last executing test programs:

1m23.868747806s ago: executing program 1 (id=4182):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000100)=@ethtool_flash={0x33, 0x7f, './file0/../file0/file0\x00'}})
ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r5=>0x0})
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5, {}, {0x0, 0xfff3}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)={0x17e})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1ff)
ioctl$FBIOGETCMAP(r0, 0x4604, &(0x7f0000000200)={0x9, 0x2, &(0x7f0000000000)=[0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0], 0x0})
lremovexattr(&(0x7f0000000240)='./file1\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="f95baf7384588811aa24b66b2ca7757365208e70ac"])
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r7 = io_uring_setup(0x1612, &(0x7f0000000200)={0x0, 0x0, 0x3040})
io_uring_register$IORING_REGISTER_BUFFERS2(r7, 0xf, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r7, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0}, {0x0}], 0x0, 0x3}, 0x20)
close(0x3)
socket(0x2, 0x80805, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)

1m22.463887315s ago: executing program 1 (id=4191):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xa4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x404e084)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000b00)=""/4096, 0x1000, 0x1, 0x0}, &(0x7f0000000180)=0x40)
shutdown(r0, 0x1)

1m22.196933302s ago: executing program 1 (id=4194):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[], 0x56c}, 0x1, 0x0, 0x0, 0x20048000}, 0x915)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r1)
r2 = getpgrp(0xffffffffffffffff)
fcntl$setown(r0, 0x8, r2)
sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x1c}}, 0x4044057)

1m21.991581021s ago: executing program 1 (id=4195):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x4000005, &(0x7f0000000240))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
request_key(0x0, 0x0, 0x0, 0xfffffffffffffffe)
r0 = socket$xdp(0x2c, 0x3, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x5, 0x7a880bb668777da9, 0x0, 0x7}, 0x9c)
close_range(r0, r0, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = syz_open_dev$ttys(0xc, 0x2, 0x0)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x1263, 0x3c00, 0x2, 0xbfdffffb, 0x0, r2}, &(0x7f0000000200)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x1223}})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000040)=0x8001)
ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000000)={0x1, 0x4, 0x60, 0x7f, 0x17, "9f9413a4d68de2d71b63e573229ac6de50806c"})
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x24000, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75705f69033d", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24000000)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x77359400}, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x1, &(0x7f0000000180), &(0x7f0000000080)=0x80)

1m20.780914528s ago: executing program 1 (id=4201):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'veth1_to_bridge\x00', <r1=>0x0})
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000100)={@local, 0x0, r1})

1m19.635232478s ago: executing program 1 (id=4208):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x2000400}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x176}}], 0x400000000000172, 0x4000000)

1m18.990277545s ago: executing program 32 (id=4208):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x2000400}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x176}}], 0x400000000000172, 0x4000000)

11.432507247s ago: executing program 0 (id=4498):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x4885, 0x100, 0x3, 0x1d}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000600)=<r6=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000040)={&(0x7f0000002000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x40002202, 0x1, {0x1}})
io_uring_enter(r4, 0x3516, 0xeffd, 0x0, 0x0, 0x0)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x1)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, 0x0)
r7 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f00000002c0)={0xf0f044, 0x800})
poll(&(0x7f00000000c0)=[{r7, 0xe7d4c009da6c1985}, {r7, 0x201}], 0x2, 0x4)
r8 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)={0x28, 0x14, 0x119, 0x0, 0x0, {0x10}}, 0x28}, 0x1, 0x2c}, 0x0)
unshare(0x22020400)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x6dc, 0x4, 0x3, 0x2000, 0xffffffffffffffff, 0x800000}, 0x50)
write$P9_RRENAME(r4, &(0x7f0000000200)={0x7, 0x15, 0x1}, 0x7)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r9, 0x8983, 0x0)

9.68996985s ago: executing program 3 (id=4501):
socket$inet(0x2, 0x1, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
epoll_create1(0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4b, 0x9, 0x8, 0x0, 0x400003}, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$6lowpan_control(r3, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={<r6=>0xffffffffffffffff}, 0x13f, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r5, &(0x7f0000000140)={0x13, 0x10, 0xfa00, {&(0x7f0000000700), r6, 0x2}}, 0x18)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r4, &(0x7f00000001c0)={0x15, 0x110, 0xfa00, {r6, 0x1, 0x0, 0x0, 0x0, @ib={0x1b, 0x1, 0x6, {"ec48ec694b96429cea4a1f5d456505d9"}, 0xffffffffffffffff, 0x7, 0x7}, @in={0x2, 0x4e24, @broadcast}}}, 0x118)
ioctl$SOUND_PCM_READ_CHANNELS(0xffffffffffffffff, 0x80045006, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x2, 0x2, 0x0, 0x2, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x41}}}, @sadb_x_sa2={0x2, 0x13, 0xa, 0x0, 0x0, 0x70bd29}, @sadb_x_kmaddress={0x5, 0x19, 0x0, @in={0x2, 0x4e21, @loopback}, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, @sadb_key={0x2, 0x8, 0x18, 0x0, '\x00\x00\x00'}]}, 0x70}, 0x1, 0x7}, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19)
write$6lowpan_control(r3, &(0x7f0000000300)='connect aa:aa:aa:aa:aa:11 1', 0x1b)
sendmsg$TIPC_NL_PEER_REMOVE(r0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="29bd7000fbdbdf25000000000c0004010000000000000000"], 0x20}, 0x1, 0x0, 0x0, 0xc000}, 0x4000000)
socket$inet6(0xa, 0x800, 0x2)
syz_open_dev$vim2m(&(0x7f0000007d80), 0x6, 0x2)
socket(0x29, 0x3, 0xfffffffc)

9.366533484s ago: executing program 0 (id=4502):
r0 = socket(0x2b, 0x80801, 0x1)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f0000000240)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x94}, 0x80, 0x0}, 0x0, 0x4040000, 0x1})
syz_usb_connect(0x0, 0x11ed, &(0x7f0000000700)={{0x12, 0x1, 0x310, 0xc4, 0xf4, 0xf5, 0x40, 0x789, 0x10c, 0x3899, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x11db, 0x3, 0x0, 0x4, 0x0, 0x6, [{{0x9, 0x4, 0x6c, 0x6, 0x10, 0x2d, 0x31, 0xa5, 0x34, [@cdc_ecm={{0x9, 0x24, 0x6, 0x0, 0x0, "e6245825"}, {0x5, 0x24, 0x0, 0x6077}, {0xd, 0x24, 0xf, 0x1, 0x4, 0x0, 0x5}, [@mbim_extended={0x8, 0x24, 0x1c, 0x6a64, 0xfc, 0x2}, @ncm={0x6, 0x24, 0x1a, 0xfff8, 0x21}]}, @cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, '\v'}, {0x5, 0x24, 0x0, 0xfff}, {0xd, 0x24, 0xf, 0x1, 0xff, 0x400, 0x1ef4, 0x8}, {0x6, 0x24, 0x1a, 0x7, 0x37}}], [{{0x9, 0x5, 0x2, 0x2, 0x40, 0x5, 0x1, 0x2, [@generic={0x55, 0x9, "8f6183fc6c58e7b36d7ffed90ed2ed1124099561d843851fa3a846ed68610530a338b6af5915c425bfd00c48de49254d63a86cad7c17bbdb845a55256a23cb6595afe4e194197a3d8feeea93cb2264bc540e1e"}, @generic={0xe8, 0x4, "c68535f0737a8d53a34b2c7b50f6ee25f245f505109b1c3101683d105a14ea3b5423a4b2ef0fbadf24ff23a20a8e515940daefcd42a7ea9e5fd4950568077ec0d98da0b8a2522c4a73a6363534213978a7c3d807daad04d37a2cd421009c1dda051d3cb26ef126843ad0a4efb5d2b031544a3e612e2fa82597525904cbc8fc04baddb31759f7bf1817b5e1eb82f1b0b2275f55eb196cc12be2725b9289e8916df16fe59a69610d2d5b5747f3de1bfbd5ca529009b7dff65c94666a48b1ce30d70deb2bc1e4895ead2a707eda68eccffd923fd416224506cd8b41a22e6279589e996fc8709095"}]}}, {{0x9, 0x5, 0xf, 0x0, 0x8, 0x8, 0x72, 0x9}}, {{0x9, 0x5, 0x2, 0x0, 0x40, 0x7, 0x5, 0x5, [@generic={0x8a, 0x7, "6c040c0dcce76075cb4ee85ebfc92ea3676f7057f3c0b5f850ef29b439bd1848913671308cf47c83cf008f697e7bad538c9ec6aa522b3a7b6a0ef3b8924ef8d94758b59deaff96038f6bfbd0ece73ff932fefd5e7f3272da7b8c377549c26409bd4becfbe41ac3dbc9fac8c560b8b71f9caf3e0543b5c0791cf74de43ec46ac8119e4ee0a1fddbb0"}, @generic={0x19, 0x1, "43057de1ef55a4eda694346381c5ea8701fb3b2ce703c4"}]}}, {{0x9, 0x5, 0xc, 0x10, 0x20, 0x6, 0x2, 0xfc, [@generic={0xc3, 0x22, "b082b8ae534765499b184ff073b192075b14f1fd6a850384eb2b088a73661e661804bbc332dfc1f4426ff05b2798d9dcb46260fba39979a08c9168b729ba42ec45b034a6909bd0ac79bb49fe1c5050a83d832aecfa09fc1f543888d93035e0dd134805df7c05e6458fe73624c5088ce8bf3004b09dc6072c194e9d57b5cb60fc18abd744fee9e274e79e523ca65ea3563624108cf2e941b8dc837e5614e409de90b524b2314c65358a5ab9afc943d078889fed586fc1eedb8979eaebf5ad3d30c6"}, @uac_iso={0x7, 0x25, 0x1, 0x83, 0x1, 0xcc68}]}}, {{0x9, 0x5, 0xb, 0x0, 0x3ff, 0x4, 0x0, 0x7, [@generic={0xbd, 0x2, "d3db70a2f29e49bda87277f66f97e452cd8ddc256782072265f9e07f9272d325344e3e25f0e684166920a26cdf6e359085a8da47a23512c5de7f6d17d20be68b339a8ade1ffc162130cef41b83aa1cd157fdab6624b6601d702bba87c43b8b174f0b8b048dd37d67b1f35da78aaf5af97601e059cd6d86069ce93cbbb333dad105c853751625b002f5f041ceffc808f44601150053b3f3615a98ac9c3877a6040ebe184dce6c4468bd96c27fd63d7fc9d33af6034c41e50e87992d"}, @generic={0xbe, 0x4, "1484dbe4ca585c8d21f0d16168ad45d8c5514b6fc64993ac358e9a7521d9ee8e281cd5c198a22c887b871426c36c62c30b1e9667d270a9f549eb1eaf2b97faa1ddb9c7667a31dc064c5ce81bc6e8df1072b8d1e24e3b8961cd9b5d3e7886310fa110ee84025d91e0e4446b463a74e0e95531c89277927c1054b5a693e8f6ac47d9386bc6b5e97d45547e2ef7308fe41d438d73447c6bcbe7430cf75cafd8b2129c648e3c64a15c57c21138a1a97e671046c8bfb23f5cf3624d02b247"}]}}, {{0x9, 0x5, 0x6, 0x2, 0x200, 0xf8, 0x9, 0x0, [@generic={0x51, 0xf, "4dbcf081aed1347568ad87e222061e2d4a712aae4d7ef8a49c460bb1926afbb4ea07ed3ba1e7cb0b6931b600baa19a5882c5c73f3ffbdf5e972f05bfe36ae8514335b17f26162b8ba37e7fff6aa4b2"}, @generic={0xed, 0x23, "2b5058f63bf501b1648d5755aef922e035e0cced5c5d86a47b2c6a251d5337d41f599a90b1c6f162af811e177b3da521c72fffb7bdebe9dba55da5b5a6be5419420e10e29dc747602054f9362a26a7b5e7e9efa94b10fc462e154dc31a38fe7c967814ca0cff8610e1d630eceee2c257dbf049293cb4d8791e6cb1a15e82dce934e55dd5f8bc8d002c4cd61c5fff6042bb3842ccddb07206766736e57f15404db0596821b7482a988433c8f050a28a3035e9ed6f5648eba9f64d6a2d1c3b3696700180fc926d2694f1aab2231e0bf408a7fe95bc0c92eb38683af0a3d6775d9bfee63b377f5330b8c00984"}]}}, {{0x9, 0x5, 0x5, 0x10, 0x400, 0x99, 0xc1, 0x5}}, {{0x9, 0x5, 0x0, 0x10, 0x200, 0x80, 0x6, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0xc, 0x77}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0xfc, 0x4}]}}, {{0x9, 0x5, 0x9, 0x0, 0x40, 0x4, 0x7, 0x7, [@generic={0x69, 0x0, "20855b64b13ffcaa1c723fe1c3256b7650b05db41968cf5a4c56e968a26f0e323e6720557b1fd2b5e112bec8bfc469986f5316e84f2039792589ab713d1d1f62c469bf7ba789f806d58cb70cc9af33bc38e696279198c52268e5503833b20c8a73fe47ce11aafe"}]}}, {{0x9, 0x5, 0xd, 0x3, 0x20, 0x2, 0x3, 0x7, [@generic={0xb7, 0x31, "4c5f808b332a640adc17c0c029fb8c15d10a5936263e1c6038b750b989ae4436e5bd9049642c3b8851f9c5b6cbbf9b2ead39f937d781d7a7b9407741e42885baca8d452736037d8ad3bfd585822b3f72de86e4d1c78ec153fed73abc51434afdef53d28dc3756971652c875f0d71461237f34eddd5630200a5739f8471e52b9169e278baadd2d7f4a4b4ff42f0c39b7f22c0ffdba1a91b72778db4d026bb4427fb470d5815cc8758a92e655ebd99fc423212c2f5ee"}]}}, {{0x9, 0x5, 0x8, 0x10, 0x8, 0x6, 0x81, 0xc, [@generic={0x5e, 0xc, "d57afbe104bde9d4108f665d322d2ce6a3bbf2a3e03b2ac0490e78c3132ffcbc101b5b7749a8df54baac0c9ecc2ae00eba42ac9160802871dbd6b4943fc5052f1672e7350c1f7587526274b2d039374d4cf6d5d9289070b4686f2043"}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0xb, 0xa55b}]}}, {{0x9, 0x5, 0x2, 0x11, 0x0, 0xf9, 0x5, 0x4}}, {{0x9, 0x5, 0x3, 0x10, 0x20, 0xf1, 0x6, 0xff, [@generic={0x61, 0xd, "d8623c553a450663871200e2a31e6d6238b93a2cd50effd2f8d2145f9d59372c794d503ea058debca6b1768c1db36accc731b3a92befc6db44dbef401621d1e549a62cf8074ef687b3ae4cfe9c85cdb06c9f009359b9628eab6350363536a5"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x20, 0x24, 0x7, 0x7}}, {{0x9, 0x5, 0xa, 0x1, 0x8, 0xfe, 0x80, 0x4, [@generic={0xa4, 0x5, "6aafea93a27631b912a49dfa5f452a43c1ed91f2fb7548186ee008685a52b2385389c746ea07753fa0e179ac586edf85db73c0b6c512732b6d17cefeb967afa459ca19be713b35ed4a22c256f0103ebae21abe70abfa7158ed2d631213cff6471d1a2669712fd2c06ebf9dabef00caa3b66b900f710d54ea30a5558796108fd70fa44598578644c8eba00ef107fd11774d8271a5f4674fb8338c8cc60d545247623e"}]}}, {{0x9, 0x5, 0xd, 0x0, 0x40, 0x6, 0x4, 0x3d, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x1, 0xe2}]}}]}}, {{0x9, 0x4, 0xd1, 0x1, 0xf, 0xf9, 0xf, 0xed, 0x5, [@hid_hid={0x9, 0x21, 0x3419, 0x7, 0x1, {0x22, 0x52b}}, @hid_hid={0x9, 0x21, 0x5, 0x7f, 0x1, {0x22, 0x758}}], [{{0x9, 0x5, 0x4, 0x3, 0x3ff, 0x1, 0x80, 0x8, [@generic={0x54, 0x10, "23c3ff9336fe4b18c972ea60c0de00c90bc34f3888701efe04fff89bc7b58e16006a956d32728d2bc4f6d456cfc7503314550abc37528155fc518f8630c24757134ca5306c99ce7c8acda85d3a53ec69a77b"}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0xd, 0x2}]}}, {{0x9, 0x5, 0xd, 0x4, 0x10, 0x8, 0x9, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x40}]}}, {{0x9, 0x5, 0xd, 0x10, 0x3ff, 0x0, 0x6, 0x7f, [@generic={0xfd, 0x5, "d74136ab640dbf54ff2b00ebe77df1d2583e963111cabacd9301595c125c854118ab8ea4b7eb8741ea9c5522994fd82993d3126174914068bcbad100007414e26b05a7354525a90f4696ec6a2ca9a517c72a4649a3bba00a7b0b22b90527203e01930c0c9eec8532c8bf55198113893ec50750800550c0615d64ace1386815d01f5a36ada6ab3ab0f63725163dc02e5f2a5d40e9362cbbd64d33e04c65081b6bca1346d7dcac60bec15359f86bfe3873355853e25d64cfcdfa74e26324d93b8abdfa64785ae3f58b42cc1e6977dc3d36833e23c44f9959aa5087500dec420dc8af70c62928c20057e60db315f79fa2b9450bbcdf85bc30c8fb027b"}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x7, 0xd}]}}, {{0x9, 0x5, 0x2, 0x1, 0x200, 0x54, 0x2, 0x8f, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x0, 0x4}, @generic={0x62, 0xd, "e9b8340f9d24b0f96f56815ec305db5f6a661b9ed86600287b255718cd3669c47b38f8588f2b903560eb8bf25b296268359e3b61db545a965f5339931eee6dabf1c40322e098e5f43d893a237996c959552bbfd646cfa701f31e1bd66080794a"}]}}, {{0x9, 0x5, 0xe, 0xc, 0x40, 0x2, 0x9, 0x84, [@generic={0x9b, 0x24, "2a58bc6346e5b15b0125110e188ed1363db4cf8cf4629d4c17853fc4c0fdc1cf3af76b50168a622ef7c9c1255392968f310e1946e8b1693969295d33a2c012c8ae3aebe09e075b6bebfc6948f9d478148b2bee33ea34fe03c09468689588c4ac22b1abecff8364bcf896d7b1c89c33d94a85e3ceccdbb1bc2b039dbef59c9f8165eae31a776fe902c3323de63eb85f0f890b2eea41afc0f5f4"}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x40, 0x3}]}}, {{0x9, 0x5, 0xa, 0x8, 0x200, 0xb, 0xfa, 0xc}}, {{0x9, 0x5, 0x8, 0x0, 0x20, 0x5b, 0x0, 0x7}}, {{0x9, 0x5, 0x3, 0x3, 0x8, 0x1, 0x7, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x2, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x81, 0xd}]}}, {{0x9, 0x5, 0x8, 0x10, 0x400, 0x8, 0x40, 0xe}}, {{0x9, 0x5, 0x5, 0x3, 0x20, 0xf8, 0x1, 0xd, [@generic={0xc, 0x10, "c22c603643063012a555"}, @uac_iso={0x7, 0x25, 0x1, 0x83, 0x4, 0x1}]}}, {{0x9, 0x5, 0xa, 0x0, 0x200, 0x9, 0xb, 0xed}}, {{0x9, 0x5, 0x3, 0x10, 0x400, 0x2e, 0x0, 0xce, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x3, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x1, 0x44}]}}, {{0x9, 0x5, 0x3, 0x10, 0x3ff, 0x4, 0x4, 0x5}}, {{0x9, 0x5, 0xf, 0xc, 0x648, 0x3, 0x8}}, {{0x9, 0x5, 0x8, 0x4, 0x20, 0x84, 0x12, 0x7f, [@generic={0xab, 0x22, "1053d1beee69c0b6aff626e2f0c7a3fdb51d4edbd15b34c21e974b32ac4f2ae61d69724bedcc75bf77a54befb00e699bf6795858f9d7a3feadbdf92c5798115244c93294b614d6ad16416ac2ea245683e67ed6afc90645d63c119a40a9625c04e81e32c9ed2e7694dca80981ea3bdce634f6b6aa57d60d337df25fd3a17e56c05da3e1d57bf115a633f2101d70d3edd526d5cddaf4add58db30cc3cc0d10c14be80a8214f390fbf38a"}]}}]}}, {{0x9, 0x4, 0xad, 0x5, 0xc, 0xe, 0x85, 0xca, 0xf0, [], [{{0x9, 0x5, 0xa, 0x2, 0x3ff, 0x75, 0x7, 0xa}}, {{0x9, 0x5, 0xe, 0x2, 0x40, 0x79, 0x4, 0x0, [@generic={0xbb, 0xb, "4f74f2fa7257089ec786c86f427443e58ae9b9e8c70f653dd2344519cee4316e3c72aa487de78ecd5a787f5f12d5f2f39e556cbb59946acfd4fdc327c7aa228763504584c971367254a071bb07b1eb091ecb5478a7182037f0ae55fd6ea91bdb44a14fd11f0e331372461b578e46a96c7627df4d569ae4f23f767e561aea45eabbbaa85b00e464c07840eb5999d1f3a6c9c648d9acae08f595ceb92db0eaa488aed6b71d2013e99bfebeaf6108f1d9b9deabb1a8a64b71c422"}]}}, {{0x9, 0x5, 0xc, 0x10, 0x270, 0x2, 0x8, 0xf4, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x3, 0x50}]}}, {{0x9, 0x5, 0x8, 0x2, 0x10, 0xee, 0xed}}, {{0x9, 0x5, 0x4, 0x10, 0x8, 0x10, 0x9, 0xbd, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x1, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x6, 0x3}]}}, {{0x9, 0x5, 0x2, 0x10, 0x200, 0x80, 0xff, 0x40, [@generic={0x12, 0xc, "82f02670b7f4bf6d88571176800a9513"}, @generic={0x9, 0x8, "9e05486f9f3c05"}]}}, {{0x9, 0x5, 0xc, 0x10, 0x10, 0x1, 0x3, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x4}, @generic={0xba, 0x1, "0f977dcedf9db90a327aab75d7616c38aa096190c51b0783feda880eda1db4e92b349486e034799f1ea233286411194c1b5bf697ce3914fd8cd57ff71a9b56ea3d1ade01d2064b12f437ed4179413c0bc7dc44dff2cfa9b3199bac6feb58d0f892d485337ca0084bf0b16317e4552f1dd14e86cf096d703310e50ba5470ef45fda9d5d91a06cbb8ba3cad35ee6dd86f6da5e9a26a5c029f1029cc6ae316de9954a663daf4c7951627ffc88cc6cdf088b5e68ae49a072ddaa"}]}}, {{0x9, 0x5, 0xc, 0x10, 0x3bf, 0x3, 0x59, 0x5c, [@generic={0x68, 0x10, "c83d54de9d947dfc99ec974338c5026f40801a32fae7abe43c784b45c5174daff8337b8c8ffec1fb0b338920880912841ccd840727b1759af0ed8d53a4f37db9051ac259498fd761197d2cef2a551a81d2876ef9daacade64e7c517eedae38b67fe5b87ae18e"}, @generic={0xad, 0x0, "54ce00c6099044aa02cef65de53fc2ced519b7d8010da09e55fc1fe848f4d256e3a43858a69dc9d7d8e5313b05c36d20352a3bc0d0bfe6d182c83cdbd3ccb0c9c4f0a77d357452e0c2e622132a60773bef9a5b9ed6f7ef7311e076df476cec01185a4f7367eb534a900d7fd014a8e01a888f69bc96fbe5ea7d8b17dd61a4f3637575a7999fb2f2426eb8a19e5ca7d3391e23a2613c8183a79433c365a3cc192b3b82862e79c73e7680e5f2"}]}}, {{0x9, 0x5, 0x4, 0x0, 0x200, 0x9, 0xbc, 0xc, [@generic={0x81, 0x2, "c39fae1752771c0985afdb86464457f995a3ccfd3d74341d2e966d1945eb8da60636c828f5d4449d84be8a4bab89becf334dc55534ebc0972619c02f488c79092899565fb286ccd1e5f31adf82bf44eb6d88eed518f41ac21b7058e46f2fc0934f3e6c02ecd67107bbfcdd08771f68569ed191ec1c94bd73c81546f205d0b7"}]}}, {{0x9, 0x5, 0x2, 0x8, 0x10, 0x4, 0x70, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x6, 0x40}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x4, 0x5}]}}, {{0x9, 0x5, 0x5, 0x3, 0x20, 0x6, 0x82, 0x79, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xb, 0x7}]}}, {{0x9, 0x5, 0xb, 0x0, 0x20, 0x0, 0x9, 0x4, [@generic={0xdb, 0x10, "c82037ea816a92ba70ce0ac5d9a5df485ace262068c20fa0b88116cf035062f939b603aeda5454f5e6cccab03a49395b1195d7aca17e102820bdbe7247bfd3ff794a052fe13864f0563440486082398ab0931bbd3747af99bdbf830c7bcab7afd5e73b564c727b390f615d96f19ac00696c11406bf68f080d3e5fe826822e8c3c02e3dc4a8ca8c9b45191c15b535e7698ed23cc30ecda7ecff222849da25194aa739c6fff91d1ae1e402ae61894fc190ea847987a71a998e74e59fdc46c8db7d5344018f5fdfdd70d7fa2cda725053843a48db310df8bed3fc"}, @generic={0x5c, 0xa, "30cf424e0aa4cf58fe9e91703ee6b4343d92cbd4c7522c13ec0d3ee92e41c51d5598a25865f3626741e87661024f84ba5d8e6814119d13d322211dbba4530a307d19c221f6dbcae5eff8a6caa3e9741c77938c93f8989148d435"}]}}]}}]}}]}}, &(0x7f0000001ac0)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x200, 0x5, 0x3, 0x6}, 0x177, &(0x7f00000002c0)={0x5, 0xf, 0x177, 0x6, [@wireless={0xb, 0x10, 0x1, 0x8, 0x8, 0x3, 0xe, 0xfffc, 0x5}, @ptm_cap={0x3}, @generic={0x4b, 0x10, 0x3, "a418f3ba1f0551514582a0460b57ec16b2d755ad17f4548e1f7915ac99dfa930909a4c347eebac53b008ad774e751fdb3cae981a597e1ca2867f233480cff3c8bbdc38d7abd45a23"}, @ptm_cap={0x3}, @ssp_cap={0x14, 0x10, 0xa, 0x2b, 0x2, 0xffff, 0xf000, 0x7fff, [0x3c4edb485f2cb793, 0x30]}, @generic={0x102, 0x10, 0xb, "c6d19b8d2cd55244045027b42e2dc145573f8a94e66cd51e3234e1d45922358068aef149b539b7831dc8d5dc39ca6015123dbb1daa481c0416ce93c5aba7f9bad2960ad4c6cc4a31f96f3cbfd91d67194ba35341efc99557d731a6f5cdd3764d11815fba1f8d2d82b80e55017545099be5b667ff9538cfe76cfce9779a0e7a102c20d834ea5a77b35e9863feb115db9ea9eaf833b0163b189c48f0769561d877c69ad009001b69dc9d57ca674fc139b343098e1595b63b29b2594899b063804bb6e70d94167136ea3cf63fac7781c7b42f0fb3030c15515ff88e9d9ab4bbff602086fa746dc854b5a986779b817e80c0a579a9d5c861784e146b11de6a1386"}]}, 0x7, [{0xca, &(0x7f0000000440)=@string={0xca, 0x3, "cf05374237bb1753fdeeb1e53821ef11671d2d761248e5872a1fa6b16c793b7c76d1924d2cc53005ec5305c3b6b895190d3855158d07bb906d07f3e1e7040e4abe342942fffdd48ac8fd925c2bfcfe372d0d33a75b718b44937af68160b5f054c2ebb67593d6fafffe51901032773a84057c252982b23f7692bc9c2779af0091de0d056c30f1dfa4ccb4e7aa25aedc5fe46a65858bb71097c09aa54c0b9066fae0cd04fc81740b6bcca256861ec1247f7f259edd49d728a420f7b4d10a43b54fa575969518cc3656"}}, {0x92, &(0x7f0000000540)=@string={0x92, 0x3, "d2efc2c49fec15d6b7fe53d6e2512a293418ab09f36208bf8a41b2a8751e6672d740f60d0e5f0d959c2973d72b98b5f908c94fdd0d122ebd9ca178b747047e21e2e4f0214753ac6112f7c6eb17482f01dba86e359c9efd69da04c1c002cb7b0c8f9a566b205feccfcc5fae172f445fd7ee2f89ee9bfc4c5a69a65c8405505eeedd81cf80710c057ce223c810d3c463f8"}}, {0x4, &(0x7f0000000600)=@lang_id={0x4, 0x3, 0x421}}, {0xd8, &(0x7f0000001900)=@string={0xd8, 0x3, "360bf49b5c29e11deb5668301c357eb93e027c2d743b8999edfe5eeb09d6a7ced9e2965948aee223d4fff69c869d87867db5fa74a8aa1563d4c14b912dffd9e6499f4c7f2f9038a536a37742dfe11ab4d7e5d8e0b1ad01ddad334b4d6eadbcdc6b380ad8ee1f8ce1937e8f6645d112497a3c4cbc4a3978fd8479d569132f748b3b225ce52ee6228faaf8351fa28b1f3cb9377cd85c60eaabb6d7fdeceaad8a6fa1440e9d7f8a07bf6b76564d05f802fdeb8cb6f855260b844aec0e8a788da04758e205e7bdc094952c9a038fbfc02022517580fc62aa"}}, {0x4, &(0x7f0000001a00)=@lang_id={0x4, 0x3, 0x4001}}, {0x4, &(0x7f0000001a40)=@lang_id={0x4, 0x3, 0xf4ff}}, {0x4, &(0x7f0000001a80)=@lang_id={0x4, 0x3, 0x438}}]})
syz_emit_ethernet(0x35, &(0x7f0000000280)={@local, @local, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x3, 0x23, 0x27, 0x67, 0x0, 0x8, 0x2, 0x0, @remote, @remote}, "4926e18b7c59454fe174339784f6e4911bc95b"}}}}, 0x0)
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e0000001ac1414aa0000000003"], 0x1c)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)={0x10, 0x1419, 0x201}, 0x10}}, 0x840)
setsockopt$inet_mreqn(r5, 0x0, 0x25, &(0x7f0000000080)={@multicast1, @local}, 0xc)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0xab, @local, 0x1}, 0x1c)
setsockopt$inet_tcp_int(r0, 0x6, 0x7, &(0x7f0000000000), 0x4)

