last executing test programs:

7.38247734s ago: executing program 4 (id=2373):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'bond0\x00', @ifru_names='batadv_slave_0\x00'})
syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @loopback, 0x0, 0x3}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="1709a70000000000000101000000080009003f00000014001f00000000000000000000000000000000011400200000000000000000000000ffff000000000500070000000000060002000100000008000a"], 0x5c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0xb, 0x42, 0x3e, 0x42}, 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b0000008000000001000000ffff000001"], 0x50)
syz_open_dev$dri(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r5 = getpid()
syz_usb_connect$uac1(0x2, 0x93, 0x0, 0x0)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r7, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)
sendmsg$tipc(r8, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x80)
r9 = dup3(r7, r8, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r9, 0x10f, 0x88)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0xca, r4}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000005c0)={r4, &(0x7f0000000080), &(0x7f0000000280)=""/250}, 0x20)
r10 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
read$FUSE(r10, &(0x7f00000024c0)={0x2020}, 0xfffffeec)

7.184356767s ago: executing program 0 (id=2374):
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x0, 0xd, 0x10, "3bdcdcdf05c3638a259ef7c712a74f71ed04e8ea46a0a1ee8bf69f457fa3933c", 0x32314142})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x17, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0xff, 0x0, 0x0, 0xfffffffe, 0x3}})

6.996296925s ago: executing program 0 (id=2376):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0xc831, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x4000000)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x8, 0x0)
r0 = syz_clone(0x0, 0x0, 0x43, 0x0, 0x0, 0x0)
process_vm_writev(r0, 0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x74}], 0x1, 0x0)

6.49380292s ago: executing program 4 (id=2382):
syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120110013e083f10cc04332558fc0102030109022400010509401a0904a807020855fe980905eb020004020205090523"], 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xf4)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000004c0)=0x8)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000900)={r2, 0x4}, &(0x7f0000000940)=0x8)

5.763124287s ago: executing program 3 (id=2386):
r0 = socket$netlink(0x10, 0x3, 0x8)
close_range(r0, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2bd31c1b594c50de7c9efd826f1e19b7bd89ca4052b1985287bd13957a48467e0eeddf564d175bf4340885b63976df609806c3b2a3667539dfd66a7400000000003be6026e60205f761ce85cdf75cdb95ca5d32b5bf87eed4184d49f8f48181ef2419efe82ebb18ee55772d562b3b49551714e805a5211a3f4e8e703c03e23b2074bc573dbb66d59e269b722637c4a2efb5241cae2f14774609ad91d66724c438455dc4fcf0b4c8fc235f6c190b4c82bb2556d1fbcd4468369e98e900c743162ce2c7e60610acf0c8e4ba94a7e7127c7de0e6c35acecee1b8434fdca4579f9ebc6a515f7d910b466eb583fb0a7e65fbecb2b8ee0e9da33afb88aa5da8da3a5e0e58fcb48de6f165826b046a8951a47e040bd419d0efa0f54e8e3694085a7bde6f6494968d8200000000000"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff37}, 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x1000000000000f, &(0x7f0000000080)=0x7fffffff, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="b7000000ecffffff0c0000000000000095000000000000005e0c83dfb64a3eb1cdfa541cd3957aa8a96b9fa4591c1eb556e38defc504b011face5a06294c2115a9ad943bac350e8d7961537181f79ead9176dc7c3ed2d45004deb987fa0d"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
epoll_pwait2(0xffffffffffffffff, &(0x7f0000000540)=[{}], 0x1, 0x0, 0x0, 0x0)
r2 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r2}, &(0x7f0000000000)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x7521, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r3, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

5.762404778s ago: executing program 4 (id=2387):
r0 = socket(0x11, 0x3, 0x0)
setsockopt(r0, 0x107, 0xf, &(0x7f0000000100)="00008634", 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', <r2=>0x0})
sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000040)=@ll={0x11, 0x6, r2, 0x1, 0xf1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000280)="070f", 0x2}, {&(0x7f0000001540)}], 0x2}, 0x4)

5.653423173s ago: executing program 1 (id=2388):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000340)={'aio_iiro_16\x00', [0x8005, 0xb, 0x0, 0x7a55f50e, 0x27, 0xcc6, 0xb, 0x7, 0x3, 0xff, 0x0, 0x0, 0x4000000a, 0x6, 0xa991, 0x2009, 0xfffffffe, 0x40ed, 0x43, 0x40000003, 0x89, 0x6beab93e, 0xf27, 0x6, 0x800b, 0x9, 0x5, 0x0, 0x4fa7f95b, 0x5, 0x514b]}) (fail_nth: 2)

5.475599779s ago: executing program 4 (id=2390):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x6}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
symlinkat(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='map_files\x00')
fchdir(r4)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB='-'], 0x27)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
fcntl$setstatus(r3, 0x4, 0x40800)
setsockopt$inet_mtu(r3, 0x0, 0xa, &(0x7f0000000180)=0x4, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=ANY=[@ANYBLOB="840100031800010000100000000000000200000000000009000000000600150006930000600116805c010280550102006e65745f7072696f2e69667072696f6d6170008f7be20b02564ec7a35f7f7a7598edc3f56b2454803ec63264b08f4c3c420899424272c1d32cf937760ffb66c68cb92658a9d3ce34616f12175eb5f530eaf630be433c24381358a69088810e0fab76fdb34e47b59c477ee396e64d3c6c18ac4e19fbb59a92604b57b8a6527b6907770ceccf04ca016c2346f7f08827bd1b1f5a050e8602a989efcda0c19df2db85251974bc6afb8ae55bf42216c4f85d8c372dd558eafbb9def59a343a7c6c5c648374eb543ab1481714b100046576c4a71efe1c9f3b2ad0c55a9b1534cecb12f4d37ab83a073103a78fa9adcdd64f78235f35b82dd041d1ce859825726a0c22363e0c56e7dc7c009ab1dc4ca13b7c561ce210a0f2a43fbdc06418391fe35b02dd98f35ba9b366767d23eb2893ec33802b6bd533861ae5d9dc5f2bcff8796bee89a69b1e20eced741ac445ff72594cd893fbbce0000000c6b094b9b94dda8ca072e12b88a08dca94aaea1dfa887a5de9bd1279dd8375dcf5bcf53f6e564a15dcfc0bd709b2c3c07080d0a58c3d5af50de28938222bfdd50a6b1d4317bae5f2a1c6fc05de78ec19ca2464cead441f049148e8d6c3501a3d1d60c1b6d558fa50a6df985863a2a393b6984e0a3db30e4d850946755fe2aa5f4be55bc0924c0fd47d60f0de6ea6151d9978b3e20627efc83d935eb3f05173331d0e8f5b576d7c664bed636184b6f0689b569ce8f9d49873e95592a8f90c081864c9188cf43edc6fa5af4cf619277c9c431655eabbc1af85a156386bcf4b80"], 0x184}}, 0x44890)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
setsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000000c0)={r0, 0xee01}, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)

5.284603344s ago: executing program 0 (id=2391):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000002080)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f3b3168090890e0878f0e1ac6e7049b336d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e80400000c5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f912ff01000021ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7bd50978b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefdc01000094d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af5617ea94c9493260fad0000f96f06817fb903729a7db6ff957697c9ede7885d94ffb00600e0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@bridge_getlink={0x28, 0x12, 0xf1356078674d6119, 0x70bd27, 0x25dfdbff, {0x7, 0x0, 0x0, 0x0, 0x400, 0x491}, [@IFLA_EXT_MASK={0x8, 0x1d, 0x839}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x24048054)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18090000080000000000000000000000850000001100000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000040)=r3, 0x4)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtfilter={0x3c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xfff3}, {}, {0x7, 0xffff}}, [@filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20041090}, 0xd0)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)=@getchain={0x44, 0x66, 0x4, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x7, 0xb}, {0x3, 0x9}, {0x0, 0xd}}, [{0x8, 0xb, 0xffffffff}, {0x8, 0xb, 0xc93}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000000}, 0x1)

5.117952707s ago: executing program 1 (id=2393):
sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030e000000000700000000000004000900a000000001d78771b90bd8a3b4914783c58777003d5b953800000000020006000000000002"], 0x70}, 0x1, 0x7}, 0x4040)
socket$kcm(0x11, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="54000000010401020000000000000000070000000500010001000000080003400000000008000340000000bd060006"], 0x54}, 0x1, 0x0, 0x0, 0x20004000}, 0x44004000)

5.097589236s ago: executing program 3 (id=2394):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_ifreq(r0, 0x89f0, &(0x7f0000000040)={'bond0\x00', @ifru_names='batadv_slave_0\x00'})
syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @loopback, 0x0, 0x3}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="1709a70000000000000101000000080009003f00000014001f00000000000000000000000000000000011400200000000000000000000000ffff000000000500070000000000060002000100000008000a"], 0x5c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0xb, 0x42, 0x3e, 0x42}, 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b0000008000000001000000ffff000001"], 0x50)
syz_open_dev$dri(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r5 = getpid()
syz_usb_connect$uac1(0x2, 0x93, 0x0, 0x0)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r7, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)
sendmsg$tipc(r8, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x80)
r9 = dup3(r7, r8, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r9, 0x10f, 0x88)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0xca, r4}, 0x38)

4.745998709s ago: executing program 1 (id=2396):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000140)="580000001400ad", 0x7}], 0x1)
write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="080641663151c9e0ad01"], 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x4)
write$binfmt_misc(r1, &(0x7f0000000100), 0xfef0)
splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0) (fail_nth: 2)

4.539213872s ago: executing program 1 (id=2397):
syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120110013e083f10cc04332558fc0102030109022400010509401a0904a807020855fe980905eb020004020205090523"], 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xf4)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f00000004c0)=0x8)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000900)={r3, 0x4}, &(0x7f0000000940)=0x8)

4.464272464s ago: executing program 0 (id=2399):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x14, r1, 0x7, 0x2}, 0x14}, 0x1, 0x0, 0x0, 0x4000800}, 0x400d4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r3 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000240)={'syztnl2\x00', &(0x7f0000000140)={'ip6_vti0\x00', <r4=>0x0, 0x4, 0x3, 0x7, 0x0, 0x1, @loopback, @remote, 0x80, 0x80, 0x672, 0x3}})
sendmsg$nl_route_sched_retired(r3, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f0000000700)=@deltclass={0x8b0, 0x29, 0x200, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x5, 0x5}, {0xb, 0xe}, {0xfff2, 0x5}}, [@c_dsmark={{0xb}, {0xc, 0x2, @TCA_DSMARK_MASK={0x5, 0x4, 0x7}}}, @c_dsmark={{0xb}, {0xc, 0x2, @TCA_DSMARK_MASK={0x5, 0x4, 0x2}}}, @c_cbq={{0x8}, {0x854, 0x2, [@TCA_CBQ_FOPT={0x10, 0x3, {{0xb, 0x9}, 0x4, 0xe4}}, @TCA_CBQ_LSSOPT={0x18, 0x1, {0x2f, 0x0, 0xd, 0x2, 0x7f, 0xfffffff8, 0x4b, 0x6}}, @TCA_CBQ_RTAB={0x404, 0x6, [0x5, 0x0, 0x4, 0x0, 0x0, 0x5, 0x9, 0x6, 0x5, 0x5, 0x3, 0x1, 0x1, 0x1, 0xfffffffc, 0x9, 0x0, 0xfffffff7, 0x9, 0x5, 0x40, 0x2, 0x2, 0x7, 0xc, 0x57, 0x14, 0x2, 0x6, 0x5, 0x9, 0x100, 0x5, 0x3319997a, 0x2, 0x7ff, 0x7, 0x2, 0x3, 0x4, 0x6, 0x3ff, 0x2fe, 0xc4, 0x50, 0x8, 0x2, 0x8001, 0xfffff800, 0x81, 0x9, 0xe, 0xa, 0x6, 0x9, 0xa624, 0x6, 0xfa1f, 0xc3, 0x81, 0x1, 0xda1e, 0x2, 0x1, 0x7, 0xff, 0x4, 0x10000, 0x2, 0x7, 0x3, 0x5, 0xfff, 0x81, 0x6, 0x2, 0xa8a8, 0x8, 0x9, 0x2, 0x101, 0x4, 0x2, 0x3, 0xae10, 0x1, 0x7, 0x5, 0x7fffffff, 0x9d1, 0x7fffffff, 0x8, 0x3f4, 0x3, 0x7e3, 0x5, 0x3, 0x3, 0x200, 0x3, 0x642, 0x400, 0x8, 0x8, 0xfffffffc, 0x7, 0x800, 0xf1, 0x2, 0x43, 0x5, 0x3, 0x7fffffff, 0x7, 0x3000000, 0xf5a, 0x2, 0x1, 0x8, 0x0, 0xfffff001, 0x4, 0x4, 0x3, 0xfffffc00, 0x7, 0x655, 0x10000, 0x1, 0x7, 0x1, 0x8000, 0xef, 0x9, 0x7fffffff, 0x9, 0x0, 0x8000, 0x8, 0x1f4, 0x1, 0x4, 0x6, 0x0, 0xc8, 0x1, 0x5, 0x8, 0x3, 0x9, 0xa970, 0x9, 0x6, 0x3ff, 0x7c2e, 0x1, 0x7, 0x1, 0x8, 0x0, 0x8, 0x401, 0x1, 0x80, 0xdd, 0x1336, 0x219, 0x8000, 0x8, 0x0, 0x5, 0xffff82b6, 0xfffffffd, 0x200, 0x2, 0x17, 0x4, 0xfffff800, 0x81, 0x8000, 0x8001, 0x6, 0x3ff, 0x7, 0x2, 0xc6a, 0x0, 0x80000000, 0x80000000, 0x6, 0x0, 0x10, 0xfffffff7, 0x2, 0x7, 0x6, 0x7, 0x9, 0x7, 0x9, 0xfffffff0, 0x79a, 0xa4, 0x8, 0x81, 0x0, 0x1000, 0x10000, 0x5, 0xfffffffe, 0x3, 0x0, 0x8, 0x100, 0x0, 0x4, 0x0, 0x8fd8, 0x8, 0x6, 0x2e62, 0x4, 0x6, 0x3, 0x1ff, 0x5, 0x9d78, 0x8, 0x6, 0x3, 0x2, 0x7, 0x7, 0x8, 0xffff7fff, 0x0, 0x400, 0x1, 0x7, 0x8, 0xaf5, 0x6fa1, 0x5, 0x8, 0x7f, 0x6, 0x101, 0x2, 0x0, 0x0, 0x5, 0x0, 0x8, 0x5, 0x3ff, 0x800]}, @TCA_CBQ_RTAB={0x404, 0x6, [0x7, 0x5, 0x7, 0xa44, 0x40, 0x5, 0x54, 0x0, 0x86, 0x359e, 0x32, 0x1, 0x5b09, 0x40, 0x2, 0x0, 0x9, 0x9, 0x80a, 0xc, 0xfffffff8, 0xe4b4, 0x5, 0xbb05, 0x8, 0x713, 0x3, 0x8, 0xfffffff8, 0x5be, 0x6, 0x4, 0x33e235ea, 0x8, 0x81, 0x5, 0x4, 0x40, 0x10000, 0xd, 0x7, 0x6, 0x7, 0x11b0, 0x5, 0x3, 0x8, 0x7fff, 0x7f, 0x3, 0x7ff, 0xc, 0x717, 0xfffffff8, 0x7, 0x411, 0x9, 0xb, 0x7, 0x1ff, 0x4, 0x14c, 0x2, 0x9, 0x8, 0x3ff, 0x8d6b, 0x64, 0x2, 0xa5, 0x7f, 0x80b, 0xff, 0xfff, 0x5c800, 0x7ff, 0x7fff, 0x0, 0x3, 0x5, 0x4, 0x80000000, 0x4, 0x4, 0xf, 0x4, 0x1, 0x6, 0x7ff, 0x55, 0x0, 0x0, 0x0, 0xa, 0x0, 0x9, 0x5, 0x3, 0x6, 0x8, 0x400, 0x5, 0xfffffc00, 0x8, 0x6a6, 0x731456e5, 0x101, 0x80000000, 0x9, 0x2, 0xfc000000, 0x9, 0x5, 0xff, 0x8fa4, 0xffff, 0x80000001, 0x6, 0xffff, 0x2, 0x79, 0x7fffffff, 0x1, 0xfffffffc, 0xffffffe9, 0x80000001, 0x2, 0x3, 0x2, 0x5, 0x80, 0x245, 0x0, 0x7, 0x2, 0x1, 0x1, 0x20, 0x8, 0x4, 0xd3, 0x5, 0xfffffff4, 0xd, 0x128, 0x40, 0x7, 0x4, 0x5, 0x1, 0x5, 0x3, 0x0, 0x2, 0xa, 0x2, 0xa1, 0x9, 0x9, 0x8, 0x4, 0x4, 0x8, 0x10001, 0x7, 0x9, 0x0, 0xbe, 0xaa, 0x9, 0x1, 0x7, 0x4917, 0x8, 0x0, 0x7, 0x9, 0x6, 0x5, 0x6, 0x5, 0xe, 0x8, 0x5, 0x400, 0x8, 0x6, 0x2b, 0x2, 0x5e0c, 0x3, 0xffffffff, 0x5, 0x1000, 0x5, 0x80000000, 0x80000001, 0x2, 0x10b, 0x4, 0x8, 0x1, 0x2, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x800, 0x4, 0x1, 0x80, 0x565, 0xcd, 0x5, 0x2d8, 0x8, 0x3, 0x3, 0x4, 0x8, 0x9, 0x7, 0x5, 0x2, 0x6, 0xffffffff, 0x6, 0x100, 0x9, 0x7ff, 0xffffff81, 0x1, 0x8, 0x4, 0x6, 0x1000, 0x7a, 0x3, 0x10001, 0x6000000, 0x9d, 0x3, 0x8, 0x5, 0x2, 0x7, 0xffffffff, 0x3, 0x529, 0xfffffffb, 0xbdb, 0xb, 0x0, 0x5]}, @TCA_CBQ_FOPT={0x10, 0x3, {{0xd, 0x3}, 0x9000000, 0x5}}, @TCA_CBQ_RATE={0x10, 0x5, {0xce, 0x1, 0x5, 0x171, 0x40, 0x6}}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x800}, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000000000000b00000008000300", @ANYRES32=r6, @ANYBLOB="200050800500020002000000110001004abee33908f8eef1af4aebb1615c4c446f162471f4000000c5f75ac729422245d2951bbdb953626b70cbc5b03080209147f90791325f24120851fe7d07ab0caf0bc1539e171d398d999b2a6b502ffafebc3ce8ac30f850974f62e7a1de8c8507890c53f46ed49ddca89c209cc8f20f"], 0x3c}}, 0x0)
mount$bind(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x3a09007, 0x0)

4.402016335s ago: executing program 2 (id=2400):
r0 = socket(0x11, 0x3, 0x0)
setsockopt(r0, 0x107, 0xf, &(0x7f0000000100)="00008634", 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', <r2=>0x0})
sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000040)=@ll={0x11, 0x6, r2, 0x1, 0xf1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000280)="070f", 0x2}, {&(0x7f0000001540)="11ec4e69", 0x4}], 0x2}, 0x4)

4.243242656s ago: executing program 0 (id=2401):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0xc831, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x4000000)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x8, 0x0)
r0 = syz_clone(0x0, 0x0, 0x43, 0x0, 0x0, 0x0)
process_vm_writev(r0, 0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x74}], 0x1, 0x0)

4.184504815s ago: executing program 2 (id=2402):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x6)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
fanotify_mark(0xffffffffffffffff, 0x105, 0x40001032, 0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002300)={0x2020}, 0x2020)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000280)=@generic={0x0, 0x0, 0x8}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(0xffffffffffffffff, 0x80045300, &(0x7f0000002000))
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000010401040000000039"], 0x1c}}, 0x0)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, 0x0)

3.684784672s ago: executing program 2 (id=2403):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000340)={'aio_iiro_16\x00', [0x8005, 0xb, 0x0, 0x7a55f50e, 0x27, 0xcc6, 0xb, 0x7, 0x3, 0xff, 0x0, 0x0, 0x4000000a, 0x6, 0xa991, 0x2009, 0xfffffffe, 0x40ed, 0x43, 0x40000003, 0x89, 0x6beab93e, 0xf27, 0x6, 0x800b, 0x9, 0x5, 0x0, 0x4fa7f95b, 0x5, 0x514b]})

