netlink_sendmsg+0x10/0x10 [ 383.825155][T10543] ? aa_sock_msg_perm+0x122/0x200 [ 383.825206][T10543] ? __pfx_netlink_sendmsg+0x10/0x10 [ 383.825233][T10543] sock_sendmsg_nosec+0x13a/0x180 [ 383.825258][T10543] ____sys_sendmsg+0x565/0x870 [ 383.825289][T10543] ? __might_fault+0xaf/0x130 [ 383.825315][T10543] ? __pfx_____sys_sendmsg+0x10/0x10 [ 383.825355][T10543] ? import_iovec+0x73/0xa0 [ 383.825403][T10543] ___sys_sendmsg+0x2a5/0x360 [ 383.825434][T10543] ? __lock_acquire+0x683/0x2ce0 [ 383.825469][T10543] ? __pfx____sys_sendmsg+0x10/0x10 [ 383.825536][T10543] ? __fget_files+0x2a/0x420 [ 383.825559][T10543] ? __fget_files+0x3a8/0x420 [ 383.825595][T10543] __x64_sys_sendmsg+0x1b7/0x290 [ 383.825630][T10543] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 383.825680][T10543] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.825706][T10543] do_syscall_64+0x174/0x580 [ 383.825742][T10543] ? trace_irq_disable+0x3b/0x140 [ 383.825771][T10543] ? clear_bhb_loop+0x40/0x90 [ 383.825799][T10543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.825822][T10543] RIP: 0033:0x7f730a55ce59 [ 383.825843][T10543] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 383.825863][T10543] RSP: 002b:00007f73087b6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 383.825888][T10543] RAX: ffffffffffffffda RBX: 00007f730a7d5fa0 RCX: 00007f730a55ce59 [ 383.825904][T10543] RDX: 0000000000000004 RSI: 0000200000000780 RDI: 0000000000000004 [ 383.825917][T10543] RBP: 00007f73087b6090 R08: 0000000000000000 R09: 0000000000000000 [ 383.825931][T10543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 383.825944][T10543] R13: 00007f730a7d6038 R14: 00007f730a7d5fa0 R15: 00007ffeda6b0cf8 [ 383.825977][T10543] [ 384.155976][ T1341] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.156088][ T1341] ieee802154 phy1 wpan1: encryption failed: -22 OK Stopping iptables: [ 384.716719][T10551] team_slave_1: entered allmulticast mode [ 384.996805][ T5624] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 modprobe: can't change directory to 'syzkaller': No such file or directory [ 385.068679][ T5624] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 iptables v1.8.11 (legacy): can't initialize ipta[ 385.105757][ T5624] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 bles table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. [ 385.131507][ T5624] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 385.133115][ T5624] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 FAIL Stopping system message bus: done [ 386.181783][ T6141] usb 3-1: USB disconnect, device number 63 [ 386.663760][ T6141] usb 3-1: new high-speed USB device number 64 using dummy_hcd [ 386.810994][ T6141] usb 3-1: Using ep0 maxpacket: 16 [ 386.811133][ T821] usb 2-1: new full-speed USB device number 33 using dummy_hcd [ 386.814471][ T6141] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 386.853679][ T6141] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a [ 386.853710][ T6141] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.853730][ T6141] usb 3-1: Product: syz [ 386.853746][ T6141] usb 3-1: Manufacturer: syz [ 386.853761][ T6141] usb 3-1: SerialNumber: syz [ 386.888078][ T6141] usb 3-1: config 0 descriptor?? [ 386.916283][ T6141] sr9700 3-1:0.0: probe with driver sr9700 failed with error -22 [ 386.974033][ T821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 386.974071][ T821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 386.974110][ T821] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 386.974133][ T821] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 387.023884][ T821] usb 2-1: config 0 descriptor?? [ 387.118381][T10590] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 387.118987][T10590] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 387.173538][ T32] usb 3-1: USB disconnect, device number 64 [ 387.471348][ T821] elan 0003:04F3:0755.000D: unknown main item tag 0x0 [ 387.471385][ T821] elan 0003:04F3:0755.000D: unknown main item tag 0x0 [ 387.471414][ T821] elan 0003:04F3:0755.000D: unknown main item tag 0x0 [ 387.471441][ T821] elan 0003:04F3:0755.000D: item fetching failed at offset 3/5 [ 387.472146][ T821] elan 0003:04F3:0755.000D: Hid Parse failed [ 387.472256][ T821] elan 0003:04F3:0755.000D: probe with driver elan failed with error -22 [ 387.775562][ T821] usb 2-1: USB disconnect, device number 33 [ 388.071743][ T5624] Bluetooth: hci3: command tx timeout [ 388.156169][T10598] FAULT_INJECTION: forcing a failure. [ 388.156169][T10598] name failslab, interval 1, probability 0, space 0, times 0 [ 388.156209][T10598] CPU: 0 UID: 0 PID: 10598 Comm: syz.2.1853 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 388.156235][T10598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 388.156249][T10598] Call Trace: [ 388.156258][T10598] [ 388.156268][T10598] dump_stack_lvl+0xe8/0x150 [ 388.156310][T10598] should_fail_ex+0x467/0x600 [ 388.156350][T10598] should_failslab+0xa8/0x100 [ 388.156381][T10598] kmem_cache_alloc_noprof+0xa4/0x650 [ 388.156405][T10598] ? __kvm_mmu_topup_memory_cache+0x1b2/0x600 [ 388.156433][T10598] ? __kvm_mmu_topup_memory_cache+0x1b2/0x600 [ 388.156469][T10598] __kvm_mmu_topup_memory_cache+0x1b2/0x600 [ 388.156509][T10598] mmu_topup_memory_caches+0x21/0x170 [ 388.156547][T10598] kvm_mmu_load+0x9d/0x22b0 [ 388.156577][T10598] ? kvm_msr_allowed+0x9a/0x490 [ 388.156606][T10598] ? kvm_msr_allowed+0x9a/0x490 [ 388.156635][T10598] ? kvm_msr_allowed+0x9a/0x490 [ 388.156663][T10598] ? kvm_msr_allowed+0x3f4/0x490 [ 388.156690][T10598] ? kvm_msr_allowed+0x9a/0x490 [ 388.156719][T10598] ? kvm_apic_has_interrupt+0x740/0x770 [ 388.156754][T10598] vcpu_run+0x4c13/0x73e0 [ 388.156782][T10598] ? __pfx___css_rstat_updated+0x10/0x10 [ 388.156856][T10598] ? __lock_acquire+0x683/0x2ce0 [ 388.156908][T10598] ? __pfx_vcpu_run+0x10/0x10 [ 388.156935][T10598] ? kvm_arch_vcpu_ioctl_run+0x1f8/0x1960 [ 388.156965][T10598] ? kvm_arch_vcpu_ioctl_run+0x1f8/0x1960 [ 388.157009][T10598] kvm_arch_vcpu_ioctl_run+0xe51/0x1960 [ 388.157042][T10598] ? kvm_arch_vcpu_ioctl_run+0x1f8/0x1960 [ 388.157083][T10598] kvm_vcpu_ioctl+0xa64/0xfe0 [ 388.157122][T10598] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 388.157153][T10598] ? hook_file_ioctl+0x1f3/0x600 [ 388.157185][T10598] ? lockdep_hardirqs_on+0x7a/0x110 [ 388.157232][T10598] ? __fget_files+0x2a/0x420 [ 388.157260][T10598] ? __fget_files+0x2a/0x420 [ 388.157282][T10598] ? __fget_files+0x3a8/0x420 [ 388.157314][T10598] ? __fget_files+0x2a/0x420 [ 388.157341][T10598] ? bpf_lsm_file_ioctl+0x9/0x20 [ 388.157369][T10598] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 388.157401][T10598] __se_sys_ioctl+0xff/0x170 [ 388.157431][T10598] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.157456][T10598] do_syscall_64+0x174/0x580 [ 388.157482][T10598] ? trace_irq_disable+0x3b/0x140 [ 388.157512][T10598] ? clear_bhb_loop+0x40/0x90 [ 388.157541][T10598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.157565][T10598] RIP: 0033:0x7f3b4fc7ce59 [ 388.157587][T10598] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 388.157607][T10598] RSP: 002b:00007f3b4dead028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 388.157632][T10598] RAX: ffffffffffffffda RBX: 00007f3b4fef6090 RCX: 00007f3b4fc7ce59 [ 388.157649][T10598] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 388.157662][T10598] RBP: 00007f3b4dead090 R08: 0000000000000000 R09: 0000000000000000 [ 388.157676][T10598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 388.157689][T10598] R13: 00007f3b4fef6128 R14: 00007f3b4fef6090 R15: 00007ffe56abe348 [ 388.157725][T10598] [ 388.611520][ T32] usb 4-1: new high-speed USB device number 92 using dummy_hcd Stopping klogd: [ 388.770990][ T32] usb 4-1: Using ep0 maxpacket: 16 [ 388.773366][ T32] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 388.773420][ T32] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 388.773449][ T32] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 388.773476][ T32] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 388.773499][ T32] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 388.773542][ T32] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 388.773567][ T32] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 388.785648][ T32] usb 4-1: config 0 descriptor?? [ 388.990050][T10618] binder: 10617:10618 ioctl c0306201 200000000440 returned -14 [ 389.009062][T10600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 389.009542][T10600] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 389.031319][ T32] rc_core: IR keymap rc-hauppauge not found [ 389.031336][ T32] Registered IR keymap rc-empty [ 389.031462][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.052088][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.076427][ T32] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 389.112717][ T32] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input12 [ 389.120777][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 OK [ 389.149975][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.161232][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.181106][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.202190][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.221527][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.241133][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.268514][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.281624][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.301977][ T32] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 389.348131][T10600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 389.348677][T10600] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 389.380347][ T32] mceusb 4-1:0.0: Registered with mce emulator interface version 1 [ 389.380366][ T32] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 389.423226][ T32] usb 4-1: USB disconnect, device number 92 Stopping acpid: [ 389.652341][ T68] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.141841][ T5624] Bluetooth: hci3: command tx timeout [ 390.158680][ T68] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.478472][T10647] FAULT_INJECTION: forcing a failure. [ 390.478472][T10647] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 390.478499][T10647] CPU: 0 UID: 0 PID: 10647 Comm: syz.2.1864 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 390.478517][T10647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 390.478528][T10647] Call Trace: [ 390.478534][T10647] [ 390.478541][T10647] dump_stack_lvl+0xe8/0x150 [ 390.478565][T10647] should_fail_ex+0x467/0x600 [ 390.478624][T10647] prepare_alloc_pages+0x223/0x690 [ 390.478657][T10647] __alloc_frozen_pages_noprof+0x12f/0x380 [ 390.478696][T10647] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 390.478729][T10647] ? __pfx_policy_nodemask+0x10/0x10 [ 390.478749][T10647] ? lockdep_hardirqs_on+0x7a/0x110 [ 390.478771][T10647] ? rt_mutex_slowunlock+0x4ee/0xa20 [ 390.478791][T10647] alloc_pages_mpol+0xce/0x280 [ 390.478814][T10647] alloc_pages_noprof+0xd2/0x2f0 [ 390.478836][T10647] get_free_pages_noprof+0xf/0x80 [ 390.478856][T10647] __kasan_populate_vmalloc+0x38/0x1c0 [ 390.478883][T10647] ? rt_spin_unlock+0x163/0x200 [ 390.478900][T10647] alloc_vmap_area+0xd1a/0x1420 [ 390.478936][T10647] ? __pfx_alloc_vmap_area+0x10/0x10 [ 390.478961][T10647] ? __kmalloc_cache_node_noprof+0x47b/0x6a0 [ 390.478981][T10647] ? __get_vm_area_node+0x136/0x300 [ 390.479005][T10647] ? __get_vm_area_node+0x136/0x300 [ 390.479034][T10647] __get_vm_area_node+0x1f2/0x300 [ 390.479070][T10647] __vmalloc_node_range_noprof+0x358/0x1730 [ 390.479088][T10647] ? fpu_alloc_guest_fpstate+0x24/0x410 [ 390.479112][T10647] ? percpu_ref_get_many+0x19/0x140 [ 390.479134][T10647] ? percpu_ref_get_many+0x19/0x140 [ 390.479160][T10647] ? percpu_ref_get_many+0x19/0x140 [ 390.479184][T10647] ? __memcg_slab_post_alloc_hook+0x4d6/0xf60 [ 390.479213][T10647] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 390.479257][T10647] ? trace_kmem_cache_alloc+0x29/0xe0 [ 390.479280][T10647] ? fpu_alloc_guest_fpstate+0x24/0x410 [ 390.479315][T10647] vzalloc_noprof+0xb2/0xe0 [ 390.479339][T10647] ? fpu_alloc_guest_fpstate+0x24/0x410 [ 390.479377][T10647] fpu_alloc_guest_fpstate+0x24/0x410 [ 390.479421][T10647] kvm_arch_vcpu_create+0x44a/0x8a0 [ 390.479457][T10647] kvm_vm_ioctl_create_vcpu+0x451/0x970 [ 390.479488][T10647] kvm_vm_ioctl+0x889/0xd30 [ 390.479508][T10647] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 390.479540][T10647] ? kasan_quarantine_put+0xbb/0x1f0 [ 390.479563][T10647] ? tomoyo_path_number_perm+0x219/0x5f0 [ 390.479587][T10647] ? tomoyo_path_number_perm+0x219/0x5f0 [ 390.479611][T10647] ? do_vfs_ioctl+0x1184/0x1550 [ 390.479636][T10647] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 390.479667][T10647] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 390.479686][T10647] ? hook_file_ioctl+0x1f3/0x600 [ 390.479708][T10647] ? lockdep_hardirqs_on+0x7a/0x110 [ 390.479741][T10647] ? __fget_files+0x2a/0x420 [ 390.479760][T10647] ? __fget_files+0x2a/0x420 [ 390.479776][T10647] ? __fget_files+0x3a8/0x420 [ 390.479792][T10647] ? __fget_files+0x2a/0x420 [ 390.479811][T10647] ? bpf_lsm_file_ioctl+0x9/0x20 [ 390.479832][T10647] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 390.479850][T10647] __se_sys_ioctl+0xff/0x170 [ 390.479872][T10647] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.479890][T10647] do_syscall_64+0x174/0x580 [ 390.479910][T10647] ? trace_irq_disable+0x3b/0x140 [ 390.479937][T10647] ? clear_bhb_loop+0x40/0x90 [ 390.479957][T10647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.479974][T10647] RIP: 0033:0x7f3b4fc7ce59 [ 390.479988][T10647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 390.480003][T10647] RSP: 002b:00007f3b4dece028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 390.480020][T10647] RAX: ffffffffffffffda RBX: 00007f3b4fef5fa0 RCX: 00007f3b4fc7ce59 [ 390.480031][T10647] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 390.480041][T10647] RBP: 00007f3b4dece090 R08: 0000000000000000 R09: 0000000000000000 [ 390.480051][T10647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 390.480066][T10647] R13: 00007f3b4fef6038 R14: 00007f3b4fef5fa0 R15: 00007ffe56abe348 [ 390.480091][T10647] [ 390.480130][T10647] syz.2.1864: vmalloc error: size 896, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 390.480215][T10647] CPU: 0 UID: 0 PID: 10647 Comm: syz.2.1864 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 390.480233][T10647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 390.480242][T10647] Call Trace: [ 390.480249][T10647] [ 390.480255][T10647] dump_stack_lvl+0xe8/0x150 [ 390.480273][T10647] warn_alloc+0x24c/0x270 [ 390.480291][T10647] ? kasan_quarantine_put+0xbb/0x1f0 [ 390.480309][T10647] ? __pfx_warn_alloc+0x10/0x10 [ 390.480327][T10647] ? __get_vm_area_node+0x20b/0x300 [ 390.480357][T10647] ? __get_vm_area_node+0x20b/0x300 [ 390.480387][T10647] __vmalloc_node_range_noprof+0x37d/0x1730 [ 390.480403][T10647] ? percpu_ref_get_many+0x19/0x140 [ 390.480424][T10647] ? percpu_ref_get_many+0x19/0x140 [ 390.480450][T10647] ? percpu_ref_get_many+0x19/0x140 [ 390.480501][T10647] ? __memcg_slab_post_alloc_hook+0x4d6/0xf60 [ 390.480543][T10647] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 390.480577][T10647] ? trace_kmem_cache_alloc+0x29/0xe0 [ 390.480600][T10647] ? fpu_alloc_guest_fpstate+0x24/0x410 [ 390.480625][T10647] vzalloc_noprof+0xb2/0xe0 [ 390.480641][T10647] ? fpu_alloc_guest_fpstate+0x24/0x410 [ 390.480667][T10647] fpu_alloc_guest_fpstate+0x24/0x410 [ 390.480693][T10647] kvm_arch_vcpu_create+0x44a/0x8a0 [ 390.480717][T10647] kvm_vm_ioctl_create_vcpu+0x451/0x970 [ 390.480741][T10647] kvm_vm_ioctl+0x889/0xd30 [ 390.480761][T10647] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 390.480805][T10647] ? kasan_quarantine_put+0xbb/0x1f0 [ 390.480827][T10647] ? tomoyo_path_number_perm+0x219/0x5f0 [ 390.480849][T10647] ? tomoyo_path_number_perm+0x219/0x5f0 [ 390.480877][T10647] ? do_vfs_ioctl+0x1184/0x1550 [ 390.480926][T10647] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 390.480968][T10647] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 390.480996][T10647] ? hook_file_ioctl+0x1f3/0x600 [ 390.481025][T10647] ? lockdep_hardirqs_on+0x7a/0x110 [ 