8.729291525s ago: executing program 5 (id=4503):
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x48100)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), r0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x8090)

8.545383804s ago: executing program 5 (id=4504):
r0 = socket$inet6(0xa, 0x3, 0x3c)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0x3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000000002010400000000000000000a000000ff29cb50b84ff039f0f6a6cd40282b18d18ed99234990fe99054afd2494abbe54270715b5c203c70970fe25d78b5a6e9c28c887547f2ad3d747a3039eae6741ad0c89510f84f3c0f30a58e1a71986e31582b4507d51d11889e1d2e2405d0e052495b895cb7210efd295d925a41fc732d635baed7857964082d8f6fa3ea"], 0x14}, 0x1, 0x0, 0x0, 0x24000801}, 0x4)
setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, 0x0, 0x11e)
r5 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r5, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r5, 0x8)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendto$inet(r6, 0x0, 0x0, 0x0, 0x0, 0x0)
close(r6)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r7, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
bind$inet6(r7, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r7, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r7, 0x84, 0x77, 0x0, 0x0)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x18)
connect$inet6(r0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x3, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000abe92710b1134200fe760102030109022400010400000009ef080202"], 0x0)

6.244303631s ago: executing program 0 (id=4511):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x2000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0x40}}, './file0\x00'})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x17, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e13d6a206419010015d40102030109021200"], 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c000000040a01030000000000000a0000010900020073797a31000000000900010073797a3100000000"], 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

5.937845536s ago: executing program 3 (id=4512):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
getresuid(&(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000100), &(0x7f0000000140))
read$FUSE(0xffffffffffffffff, &(0x7f0000001000)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
fchown(r0, r4, r5)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000001800110101000000000000000a0080000002ff08002000000c0009000500290e", @ANYRES32=0x0, @ANYBLOB="d937551e611710528ca2d201146ca0310156fa2cf33b10a04597575a9c9c7cc85149ec768c0f8e89f550f1d72f37109cda8fbfb168348efcc8a38eca79a7201f5eb230d7bd9c9cf7fc62584f4081d49dcea9883c44b7f16accfea017764fad2db1a0ceca1645fe230a58b82f1c88ae84b95d624eb9034c2c69a30790d4c1156795e2535c78488425b8ffec705c482a9dfcf75f9550a9f9bf17f4ad4214974b945e53d71f3baa0de73839bc3065f0822f940c6dab27d85832f8"], 0x28}, 0x1, 0x0, 0x0, 0x4805}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='oom_score_adj\x00')
write$sysctl(r7, &(0x7f00000001c0)='2\x00', 0x2)
ioctl$FIONREAD(r7, 0x541b, &(0x7f00000001c0))
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r10)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000cc0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="af6a3bb21c5c39df73e62c0a000008000300", @ANYRES32=r11, @ANYBLOB="0c00990000000000000000000800260080090000"], 0x30}}, 0x4)

5.266246693s ago: executing program 5 (id=4514):
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x48100)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), r0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x8090)

5.147286149s ago: executing program 5 (id=4515):
r0 = socket$kcm(0x2, 0x3, 0x2)
recvmsg$kcm(r0, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x18000)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000150097f87059ae08060c040002ff0f020000000000000187ac1414aaa69d35a2cca84708f7abca1bac1414aabd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$GIO_SCRNMAP(r3, 0x4b40, 0xffffffffffffffff)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0)
r5 = getpid()
getpriority(0x2, r5)
fcntl$addseals(r2, 0x409, 0xb1c25ce47c749b03)

4.896226856s ago: executing program 3 (id=4516):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
modify_ldt$write(0x1, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x640c7400, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000040)={0x0, 0x7ff, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f0000000780)={0x0, 0x80, 0x1, 'queue0\x00', 0x9})

4.436443917s ago: executing program 3 (id=4519):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendto$packet(r0, 0x0, 0x60, 0x4000, &(0x7f0000000100)={0x11, 0x80f3, r2, 0x1, 0x80, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

4.368723417s ago: executing program 4 (id=4520):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b70300000000002085000000720000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/sockstat6\x00')
read$FUSE(r1, &(0x7f00000002c0)={0x2020}, 0x2020)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = epoll_create1(0x0)
r4 = syz_open_dev$media(&(0x7f00000000c0), 0x103, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket(0x840000000002, 0x3, 0xff)
sendmmsg$inet(r5, &(0x7f0000001440)=[{{&(0x7f0000000080)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000540)=[{&(0x7f0000001840)="a905000000007464000100000000000000e5c0d8af7a6417e436a106993e1e5ad8311dab", 0x24}], 0x1}}], 0x1, 0x40000) (fail_nth: 1)

4.356785033s ago: executing program 3 (id=4521):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000440)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc}])
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000083667d1040206402d14e010203010902"], 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000000c0)={0x54, 0x7, 0x9, {0x43, 0x5}, {0x4, 0xfff3}, @const={0x40, {0x100, 0x9, 0x6, 0x35bf}}})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x2d, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r6, r6, r6}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x0, 0x0, 0x0}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)

3.721949883s ago: executing program 5 (id=4524):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x30}}, 0x0)

3.692154047s ago: executing program 4 (id=4526):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0xfefffffe, 0x2)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000280)={0xaa, 0x28})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_mreqn(r3, 0x0, 0x20, 0x0, &(0x7f0000000d00))
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x29, @rand_addr=0x64010102, 0x4e22, 0x4, 'none\x00', 0x12, 0x3, 0xa}, 0x2c)
ioctl$UFFDIO_WRITEPROTECT(r2, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
close_range(r1, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp', 0x5)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000280)='2', 0xfffffe24, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
sendto$inet6(r0, &(0x7f0000000800)="e9", 0x1, 0x10060006, 0x0, 0x0)

3.448796754s ago: executing program 5 (id=4527):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x40101)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r2 = dup(r0)
mmap(&(0x7f000018b000/0x3000)=nil, 0x3000, 0x0, 0x8010, r2, 0x20000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x118d7, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000300)=0x7fe7f, 0x4)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$inet(0xffffffffffffffff, 0x0, &(0x7f0000002280))
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
unshare(0x62040200)
syz_usb_connect(0x0, 0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902"], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x6, @local, 0x101}, {0xa, 0x4e22, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3ff}, 0xffffffffffffffff, 0x74ab}}, 0x48)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x17)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
sendmmsg$unix(r0, &(0x7f000000aa40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="a901eded5901af62755ca8578c46"], 0x18}}], 0x1, 0x4)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x8, 0xb, 0xffff, 0x0, 0x1, 0x0, 0x0, 0x120, 0x2000, 0x0, 0x0, 0x0, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})

3.196628637s ago: executing program 0 (id=4529):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="6c0000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002c0002800c00028005000100000000001400018008000100"], 0x6c}}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_opts(r3, 0x0, 0x4, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000140)={0x2, 0xc000, @remote}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a300000000040000000030a09020000000000000000020000000900010073797a30000000000900030073797a3200000000140004800800014000000000080002400000000014000000110001"], 0x88}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x24, 0x5, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}}, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @local}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "f4cb985d86dd6266b5efb88a2c87eda081bac8b2f9a49d564054f1c9218f47b3", "cf8743eb4d9e776f94a6a58d36e006ac614f6f7bce9217cbfea31675d4a860cf6003977b1e4dbb16dc31cc76522bf19d", "5043edd2a8cc8c41345f8feb1a7a8e23043b8a465b1ed5bf8bc91307", {"c7193f7edd1efc4742dc481e6f57f901", "948177bcc5dea4029ba4683a6bdcd7a1"}}}}}}}, 0x0)
ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f00000000c0))
sendmsg$nl_route(r2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000300), 0xffffffffffffffff)
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r6 = fsopen(&(0x7f0000000000)='autofs\x00', 0x1)
r7 = socket(0x15, 0x80005, 0x0)
getsockopt(r7, 0x200000000114, 0x271a, 0xffffffffffffffff, &(0x7f0000000000)=0x7ffff000)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
r8 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000)
ioctl$VIDIOC_S_SELECTION(r8, 0xc040565f, &(0x7f00000001c0)={0x9, 0x0, 0x3, {0xffffffff, 0x8, 0x2310f251, 0x10000}})
pipe(&(0x7f0000000200))
syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x40, 0x2}, &(0x7f0000002000), &(0x7f0000000000))

2.622867941s ago: executing program 4 (id=4530):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xa4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac65", 0xce}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d6e108a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351", 0x3f}, {0x0}], 0x2}}], 0x2, 0x2090)
sendto$inet(r0, &(0x7f0000000580)="17", 0x12571144d43d7ee5, 0x10008095, 0x0, 0x0)