3.373685549s ago: executing program 3 (id=2404):
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) (async)
memfd_create(&(0x7f0000000040)='\x00', 0x6) (async)
r0 = syz_create_resource$binfmt(&(0x7f0000000080)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x41, 0x1ff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0}, &(0x7f0000000100)=0xc)
r3 = syz_open_procfs(r1, &(0x7f0000000140)='attr\x00')
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000240)={'syztnl0\x00', &(0x7f00000001c0)={'ip6tnl0\x00', <r4=>0x0, 0x29, 0x3, 0x7, 0x6, 0x42, @dev={0xfe, 0x80, '\x00', 0x1a}, @local, 0x8, 0x1, 0x8cea, 0xd893}})
sendmsg$nl_xfrm(r3, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=@getpolicy={0x8c, 0x15, 0x400, 0x70bd2d, 0x25dfdbfb, {{@in6=@remote, @in6=@local, 0x4e22, 0x0, 0x4e20, 0x3, 0x2, 0x20, 0x20, 0x84, r4, r2}, 0x6e6bb8, 0x2}, [@XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x4e9fee0e}, @srcaddr={0x14, 0xd, @in=@remote}, @sec_ctx={0xe, 0x8, {0xa, 0x8, 0x0, 0x7, 0x2, "9b3c"}}, @replay_thresh={0x8, 0xb, 0x1}, @replay_thresh={0x8, 0xb, 0x4}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40}, 0x8841) (async)
sendmsg$SOCK_DESTROY(r3, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)={0x9c, 0x15, 0x100, 0x70bd25, 0x25dfdbfd, {0x23}, [@INET_DIAG_REQ_BYTECODE={0x87, 0x1, "773e1bd708fb596cd09ca8a6ce8f5bfe12c1df95c0e901d9fc25220a8d04fbf39ca0741bdd7141748d00e80c0ef4678e2c58237b2a41138469f7e0d74601cc48c2e6726d3b65ec8f17bcda05d67a550825a902988b06f277b4b182e4b1b2633f0589cea39774445d37edb3f47255d0ec02ed0e53aeca4cb7b41e6fb2d9bf1298d1984c"}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20008044}, 0x4000800)
r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000540)={r3, r4, 0x25, 0x10, @void}, 0x10)
setsockopt$inet6_int(r3, 0x29, 0x12, &(0x7f0000000580)=0x6b, 0x4) (async)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000600), r3)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, r6, 0x2, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x814}, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0xc) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002800)={r3, 0x0, 0xb1, 0xe, &(0x7f0000000700)="2e9bc391c6e9ca5839918b6b7584577cd71726836e449c8fd84fbf05e98f195a78477b4b856fc158a1e9da672eedf72822723ab5d963d85bed1ce3edd48369c265adae2c688f2fa0b4dcbe025690944349863437081345bca5552447057d2de1ce177c92795db717c2e00d38d31b6f5cfcf62c3e6b1d528fd14127f72acf2d94fe8ed9dc4378920c166a9d4029f538888e0255857de5f14baa96b1942b0f79eac3c9fe638fe85b13b6dc35f7df2a13ea23", &(0x7f00000007c0)=""/14, 0x2, 0x0, 0x1000, 0x1000, &(0x7f0000000800)="acc14b9f40edfe7bd0c1b3941f6262ca5f97f401a0fa7ff7a83260fbf905a4386ca49b9b6aaed604bd113e47eff3fb5742e73bbc039d5401f1b2de279c2ede5302e2a7c044e70ee1b30ca91e9f2dd3e35a829ca976ad8807932e6f9098e794909e2d541a1866d9f123a8904e2a93d3425ba55daaf6cbbabb094b6d7bcf4c097806bf5168226a36f7a3acba3a1e5cba65a6d347f1a427523dc5e84294051a0ae5e3ac582920493bfee8e88bf7f66f099529d0d420c4551375b3802c52296c93cc1026e26f1e2749aee05ddbcf2c4ee4d9f890769a740a553a3d1788869a2654efdda78c2a7625e0527a38a80cf8734ddd8595b8d9982610d904306a36eca826a9bdd119f5d87412b6ed487b7f3a1c3da284333c6af5828c4435dd3c1c026e3dbb88b16195480a6c553c3bb2ff4647f4c341ef11ce05f73e44ada24bf288e7ba3fad1897a641b22dd4667d6cf357e34a0063e05298503db425217452a6d73b0be7689040e63bbf6c78726da152dd8b0d573a38cb0a9641f4856807a50ba50779b660a7075e2f35fdd1d2845c975de7062238a98a0d18ddfba899e44132ac7e3ffee57841f82040eae403afb29bcd97a6755b6804d500386fbe6d2d841acf452e0f7eb8ea2e980cd15efb224185f41346fafafd1d0a919162fe87443536bc4832d1ae7cf9390022b881a2cc46283a77e457466e3bcf73fc5a175b8e7e64b24d9794e302c299a8b0a2a25262e882f9ccb65f7dd94175f2cfa150220a9b0a507b4335cd5461d068845c6987ad6f49336c0b7ee57ee9e9234b5ff1d3222dfda9ddf888ee5069fb91cef5a2d396fe5fa8641cb11fd82c82c9bdc23bd600993382c481f6c1af8093854fb985e6d409710939066b7f5d91e1e1bab615abd3699b5782c37afbd5d436b96c45b197a74e94ffa05fbc9d9b640afc8436ef83b0abf8c63b3a0904df6acef426beaeb54302e060806199818121b8a6a8477e1272404b83622745a3af821c3bd9299267fe7caeada3888ab5dc63e0f953c8dbaa699e11d2fd8b4dba4c663f75c88805ab427f549377add9a4f56d9e61535f7e69e5604c43455dc8049f975b18affb43ffe68674d4bce2c065b82387efbb2656237eb411ef8d98c6855f485f9d3b7e81aefed9c75934543bc544eed6dabebe99800f340a6f885ce92571a8600f039dda2a7b2f2571f6bb7d1da62a0221a2a7fad33ecdea07cf0eda8238cd05f6dc74af84517fd34fbf67062afd1a76151294ee6223f10be047f48e1ce0f2d9eb4e0ff3515dd2b0e24b45056a0ca4d92df7b0f354e399d67cb9e00dd43442a5bd29599d6cf0a403db103c9dea5778ba0ca84be02307eada1c6b67ca2ac1675c771221baecb4c41ed790b9627d6fba185e305f929a0d0921b62759e831bc3b9316f7249a5f0601fbf8d820c4f644597f1d707022eaec742bd2d2759251e6ee8edf4c37622d1c802ee3e9bab83008749794886d6870840056ba02cb61794fe6bc93c01a21796403a825368893c4a36adaf0ff3906c6e334960f8b0602b7bf7deff8923f6166c7386f8153dfa25861401c5c6a1bf968a8e0e173088b9f80e040d2b2c445f95cbbc0c6b6bd2e8bb3c4aebfd4972d97b91f5cd04e92f4345a8bcd83fa727b1c9cd26c2477ecc5da0d06ca15254b3fe2167e5b7b8ddbd43356d30735a8239984895242423b996bffe500b60c637f642f9d062427c85d07fe4d6aeafe0ac52e32b52c79f31322d7e627bba249162e27cc8e564f1ca19a0bb43751a57484a4e1f639e8a208c215e3f68495c737174de6a84a0bffc73733e224a460134da5dc1e2665edcdd5ab336cf614729e943727ca4ad46e6804900b2e5e68b325b071bd1bd566ed33aef9438d813edc30e00f5b9cc48a1775d5a6b18342df2be3dfa27804e5484537c70dbd64aaf8255ede435811a947c7137bb4de1be341efbd59cb58ad1adfee1db49e55c8f057a367308dd81a687810cdaf534f84b4ebfb234bfa5319db9593e6b505a3ceba784962a841b90cfb2cd0dcdbadd3d5eb4bb666d919c2256a5e45a4cc724859f2da80d529d74f1d6cc2563c49114974ee38b205ade8d72ee8811dda73e72f6331fc67e100109fb49056a637593a08b1f4c619958e972622782960063267e6a075c1db2bd26b359735d9d3be1fc2a222b72bc73b846070ea5399ef0fdbd874d1cc7c1c1b20f6f1bc422d4fc7ea4113fd96b87bce16a759e1b7ff998d3f944a6daccd22cc83e0d04fb5e36f0ee9d6532bbe3d797046d834f5fbcb8b136eaec6757a8738aa004f139befd2bd71099a8350b591e6b33e2a7bba3fc6c7f5f7656f974cecb68751e239c01e9fdf45d7b769b642403e60fbf1a7fa93cc7cb9f2e5dbe2485756d5134a3459dfbeca29f6410ba6857af5385a3b801a72c3643f5e2f8c762e4c8bd3c34334bb8d123f2617d4fde7d9d21a5388ed1d497928831df20740d528b2e672da45156fe807deee2906db63bdbdcaeadc728bbb5062c3cbaf4500e2bffa902fbad9d60938f785dc930d3c1af648c811d3f605b921881b16f9b92da207b8e2d39e03c5a0885abd16d738e0721e37661a26e62424716fa643db0d18f924525bc5e545ce256f0e4eb52edaa0ffa5fe73965128c2c7899e8578d0ffb949b05305b08793bfdc4007ca534ba291eb19db9a8650dd6e3901dc9f921d3c077a6428307bea65f5c68fad2ecb860393cdff001167f80efd0f260bd28e3e1a44ebf41f701f6f568d6c85ab42525fa4691ec1733b35778c4f19a225f59237b3a6b69faad9d37cb34c2a613ad6dff43d4b70b81d09e49e1bf14f9b7c30f4c46c9dee3f7d3a4ae1610885c28af53371418bf5c024d5316d2d5ff0057cee94f3cdd496db0620722b957f87e7213f9f78821beb2d75616a487dff41687d9b514edc662ef5771ef1e92313727c77c46528432d1bdababd8fbc7632ad21a63431fd069b126e8519662ac59ab57b18a6ff7ee3be0cc03ee8e95c0c67474fd015811d157a15c08129450287c0f8a05d5ca53a73217174778f8911f87e12753016a62bbf745e6736f6ba7c4299b16650a489d330399e32e0f746224346adc5293a6d60d171409b21cc9547c95eb3f29619bb64914603286e8fb7f7a34c893710bfb1012619e3a5fa1e3c858b273fec5f96ff2cbb035c47855e17fef86d8bf0292fce4463d4975c6ea55ac6d8db0fee7bc108ac2e23df2f7ddd353c895b9c523e44e7184d24d44c16f9e97ca2873fafcfa6e5d5ff735a11d13f7aadacb0f14a4b619dce05f94937b94925ae7c398d54a7a3b2254cc440010fcba6de066c8d9aff95b76c681855cdc02d98d5d2e61bb500955d38d96a59cf3870f5d8b681eb173ee356457ec67e07506da2c333159f3ed4ada88e5930715e8892fc3c0840e180bc73565e68152929564b2e8dd698076c3346edde0c329296cd501da0a1660b200d947f96eb295ef08ea5dd8bf069b6bb14de694801d0163e0eb81ebd0a90e851780feaba1edbf6572e1f174bb7808d9002640b54921233be3f806e19f4c4281c8bf1b43b343568847700487cf3befd391ff5b6d1d831d3986ed69e69c4e7021ac0090023f01a18ff9f9c4d8cc9f5e0479590a48b826be648884c7175ccbc2964a462dd987cb51305eba5bb2dfad7122b212b55da1975b167409de7409fcbd409849c681fc23b03bd3c5aac08e78c2e18903206f9f85dd979a3f29ac634c3eb97a494892b0d70465fefab9b8a583e680c57de5cd9606af3f469bbb520c2747d1cda26fb85f58825e97c7a7b1f4f7bbd5944229b998c83efe3e7e608a4bf84baaea16444f47a1ea018af347be33b56e123c70d126255f8ea9cd87801e9f238b987d095fc7ec31690976754baa57d023146ae1d4a5ddc8f506ee6b7300fcacaf6bea6a890cbc8f17969b5fafdb0b2a52a79c015c4e475d268487cbe228cc3a08327748d56874318ccf565031e67c778da98347c6e9269f343868f5794f0d9522df1074791caa56510e066c4d2fc9d0ca888fba38f999cd8fd986303a3b39b86c83b5bf070b8afb1d2200c9b64c01caeb94fcb8c489742a26a809b7196366383df6d5c784b531dccaaef738c6f3d4d7372bb3d896a889f6782179e6a59483a4988b46df4ac61d2a9a2ad3d8e6932594fc825c08c4b4849358a35b52359828cdd16bceefc8f04b2e251b01180bcda8bda3abb43ff9c1e5fd4eed988a50d3164266d20071d529129d3ff3a097b3b34fe92778e34792456af3474192a6490c3e65f83eeb9057cb27305b9a7b9144407a8d137290494879cfd5a8747bad39b9e17bec6380e3facb00ed4c2f7ed594913f67a5c9806ddd557585957daad83c128f8b0ca52a81e378c6d604b71a5a6a24b7067e22f55129b24dcd9235061d4ddc6c0c628347aafdfc3cf045d7499ac80967299bfe73112c248e9824940f6aa0429a71fc97a59cbaf39b15ba20a1de8fe602b43cb74fd0003cdbe0314333ce5023cf977d8171d1b22e63eb26c6dbd5a98531f4c75aadfc3cfc6d78311e34a24cf09fd2e594cc129ab0e844cf3c690612b400ebbf5a6eff4f587628b5cf4a2ac46f09e7671df4fcc2aa98ea533de842430656fcd33c4fe63f6b2fc1cc769f6bf9bfea97cae51b430fe1aded41ef194a684e03ea3b8c811559f083662e9a18dc1b9048c637fd88d498902ba9d73377b35b6d6f4f9e18d4521a202a8f8709b6fef423c4caf022c2e025c986ee9f1be2f68283e2b2af67970f27c141cbdcf3128d6b66c16662589d8e6dd63155643d94a5e85906ceb40e8493e945595374dd932bc384437f5c0337588990561b677af441411cca182b8fdf7c85d192cf4e23161b2d8d7b25935d2bb8fcba933cee37af70ee2a048a1ffd3bbadb4bfbe3b4acf70600e34d9e788d19a507b7f78aaa41d7eafe5ecb8b77e24d909c0eeb1eecd8e3727978ec3ed28521e3b4812530d7acf8112e993641032af68ba55c91010bdd248dd6c6baef881a0b9abc5c85c9ec905f760f1f54e71a16fde0079484f680ad314ed2811bd5460a7c4a05a51ea8712fa21499c44dec71ec3d72967e8d6a877fcdc88671bfd6119e9ab97b2cbd6a8337a17ab2441cfc33e36a652580ccde2021c22c02b0f9dae18b07eeda4ef19d56488456dde5f3e4d902a1e5f82dabe9c9dfdace6fc9c4e32234f27f6eea229582f3a327cd02fbe938ec6114ae0f25fb8912532053d0a7c6cd5601c2e54cb7a786588d804fe493f95898ae557b3a782571e444fd5d4a36770d67a829b7083c31cafe47bf1f780ce99cfbae35d996501c2eb9bc783d88c0b8132d8f08942724a54f9ea773687c3d28e622652220906156840b7b5844ee20a3c2850ca8aa0937b7d7e7b2de1318cb824a3616489729c4c6e81142ac769ee24a7be62988a0ffd94432e9a35402e37ccb3fa509cb927bcdc467cb5a6673a3aba50a66e9002d2f68e0a86fb210cedd7e83026184ca14aafe89e112939b3a9cdbd7d14f366a46d37e0ecd397c2a7a069b2567629061ef5da520377f24aff726ac2be251d73a7613d7832d4183362bdf09530c06970caf8979b99f49e2a75b91cdfc0c0bcc96ee34edb5177c08d5b44683473e545529842708849a98e5e8e7014b0641e6171c3bbc8fdc63069a2d565418fa8581fb816f006bb11f5e2a0b4352e768ecd44427c62fa1b79712fafd94f7a0fc47f29a04ea26f662c865a9c500e3a1d07611eb51dcb3cd5f9e237c5982496840a0fe3fd7e495fcec64defdb3b160a7340f53db1df08eb47f18b00c40fb321a6a2cc976b5978c1eb61d266", &(0x7f0000001800)="f124f505198be4cb7ac95716fec890fb9e4bedff0e28e5cbe3074cdccfd98e779cd06ad1e0c4126aa74db2a3098a2aa8f73e5eecf3f4dfedbca0eac0e884eab85dbe12fd3ac9606fe06264fe983ce7435132e181fd47db9038e5f02eb0a19b7dba51af196b012395ce3fce130b4a4eb688df1df7660f217ab130de6d9a80b86ae2174c236432f6885c46edd1effc3cedaf61408e3cc1f39e79659bc3dc509f71b473b3f78016a7b9195fea4c285f70e3f4c20455de8f226fc2b3ac9ea335ede3cce6e4249c58f51a1ce7ccb45e5f9a994dcfa692467568c54e93f43e320c993b8c065a84927f6e020d7b7eaac8e0d3bce4a442fbd89b4b450aad328c53839c9cbfa3d87bbd21aecbc216e44c499d4990a280871b573b94ebe1e2090ecc82167206db733dca99c978476186c70ab10a1a2fc073cb356a37afb715cec7cdd0f319cc9ffcc0857d03dd8200cf85f528b2218410b9629af4f11d4c27de1aa5007621fea1d85011ff1ad21f426cec50bd8f7266eb78c8660d4bd27e6d51f84cbef31b7306f4105e0b7c595b9e03752f4120221c398d76298228d1da60bee01cee6ea7b06d865e02e4233017ab39b4f73f0d8f07e4341c674a0e3e54b35489769d198cc2b582c11e4d73714a132a6d2bff7a55183fcc2976359b65a366915b12ecd0ae4ab1ee0804093030c215c35ee10772dbca345f7a3da96f74be1f71614a7d1601327371873e55fd4560831f613c2dd217ab8323021b0cc31d32ee9c3fe899ab83aeaae1a5d17507d0c1dbc541d464a7adf711ea573a49e329470dae75a345c7158e70b6b17d157222f6a9a1cf8bdc8415bf6f6b942cdef6c5c8e3d23546c2f7a4467a16d2ee7ec06be7a43edde235fc156deba1e779f7cbfed96b1f3cc5de352b42d0bc598d7877f31f30105b827767eb59d2f3e8043ef839f9465eecf91af97ee02f37c84089f209333f5e561c0431bfd991ee84a5dd745b1607daea5592bdc8e1b7fe9f1d8ae0dd7e23c760d3c454a16ce0ace8d140c824a12880c4ede4695c6c6562305c6dbdf7ac903780574fda7f0f8b402bc9f7a7aa955ed8a0ae8079264e7e2bdf90e46289d4a86b99c0ba610ac337c8501661c4bff90d22c39729119efd8fa7bf5a1026e005ffa3fa9f8333f853543c271a393a5664b51af84e6d9f33b452957dd6a84bf1a5c5b777567602acb9d16c8e4cc85a7dcf2835f452287843b998ea29b5daa9b8dbad2f1bd390539924cd966d0e826aa14ef0b30a60f9a802f0e0286b81426f125f5f3329eecff865ecb69bf2c3c4282f09eef7dd2b7690348b56937865081b7a39c8cb5414ac3c7e8f9a92d1bd31a73e301259035792262f61b2e20083bfaf939e83f32aa7e40523b3598064ac695c5e4ad01b131fc7dfc8a861f00af34d9923c3a59db0060e078596fadb8cb3853e97586a70546fc6f78aec96ea420fed28be56cf12cfe0bb0f810b839a922a9f23b73c2832e137da4724bf46f9e79d89d20ed2237a4ec2117f29decab91ef4f576c946965ab5e76f317eaa425c40314b6afd6b2813fb00c0496a6713cdd326461d0910162702f46d78351f2a58aae44a0ebb01ee8a7221243f23c7dc9a063579f8dca777ed18b47e130243067367e315532b7d1432876e07a69f13db3863b4646cb71f0dd5d76eb5e587d6a367190736e61ed8aabd82bab08b4fa4f7ebbf565bcee45e0bfe12160c5183f9a56c80507d9d8ee36ef03c3853a8931b02995bf74fbd89ffbdbfb909dd1047f370b30ddd245d7c8e5b2b9e8b86b3399a9b49f549eb879269219197cb008ce7b5cdc31c16a68e72d7b6c18d58a085d11cdb1b8f2084493fc631b967629d84f0390922b81d0a7da2da038906a68c7bb4046c2eca2765ad733753e868332b6eec8e41fb168cb2ed23597e16b105c1ee4109ea6d2638d9f5005b44c8c27c7ae698e893f35eb889cff2b27cb0e8bd56773c6de87a6e0ba80907c924b1219b32c33db36f9cf5165b5afddb4b728c9be8776756802e8da11e6cb7e0970d80f50e3b5bf2a9580f0b0056117dd7842c4d71629e584232b3e261b3b6460e9e0faa32f345e78e20a1990014a9928e27d1a26aa575518f137b03ba1fec7f96795036e0559874436e1a9d67611de933e6ad880242fdfe8f6276d20554666b863957141bbb3e902d14aefe6465c05b3475a544077f1c81479e804ebde4bf8530ba19207ed0e783fedc9f4fd018e7c2b95c604c67c0374ab96ecf227a68c873f617a8cd86542415f5762118c0897119d404ef763ab104e769cdae9bcb4a458ecad38578fd4bdbd8f32c7d1460984ccf6d14a87d8bfcf11b83261dfedc410b1be45ee8c2047a378266cf18f7deb7dc2b437273331b5ba1076c8d91ea8c24a093350159fccd6621a9b3c15fd90b1cd8dff4920d403e78a36fbf7c7f5529096728a4d9799ac6a682c9b0ed16fdf11db5a5d180c034ea56bb228294561b92ddbc217fa6dc50b66ce97bc4f6f69056e59c01b11de757dd806973aca6237f091e812abf0a55636e8919a065a969adb8232c102908f307a06a5f357ced6b0acc48c4cc59478cb1958b78c1eec8eefeeb4bc82d756df36cc812ece91d59d3ee0d5918a48272653e5dafb4a7fec74bf47ff7f7239e95a22e81bfefbf5feabf0d9f53f292aa6ccfef032166d2ab86e354293d21fc50582c26fdce67b6f3834c025da05e7d88d57646017c35fb3e3c43287b7e1b0fa4ea04743eb87ea3b130f67ea551ef3014aca59fa207eae202821a44d8b07e1faae7061aeb0e700c17dafa39cf0b771ca8b60f8827d66136621e3409241cbce3d98c96cf1102136a431ef8bf07f9e6d956f31bf2f827092abe77abb1758fb807940c42c4c71dc369aa529815fd0ec6330e3112f593387312ccbbb223d61b9b58aeec57c6c60ce15bd2198ccb616f6a3aaf39b326fbe552ee561d876b1e76db52f42be9f7570bdc07d469cba81dd8ca5ea6c5a3d3c260862f5838f73a4f2a434b8b30fb67815bad430a749a5148e6627d5df5aabde9bf501dd30ee8247360ae270850b0d76e1fa3ae702cd4a139e8c252b66978aaf7e452669292d31c1a456218d9e922dd0639c7ef690d5ebe9044f212274cb88ac962ce731ad248b707166bc3340422df50a6ef53b0b11de58e1e3e49f22f5f0466c6e6643894ee5bd11bdbe53051349a8418f1e55c801c104a3037a041c14f9b494985793a5c16d677e4252a4bca26374e992f75b8506238d61622ee08ed090f2be9c7762b092ba331d5eebac61c72506e36a7338f4c11dc2c3d433f3227861d6c48d59248e9177de816143bba6f6d9e7cb608d582ac391949da985bf8d07b9f644087a1fecbfa228eb9d97c7b8e1d81542cd433d67bb70159d1540255e09469f09afc12ed7321537475f68b8650fc4a2849f5cc0a3e18b56d372d086e94024563e7e092775f2ac0ec011637bfa9d640bde3ce6fbf6680e07632eae48b3e27808cbbe1c5b7b502deb5876890a7c97b394ab9222d5edae0e80afaa9152f04f32601b7789ada94064722af1a8ea11f565dd3ce7ddae785964cfb309863bba7973617ba142f21a0a8988f6640db8b46368d54c8ec36aa31dabb28661539d6f16ac83f387c32f8d2943ae85536ccd50f08f41e9bf5de512542faafa9f29770d5a49926d06d0a51c35536f8e8211cccc9f7972080b219b041a81e76cfef6b2ed66266c586e0c64c2e5eaea801e12c683b9543bd27aa31f396e0f83154ede8ae8d84b0b9c73ea1ee899e8e1cf42a03eeada65a76d2f5cf2b793f83c2dfafa5c53a77f7307b374cea92aa362b48892134588c5a503fefb5fc43084798b760bdfd637d99a1431327a7b6a1d00bb97e751587a6a8db3afeeb3a51064ac41705c586528765f99bd6f53b47fe5348b921b166e0dc6246a566e9c6ae354030e501d1f719c94d422534106cbaa2b1915d48714ddd859e6fdfa97d3d7f5e39dc8179672844d100ef223c0709f3e8e1d2942a4a3df9d1bb6f2e8c2de316b72358269e29fc35136eba05ff2e723f8014158a8e23e8a57028b218b5c98a6ed49f67308963de1b6440e1a5faed76c7181f039bf93b36550eb100f4fb9817af6634c5cbefe91a714ac02c849ed53a1e3a11cd1f0fb40420def2e660facded0066cbcc60345c2b75cb13a24c643eb843f62899d61b6a1533d8f3ae3850baf924abf310c4a382f1b0f7f09bd7e0ed80f66596017233db4b1ae4d2c57676eaa25fb7faa160bcd356a9f09743d74ceb5f5ca47abfbba38b16839cb0aeef68e13454fc6c8b75c2904569253f492638de48f06f2142471dc17ace5a87301195f476ed9b18e37b42d3b0755e125950a461323f5e13c145122031a47e1bb911509ae1e9dbf3db7ba95a4e311fd373e8c867c1ea5ddad273b440485293e63d38dfe7b3098b7b44aeed4aca80db88e2c647d66a33066406a70b15aa14a8b808cddba41e5082418518d5cf2ca01e4dea7c26f46bace94e89fb98c5f82265695b2162f0fb7d19e9babfb78089a8ba04c3546a4c9142365fb4ee7c0026220deb945566157f60616df788424a4177999d798eff9de857d254f5f2f00bbd87f3b5184508d38460ee96ebee5ae169cfca9e990417657441edd4efcc64ab81fc03676938a678659edf665a6f6168c58d7bcd2be63b5374df8a28b41497f6e8d2c4767f38dc3421503807d9a2041a25f867fcca44383dab18bda7d262f1575a561d394c583cdfb2388a222bc60a9973b90977b690078ce2e03d24adfd2c103a2a936579dad18f15f62b8ebfd444ac5a129fd50b71484ba156ba1dd88c1f3b284f1f4a678c448556c86ce3e57f0f34597b1498db45d5e598063255d5b06213c8fe5c8d7b77a90a0a22cf4275282494fb0c91206e5b4fd52f7b922f7349e29f25fad16c1c781ef5ba66e29d8f3e515b1c8a63ee918e42dcdc98806509f0c4789f4f2999927527174c4f8c981fe5dc0b7c08472039b71b43f2bf72bcb6faa35e0147c2b1ff94d20565da0cba3423288f204c10a6b3ce765ebb5bc6783d75da769b9d8129067ca034771fd39bec589789a6e0c25f4e5f265c2b86e7397a0c7e4f350aca2c72402eda9d63125f078f3647004bee611198449b3b57b349decf51201c0f69b8671f723ce0df4cc89a6f8e727a606add8cb1b81a7f84186ed5dd96bf7ab499d0e6a165bf393d6f9e981b60d0b08661789b0bed77c4b4dc2d28f8a040d8d796ceaa2cdfb6ce73fa0dd07f0ab145e8d1cf7544de6bf567fca2b62a686ce78ef2ce584e4203debbf6d6dd6193ad200082b433644f8828c0cae9459b53fb6fc5436cbc6d32602d5fd9067edfc0f119bd9c1315b86992c3369e1593b8aad52ee271a2419ca716c10ca82c7c6d7a2c07bc4c85056ae064479b39c1a8b1244eb22d38a4fb1ae4f6bf1dc9be017fc01cee353bfab80519898c4a74c88edd6354109a95daa55633abbd1a1dd228d5ede71f00a864318aa6a21b8a37022b6b3ab74404b35899b711a93a1abe0eb93f3817ae98dd959ea272e61c6b0801dd316676443ed6e91668e6d96bb78cf111daf7bbb8e1b063141ede11d7f6e441008a73bb27cebfadd1d8eba0b04ed707f4339113f9e14f4d5eb2b8c2970c98a70bfd9044dcd94e4baa47d3f36121f6bc76fbd6c27e8763fe40a19ae45998d8cf63fc9cbbfd3f4be94078e9a55195a4af6854cfad77845d1eb19152ca675fb4aeb6e0f289ef754b188abfc373b59378133eb84ca5e1bf03e0fe9172d691533b1c755f0d9f27d82869fd245f9bca2a39c8fff90c40d9161bca323ef6", 0x7, 0x0, 0x1}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000028c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r3, &(0x7f00000029c0)={&(0x7f0000002880)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002980)={&(0x7f0000002900)={0x50, 0x0, 0x4, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x1ed, 0x4}}}}, [@NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "7426f86398"}, @NL80211_ATTR_KEY_SEQ={0x6, 0xa, "9ab6"}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "3217996f0a"}]}, 0x50}}, 0x8000)
lsetxattr$security_capability(&(0x7f0000002a00)='./file0\x00', &(0x7f0000002a40), &(0x7f0000002a80)=@v3={0x3000000, [{0x4, 0x80000000}, {0x10001, 0x3}], r2}, 0x18, 0x2) (async)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r5, 0x80489439, &(0x7f0000002ac0)) (async)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000002b40)={{0x1, 0x1, 0x18, <r9=>r7, {0x2}}, './file0/file0\x00'})
sendmsg$AUDIT_MAKE_EQUIV(r3, &(0x7f0000002c40)={&(0x7f0000002b80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000002c00)={&(0x7f0000002bc0)={0x28, 0x3f7, 0x2, 0x70bd28, 0x25dfdbfc, {0x7, 0x7, './file0', './file0'}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20040000}, 0x40040) (async)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r9, 0x4, &(0x7f0000002c80)='##\x00', &(0x7f0000002cc0)='./file0/file0\x00', r3)
syz_genetlink_get_family_id$nl80211(&(0x7f0000002d00), r7) (async)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002d80), r3)
sendmsg$NL80211_CMD_DEL_TX_TS(r3, &(0x7f0000002e80)={&(0x7f0000002d40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000002e40)={&(0x7f0000002dc0)={0x54, r10, 0x20, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xe}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x4}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xa}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x9}]}, 0x54}, 0x1, 0x0, 0x0, 0x40800}, 0x8040)
r11 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
fsetxattr$security_capability(r11, &(0x7f0000002ec0), &(0x7f0000002f00)=@v1={0x1000000, [{0x4, 0x4}]}, 0xc, 0x2) (async)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000002f40), 0xffffffffffffffff)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEP_LINK_UP(r12, &(0x7f0000003080)={&(0x7f0000002f80), 0xc, &(0x7f0000003040)={&(0x7f0000003000)={0x24, 0x0, 0x4, 0x70bd2a, 0x25dfdbfb, {}, [@NFC_ATTR_COMM_MODE={0x5}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x48c0)