390.481079][T10647] ? __fget_files+0x2a/0x420 [ 390.481107][T10647] ? __fget_files+0x2a/0x420 [ 390.481130][T10647] ? __fget_files+0x3a8/0x420 [ 390.481152][T10647] ? __fget_files+0x2a/0x420 [ 390.481185][T10647] ? bpf_lsm_file_ioctl+0x9/0x20 [ 390.481206][T10647] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 390.481225][T10647] __se_sys_ioctl+0xff/0x170 [ 390.481247][T10647] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.481264][T10647] do_syscall_64+0x174/0x580 [ 390.481284][T10647] ? trace_irq_disable+0x3b/0x140 [ 390.481304][T10647] ? clear_bhb_loop+0x40/0x90 [ 390.481323][T10647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.481340][T10647] RIP: 0033:0x7f3b4fc7ce59 [ 390.481353][T10647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 390.481368][T10647] RSP: 002b:00007f3b4dece028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 390.481384][T10647] RAX: ffffffffffffffda RBX: 00007f3b4fef5fa0 RCX: 00007f3b4fc7ce59 [ 390.481396][T10647] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 390.481406][T10647] RBP: 00007f3b4dece090 R08: 0000000000000000 R09: 0000000000000000 [ 390.481417][T10647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 390.481426][T10647] R13: 00007f3b4fef6038 R14: 00007f3b4fef5fa0 R15: 00007ffe56abe348 [ 390.481450][T10647] [ 390.483400][T10647] Mem-Info: [ 390.483418][T10647] active_anon:39384 inactive_anon:0 isolated_anon:0 [ 390.483418][T10647] active_file:0 inactive_file:59479 isolated_file:0 [ 390.483418][T10647] unevictable:768 dirty:81 writeback:0 [ 390.483418][T10647] slab_reclaimable:12913 slab_unreclaimable:97510 [ 390.483418][T10647] mapped:26886 shmem:34704 pagetables:823 [ 390.483418][T10647] sec_pagetables:0 bounce:0 [ 390.483418][T10647] kernel_misc_reclaimable:0 [ 390.483418][T10647] free:1286452 free_pcp:3993 free_cma:0 [ 390.483477][T10647] Node 0 active_anon:157536kB inactive_anon:0kB active_file:0kB inactive_file:237700kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:107520kB dirty:316kB writeback:0kB shmem:137280kB kernel_stack:13504kB pagetables:3164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 390.483532][T10647] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:216kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:8kB writeback:0kB shmem:1536kB kernel_stack:32kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 390.483574][T10647] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 390.483630][T10647] lowmem_reserve[]: 0 2492 2493 2493 2493 OK [ 390.483658][T10647] Node 0 DMA32 free:1189444kB boost:0kB min:3912kB low:6436kB high:8960kB reserved_highatomic:0KB free_highatomic:0KB active_anon:157536kB inactive_anon:0kB active_file:0kB inactive_file:237700kB unevictable:1536kB writepending:316kB zspages:0kB present:3129332kB managed:2552044kB mlocked:0kB bounce:0kB free_pcp:15964kB local_pcp:7456kB free_cma:0kB [ 390.483709][T10647] lowmem_reserve[]: 0 0 0 0 0 [ 390.483735][T10647] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:864kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:4kB free_cma:0kB [ 390.483783][T10647] lowmem_reserve[]: 0 0 0 0 0 [ 390.483810][T10647] Node 1 Normal free:3941004kB boost:0kB min:6372kB low:10480kB high:14588kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:216kB unevictable:1536kB writepending:8kB zspages:0kB present:4194300kB managed:4111096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 390.483860][T10647] lowmem_reserve[]: 0 0 0 0 0 [ 390.483886][T10647] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 390.483983][T10647] Node 0 DMA32: 2808*4kB (UME) 1554*8kB (UME) 1304*16kB (UME) 1011*32kB (UME) 549*64kB (UME) 201*128kB (UME) 82*256kB (UME) 17*512kB (UME) 2*1024kB (UE) 2*2048kB (UE) 248*4096kB (UM) = 1189392kB [ 390.484123][T10647] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 390.484204][T10647] Node 1 Normal: 1*4kB (U) 1*8kB (U) 10*16kB (UM) 13*32kB (UM) 9*64kB (UM) 6*128kB (UM) 3*256kB (UM) 4*512kB (UM) 2*1024kB (UM) 1*2048kB (U) 960*4096kB (M) = 3941004kB [ 390.484331][T10647] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 