2.510788273s ago: executing program 4 (id=4531):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket(0x200000000000011, 0x2, 0x0)
syz_usb_connect(0x2, 0x34, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100004e542208d219ccffaa1601020301090222000100000000090406e6030dfe31effc01ffffff0009050810000207050407250100010800a639fb8df06647631d257c140db36d059d4ed3fb86ae0c2d66652b5ecc4dc9503e45467f5aaf8ef8cde74f3f758c01d6f5f644ef8c000000000000"], 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00'], 0x54}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.967488606s ago: executing program 2 (id=4533):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000009c0)="ad56b6c5820fae9d6dcd3292ea54c7be8bbdadbb1632ea5704cae881ef915d374c90c200", 0x24)
r1 = accept4(r0, 0x0, 0x0, 0x800)
syz_io_uring_setup(0x559, &(0x7f0000000340)={0x0, 0x8d2dc, 0x1, 0x1, 0xc5}, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22301, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000180)="f7790066baa00066b86b42460f22c7d466ba420000b8e20066ef0f29902cbb0000c4e2b1ba8c88d90000006666f6440f386b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x4b}], 0x0, 0x4a, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x4d, 0x0, 0x7, 0x0, 0xf84, 0x8, 0x0, 0xe3, 0x5, 0x0, 0x56, 0x3, 0x0, 0x0, 0x4, 0x8, 0x0, 0x7e, 0x0, '\x00', 0x5, 0x2})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendmmsg$alg(r1, &(0x7f0000000c00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@assoc={0x18, 0x117, 0x4, 0x10}, @op={0x18, 0x117, 0x3, 0x1}], 0x30, 0x40040}], 0x1, 0x8040)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x6d00, 0x0)
ioctl$TCSETAF(r5, 0x5408, &(0x7f0000000200)={0x6, 0x2, 0xe5f, 0x9ba7, 0x8, "66dd74c7c606155d"})
sendmsg$RDMA_NLDEV_CMD_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x10, 0x1401, 0x400, 0x70bd25, 0x25dfdbfd}, 0x10}}, 0x0)
recvmsg(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001240)=""/47, 0x2f}], 0x1}, 0x10002)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = io_uring_setup(0x5741, &(0x7f0000000240)={0x0, 0x7c27, 0x0, 0x40, 0xfffffffe})
io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCDARP(r8, 0x8955, &(0x7f00000004c0)={{0x2, 0x0, @broadcast}, {0x0, @random="9f444415c302"}, 0xffffff6f, {0x2, 0x0, @broadcast}, 'veth0\x00'})
accept4$alg(r0, 0x0, 0x0, 0x100000)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x24, 0x1, 0x4, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)

1.963659671s ago: executing program 0 (id=4534):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000052e8e510b1134200c4dc0102030109021b00010000000009044400012eafb200090581b402"], 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x501300, 0x0)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_usb_connect$uac1(0x2, 0xdc, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r3, @ANYRES16=r2], 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x18)

1.777260569s ago: executing program 2 (id=4535):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x80)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000010c0), r2)
sendmsg$NL80211_CMD_GET_MPATH(r2, &(0x7f00000011c0)={0x0, 0x600, &(0x7f0000001180)={&(0x7f0000001100)={0x28, r3, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4004)

1.528138247s ago: executing program 2 (id=4536):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x2000400}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x176}}], 0x400000000000172, 0x4000000)

1.412231341s ago: executing program 2 (id=4537):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000002060101000000000000000000f90003050005000a0000000900020073797a300000000005"], 0x30}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="300000001c0001000000000004086aa42d"], 0x30}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1.340365728s ago: executing program 2 (id=4538):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x800)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x3, @tick=0x8, 0x7, {0x80, 0x1}, 0x0, 0x2, 0xf9})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0xa, 0x8, 0x5}, 0x0)
socket$unix(0x1, 0x1, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40004}, 0x24000)
r5 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r5, 0xc0d05604, &(0x7f0000000100)={0x2, @win={{0xe36a, 0x5, 0xfffff9b6, 0x4}, 0x0, 0xffffffa5, 0x0, 0x10, 0x0, 0x60}})
r6 = fsopen(&(0x7f0000000040)='devpts\x00', 0x1)
r7 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$DCCPDIAG_GETSOCK(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
fsmount(r6, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x8}, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000200)="0fc79f00800000640f79fd660f380a290f20d7c7442400da586a53c744240209c10000c7442406000000000f011424dbd2660f3882aa1ed90000f2f2f20faac4e1605d15ea2d9b5db900080000b877b98af2baf8b357790f30", 0x59}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

1.199934487s ago: executing program 0 (id=4539):
io_setup(0x72, &(0x7f00000003c0)=<r0=>0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
io_submit(r0, 0x1, &(0x7f0000000100)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0xcbee, r1, 0x0, 0x0, 0x5, 0x0, 0x3}])
pipe2$9p(&(0x7f0000000000), 0x0)
getgid()
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000140)={{{@in6=@private2, @in=@empty}}, {{@in6=@mcast1}, 0x0, @in6=@private2}}, &(0x7f0000000040)=0xe8)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
semget$private(0x0, 0x5, 0x1a4)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1, 0x303040)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r4, 0xc1205531, &(0x7f0000000540)={0x1, 0x46, 0x7, 0x5, '\x00', '\x00', '\x00', 0x0, 0x20000000, 0x0, 0x0, "b6855a32674ffa64f778ddcf29c94337"})
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0)
syz_io_uring_setup(0x269, 0x0, &(0x7f0000000280), 0x0)
shutdown(0xffffffffffffffff, 0x1)
signalfd4(r3, 0x0, 0x0, 0x80800)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x8, 0x3, 0x490, 0x0, 0xa, 0x148, 0x0, 0x60, 0x3f8, 0x2a8, 0x2a8, 0x3f8, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0xfff}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x4, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
r7 = syz_clone(0x82001000, &(0x7f0000001800), 0x0, &(0x7f0000001840), 0x0, 0x0)
wait4(r7, 0x0, 0x40000000, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000840)={0x2, r7})

603.718189ms ago: executing program 3 (id=4540):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000001c0)=0x5, 0x4)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000000)=0x1f5, 0x4)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = dup(r1)
move_pages(0x0, 0x2, &(0x7f0000000000)=[&(0x7f0000995000/0x3000)=nil, &(0x7f0000115000/0x3000)=nil], &(0x7f0000000040)=[0xff, 0x1, 0x32], &(0x7f00000000c0)=[0x0, 0x0], 0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r2, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r2, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)=@o_path={&(0x7f0000000100)='./file0\x00', 0x0, 0x8, r1}, 0x18)

277.578221ms ago: executing program 4 (id=4541):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xa4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac65", 0xce}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d6e108a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f", 0x5d}, {0x0}], 0x2}}], 0x2, 0x2090)
sendto$inet(r0, &(0x7f0000000580)="17", 0x12571144d43d7ee5, 0x10008095, 0x0, 0x0)

85.210324ms ago: executing program 2 (id=4542):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000001500)={0x28, 0x4000, 0x0, @my=0x1}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000000000)=0x3, 0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_open_dev$hidraw(&(0x7f0000000000), 0x5, 0x6ca080)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
socket(0x2c, 0x3, 0x3c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xc, 0x8001, 0x0, 0x9, 0x4f, 0x8, 0xfa11, 0x1}, 0x0)
r3 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7c, 0xe)
bind$inet(r3, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000001bc0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x33}}, 0x10)
read$ptp(0xffffffffffffffff, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, 0x0, 0x0)
sendto(r3, &(0x7f0000000740)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3bf52a6b2cdb77ef9af2a603a3e78adff59fbb22bae1b2443011fd801251bcef8f165533aac58c7556dd51edc5a6865d4e29f0bbd0ed602050000000000002944de604d849a1e3b32905b0d26e9ff34b83f38a2ae8b1c6748ef8b87ef2a359249c3e294931489ba57f83f96048684434854ab3b6ad59f45e832972639508fe4dcb371c013bc129572e996a7db94fae8d71a076ec54a28a926e37c7a678a5e16c121f27527bf75fb49d31d41a5", 0xc5, 0x0, 0x0, 0x0)
sendto$inet(r3, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x52, 0x0, 0x0)

0s ago: executing program 4 (id=4543):
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
mq_timedreceive(r0, &(0x7f0000000040)=""/198, 0xc6, 0x1000, &(0x7f0000000140))
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f0000000180)={{0x3, 0x0, 0x5, 0x0, 0x32f2}, 0x1f, 0x10})
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f0000000200)={{0x3, 0x3, 0x5, 0x3, 0xfff}, 0xc, 0x9, 0x32})
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f00000003c0)=@urb_type_interrupt={0x1, {0xb}, 0x8, 0xa0, &(0x7f0000000280)="c274984015b9577924240379d3e2ce6455c0e63da6f43cc1f811fe6d29e4f70c42dbbb5c730c5c91b6878a4858a3cd455cfef4f7325dcbaf536ec30501936b56d82393731446ec9170dc6e63822e5af3e7e57156a06c87b3daf79f7fe6ccb8641b31c821392cd11b23390703dd6d5d4e61b19472e50a0b9a175dd64cdfe1d66a11cdf8613b8d4189d8e1cfc884afc65f41462f4733d59bae66d215a7f20848f2882bc8a2d62bb3156412586a9b299f475affb6a75a1629de8bb7277368c13d6b3aef05fcf4dfacf4dad81cd805a0d4c192", 0xd1, 0xffff3fe9, 0x7, 0x0, 0x2, 0x9, &(0x7f0000000380)="c780781eb68416292001182fcbf9826878cc45c8619ea0e6767e69b9cf1e7f9ddd87cc825ad9281f1282cb7eb6cc668a9457cb50cc26b23f599b53cba0064c12"})
bind$inet6(r0, &(0x7f0000000400)={0xa, 0x4e20, 0x10000, @empty, 0xf}, 0x1c)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000440), 0x80, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000480))
ioctl$SNDRV_TIMER_IOCTL_CREATE(r0, 0xc02054a5, &(0x7f0000000600)={0xb, <r1=>0xffffffffffffffff, 'id0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x1b, &(0x7f00000004c0)=@raw=[@jmp={0x5, 0x1, 0xa, 0x8, 0x7, 0x80, 0x6f5bc6e12b7cf72c}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}], &(0x7f00000005c0)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x68, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000680)={0x3, 0xa, 0x7ff}, 0x10, 0x0, 0x0, 0x8, &(0x7f00000006c0)=[r0, r0, r0, r0, r0, r0, r0], &(0x7f0000000700)=[{0x5, 0x5, 0xf, 0x2}, {0x2, 0x1, 0xc, 0xa}, {0x0, 0x4, 0xc, 0x1}, {0x4, 0x5, 0x2, 0x2}, {0x2, 0x5, 0xd, 0x9}, {0x3, 0x2, 0x7, 0xa}, {0x0, 0x2, 0x7, 0xc}, {0x5, 0x3, 0xa, 0xa}], 0x10, 0x3}, 0x94)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000840), 0x321002, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x2)
lsm_list_modules(&(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000008c0)=0x20, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000900))
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000ac0)={0x3, 0x0, &(0x7f0000000940)=""/127, &(0x7f00000009c0)=""/81, &(0x7f0000000a40)=""/126, 0x1})
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000b00)={0x9cc1, 0x5, 0x3, 0x0, 0x8, "fbbe26876bdf920b"})
write$binfmt_aout(r1, &(0x7f0000000b40)={{0x10b, 0x6, 0x7, 0x33a, 0x21d, 0x28000, 0xec, 0xf8}, "29793b422b7bf6ebc1cd60da4dbd592a8c050edc17c19bf3232613861d3f6e5ced605a74c681c302af36fdc66cad6e042f80a3560eec67d11c9bbbc119c4795342f468c076262ad07f99a8883177bbdea382ef6efed7", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x976)
syz_usb_connect$cdc_ecm(0x5, 0x6e, &(0x7f00000014c0)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x1, 0x1, 0x9, 0xa0, 0x1, [{{0x9, 0x4, 0x0, 0xdb, 0x2, 0x2, 0x6, 0x0, 0x80, {{0x7, 0x24, 0x6, 0x0, 0x0, "149f"}, {0x5, 0x24, 0x0, 0xfff9}, {0xd, 0x24, 0xf, 0x1, 0x10, 0x0, 0x1}, [@acm={0x4, 0x24, 0x2, 0x8}, @acm={0x4}, @obex={0x5, 0x24, 0x15, 0x7fff}, @acm={0x4, 0x24, 0x2, 0x5}, @call_mgmt={0x5, 0x24, 0x1, 0x3, 0x8}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x20, 0x9, 0x2, 0x5}}], {{0x9, 0x5, 0x82, 0x2, 0x8, 0x6, 0x0, 0x5a}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x4, 0x6, 0x1}}}}}]}}]}}, &(0x7f00000018c0)={0xa, &(0x7f0000001540)={0xa, 0x6, 0x310, 0x7f, 0x9, 0xd, 0x20, 0xff}, 0x10, &(0x7f0000001580)={0x5, 0xf, 0x10, 0x1, [@wireless={0xb, 0x10, 0x1, 0x8, 0x29, 0x7, 0x6, 0xfff8, 0x3}]}, 0x6, [{0x4, &(0x7f00000015c0)=@lang_id={0x4, 0x3, 0x441}}, {0x4, &(0x7f0000001600)=@lang_id={0x4, 0x3, 0x1401}}, {0x20, &(0x7f0000001640)=@string={0x20, 0x3, "64fd7c26f17157aed9fb59e27ef8926546fd3ea2dc6019efad45198e5871"}}, {0x3d, &(0x7f0000001680)=@string={0x3d, 0x3, "6166763d19978adad3b2c24d0f0b566ac2ae2726d14b9f959221b62ad9ed1c57be6688cfc2ecf54670f431b0fd094309fe934dc236c5261eed9f9c"}}, {0xde, &(0x7f00000016c0)=@string={0xde, 0x3, "de79d7e883d3b504fdd3dfb1ab00ef618a061ccd5e9a162cce49aee288061bc3a304e87e2097cf0496a95c249a9a59d0295e014baa7b0f180ced6f8eec7025705aa0f3b6e4a04c62d34eb88cf51a85d74d58bd8accce110285b0ed2291bf38bd0974c6e86250a7789628e0df2c31ad98215d7b048f1271d55f55fcbcc415760c49c1f6d213e1b3874a0ea5f0ee25e4b45cad6f34b170a35a80f5dae2d40bb654c571dedec4d3b8c7f238823f50bf920e02f6bf68c137ca72b7e1074dedf861b1cbd7752d1615f7e113dffd7ed034d2ec8bc2951986a8e321093ab2f5"}}, {0xd4, &(0x7f00000017c0)=@string={0xd4, 0x3, "951c2e453f603fbf13383f07ac17b60eda356c24f94024507b622f046c59fa9075be949d7a390d026c43f0f2d37bd600e6f4a9ce5aee9c45a4c6b7549fe71f42f48522d97487dd0d5f6fb7956f79d21f59781f8e4e8f6dd5a82d90b91ebfe46aba94104b549c2fac46a600494f53df21bbb8e7d9dc2f631da73ae64a43d9a6ae8af5ee31d6751d949d5b516adffdb785bc9869f48eba76585427532d4a7a7d696bb18ef3516c507351d9f08fde469ec4bd7a1c288af333dffcb6021c9be537640a627caac0d32d341b6a5aac3628cbc03a0d"}}]})
select(0x40, &(0x7f0000001940)={0x1, 0x100000000, 0x5, 0x4, 0x8000, 0x0, 0x6, 0x3}, &(0x7f0000001980)={0x1000, 0xa90, 0x10, 0x1ff, 0x0, 0x4, 0x80000000, 0x2}, &(0x7f00000019c0)={0x2, 0xffffffffffffffc0, 0xd, 0xfffffffffffffffc, 0x7, 0x1cce46c8, 0x4, 0x8000000000000001}, &(0x7f0000001a00))
r3 = socket$pppoe(0x18, 0x1, 0x0)
listen(r3, 0x9)
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001a40)='/proc/keys\x00', 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001ac0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000001b00)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r5, &(0x7f0000001bc0)={&(0x7f0000001a80)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001b80)={&(0x7f0000001b40)={0x38, r6, 0x20, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x5, 0x6d}}}}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x32}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x8000)
close(r0)
select(0x40, &(0x7f0000001c00)={0x10001, 0x9, 0xd81, 0xffff, 0x5, 0x0, 0xd, 0x8}, &(0x7f0000001c40)={0xa, 0x10, 0x81, 0x0, 0x6, 0x40, 0x5, 0xa}, &(0x7f0000001c80)={0x6, 0x6, 0x0, 0x9, 0x7, 0xa, 0x9588, 0xfffffffffffff912}, &(0x7f0000001cc0))
rseq(&(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={0x0, 0x6, 0x8c10, 0x287, 0x2}, 0x7}, 0x20, 0x0, 0x0)

kernel console output (not intermixed with test programs):