2.776250839s ago: executing program 3 (id=2405):
syz_emit_ethernet(0x4e, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe8000000000000000000000000000aaff"], 0x0)

2.000043742s ago: executing program 4 (id=2406):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, 0x0, 0x4040)
socket$kcm(0x11, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="54000000010401020000000000000000070000000500010001000000080003400000000008000340000000bd060006"], 0x54}, 0x1, 0x0, 0x0, 0x20004000}, 0x44004000)

1.926706586s ago: executing program 1 (id=2407):
keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1})
request_key(&(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000006c0)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000140)=""/92, 0x5c, 0x3)
ioctl$VIDIOC_SUBDEV_G_FMT(r2, 0xc0585604, &(0x7f0000000000)={0x0, 0x0, {0x3, 0xffffff81, 0x1016, 0x7, 0x4, 0x8, 0x1}})
r3 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x5, @ipv4={'\x00', '\xff\xff', @local}, 0x7}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000001400)=ANY=[], 0xc0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, 0x0)

1.828535556s ago: executing program 2 (id=2408):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfc409000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0xb15, 0x2)
fsmount(0xffffffffffffffff, 0x0, 0x80)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000000)={0xf0f003, 0x1})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
mremap(&(0x7f00009d1000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f00002a0000/0x4000)=nil)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r5, &(0x7f0000000240), 0x0, 0x8004881, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)

1.73624003s ago: executing program 4 (id=2409):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000000c0)=0xd)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x200}, 0x0)
r1 = epoll_create1(0x80000)
epoll_wait(r1, 0x0, 0x0, 0xcc47)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
r3 = io_uring_setup(0xf39, &(0x7f0000000380)={0x0, 0x8f2c, 0x800, 0x0, 0x2a5})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r3, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r3, 0xe, &(0x7f00000005c0)={0x2, 0x0, &(0x7f0000000500), 0x0}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x400004, r4, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
r6 = syz_create_resource$binfmt(0x0)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000040)={&(0x7f0000000280)={0x14, 0x7, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x3}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80c1}, 0x4c894)
r7 = openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff)
write$binfmt_script(r7, &(0x7f00000007c0)={'#! ', './file0', [{0x20, 'trans-fa\xcd\xb1\xfc\xdbiS0\xb5\x13\xb0\xfc\"m\xd7}2\xfb\xbbd\x92\xd1\xc8S\xe3O\x06\xb7\xe3!I\x00'/49}], 0xa, "2dc73dc39353f1cbba1f39de962eff2111b6bb1e6ede87ca4fde5275230fb9933889b38f9c8ca12e394aecbf3872637a07b1e4549543e373b30111f0eee583819dbcea30c37427bc0c0c3bfb4362f1531fee50c05102d422b05dc3401f9ece6083e41abc71297a49"}, 0xa5)
close(r7)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r8, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)

1.725214779s ago: executing program 3 (id=2410):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000600), 0x4)
recvmmsg(r1, &(0x7f0000001d40)=[{{0x0, 0x0, &(0x7f0000001a00)=[{0x0}], 0x1}, 0x80000000}], 0x1, 0x100, 0x0)

1.623973194s ago: executing program 0 (id=2411):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x1000, 0x0, 0xfffffedf)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000300)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r3, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_type(0xffffffffffffffff, 0x0, 0x2, 0x0)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r6, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

1.537066468s ago: executing program 3 (id=2412):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r2 = syz_clone(0xd104200, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs$pagemap(r2, &(0x7f00000001c0))
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c0001060e305900ffdbdf2507000000", @ANYRES32=r4, @ANYBLOB="80007f0a0a0002"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4040004)
close_range(r0, 0xffffffffffffffff, 0x0)

705.192837ms ago: executing program 2 (id=2413):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x6)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
fanotify_mark(0xffffffffffffffff, 0x105, 0x40001032, 0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002300)={0x2020}, 0x2020)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000280)=@generic={0x0, 0x0, 0x8}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(0xffffffffffffffff, 0x80045300, &(0x7f0000002000))
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000010401040000000039"], 0x1c}}, 0x0) (fail_nth: 2)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, 0x0)

704.56108ms ago: executing program 1 (id=2414):
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r0=>0x0)
ptrace$peekuser(0x3, r0, 0x401)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f0000000040)={@multicast2, @remote}, 0x8)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r1}, 0x8)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r3, 0x5406, &(0x7f0000000280)={0x8, 0x8, 0x9, 0x1, 0x0, "967aba6f69ad7a28"})
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x13)
ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil})
r5 = syz_open_dev$sndpcmc(&(0x7f0000000300), 0x6, 0x0)
ioctl$SNDRV_PCM_IOCTL_START(r5, 0x4142, 0x0)
r6 = request_key(&(0x7f0000000340)='cifs.spnego\x00', &(0x7f0000000380)={'syz', 0x0}, &(0x7f00000003c0)='/dev/snd/pcmC#D#c\x00', 0xfffffffffffffffd)
r7 = add_key(&(0x7f0000000400)='keyring\x00', &(0x7f0000000440)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$KEYCTL_MOVE(0x1e, r6, 0xfffffffffffffffe, r7, 0x1)
r8 = openat$smackfs_netlabel(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$smackfs_netlabel(r8, &(0x7f00000004c0)=@l2={{0xeb1, 0x2e, 0x2, 0x2e, 0xffffffffffff992f, 0x2e, 0x4}, 0x2f, 0x3, 0x20, ',$'}, 0x6d)
ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f0000000540)={0x5, 0x6})
ioctl$TIOCSPGRP(r5, 0x5410, &(0x7f0000000580)=r0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r5, 0xc1004110, &(0x7f00000005c0)={0x2, [0xc0, 0x5ced, 0x3b], [{0x5, 0x8, 0x0, 0x0, 0x1}, {0xe41a, 0x200, 0x0, 0x0, 0x0, 0x1}, {0x8, 0xa00000, 0x0, 0x1, 0x1, 0x1}, {0x0, 0x9, 0x0, 0x1, 0x0, 0x1}, {0x8f, 0x10, 0x0, 0x0, 0x0, 0x1}, {0x80000001, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x3, 0xfffffff9, 0x0, 0x1, 0x1}, {0x9, 0x7, 0x0, 0x1, 0x1}, {0x7f, 0x80000000, 0x1, 0x1, 0x0, 0x1}, {0x7, 0xbb7, 0x1, 0x1, 0x1}, {0x47, 0x3ff, 0x0, 0x1, 0x1, 0x1}, {0x3, 0x1, 0x0, 0x1}], 0x2})
ioctl$XFS_IOC_START_COMMIT(r4, 0x80585882, &(0x7f00000006c0)={<r9=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_DEL(r9, 0x2, r2)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r9, 0x6, 0x16, &(0x7f0000000740)=[@sack_perm], 0x1)
sendto$inet(0xffffffffffffffff, &(0x7f00000007c0)="23161b4558a79de12ed5893243584ea07d6a2c5185bc5bbe18c5fd7c11f36a9d6702e5526e87587488cbd1c0770c9da5d084f6b624950ac74730b8072cc1f20c", 0x40, 0x41, &(0x7f0000000840)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000880)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
accept$unix(r10, &(0x7f00000008c0), &(0x7f0000000940)=0x6e)
ioctl$PIO_FONTX(r9, 0x4b6c, &(0x7f0000000d80)={0x6a, 0x1c, &(0x7f0000000980)="fe35c0813ce0cecdef6e01c6036aa54c1f1d72f5819d4d4a11d73662deca70af9620af17427609e8312f8611c8fa2d29070d1c964954ad51ce1fabe343c17e316b7ec28538f247394bde380b9e5b71ba0d6b335c3d6395e43aa21bd4e04ebc3dfc99a8373bbeae8df14d23752a67a6ae67181966107dc912ce811c536dadefeb595af740e4a46ceb16e6e34057ae0ae80a7ba8658aff6d43535634c86740e50f2c1585de567fb29aaf06d1da033da551c69f19618d532e1eef4c90aa0e191d21f5a22881282455c6f36424099431c62009defedb5d0d1a03110fbeee0d3dae8238fd20421b75fb0a5b635c932edefb465bf86c6fef30e437778839b8098139707c07414b950f9195be9a3aa58e26bc4553e401f4bd6911d1832f1435ee2d05aaefce0b333c892fc22736146169718cd76e7cb91c2f518ab7f0df5e03f11725f799ffe888df31a0b801b66d81e6d242fd2160ddd072ed07eb540dc579c7562c827fc8f9d3d1ea05beca35a869e7aedba0c30d9ae1ea7d2886358750264c0a4ee2ad84379ca02c1e0a525db08527158382efef5eb3d1fe1b70dade61597156484b06c8cf5e0682bff3060b0578060a1517d63233a0c114cd29d0c636feb90687c867e1e472082b355df3787fd3025cba9a8c22f3ad3e84e26e8bf1e135fdffce2e22ee306c63b581a2cfe2cf35faaae37f072eb445d7263d423b146b885520ea01da62fb617d15ef0df51323a3ee420ea1b20105e7fa54b323ca69cd0295ed943a321d6ff1b790ed8fb7c1fd98db0d792637670f86f541404fee4b9459072ffed4c62678bc63171b477bf5f29a27d46263cc65d32bcb54ccabe4fff0101ccb734132e2e21ab040bbf65a56d3c8e36da34c9ff2bd7a711e35179601978734575e71c17325dc58f3665ab5bb991821793355efca1a80f14d7ded2afe40f347a647ef00b27497a61837674f12eaffb5e31156b639240dc19c66fa9621e0e6c7c34712b17f6a6e5e6fa1be76f33b606560b4efe18048f5f0d23e04df10cbec81f14814f58362d852ab6ff8556f3238e407e7d8a9cb54bb6bd0f9d5f804ab3776dfba0f948d0d0ac489c0ed480cee6ec6fb71b0a0f4c388b4ac33de5a85bd32bd0c630443db832e0b501aa787ee7362335c0e9d1830f9cdffd194fe9e75b00ad68a90b12457a92afbf14b9cb24adfc238027659cc329568ed484f92cfb5adfc1b6044de6b0db0683b5ce98b461ea57e36d911c62634d6a083c2123f266e8bc1f6e818931aab25f904a1e15c4daa6300f8c02fccee7b90542ee2ab563a14be8a304771cd55d852fab291067ea4977f27c68aa36850dd82e785ae048c74148bb256e165901eb00df6f7c75b312f3f8ac895a2630b1f4b6154ec87f5d646c71a886bb3426273181de8210edd90619095f30205733804533733d66d1b4ad7b6c9a48f2d52ee"})
setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000dc0)=0x1200021, 0x4)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r9, &(0x7f0000000f00)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x2c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x800}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)

0s ago: executing program 2 (id=2415):
r0 = socket$netlink(0x10, 0x3, 0x8)
close_range(r0, r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2bd31c1b594c50de7c9efd826f1e19b7bd89ca4052b1985287bd13957a48467e0eeddf564d175bf4340885b63976df609806c3b2a3667539dfd66a7400000000003be6026e60205f761ce85cdf75cdb95ca5d32b5bf87eed4184d49f8f48181ef2419efe82ebb18ee55772d562b3b49551714e805a5211a3f4e8e703c03e23b2074bc573dbb66d59e269b722637c4a2efb5241cae2f14774609ad91d66724c438455dc4fcf0b4c8fc235f6c190b4c82bb2556d1fbcd4468369e98e900c743162ce2c7e60610acf0c8e4ba94a7e7127c7de0e6c35acecee1b8434fdca4579f9ebc6a515f7d910b466eb583fb0a7e65fbecb2b8ee0e9da33afb88aa5da8da3a5e0e58fcb48de6f165826b046a8951a47e040bd419d0efa0f54e8e3694085a7bde6f6494968d8200000000000"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff37}, 0x48)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x1000000000000f, &(0x7f0000000080)=0x7fffffff, 0x4)
setsockopt$sock_attach_bpf(r2, 0x1, 0x34, &(0x7f0000000040)=r1, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="b7000000ecffffff0c0000000000000095000000000000005e0c83dfb64a3eb1cdfa541cd3957aa8a96b9fa4591c1eb556e38defc504b011face5a06294c2115a9ad943bac350e8d7961537181f79ead9176dc7c3ed2d45004deb987fa0d"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r4 = dup2(r3, r1)
r5 = epoll_create1(0x80000)
epoll_pwait2(r5, &(0x7f0000000540)=[{}], 0x1, 0x0, 0x0, 0x0)
r6 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r6}, &(0x7f0000000000)=<r7=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x7521, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r7, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r4, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{}, &(0x7f0000000380), &(0x7f00000003c0)='%-010d \x00'}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000040)=""/6, 0x2}, 0x20)
setsockopt$packet_drop_memb(r4, 0x107, 0x2, &(0x7f0000000240)={r8, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x10)

kernel console output (not intermixed with test programs):