390.484346][T10647] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 390.484359][T10647] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 390.484373][T10647] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 390.484387][T10647] 94181 total pagecache pages [ 390.484401][T10647] 0 pages in swap cache [ 390.484407][T10647] Free swap = 124996kB [ 390.484414][T10647] Total swap = 124996kB [ 390.484420][T10647] 2097051 pages RAM [ 390.484427][T10647] 0 pages HighMem/MovableOnly [ 390.484433][T10647] 427210 pages reserved [ 390.484440][T10647] 0 pages cma reserved [ 390.484446][T10647] kvm: failed to allocate vcpu's fpu Stopping syslogd: [ 391.799306][ T68] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 stopped /sbin/syslogd (pid 4958) OK [ 391.894353][T10654] program syz.3.1866 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 392.221311][ T5624] Bluetooth: hci3: command tx timeout [ 392.486184][ T10] usb 4-1: new high-speed USB device number 93 using dummy_hcd [ 392.534254][ T68] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.586919][T10556] bridge0: port 1(bridge_slave_0) entered blocking state [ 392.588413][T10556] bridge0: port 1(bridge_slave_0) entered disabled state [ 392.588726][T10556] bridge_slave_0: entered allmulticast mode [ 392.621154][T10556] bridge_slave_0: entered promiscuous mode [ 392.683092][ T10] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 392.683130][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 392.689940][ T10] usb 4-1: config 0 descriptor?? [ 392.719055][ T10] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 392.807578][ T32] IPVS: starting estimator thread 0... [ 392.846216][T10556] bridge0: port 2(bridge_slave_1) entered blocking state [ 392.846732][T10556] bridge0: port 2(bridge_slave_1) entered disabled state [ 392.861820][T10556] bridge_slave_1: entered allmulticast mode [ 392.916928][T10556] bridge_slave_1: entered promiscuous mode [ 392.930699][T10693] IPVS: using max 7 ests per chain, 16800 per kthread [ 393.127413][ T10] cpia1 4-1:0.0: unexpected state after lo power cmd: 00 [ 393.216518][T10556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 393.236063][T10556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link umount: can't remount debugfs read-only [ 393.535293][ T10] gspca_cpia1: usb_control_msg 02, error -71 [ 393.535315][ T10] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0) [ 393.538327][ T10] usb 4-1: USB disconnect, device number 93 [ 393.730842][T10556] team0: Port device team_slave_0 added [ 393.839384][T10556] team0: Port device team_slave_1 added [ 394.190351][T10708] program syz.3.1880 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 394.301598][ T5624] Bluetooth: hci3: command tx timeout [ 394.379579][T10556] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 394.379591][T10556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 394.379613][T10556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 394.412893][T10556] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 394.412913][T10556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 394.412944][T10556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 394.426398][ T37] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 394.673488][ T37] usb 2-1: New USB device found, idVendor=13d3, idProduct=3211, bcdDevice=7a.67 [ 394.673522][ T37] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 394.673537][ T37] usb 2-1: Product: syz [ 394.673547][ T37] usb 2-1: Manufacturer: syz [ 394.673558][ T37] usb 2-1: SerialNumber: syz [ 394.958128][ T37] dvb-usb: found a 'Pinnacle PCTV 310e' in cold state, will try to load a firmware [ 394.958150][ T37] dvb-usb: did not find the firmware file '(null)' (status -22). You can use /scripts/get_dvb_firmware to get the firmware [ 394.999589][ T37] usb 2-1: USB disconnect, device number 34 [ 395.171064][ T6141] usb 4-1: new high-speed USB device number 94 using dummy_hcd [ 395.215535][T10556] hsr_slave_0: entered promiscuous mode [ 395.223726][T10556] hsr_slave_1: entered promiscuous mode [ 395.225504][T10556] debugfs: 'hsr0' already exists in 