at=0 ip=0x7fda8a98f749 code=0x7ffc0000
[ 1307.428385][T20686] CPU: 0 UID: 0 PID: 20686 Comm: syz.1.4035 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1307.428411][T20686] Tainted: [L]=SOFTLOCKUP
[ 1307.428418][T20686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1307.428429][T20686] Call Trace:
[ 1307.428438][T20686]  <TASK>
[ 1307.428445][T20686]  dump_stack_lvl+0x189/0x250
[ 1307.428470][T20686]  ? __pfx____ratelimit+0x10/0x10
[ 1307.428488][T20686]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1307.428508][T20686]  ? __pfx__printk+0x10/0x10
[ 1307.428543][T20686]  should_fail_ex+0x414/0x560
[ 1307.428573][T20686]  _copy_to_user+0x31/0xb0
[ 1307.428595][T20686]  simple_read_from_buffer+0xe1/0x170
[ 1307.428621][T20686]  proc_fail_nth_read+0x1b3/0x220
[ 1307.428643][T20686]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1307.428664][T20686]  ? rw_verify_area+0x2a6/0x4d0
[ 1307.428681][T20686]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1307.428700][T20686]  vfs_read+0x200/0xa30
[ 1307.428715][T20686]  ? fdget_pos+0x247/0x320
[ 1307.428740][T20686]  ? __pfx___mutex_lock+0x10/0x10
[ 1307.428760][T20686]  ? __pfx_vfs_read+0x10/0x10
[ 1307.428778][T20686]  ? __fget_files+0x2a/0x420
[ 1307.428801][T20686]  ? __fget_files+0x3a0/0x420
[ 1307.428819][T20686]  ? __fget_files+0x2a/0x420
[ 1307.428847][T20686]  ksys_read+0x145/0x250
[ 1307.428866][T20686]  ? __pfx_ksys_read+0x10/0x10
[ 1307.428886][T20686]  ? do_syscall_64+0xbe/0xf80
[ 1307.428907][T20686]  do_syscall_64+0xfa/0xf80
[ 1307.428937][T20686]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1307.428955][T20686]  ? clear_bhb_loop+0x60/0xb0
[ 1307.428979][T20686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1307.428995][T20686] RIP: 0033:0x7fb37078e15c
[ 1307.429011][T20686] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1307.429025][T20686] RSP: 002b:00007fb37157f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1307.429043][T20686] RAX: ffffffffffffffda RBX: 00007fb3709e5fa0 RCX: 00007fb37078e15c
[ 1307.429056][T20686] RDX: 000000000000000f RSI: 00007fb37157f0a0 RDI: 0000000000000006
[ 1307.429066][T20686] RBP: 00007fb37157f090 R08: 0000000000000000 R09: 0000000000000000
[ 1307.429078][T20686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1307.429088][T20686] R13: 00007fb3709e6038 R14: 00007fb3709e5fa0 R15: 00007fb370b0fa28
[ 1307.429117][T20686]  </TASK>
[ 1307.805451][T20688] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1307.817939][T20688] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1307.844608][   T30] audit: type=1326 audit(1766109314.378:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20666 comm="syz.4.4030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda8a98f749 code=0x7ffc0000
[ 1307.848857][T20693] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1307.879790][T20696] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4037'.
[ 1307.896283][T20693] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1307.958219][T20688] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1307.970091][T20688] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1307.988608][T20688] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4036'.
[ 1308.361011][T20716] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1309.015832][T20730] netlink: 'syz.0.4052': attribute type 1 has an invalid length.
[ 1309.024536][   T24] usb 4-1: new low-speed USB device number 114 using dummy_hcd
[ 1309.077078][T20730] 8021q: adding VLAN 0 to HW filter on device bond6
[ 1309.227870][   T24] usb 4-1: config 7 has an invalid interface number: 252 but max is 0
[ 1309.237380][   T24] usb 4-1: config 7 has no interface number 0
[ 1309.255655][   T24] usb 4-1: config 7 interface 252 altsetting 8 endpoint 0xF has an invalid bInterval 232, changing to 4
[ 1309.332890][   T24] usb 4-1: config 7 interface 252 altsetting 8 endpoint 0xF has invalid maxpacket 64, setting to 0
[ 1309.344888][   T24] usb 4-1: config 7 interface 252 has no altsetting 0
[ 1309.502170][   T24] usb 4-1: string descriptor 0 read error: -22
[ 1309.525767][   T24] usb 4-1: New USB device found, idVendor=0681, idProduct=0005, bcdDevice=56.c0
[ 1309.551192][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1309.653325][   T24] idmouse 4-1:7.252: Unable to find bulk-in endpoint.
[ 1309.833477][T20754] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4059'.
[ 1311.153654][ T3663] bridge_slave_1: left allmulticast mode
[ 1311.159547][ T3663] bridge_slave_1: left promiscuous mode
[ 1311.165289][ T3663] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1311.206931][ T3663] bridge_slave_0: left allmulticast mode
[ 1311.215623][ T3663] bridge_slave_0: left promiscuous mode
[ 1311.237753][ T3663] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1311.695106][T20766] usb usb8: usbfs: process 20766 (syz.3.4048) did not claim interface 0 before use
[ 1313.280647][T11967] usb 4-1: USB disconnect, device number 114
[ 1313.385723][T20798] FAULT_INJECTION: forcing a failure.
[ 1313.385723][T20798] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1313.399143][T20798] CPU: 1 UID: 0 PID: 20798 Comm: syz.3.4071 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1313.399161][T20798] Tainted: [L]=SOFTLOCKUP
[ 1313.399165][T20798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1313.399171][T20798] Call Trace:
[ 1313.399176][T20798]  <TASK>
[ 1313.399181][T20798]  dump_stack_lvl+0x189/0x250
[ 1313.399198][T20798]  ? __pfx____ratelimit+0x10/0x10
[ 1313.399209][T20798]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1313.399221][T20798]  ? __pfx__printk+0x10/0x10
[ 1313.399241][T20798]  should_fail_ex+0x414/0x560
[ 1313.399259][T20798]  _copy_to_user+0x31/0xb0
[ 1313.399276][T20798]  simple_read_from_buffer+0xe1/0x170
[ 1313.399291][T20798]  proc_fail_nth_read+0x1b3/0x220
[ 1313.399304][T20798]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1313.399319][T20798]  ? rw_verify_area+0x2a6/0x4d0
[ 1313.399329][T20798]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1313.399340][T20798]  vfs_read+0x200/0xa30
[ 1313.399350][T20798]  ? fdget_pos+0x247/0x320
[ 1313.399364][T20798]  ? __pfx___mutex_lock+0x10/0x10
[ 1313.399377][T20798]  ? __pfx_vfs_read+0x10/0x10
[ 1313.399387][T20798]  ? __fget_files+0x2a/0x420
[ 1313.399400][T20798]  ? __fget_files+0x3a0/0x420
[ 1313.399411][T20798]  ? __fget_files+0x2a/0x420
[ 1313.399427][T20798]  ksys_read+0x145/0x250
[ 1313.399438][T20798]  ? __pfx_ksys_read+0x10/0x10
[ 1313.399452][T20798]  ? do_syscall_64+0xbe/0xf80
[ 1313.399464][T20798]  do_syscall_64+0xfa/0xf80
[ 1313.399475][T20798]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1313.399485][T20798]  ? clear_bhb_loop+0x60/0xb0
[ 1313.399497][T20798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1313.399507][T20798] RIP: 0033:0x7fda6a58e15c
[ 1313.399517][T20798] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1313.399526][T20798] RSP: 002b:00007fda6b382030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1313.399538][T20798] RAX: ffffffffffffffda RBX: 00007fda6a7e5fa0 RCX: 00007fda6a58e15c
[ 1313.399545][T20798] RDX: 000000000000000f RSI: 00007fda6b3820a0 RDI: 0000000000000004
[ 1313.399551][T20798] RBP: 00007fda6b382090 R08: 0000000000000000 R09: 0000000000000000
[ 1313.399558][T20798] R10: 0000000010008095 R11: 0000000000000246 R12: 0000000000000001
[ 1313.399570][T20798] R13: 00007fda6a7e6038 R14: 00007fda6a7e5fa0 R15: 00007fda6a90fa28
[ 1313.399586][T20798]  </TASK>
[ 1313.636146][    C1] hrtimer: interrupt took 230609115 ns
[ 1313.885291][ T3663] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1313.897517][ T3663] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1313.908972][ T3663] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1313.937742][ T3663] bond0 (unregistering): Released all slaves
[ 1313.970271][ T3663] bond1 (unregistering): Released all slaves
[ 1314.080328][ T3663] bond2 (unregistering): Released all slaves
[ 1314.136127][ T3663] bond3 (unregistering): Released all slaves
[ 1314.281543][ T3663] bond4 (unregistering): Released all slaves
[ 1314.371048][T20796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4070'.
[ 1314.456617][T20804] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1314.479764][T20804] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1314.715084][T20804] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1314.715309][T20804] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1314.889991][T20804] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1314.896375][T20804] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1314.957412][T20804] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1314.964126][T20804] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1315.294891][T20830] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1315.611039][T20834] FAULT_INJECTION: forcing a failure.
[ 1315.611039][T20834] name failslab, interval 1, probability 0, space 0, times 0
[ 1315.650227][T20834] CPU: 0 UID: 0 PID: 20834 Comm: syz.4.4082 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1315.650256][T20834] Tainted: [L]=SOFTLOCKUP
[ 1315.650262][T20834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1315.650273][T20834] Call Trace:
[ 1315.650280][T20834]  <TASK>
[ 1315.650289][T20834]  dump_stack_lvl+0x189/0x250
[ 1315.650315][T20834]  ? __pfx____ratelimit+0x10/0x10
[ 1315.650333][T20834]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1315.650353][T20834]  ? __pfx__printk+0x10/0x10
[ 1315.650379][T20834]  ? __pfx___might_resched+0x10/0x10
[ 1315.650397][T20834]  ? fs_reclaim_acquire+0x7d/0x100
[ 1315.650421][T20834]  should_fail_ex+0x414/0x560
[ 1315.650451][T20834]  should_failslab+0xa8/0x100
[ 1315.650470][T20834]  kmem_cache_alloc_node_noprof+0x8c/0x720
[ 1315.650495][T20834]  ? __alloc_skb+0x255/0x430
[ 1315.650511][T20834]  ? napi_skb_cache_get+0x4a5/0x780
[ 1315.650528][T20834]  ? napi_skb_cache_get+0x151/0x780
[ 1315.650548][T20834]  __alloc_skb+0x255/0x430
[ 1315.650569][T20834]  ? __pfx___alloc_skb+0x10/0x10
[ 1315.650589][T20834]  ? netlink_autobind+0xdb/0x300
[ 1315.650608][T20834]  ? netlink_autobind+0x2c2/0x300
[ 1315.650631][T20834]  netlink_sendmsg+0x5c6/0xb30
[ 1315.650661][T20834]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1315.650685][T20834]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1315.650709][T20834]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1315.650726][T20834]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1315.650749][T20834]  __sock_sendmsg+0x21c/0x270
[ 1315.650776][T20834]  ____sys_sendmsg+0x505/0x820
[ 1315.650802][T20834]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1315.650832][T20834]  ? import_iovec+0x74/0xa0
[ 1315.650857][T20834]  ___sys_sendmsg+0x21f/0x2a0
[ 1315.650880][T20834]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1315.650906][T20834]  ? rcu_read_lock_any_held+0xb3/0x120
[ 1315.650953][T20834]  ? __fget_files+0x2a/0x420
[ 1315.650973][T20834]  ? __fget_files+0x3a0/0x420
[ 1315.650995][T20834]  __x64_sys_sendmsg+0x19b/0x260
[ 1315.651025][T20834]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1315.651052][T20834]  ? __pfx_ksys_write+0x10/0x10
[ 1315.651071][T20834]  ? do_syscall_64+0xbe/0xf80
[ 1315.651097][T20834]  do_syscall_64+0xfa/0xf80
[ 1315.651114][T20834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1315.651129][T20834]  ? clear_bhb_loop+0x60/0xb0
[ 1315.651147][T20834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1315.651163][T20834] RIP: 0033:0x7fda8a98f749
[ 1315.651179][T20834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1315.651194][T20834] RSP: 002b:00007fda8b80e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1315.651212][T20834] RAX: ffffffffffffffda RBX: 00007fda8abe5fa0 RCX: 00007fda8a98f749
[ 1315.651224][T20834] RDX: 0000000000000000 RSI: 0000200000003700 RDI: 0000000000000003
[ 1315.651235][T20834] RBP: 00007fda8b80e090 R08: 0000000000000000 R09: 0000000000000000
[ 1315.651246][T20834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1315.651256][T20834] R13: 00007fda8abe6038 R14: 00007fda8abe5fa0 R15: 00007fda8ad0fa28
[ 1315.651283][T20834]  </TASK>
[ 1316.318088][T20839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4084'.
[ 1316.552355][ T5840] Bluetooth: hci5: command 0x0406 tx timeout
[ 1316.788891][ T5840] Bluetooth: hci0: command 0x0406 tx timeout
[ 1316.947117][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[ 1317.025870][ T5840] Bluetooth: hci1: command 0x0406 tx timeout
[ 1317.486706][T20857] fuse: Bad value for 'fd'
[ 1318.665699][ T5840] Bluetooth: hci5: command 0x0406 tx timeout
[ 1318.871134][ T5840] Bluetooth: hci0: command 0x0406 tx timeout
[ 1318.960450][T20890] FAULT_INJECTION: forcing a failure.
[ 1318.960450][T20890] name failslab, interval 1, probability 0, space 0, times 0
[ 1319.026861][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[ 1319.116261][ T5840] Bluetooth: hci1: command 0x0406 tx timeout
[ 1319.138407][T20890] CPU: 1 UID: 0 PID: 20890 Comm: syz.1.4101 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1319.138425][T20890] Tainted: [L]=SOFTLOCKUP
[ 1319.138430][T20890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1319.138436][T20890] Call Trace:
[ 1319.138441][T20890]  <TASK>
[ 1319.138446][T20890]  dump_stack_lvl+0x189/0x250
[ 1319.138463][T20890]  ? __pfx____ratelimit+0x10/0x10
[ 1319.138473][T20890]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1319.138485][T20890]  ? __pfx__printk+0x10/0x10
[ 1319.138502][T20890]  ? __pfx___might_resched+0x10/0x10
[ 1319.138516][T20890]  should_fail_ex+0x414/0x560
[ 1319.138534][T20890]  should_failslab+0xa8/0x100
[ 1319.138547][T20890]  __kmalloc_noprof+0xdf/0x800
[ 1319.138557][T20890]  ? kfree+0x4d/0x660
[ 1319.138576][T20890]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1319.138592][T20890]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1319.138606][T20890]  ? tomoyo_domain+0xd8/0x130
[ 1319.138622][T20890]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1319.138632][T20890]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1319.138645][T20890]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1319.138664][T20890]  ? __mutex_unlock_slowpath+0x1a1/0x730
[ 1319.138685][T20890]  ? __fget_files+0x2a/0x420
[ 1319.138699][T20890]  ? __fget_files+0x3a0/0x420
[ 1319.138710][T20890]  ? __fget_files+0x2a/0x420
[ 1319.138723][T20890]  security_file_ioctl+0xcb/0x2d0
[ 1319.138735][T20890]  __se_sys_ioctl+0x47/0x170
[ 1319.138746][T20890]  do_syscall_64+0xfa/0xf80
[ 1319.138763][T20890]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1319.138773][T20890]  ? clear_bhb_loop+0x60/0xb0
[ 1319.138785][T20890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1319.138795][T20890] RIP: 0033:0x7fb37078f749
[ 1319.138805][T20890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1319.138814][T20890] RSP: 002b:00007fb37157f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1319.138825][T20890] RAX: ffffffffffffffda RBX: 00007fb3709e5fa0 RCX: 00007fb37078f749
[ 1319.138833][T20890] RDX: 0000200000000040 RSI: 0000000040047438 RDI: 0000000000000006
[ 1319.138839][T20890] RBP: 00007fb37157f090 R08: 0000000000000000 R09: 0000000000000000
[ 1319.138846][T20890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1319.138852][T20890] R13: 00007fb3709e6038 R14: 00007fb3709e5fa0 R15: 00007fb370b0fa28
[ 1319.138868][T20890]  </TASK>
[ 1319.138873][T20890] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1319.455674][T11967] usb 4-1: new high-speed USB device number 115 using dummy_hcd
[ 1319.646530][T11967] usb 4-1: Using ep0 maxpacket: 8
[ 1319.659321][T11967] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1319.668895][T11967] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1319.685673][T11967] usb 4-1: Product: syz
[ 1319.690135][T11967] usb 4-1: Manufacturer: syz
[ 1319.695784][T11967] usb 4-1: SerialNumber: syz
[ 1319.769947][T11967] usb 4-1: config 0 descriptor??
[ 1319.999675][T20888] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1320.024408][T20888] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1320.045286][T11967] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1320.097344][ T3663] hsr_slave_0: left promiscuous mode
[ 1320.112959][ T3663] hsr_slave_1: left promiscuous mode
[ 1320.122912][ T3663] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1320.142489][ T3663] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1320.208628][ T3663] pim6reg (unregistering): left allmulticast mode
[ 1320.431272][T20901] fuse: Bad value for 'fd'
[ 1320.547637][T11967] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1320.596474][T11967] usb 4-1: USB disconnect, device number 115
[ 1321.076339][T11967] usb 4-1: new high-speed USB device number 116 using dummy_hcd
[ 1321.315623][T11967] usb 4-1: device descriptor read/64, error -71
[ 1321.316503][ T3663] team_slave_1 (unregistering): left promiscuous mode
[ 1321.352733][ T3663] team0 (unregistering): Port device team_slave_1 removed
[ 1321.480267][ T3663] team_slave_0 (unregistering): left promiscuous mode
[ 1321.499703][ T3663] team0 (unregistering): Port device team_slave_0 removed
[ 1321.557436][T11967] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[ 1321.691483][T20918] Cannot find set identified by id 0 to match
[ 1321.711866][T11967] usb 4-1: device descriptor read/64, error -71
[ 1321.756512][T20919] delete_channel: no stack
[ 1321.833208][T11967] usb usb4-port1: attempt power cycle
[ 1324.367661][T20939] netlink: 203340 bytes leftover after parsing attributes in process `syz.0.4115'.
[ 1324.545751][ T6185] usb 5-1: new full-speed USB device number 100 using dummy_hcd
[ 1324.717191][ T6185] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1324.728403][ T6185] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1324.744306][ T6185] usb 5-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00
[ 1324.768350][ T6185] usb 5-1: New USB device strings: Mfr=0, Product=31, SerialNumber=0
[ 1324.788693][ T6185] usb 5-1: Product: syz
[ 1324.817791][ T6185] usb 5-1: config 0 descriptor??
[ 1325.255445][T20943] IPv6: sit1: Disabled Multicast RS
[ 1325.277011][ T6185] usbhid 5-1:0.0: can't add hid device: -71
[ 1325.283351][ T6185] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1325.294249][ T6185] usb 5-1: USB disconnect, device number 100
[ 1325.365340][T20961] fuse: Unknown parameter '0x0000000000000004'
[ 1325.554341][T20966] netlink: 84 bytes leftover after parsing attributes in process `syz.2.4126'.
[ 1325.660608][T20968] FAULT_INJECTION: forcing a failure.
[ 1325.660608][T20968] name failslab, interval 1, probability 0, space 0, times 0
[ 1325.673637][T20968] CPU: 0 UID: 0 PID: 20968 Comm: syz.2.4127 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1325.673655][T20968] Tainted: [L]=SOFTLOCKUP
[ 1325.673659][T20968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1325.673665][T20968] Call Trace:
[ 1325.673670][T20968]  <TASK>
[ 1325.673675][T20968]  dump_stack_lvl+0x189/0x250
[ 1325.673691][T20968]  ? __pfx____ratelimit+0x10/0x10
[ 1325.673702][T20968]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1325.673714][T20968]  ? __pfx__printk+0x10/0x10
[ 1325.673730][T20968]  ? __pfx___might_resched+0x10/0x10
[ 1325.673741][T20968]  ? fs_reclaim_acquire+0x7d/0x100
[ 1325.673755][T20968]  should_fail_ex+0x414/0x560
[ 1325.673772][T20968]  should_failslab+0xa8/0x100
[ 1325.673785][T20968]  __kmalloc_noprof+0xdf/0x800
[ 1325.673795][T20968]  ? tomoyo_encode+0x28b/0x550
[ 1325.673810][T20968]  tomoyo_encode+0x28b/0x550
[ 1325.673825][T20968]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1325.673839][T20968]  ? tomoyo_domain+0xd8/0x130
[ 1325.673854][T20968]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1325.673865][T20968]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1325.673877][T20968]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1325.673896][T20968]  ? __mutex_unlock_slowpath+0x1a1/0x730
[ 1325.673917][T20968]  ? __fget_files+0x2a/0x420
[ 1325.673932][T20968]  ? __fget_files+0x3a0/0x420
[ 1325.673943][T20968]  ? __fget_files+0x2a/0x420
[ 1325.673956][T20968]  security_file_ioctl+0xcb/0x2d0
[ 1325.673968][T20968]  __se_sys_ioctl+0x47/0x170
[ 1325.673979][T20968]  do_syscall_64+0xfa/0xf80
[ 1325.673990][T20968]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1325.674000][T20968]  ? clear_bhb_loop+0x60/0xb0
[ 1325.674012][T20968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1325.674022][T20968] RIP: 0033:0x7f70edd8f749
[ 1325.674032][T20968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1325.674040][T20968] RSP: 002b:00007f70eeb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1325.674052][T20968] RAX: ffffffffffffffda RBX: 00007f70edfe5fa0 RCX: 00007f70edd8f749
[ 1325.674060][T20968] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[ 1325.674066][T20968] RBP: 00007f70eeb91090 R08: 0000000000000000 R09: 0000000000000000
[ 1325.674073][T20968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1325.674079][T20968] R13: 00007f70edfe6038 R14: 00007f70edfe5fa0 R15: 00007f70ee10fa28