+0xa8/0x100
[  778.280802][T12248]  __kmalloc_noprof+0xdf/0x7b0
[  778.280829][T12248]  ? kfree+0x4d/0x6c0
[  778.280852][T12248]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  778.280886][T12248]  tomoyo_realpath_from_path+0xe3/0x5d0
[  778.280922][T12248]  ? tomoyo_path_number_perm+0x219/0x630
[  778.280947][T12248]  tomoyo_path_number_perm+0x246/0x630
[  778.280975][T12248]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  778.281003][T12248]  ? __lock_acquire+0x6b5/0x2cf0
[  778.281057][T12248]  ? __fget_files+0x2a/0x420
[  778.281084][T12248]  ? __fget_files+0x2a/0x420
[  778.281104][T12248]  ? __fget_files+0x3a6/0x420
[  778.281125][T12248]  ? __fget_files+0x2a/0x420
[  778.281151][T12248]  security_file_ioctl+0xc3/0x2a0
[  778.281181][T12248]  __se_sys_ioctl+0x47/0x170
[  778.281213][T12248]  do_syscall_64+0x14d/0xf80
[  778.281240][T12248]  ? trace_irq_disable+0x3b/0x150
[  778.281263][T12248]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.281283][T12248]  ? clear_bhb_loop+0x40/0x90
[  778.281308][T12248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.281328][T12248] RIP: 0033:0x7f6df3dac799
[  778.281348][T12248] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  778.281366][T12248] RSP: 002b:00007f6df2006028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  778.281387][T12248] RAX: ffffffffffffffda RBX: 00007f6df4025fa0 RCX: 00007f6df3dac799
[  778.281401][T12248] RDX: 0000200000000040 RSI: 00000000c02c5638 RDI: 0000000000000003
[  778.281414][T12248] RBP: 00007f6df2006090 R08: 0000000000000000 R09: 0000000000000000
[  778.281425][T12248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  778.281437][T12248] R13: 00007f6df4026038 R14: 00007f6df4025fa0 R15: 00007ffc7eb7c8c8
[  778.281469][T12248]  </TASK>
[  778.281580][T12248] ERROR: Out of memory at tomoyo_realpath_from_path.
[  778.368381][ T5804] Bluetooth: hci5: unexpected event for opcode 0x0005
[  778.433092][ T5856] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  778.753359][ T5856] usb 4-1: Using ep0 maxpacket: 8
[  778.779430][T12257] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1938'.
[  779.586574][ T5856] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[  779.601639][ T5856] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  779.601669][ T5856] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  779.601689][ T5856] usb 4-1: Product: syz
[  779.601702][ T5856] usb 4-1: Manufacturer: syz
[  779.601717][ T5856] usb 4-1: SerialNumber: syz
[  779.688123][T12261] 9p: Bad value for 'wfdno'
[  779.708057][T12259] IPv6: Can't replace route, no match found
[  779.796605][T12259] netlink: 190972 bytes leftover after parsing attributes in process `syz.0.1939'.
[  779.841063][ T5856] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  779.841108][ T5856] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  779.841127][ T5856] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2
[  779.888794][T12266] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1942'.
[  779.938534][   T37] audit: type=1326 audit(1772838957.974:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12265 comm="syz.1.1942" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6df3dac799 code=0x0
[  780.042467][ T5856] usb 4-1: palm_os_3_probe - error -71 getting bytes available request
[  780.042557][ T5856] visor 4-1:1.0: Handspring Visor / Palm OS converter detected
[  780.043066][T10113] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  780.090475][ T5856] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  780.103666][ T5856] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  780.113482][ T5856] usb 4-1: USB disconnect, device number 48
[  780.136385][ T5856] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  780.153646][ T5856] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  780.154409][ T5856] visor 4-1:1.0: device disconnected
[  780.333152][T10113] usb 3-1: Using ep0 maxpacket: 8
[  780.524886][T10113] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  780.524964][T10113] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  780.524977][T10113] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  780.524990][T10113] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  780.525002][T10113] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  780.525024][T10113] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  780.525036][T10113] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.723726][T10113] usb 3-1: can't set config #16, error -71
[  782.730443][T10113] usb 3-1: USB disconnect, device number 46
[  783.282723][T12301] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1950'.
[  784.103358][T12302] 9p: Bad value for 'wfdno'
[  784.143035][ T5798] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  784.176999][T12305] misc userio: The device must be registered before sending interrupts
[  784.299382][ T5798] usb 2-1: config index 0 descriptor too short (expected 44031, got 36)
[  784.299408][ T5798] usb 2-1: config 200 has too many interfaces: 221, using maximum allowed: 32
[  784.299427][ T5798] usb 2-1: config 200 has 1 interface, different from the descriptor's value: 221
[  784.299462][ T5798] usb 2-1: too many endpoints for config 200 interface 0 altsetting 2: 103, using maximum allowed: 30
[  784.299510][ T5798] usb 2-1: config 200 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  784.299536][ T5798] usb 2-1: config 200 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  784.299556][ T5798] usb 2-1: config 200 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 103
[  784.299578][ T5798] usb 2-1: config 200 interface 0 has no altsetting 0
[  784.299608][ T5798] usb 2-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.00
[  784.299628][ T5798] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  784.390950][T12314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  784.391442][T12314] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  784.542625][T12318] FAULT_INJECTION: forcing a failure.
[  784.542625][T12318] name failslab, interval 1, probability 0, space 0, times 0
[  784.542663][T12318] CPU: 1 UID: 0 PID: 12318 Comm: syz.2.1958 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  784.542691][T12318] Tainted: [L]=SOFTLOCKUP
[  784.542698][T12318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  784.542710][T12318] Call Trace:
[  784.542718][T12318]  <TASK>
[  784.542727][T12318]  dump_stack_lvl+0xe8/0x150
[  784.542763][T12318]  should_fail_ex+0x46b/0x600
[  784.542790][T12318]  should_failslab+0xa8/0x100
[  784.542818][T12318]  __kmalloc_noprof+0xdf/0x7b0
[  784.542848][T12318]  ? io_cache_alloc_new+0x40/0x100
[  784.542879][T12318]  io_cache_alloc_new+0x40/0x100
[  784.542901][T12318]  __io_prep_rw+0x2bd/0xed0
[  784.542935][T12318]  ? __pfx___io_prep_rw+0x10/0x10
[  784.542959][T12318]  ? percpu_ref_get_many+0x21/0x1e0
[  784.542984][T12318]  ? percpu_ref_get_many+0x21/0x1e0
[  784.543018][T12318]  io_prep_rwv+0x8e/0x440
[  784.543043][T12318]  ? __pfx___io_alloc_req_refill+0x10/0x10
[  784.543072][T12318]  ? __pfx_io_prep_rwv+0x10/0x10
[  784.543100][T12318]  ? __asan_memset+0x22/0x50
[  784.543124][T12318]  ? blk_start_plug_nr_ios+0x7e/0x1c0
[  784.543159][T12318]  io_submit_sqes+0xb35/0x2370
[  784.543215][T12318]  __se_sys_io_uring_enter+0x2d2/0x18c0
[  784.543242][T12318]  ? lockdep_hardirqs_on+0x7a/0x110
[  784.543272][T12318]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  784.543298][T12318]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  784.543324][T12318]  ? fput+0xa0/0xd0
[  784.543346][T12318]  ? ksys_write+0x248/0x270
[  784.543377][T12318]  ? __pfx_ksys_write+0x10/0x10
[  784.543409][T12318]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  784.543439][T12318]  do_syscall_64+0x14d/0xf80
[  784.543465][T12318]  ? trace_irq_disable+0x3b/0x150
[  784.543488][T12318]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.543507][T12318]  ? clear_bhb_loop+0x40/0x90
[  784.543533][T12318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.543553][T12318] RIP: 0033:0x7f31eadbc799
[  784.543572][T12318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  784.543597][T12318] RSP: 002b:00007f31e9016028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  784.543619][T12318] RAX: ffffffffffffffda RBX: 00007f31eb035fa0 RCX: 00007f31eadbc799
[  784.543634][T12318] RDX: 0000000000000000 RSI: 00000000000847ba RDI: 0000000000000005
[  784.543647][T12318] RBP: 00007f31e9016090 R08: 0000000000000000 R09: 0000000000000000
[  784.543659][T12318] R10: 000000000000000e R11: 0000000000000246 R12: 0000000000000001
[  784.543671][T12318] R13: 00007f31eb036038 R14: 00007f31eb035fa0 R15: 00007ffff9a2be38
[  784.543698][T12318]  </TASK>
[  784.636835][T12294] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1949'.
[  784.701644][T12294] macvlan2: entered promiscuous mode
[  784.701677][T12294] macvlan2: entered allmulticast mode
[  784.701692][T12294] veth0_virt_wifi: entered allmulticast mode
[  784.890061][T12317] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1956'.
[  785.217566][T12294] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1949'.
[  786.486953][T12333] FAULT_INJECTION: forcing a failure.
[  786.486953][T12333] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  786.486977][T12333] CPU: 1 UID: 0 PID: 12333 Comm: syz.3.1961 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  786.487000][T12333] Tainted: [L]=SOFTLOCKUP
[  786.487007][T12333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  786.487020][T12333] Call Trace:
[  786.487028][T12333]  <TASK>
[  786.487036][T12333]  dump_stack_lvl+0xe8/0x150
[  786.487071][T12333]  should_fail_ex+0x46b/0x600
[  786.487109][T12333]  _copy_from_user+0x2d/0xb0
[  786.487124][T12333]  __copy_msghdr+0x3c5/0x5b0
[  786.487140][T12333]  ___sys_sendmsg+0x213/0x360
[  786.487156][T12333]  ? __pfx____sys_sendmsg+0x10/0x10
[  786.487213][T12333]  ? __fget_files+0x2a/0x420
[  786.487237][T12333]  ? __fget_files+0x3a6/0x420
[  786.487270][T12333]  __x64_sys_sendmsg+0x1c3/0x2a0
[  786.487289][T12333]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  786.487307][T12333]  ? __pfx_ksys_write+0x10/0x10
[  786.487329][T12333]  do_syscall_64+0x14d/0xf80
[  786.487356][T12333]  ? trace_irq_disable+0x3b/0x150
[  786.487378][T12333]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  786.487399][T12333]  ? clear_bhb_loop+0x40/0x90
[  786.487424][T12333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  786.487444][T12333] RIP: 0033:0x7f35bf44c799
[  786.487457][T12333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  786.487467][T12333] RSP: 002b:00007f35bd69e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  786.487478][T12333] RAX: ffffffffffffffda RBX: 00007f35bf6c5fa0 RCX: 00007f35bf44c799
[  786.487486][T12333] RDX: 0000000024004800 RSI: 0000200000000040 RDI: 0000000000000003
[  786.487493][T12333] RBP: 00007f35bd69e090 R08: 0000000000000000 R09: 0000000000000000
[  786.487504][T12333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  786.487516][T12333] R13: 00007f35bf6c6038 R14: 00007f35bf6c5fa0 R15: 00007ffcbdac9288
[  786.487546][T12333]  </TASK>
[  786.845364][T12337] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1963'.
[  787.888391][ T5798] usb 2-1: string descriptor 0 read error: -71
[  787.903561][ T5798] usb 2-1: USB disconnect, device number 46
[  788.001857][T12341] 9p: Bad value for 'wfdno'
[  788.096109][T12345] FAULT_INJECTION: forcing a failure.
[  788.096109][T12345] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  788.096135][T12345] CPU: 0 UID: 0 PID: 12345 Comm: syz.1.1967 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  788.096151][T12345] Tainted: [L]=SOFTLOCKUP
[  788.096156][T12345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  788.096163][T12345] Call Trace:
[  788.096167][T12345]  <TASK>
[  788.096173][T12345]  dump_stack_lvl+0xe8/0x150
[  788.096194][T12345]  should_fail_ex+0x46b/0x600
[  788.096214][T12345]  _copy_from_iter+0x1d3/0x1670
[  788.096226][T12345]  ? unwind_next_frame+0xa5/0x23c0
[  788.096242][T12345]  ? __pfx__copy_from_iter+0x10/0x10
[  788.096260][T12345]  tun_get_user+0x516/0x3de0
[  788.096357][T12345]  ? kernel_text_address+0xa5/0xe0
[  788.096373][T12345]  ? arch_stack_walk+0xfb/0x150
[  788.096387][T12345]  ? __pfx_tun_get_user+0x10/0x10
[  788.096402][T12345]  ? __lock_acquire+0x6b5/0x2cf0
[  788.096417][T12345]  ? ref_tracker_alloc+0x332/0x4a0
[  788.096430][T12345]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  788.096443][T12345]  ? tun_get+0x1c/0x2f0
[  788.096456][T12345]  ? tun_get+0x1c/0x2f0
[  788.096467][T12345]  ? tun_get+0x1c/0x2f0
[  788.096481][T12345]  tun_chr_write_iter+0x119/0x200
[  788.096494][T12345]  vfs_write+0x629/0xba0
[  788.096513][T12345]  ? __pfx_vfs_write+0x10/0x10
[  788.096531][T12345]  ? __fget_files+0x2a/0x420
[  788.096547][T12345]  ksys_write+0x156/0x270
[  788.096562][T12345]  ? __pfx_ksys_write+0x10/0x10
[  788.096580][T12345]  do_syscall_64+0x14d/0xf80
[  788.096594][T12345]  ? trace_irq_disable+0x3b/0x150
[  788.096606][T12345]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.096617][T12345]  ? clear_bhb_loop+0x40/0x90
[  788.096630][T12345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.096641][T12345] RIP: 0033:0x7f6df3dac799
[  788.096652][T12345] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  788.096661][T12345] RSP: 002b:00007f6df2006028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  788.096674][T12345] RAX: ffffffffffffffda RBX: 00007f6df4025fa0 RCX: 00007f6df3dac799
[  788.096681][T12345] RDX: 000000000000003e RSI: 0000200000000040 RDI: 0000000000000003
[  788.096688][T12345] RBP: 00007f6df2006090 R08: 0000000000000000 R09: 0000000000000000
[  788.096695][T12345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  788.096701][T12345] R13: 00007f6df4026038 R14: 00007f6df4025fa0 R15: 00007ffc7eb7c8c8
[  788.096716][T12345]  </TASK>
[  788.636125][T12358] FAULT_INJECTION: forcing a failure.
[  788.636125][T12358] name failslab, interval 1, probability 0, space 0, times 0
[  788.636159][T12358] CPU: 0 UID: 0 PID: 12358 Comm: syz.0.1970 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  788.636183][T12358] Tainted: [L]=SOFTLOCKUP
[  788.636190][T12358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  788.636201][T12358] Call Trace:
[  788.636208][T12358]  <TASK>
[  788.636216][T12358]  dump_stack_lvl+0xe8/0x150
[  788.636249][T12358]  should_fail_ex+0x46b/0x600
[  788.636285][T12358]  should_failslab+0xa8/0x100
[  788.636316][T12358]  __kmalloc_noprof+0xdf/0x7b0
[  788.636345][T12358]  ? sock_kmalloc+0xd6/0x160
[  788.636370][T12358]  ? __local_bh_enable+0x1e1/0x2f0
[  788.636404][T12358]  sock_kmalloc+0xd6/0x160
[  788.636433][T12358]  af_alg_alloc_areq+0x99/0x200
[  788.636461][T12358]  skcipher_recvmsg+0x332/0x1140
[  788.636506][T12358]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  788.636536][T12358]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  788.636563][T12358]  ? security_socket_recvmsg+0x7e/0x2c0
[  788.636587][T12358]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  788.636614][T12358]  sock_recvmsg+0x22c/0x270
[  788.636636][T12358]  ____sys_recvmsg+0x1f2/0x4b0
[  788.636696][T12358]  ? __pfx_____sys_recvmsg+0x10/0x10
[  788.636738][T12358]  ? import_iovec+0x73/0xa0
[  788.636763][T12358]  ___sys_recvmsg+0x215/0x590
[  788.636795][T12358]  ? __pfx____sys_recvmsg+0x10/0x10
[  788.636847][T12358]  ? __fget_files+0x3a6/0x420
[  788.636881][T12358]  __x64_sys_recvmsg+0x1c0/0x2a0
[  788.636911][T12358]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  788.636947][T12358]  ? __pfx_ksys_write+0x10/0x10
[  788.636986][T12358]  do_syscall_64+0x14d/0xf80
[  788.637013][T12358]  ? trace_irq_disable+0x3b/0x150
[  788.637036][T12358]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.637056][T12358]  ? clear_bhb_loop+0x40/0x90
[  788.637080][T12358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.637100][T12358] RIP: 0033:0x7f4de053c799
[  788.637118][T12358] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  788.637136][T12358] RSP: 002b:00007f4dde796028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  788.637157][T12358] RAX: ffffffffffffffda RBX: 00007f4de07b5fa0 RCX: 00007f4de053c799
[  788.637171][T12358] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000004
[  788.637184][T12358] RBP: 00007f4dde796090 R08: 0000000000000000 R09: 0000000000000000
[  788.637196][T12358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  788.637208][T12358] R13: 00007f4de07b6038 R14: 00007f4de07b5fa0 R15: 00007ffd4efccef8
[  788.637239][T12358]  </TASK>
[  789.286475][T12373] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  789.286746][T12373] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  789.343053][    T9] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  789.503025][    T9] usb 3-1: Using ep0 maxpacket: 16
[  789.508346][    T9] usb 3-1: config 5 has an invalid interface number: 168 but max is 0
[  789.508373][    T9] usb 3-1: config 5 has no interface number 0
[  789.508415][    T9] usb 3-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[  789.508442][    T9] usb 3-1: config 5 interface 168 altsetting 7 bulk endpoint 0x8B has invalid maxpacket 1024
[  789.508467][    T9] usb 3-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0x23, changing to 0x3
[  789.508492][    T9] usb 3-1: config 5 interface 168 altsetting 7 endpoint 0x3 has invalid wMaxPacketSize 0
[  789.508514][    T9] usb 3-1: config 5 interface 168 has no altsetting 0
[  789.513025][    T9] usb 3-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[  789.513088][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.513151][    T9] usb 3-1: Product: syz
[  789.513166][    T9] usb 3-1: Manufacturer: syz
[  789.513181][    T9] usb 3-1: SerialNumber: syz
[  789.655248][T12366] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  792.323860][T12385] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1973'.
[  792.454624][    T9] pn533_usb 3-1:5.168: NFC: Could not find bulk-in or bulk-out endpoint
[  792.509402][    T9] usb 3-1: USB disconnect, device number 47
[  792.683607][T12396] FAULT_INJECTION: forcing a failure.
[  792.683607][T12396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  792.683644][T12396] CPU: 1 UID: 0 PID: 12396 Comm: syz.3.1982 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  792.683672][T12396] Tainted: [L]=SOFTLOCKUP
[  792.683680][T12396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  792.683692][T12396] Call Trace:
[  792.683700][T12396]  <TASK>
[  792.683709][T12396]  dump_stack_lvl+0xe8/0x150
[  792.683744][T12396]  should_fail_ex+0x46b/0x600
[  792.683782][T12396]  _copy_from_user+0x2d/0xb0
[  792.683807][T12396]  do_ip_getsockopt+0x292/0x1d40
[  792.683912][T12396]  ? __lock_acquire+0x610/0x2cf0
[  792.683936][T12396]  ? __pfx_do_ip_getsockopt+0x10/0x10
[  792.683969][T12396]  ? kstrtouint+0x6e/0xe0
[  792.684003][T12396]  ? get_pid_task+0x20/0x1f0
[  792.684029][T12396]  ? __lock_acquire+0x6b5/0x2cf0
[  792.684062][T12396]  ? __lock_acquire+0x6b5/0x2cf0
[  792.684087][T12396]  ip_getsockopt+0xbb/0x230
[  792.684148][T12396]  ? __pfx_ip_getsockopt+0x10/0x10
[  792.684177][T12396]  ? sock_common_getsockopt+0x2d/0xb0
[  792.684198][T12396]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  792.684221][T12396]  do_sock_getsockopt+0x2d3/0x3f0
[  792.684251][T12396]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  792.684278][T12396]  ? __fget_files+0x3a6/0x420
[  792.684302][T12396]  ? __fget_files+0x2a/0x420
[  792.684331][T12396]  __x64_sys_getsockopt+0x1aa/0x250
[  792.684366][T12396]  do_syscall_64+0x14d/0xf80
[  792.684392][T12396]  ? trace_irq_disable+0x3b/0x150
[  792.684424][T12396]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.684445][T12396]  ? clear_bhb_loop+0x40/0x90
[  792.684467][T12396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.684486][T12396] RIP: 0033:0x7f35bf44c799
[  792.684504][T12396] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  792.684520][T12396] RSP: 002b:00007f35bd69e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  792.684540][T12396] RAX: ffffffffffffffda RBX: 00007f35bf6c5fa0 RCX: 00007f35bf44c799
[  792.684555][T12396] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000003
[  792.684567][T12396] RBP: 00007f35bd69e090 R08: 0000200000695ffc R09: 0000000000000000
[  792.684581][T12396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  792.684593][T12396] R13: 00007f35bf6c6038 R14: 00007f35bf6c5fa0 R15: 00007ffcbdac9288
[  792.684625][T12396]  </TASK>
[  794.124158][T12410] random: crng reseeded on system resumption
[  794.228550][T12412] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1988'.
[  794.229036][T12412] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1988'.
[  794.229559][T12412] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1988'.
[  794.743116][    T9] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  795.102663][T12427] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1993'.
[  795.698598][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  795.698655][    T9] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  795.698679][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  795.886548][    T9] usb 4-1: config 0 descriptor??
[  796.014661][    T9] pwc: Askey VC010 type 2 USB webcam detected.
[  796.701340][T12432] syz_tun: entered allmulticast mode
[  796.939357][    T9] pwc: recv_control_msg error -32 req 02 val 2b00
[  796.941261][    T9] pwc: recv_control_msg error -32 req 02 val 2700
[  796.961845][    T9] pwc: recv_control_msg error -32 req 02 val 2c00
[  796.972354][    T9] pwc: recv_control_msg error -32 req 04 val 1000
[  796.973987][    T9] pwc: recv_control_msg error -32 req 04 val 1300
[  797.287835][T12416] syz_tun: left allmulticast mode
[  797.289573][    T9] pwc: recv_control_msg error -71 req 04 val 1400
[  797.290129][    T9] pwc: recv_control_msg error -71 req 02 val 2000
[  797.290548][    T9] pwc: recv_control_msg error -71 req 02 val 2100
[  797.291014][    T9] pwc: recv_control_msg error -71 req 04 val 1500
[  797.291456][    T9] pwc: recv_control_msg error -71 req 02 val 2500
[  797.291883][    T9] pwc: recv_control_msg error -71 req 02 val 2400
[  797.292369][    T9] pwc: recv_control_msg error -71 req 02 val 2600
[  797.292805][    T9] pwc: recv_control_msg error -71 req 02 val 2900
[  798.106759][    T9] pwc: recv_control_msg error -71 req 02 val 2800
[  798.107588][    T9] pwc: recv_control_msg error -71 req 04 val 1100
[  798.129792][    T9] pwc: recv_control_msg error -71 req 04 val 1200
[  798.140993][    T9] pwc: Registered as video103.
[  798.164156][    T9] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input29
[  798.206418][    T9] usb 4-1: USB disconnect, device number 49
[  799.130691][T12466] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2005'.
[  799.197115][   T37] audit: type=1326 audit(1772838977.234:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12463 comm="syz.2.2005" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f31eadbc799 code=0x0
[  799.614428][ T5781] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  799.782993][ T5781] usb 4-1: Using ep0 maxpacket: 8
[  799.787151][ T5781] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  799.787177][ T5781] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  799.787212][ T5781] usb 4-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[  799.787234][ T5781] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  799.837597][T12474] usb usb8: usbfs: process 12474 (syz.0.2007) did not claim interface 0 before use
[  799.838671][T12474] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2007'.
[  799.862256][ T5781] usb 4-1: config 0 descriptor??
[  801.991888][T12489] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2012'.
[  802.722462][T12490] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2011'.
[  802.876284][T10113] usb 4-1: USB disconnect, device number 50
[  802.964517][T12496] bpf: Bad value for 'gid'
[  802.964805][T12495] FAULT_INJECTION: forcing a failure.
[  802.964805][T12495] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  802.964839][T12495] CPU: 0 UID: 0 PID: 12495 Comm: syz.1.2014 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  802.964865][T12495] Tainted: [L]=SOFTLOCKUP
[  802.964873][T12495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  802.964885][T12495] Call Trace:
[  802.964892][T12495]  <TASK>
[  802.964901][T12495]  dump_stack_lvl+0xe8/0x150
[  802.964937][T12495]  should_fail_ex+0x46b/0x600
[  802.964973][T12495]  _copy_from_iter+0x1d3/0x1670
[  802.965007][T12495]  ? __pfx__copy_from_iter+0x10/0x10