'hsr' [ 395.225527][T10556] Cannot create hsr debugfs directory [ 395.321054][ T6141] usb 4-1: Using ep0 maxpacket: 32 [ 395.322929][ T6141] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 395.322961][ T6141] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 395.323002][ T6141] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 395.323020][ T6141] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 395.329979][ T6141] usb 4-1: config 0 descriptor?? [ 395.391447][ T68] bridge_slave_1: left allmulticast mode [ 395.391498][ T68] bridge_slave_1: left promiscuous mode [ 395.391786][ T68] bridge0: port 2(bridge_slave_1) entered disabled state [ 395.557166][ T68] bridge_slave_0: left allmulticast mode [ 395.557203][ T68] bridge_slave_0: left promiscuous mode [ 395.558472][ T68] bridge0: port 1(bridge_slave_0) entered disabled state [ 395.965496][T10716] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 395.965918][T10716] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 395.998824][ T6141] usbhid 4-1:0.0: can't add hid device: -71 [ 395.998965][ T6141] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 396.044738][ T6141] usb 4-1: USB disconnect, device number 94 umount: sysfs busy - remounted read-only umount: devtmpfs busy - remounted read-only [ 396.921052][ T6141] usb 4-1: new high-speed USB device number 95 using dummy_hcd umount: can't remount /dev/root read-only The system is going down NOW! [ 396.984670][ T5595] ------------[ cut here ]------------ [ 396.984686][ T5595] kcov->t != t [ 396.984705][ T5595] WARNING: kernel/kcov.c:475 at kcov_task_exit+0x181/0x240, CPU#0: syz-executor/5595 [ 396.984757][ T5595] Modules linked in: [ 396.984778][ T5595] CPU: 0 UID: 0 PID: 5595 Comm: syz-executor Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 396.984804][ T5595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 396.984818][ T5595] RIP: 0010:kcov_task_exit+0x181/0x240 [ 396.984847][ T5595] Code: 90 00 00 00 e8 30 2c 5a 00 4c 89 f7 5b 41 5e 41 5f e9 33 ee 5f 00 7c 40 5b 41 5e 41 5f c3 cc cc cc cc cc 90 0f 0b 90 eb 10 90 <0f> 0b 90 eb 0a 90 0f 0b 90 eb 04 90 0f 0b 90 4c 89 ff 5b 41 5e 41 [ 396.984868][ T5595] RSP: 0018:ffffc900044efd20 EFLAGS: 00010206 [ 396.984889][ T5595] RAX: 4b1432c4013ae500 RBX: ffff88802830be00 RCX: 0000000000000000 [ 396.984907][ T5595] RDX: 000000004f210036 RSI: ffffffff8babac60 RDI: 00000000ffffffff [ 396.984923][ T5595] RBP: ffffc900044efe80 R08: ffffffff8b3d2910 R09: 0000000000000000 [ 396.984939][ T5595] R10: 0000000000000000 R11: ffffffff8e1c3080 R12: 0000000000000100 [ 396.984954][ T5595] R13: ffff88802830be00 R14: ffff888035983100 R15: ffff888035983108 [ 396.984972][ T5595] FS: 000055557082a540(0000) GS:ffff888125c83000(0000) knlGS:0000000000000000 [ 396.984991][ T5595] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 396.985007][ T5595] CR2: 00007f465ad7b6b0 CR3: 000000003c490000 CR4: 00000000003526f0 [ 396.985026][ T5595] Call Trace: [ 396.985036][ T5595] [ 396.985049][ T5595] do_exit+0x159/0x2360 [ 396.985078][ T5595] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 396.985109][ T5595] ? rt_mutex_slowunlock+0x4ee/0xa20 [ 396.985134][ T5595] ? reacquire_held_locks+0x104/0x190 [ 396.985171][ T5595] ? __pfx_do_exit+0x10/0x10 [ 396.985205][ T5595] ? rt_spin_unlock+0x157/0x200 [ 396.985232][ T5595] ? rt_spin_unlock+0x163/0x200 [ 396.985257][ T5595] do_group_exit+0x22d/0x2f0 [ 396.985286][ T5595] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.985312][ T5595] __x64_sys_exit_group+0x3f/0x40 [ 396.985340][ T5595] x64_sys_call+0x221a/0x2240 [ 396.985368][ T5595] do_syscall_64+0x174/0x580 [ 396.985398][ T5595] ? clear_bhb_loop+0x40/0x90 [ 396.985425][ T5595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.985449][ T5595] RIP: 0033:0x7f1b0d47ce59 [ 396.985469][ T5595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 396.985490][ T5595] RSP: 002b:00007ffdca2da258 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 396.985522][ T5595] RAX: ffffffffffffffda RBX: 00007f1b0d5122b2 RCX: 00007f1b0d47ce59 [ 396.985540][ T5595] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 