[ 1325.674095][T20968]  </TASK>
[ 1325.674108][T20968] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1325.702035][ T6185] usb 2-1: new high-speed USB device number 98 using dummy_hcd
[ 1326.125719][ T6185] usb 2-1: Using ep0 maxpacket: 16
[ 1326.173309][ T6185] usb 2-1: config 0 has no interfaces?
[ 1326.187982][ T6185] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1326.205616][ T6185] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1326.216654][ T6185] usb 2-1: Product: syz
[ 1326.220844][ T6185] usb 2-1: Manufacturer: syz
[ 1326.235980][ T6185] usb 2-1: SerialNumber: syz
[ 1326.282832][ T6185] usb 2-1: config 0 descriptor??
[ 1326.425789][   T24] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[ 1326.641421][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1326.652509][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1326.663991][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1326.724371][   T24] usb 5-1: New USB device found, idVendor=1e7d, idProduct=3232, bcdDevice= 0.00
[ 1326.768373][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1326.791602][   T24] usb 5-1: config 0 descriptor??
[ 1327.227664][T20992] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1327.254511][T20992] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1327.364550][T20995] fuse: Unknown parameter '0x0000000000000004'
[ 1327.854364][T21007] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(96)
[ 1327.861004][T21007] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1327.924951][T21007] vhci_hcd vhci_hcd.0: Device attached
[ 1328.132558][T21013] vhci_hcd: connection closed
[ 1328.136416][   T13] vhci_hcd vhci_hcd.3: stop threads
[ 1328.174806][   T13] vhci_hcd vhci_hcd.3: release socket
[ 1328.186238][T11967] usb 40-1: SetAddress Request (2) to port 0
[ 1328.264256][T11967] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1328.277649][   T13] vhci_hcd vhci_hcd.3: disconnect device
[ 1328.295741][T11967] usb 40-1: enqueue for inactive port 0
[ 1328.457827][ T6185] usb 2-1: USB disconnect, device number 98
[ 1328.718116][T11967] usb usb40-port1: attempt power cycle
[ 1329.342521][   T24] usbhid 5-1:0.0: can't add hid device: -71
[ 1329.348939][   T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1329.396777][   T24] usb 5-1: USB disconnect, device number 101
[ 1329.479963][T21040] fuse: Unknown parameter '0x0000000000000004'
[ 1329.486821][T11967] usb usb40-port1: unable to enumerate USB device
[ 1330.662494][T11967] usb 4-1: new full-speed USB device number 119 using dummy_hcd
[ 1330.984305][T11967] usb 4-1: no configurations
[ 1330.991288][T11967] usb 4-1: can't read configurations, error -22
[ 1330.999519][T21073] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1331.072989][T21073] netlink: 'syz.2.4161': attribute type 10 has an invalid length.
[ 1331.103318][T21073] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4161'.
[ 1331.121590][T21080] FAULT_INJECTION: forcing a failure.
[ 1331.121590][T21080] name failslab, interval 1, probability 0, space 0, times 0
[ 1331.134415][T21080] CPU: 0 UID: 0 PID: 21080 Comm: syz.1.4164 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1331.134442][T21080] Tainted: [L]=SOFTLOCKUP
[ 1331.134449][T21080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1331.134458][T21080] Call Trace:
[ 1331.134467][T21080]  <TASK>
[ 1331.134475][T21080]  dump_stack_lvl+0x189/0x250
[ 1331.134499][T21080]  ? __pfx____ratelimit+0x10/0x10
[ 1331.134517][T21080]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1331.134537][T21080]  ? __pfx__printk+0x10/0x10
[ 1331.134564][T21080]  ? __pfx___might_resched+0x10/0x10
[ 1331.134582][T21080]  ? fs_reclaim_acquire+0x7d/0x100
[ 1331.134606][T21080]  should_fail_ex+0x414/0x560
[ 1331.134637][T21080]  should_failslab+0xa8/0x100
[ 1331.134660][T21080]  __kmalloc_noprof+0xdf/0x800
[ 1331.134678][T21080]  ? tomoyo_encode+0x28b/0x550
[ 1331.134702][T21080]  tomoyo_encode+0x28b/0x550
[ 1331.134728][T21080]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1331.134751][T21080]  ? tomoyo_domain+0xd8/0x130
[ 1331.134778][T21080]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1331.134798][T21080]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1331.134828][T21080]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1331.134862][T21080]  ? __mutex_unlock_slowpath+0x1a1/0x730
[ 1331.134900][T21080]  ? __fget_files+0x2a/0x420
[ 1331.134926][T21080]  ? __fget_files+0x3a0/0x420
[ 1331.134947][T21080]  ? __fget_files+0x2a/0x420
[ 1331.134969][T21080]  security_file_ioctl+0xcb/0x2d0
[ 1331.134989][T21080]  __se_sys_ioctl+0x47/0x170
[ 1331.135008][T21080]  do_syscall_64+0xfa/0xf80
[ 1331.135027][T21080]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1331.135044][T21080]  ? clear_bhb_loop+0x60/0xb0
[ 1331.135066][T21080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1331.135082][T21080] RIP: 0033:0x7fb37078f749
[ 1331.135097][T21080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1331.135111][T21080] RSP: 002b:00007fb37157f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1331.135130][T21080] RAX: ffffffffffffffda RBX: 00007fb3709e5fa0 RCX: 00007fb37078f749
[ 1331.135143][T21080] RDX: 0000000000000000 RSI: 0000000080089418 RDI: 0000000000000003
[ 1331.135153][T21080] RBP: 00007fb37157f090 R08: 0000000000000000 R09: 0000000000000000
[ 1331.135163][T21080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1331.135173][T21080] R13: 00007fb3709e6038 R14: 00007fb3709e5fa0 R15: 00007fb370b0fa28
[ 1331.135201][T21080]  </TASK>
[ 1331.135220][T21080] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1331.175821][T11967] usb 4-1: new full-speed USB device number 120 using dummy_hcd
[ 1331.442815][T21084] fuse: Unknown parameter '0x0000000000000004'
[ 1331.476535][T21086] FAULT_INJECTION: forcing a failure.
[ 1331.476535][T21086] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1331.490168][T21086] CPU: 1 UID: 0 PID: 21086 Comm: syz.1.4166 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1331.490196][T21086] Tainted: [L]=SOFTLOCKUP
[ 1331.490204][T21086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1331.490214][T21086] Call Trace:
[ 1331.490231][T21086]  <TASK>
[ 1331.490238][T21086]  dump_stack_lvl+0x189/0x250
[ 1331.490267][T21086]  ? __pfx____ratelimit+0x10/0x10
[ 1331.490286][T21086]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1331.490306][T21086]  ? __pfx__printk+0x10/0x10
[ 1331.490331][T21086]  ? __might_fault+0xb0/0x130
[ 1331.490365][T21086]  should_fail_ex+0x414/0x560
[ 1331.490396][T21086]  _copy_from_iter+0x1cd/0x1630
[ 1331.490420][T21086]  ? __build_skb_around+0x22d/0x3c0
[ 1331.490444][T21086]  ? __pfx__copy_from_iter+0x10/0x10
[ 1331.490460][T21086]  ? __alloc_skb+0x2f1/0x430
[ 1331.490480][T21086]  ? __pfx___alloc_skb+0x10/0x10
[ 1331.490501][T21086]  ? netlink_sendmsg+0x642/0xb30
[ 1331.490520][T21086]  ? skb_put+0x11b/0x210
[ 1331.490543][T21086]  netlink_sendmsg+0x6b2/0xb30
[ 1331.490574][T21086]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1331.490599][T21086]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1331.490623][T21086]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1331.490646][T21086]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1331.490669][T21086]  __sock_sendmsg+0x21c/0x270
[ 1331.490696][T21086]  ____sys_sendmsg+0x505/0x820
[ 1331.490723][T21086]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1331.490752][T21086]  ? import_iovec+0x74/0xa0
[ 1331.490780][T21086]  ___sys_sendmsg+0x21f/0x2a0
[ 1331.490801][T21086]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1331.490824][T21086]  ? rcu_read_lock_any_held+0xb3/0x120
[ 1331.490869][T21086]  ? __fget_files+0x2a/0x420
[ 1331.490890][T21086]  ? __fget_files+0x3a0/0x420
[ 1331.490919][T21086]  __x64_sys_sendmsg+0x19b/0x260
[ 1331.490940][T21086]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1331.490970][T21086]  ? __pfx_ksys_write+0x10/0x10
[ 1331.490991][T21086]  ? do_syscall_64+0xbe/0xf80
[ 1331.491013][T21086]  do_syscall_64+0xfa/0xf80
[ 1331.491031][T21086]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1331.491049][T21086]  ? clear_bhb_loop+0x60/0xb0
[ 1331.491070][T21086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1331.491086][T21086] RIP: 0033:0x7fb37078f749
[ 1331.491103][T21086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1331.491117][T21086] RSP: 002b:00007fb37157f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1331.491137][T21086] RAX: ffffffffffffffda RBX: 00007fb3709e5fa0 RCX: 00007fb37078f749
[ 1331.491151][T21086] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000003
[ 1331.491163][T21086] RBP: 00007fb37157f090 R08: 0000000000000000 R09: 0000000000000000
[ 1331.491174][T21086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1331.491185][T21086] R13: 00007fb3709e6038 R14: 00007fb3709e5fa0 R15: 00007fb370b0fa28
[ 1331.491214][T21086]  </TASK>
[ 1331.877987][T11967] usb 4-1: no configurations
[ 1331.882856][T11967] usb 4-1: can't read configurations, error -22
[ 1331.892520][T11967] usb usb4-port1: attempt power cycle
[ 1331.974790][T21097] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4170'.
[ 1332.173040][T21097] hsr_slave_1 (unregistering): left promiscuous mode
[ 1332.238995][T11967] usb 4-1: new full-speed USB device number 121 using dummy_hcd
[ 1332.269059][T11967] usb 4-1: no configurations
[ 1332.281559][T11967] usb 4-1: can't read configurations, error -22
[ 1332.705828][T11967] usb 4-1: new full-speed USB device number 122 using dummy_hcd
[ 1332.795959][T11967] usb 4-1: no configurations
[ 1332.806880][T11967] usb 4-1: can't read configurations, error -22
[ 1332.820172][T11967] usb usb4-port1: unable to enumerate USB device
[ 1333.246158][T21113] xt_CT: No such helper "netbios-ns"
[ 1334.080140][T21138] fuse: Unknown parameter '0x0000000000000004'
[ 1334.325338][T21146] netlink: 'syz.3.4178': attribute type 10 has an invalid length.
[ 1334.379951][T21149] netlink: 'syz.3.4178': attribute type 10 has an invalid length.
[ 1334.399384][T21145] netdevsim netdevsim1: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[ 1334.431046][T21145] netlink: 'syz.1.4182': attribute type 10 has an invalid length.
[ 1334.487824][T21153] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4182'.
[ 1334.513103][T21147] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1334.591873][T21149] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[ 1335.886820][T21184] fuse: Unknown parameter '0x0000000000000004'
[ 1336.863927][T21196] fuse: Unknown parameter 'group_i'
[ 1336.908896][T21206] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4199'.
[ 1336.947763][T21206] openvswitch: netlink: Flow key attr not present in new flow.
[ 1337.886204][T21219] netlink: 92 bytes leftover after parsing attributes in process `syz.4.4204'.
[ 1337.956586][T11967] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[ 1338.157320][T11967] usb 4-1: Using ep0 maxpacket: 16
[ 1338.186131][T11967] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1338.235607][T11967] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1338.298755][T11967] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1338.326501][T21225] FAULT_INJECTION: forcing a failure.
[ 1338.326501][T21225] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1338.345654][T11967] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1338.389577][T11967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1338.404163][T21225] CPU: 0 UID: 0 PID: 21225 Comm: syz.2.4206 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1338.404193][T21225] Tainted: [L]=SOFTLOCKUP
[ 1338.404200][T21225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1338.404211][T21225] Call Trace:
[ 1338.404219][T21225]  <TASK>
[ 1338.404228][T21225]  dump_stack_lvl+0x189/0x250
[ 1338.404254][T21225]  ? __pfx____ratelimit+0x10/0x10
[ 1338.404272][T21225]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1338.404292][T21225]  ? __pfx__printk+0x10/0x10
[ 1338.404317][T21225]  ? __might_fault+0xb0/0x130
[ 1338.404352][T21225]  should_fail_ex+0x414/0x560
[ 1338.404382][T21225]  _copy_from_user+0x2d/0xb0
[ 1338.404404][T21225]  ___sys_sendmsg+0x158/0x2a0
[ 1338.404428][T21225]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1338.404483][T21225]  ? __fget_files+0x2a/0x420
[ 1338.404503][T21225]  ? __fget_files+0x3a0/0x420
[ 1338.404534][T21225]  __sys_sendmmsg+0x227/0x430
[ 1338.404557][T21225]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1338.404585][T21225]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1338.404619][T21225]  ? ksys_write+0x22a/0x250
[ 1338.404639][T21225]  ? __pfx_ksys_write+0x10/0x10
[ 1338.404660][T21225]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1338.404677][T21225]  do_syscall_64+0xfa/0xf80
[ 1338.404692][T21225]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1338.404704][T21225]  ? clear_bhb_loop+0x60/0xb0
[ 1338.404720][T21225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1338.404733][T21225] RIP: 0033:0x7f70edd8f749
[ 1338.404746][T21225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1338.404757][T21225] RSP: 002b:00007f70eeb91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1338.404772][T21225] RAX: ffffffffffffffda RBX: 00007f70edfe5fa0 RCX: 00007f70edd8f749
[ 1338.404782][T21225] RDX: 0000000000000001 RSI: 0000200000002800 RDI: 0000000000000003
[ 1338.404791][T21225] RBP: 00007f70eeb91090 R08: 0000000000000000 R09: 0000000000000000
[ 1338.404799][T21225] R10: 0000000004000804 R11: 0000000000000246 R12: 0000000000000001
[ 1338.404808][T21225] R13: 00007f70edfe6038 R14: 00007f70edfe5fa0 R15: 00007f70ee10fa28
[ 1338.404831][T21225]  </TASK>
[ 1338.436802][T11967] usb 4-1: config 0 descriptor??
[ 1338.748825][ T3566] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1338.924732][ T3566] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1339.128477][ T3566] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1339.387428][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1339.420628][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1339.431377][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1339.440175][ T3566] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1339.452412][ T5843] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1339.469351][ T5843] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1340.011068][T11967] microsoft 0003:045E:07DA.0014: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[ 1340.091713][T11967] microsoft 0003:045E:07DA.0014: no inputs found
[ 1340.125853][T11967] microsoft 0003:045E:07DA.0014: could not initialize ff, continuing anyway
[ 1340.184290][T11967] usb 4-1: USB disconnect, device number 123
[ 1340.357100][T21252] fido_id[21252]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1340.625650][ T5878] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[ 1341.104243][ T3566] bond1 (unregistering): (slave gretap1): Releasing active interface
[ 1341.511192][ T5840] Bluetooth: hci0: command tx timeout
[ 1341.640646][ T3566] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1341.659951][ T3566] bond0 (unregistering): Released all slaves
[ 1342.015310][ T3566] bond1 (unregistering): Released all slaves
[ 1342.111600][T21284] loop9: detected capacity change from 0 to 7
[ 1342.191060][T19720] Dev loop9: unable to read RDB block 7
[ 1342.193089][ T3566] bond2 (unregistering): Released all slaves
[ 1342.198156][T19720]  loop9: unable to read partition table
[ 1342.211532][T19720] loop9: partition table beyond EOD, truncated
[ 1342.237691][T21284] Dev loop9: unable to read RDB block 7
[ 1342.243632][T21284]  loop9: unable to read partition table
[ 1342.267728][T21284] loop9: partition table beyond EOD, truncated
[ 1342.281669][T21284] loop_reread_partitions: partition scan of loop9 (�被x������ ) failed (rc=-5)
[ 1342.336634][T21283] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[ 1342.424346][T21283] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1342.996897][ T3566] hsr_slave_0: left promiscuous mode
[ 1343.132889][ T3566] veth1_macvtap: left promiscuous mode
[ 1343.149013][ T3566] veth0_macvtap: left promiscuous mode
[ 1343.163854][ T3566] veth1_vlan: left promiscuous mode
[ 1343.174133][ T3566] veth0_vlan: left promiscuous mode
[ 1343.636924][ T5840] Bluetooth: hci0: command tx timeout
[ 1344.803238][T21344] block device autoloading is deprecated and will be removed.
[ 1344.826806][T21344] netlink: 'syz.0.4235': attribute type 6 has an invalid length.
[ 1344.834822][T21344] netlink: 'syz.0.4235': attribute type 7 has an invalid length.
[ 1344.842823][T21344] netlink: 'syz.0.4235': attribute type 8 has an invalid length.
[ 1344.850980][T21344] netlink: 'syz.0.4235': attribute type 15 has an invalid length.
[ 1345.325913][T21245] chnl_net:caif_netlink_parms(): no params data found
[ 1345.559529][T21245] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1345.687706][ T5840] Bluetooth: hci0: command tx timeout
[ 1345.711849][T21245] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1345.719107][T21245] bridge_slave_0: entered allmulticast mode
[ 1345.726602][T21245] bridge_slave_0: entered promiscuous mode
[ 1345.764953][T21245] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1345.787127][T21245] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1345.820774][T21245] bridge_slave_1: entered allmulticast mode
[ 1345.849027][T21245] bridge_slave_1: entered promiscuous mode
[ 1346.325795][T21245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1346.371340][T21378] netlink: 'syz.2.4242': attribute type 7 has an invalid length.
[ 1346.440972][T21378] netlink: 'syz.2.4242': attribute type 8 has an invalid length.
[ 1346.464153][T21245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1346.619540][T21245] team0: Port device team_slave_0 added
[ 1346.732031][T21245] team0: Port device team_slave_1 added
[ 1347.294422][T21245] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1347.315633][T21245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1347.561491][T21245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1347.632430][T21245] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1347.895656][ T5840] Bluetooth: hci0: command tx timeout
[ 1347.901621][T21245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1347.928657][T21245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1348.144403][T21245] hsr_slave_0: entered promiscuous mode
[ 1348.184234][T21245] hsr_slave_1: entered promiscuous mode
[ 1348.414894][T21409] trusted_key: encrypted_key: insufficient parameters specified
[ 1348.437533][T21409] binder: 21403:21409 ioctl c018620c 200000000000 returned -1
[ 1349.031654][T21245] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1349.060630][T21245] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1349.150659][T21245] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1349.892026][T21245] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1350.031014][T21444] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1350.089768][T21444] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1350.160862][T21245] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1350.287066][T21245] 8021q: adding VLAN 0 to HW filter on device team0
[ 1350.309481][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1350.316729][ T5937] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1350.403376][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1350.410729][ T5937] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1350.995369][T21245] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1351.071268][T21469] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1351.204227][T21245] veth0_vlan: entered promiscuous mode
[ 1351.466404][T21245] veth1_vlan: entered promiscuous mode
[ 1351.578055][T21245] veth0_macvtap: entered promiscuous mode
[ 1351.606541][T21245] veth1_macvtap: entered promiscuous mode
[ 1351.663859][T21245] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1351.721707][T21245] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1351.901985][T21100] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1352.003209][T21100] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1352.078412][T21100] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1352.105308][T21100] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1352.528675][ T3566] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1352.542032][ T3566] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1353.457239][ T5937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1353.460892][T21512] netlink: 'syz.4.4272': attribute type 1 has an invalid length.
[ 1353.473868][ T5937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1353.667566][T21512] 8021q: adding VLAN 0 to HW filter on device bond5
[ 1353.872094][T21522] af_packet: tpacket_rcv: packet too big, clamped from 36 to 4294967272. macoff=96
[ 1353.934334][T21521] netlink: 'syz.0.4273': attribute type 3 has an invalid length.