[  802.965027][T12495]  ? trace_kmalloc+0x2a/0x110
[  802.965058][T12495]  ? rcu_is_watching+0x15/0xb0
[  802.965090][T12495]  file_tty_write+0x4ca/0xa30
[  802.965220][T12495]  vfs_write+0x629/0xba0
[  802.965257][T12495]  ? __pfx_vfs_write+0x10/0x10
[  802.965294][T12495]  ? __fget_files+0x2a/0x420
[  802.965327][T12495]  ksys_write+0x156/0x270
[  802.965337][T12496] 9p: Invalid gid '0x00000000ffffffff'
[  802.965358][T12495]  ? __pfx_ksys_write+0x10/0x10
[  802.965406][T12495]  do_syscall_64+0x14d/0xf80
[  802.965433][T12495]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.965454][T12495]  ? clear_bhb_loop+0x40/0x90
[  802.965478][T12495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.965497][T12495] RIP: 0033:0x7f6df3dac799
[  802.965516][T12495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  802.965533][T12495] RSP: 002b:00007f6df2006028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  802.965554][T12495] RAX: ffffffffffffffda RBX: 00007f6df4025fa0 RCX: 00007f6df3dac799
[  802.965569][T12495] RDX: 000000000000001b RSI: 00002000000007c0 RDI: 0000000000000004
[  802.965582][T12495] RBP: 00007f6df2006090 R08: 0000000000000000 R09: 0000000000000000
[  802.965595][T12495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  802.965607][T12495] R13: 00007f6df4026038 R14: 00007f6df4025fa0 R15: 00007ffc7eb7c8c8
[  802.965638][T12495]  </TASK>
[  803.363002][ T5798] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  803.521650][ T5798] usb 2-1: Using ep0 maxpacket: 16
[  803.530270][ T5798] usb 2-1: config 5 has an invalid interface number: 168 but max is 0
[  803.530297][ T5798] usb 2-1: config 5 has no interface number 0
[  803.530349][ T5798] usb 2-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[  803.530376][ T5798] usb 2-1: config 5 interface 168 altsetting 7 bulk endpoint 0x8B has invalid maxpacket 1024
[  803.530400][ T5798] usb 2-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0x23, changing to 0x3
[  803.530423][ T5798] usb 2-1: config 5 interface 168 altsetting 7 endpoint 0x3 has invalid wMaxPacketSize 0
[  803.530444][ T5798] usb 2-1: config 5 interface 168 has no altsetting 0
[  803.545359][ T5798] usb 2-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[  803.545389][ T5798] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  803.545409][ T5798] usb 2-1: Product: syz
[  803.545423][ T5798] usb 2-1: Manufacturer: syz
[  803.545437][ T5798] usb 2-1: SerialNumber: syz
[  803.552403][T12498] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  803.948912][ T5798] pn533_usb 2-1:5.168: NFC: Could not find bulk-in or bulk-out endpoint
[  804.038368][ T5798] usb 2-1: USB disconnect, device number 47
[  804.738378][T12525] FAULT_INJECTION: forcing a failure.
[  804.738378][T12525] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  804.738415][T12525] CPU: 0 UID: 0 PID: 12525 Comm: syz.1.2026 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  804.738443][T12525] Tainted: [L]=SOFTLOCKUP
[  804.738450][T12525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  804.738463][T12525] Call Trace:
[  804.738471][T12525]  <TASK>
[  804.738480][T12525]  dump_stack_lvl+0xe8/0x150
[  804.738516][T12525]  should_fail_ex+0x46b/0x600
[  804.738554][T12525]  _copy_from_user+0x2d/0xb0
[  804.738579][T12525]  sctp_setsockopt+0x1c4/0x12c0
[  804.738603][T12525]  ? sock_common_setsockopt+0x36/0xc0
[  804.738625][T12525]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  804.738648][T12525]  do_sock_setsockopt+0x17c/0x1b0
[  804.738679][T12525]  __x64_sys_setsockopt+0x143/0x1b0
[  804.738709][T12525]  do_syscall_64+0x14d/0xf80
[  804.738737][T12525]  ? trace_irq_disable+0x3b/0x150
[  804.738767][T12525]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.738788][T12525]  ? clear_bhb_loop+0x40/0x90
[  804.738813][T12525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.738833][T12525] RIP: 0033:0x7f6df3dac799
[  804.738852][T12525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  804.738870][T12525] RSP: 002b:00007f6df2006028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  804.738892][T12525] RAX: ffffffffffffffda RBX: 00007f6df4025fa0 RCX: 00007f6df3dac799
[  804.738907][T12525] RDX: 0000000000000076 RSI: 0000000000000084 RDI: 0000000000000003
[  804.738920][T12525] RBP: 00007f6df2006090 R08: 0000000000000008 R09: 0000000000000000
[  804.738933][T12525] R10: 00002000000003c0 R11: 0000000000000246 R12: 0000000000000001
[  804.738947][T12525] R13: 00007f6df4026038 R14: 00007f6df4025fa0 R15: 00007ffc7eb7c8c8
[  804.738978][T12525]  </TASK>
[  804.796932][T12528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  804.797590][T12528] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  804.822992][T10113] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  804.962999][ T5856] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  804.984295][T10113] usb 4-1: Using ep0 maxpacket: 8
[  805.005707][T10113] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  805.005738][T10113] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.005758][T10113] usb 4-1: Product: syz
[  805.005772][T10113] usb 4-1: Manufacturer: syz
[  805.005787][T10113] usb 4-1: SerialNumber: syz
[  805.035375][T10113] usb 4-1: config 0 descriptor??
[  805.047635][T10113] gspca_main: se401-2.14.0 probing 047d:5003
[  805.123241][ T5856] usb 3-1: Using ep0 maxpacket: 8
[  805.125934][ T5856] usb 3-1: unable to get BOS descriptor or descriptor too short
[  805.127517][ T5856] usb 3-1: config 8 has an invalid descriptor of length 91, skipping remainder of the config
[  805.127540][ T5856] usb 3-1: config 8 has 0 interfaces, different from the descriptor's value: 1
[  805.130633][ T5856] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5
[  805.130658][ T5856] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.130886][ T5856] usb 3-1: Product: syz
[  805.130900][ T5856] usb 3-1: Manufacturer: syz
[  805.130913][ T5856] usb 3-1: SerialNumber: syz
[  805.565719][ T5856] usb 3-1: USB disconnect, device number 48
[  806.192193][T10113] usb 4-1: reset high-speed USB device number 51 using dummy_hcd
[  806.817259][T12516] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  806.817770][T12516] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  806.825149][T10113] gspca_se401: write req failed req 0x57 val 0x00 error -71
[  806.825241][T10113] se401 4-1:0.0: probe with driver se401 failed with error -71
[  806.862807][T10113] usb 4-1: USB disconnect, device number 51
[  806.973461][T12558] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2039'.
[  807.790915][T12569] can: request_module (can-proto-0) failed.
[  807.855871][T12575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  807.872597][T12575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  808.103043][T10113] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  808.253112][T10113] usb 4-1: Using ep0 maxpacket: 8
[  808.255822][T10113] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[  808.259231][T10113] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  808.259260][T10113] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  808.259280][T10113] usb 4-1: Product: syz
[  808.259293][T10113] usb 4-1: Manufacturer: syz
[  808.259301][T10113] usb 4-1: SerialNumber: syz
[  808.342970][    T9] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  808.471539][T10113] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  808.471556][T10113] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  808.471566][T10113] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2
[  808.495884][    T9] usb 2-1: Using ep0 maxpacket: 8
[  808.501253][    T9] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  808.501281][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  808.501305][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  808.501329][    T9] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  808.501368][    T9] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  808.501390][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  808.676898][T10113] usb 4-1: palm_os_3_probe - error -71 getting bytes available request
[  808.676985][T10113] visor 4-1:1.0: Handspring Visor / Palm OS converter detected
[  808.699475][T10113] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  808.717178][T10113] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  808.732766][T10113] usb 4-1: USB disconnect, device number 52
[  808.750856][T10113] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  808.777198][    T9] usb 2-1: GET_CAPABILITIES returned 0
[  808.777233][T10113] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  808.777243][    T9] usbtmc 2-1:16.0: can't read capabilities
[  808.808173][T10113] visor 4-1:1.0: device disconnected
[  809.008028][T12583] FAULT_INJECTION: forcing a failure.
[  809.008028][T12583] name failslab, interval 1, probability 0, space 0, times 0
[  809.008065][T12583] CPU: 0 UID: 0 PID: 12583 Comm: syz.4.2048 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  809.008093][T12583] Tainted: [L]=SOFTLOCKUP
[  809.008101][T12583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  809.008114][T12583] Call Trace:
[  809.008122][T12583]  <TASK>
[  809.008130][T12583]  dump_stack_lvl+0xe8/0x150
[  809.008164][T12583]  should_fail_ex+0x46b/0x600
[  809.008203][T12583]  should_failslab+0xa8/0x100
[  809.008236][T12583]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  809.008265][T12583]  ? __alloc_skb+0x1d0/0x7d0
[  809.008288][T12583]  ? lockdep_hardirqs_on+0x7a/0x110
[  809.008319][T12583]  __alloc_skb+0x1d0/0x7d0
[  809.008347][T12583]  netlink_sendmsg+0x5d4/0xb40
[  809.008380][T12583]  ? __pfx_netlink_sendmsg+0x10/0x10
[  809.008409][T12583]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  809.008444][T12583]  ____sys_sendmsg+0xa4e/0xac0
[  809.008480][T12583]  ? __pfx_____sys_sendmsg+0x10/0x10
[  809.008515][T12583]  ? import_iovec+0x73/0xa0
[  809.008542][T12583]  ___sys_sendmsg+0x2a5/0x360
[  809.008574][T12583]  ? __pfx____sys_sendmsg+0x10/0x10
[  809.008633][T12583]  ? __fget_files+0x2a/0x420
[  809.008657][T12583]  ? __fget_files+0x3a6/0x420
[  809.008689][T12583]  __x64_sys_sendmsg+0x1c3/0x2a0
[  809.008719][T12583]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  809.008754][T12583]  ? __pfx_ksys_write+0x10/0x10
[  809.008788][T12583]  do_syscall_64+0x14d/0xf80
[  809.008820][T12583]  ? trace_irq_disable+0x3b/0x150
[  809.008841][T12583]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  809.008860][T12583]  ? clear_bhb_loop+0x40/0x90
[  809.008883][T12583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  809.008902][T12583] RIP: 0033:0x7fe74eb3c799
[  809.008920][T12583] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  809.008937][T12583] RSP: 002b:00007fe74cd96028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  809.008958][T12583] RAX: ffffffffffffffda RBX: 00007fe74edb5fa0 RCX: 00007fe74eb3c799
[  809.008973][T12583] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000e
[  809.008986][T12583] RBP: 00007fe74cd96090 R08: 0000000000000000 R09: 0000000000000000
[  809.008998][T12583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  809.009010][T12583] R13: 00007fe74edb6038 R14: 00007fe74edb5fa0 R15: 00007ffd2615ef88
[  809.009040][T12583]  </TASK>
[  809.030442][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.030515][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.030590][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.030648][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.030683][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.030717][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.030768][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.030828][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.030892][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.030933][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.030967][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.031001][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.031035][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.031069][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.031103][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  809.031137][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  809.031202][    C1] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[  809.167541][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  809.167606][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  811.003754][ T5856] usb 2-1: USB disconnect, device number 48
[  811.055583][T12605] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2054'.
[  811.433694][   T10] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  811.593795][   T10] usb 3-1: Using ep0 maxpacket: 8
[  811.596650][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  811.598053][   T10] usb 3-1: config 8 interface 0 altsetting 7 endpoint 0x83 has invalid wMaxPacketSize 0
[  811.598080][   T10] usb 3-1: config 8 interface 0 altsetting 7 bulk endpoint 0x83 has invalid maxpacket 0
[  811.598103][   T10] usb 3-1: config 8 interface 0 has no altsetting 0
[  811.658880][   T10] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5
[  811.658911][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  811.658931][   T10] usb 3-1: Product: syz
[  811.658946][   T10] usb 3-1: Manufacturer: syz
[  811.658961][   T10] usb 3-1: SerialNumber: syz
[  812.805668][T12631] FAULT_INJECTION: forcing a failure.
[  812.805668][T12631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  812.805707][T12631] CPU: 1 UID: 0 PID: 12631 Comm: syz.1.2063 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  812.805736][T12631] Tainted: [L]=SOFTLOCKUP
[  812.805743][T12631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  812.805755][T12631] Call Trace:
[  812.805763][T12631]  <TASK>
[  812.805772][T12631]  dump_stack_lvl+0xe8/0x150
[  812.805808][T12631]  should_fail_ex+0x46b/0x600
[  812.805846][T12631]  _copy_to_user+0x31/0xb0
[  812.805873][T12631]  simple_read_from_buffer+0xe1/0x170
[  812.805900][T12631]  proc_fail_nth_read+0x1be/0x230
[  812.805924][T12631]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  812.805948][T12631]  ? rw_verify_area+0x2ac/0x4e0
[  812.805982][T12631]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  812.806005][T12631]  vfs_read+0x212/0xa80
[  812.806039][T12631]  ? __pfx_vfs_read+0x10/0x10
[  812.806066][T12631]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  812.806092][T12631]  ? lockdep_hardirqs_on+0x7a/0x110
[  812.806119][T12631]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  812.806145][T12631]  ? mutex_lock_nested+0x152/0x1d0
[  812.806164][T12631]  ? fdget_pos+0x252/0x320
[  812.806195][T12631]  ksys_read+0x156/0x270
[  812.806225][T12631]  ? __pfx_ksys_read+0x10/0x10
[  812.806264][T12631]  do_syscall_64+0x14d/0xf80
[  812.806289][T12631]  ? trace_irq_disable+0x3b/0x150
[  812.806312][T12631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.806333][T12631]  ? clear_bhb_loop+0x40/0x90
[  812.806357][T12631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.806377][T12631] RIP: 0033:0x7f6df3d6cfce
[  812.806396][T12631] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  812.806414][T12631] RSP: 002b:00007f6df2005fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  812.806437][T12631] RAX: ffffffffffffffda RBX: 00007f6df20066c0 RCX: 00007f6df3d6cfce
[  812.806452][T12631] RDX: 000000000000000f RSI: 00007f6df20060a0 RDI: 0000000000000004
[  812.806465][T12631] RBP: 00007f6df2006090 R08: 0000000000000000 R09: 0000000000000000
[  812.806478][T12631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  812.806490][T12631] R13: 00007f6df4026038 R14: 00007f6df4025fa0 R15: 00007ffc7eb7c8c8
[  812.806521][T12631]  </TASK>
[  813.794462][T12640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  813.801002][T12640] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  815.884273][   T10] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  815.888427][   T10] usb 3-1: selecting invalid altsetting 0
[  817.045947][T12648] FAULT_INJECTION: forcing a failure.
[  817.045947][T12648] name failslab, interval 1, probability 0, space 0, times 0
[  817.045984][T12648] CPU: 0 UID: 0 PID: 12648 Comm: syz.0.2067 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  817.046009][T12648] Tainted: [L]=SOFTLOCKUP
[  817.046015][T12648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  817.046026][T12648] Call Trace:
[  817.046033][T12648]  <TASK>
[  817.046040][T12648]  dump_stack_lvl+0xe8/0x150
[  817.046070][T12648]  should_fail_ex+0x46b/0x600
[  817.046101][T12648]  should_failslab+0xa8/0x100
[  817.046128][T12648]  kmem_cache_alloc_noprof+0x87/0x680
[  817.046151][T12648]  ? dst_alloc+0x105/0x170
[  817.046271][T12648]  dst_alloc+0x105/0x170
[  817.046296][T12648]  ip_route_output_key_hash_rcu+0x14d0/0x25d0
[  817.046348][T12648]  ? ip_route_output_key_hash+0xd8/0x2a0
[  817.046366][T12648]  ip_route_output_key_hash+0x18d/0x2a0
[  817.046386][T12648]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  817.046415][T12648]  ip_route_output_flow+0x2a/0x150
[  817.046439][T12648]  ? security_sk_classify_flow+0x6d/0x150
[  817.046462][T12648]  udp_sendmsg+0x154a/0x22f0
[  817.046543][T12648]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  817.046563][T12648]  ? __pfx_udp_sendmsg+0x10/0x10
[  817.046587][T12648]  ? __lock_acquire+0x6b5/0x2cf0
[  817.046601][T12648]  ? smack_socket_sendmsg+0x1a9/0x590
[  817.046665][T12648]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  817.046693][T12648]  ? sock_rps_record_flow+0x19/0x400
[  817.046714][T12648]  ? inet_sendmsg+0x29c/0x370
[  817.046732][T12648]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  817.046757][T12648]  ____sys_sendmsg+0x875/0xac0
[  817.046778][T12648]  ? __lock_acquire+0x6b5/0x2cf0
[  817.046800][T12648]  ? __pfx_____sys_sendmsg+0x10/0x10
[  817.046830][T12648]  ? import_iovec+0x73/0xa0
[  817.046852][T12648]  ___sys_sendmsg+0x2a5/0x360
[  817.046877][T12648]  ? __pfx____sys_sendmsg+0x10/0x10
[  817.046903][T12648]  ? kstrtouint+0x6e/0xe0
[  817.046946][T12648]  ? __fget_files+0x2a/0x420
[  817.046964][T12648]  ? __fget_files+0x3a6/0x420
[  817.046991][T12648]  __sys_sendmmsg+0x282/0x4e0
[  817.047017][T12648]  ? __pfx___sys_sendmmsg+0x10/0x10
[  817.047045][T12648]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  817.047074][T12648]  ? ksys_write+0x248/0x270
[  817.047098][T12648]  ? __pfx_ksys_write+0x10/0x10
[  817.047125][T12648]  __x64_sys_sendmmsg+0xa0/0xc0
[  817.047148][T12648]  do_syscall_64+0x14d/0xf80
[  817.047169][T12648]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.047186][T12648]  ? clear_bhb_loop+0x40/0x90
[  817.047206][T12648]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.047222][T12648] RIP: 0033:0x7f4de053c799
[  817.047237][T12648] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  817.047251][T12648] RSP: 002b:00007f4dde754028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  817.047269][T12648] RAX: ffffffffffffffda RBX: 00007f4de07b6180 RCX: 00007f4de053c799
[  817.047281][T12648] RDX: 07fffffffffffd33 RSI: 0000200000004d00 RDI: 0000000000000005
[  817.047292][T12648] RBP: 00007f4dde754090 R08: 0000000000000000 R09: 0000000000000000
[  817.047302][T12648] R10: 0000000020000890 R11: 0000000000000246 R12: 0000000000000001
[  817.047312][T12648] R13: 00007f4de07b6218 R14: 00007f4de07b6180 R15: 00007ffd4efccef8
[  817.047337][T12648]  </TASK>
[  817.941620][   T10] snd-usb-audio 3-1:8.0: probe with driver snd-usb-audio failed with error -12
[  818.006534][   T10] usb 3-1: USB disconnect, device number 49
[  818.147219][T12181] udevd[12181]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:8.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  818.386263][T12657] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  818.386282][T12657] overlayfs: missing 'lowerdir'
[  818.596768][T12657] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2071'.
[  818.754016][T12657] vlan2: entered promiscuous mode
[  818.754039][T12657] bond0: entered promiscuous mode
[  818.754055][T12657] bond_slave_0: entered promiscuous mode
[  818.763402][T12657] bond_slave_1: entered promiscuous mode
[  821.706582][    T9] libceph: connect (1)[c::]:6789 error -101
[  821.709687][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  821.770859][    T9] libceph: connect (1)[c::]:6789 error -101
[  821.771047][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  821.928281][T12688] sctp: [Deprecated]: syz.1.2081 (pid 12688) Use of struct sctp_assoc_value in delayed_ack socket option.
[  821.928281][T12688] Use struct sctp_sack_info instead
[  822.361771][   T10] libceph: connect (1)[c::]:6789 error -101
[  822.361959][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  822.394198][T12680] ceph: No mds server is up or the cluster is laggy
[  822.443617][T12691] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2083'.
[  824.903116][   T36] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  826.162097][   T36] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  826.162128][   T36] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  826.174248][   T36] usb 2-1: config 0 descriptor??
[  826.179243][   T36] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  826.397457][T12709] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2088'.
[  826.406272][T12720] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  826.419405][   T37] audit: type=1326 audit(1772839004.454:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12713 comm="syz.2.2091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31eadbc799 code=0x7ffc0000
[  826.421296][   T37] audit: type=1326 audit(1772839004.454:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12713 comm="syz.2.2091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=143 compat=0 ip=0x7f31eadbc799 code=0x7ffc0000
[  826.421340][   T37] audit: type=1326 audit(1772839004.454:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12713 comm="syz.2.2091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31eadbc799 code=0x7ffc0000
[  826.421379][   T37] audit: type=1326 audit(1772839004.454:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12713 comm="syz.2.2091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f31ead7cfce code=0x7ffc0000
[  826.421417][   T37] audit: type=1326 audit(1772839004.454:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12713 comm="syz.2.2091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f31eadbda97 code=0x7ffc0000
[  826.421454][   T37] audit: type=1326 audit(1772839004.454:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12713 comm="syz.2.2091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f31eadbc799 code=0x7ffc0000
[  826.421492][   T37] audit: type=1326 audit(1772839004.454:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12713 comm="syz.2.2091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f31eadbda97 code=0x7ffc0000
[  826.421529][   T37] audit: type=1326 audit(1772839004.454:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12713 comm="syz.2.2091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f31ead7cfce code=0x7ffc0000
[  826.421567][   T37] audit: type=1326 audit(1772839004.454:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12713 comm="syz.2.2091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31eadbc799 code=0x7ffc0000
[  826.445699][   T37] audit: type=1326 audit(1772839004.484:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12713 comm="syz.2.2091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f31eadbc799 code=0x7ffc0000
[  826.612984][   T36] gspca_stv06xx: I2C: Read error writing address: -71
[  826.663113][   T36] usb 2-1: USB disconnect, device number 49
[  826.712228][T12727] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  826.713747][T12727] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  827.076815][T12727] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  827.077089][T12727] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  827.140948][ T6307] IPVS: starting estimator thread 0...
[  827.207831][T12727] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2092'.
[  827.258217][ T5798] libceph: connect (1)[c::]:6789 error -101
[  827.258322][ T5798] libceph: mon0 (1)[c::]:6789 connect error
[  827.278513][ T5798] libceph: connect (1)[c::]:6789 error -101
[  827.278631][ T5798] libceph: mon0 (1)[c::]:6789 connect error
[  827.295731][T12736] IPVS: using max 15 ests per chain, 36000 per kthread
[  827.533508][ T5798] libceph: connect (1)[c::]:6789 error -101
[  827.536186][ T5798] libceph: mon0 (1)[c::]:6789 connect error
[  827.665856][T12753] FAULT_INJECTION: forcing a failure.