396.985554][ T5595] RBP: 0000000000000009 R08: 0000000000000000 R09: 00007ffdca2daac0 [ 396.985568][ T5595] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdca2dacd0 [ 396.985582][ T5595] R13: 00007ffdca2daac0 R14: 585858582e7a7973 R15: 00007ffdca2daf00 [ 396.985618][ T5595] [ 396.985641][ T5595] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 396.985658][ T5595] CPU: 0 UID: 0 PID: 5595 Comm: syz-executor Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 396.985683][ T5595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 396.985696][ T5595] Call Trace: [ 396.985705][ T5595] [ 396.985714][ T5595] vpanic+0x56c/0xa60 [ 396.985752][ T5595] ? __pfx__printk+0x10/0x10 [ 396.985776][ T5595] ? __pfx_vpanic+0x10/0x10 [ 396.985807][ T5595] ? is_bpf_text_address+0x292/0x2b0 [ 396.985841][ T5595] ? is_bpf_text_address+0x26/0x2b0 [ 396.985883][ T5595] panic+0xc5/0xd0 [ 396.985914][ T5595] ? __pfx_panic+0x10/0x10 [ 396.985963][ T5595] __warn+0x315/0x4c0 [ 396.985995][ T5595] ? kcov_task_exit+0x181/0x240 [ 396.986030][ T5595] ? kcov_task_exit+0x181/0x240 [ 396.986057][ T5595] __report_bug+0x331/0x530 [ 396.986093][ T5595] ? kcov_task_exit+0x181/0x240 [ 396.986122][ T5595] ? __pfx___report_bug+0x10/0x10 [ 396.986155][ T5595] ? __pfx_rtlock_slowlock_locked+0x10/0x10 [ 396.986182][ T5595] ? rt_spin_lock+0x1e0/0x400 [ 396.986205][ T5595] ? rt_spin_lock+0x1e0/0x400 [ 396.986228][ T5595] ? kcov_task_exit+0x181/0x240 [ 396.986254][ T5595] report_bug+0x16a/0x220 [ 396.986283][ T5595] ? kcov_task_exit+0x181/0x240 [ 396.986302][ T5595] ? kcov_task_exit+0x183/0x240 [ 396.986322][ T5595] handle_bug+0x9c/0x200 [ 396.986351][ T5595] exc_invalid_op+0x1a/0x50 [ 396.986380][ T5595] asm_exc_invalid_op+0x1a/0x20 [ 396.986400][ T5595] RIP: 0010:kcov_task_exit+0x181/0x240 [ 396.986425][ T5595] Code: 90 00 00 00 e8 30 2c 5a 00 4c 89 f7 5b 41 5e 41 5f e9 33 ee 5f 00 7c 40 5b 41 5e 41 5f c3 cc cc cc cc cc 90 0f 0b 90 eb 10 90 <0f> 0b 90 eb 0a 90 0f 0b 90 eb 04 90 0f 0b 90 4c 89 ff 5b 41 5e 41 [ 396.986444][ T5595] RSP: 0018:ffffc900044efd20 EFLAGS: 00010206 [ 396.986462][ T5595] RAX: 4b1432c4013ae500 RBX: ffff88802830be00 RCX: 0000000000000000 [ 396.986479][ T5595] RDX: 000000004f210036 RSI: ffffffff8babac60 RDI: 00000000ffffffff [ 396.986495][ T5595] RBP: ffffc900044efe80 R08: ffffffff8b3d2910 R09: 0000000000000000 [ 396.986523][ T5595] R10: 0000000000000000 R11: ffffffff8e1c3080 R12: 0000000000000100 [ 396.986538][ T5595] R13: ffff88802830be00 R14: ffff888035983100 R15: ffff888035983108 [ 396.986563][ T5595] ? rt_spin_lock+0x1e0/0x400 [ 396.986594][ T5595] do_exit+0x159/0x2360 [ 396.986618][ T5595] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 396.986642][ T5595] ? rt_mutex_slowunlock+0x4ee/0xa20 [ 396.986663][ T5595] ? reacquire_held_locks+0x104/0x190 [ 396.986696][ T5595] ? __pfx_do_exit+0x10/0x10 [ 396.986726][ T5595] ? rt_spin_unlock+0x157/0x200 [ 396.986749][ T5595] ? rt_spin_unlock+0x163/0x200 [ 396.986770][ T5595] do_group_exit+0x22d/0x2f0 [ 396.986797][ T5595] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.986820][ T5595] __x64_sys_exit_group+0x3f/0x40 [ 396.986847][ T5595] x64_sys_call+0x221a/0x2240 [ 396.986872][ T5595] do_syscall_64+0x174/0x580 [ 396.986900][ T5595] ? clear_bhb_loop+0x40/0x90 [ 396.986926][ T5595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.986948][ T5595] RIP: 0033:0x7f1b0d47ce59 [ 396.986967][ T5595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 396.986987][ T5595] RSP: 002b:00007ffdca2da258 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 396.987009][ T5595] RAX: ffffffffffffffda RBX: 00007f1b0d5122b2 RCX: 00007f1b0d47ce59 [ 396.987026][ T5595] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 396.987038][ T5595] RBP: 0000000000000009 R08: 0000000000000000 R09: 00007ffdca2daac0 [ 396.987051][ T5595] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdca2dacd0 [ 396.987064][ T5595] R13: 00007ffdca2daac0 R14: 585858582e7a7973 R15: 00007ffdca2daf00 [ 396.987095][ T5595] [ 396.988153][ T5595] Kernel Offset: disabled serialport: VM disconnected.