[ 1353.955051][T21521] netlink: 'syz.0.4273': attribute type 2 has an invalid length.
[ 1353.989572][T21521] netlink: 'syz.0.4273': attribute type 2 has an invalid length.
[ 1354.030818][T21522] loop8: detected capacity change from 0 to 7
[ 1354.047558][    C1] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1354.057917][    C1] Buffer I/O error on dev loop8, logical block 0, async page read
[ 1354.066393][    C1] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1354.076067][    C1] Buffer I/O error on dev loop8, logical block 0, async page read
[ 1354.088009][    C1] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1354.097740][    C1] Buffer I/O error on dev loop8, logical block 0, async page read
[ 1354.106277][    C1] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1354.115969][    C1] Buffer I/O error on dev loop8, logical block 0, async page read
[ 1354.124441][    C1] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1354.134132][    C1] Buffer I/O error on dev loop8, logical block 0, async page read
[ 1354.143621][    C1] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1354.153299][    C1] Buffer I/O error on dev loop8, logical block 0, async page read
[ 1354.181036][    C1] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1354.190769][    C1] Buffer I/O error on dev loop8, logical block 0, async page read
[ 1354.200410][T21522] ldm_validate_partition_table(): Disk read failed.
[ 1354.262787][    C1] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1354.272545][    C1] Buffer I/O error on dev loop8, logical block 0, async page read
[ 1354.282004][    C1] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1354.291658][    C1] Buffer I/O error on dev loop8, logical block 0, async page read
[ 1354.299904][    C0] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1354.309637][    C0] Buffer I/O error on dev loop8, logical block 0, async page read
[ 1354.319242][T21522] Dev loop8: unable to read RDB block 0
[ 1354.328276][T21522]  loop8: unable to read partition table
[ 1354.334226][T21522] loop8: partition table beyond EOD, truncated
[ 1354.377424][T21522] loop_reread_partitions: partition scan of loop8 (�被x������ ) failed (rc=-5)
[ 1356.082714][T21571] netlink: 'syz.2.4285': attribute type 1 has an invalid length.
[ 1356.283776][T21574] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4285'.
[ 1356.738965][T21571] 8021q: adding VLAN 0 to HW filter on device bond5
[ 1356.798854][T21580] FAULT_INJECTION: forcing a failure.
[ 1356.798854][T21580] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1356.962573][T21580] CPU: 1 UID: 0 PID: 21580 Comm: syz.0.4287 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1356.962603][T21580] Tainted: [L]=SOFTLOCKUP
[ 1356.962610][T21580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1356.962622][T21580] Call Trace:
[ 1356.962630][T21580]  <TASK>
[ 1356.962638][T21580]  dump_stack_lvl+0x189/0x250
[ 1356.962665][T21580]  ? __pfx____ratelimit+0x10/0x10
[ 1356.962682][T21580]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1356.962700][T21580]  ? __pfx__printk+0x10/0x10
[ 1356.962724][T21580]  ? __might_fault+0xb0/0x130
[ 1356.962759][T21580]  should_fail_ex+0x414/0x560
[ 1356.962789][T21580]  _copy_from_iter+0x1cd/0x1630
[ 1356.962812][T21580]  ? __build_skb_around+0x22d/0x3c0
[ 1356.962837][T21580]  ? __pfx__copy_from_iter+0x10/0x10
[ 1356.962853][T21580]  ? __alloc_skb+0x2f1/0x430
[ 1356.962874][T21580]  ? __pfx___alloc_skb+0x10/0x10
[ 1356.962893][T21580]  ? netlink_sendmsg+0x642/0xb30
[ 1356.962914][T21580]  ? skb_put+0x11b/0x210
[ 1356.962936][T21580]  netlink_sendmsg+0x6b2/0xb30
[ 1356.962965][T21580]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1356.962990][T21580]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1356.963014][T21580]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1356.963031][T21580]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1356.963054][T21580]  __sock_sendmsg+0x21c/0x270
[ 1356.963082][T21580]  ____sys_sendmsg+0x505/0x820
[ 1356.963108][T21580]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1356.963134][T21580]  ? import_iovec+0x74/0xa0
[ 1356.963158][T21580]  ___sys_sendmsg+0x21f/0x2a0
[ 1356.963180][T21580]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1356.963213][T21580]  ? rcu_read_lock_any_held+0xb3/0x120
[ 1356.963264][T21580]  ? __fget_files+0x2a/0x420
[ 1356.963283][T21580]  ? __fget_files+0x3a0/0x420
[ 1356.963314][T21580]  __x64_sys_sendmsg+0x19b/0x260
[ 1356.963337][T21580]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1356.963364][T21580]  ? __pfx_ksys_write+0x10/0x10
[ 1356.963385][T21580]  ? do_syscall_64+0xbe/0xf80
[ 1356.963408][T21580]  do_syscall_64+0xfa/0xf80
[ 1356.963426][T21580]  ? rcu_is_watching+0x15/0xb0
[ 1356.963444][T21580]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1356.963460][T21580]  ? clear_bhb_loop+0x60/0xb0
[ 1356.963479][T21580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1356.963495][T21580] RIP: 0033:0x7f570318f749
[ 1356.963510][T21580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1356.963524][T21580] RSP: 002b:00007f570407b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1356.963543][T21580] RAX: ffffffffffffffda RBX: 00007f57033e5fa0 RCX: 00007f570318f749
[ 1356.963555][T21580] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1356.963567][T21580] RBP: 00007f570407b090 R08: 0000000000000000 R09: 0000000000000000
[ 1356.963577][T21580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1356.963589][T21580] R13: 00007f57033e6038 R14: 00007f57033e5fa0 R15: 00007f570350fa28
[ 1356.963617][T21580]  </TASK>
[ 1357.451899][T21584] netdevsim netdevsim0: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[ 1357.527275][T21584] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1357.574821][T21586] FAULT_INJECTION: forcing a failure.
[ 1357.574821][T21586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1357.646285][T21586] CPU: 0 UID: 0 PID: 21586 Comm: syz.2.4289 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1357.646311][T21586] Tainted: [L]=SOFTLOCKUP
[ 1357.646316][T21586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1357.646322][T21586] Call Trace:
[ 1357.646327][T21586]  <TASK>
[ 1357.646333][T21586]  dump_stack_lvl+0x189/0x250
[ 1357.646350][T21586]  ? __pfx____ratelimit+0x10/0x10
[ 1357.646361][T21586]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1357.646373][T21586]  ? __pfx__printk+0x10/0x10
[ 1357.646388][T21586]  ? __might_fault+0xb0/0x130
[ 1357.646407][T21586]  should_fail_ex+0x414/0x560
[ 1357.646424][T21586]  _copy_from_iter+0x1cd/0x1630
[ 1357.646437][T21586]  ? __build_skb_around+0x22d/0x3c0
[ 1357.646451][T21586]  ? __pfx__copy_from_iter+0x10/0x10
[ 1357.646461][T21586]  ? __alloc_skb+0x2f1/0x430
[ 1357.646472][T21586]  ? __pfx___alloc_skb+0x10/0x10
[ 1357.646483][T21586]  ? netlink_sendmsg+0x642/0xb30
[ 1357.646495][T21586]  ? skb_put+0x11b/0x210
[ 1357.646507][T21586]  netlink_sendmsg+0x6b2/0xb30
[ 1357.646524][T21586]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1357.646538][T21586]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1357.646552][T21586]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1357.646562][T21586]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1357.646574][T21586]  __sock_sendmsg+0x21c/0x270
[ 1357.646591][T21586]  ____sys_sendmsg+0x505/0x820
[ 1357.646606][T21586]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1357.646621][T21586]  ? import_iovec+0x74/0xa0
[ 1357.646634][T21586]  ___sys_sendmsg+0x21f/0x2a0
[ 1357.646647][T21586]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1357.646662][T21586]  ? rcu_read_lock_any_held+0xb3/0x120
[ 1357.646688][T21586]  ? __fget_files+0x2a/0x420
[ 1357.646700][T21586]  ? __fget_files+0x3a0/0x420
[ 1357.646716][T21586]  __x64_sys_sendmsg+0x19b/0x260
[ 1357.646729][T21586]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1357.646745][T21586]  ? __pfx_ksys_write+0x10/0x10
[ 1357.646757][T21586]  ? do_syscall_64+0xbe/0xf80
[ 1357.646769][T21586]  do_syscall_64+0xfa/0xf80
[ 1357.646780][T21586]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1357.646790][T21586]  ? clear_bhb_loop+0x60/0xb0
[ 1357.646802][T21586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1357.646812][T21586] RIP: 0033:0x7f70edd8f749
[ 1357.646822][T21586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1357.646830][T21586] RSP: 002b:00007f70eeb91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1357.646841][T21586] RAX: ffffffffffffffda RBX: 00007f70edfe5fa0 RCX: 00007f70edd8f749
[ 1357.646849][T21586] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000006
[ 1357.646856][T21586] RBP: 00007f70eeb91090 R08: 0000000000000000 R09: 0000000000000000
[ 1357.646862][T21586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1357.646868][T21586] R13: 00007f70edfe6038 R14: 00007f70edfe5fa0 R15: 00007f70ee10fa28
[ 1357.646889][T21586]  </TASK>
[ 1358.042813][T21584] netlink: 'syz.0.4288': attribute type 10 has an invalid length.
[ 1358.087060][T21584] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4288'.
[ 1358.148548][T21594] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1359.530429][T21614] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1359.536860][T21614] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1359.554915][T21614] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1359.561298][T21614] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1359.729284][T21614] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1359.837267][T21614] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1360.051014][T21626] fuse: Bad value for 'fd'
[ 1360.081022][   T30] kauditd_printk_skb: 35 callbacks suppressed
[ 1360.081038][   T30] audit: type=1326 audit(1766109368.218:1320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21623 comm="syz.2.4298" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x0
[ 1360.314188][T21629] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4298'.
[ 1360.549944][T21632] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4299'.
[ 1360.991403][T21636] netlink: 'syz.5.4300': attribute type 1 has an invalid length.
[ 1361.063120][T21636] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1361.106842][T21636] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4300'.
[ 1361.426258][ T5840] Bluetooth: hci5: command 0x0406 tx timeout
[ 1361.452061][T21645] FAULT_INJECTION: forcing a failure.
[ 1361.452061][T21645] name failslab, interval 1, probability 0, space 0, times 0
[ 1361.464909][T21645] CPU: 1 UID: 0 PID: 21645 Comm: syz.4.4303 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1361.464927][T21645] Tainted: [L]=SOFTLOCKUP
[ 1361.464931][T21645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1361.464937][T21645] Call Trace:
[ 1361.464942][T21645]  <TASK>
[ 1361.464948][T21645]  dump_stack_lvl+0x189/0x250
[ 1361.464965][T21645]  ? __pfx____ratelimit+0x10/0x10
[ 1361.464976][T21645]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1361.464988][T21645]  ? __pfx__printk+0x10/0x10
[ 1361.465004][T21645]  ? __skb_flow_dissect+0x408/0x68b0
[ 1361.465018][T21645]  should_fail_ex+0x414/0x560
[ 1361.465036][T21645]  should_failslab+0xa8/0x100
[ 1361.465050][T21645]  kmem_cache_alloc_noprof+0x88/0x710
[ 1361.465065][T21645]  ? skb_clone+0x212/0x3a0
[ 1361.465079][T21645]  skb_clone+0x212/0x3a0
[ 1361.465091][T21645]  ? packet_rcv_spkt+0x117/0x5c0
[ 1361.465105][T21645]  packet_rcv_spkt+0x139/0x5c0
[ 1361.465120][T21645]  __netif_receive_skb_core+0x7b7/0x2f90
[ 1361.465131][T21645]  ? __pfx___skb_flow_dissect+0x10/0x10
[ 1361.465143][T21645]  ? kernel_text_address+0xa5/0xe0
[ 1361.465157][T21645]  ? __kernel_text_address+0xd/0x40
[ 1361.465169][T21645]  ? unwind_get_return_address+0x4d/0x90
[ 1361.465181][T21645]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1361.465196][T21645]  ? arch_stack_walk+0xfc/0x150
[ 1361.465211][T21645]  ? __pfx___netif_receive_skb_core+0x10/0x10
[ 1361.465222][T21645]  ? stack_trace_save+0x9c/0xe0
[ 1361.465236][T21645]  ? stack_depot_save_flags+0x40/0x850
[ 1361.465260][T21645]  ? netif_receive_skb+0x105/0x750
[ 1361.465275][T21645]  ? netif_receive_skb+0x105/0x750
[ 1361.465289][T21645]  __netif_receive_skb+0x72/0x380
[ 1361.465301][T21645]  ? netif_receive_skb+0x105/0x750
[ 1361.465314][T21645]  netif_receive_skb+0x1bb/0x750
[ 1361.465327][T21645]  ? __pfx___local_bh_disable_ip+0x10/0x10
[ 1361.465338][T21645]  ? __pfx_netif_receive_skb+0x10/0x10
[ 1361.465354][T21645]  ? tun_rx_batched+0x160/0x730
[ 1361.465368][T21645]  tun_rx_batched+0x1b9/0x730
[ 1361.465382][T21645]  ? __pfx_tun_rx_batched+0x10/0x10
[ 1361.465395][T21645]  ? tun_get_user+0x266d/0x3dc0
[ 1361.465412][T21645]  ? tun_get_user+0x266d/0x3dc0
[ 1361.465430][T21645]  tun_get_user+0x2aa3/0x3dc0
[ 1361.465453][T21645]  ? tun_get_user+0x6fc/0x3dc0
[ 1361.465481][T21645]  ? aa_file_perm+0x44c/0x1530
[ 1361.465502][T21645]  ? __pfx_tun_get_user+0x10/0x10
[ 1361.465523][T21645]  ? __lock_acquire+0x6b6/0x2cf0
[ 1361.465543][T21645]  ? kstrtoull+0x12f/0x1d0
[ 1361.465581][T21645]  ? ref_tracker_alloc+0x318/0x460
[ 1361.465602][T21645]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1361.465624][T21645]  ? tun_get+0x1c/0x2f0
[ 1361.465648][T21645]  ? tun_get+0x1c/0x2f0
[ 1361.465666][T21645]  ? tun_get+0x1c/0x2f0
[ 1361.465690][T21645]  tun_chr_write_iter+0x113/0x200
[ 1361.465714][T21645]  vfs_write+0x5c9/0xb30
[ 1361.465729][T21645]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1361.465741][T21645]  ? __pfx_vfs_write+0x10/0x10
[ 1361.465755][T21645]  ? __fget_files+0x2a/0x420
[ 1361.465772][T21645]  ksys_write+0x145/0x250
[ 1361.465782][T21645]  ? __pfx_ksys_write+0x10/0x10
[ 1361.465793][T21645]  ? do_syscall_64+0xbe/0xf80
[ 1361.465806][T21645]  do_syscall_64+0xfa/0xf80
[ 1361.465819][T21645]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1361.465829][T21645]  ? clear_bhb_loop+0x60/0xb0
[ 1361.465844][T21645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1361.465861][T21645] RIP: 0033:0x7fda8a98e1ff
[ 1361.465878][T21645] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1361.465893][T21645] RSP: 002b:00007fda8b80e000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1361.465912][T21645] RAX: ffffffffffffffda RBX: 00007fda8abe5fa0 RCX: 00007fda8a98e1ff
[ 1361.465926][T21645] RDX: 000000000000002a RSI: 0000200000000340 RDI: 00000000000000c8
[ 1361.465935][T21645] RBP: 00007fda8b80e090 R08: 0000000000000000 R09: 0000000000000000
[ 1361.465942][T21645] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[ 1361.465948][T21645] R13: 00007fda8abe6038 R14: 00007fda8abe5fa0 R15: 00007fda8ad0fa28
[ 1361.465964][T21645]  </TASK>
[ 1361.947211][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1361.953342][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[ 1361.974010][ T5843] Bluetooth: hci1: command 0x0406 tx timeout
[ 1362.069055][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.075710][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.602749][   T30] audit: type=1800 audit(1766109370.728:1321): pid=21658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4306" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 1363.790793][T21674] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4311'.
[ 1363.996587][T16448] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1364.421928][T21690] tipc: Cannot configure node identity twice
[ 1365.314173][   T30] audit: type=1326 audit(1766109373.448:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21715 comm="syz.2.4320" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f70edd8f749 code=0x0
[ 1366.075820][T16448] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1367.027068][T21756] binder: 21755:21756 ioctl c0306201 0 returned -14
[ 1367.035221][T21756] binder: 21755:21756 ioctl c0306201 200000000280 returned -14
[ 1367.308578][T21766] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4330'.
[ 1367.611377][T21774] netlink: 'syz.4.4332': attribute type 17 has an invalid length.
[ 1367.653295][T21774] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4332'.
[ 1367.771218][T21774] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4332'.
[ 1367.898773][T21774] gretap0: entered promiscuous mode
[ 1367.935465][T21774] gretap0: left promiscuous mode
[ 1369.695883][T21813] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[ 1370.256306][   T30] audit: type=1326 audit(1766109378.388:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1370.304194][   T30] audit: type=1326 audit(1766109378.388:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1370.360027][   T30] audit: type=1326 audit(1766109378.388:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1370.456238][   T30] audit: type=1326 audit(1766109378.388:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1370.522732][   T30] audit: type=1326 audit(1766109378.388:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1370.785342][   T30] audit: type=1326 audit(1766109378.388:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1370.809413][   T30] audit: type=1326 audit(1766109378.388:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1370.988434][   T30] audit: type=1326 audit(1766109378.388:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1371.011169][   T30] audit: type=1326 audit(1766109378.388:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1371.073298][   T30] audit: type=1326 audit(1766109378.388:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1371.313757][   T30] audit: type=1326 audit(1766109378.388:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1371.360058][   T30] audit: type=1326 audit(1766109378.388:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21823 comm="syz.2.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1373.035717][   T24] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[ 1373.215627][   T24] usb 4-1: Using ep0 maxpacket: 16
[ 1373.241214][   T24] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 110, changing to 10
[ 1373.293353][   T24] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 16
[ 1373.326698][   T24] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1373.462282][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1373.488778][   T24] usb 4-1: Product: а
[ 1373.503545][   T24] usb 4-1: Manufacturer: ﲾ끖Ȗ놛䇲술ꓖⰣ缒轸졷
[ 1373.542015][   T24] usb 4-1: SerialNumber: ఁ
[ 1373.625703][ T5971] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1373.891227][ T5971] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1373.904987][ T5971] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1373.919555][ T5971] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1373.929376][ T5971] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1373.944344][ T5971] usb 3-1: SerialNumber: syz
[ 1374.002151][T21892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1374.123947][T21892] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1374.162567][T21892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1374.173100][T21892] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1374.186428][T21876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1374.197112][T21876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1374.221658][T21876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4352'.
[ 1374.290123][T21876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4352'.
[ 1374.447755][ T5971] usb 3-1: 0:2 : does not exist
[ 1374.462911][ T5971] usb 3-1: unit 5: unexpected type 0x03
[ 1374.473872][T21908] netlink: 'syz.0.4358': attribute type 23 has an invalid length.
[ 1374.545029][ T5971] usb 3-1: USB disconnect, device number 108
[ 1375.094594][T21915] FAULT_INJECTION: forcing a failure.
[ 1375.094594][T21915] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1375.128101][T21915] CPU: 1 UID: 0 PID: 21915 Comm: syz.0.4359 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1375.128123][T21915] Tainted: [L]=SOFTLOCKUP
[ 1375.128127][T21915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1375.128133][T21915] Call Trace:
[ 1375.128139][T21915]  <TASK>
[ 1375.128146][T21915]  dump_stack_lvl+0x189/0x250
[ 1375.128163][T21915]  ? __pfx____ratelimit+0x10/0x10
[ 1375.128175][T21915]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1375.128194][T21915]  ? __pfx__printk+0x10/0x10
[ 1375.128229][T21915]  should_fail_ex+0x414/0x560
[ 1375.128251][T21915]  _copy_from_user+0x2d/0xb0
[ 1375.128264][T21915]  __copy_msghdr+0x3c5/0x5b0
[ 1375.128279][T21915]  ___sys_sendmsg+0x1a5/0x2a0
[ 1375.128292][T21915]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1375.128320][T21915]  ? __fget_files+0x2a/0x420
[ 1375.128332][T21915]  ? __fget_files+0x3a0/0x420
[ 1375.128349][T21915]  __sys_sendmmsg+0x227/0x430
[ 1375.128363][T21915]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1375.128379][T21915]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1375.128404][T21915]  ? ksys_write+0x22a/0x250
[ 1375.128415][T21915]  ? __pfx_ksys_write+0x10/0x10