[  827.665856][T12753] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  827.665894][T12753] CPU: 0 UID: 0 PID: 12753 Comm: syz.3.2100 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  827.665922][T12753] Tainted: [L]=SOFTLOCKUP
[  827.665930][T12753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  827.665943][T12753] Call Trace:
[  827.665952][T12753]  <TASK>
[  827.665961][T12753]  dump_stack_lvl+0xe8/0x150
[  827.665997][T12753]  should_fail_ex+0x46b/0x600
[  827.666035][T12753]  _copy_from_user+0x2d/0xb0
[  827.666061][T12753]  ___sys_sendmsg+0x1c6/0x360
[  827.666096][T12753]  ? __pfx____sys_sendmsg+0x10/0x10
[  827.666154][T12753]  ? __fget_files+0x2a/0x420
[  827.666177][T12753]  ? __fget_files+0x3a6/0x420
[  827.666213][T12753]  __x64_sys_sendmsg+0x1c3/0x2a0
[  827.666243][T12753]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  827.666279][T12753]  ? __pfx_ksys_write+0x10/0x10
[  827.666317][T12753]  do_syscall_64+0x14d/0xf80
[  827.666341][T12753]  ? trace_irq_disable+0x3b/0x150
[  827.666364][T12753]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.666385][T12753]  ? clear_bhb_loop+0x40/0x90
[  827.666406][T12753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.666425][T12753] RIP: 0033:0x7f35bf44c799
[  827.666444][T12753] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  827.666461][T12753] RSP: 002b:00007f35bd69e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  827.666483][T12753] RAX: ffffffffffffffda RBX: 00007f35bf6c5fa0 RCX: 00007f35bf44c799
[  827.666498][T12753] RDX: 0000000004040082 RSI: 00002000000000c0 RDI: 0000000000000003
[  827.666512][T12753] RBP: 00007f35bd69e090 R08: 0000000000000000 R09: 0000000000000000
[  827.666532][T12753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  827.666544][T12753] R13: 00007f35bf6c6038 R14: 00007f35bf6c5fa0 R15: 00007ffcbdac9288
[  827.666575][T12753]  </TASK>
[  827.865669][T12755] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  827.967696][T12765] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2103'.
[  827.970666][T12755] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  827.971075][T12755] kvm: requested 10057 ns i8254 timer period limited to 200000 ns
[  827.971187][T12755] kvm: requested 155047 ns i8254 timer period limited to 200000 ns
[  827.971604][T12755] kvm: requested 13409 ns i8254 timer period limited to 200000 ns
[  827.971648][T12755] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  827.971821][T12755] kvm: requested 41904 ns i8254 timer period limited to 200000 ns
[  827.971951][T12755] kvm: requested 35200 ns i8254 timer period limited to 200000 ns
[  827.972184][T12755] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  827.972449][T12755] kvm: requested 107276 ns i8254 timer period limited to 200000 ns
[  828.034273][T12740] ceph: No mds server is up or the cluster is laggy
[  828.049597][ T5798] libceph: connect (1)[c::]:6789 error -101
[  828.049864][ T5798] libceph: mon0 (1)[c::]:6789 connect error
[  828.204771][T12765] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  828.204788][T12765] IPv6: NLM_F_CREATE should be set when creating new route
[  828.205453][T12765] IPv6: NLM_F_CREATE should be set when creating new route
[  828.205491][T12765] IPv6: NLM_F_CREATE should be set when creating new route
[  828.490295][T12770] FAULT_INJECTION: forcing a failure.
[  828.490295][T12770] name failslab, interval 1, probability 0, space 0, times 0
[  828.490333][T12770] CPU: 0 UID: 0 PID: 12770 Comm: syz.0.2106 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  828.490362][T12770] Tainted: [L]=SOFTLOCKUP
[  828.490369][T12770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  828.490382][T12770] Call Trace:
[  828.490390][T12770]  <TASK>
[  828.490400][T12770]  dump_stack_lvl+0xe8/0x150
[  828.490435][T12770]  should_fail_ex+0x46b/0x600
[  828.490475][T12770]  should_failslab+0xa8/0x100
[  828.490509][T12770]  __kmalloc_noprof+0xdf/0x7b0
[  828.490536][T12770]  ? kfree+0x4d/0x6c0
[  828.490560][T12770]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  828.490597][T12770]  tomoyo_realpath_from_path+0xe3/0x5d0
[  828.490639][T12770]  ? tomoyo_path_number_perm+0x219/0x630
[  828.490665][T12770]  tomoyo_path_number_perm+0x246/0x630
[  828.490693][T12770]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  828.490722][T12770]  ? __lock_acquire+0x6b5/0x2cf0
[  828.490775][T12770]  ? __fget_files+0x2a/0x420
[  828.490800][T12770]  ? __fget_files+0x2a/0x420
[  828.490822][T12770]  ? __fget_files+0x3a6/0x420
[  828.490845][T12770]  ? __fget_files+0x2a/0x420
[  828.490872][T12770]  security_file_ioctl+0xc3/0x2a0
[  828.490902][T12770]  __se_sys_ioctl+0x47/0x170
[  828.490935][T12770]  do_syscall_64+0x14d/0xf80
[  828.490963][T12770]  ? trace_irq_disable+0x3b/0x150
[  828.490987][T12770]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.491007][T12770]  ? clear_bhb_loop+0x40/0x90
[  828.491034][T12770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.491053][T12770] RIP: 0033:0x7f4de053c799
[  828.491074][T12770] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  828.491099][T12770] RSP: 002b:00007f4dde796028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  828.491121][T12770] RAX: ffffffffffffffda RBX: 00007f4de07b5fa0 RCX: 00007f4de053c799
[  828.491137][T12770] RDX: 0000200000000000 RSI: 000000000000541c RDI: 0000000000000010
[  828.491151][T12770] RBP: 00007f4dde796090 R08: 0000000000000000 R09: 0000000000000000
[  828.491172][T12770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  828.491185][T12770] R13: 00007f4de07b6038 R14: 00007f4de07b5fa0 R15: 00007ffd4efccef8
[  828.491219][T12770]  </TASK>
[  828.491229][T12770] ERROR: Out of memory at tomoyo_realpath_from_path.
[  828.896451][T12776] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2107'.
[  829.815835][T12792] netlink: 'syz.1.2114': attribute type 1 has an invalid length.
[  830.472363][T12802] ieee802154 phy0 wpan0: encryption failed: -22
[  830.804543][T12803] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2116'.
[  831.448643][T12810] qnx6: unable to read the first superblock
[  831.987713][T12814] FAULT_INJECTION: forcing a failure.
[  831.987713][T12814] name failslab, interval 1, probability 0, space 0, times 0
[  831.987775][T12814] CPU: 0 UID: 0 PID: 12814 Comm: syz.1.2120 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  831.987804][T12814] Tainted: [L]=SOFTLOCKUP
[  831.987809][T12814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  831.987817][T12814] Call Trace:
[  831.987822][T12814]  <TASK>
[  831.987828][T12814]  dump_stack_lvl+0xe8/0x150
[  831.987854][T12814]  should_fail_ex+0x46b/0x600
[  831.987876][T12814]  should_failslab+0xa8/0x100
[  831.987896][T12814]  __kmalloc_noprof+0xdf/0x7b0
[  831.987912][T12814]  ? tomoyo_encode+0x28b/0x550
[  831.987931][T12814]  tomoyo_encode+0x28b/0x550
[  831.987949][T12814]  tomoyo_realpath_from_path+0x58d/0x5d0
[  831.987969][T12814]  ? tomoyo_path_number_perm+0x219/0x630
[  831.987981][T12814]  tomoyo_path_number_perm+0x246/0x630
[  831.987996][T12814]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  831.988010][T12814]  ? __lock_acquire+0x6b5/0x2cf0
[  831.988039][T12814]  ? __fget_files+0x2a/0x420
[  831.988053][T12814]  ? __fget_files+0x2a/0x420
[  831.988064][T12814]  ? __fget_files+0x3a6/0x420
[  831.988074][T12814]  ? __fget_files+0x2a/0x420
[  831.988087][T12814]  security_file_ioctl+0xc3/0x2a0
[  831.988104][T12814]  __se_sys_ioctl+0x47/0x170
[  831.988121][T12814]  do_syscall_64+0x14d/0xf80
[  831.988137][T12814]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.988149][T12814]  ? clear_bhb_loop+0x40/0x90
[  831.988162][T12814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.988172][T12814] RIP: 0033:0x7f6df3dac799
[  831.988187][T12814] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  831.988196][T12814] RSP: 002b:00007f6df1fe5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  831.988209][T12814] RAX: ffffffffffffffda RBX: 00007f6df4026090 RCX: 00007f6df3dac799
[  831.988216][T12814] RDX: 0000200000000080 RSI: 00000000c00c642d RDI: 0000000000000003
[  831.988223][T12814] RBP: 00007f6df1fe5090 R08: 0000000000000000 R09: 0000000000000000
[  831.988229][T12814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  831.988236][T12814] R13: 00007f6df4026128 R14: 00007f6df4026090 R15: 00007ffc7eb7c8c8
[  831.988252][T12814]  </TASK>
[  831.988288][T12814] ERROR: Out of memory at tomoyo_realpath_from_path.
[  832.796891][T12827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2124'.
[  833.879683][T12834] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2125'.
[  835.276253][T12854] netlink: 'syz.3.2131': attribute type 1 has an invalid length.
[  835.335547][T12854] gretap1: entered allmulticast mode
[  835.363993][T12854] bond1: (slave gretap1): making interface the new active one
[  835.368993][T12854] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  836.309927][T12862] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  836.310207][T12862] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  836.317710][T12863] syzkaller0: entered promiscuous mode
[  836.317781][T12863] syzkaller0: entered allmulticast mode
[  836.580755][T12869] FAULT_INJECTION: forcing a failure.
[  836.580755][T12869] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  836.580778][T12869] CPU: 0 UID: 0 PID: 12869 Comm: syz.1.2132 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  836.580794][T12869] Tainted: [L]=SOFTLOCKUP
[  836.580798][T12869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  836.580805][T12869] Call Trace:
[  836.580810][T12869]  <TASK>
[  836.580815][T12869]  dump_stack_lvl+0xe8/0x150
[  836.580835][T12869]  should_fail_ex+0x46b/0x600
[  836.580855][T12869]  _copy_from_user+0x2d/0xb0
[  836.580868][T12869]  core_sys_select+0x6ff/0xc30
[  836.580889][T12869]  ? __pfx_core_sys_select+0x10/0x10
[  836.580911][T12869]  ? __pfx_set_user_sigmask+0x10/0x10
[  836.580926][T12869]  ? rt_mutex_slowunlock+0x1cb/0x300
[  836.580939][T12869]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  836.580953][T12869]  __se_sys_pselect6+0x267/0x320
[  836.580967][T12869]  ? __pfx___se_sys_pselect6+0x10/0x10
[  836.580978][T12869]  ? __pfx_ksys_write+0x10/0x10
[  836.580996][T12869]  ? __x64_sys_pselect6+0x21/0xf0
[  836.581008][T12869]  do_syscall_64+0x14d/0xf80
[  836.581022][T12869]  ? trace_irq_disable+0x3b/0x150
[  836.581043][T12869]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  836.581060][T12869]  ? clear_bhb_loop+0x40/0x90
[  836.581073][T12869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  836.581083][T12869] RIP: 0033:0x7f6df3dac799
[  836.581094][T12869] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  836.581103][T12869] RSP: 002b:00007f6df1fe5028 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  836.581115][T12869] RAX: ffffffffffffffda RBX: 00007f6df4026090 RCX: 00007f6df3dac799
[  836.581123][T12869] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  836.581129][T12869] RBP: 00007f6df1fe5090 R08: 0000000000000000 R09: 0000000000000000
[  836.581136][T12869] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  836.581142][T12869] R13: 00007f6df4026128 R14: 00007f6df4026090 R15: 00007ffc7eb7c8c8
[  836.581158][T12869]  </TASK>
[  838.833575][T12874] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2136'.
[  840.213240][ T5863] usb 4-1: new full-speed USB device number 53 using dummy_hcd
[  840.435178][T12912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2148'.
[  840.594231][ T5798] usb 2-1: new low-speed USB device number 50 using dummy_hcd
[  840.743459][ T5798] usb 2-1: device descriptor read/64, error -71
[  841.103013][ T5798] usb 2-1: new low-speed USB device number 51 using dummy_hcd
[  842.172469][ T5863] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  842.172504][ T5863] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  842.172526][ T5863] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  842.172567][ T5863] usb 4-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  842.172587][ T5863] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  842.183560][ T5863] usb 4-1: config 0 descriptor??
[  842.483037][ T5798] usb 2-1: device descriptor read/64, error -71
[  842.593316][ T5798] usb usb2-port1: attempt power cycle
[  842.663219][ T5863] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  842.663254][ T5863] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  842.663280][ T5863] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  842.663306][ T5863] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  842.663334][ T5863] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  842.663360][ T5863] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  842.663386][ T5863] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  842.663411][ T5863] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  842.663437][ T5863] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  842.663462][ T5863] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  842.668893][ T5863] hid-multitouch 0003:0457:07DA.0013: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.3-1/input0
[  842.853399][ T5863] usb 3-1: new full-speed USB device number 50 using dummy_hcd
[  842.881833][   T36] usb 4-1: USB disconnect, device number 53
[  842.933140][ T5798] usb 2-1: new low-speed USB device number 52 using dummy_hcd
[  842.953696][ T5798] usb 2-1: device descriptor read/8, error -71
[  843.015566][ T5863] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  843.015602][ T5863] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  843.015626][ T5863] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  843.015666][ T5863] usb 3-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  843.015688][ T5863] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  843.021564][ T5863] usb 3-1: config 0 descriptor??
[  843.213003][ T5798] usb 2-1: new low-speed USB device number 53 using dummy_hcd
[  843.423025][ T5798] usb 2-1: device not accepting address 53, error -71
[  843.423434][ T5798] usb usb2-port1: unable to enumerate USB device
[  843.630694][ T5863] hid-multitouch 0003:0457:07DA.0014: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.2-1/input0
[  843.803163][  T992] usb 3-1: USB disconnect, device number 50
[  843.867410][T12936] fido_id[12936]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  844.308011][T12946] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2162'.
[  846.140823][T12982] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2173'.
[  846.902999][ T5863] usb 4-1: new low-speed USB device number 54 using dummy_hcd
[  847.292994][ T5863] usb 4-1: device descriptor read/64, error -71
[  847.442918][T12993] IPVS: set_ctl: invalid protocol: 29 0.0.0.0:20002
[  847.443025][T12993] IPVS: set_ctl: invalid protocol: 29 0.0.0.0:20002
[  847.543406][ T5863] usb 4-1: new low-speed USB device number 55 using dummy_hcd
[  847.698745][ T5863] usb 4-1: device descriptor read/64, error -71
[  847.858642][ T5863] usb usb4-port1: attempt power cycle
[  848.223511][ T5863] usb 4-1: new low-speed USB device number 56 using dummy_hcd
[  848.249778][ T5863] usb 4-1: device descriptor read/8, error -71
[  848.763136][ T5863] usb 4-1: new low-speed USB device number 57 using dummy_hcd
[  848.816996][T13009] FAULT_INJECTION: forcing a failure.
[  848.816996][T13009] name failslab, interval 1, probability 0, space 0, times 0
[  848.817027][T13009] CPU: 1 UID: 0 PID: 13009 Comm: syz.4.2183 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  848.817042][T13009] Tainted: [L]=SOFTLOCKUP
[  848.817046][T13009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  848.817053][T13009] Call Trace:
[  848.817057][T13009]  <TASK>
[  848.817063][T13009]  dump_stack_lvl+0xe8/0x150
[  848.817086][T13009]  should_fail_ex+0x46b/0x600
[  848.817106][T13009]  should_failslab+0xa8/0x100
[  848.817124][T13009]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  848.817145][T13009]  ? __alloc_skb+0x1d0/0x7d0
[  848.817159][T13009]  ? lockdep_hardirqs_on+0x7a/0x110
[  848.817176][T13009]  __alloc_skb+0x1d0/0x7d0
[  848.817187][T13009]  ? rtlock_slowlock_locked+0xfb/0x3c80
[  848.817202][T13009]  alloc_skb_with_frags+0xca/0x890
[  848.817279][T13009]  ? ref_tracker_alloc+0x332/0x4a0
[  848.817292][T13009]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  848.817303][T13009]  ? __lock_acquire+0x6b5/0x2cf0
[  848.817315][T13009]  sock_alloc_send_pskb+0x884/0x9a0
[  848.817333][T13009]  ? ieee802154_get_dev+0x12f/0x770
[  848.817403][T13009]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  848.817417][T13009]  ? __pfx_ieee802154_get_dev+0x10/0x10
[  848.817431][T13009]  ? smack_socket_sendmsg+0x1a9/0x590
[  848.817448][T13009]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  848.817462][T13009]  ? dgram_sendmsg+0x1fe/0xe80
[  848.817478][T13009]  dgram_sendmsg+0x40a/0xe80
[  848.817495][T13009]  ? __pfx_dgram_sendmsg+0x10/0x10
[  848.817509][T13009]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  848.817530][T13009]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  848.817548][T13009]  ____sys_sendmsg+0xa4e/0xac0
[  848.817561][T13009]  ? __lock_acquire+0x6b5/0x2cf0
[  848.817574][T13009]  ? __pfx_____sys_sendmsg+0x10/0x10
[  848.817592][T13009]  ? import_iovec+0x73/0xa0
[  848.817606][T13009]  ___sys_sendmsg+0x2a5/0x360
[  848.817622][T13009]  ? __pfx____sys_sendmsg+0x10/0x10
[  848.817644][T13009]  ? kstrtouint+0x6e/0xe0
[  848.817672][T13009]  ? __fget_files+0x2a/0x420
[  848.817685][T13009]  ? __fget_files+0x3a6/0x420
[  848.817701][T13009]  __sys_sendmmsg+0x282/0x4e0
[  848.817717][T13009]  ? __pfx___sys_sendmmsg+0x10/0x10
[  848.817735][T13009]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  848.817753][T13009]  ? ksys_write+0x248/0x270
[  848.817768][T13009]  ? __pfx_ksys_write+0x10/0x10
[  848.817784][T13009]  __x64_sys_sendmmsg+0xa0/0xc0
[  848.817799][T13009]  do_syscall_64+0x14d/0xf80
[  848.817812][T13009]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.817823][T13009]  ? clear_bhb_loop+0x40/0x90
[  848.817836][T13009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.817846][T13009] RIP: 0033:0x7fe74eb3c799
[  848.817858][T13009] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  848.817868][T13009] RSP: 002b:00007fe74cd75028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  848.817880][T13009] RAX: ffffffffffffffda RBX: 00007fe74edb6090 RCX: 00007fe74eb3c799
[  848.817888][T13009] RDX: 0000000004000050 RSI: 00002000000196c0 RDI: 0000000000000006
[  848.817895][T13009] RBP: 00007fe74cd75090 R08: 0000000000000000 R09: 0000000000000000
[  848.817902][T13009] R10: 000000000400c010 R11: 0000000000000246 R12: 0000000000000001
[  848.817908][T13009] R13: 00007fe74edb6128 R14: 00007fe74edb6090 R15: 00007ffd2615ef88
[  848.817925][T13009]  </TASK>
[  848.894353][ T5863] usb 4-1: device descriptor read/8, error -71
[  849.012119][ T5863] usb usb4-port1: unable to enumerate USB device
[  849.543954][T13019] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2186'.
[  850.647003][T13020] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2185'.
[  852.719111][T13038] FAULT_INJECTION: forcing a failure.
[  852.719111][T13038] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  852.719149][T13038] CPU: 1 UID: 0 PID: 13038 Comm: syz.0.2194 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  852.719177][T13038] Tainted: [L]=SOFTLOCKUP
[  852.719185][T13038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  852.719197][T13038] Call Trace:
[  852.719205][T13038]  <TASK>
[  852.719215][T13038]  dump_stack_lvl+0xe8/0x150
[  852.719251][T13038]  should_fail_ex+0x46b/0x600
[  852.719289][T13038]  _copy_from_iter+0x1d3/0x1670
[  852.719309][T13038]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  852.719336][T13038]  ? __pfx_policy_nodemask+0x10/0x10
[  852.719473][T13038]  ? __pfx__copy_from_iter+0x10/0x10
[  852.719499][T13038]  ? set_page_refcounted+0xa0/0x1e0
[  852.719530][T13038]  ? page_copy_sane+0x4e/0x270
[  852.719553][T13038]  copy_page_from_iter+0xdd/0x170
[  852.719579][T13038]  tun_get_user+0x1d4b/0x3de0
[  852.719612][T13038]  ? tun_get_user+0x6ff/0x3de0
[  852.719653][T13038]  ? __pfx_tun_get_user+0x10/0x10
[  852.719694][T13038]  ? ref_tracker_alloc+0x332/0x4a0
[  852.719718][T13038]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  852.719743][T13038]  ? tun_get+0x1c/0x2f0
[  852.719771][T13038]  ? tun_get+0x1c/0x2f0
[  852.719792][T13038]  ? tun_get+0x1c/0x2f0
[  852.719825][T13038]  tun_chr_write_iter+0x119/0x200
[  852.719850][T13038]  vfs_write+0x629/0xba0
[  852.719886][T13038]  ? __pfx_vfs_write+0x10/0x10
[  852.719923][T13038]  ? __fget_files+0x2a/0x420
[  852.719955][T13038]  ksys_write+0x156/0x270
[  852.719985][T13038]  ? __pfx_ksys_write+0x10/0x10
[  852.720022][T13038]  do_syscall_64+0x14d/0xf80
[  852.720050][T13038]  ? trace_irq_disable+0x3b/0x150
[  852.720074][T13038]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.720095][T13038]  ? clear_bhb_loop+0x40/0x90
[  852.720120][T13038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.720140][T13038] RIP: 0033:0x7f4de04fcfce
[  852.720158][T13038] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  852.720176][T13038] RSP: 002b:00007f4dde795fb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  852.720198][T13038] RAX: ffffffffffffffda RBX: 00007f4dde7966c0 RCX: 00007f4de04fcfce
[  852.720213][T13038] RDX: 000000000000003e RSI: 0000200000000040 RDI: 00000000000000c8
[  852.720230][T13038] RBP: 00007f4dde796090 R08: 0000000000000000 R09: 0000000000000000
[  852.720243][T13038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  852.720257][T13038] R13: 00007f4de07b6038 R14: 00007f4de07b5fa0 R15: 00007ffd4efccef8
[  852.720288][T13038]  </TASK>
[  852.775098][T13040] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  852.775600][T13040] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  852.879336][T13045] 9p: Bad value for 'wfdno'
[  854.479779][T13063] FAULT_INJECTION: forcing a failure.
[  854.479779][T13063] name failslab, interval 1, probability 0, space 0, times 0
[  854.479811][T13063] CPU: 1 UID: 0 PID: 13063 Comm: syz.0.2200 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  854.479832][T13063] Tainted: [L]=SOFTLOCKUP
[  854.479838][T13063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  854.479847][T13063] Call Trace:
[  854.479854][T13063]  <TASK>
[  854.479861][T13063]  dump_stack_lvl+0xe8/0x150
[  854.479888][T13063]  should_fail_ex+0x46b/0x600
[  854.479917][T13063]  should_failslab+0xa8/0x100
[  854.479942][T13063]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  854.479964][T13063]  ? __alloc_skb+0x1d0/0x7d0
[  854.479980][T13063]  ? lockdep_hardirqs_on+0x7a/0x110
[  854.480004][T13063]  __alloc_skb+0x1d0/0x7d0
[  854.480024][T13063]  netlink_sendmsg+0x5d4/0xb40
[  854.480049][T13063]  ? __pfx_netlink_sendmsg+0x10/0x10
[  854.480074][T13063]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  854.480098][T13063]  ____sys_sendmsg+0xa4e/0xac0
[  854.480124][T13063]  ? __pfx_____sys_sendmsg+0x10/0x10
[  854.480150][T13063]  ? import_iovec+0x73/0xa0
[  854.480171][T13063]  ___sys_sendmsg+0x2a5/0x360
[  854.480194][T13063]  ? __pfx____sys_sendmsg+0x10/0x10
[  854.480238][T13063]  ? __fget_files+0x2a/0x420
[  854.480256][T13063]  ? __fget_files+0x3a6/0x420
[  854.480281][T13063]  __x64_sys_sendmsg+0x1c3/0x2a0
[  854.480302][T13063]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  854.480327][T13063]  ? __pfx_ksys_write+0x10/0x10
[  854.480354][T13063]  do_syscall_64+0x14d/0xf80
[  854.480374][T13063]  ? trace_irq_disable+0x3b/0x150
[  854.480390][T13063]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.480404][T13063]  ? clear_bhb_loop+0x40/0x90
[  854.480421][T13063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.480436][T13063] RIP: 0033:0x7f4de053c799
[  854.480450][T13063] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  854.480463][T13063] RSP: 002b:00007f4dde796028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  854.480479][T13063] RAX: ffffffffffffffda RBX: 00007f4de07b5fa0 RCX: 00007f4de053c799
[  854.480490][T13063] RDX: 0000000024000000 RSI: 0000200000000100 RDI: 0000000000000003
[  854.480499][T13063] RBP: 00007f4dde796090 R08: 0000000000000000 R09: 0000000000000000
[  854.480508][T13063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.480516][T13063] R13: 00007f4de07b6038 R14: 00007f4de07b5fa0 R15: 00007ffd4efccef8
[  854.480538][T13063]  </TASK>
[  854.932595][T13067] FAULT_INJECTION: forcing a failure.
[  854.932595][T13067] name failslab, interval 1, probability 0, space 0, times 0
[  854.932630][T13067] CPU: 1 UID: 0 PID: 13067 Comm: syz.2.2202 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  854.932657][T13067] Tainted: [L]=SOFTLOCKUP
[  854.932665][T13067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  854.932677][T13067] Call Trace:
[  854.932684][T13067]  <TASK>
[  854.932692][T13067]  dump_stack_lvl+0xe8/0x150
[  854.932725][T13067]  should_fail_ex+0x46b/0x600
[  854.932762][T13067]  should_failslab+0xa8/0x100
[  854.932795][T13067]  __kmalloc_noprof+0xdf/0x7b0
[  854.932823][T13067]  ? tomoyo_encode+0x28b/0x550
[  854.932858][T13067]  tomoyo_encode+0x28b/0x550
[  854.932891][T13067]  tomoyo_realpath_from_path+0x58d/0x5d0
[  854.932929][T13067]  ? tomoyo_path_number_perm+0x219/0x630
[  854.932955][T13067]  tomoyo_path_number_perm+0x246/0x630
[  854.932983][T13067]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  854.933007][T13067]  ? __lock_acquire+0x6b5/0x2cf0
[  854.933054][T13067]  ? __fget_files+0x2a/0x420
[  854.933078][T13067]  ? __fget_files+0x2a/0x420
[  854.933098][T13067]  ? __fget_files+0x3a6/0x420
[  854.933119][T13067]  ? __fget_files+0x2a/0x420
[  854.933144][T13067]  security_file_ioctl+0xc3/0x2a0
[  854.933172][T13067]  __se_sys_ioctl+0x47/0x170
[  854.933203][T13067]  do_syscall_64+0x14d/0xf80
[  854.933227][T13067]  ? trace_irq_disable+0x3b/0x150
[  854.933248][T13067]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.933267][T13067]  ? clear_bhb_loop+0x40/0x90
[  854.933289][T13067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.933308][T13067] RIP: 0033:0x7f31eadbc799
[  854.933325][T13067] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  854.933344][T13067] RSP: 002b:00007f31e9016028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  854.933364][T13067] RAX: ffffffffffffffda RBX: 00007f31eb035fa0 RCX: 00007f31eadbc799
[  854.933378][T13067] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009
[  854.933390][T13067] RBP: 00007f31e9016090 R08: 0000000000000000 R09: 0000000000000000
[  854.933402][T13067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.933414][T13067] R13: 00007f31eb036038 R14: 00007f31eb035fa0 R15: 00007ffff9a2be38
[  854.933445][T13067]  </TASK>
[  854.933636][T13067] ERROR: Out of memory at tomoyo_realpath_from_path.
[  855.103197][    C0] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  855.540588][T13083] 9p: Bad value for 'wfdno'
[  856.230914][T13090] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2210'.
[  857.032566][ T5806] Bluetooth: hci1: unexpected event for opcode 0x0005
[  857.265140][  T992] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  857.415853][  T992] usb 3-1: Using ep0 maxpacket: 8
[  857.418972][  T992] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  857.419001][  T992] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  857.419027][  T992] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  857.419052][  T992] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  857.419093][  T992] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  857.419117][  T992] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  857.715681][  T992] usb 3-1: GET_CAPABILITIES returned 0
[  857.715727][  T992] usbtmc 3-1:16.0: can't read capabilities
[  858.044253][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.044337][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.044408][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.044823][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.044893][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.044961][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.048819][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.048895][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.048957][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.049262][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.049300][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.049335][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.049560][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.049596][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.049630][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  858.049664][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  858.125248][T10113] usb 3-1: USB disconnect, device number 51
[  858.353692][   T36] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  858.643881][   T36] usb 2-1: Using ep0 maxpacket: 8
[  858.801338][   T36] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  858.801394][   T36] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  858.801416][   T36] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  858.801440][   T36] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  858.801463][   T36] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  858.801502][   T36] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  858.801524][   T36] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  858.994841][T13124] 9p: Bad value for 'rfdno'
[  859.042821][   T36] usb 2-1: usb_control_msg returned -32
[  859.043286][   T36] usbtmc 2-1:16.0: can't read capabilities
[  859.118972][T13127] input: syz1 as /devices/virtual/input/input30
[  859.510171][T13131] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2223'.
[  860.276777][T13110] usbtmc 2-1:16.0: usb_control_msg returned -32
[  860.470321][T13105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  860.483524][T13105] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  860.711408][ T5798] usb 2-1: USB disconnect, device number 54
[  861.130884][T13139] FAULT_INJECTION: forcing a failure.
[  861.130884][T13139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  861.130920][T13139] CPU: 0 UID: 0 PID: 13139 Comm: syz.3.2225 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  861.130956][T13139] Tainted: [L]=SOFTLOCKUP
[  861.130963][T13139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  861.130975][T13139] Call Trace:
[  861.130984][T13139]  <TASK>
[  861.130993][T13139]  dump_stack_lvl+0xe8/0x150
[  861.131029][T13139]  should_fail_ex+0x46b/0x600
[  861.131067][T13139]  _copy_from_user+0x2d/0xb0
[  861.131092][T13139]  kstrtouint_from_user+0xd6/0x180
[  861.131126][T13139]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  861.131162][T13139]  ? __lock_acquire+0x6b5/0x2cf0
[  861.131191][T13139]  proc_fail_nth_write+0x8e/0x210
[  861.131216][T13139]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  861.131243][T13139]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  861.131268][T13139]  vfs_write+0x2a3/0xba0
[  861.131304][T13139]  ? __pfx_vfs_write+0x10/0x10
[  861.131333][T13139]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  861.131361][T13139]  ? lockdep_hardirqs_on+0x7a/0x110
[  861.131388][T13139]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  861.131415][T13139]  ? mutex_lock_nested+0x152/0x1d0
[  861.131434][T13139]  ? fdget_pos+0x252/0x320
[  861.131465][T13139]  ksys_write+0x156/0x270
[  861.131495][T13139]  ? __pfx_ksys_write+0x10/0x10
[  861.131533][T13139]  do_syscall_64+0x14d/0xf80
[  861.131560][T13139]  ? trace_irq_disable+0x3b/0x150
[  861.131583][T13139]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.131604][T13139]  ? clear_bhb_loop+0x40/0x90
[  861.131628][T13139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.131648][T13139] RIP: 0033:0x7f35bf40cfce
[  861.131667][T13139] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  861.131684][T13139] RSP: 002b:00007f35bd69dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  861.131704][T13139] RAX: ffffffffffffffda RBX: 00007f35bd69e6c0 RCX: 00007f35bf40cfce
[  861.131716][T13139] RDX: 0000000000000001 RSI: 00007f35bd69e0a0 RDI: 0000000000000005
[  861.131729][T13139] RBP: 00007f35bd69e090 R08: 0000000000000000 R09: 0000000000000000
[  861.131741][T13139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  861.131758][T13139] R13: 00007f35bf6c6038 R14: 00007f35bf6c5fa0 R15: 00007ffcbdac9288
[  861.131787][T13139]  </TASK>
[  863.272829][T13162] 9p: Bad value for 'rfdno'
[  864.851308][ T5798] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  865.013037][   T36] usb 2-1: new full-speed USB device number 55 using dummy_hcd
[  865.143400][ T5798] usb 3-1: Using ep0 maxpacket: 8
[  865.184930][T13173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2234'.
[  865.242373][ T5798] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  865.242514][ T5798] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  865.242652][ T5798] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  865.242734][ T5798] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  865.243419][ T5798] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  865.243560][ T5798] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  865.885992][   T36] usb 2-1: unable to get BOS descriptor or descriptor too short
[  865.886705][   T36] usb 2-1: not running at top speed; connect to a high speed hub
[  865.890150][   T36] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  865.890181][   T36] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  865.890218][   T36] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  865.890264][   T36] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  865.965685][   T36] usb 2-1: New USB device found, idVendor=1235, idProduct=8212, bcdDevice= 0.40
[  865.965718][   T36] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  865.965738][   T36] usb 2-1: Product: syz
[  865.965753][   T36] usb 2-1: Manufacturer: syz
[  865.965768][   T36] usb 2-1: SerialNumber: syz
[  866.274338][T13176] input: syz1 as /devices/virtual/input/input31
[  866.346271][ T5798] usb 3-1: can't set config #16, error -71
[  866.521035][ T5798] usb 3-1: USB disconnect, device number 52
[  867.154685][   T36] usb 2-1: USB disconnect, device number 55
[  867.257289][T11897] udevd[11897]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  867.420939][T13190] 9p: Bad value for 'rfdno'
[  867.853103][   T36] usb 2-1: new low-speed USB device number 56 using dummy_hcd
[  868.035218][   T36] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  868.035276][   T36] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  868.035306][   T36] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  868.035330][   T36] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  868.035356][   T36] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  868.037027][   T36] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  868.037086][   T36] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  868.037117][   T36] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  868.037147][   T36] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  868.037178][   T36] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  868.039505][   T36] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  868.039554][   T36] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  868.039582][   T36] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  868.039612][   T36] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  868.039642][   T36] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  868.129502][   T36] usb 2-1: string descriptor 0 read error: -22
[  868.129639][   T36] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  868.129663][   T36] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  868.275483][   T36] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  868.480630][ T6307] usb 2-1: USB disconnect, device number 56
[  870.234879][T13213] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2247'.
[  870.761364][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  870.761916][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  871.673951][T13219] tap0: tun_chr_ioctl cmd 1074025676
[  871.673965][T13219] tap0: owner set to 0
[  873.633320][T13230] FAULT_INJECTION: forcing a failure.
[  873.633320][T13230] name failslab, interval 1, probability 0, space 0, times 0
[  873.633347][T13230] CPU: 1 UID: 0 PID: 13230 Comm: syz.2.2252 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  873.633362][T13230] Tainted: [L]=SOFTLOCKUP
[  873.633366][T13230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  873.633373][T13230] Call Trace:
[  873.633377][T13230]  <TASK>
[  873.633382][T13230]  dump_stack_lvl+0xe8/0x150
[  873.633403][T13230]  should_fail_ex+0x46b/0x600
[  873.633422][T13230]  should_failslab+0xa8/0x100
[  873.633440][T13230]  __kmalloc_noprof+0xdf/0x7b0
[  873.633455][T13230]  ? bpf_test_init+0x9f/0x150
[  873.633538][T13230]  ? kstrtouint+0x6e/0xe0
[  873.633554][T13230]  bpf_test_init+0x9f/0x150
[  873.633567][T13230]  bpf_prog_test_run_xdp+0x529/0x1160
[  873.633586][T13230]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  873.633599][T13230]  ? __fget_files+0x2a/0x420
[  873.633614][T13230]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  873.633625][T13230]  bpf_prog_test_run+0x2cd/0x340
[  873.633641][T13230]  __sys_bpf+0x643/0x950
[  873.633654][T13230]  ? __pfx___sys_bpf+0x10/0x10
[  873.633665][T13230]  ? rt_mutex_slowunlock+0x1cb/0x300
[  873.633684][T13230]  ? ksys_write+0x248/0x270
[  873.633699][T13230]  ? __pfx_ksys_write+0x10/0x10
[  873.633716][T13230]  __x64_sys_bpf+0x7c/0x90
[  873.633727][T13230]  do_syscall_64+0x14d/0xf80
[  873.633741][T13230]  ? trace_irq_disable+0x3b/0x150
[  873.633753][T13230]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.633763][T13230]  ? clear_bhb_loop+0x40/0x90
[  873.633776][T13230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.633786][T13230] RIP: 0033:0x7f31eadbc799
[  873.633797][T13230] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  873.633806][T13230] RSP: 002b:00007f31e9016028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  873.633817][T13230] RAX: ffffffffffffffda RBX: 00007f31eb035fa0 RCX: 00007f31eadbc799
[  873.633825][T13230] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  873.633839][T13230] RBP: 00007f31e9016090 R08: 0000000000000000 R09: 0000000000000000
[  873.633845][T13230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  873.633851][T13230] R13: 00007f31eb036038 R14: 00007f31eb035fa0 R15: 00007ffff9a2be38
[  873.633867][T13230]  </TASK>
[  874.095964][T13237] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2255'.
[  874.428585][T13249] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2258'.
[  875.719707][T13254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2259'.
[  876.982072][T13259] netlink: zone id is out of range
[  876.982621][T13259] netlink: zone id is out of range
[  876.982700][T13259] netlink: zone id is out of range
[  876.983138][T13259] netlink: zone id is out of range
[  876.983187][T13259] netlink: zone id is out of range
[  876.983363][T13259] netlink: zone id is out of range
[  876.983808][T13259] netlink: zone id is out of range
[  876.984265][T13259] netlink: zone id is out of range
[  876.984275][T13259] netlink: zone id is out of range
[  876.984283][T13259] netlink: zone id is out of range
[  877.393969][T13270] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  877.770767][ T5806] Bluetooth: hci5: unexpected event for opcode 0x1005
[  877.795539][   T37] kauditd_printk_skb: 22 callbacks suppressed
[  877.795557][   T37] audit: type=1326 audit(1772839055.834:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13275 comm="syz.0.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4de053c799 code=0x7ffc0000
[  877.797327][   T37] audit: type=1326 audit(1772839055.834:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13275 comm="syz.0.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4de053c799 code=0x7ffc0000
[  877.799811][   T37] audit: type=1326 audit(1772839055.834:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13275 comm="syz.0.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=143 compat=0 ip=0x7f4de053c799 code=0x7ffc0000
[  877.800145][   T37] audit: type=1326 audit(1772839055.834:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13275 comm="syz.0.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4de053c799 code=0x7ffc0000
[  877.802095][   T37] audit: type=1326 audit(1772839055.834:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13275 comm="syz.0.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4de04fcfce code=0x7ffc0000
[  877.802613][   T37] audit: type=1326 audit(1772839055.834:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13275 comm="syz.0.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f4de053da97 code=0x7ffc0000
[  877.803964][   T37] audit: type=1326 audit(1772839055.844:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13275 comm="syz.0.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4de053c799 code=0x7ffc0000
[  877.835310][   T37] audit: type=1326 audit(1772839055.874:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13275 comm="syz.0.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f4de053da97 code=0x7ffc0000
[  877.838996][   T37] audit: type=1326 audit(1772839055.874:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13275 comm="syz.0.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4de04fcfce code=0x7ffc0000
[  877.839044][   T37] audit: type=1326 audit(1772839055.874:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13275 comm="syz.0.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4de053c799 code=0x7ffc0000
[  878.363106][ T5798] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  878.513029][ T6307] usb 4-1: new low-speed USB device number 58 using dummy_hcd
[  878.513983][ T5798] usb 3-1: Using ep0 maxpacket: 32
[  878.516107][ T5798] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  878.516121][ T5798] usb 3-1: config 0 has no interface number 0
[  878.519993][ T5798] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8
[  878.520010][ T5798] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  878.520020][ T5798] usb 3-1: Product: syz
[  878.520028][ T5798] usb 3-1: Manufacturer: syz
[  878.520035][ T5798] usb 3-1: SerialNumber: syz
[  878.527255][ T5798] usb 3-1: config 0 descriptor??
[  878.549006][ T5798] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  878.549129][ T5798] usb 3-1: selecting invalid altsetting 1
[  878.549147][ T5798] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  878.565201][ T5798] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  878.565787][ T5798] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  878.565863][ T5798] usb 3-1: media controller created
[  878.615466][ T5798] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  878.775545][ T6307] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  878.775598][ T6307] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  878.775626][ T6307] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  878.775651][ T6307] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  878.775677][ T6307] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  878.778318][ T6307] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  878.778368][ T6307] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  878.778395][ T6307] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  878.778421][ T6307] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  878.778446][ T6307] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  878.794437][ T6307] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  878.794507][ T6307] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  878.794533][ T6307] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  878.794557][ T6307] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  878.794583][ T6307] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  879.668533][T13293] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2268'.
[  880.232638][T13296] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2271'.
[  880.474781][ T6307] usb 4-1: string descriptor 0 read error: -22
[  880.525769][ T6307] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  880.527400][ T6307] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  880.735418][ T6307] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  880.908430][ T6307] usb 4-1: USB disconnect, device number 58
[  881.385193][T13303] FAULT_INJECTION: forcing a failure.
[  881.385193][T13303] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  881.385251][T13303] CPU: 1 UID: 0 PID: 13303 Comm: syz.0.2272 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  881.385279][T13303] Tainted: [L]=SOFTLOCKUP
[  881.385287][T13303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  881.385300][T13303] Call Trace:
[  881.385308][T13303]  <TASK>
[  881.385317][T13303]  dump_stack_lvl+0xe8/0x150
[  881.385352][T13303]  should_fail_ex+0x46b/0x600
[  881.385389][T13303]  _copy_from_user+0x2d/0xb0
[  881.385415][T13303]  __sys_bind+0x1cc/0x410
[  881.385440][T13303]  ? __pfx___sys_bind+0x10/0x10
[  881.385459][T13303]  ? rcu_is_watching+0x15/0xb0
[  881.385503][T13303]  __x64_sys_bind+0x7a/0x90
[  881.385526][T13303]  do_syscall_64+0x14d/0xf80
[  881.385553][T13303]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  881.385574][T13303]  ? clear_bhb_loop+0x40/0x90
[  881.385600][T13303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  881.385620][T13303] RIP: 0033:0x7f4de053c799
[  881.385639][T13303] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  881.385656][T13303] RSP: 002b:00007f4dde754028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  881.385677][T13303] RAX: ffffffffffffffda RBX: 00007f4de07b6180 RCX: 00007f4de053c799
[  881.385692][T13303] RDX: 0000000000000040 RSI: 00002000000000c0 RDI: 0000000000000009
[  881.385705][T13303] RBP: 00007f4dde754090 R08: 0000000000000000 R09: 0000000000000000
[  881.385718][T13303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  881.385730][T13303] R13: 00007f4de07b6218 R14: 00007f4de07b6180 R15: 00007ffd4efccef8
[  881.385762][T13303]  </TASK>
[  882.037778][ T5798] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  882.037833][ T5798] zl10353_read_register: readreg error (reg=127, ret==-110)
[  882.403216][ T5798] usb 3-1: USB disconnect, device number 53
[  882.835348][T13312] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2276'.
[  883.903831][T13317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2278'.
[  884.038187][T13319] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2280'.
[  884.120607][T13322] FAULT_INJECTION: forcing a failure.
[  884.120607][T13322] name failslab, interval 1, probability 0, space 0, times 0
[  884.120645][T13322] CPU: 1 UID: 0 PID: 13322 Comm: syz.3.2279 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  884.120674][T13322] Tainted: [L]=SOFTLOCKUP
[  884.120681][T13322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  884.120694][T13322] Call Trace:
[  884.120702][T13322]  <TASK>
[  884.120711][T13322]  dump_stack_lvl+0xe8/0x150
[  884.120747][T13322]  should_fail_ex+0x46b/0x600
[  884.120786][T13322]  should_failslab+0xa8/0x100
[  884.120819][T13322]  kmem_cache_alloc_noprof+0x87/0x680
[  884.120848][T13322]  ? delayed_getname_uflags+0x3e/0x1f0
[  884.120869][T13322]  ? __pfx___io_alloc_req_refill+0x10/0x10
[  884.120903][T13322]  delayed_getname_uflags+0x3e/0x1f0
[  884.120929][T13322]  io_linkat_prep+0x1b8/0x330
[  884.120961][T13322]  io_submit_sqes+0xb35/0x2370
[  884.121021][T13322]  __se_sys_io_uring_enter+0x2d2/0x18c0
[  884.121065][T13322]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  884.121097][T13322]  ? ksys_write+0x202/0x270
[  884.121127][T13322]  ? __pfx_ksys_write+0x10/0x10
[  884.121160][T13322]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  884.121190][T13322]  do_syscall_64+0x14d/0xf80
[  884.121218][T13322]  ? trace_irq_disable+0x3b/0x150
[  884.121241][T13322]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  884.121262][T13322]  ? clear_bhb_loop+0x40/0x90
[  884.121287][T13322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  884.121307][T13322] RIP: 0033:0x7f35bf44c799
[  884.121326][T13322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  884.121344][T13322] RSP: 002b:00007f35bd69e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  884.121372][T13322] RAX: ffffffffffffffda RBX: 00007f35bf6c5fa0 RCX: 00007f35bf44c799
[  884.121388][T13322] RDX: 0000000000000483 RSI: 000000000000351e RDI: 0000000000000003
[  884.121401][T13322] RBP: 00007f35bd69e090 R08: 0000000000000000 R09: 0000000000000000
[  884.121414][T13322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  884.121427][T13322] R13: 00007f35bf6c6038 R14: 00007f35bf6c5fa0 R15: 00007ffcbdac9288
[  884.121459][T13322]  </TASK>
[  888.307304][T13339] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  888.308525][ T5806] Bluetooth: hci0: command 0x0406 tx timeout
[  888.317784][T13339] Bluetooth: hci0: Opcode 0x0406 failed: -110