[ 1375.128428][T21915]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1375.128440][T21915]  do_syscall_64+0xfa/0xf80
[ 1375.128451][T21915]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1375.128463][T21915]  ? clear_bhb_loop+0x60/0xb0
[ 1375.128474][T21915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1375.128484][T21915] RIP: 0033:0x7f570318f749
[ 1375.128495][T21915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1375.128504][T21915] RSP: 002b:00007f570407b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1375.128516][T21915] RAX: ffffffffffffffda RBX: 00007f57033e5fa0 RCX: 00007f570318f749
[ 1375.128524][T21915] RDX: 0000000000000001 RSI: 0000200000002800 RDI: 0000000000000003
[ 1375.128530][T21915] RBP: 00007f570407b090 R08: 0000000000000000 R09: 0000000000000000
[ 1375.128537][T21915] R10: 0000000004000804 R11: 0000000000000246 R12: 0000000000000001
[ 1375.128543][T21915] R13: 00007f57033e6038 R14: 00007f57033e5fa0 R15: 00007f570350fa28
[ 1375.128559][T21915]  </TASK>
[ 1375.150856][T21917] FAULT_INJECTION: forcing a failure.
[ 1375.150856][T21917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1375.545892][T21917] CPU: 1 UID: 0 PID: 21917 Comm: syz.2.4360 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1375.545923][T21917] Tainted: [L]=SOFTLOCKUP
[ 1375.545929][T21917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1375.545940][T21917] Call Trace:
[ 1375.545951][T21917]  <TASK>
[ 1375.545960][T21917]  dump_stack_lvl+0x189/0x250
[ 1375.545985][T21917]  ? __pfx____ratelimit+0x10/0x10
[ 1375.546002][T21917]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1375.546023][T21917]  ? __pfx__printk+0x10/0x10
[ 1375.546047][T21917]  ? __might_fault+0xb0/0x130
[ 1375.546083][T21917]  should_fail_ex+0x414/0x560
[ 1375.546112][T21917]  _copy_from_iter+0x1cd/0x1630
[ 1375.546136][T21917]  ? __build_skb_around+0x22d/0x3c0
[ 1375.546160][T21917]  ? __pfx__copy_from_iter+0x10/0x10
[ 1375.546177][T21917]  ? __alloc_skb+0x2f1/0x430
[ 1375.546198][T21917]  ? __pfx___alloc_skb+0x10/0x10
[ 1375.546219][T21917]  ? netlink_sendmsg+0x642/0xb30
[ 1375.546239][T21917]  ? skb_put+0x11b/0x210
[ 1375.546261][T21917]  netlink_sendmsg+0x6b2/0xb30
[ 1375.546290][T21917]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1375.546314][T21917]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1375.546346][T21917]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1375.546364][T21917]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1375.546387][T21917]  __sock_sendmsg+0x21c/0x270
[ 1375.546415][T21917]  ____sys_sendmsg+0x505/0x820
[ 1375.546441][T21917]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1375.546471][T21917]  ? import_iovec+0x74/0xa0
[ 1375.546495][T21917]  ___sys_sendmsg+0x21f/0x2a0
[ 1375.546519][T21917]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1375.546546][T21917]  ? rcu_read_lock_any_held+0xb3/0x120
[ 1375.546594][T21917]  ? __fget_files+0x2a/0x420
[ 1375.546614][T21917]  ? __fget_files+0x3a0/0x420
[ 1375.546644][T21917]  __x64_sys_sendmsg+0x19b/0x260
[ 1375.546669][T21917]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1375.546699][T21917]  ? __pfx_ksys_write+0x10/0x10
[ 1375.546721][T21917]  ? do_syscall_64+0xbe/0xf80
[ 1375.546744][T21917]  do_syscall_64+0xfa/0xf80
[ 1375.546763][T21917]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1375.546781][T21917]  ? clear_bhb_loop+0x60/0xb0
[ 1375.546803][T21917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1375.546820][T21917] RIP: 0033:0x7f70edd8f749
[ 1375.546837][T21917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1375.546852][T21917] RSP: 002b:00007f70eeb91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1375.546871][T21917] RAX: ffffffffffffffda RBX: 00007f70edfe5fa0 RCX: 00007f70edd8f749
[ 1375.546885][T21917] RDX: 0000000020004804 RSI: 0000200000000000 RDI: 0000000000000004
[ 1375.546898][T21917] RBP: 00007f70eeb91090 R08: 0000000000000000 R09: 0000000000000000
[ 1375.546910][T21917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1375.546921][T21917] R13: 00007f70edfe6038 R14: 00007f70edfe5fa0 R15: 00007f70ee10fa28
[ 1375.546951][T21917]  </TASK>
[ 1375.901766][   T24] cdc_ncm 4-1:1.0: bind() failure
[ 1375.910467][   T24] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[ 1375.917413][   T24] cdc_ncm 4-1:1.1: bind() failure
[ 1375.926131][   T24] usb 4-1: USB disconnect, device number 124
[ 1377.345648][ T5971] usb 5-1: new full-speed USB device number 103 using dummy_hcd
[ 1377.489884][   T24] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1377.569058][T21951] FAULT_INJECTION: forcing a failure.
[ 1377.569058][T21951] name failslab, interval 1, probability 0, space 0, times 0
[ 1377.587275][T21951] CPU: 1 UID: 0 PID: 21951 Comm: syz.0.4370 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1377.587303][T21951] Tainted: [L]=SOFTLOCKUP
[ 1377.587310][T21951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1377.587321][T21951] Call Trace:
[ 1377.587330][T21951]  <TASK>
[ 1377.587338][T21951]  dump_stack_lvl+0x189/0x250
[ 1377.587365][T21951]  ? __pfx____ratelimit+0x10/0x10
[ 1377.587384][T21951]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1377.587404][T21951]  ? __pfx__printk+0x10/0x10
[ 1377.587434][T21951]  ? __pfx___might_resched+0x10/0x10
[ 1377.587458][T21951]  should_fail_ex+0x414/0x560
[ 1377.587489][T21951]  should_failslab+0xa8/0x100
[ 1377.587512][T21951]  __kmalloc_noprof+0xdf/0x800
[ 1377.587529][T21951]  ? kfree+0x4d/0x660
[ 1377.587549][T21951]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1377.587578][T21951]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1377.587602][T21951]  ? tomoyo_domain+0xd8/0x130
[ 1377.587630][T21951]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1377.587650][T21951]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1377.587671][T21951]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1377.587707][T21951]  ? __mutex_unlock_slowpath+0x1a1/0x730
[ 1377.587745][T21951]  ? __fget_files+0x2a/0x420
[ 1377.587777][T21951]  ? __fget_files+0x3a0/0x420
[ 1377.587796][T21951]  ? __fget_files+0x2a/0x420
[ 1377.587820][T21951]  security_file_ioctl+0xcb/0x2d0
[ 1377.587841][T21951]  __se_sys_ioctl+0x47/0x170
[ 1377.587861][T21951]  do_syscall_64+0xfa/0xf80
[ 1377.587881][T21951]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1377.587905][T21951]  ? clear_bhb_loop+0x60/0xb0
[ 1377.587925][T21951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1377.587941][T21951] RIP: 0033:0x7f570318f749
[ 1377.587958][T21951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1377.587973][T21951] RSP: 002b:00007f570407b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1377.587993][T21951] RAX: ffffffffffffffda RBX: 00007f57033e5fa0 RCX: 00007f570318f749
[ 1377.588006][T21951] RDX: 0000200000000400 RSI: 00000000c008561c RDI: 0000000000000003
[ 1377.588018][T21951] RBP: 00007f570407b090 R08: 0000000000000000 R09: 0000000000000000
[ 1377.588027][T21951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1377.588038][T21951] R13: 00007f57033e6038 R14: 00007f57033e5fa0 R15: 00007f570350fa28
[ 1377.588071][T21951]  </TASK>
[ 1377.588149][T21951] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1377.730315][ T5971] usb 5-1: config 201 has an invalid interface number: 249 but max is 0
[ 1377.787812][   T24] usb 6-1: config 7 descriptor has 1 excess byte, ignoring
[ 1377.870084][ T5971] usb 5-1: config 201 has no interface number 0
[ 1377.897740][ T5971] usb 5-1: config 201 interface 249 altsetting 4 has an endpoint descriptor with address 0xF1, changing to 0x81
[ 1377.945687][   T24] usb 6-1: config 7 has 1 interface, different from the descriptor's value: 2
[ 1377.946177][ T5971] usb 5-1: config 201 interface 249 altsetting 4 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[ 1378.022794][ T5971] usb 5-1: config 201 interface 249 has no altsetting 0
[ 1378.039929][ T5971] usb 5-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[ 1378.042563][   T24] usb 6-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 7.84
[ 1378.051946][ T5971] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1378.073843][ T5971] usb 5-1: Product: syz
[ 1378.080770][ T5971] usb 5-1: Manufacturer: syz
[ 1378.085991][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1378.096669][   T24] usb 6-1: Product: syz
[ 1378.104060][   T24] usb 6-1: Manufacturer: syz
[ 1378.125627][ T5971] usb 5-1: SerialNumber: syz
[ 1378.132582][   T24] usb 6-1: SerialNumber: syz
[ 1378.166577][   T24] rndis_host 6-1:7.0: skipping garbage
[ 1378.187607][   T24] usb 6-1: bad CDC descriptors
[ 1378.213224][   T24] option 6-1:7.0: GSM modem (1-port) converter detected
[ 1378.352887][T21947] netlink: 88 bytes leftover after parsing attributes in process `syz.4.4369'.
[ 1378.362481][   T24] usb 6-1: USB disconnect, device number 2
[ 1378.363947][   T24] option 6-1:7.0: device disconnected
[ 1378.431142][T21963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1378.483073][T21963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1378.520979][T21966] FAULT_INJECTION: forcing a failure.
[ 1378.520979][T21966] name failslab, interval 1, probability 0, space 0, times 0
[ 1378.555856][T21966] CPU: 1 UID: 0 PID: 21966 Comm: syz.3.4376 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1378.555884][T21966] Tainted: [L]=SOFTLOCKUP
[ 1378.555896][T21966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1378.555906][T21966] Call Trace:
[ 1378.555914][T21966]  <TASK>
[ 1378.555923][T21966]  dump_stack_lvl+0x189/0x250
[ 1378.555954][T21966]  ? __pfx____ratelimit+0x10/0x10
[ 1378.555973][T21966]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1378.555994][T21966]  ? __pfx__printk+0x10/0x10
[ 1378.556019][T21966]  ? __lock_acquire+0x6b6/0x2cf0
[ 1378.556046][T21966]  should_fail_ex+0x414/0x560
[ 1378.556076][T21966]  should_failslab+0xa8/0x100
[ 1378.556098][T21966]  kmem_cache_alloc_noprof+0x88/0x710
[ 1378.556121][T21966]  ? __netlink_lookup+0xbd/0x8a0
[ 1378.556144][T21966]  ? skb_clone+0x212/0x3a0
[ 1378.556169][T21966]  skb_clone+0x212/0x3a0
[ 1378.556200][T21966]  __netlink_deliver_tap+0x404/0x850
[ 1378.556231][T21966]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1378.556257][T21966]  netlink_deliver_tap+0x19c/0x1b0
[ 1378.556280][T21966]  netlink_unicast+0x7fa/0x9e0
[ 1378.556308][T21966]  ? __pfx_netlink_unicast+0x10/0x10
[ 1378.556336][T21966]  ? netlink_sendmsg+0x642/0xb30
[ 1378.556359][T21966]  ? skb_put+0x11b/0x210
[ 1378.556381][T21966]  netlink_sendmsg+0x805/0xb30
[ 1378.556412][T21966]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1378.556438][T21966]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1378.556461][T21966]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1378.556478][T21966]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1378.556501][T21966]  __sock_sendmsg+0x21c/0x270
[ 1378.556527][T21966]  __sys_sendto+0x3bd/0x520
[ 1378.556550][T21966]  ? __pfx___sys_sendto+0x10/0x10
[ 1378.556566][T21966]  ? __mutex_unlock_slowpath+0x1a1/0x730
[ 1378.556598][T21966]  ? __fget_files+0x3a0/0x420
[ 1378.556630][T21966]  ? ksys_write+0x22a/0x250
[ 1378.556650][T21966]  ? __pfx_ksys_write+0x10/0x10
[ 1378.556671][T21966]  __x64_sys_sendto+0xde/0x100
[ 1378.556694][T21966]  do_syscall_64+0xfa/0xf80
[ 1378.556714][T21966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1378.556732][T21966]  ? clear_bhb_loop+0x60/0xb0
[ 1378.556754][T21966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1378.556791][T21966] RIP: 0033:0x7fda6a58f749
[ 1378.556808][T21966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1378.556822][T21966] RSP: 002b:00007fda6b382038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1378.556841][T21966] RAX: ffffffffffffffda RBX: 00007fda6a7e5fa0 RCX: 00007fda6a58f749
[ 1378.556854][T21966] RDX: 000000000000004c RSI: 0000200000000080 RDI: 0000000000000004
[ 1378.556866][T21966] RBP: 00007fda6b382090 R08: 0000000000000000 R09: 0000000000000000
[ 1378.556878][T21966] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[ 1378.556890][T21966] R13: 00007fda6a7e6038 R14: 00007fda6a7e5fa0 R15: 00007fda6a90fa28
[ 1378.556921][T21966]  </TASK>
[ 1379.100823][ T5971] ath6kl: Failed to submit usb control message: -71
[ 1379.206263][ T5971] ath6kl: unable to send the bmi data to the device: -71
[ 1379.214711][ T5971] ath6kl: Unable to send get target info: -71
[ 1379.249245][ T5971] ath6kl: Failed to init ath6kl core: -71
[ 1379.278908][T21975] FAULT_INJECTION: forcing a failure.
[ 1379.278908][T21975] name failslab, interval 1, probability 0, space 0, times 0
[ 1379.280851][ T5971] ath6kl_usb 5-1:201.249: probe with driver ath6kl_usb failed with error -71
[ 1379.291770][T21975] CPU: 1 UID: 0 PID: 21975 Comm: syz.3.4379 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1379.291801][T21975] Tainted: [L]=SOFTLOCKUP
[ 1379.291808][T21975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1379.291819][T21975] Call Trace:
[ 1379.291828][T21975]  <TASK>
[ 1379.291836][T21975]  dump_stack_lvl+0x189/0x250
[ 1379.291865][T21975]  ? __pfx____ratelimit+0x10/0x10
[ 1379.291885][T21975]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1379.291904][T21975]  ? __pfx__printk+0x10/0x10
[ 1379.291939][T21975]  should_fail_ex+0x414/0x560
[ 1379.291968][T21975]  should_failslab+0xa8/0x100
[ 1379.291989][T21975]  kmem_cache_alloc_noprof+0x88/0x710
[ 1379.292016][T21975]  ? skb_clone+0x212/0x3a0
[ 1379.292041][T21975]  skb_clone+0x212/0x3a0
[ 1379.292058][T21975]  ? packet_rcv_spkt+0x117/0x5c0
[ 1379.292084][T21975]  packet_rcv_spkt+0x139/0x5c0
[ 1379.292111][T21975]  __netif_receive_skb_core+0x7b7/0x2f90
[ 1379.292133][T21975]  ? __pfx___skb_flow_dissect+0x10/0x10
[ 1379.292153][T21975]  ? kernel_text_address+0xa5/0xe0
[ 1379.292184][T21975]  ? __kernel_text_address+0xd/0x40
[ 1379.292205][T21975]  ? unwind_get_return_address+0x4d/0x90
[ 1379.292227][T21975]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1379.292256][T21975]  ? arch_stack_walk+0xfc/0x150
[ 1379.292285][T21975]  ? __pfx___netif_receive_skb_core+0x10/0x10
[ 1379.292302][T21975]  ? stack_trace_save+0x9c/0xe0
[ 1379.292328][T21975]  ? stack_depot_save_flags+0x40/0x850
[ 1379.292364][T21975]  ? netif_receive_skb+0x105/0x750
[ 1379.292389][T21975]  ? netif_receive_skb+0x105/0x750
[ 1379.292416][T21975]  __netif_receive_skb+0x72/0x380
[ 1379.292437][T21975]  ? netif_receive_skb+0x105/0x750
[ 1379.292457][T21975]  netif_receive_skb+0x1bb/0x750
[ 1379.292481][T21975]  ? __pfx___local_bh_disable_ip+0x10/0x10
[ 1379.292500][T21975]  ? __pfx_netif_receive_skb+0x10/0x10
[ 1379.292528][T21975]  ? tun_rx_batched+0x160/0x730
[ 1379.292552][T21975]  tun_rx_batched+0x1b9/0x730
[ 1379.292578][T21975]  ? __pfx_tun_rx_batched+0x10/0x10
[ 1379.292601][T21975]  ? tun_get_user+0x266d/0x3dc0
[ 1379.292631][T21975]  ? tun_get_user+0x266d/0x3dc0
[ 1379.292650][T21975]  tun_get_user+0x2aa3/0x3dc0
[ 1379.292674][T21975]  ? tun_get_user+0x6fc/0x3dc0
[ 1379.292705][T21975]  ? aa_file_perm+0x44c/0x1530
[ 1379.292729][T21975]  ? __pfx_tun_get_user+0x10/0x10
[ 1379.292750][T21975]  ? __lock_acquire+0x6b6/0x2cf0
[ 1379.292776][T21975]  ? kstrtoull+0x12f/0x1d0
[ 1379.292810][T21975]  ? ref_tracker_alloc+0x318/0x460
[ 1379.292830][T21975]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1379.292852][T21975]  ? tun_get+0x1c/0x2f0
[ 1379.292878][T21975]  ? tun_get+0x1c/0x2f0
[ 1379.292896][T21975]  ? tun_get+0x1c/0x2f0
[ 1379.292920][T21975]  tun_chr_write_iter+0x113/0x200
[ 1379.292943][T21975]  vfs_write+0x5c9/0xb30
[ 1379.292968][T21975]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1379.292989][T21975]  ? __pfx_vfs_write+0x10/0x10
[ 1379.293017][T21975]  ? __fget_files+0x2a/0x420
[ 1379.293048][T21975]  ksys_write+0x145/0x250
[ 1379.293069][T21975]  ? __pfx_ksys_write+0x10/0x10
[ 1379.293090][T21975]  ? do_syscall_64+0xbe/0xf80
[ 1379.293113][T21975]  do_syscall_64+0xfa/0xf80
[ 1379.293133][T21975]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1379.293151][T21975]  ? clear_bhb_loop+0x60/0xb0
[ 1379.293180][T21975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1379.293198][T21975] RIP: 0033:0x7fda6a58e1ff
[ 1379.293217][T21975] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1379.293232][T21975] RSP: 002b:00007fda6b382000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1379.293254][T21975] RAX: ffffffffffffffda RBX: 00007fda6a7e5fa0 RCX: 00007fda6a58e1ff
[ 1379.293268][T21975] RDX: 000000000000002a RSI: 0000200000000340 RDI: 00000000000000c8
[ 1379.293280][T21975] RBP: 00007fda6b382090 R08: 0000000000000000 R09: 0000000000000000
[ 1379.293292][T21975] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[ 1379.293303][T21975] R13: 00007fda6a7e6038 R14: 00007fda6a7e5fa0 R15: 00007fda6a90fa28
[ 1379.293334][T21975]  </TASK>
[ 1380.346665][ T5971] usb 5-1: USB disconnect, device number 103
[ 1380.586543][   T30] kauditd_printk_skb: 29 callbacks suppressed
[ 1380.586562][   T30] audit: type=1326 audit(1766109388.608:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21981 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6a58f749 code=0x7ffc0000
[ 1380.796388][   T30] audit: type=1326 audit(1766109388.608:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21981 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fda6a58f749 code=0x7ffc0000
[ 1380.876693][   T30] audit: type=1326 audit(1766109388.608:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21981 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6a58f749 code=0x7ffc0000
[ 1381.070280][   T30] audit: type=1326 audit(1766109388.608:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21981 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fda6a58f749 code=0x7ffc0000
[ 1381.195646][   T30] audit: type=1326 audit(1766109388.608:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21981 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6a58f749 code=0x7ffc0000
[ 1381.280165][T22001] pimreg: entered allmulticast mode
[ 1381.286806][   T30] audit: type=1326 audit(1766109388.608:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21981 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fda6a58f749 code=0x7ffc0000
[ 1381.326151][T22001] pimreg: left allmulticast mode
[ 1381.340383][T22007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1381.349672][T22007] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1381.362845][T22007] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4389'.
[ 1381.391792][   T30] audit: type=1326 audit(1766109388.608:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21981 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6a58f749 code=0x7ffc0000
[ 1381.394127][T22009] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1381.451832][   T30] audit: type=1326 audit(1766109388.608:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21981 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda6a58f749 code=0x7ffc0000
[ 1381.452976][T22009] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1381.488844][T22007] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.4389'.
[ 1381.503757][T22007] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1381.513992][T22007] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.4389'.
[ 1381.523635][T22007] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1381.526123][   T30] audit: type=1326 audit(1766109388.608:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21981 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6a58f749 code=0x7ffc0000
[ 1381.532054][T22007] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.4389'.
[ 1381.565604][ T5971] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[ 1381.603846][   T30] audit: type=1326 audit(1766109388.618:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21981 comm="syz.3.4382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fda6a58f749 code=0x7ffc0000
[ 1381.603903][T22007] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1381.656077][T22007] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.4389'.
[ 1381.671430][T22007] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1381.679973][T22007] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.4389'.
[ 1381.690622][T22007] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1381.700022][T22007] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.4389'.
[ 1381.715816][T22007] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1381.736419][ T5971] usb 5-1: Using ep0 maxpacket: 8
[ 1381.743790][ T5971] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1381.744101][T22007] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.4389'.
[ 1381.754328][ T5971] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1381.773509][T22007] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1381.773801][T22007] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.4389'.