[  888.699621][T13339] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  888.699672][T13339] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  888.757909][T13339] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  888.757964][T13339] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  888.794306][T13339] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  888.794353][T13339] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  888.834744][T13339] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  888.834792][T13339] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  890.381745][T13385] FAULT_INJECTION: forcing a failure.
[  890.381745][T13385] name failslab, interval 1, probability 0, space 0, times 0
[  890.381770][T13385] CPU: 0 UID: 0 PID: 13385 Comm: syz.3.2299 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  890.381785][T13385] Tainted: [L]=SOFTLOCKUP
[  890.381789][T13385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  890.381795][T13385] Call Trace:
[  890.381800][T13385]  <TASK>
[  890.381805][T13385]  dump_stack_lvl+0xe8/0x150
[  890.381826][T13385]  should_fail_ex+0x46b/0x600
[  890.381846][T13385]  should_failslab+0xa8/0x100
[  890.381864][T13385]  __kmalloc_noprof+0xdf/0x7b0
[  890.381879][T13385]  ? tomoyo_encode+0x28b/0x550
[  890.381898][T13385]  tomoyo_encode+0x28b/0x550
[  890.381915][T13385]  tomoyo_realpath_from_path+0x58d/0x5d0
[  890.381941][T13385]  ? tomoyo_path_number_perm+0x219/0x630
[  890.381971][T13385]  tomoyo_path_number_perm+0x246/0x630
[  890.382012][T13385]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  890.382038][T13385]  ? __lock_acquire+0x6b5/0x2cf0
[  890.382081][T13385]  ? __fget_files+0x2a/0x420
[  890.382096][T13385]  ? __fget_files+0x2a/0x420
[  890.382107][T13385]  ? __fget_files+0x3a6/0x420
[  890.382117][T13385]  ? __fget_files+0x2a/0x420
[  890.382131][T13385]  security_file_ioctl+0xc3/0x2a0
[  890.382147][T13385]  __se_sys_ioctl+0x47/0x170
[  890.382163][T13385]  do_syscall_64+0x14d/0xf80
[  890.382177][T13385]  ? trace_irq_disable+0x3b/0x150
[  890.382189][T13385]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.382200][T13385]  ? clear_bhb_loop+0x40/0x90
[  890.382216][T13385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.382227][T13385] RIP: 0033:0x7f35bf44c799
[  890.382240][T13385] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  890.382250][T13385] RSP: 002b:00007f35bd69e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  890.382263][T13385] RAX: ffffffffffffffda RBX: 00007f35bf6c5fa0 RCX: 00007f35bf44c799
[  890.382270][T13385] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 0000000000000003
[  890.382277][T13385] RBP: 00007f35bd69e090 R08: 0000000000000000 R09: 0000000000000000
[  890.382284][T13385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  890.382290][T13385] R13: 00007f35bf6c6038 R14: 00007f35bf6c5fa0 R15: 00007ffcbdac9288
[  890.382306][T13385]  </TASK>
[  890.385449][ T5806] Bluetooth: hci0: command 0x0406 tx timeout
[  890.403045][   T10] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  890.422333][T13385] ERROR: Out of memory at tomoyo_realpath_from_path.
[  890.624493][   T10] usb 3-1: Using ep0 maxpacket: 8
[  890.648805][   T10] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  890.648837][   T10] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  890.648861][   T10] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  890.648886][   T10] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  890.648927][   T10] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  890.648950][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  890.703453][ T5806] Bluetooth: hci3: command 0x0406 tx timeout
[  890.783044][ T5806] Bluetooth: hci4: command 0x0406 tx timeout
[  890.863024][ T5806] Bluetooth: hci1: command 0x0406 tx timeout
[  890.863039][ T5804] Bluetooth: hci5: command 0x0406 tx timeout
[  890.954053][   T10] usb 3-1: GET_CAPABILITIES returned 0
[  890.954082][   T10] usbtmc 3-1:16.0: can't read capabilities
[  891.052468][T13402] FAULT_INJECTION: forcing a failure.
[  891.052468][T13402] name failslab, interval 1, probability 0, space 0, times 0
[  891.052528][T13402] CPU: 1 UID: 0 PID: 13402 Comm: syz.1.2303 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  891.052556][T13402] Tainted: [L]=SOFTLOCKUP
[  891.052564][T13402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  891.052575][T13402] Call Trace:
[  891.052583][T13402]  <TASK>
[  891.052592][T13402]  dump_stack_lvl+0xe8/0x150
[  891.052629][T13402]  should_fail_ex+0x46b/0x600
[  891.052674][T13402]  should_failslab+0xa8/0x100
[  891.052710][T13402]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  891.052741][T13402]  ? __alloc_skb+0x1d0/0x7d0
[  891.052764][T13402]  ? __local_bh_enable_ip+0x1c2/0x2b0
[  891.052797][T13402]  __alloc_skb+0x1d0/0x7d0
[  891.052826][T13402]  netlink_sendmsg+0x5d4/0xb40
[  891.052857][T13402]  ? __pfx_netlink_sendmsg+0x10/0x10
[  891.052885][T13402]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  891.052914][T13402]  ____sys_sendmsg+0xa4e/0xac0
[  891.052940][T13402]  ? irqentry_exit+0x59e/0x620
[  891.052974][T13402]  ? __pfx_____sys_sendmsg+0x10/0x10
[  891.053008][T13402]  ? ___sys_sendmsg+0x28a/0x360
[  891.053038][T13402]  ___sys_sendmsg+0x2a5/0x360
[  891.053070][T13402]  ? __pfx____sys_sendmsg+0x10/0x10
[  891.053129][T13402]  ? __fget_files+0x2a/0x420
[  891.053153][T13402]  ? __fget_files+0x3a6/0x420
[  891.053184][T13402]  __x64_sys_sendmsg+0x1c3/0x2a0
[  891.053214][T13402]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  891.053263][T13402]  do_syscall_64+0x14d/0xf80
[  891.053290][T13402]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  891.053310][T13402]  ? clear_bhb_loop+0x40/0x90
[  891.053335][T13402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  891.053355][T13402] RIP: 0033:0x7f6df3dac799
[  891.053373][T13402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  891.053391][T13402] RSP: 002b:00007f6df1fe5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  891.053412][T13402] RAX: ffffffffffffffda RBX: 00007f6df4026090 RCX: 00007f6df3dac799
[  891.053427][T13402] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[  891.053440][T13402] RBP: 00007f6df1fe5090 R08: 0000000000000000 R09: 0000000000000000
[  891.053453][T13402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  891.053465][T13402] R13: 00007f6df4026128 R14: 00007f6df4026090 R15: 00007ffc7eb7c8c8
[  891.053496][T13402]  </TASK>
[  892.179152][   T10] usb 3-1: USB disconnect, device number 54
[  892.543318][T13406] tmpfs: Unknown parameter '¿T'
[  892.849643][T13414] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2306'.
[  892.976122][ T5804] Bluetooth: hci5: command 0x0406 tx timeout
[  893.607534][ T5804] Bluetooth: hci3: command 0x0406 tx timeout
[  893.608056][T11842] Bluetooth: hci1: command 0x0406 tx timeout
[  893.608129][ T5806] Bluetooth: hci4: command 0x0406 tx timeout
[  894.936796][T13437] batadv_slave_1: entered promiscuous mode
[  895.043209][T13437] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2314'.
[  895.046099][T13437] netlink: 'syz.3.2314': attribute type 28 has an invalid length.
[  895.049168][T13436] batadv_slave_1: left promiscuous mode
[  895.204537][T13447] 8021q: adding VLAN 0 to HW filter on device bond1
[  895.308511][T13455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  895.308828][T13455] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  896.264173][T13468] net_ratelimit: 224 callbacks suppressed
[  896.264202][T13468] netlink: set zone limit has 4 unknown bytes
[  899.121241][T13482] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2329'.
[  900.244145][ T5804] Bluetooth: hci0: unexpected event for opcode 0x0005
[  900.382821][T13488] 9p: Bad value for 'rfdno'
[  901.630792][T13499] 9p: Bad value for 'wfdno'
[  906.634564][T13536] netlink: 'syz.0.2349': attribute type 21 has an invalid length.
[  906.634590][T13536] netlink: 'syz.0.2349': attribute type 6 has an invalid length.
[  907.992442][T13545] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  907.992975][T13545] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  908.439262][T13551] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2353'.
[  909.488437][T13574] hfs: can't find a HFS filesystem on dev nbd2
[  910.124490][T13589] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2367'.
[  910.329650][T13595] FAULT_INJECTION: forcing a failure.
[  910.329650][T13595] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  910.329866][T13595] CPU: 1 UID: 0 PID: 13595 Comm: syz.0.2370 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  910.329896][T13595] Tainted: [L]=SOFTLOCKUP
[  910.329903][T13595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  910.329926][T13595] Call Trace:
[  910.329935][T13595]  <TASK>
[  910.329943][T13595]  dump_stack_lvl+0xe8/0x150
[  910.329980][T13595]  should_fail_ex+0x46b/0x600
[  910.330019][T13595]  _copy_from_iter+0x1d3/0x1670
[  910.330041][T13595]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  910.330068][T13595]  ? __pfx_policy_nodemask+0x10/0x10
[  910.330103][T13595]  ? __pfx__copy_from_iter+0x10/0x10
[  910.330129][T13595]  ? set_page_refcounted+0xa0/0x1e0
[  910.330161][T13595]  ? page_copy_sane+0x4e/0x270
[  910.330184][T13595]  copy_page_from_iter+0xdd/0x170
[  910.330210][T13595]  tun_get_user+0x1d4b/0x3de0
[  910.330232][T13595]  ? tun_get_user+0x6ff/0x3de0
[  910.330274][T13595]  ? __pfx_tun_get_user+0x10/0x10
[  910.330316][T13595]  ? ref_tracker_alloc+0x332/0x4a0
[  910.330339][T13595]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  910.330366][T13595]  ? tun_get+0x1c/0x2f0
[  910.330393][T13595]  ? tun_get+0x1c/0x2f0
[  910.330414][T13595]  ? tun_get+0x1c/0x2f0
[  910.330440][T13595]  tun_chr_write_iter+0x119/0x200
[  910.330464][T13595]  vfs_write+0x629/0xba0
[  910.330499][T13595]  ? __pfx_vfs_write+0x10/0x10
[  910.330536][T13595]  ? __fget_files+0x2a/0x420
[  910.330568][T13595]  ksys_write+0x156/0x270
[  910.330598][T13595]  ? __pfx_ksys_write+0x10/0x10
[  910.330637][T13595]  do_syscall_64+0x14d/0xf80
[  910.330663][T13595]  ? trace_irq_disable+0x3b/0x150
[  910.330685][T13595]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.330706][T13595]  ? clear_bhb_loop+0x40/0x90
[  910.330729][T13595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.330746][T13595] RIP: 0033:0x7f4de04fcfce
[  910.330764][T13595] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  910.330781][T13595] RSP: 002b:00007f4dde795fb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  910.330803][T13595] RAX: ffffffffffffffda RBX: 00007f4dde7966c0 RCX: 00007f4de04fcfce
[  910.330817][T13595] RDX: 000000000000004e RSI: 0000200000000600 RDI: 00000000000000c8
[  910.330829][T13595] RBP: 00007f4dde796090 R08: 0000000000000000 R09: 0000000000000000
[  910.330841][T13595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  910.330852][T13595] R13: 00007f4de07b6038 R14: 00007f4de07b5fa0 R15: 00007ffd4efccef8
[  910.330881][T13595]  </TASK>
[  911.697779][T13621] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2380'.
[  911.787084][T13624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  911.787586][T13624] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  912.652181][T13642] FAULT_INJECTION: forcing a failure.
[  912.652181][T13642] name failslab, interval 1, probability 0, space 0, times 0
[  912.652217][T13642] CPU: 1 UID: 0 PID: 13642 Comm: syz.1.2388 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  912.652245][T13642] Tainted: [L]=SOFTLOCKUP
[  912.652253][T13642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  912.652266][T13642] Call Trace:
[  912.652274][T13642]  <TASK>
[  912.652282][T13642]  dump_stack_lvl+0xe8/0x150
[  912.652318][T13642]  should_fail_ex+0x46b/0x600
[  912.652356][T13642]  should_failslab+0xa8/0x100
[  912.652389][T13642]  __kmalloc_noprof+0xdf/0x7b0
[  912.652419][T13642]  ? tomoyo_encode+0x28b/0x550
[  912.652455][T13642]  tomoyo_encode+0x28b/0x550
[  912.652488][T13642]  tomoyo_realpath_from_path+0x58d/0x5d0
[  912.652530][T13642]  ? tomoyo_path_number_perm+0x219/0x630
[  912.652557][T13642]  tomoyo_path_number_perm+0x246/0x630
[  912.652586][T13642]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  912.652615][T13642]  ? __lock_acquire+0x6b5/0x2cf0
[  912.652665][T13642]  ? __fget_files+0x2a/0x420
[  912.652699][T13642]  ? __fget_files+0x2a/0x420
[  912.652721][T13642]  ? __fget_files+0x3a6/0x420
[  912.652743][T13642]  ? __fget_files+0x2a/0x420
[  912.652771][T13642]  security_file_ioctl+0xc3/0x2a0
[  912.652801][T13642]  __se_sys_ioctl+0x47/0x170
[  912.652834][T13642]  do_syscall_64+0x14d/0xf80
[  912.652864][T13642]  ? trace_irq_disable+0x3b/0x150
[  912.652885][T13642]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.652904][T13642]  ? clear_bhb_loop+0x40/0x90
[  912.652930][T13642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.652950][T13642] RIP: 0033:0x7f6df3dac799
[  912.652970][T13642] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  912.652988][T13642] RSP: 002b:00007f6df1fe5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  912.653010][T13642] RAX: ffffffffffffffda RBX: 00007f6df4026090 RCX: 00007f6df3dac799
[  912.653025][T13642] RDX: 0000200000000340 RSI: 0000000040946400 RDI: 0000000000000003
[  912.653038][T13642] RBP: 00007f6df1fe5090 R08: 0000000000000000 R09: 0000000000000000
[  912.653052][T13642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  912.653064][T13642] R13: 00007f6df4026128 R14: 00007f6df4026090 R15: 00007ffc7eb7c8c8
[  912.653096][T13642]  </TASK>
[  912.703543][T13642] ERROR: Out of memory at tomoyo_realpath_from_path.
[  913.218402][T13653] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2393'.
[  913.335204][T13658] bond0: (slave batadv_slave_0): Error: Device can not be enslaved while up
[  913.973086][   T36] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  914.123306][   T36] usb 2-1: Using ep0 maxpacket: 16
[  914.166258][T13678] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2402'.
[  914.345471][   T36] usb 2-1: config 5 has an invalid interface number: 168 but max is 0
[  914.345565][   T36] usb 2-1: config 5 has no interface number 0
[  914.346434][   T36] usb 2-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[  914.346508][   T36] usb 2-1: config 5 interface 168 altsetting 7 bulk endpoint 0x8B has invalid maxpacket 1024
[  914.346577][   T36] usb 2-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0x23, changing to 0x3
[  914.346646][   T36] usb 2-1: config 5 interface 168 altsetting 7 endpoint 0x3 has invalid wMaxPacketSize 0
[  914.346712][   T36] usb 2-1: config 5 interface 168 has no altsetting 0
[  914.492547][   T36] usb 2-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[  914.492579][   T36] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  914.492600][   T36] usb 2-1: Product: syz
[  914.492614][   T36] usb 2-1: Manufacturer: syz
[  914.492628][   T36] usb 2-1: SerialNumber: syz
[  914.546727][T13668] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  914.826267][   T36] pn533_usb 2-1:5.168: NFC: Could not find bulk-in or bulk-out endpoint
[  914.885564][   T36] usb 2-1: USB disconnect, device number 57
[  916.315085][T13693] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2406'.
[  917.533764][T13706] bridge: RTM_NEWNEIGH with invalid ether address
[  917.681668][T13717] FAULT_INJECTION: forcing a failure.
[  917.681668][T13717] name failslab, interval 1, probability 0, space 0, times 0
[  917.681691][T13717] CPU: 1 UID: 0 PID: 13717 Comm: syz.2.2413 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  917.681707][T13717] Tainted: [L]=SOFTLOCKUP
[  917.681710][T13717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  917.681717][T13717] Call Trace:
[  917.681722][T13717]  <TASK>
[  917.681727][T13717]  dump_stack_lvl+0xe8/0x150
[  917.681761][T13717]  should_fail_ex+0x46b/0x600
[  917.681782][T13717]  should_failslab+0xa8/0x100
[  917.681800][T13717]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  917.681815][T13717]  ? __alloc_skb+0x1d0/0x7d0
[  917.681827][T13717]  ? lockdep_hardirqs_on+0x7a/0x110
[  917.681844][T13717]  __alloc_skb+0x1d0/0x7d0
[  917.681858][T13717]  netlink_sendmsg+0x5d4/0xb40
[  917.681874][T13717]  ? __pfx_netlink_sendmsg+0x10/0x10
[  917.681889][T13717]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  917.681907][T13717]  ____sys_sendmsg+0xa4e/0xac0
[  917.681925][T13717]  ? __pfx_____sys_sendmsg+0x10/0x10
[  917.681942][T13717]  ? import_iovec+0x73/0xa0
[  917.681956][T13717]  ___sys_sendmsg+0x2a5/0x360
[  917.681971][T13717]  ? __pfx____sys_sendmsg+0x10/0x10
[  917.682001][T13717]  ? __fget_files+0x2a/0x420
[  917.682012][T13717]  ? __fget_files+0x3a6/0x420
[  917.682029][T13717]  __x64_sys_sendmsg+0x1c3/0x2a0
[  917.682044][T13717]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  917.682061][T13717]  ? __pfx_ksys_write+0x10/0x10
[  917.682081][T13717]  do_syscall_64+0x14d/0xf80
[  917.682110][T13717]  ? trace_irq_disable+0x3b/0x150
[  917.682128][T13717]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.682148][T13717]  ? clear_bhb_loop+0x40/0x90
[  917.682168][T13717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  917.682185][T13717] RIP: 0033:0x7f31eadbc799
[  917.682202][T13717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  917.682218][T13717] RSP: 002b:00007f31e8ff5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  917.682236][T13717] RAX: ffffffffffffffda RBX: 00007f31eb036090 RCX: 00007f31eadbc799
[  917.682249][T13717] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006
[  917.682260][T13717] RBP: 00007f31e8ff5090 R08: 0000000000000000 R09: 0000000000000000
[  917.682270][T13717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  917.682281][T13717] R13: 00007f31eb036128 R14: 00007f31eb036090 R15: 00007ffff9a2be38
[  917.682308][T13717]  </TASK>
[  918.623077][   T36] ------------[ cut here ]------------
[  918.623091][   T36] faux_driver vkms: [drm] vblank wait timed out on crtc 0
[  918.623117][   T36] WARNING: drivers/gpu/drm/drm_vblank.c:1320 at drm_crtc_wait_one_vblank+0x357/0x500, CPU#1: kworker/1:1/36
[  918.623284][   T36] Modules linked in:
[  918.623306][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/1:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  918.623334][   T36] Tainted: [L]=SOFTLOCKUP
[  918.623342][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  918.623355][   T36] Workqueue: events drm_fb_helper_damage_work
[  918.623453][   T36] RIP: 0010:drm_crtc_wait_one_vblank+0x4b6/0x500
[  918.623486][   T36] Code: e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ef e8 2a c0 d4 fc 4d 8b 7d 00 48 89 df 4c 89 e6 4c 89 fa 44 89 f1 <67> 48 0f b9 3a 48 8b 3c 24 44 89 f6 e8 e9 f4 ff ff b8 92 ff ff ff
[  918.623503][   T36] RSP: 0018:ffffc90000ad78e0 EFLAGS: 00010246
[  918.623520][   T36] RAX: 1ffff11004b06400 RBX: ffffffff8f751120 RCX: 0000000000000000
[  918.623535][   T36] RDX: ffffffff8bbf30c0 RSI: ffffffff8bc0efc0 RDI: ffffffff8f751120
[  918.623551][   T36] RBP: ffffc90000ad79c8 R08: 0000000000000000 R09: 0000000000000000
[  918.623564][   T36] R10: dffffc0000000000 R11: fffffbfff1ed4637 R12: ffffffff8bc0efc0
[  918.623579][   T36] R13: ffff888025832000 R14: 0000000000000000 R15: ffffffff8bbf30c0
[  918.623594][   T36] FS:  0000000000000000(0000) GS:ffff888126440000(0000) knlGS:0000000000000000
[  918.623609][   T36] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  918.623624][   T36] CR2: 0000001b2e923ffc CR3: 000000005e52a000 CR4: 00000000003526f0
[  918.623641][   T36] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  918.623654][   T36] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  918.623667][   T36] Call Trace:
[  918.623675][   T36]  <TASK>
[  918.623689][   T36]  ? __pfx_drm_crtc_wait_one_vblank+0x10/0x10
[  918.623720][   T36]  ? rt_spin_unlock+0x14f/0x200
[  918.623744][   T36]  ? __pfx_autoremove_wake_function+0x10/0x10
[  918.623778][   T36]  ? rt_spin_unlock+0x160/0x200
[  918.623804][   T36]  ? drm_vblank_get+0x147/0x260
[  918.623836][   T36]  drm_client_modeset_wait_for_vblank+0xc5/0xf0
[  918.623868][   T36]  drm_fb_helper_damage_work+0x131/0x6f0
[  918.623910][   T36]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  918.623947][   T36]  ? process_scheduled_works+0xa25/0x1830
[  918.623975][   T36]  ? process_scheduled_works+0xa25/0x1830
[  918.624006][   T36]  process_scheduled_works+0xb02/0x1830
[  918.624065][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  918.624101][   T36]  ? assign_work+0x3d5/0x5e0
[  918.624141][   T36]  worker_thread+0xa50/0xfc0
[  918.624200][   T36]  kthread+0x388/0x470
[  918.624222][   T36]  ? __pfx_worker_thread+0x10/0x10
[  918.624250][   T36]  ? __pfx_kthread+0x10/0x10
[  918.624273][   T36]  ret_from_fork+0x51e/0xb90
[  918.624307][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  918.624333][   T36]  ? __switch_to+0xc7d/0x1450
[  918.624376][   T36]  ? __pfx_kthread+0x10/0x10
[  918.624399][   T36]  ret_from_fork_asm+0x1a/0x30
[  918.624438][   T36]  </TASK>
[  918.624456][   T36] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  918.624473][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/1:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  918.624500][   T36] Tainted: [L]=SOFTLOCKUP
[  918.624507][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  918.624520][   T36] Workqueue: events drm_fb_helper_damage_work
[  918.624550][   T36] Call Trace:
[  918.624559][   T36]  <TASK>
[  918.624567][   T36]  vpanic+0x56c/0xa60
[  918.624608][   T36]  ? __pfx__printk+0x10/0x10
[  918.624631][   T36]  ? __pfx_vpanic+0x10/0x10
[  918.624660][   T36]  ? is_bpf_text_address+0x292/0x2b0
[  918.624688][   T36]  ? is_bpf_text_address+0x26/0x2b0
[  918.624724][   T36]  panic+0xc5/0xd0
[  918.624754][   T36]  ? __pfx_panic+0x10/0x10
[  918.624794][   T36]  ? ret_from_fork_asm+0x1a/0x30
[  918.624819][   T36]  __warn+0x315/0x4f0
[  918.624848][   T36]  ? drm_crtc_wait_one_vblank+0x357/0x500
[  918.624881][   T36]  ? drm_crtc_wait_one_vblank+0x357/0x500
[  918.624913][   T36]  __report_bug+0x29a/0x540
[  918.624984][   T36]  ? drm_crtc_wait_one_vblank+0x357/0x500
[  918.625016][   T36]  ? __pfx___report_bug+0x10/0x10
[  918.625064][   T36]  report_bug_entry+0x19a/0x290
[  918.625092][   T36]  ? drm_crtc_wait_one_vblank+0x4b6/0x500
[  918.625128][   T36]  ? drm_crtc_wait_one_vblank+0x4bb/0x500
[  918.625159][   T36]  handle_bug+0xca/0x200
[  918.625191][   T36]  exc_invalid_op+0x1a/0x50
[  918.625222][   T36]  asm_exc_invalid_op+0x1a/0x20
[  918.625242][   T36] RIP: 0010:drm_crtc_wait_one_vblank+0x4b6/0x500
[  918.625273][   T36] Code: e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ef e8 2a c0 d4 fc 4d 8b 7d 00 48 89 df 4c 89 e6 4c 89 fa 44 89 f1 <67> 48 0f b9 3a 48 8b 3c 24 44 89 f6 e8 e9 f4 ff ff b8 92 ff ff ff
[  918.625291][   T36] RSP: 0018:ffffc90000ad78e0 EFLAGS: 00010246
[  918.625308][   T36] RAX: 1ffff11004b06400 RBX: ffffffff8f751120 RCX: 0000000000000000
[  918.625323][   T36] RDX: ffffffff8bbf30c0 RSI: ffffffff8bc0efc0 RDI: ffffffff8f751120
[  918.625358][   T36] RBP: ffffc90000ad79c8 R08: 0000000000000000 R09: 0000000000000000
[  918.625371][   T36] R10: dffffc0000000000 R11: fffffbfff1ed4637 R12: ffffffff8bc0efc0
[  918.625387][   T36] R13: ffff888025832000 R14: 0000000000000000 R15: ffffffff8bbf30c0
[  918.625424][   T36]  ? __pfx_drm_crtc_wait_one_vblank+0x10/0x10
[  918.625454][   T36]  ? rt_spin_unlock+0x14f/0x200
[  918.625476][   T36]  ? __pfx_autoremove_wake_function+0x10/0x10
[  918.625509][   T36]  ? rt_spin_unlock+0x160/0x200
[  918.625533][   T36]  ? drm_vblank_get+0x147/0x260
[  918.625566][   T36]  drm_client_modeset_wait_for_vblank+0xc5/0xf0
[  918.625596][   T36]  drm_fb_helper_damage_work+0x131/0x6f0
[  918.625637][   T36]  ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[  918.625674][   T36]  ? process_scheduled_works+0xa25/0x1830
[  918.625702][   T36]  ? process_scheduled_works+0xa25/0x1830
[  918.625732][   T36]  process_scheduled_works+0xb02/0x1830
[  918.625789][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  918.625824][   T36]  ? assign_work+0x3d5/0x5e0
[  918.625858][   T36]  worker_thread+0xa50/0xfc0
[  918.625915][   T36]  kthread+0x388/0x470
[  918.625937][   T36]  ? __pfx_worker_thread+0x10/0x10
[  918.625964][   T36]  ? __pfx_kthread+0x10/0x10
[  918.625987][   T36]  ret_from_fork+0x51e/0xb90
[  918.626020][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  918.626047][   T36]  ? __switch_to+0xc7d/0x1450
[  918.626076][   T36]  ? __pfx_kthread+0x10/0x10
[  918.626099][   T36]  ret_from_fork_asm+0x1a/0x30
[  918.626143][   T36]  </TASK>
[  918.626288][   T36] Kernel Offset: disabled