[ 1381.792437][ T5971] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1381.804847][ T5971] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1381.808340][T22007] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1381.820083][ T5971] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1381.826684][T22007] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.4389'.
[ 1381.836670][ T5971] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1381.845638][T22007] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1381.861666][T22007] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1381.927054][ T6185] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[ 1382.035631][   T24] usb 4-1: new high-speed USB device number 125 using dummy_hcd
[ 1382.059713][ T5971] usb 5-1: GET_CAPABILITIES returned 0
[ 1382.065351][ T5971] usbtmc 5-1:16.0: can't read capabilities
[ 1382.085708][ T6185] usb 3-1: Using ep0 maxpacket: 32
[ 1382.092561][ T6185] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1382.103683][ T6185] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1382.114630][ T6185] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1382.125196][ T6185] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1382.137142][ T6185] usb 3-1: config 0 descriptor??
[ 1382.145018][ T6185] hub 3-1:0.0: USB hub found
[ 1382.185881][   T24] usb 4-1: Using ep0 maxpacket: 16
[ 1382.199935][   T24] usb 4-1: config 166 has an invalid interface number: 177 but max is 1
[ 1382.210138][   T24] usb 4-1: config 166 has an invalid interface number: 34 but max is 1
[ 1382.219932][   T24] usb 4-1: config 166 has no interface number 0
[ 1382.228695][   T24] usb 4-1: config 166 has no interface number 1
[ 1382.235116][   T24] usb 4-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[ 1382.246404][   T24] usb 4-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[ 1382.257809][   T24] usb 4-1: config 166 interface 34 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[ 1382.275568][   T24] usb 4-1: config 166 interface 34 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1382.289380][   T24] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[ 1382.301074][   T24] usb 4-1: config 166 interface 34 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[ 1382.311555][   T24] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1382.322993][   T24] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1382.333079][   T24] usb 4-1: config 166 interface 34 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[ 1382.346957][   T24] usb 4-1: config 166 interface 177 has no altsetting 0
[ 1382.353192][T22012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1382.366632][T16448] Bluetooth: hci4: unexpected event 0x2f length: 1017 > 260
[ 1382.366998][   T24] usb 4-1: config 166 interface 34 has no altsetting 0
[ 1382.368591][T22012] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1382.376741][   T24] usb 4-1: New USB device found, idVendor=0bda, idProduct=0138, bcdDevice=30.12
[ 1382.418760][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1382.427354][   T24] usb 4-1: Product: syz
[ 1382.432623][   T24] usb 4-1: Manufacturer: syz
[ 1382.437570][   T24] usb 4-1: SerialNumber: syz
[ 1382.442871][ T6185] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[ 1382.458479][ T5971] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1382.491497][ T6185] usbhid 3-1:0.0: can't add hid device: -71
[ 1382.497890][ T6185] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1382.526648][ T6185] usb 3-1: USB disconnect, device number 109
[ 1382.615590][ T5971] usb 6-1: Using ep0 maxpacket: 16
[ 1382.637281][ T5971] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1382.656830][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.663425][ T5971] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1382.666216][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.681402][ T5971] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1382.685013][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.693863][ T5971] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1382.702218][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.710430][ T5971] usb 6-1: Product: syz
[ 1382.719331][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.723658][ T5971] usb 6-1: Manufacturer: syz
[ 1382.732412][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.759372][   T24] ums-realtek 4-1:166.177: USB Mass Storage device detected
[ 1382.768301][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.777369][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.786447][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.795475][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.808514][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.823346][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.832451][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.841591][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.851825][ T5971] usb 6-1: SerialNumber: syz
[ 1382.861523][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.870594][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1382.925094][   T24] ums-realtek 4-1:166.34: USB Mass Storage device detected
[ 1383.747512][ T5971] usb 6-1: 0:2 : does not exist
[ 1383.757145][ T5971] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[ 1383.811225][ T5971] usb 6-1: USB disconnect, device number 3
[ 1384.047511][T19700] udevd[19700]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1384.331184][ T6185] usb 5-1: USB disconnect, device number 104
[ 1385.346321][   T24] ums-realtek 4-1:166.34: probe with driver ums-realtek failed with error -5
[ 1385.376623][ T5971] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[ 1385.377867][   T24] uvcvideo 4-1:166.34: Found UVC 0.00 device syz (0bda:0138)
[ 1385.405615][   T24] uvcvideo 4-1:166.34: No valid video chain found.
[ 1385.445442][   T24] usb 4-1: USB disconnect, device number 125
[ 1385.555858][ T5971] usb 3-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[ 1385.565106][ T5971] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1385.591754][ T5971] usb 3-1: Product: syz
[ 1385.606367][ T5971] usb 3-1: Manufacturer: syz
[ 1385.611887][ T5971] usb 3-1: SerialNumber: syz
[ 1385.705638][T10403] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[ 1385.735633][ T5971] usb 3-1: config 0 descriptor??
[ 1385.778230][ T5971] i2c-tiny-usb 3-1:0.0: version 6d.cc found at bus 003 address 110
[ 1385.858468][T10403] usb 6-1: config 7 has an invalid interface number: 252 but max is 0
[ 1385.889186][T10403] usb 6-1: config 7 has no interface number 0
[ 1385.898820][T10403] usb 6-1: config 7 interface 252 altsetting 8 endpoint 0xF has an invalid bInterval 232, changing to 4
[ 1385.931025][T10403] usb 6-1: config 7 interface 252 altsetting 8 endpoint 0xF has invalid maxpacket 64, setting to 0
[ 1385.954350][T10403] usb 6-1: config 7 interface 252 has no altsetting 0
[ 1385.971840][T10403] usb 6-1: string descriptor 0 read error: -22
[ 1386.011541][T10403] usb 6-1: New USB device found, idVendor=0681, idProduct=0005, bcdDevice=56.c0
[ 1386.030492][T10403] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1386.087841][T10403] idmouse 6-1:7.252: Unable to find bulk-in endpoint.
[ 1386.139220][T22079] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1386.154220][T22079] binder: 22078:22079 ioctl 40046205 0 returned -22
[ 1386.209768][T22063] netem: change failed
[ 1386.416787][ T5971] i2c i2c-2: failure reading functionality
[ 1386.445460][ T5971] i2c i2c-2: connected i2c-tiny-usb device
[ 1386.873297][   T24] usb 3-1: USB disconnect, device number 110
[ 1387.033492][T22092] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1387.273946][T22092] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1387.335838][T22096] usb usb8: usbfs: process 22096 (syz.5.4403) did not claim interface 0 before use
[ 1387.967342][T22111] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1388.000980][T22111] binder: 22110:22111 ioctl 40046205 0 returned -22
[ 1389.215316][T22131] __nla_validate_parse: 25 callbacks suppressed
[ 1389.215329][T22131] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4422'.
[ 1389.244946][T22131] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4422'.
[ 1389.274345][T22131] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4422'.
[ 1389.588365][ T5971] usb 6-1: USB disconnect, device number 4
[ 1389.906767][   T24] usb 4-1: new low-speed USB device number 126 using dummy_hcd
[ 1390.058173][   T24] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[ 1390.069630][   T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1390.102126][   T24] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1390.166317][   T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1390.261272][   T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1390.299316][   T24] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[ 1390.320679][   T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1390.514244][   T24] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1390.672259][   T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1390.708642][   T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1390.746596][   T24] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[ 1390.755300][   T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1390.879102][T22165] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4431'.
[ 1390.927133][   T24] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1390.961384][T22164] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4431'.
[ 1391.002509][   T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1391.251030][   T24] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1391.317321][   T24] usb 4-1: string descriptor 0 read error: -22
[ 1391.324076][   T24] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1391.344641][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1391.399128][   T24] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1391.724594][ T5971] usb 4-1: USB disconnect, device number 126
[ 1392.316131][T22188] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4437'.
[ 1392.838770][T11370] kworker/0:7 (11370) used greatest stack depth: 13768 bytes left
[ 1393.327475][ T6185] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1393.655614][ T6185] usb 6-1: Using ep0 maxpacket: 16
[ 1393.747155][ T6185] usb 6-1: config 0 has no interfaces?
[ 1393.772566][ T6185] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1393.781751][ T6185] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1393.816836][ T6185] usb 6-1: Product: syz
[ 1393.843822][ T6185] usb 6-1: Manufacturer: syz
[ 1393.884688][ T6185] usb 6-1: SerialNumber: syz
[ 1393.921200][ T6185] usb 6-1: config 0 descriptor??
[ 1394.364829][T22219] netlink: 84 bytes leftover after parsing attributes in process `syz.5.4439'.
[ 1394.469510][   T30] kauditd_printk_skb: 4 callbacks suppressed
[ 1394.469527][   T30] audit: type=1800 audit(1766109402.618:1378): pid=22222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4445" name="memory.events" dev="tmpfs" ino=1414 res=0 errno=0
[ 1394.586471][   T30] audit: type=1804 audit(1766109402.668:1379): pid=22222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.4445" name="/newroot/271/memory.events" dev="tmpfs" ino=1414 res=1 errno=0
[ 1395.600076][T20792] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1395.617305][T20792] bond0 (unregistering): Released all slaves
[ 1395.670357][T20792] bond1 (unregistering): Released all slaves
[ 1395.691172][T20792] bond2 (unregistering): Released all slaves
[ 1395.716357][T20792] bond3 (unregistering): Released all slaves
[ 1395.736871][T22239] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4450'.
[ 1395.749305][T20792] bond4 (unregistering): Released all slaves
[ 1395.846537][T22219] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1395.854027][T22219] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1395.917541][T20792] tipc: Left network mode
[ 1396.260456][T10403] usb 6-1: USB disconnect, device number 5
[ 1397.678871][T22260] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4455'.
[ 1397.761568][T22264] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4458'.
[ 1398.305782][T10403] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1398.505601][T16199] usb 5-1: new full-speed USB device number 105 using dummy_hcd
[ 1398.533035][T10403] usb 6-1: config 0 has no interfaces?
[ 1398.576457][   T30] audit: type=1326 audit(1766109406.708:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1398.703592][T10403] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1398.721128][T10403] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1398.730167][   T30] audit: type=1326 audit(1766109406.708:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1398.758988][T16199] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1398.775722][T10403] usb 6-1: Product: syz
[ 1398.780073][T16199] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1398.788467][T10403] usb 6-1: Manufacturer: syz
[ 1398.793892][T16199] usb 5-1: Product: syz
[ 1398.802494][T10403] usb 6-1: SerialNumber: syz
[ 1398.808707][T16199] usb 5-1: Manufacturer: syz
[ 1398.824160][   T30] audit: type=1326 audit(1766109406.708:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1398.849870][T10403] usb 6-1: config 0 descriptor??
[ 1398.855010][T16199] usb 5-1: SerialNumber: syz
[ 1399.009197][   T30] audit: type=1326 audit(1766109406.708:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1399.037546][T16199] usb 5-1: config 0 descriptor??
[ 1399.096914][   T30] audit: type=1326 audit(1766109406.708:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1399.324060][T16199] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1399.414055][T22260] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1399.605563][   T30] audit: type=1326 audit(1766109406.708:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1399.735779][   T30] audit: type=1326 audit(1766109406.708:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1399.823596][   T30] audit: type=1326 audit(1766109406.708:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1399.882030][   T30] audit: type=1326 audit(1766109406.708:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1399.923836][   T30] audit: type=1326 audit(1766109406.708:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1399.950411][   T30] audit: type=1326 audit(1766109406.708:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1399.980367][   T30] audit: type=1326 audit(1766109406.708:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1400.008602][   T30] audit: type=1326 audit(1766109406.708:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1400.036065][   T30] audit: type=1326 audit(1766109406.708:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1400.092039][   T30] audit: type=1326 audit(1766109406.708:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22275 comm="syz.2.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f70edd8f749 code=0x7ffc0000
[ 1400.225634][T10403] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[ 1400.331242][T16199] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[ 1400.348411][T16199] usb 5-1: USB disconnect, device number 105
[ 1400.378420][T10403] usb 4-1: Using ep0 maxpacket: 32
[ 1400.386649][T10403] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1400.428072][T10403] usb 4-1: config 0 has no interfaces?
[ 1400.446940][T10403] usb 4-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[ 1400.456427][T10403] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1400.464463][T10403] usb 4-1: Product: syz
[ 1400.471661][T10403] usb 4-1: Manufacturer: syz
[ 1400.476754][T10403] usb 4-1: SerialNumber: syz
[ 1400.487940][T10403] usb 4-1: config 0 descriptor??
[ 1400.661204][T16199] usb 6-1: USB disconnect, device number 6
[ 1400.730735][T22294] netlink: 'syz.0.4464': attribute type 2 has an invalid length.
[ 1400.770438][T22294] netlink: 'syz.0.4464': attribute type 8 has an invalid length.
[ 1400.790910][T22294] netlink: 'syz.0.4464': attribute type 9 has an invalid length.
[ 1400.823619][T22294] netlink: 'syz.0.4464': attribute type 10 has an invalid length.
[ 1400.835637][T22294] netlink: 'syz.0.4464': attribute type 11 has an invalid length.
[ 1400.865822][T22294] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4464'.
[ 1401.084983][T22304] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4470'.
[ 1401.464282][T22317] pimreg: entered allmulticast mode
[ 1401.530329][T22317] pimreg: left allmulticast mode
[ 1401.628902][T22323] netlink: 'syz.0.4475': attribute type 10 has an invalid length.
[ 1401.637375][T22323] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4475'.
[ 1401.663491][T22323] batman_adv: batadv0: Adding interface: virt_wifi0
[ 1401.675610][T16199] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[ 1401.691865][T22323] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1402.047513][T22323] batman_adv: batadv0: Interface activated: virt_wifi0
[ 1402.171799][T16199] usb 5-1: Using ep0 maxpacket: 32
[ 1402.185289][T16199] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[ 1402.202215][T16199] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1402.243997][T16199] usb 5-1: config 0 descriptor??
[ 1402.506994][T16199] dvb-usb: found a 'Elgato EyeTV DTT' in cold state, will try to load a firmware
[ 1402.542430][T16199] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1402.554494][T16199] dib0700: firmware download failed at 7 with -22
[ 1403.007567][T11967] usb 4-1: USB disconnect, device number 127
[ 1403.262480][T22344] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4483'.
[ 1404.476986][T22361] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4486'.
[ 1404.616352][T22365] netlink: 'syz.3.4487': attribute type 10 has an invalid length.
[ 1404.665597][T22365] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4487'.
[ 1404.677783][T22365] batman_adv: batadv0: Adding interface: virt_wifi0
[ 1404.765545][T22365] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1404.812514][T22369] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4488'.
[ 1404.822004][T22369] netlink: 'syz.2.4488': attribute type 5 has an invalid length.
[ 1404.850986][T22369] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4488'.
[ 1404.865828][T11967] usb 5-1: USB disconnect, device number 106
[ 1404.939519][T22365] batman_adv: batadv0: Interface activated: virt_wifi0
[ 1405.076973][T22374] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4489'.
[ 1405.369865][T22386] FAULT_INJECTION: forcing a failure.
[ 1405.369865][T22386] name failslab, interval 1, probability 0, space 0, times 0
[ 1405.398622][T22386] CPU: 1 UID: 0 PID: 22386 Comm: syz.4.4493 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1405.398649][T22386] Tainted: [L]=SOFTLOCKUP
[ 1405.398655][T22386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1405.398665][T22386] Call Trace:
[ 1405.398673][T22386]  <TASK>
[ 1405.398681][T22386]  dump_stack_lvl+0x189/0x250
[ 1405.398709][T22386]  ? __pfx____ratelimit+0x10/0x10
[ 1405.398728][T22386]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1405.398748][T22386]  ? __pfx__printk+0x10/0x10
[ 1405.398773][T22386]  ? __lock_acquire+0x6b6/0x2cf0
[ 1405.398801][T22386]  should_fail_ex+0x414/0x560
[ 1405.398832][T22386]  should_failslab+0xa8/0x100
[ 1405.398855][T22386]  kmem_cache_alloc_noprof+0x88/0x710
[ 1405.398880][T22386]  ? __netlink_lookup+0xbd/0x8a0
[ 1405.398901][T22386]  ? skb_clone+0x212/0x3a0
[ 1405.398926][T22386]  skb_clone+0x212/0x3a0
[ 1405.398948][T22386]  __netlink_deliver_tap+0x404/0x850
[ 1405.398981][T22386]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1405.399003][T22386]  netlink_deliver_tap+0x19c/0x1b0
[ 1405.399024][T22386]  netlink_unicast+0x7fa/0x9e0
[ 1405.399051][T22386]  ? __pfx_netlink_unicast+0x10/0x10
[ 1405.399072][T22386]  ? netlink_sendmsg+0x642/0xb30
[ 1405.399089][T22386]  ? skb_put+0x11b/0x210
[ 1405.399111][T22386]  netlink_sendmsg+0x805/0xb30
[ 1405.399151][T22386]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1405.399176][T22386]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1405.399201][T22386]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1405.399217][T22386]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1405.399243][T22386]  __sock_sendmsg+0x21c/0x270
[ 1405.399270][T22386]  ____sys_sendmsg+0x505/0x820
[ 1405.399296][T22386]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1405.399325][T22386]  ? import_iovec+0x74/0xa0
[ 1405.399347][T22386]  ___sys_sendmsg+0x21f/0x2a0
[ 1405.399368][T22386]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1405.399393][T22386]  ? rcu_read_lock_any_held+0xb3/0x120
[ 1405.399440][T22386]  ? __fget_files+0x2a/0x420
[ 1405.399462][T22386]  ? __fget_files+0x3a0/0x420
[ 1405.399493][T22386]  __x64_sys_sendmsg+0x19b/0x260
[ 1405.399516][T22386]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1405.399546][T22386]  ? __pfx_ksys_write+0x10/0x10
[ 1405.399567][T22386]  ? do_syscall_64+0xbe/0xf80
[ 1405.399590][T22386]  do_syscall_64+0xfa/0xf80
[ 1405.399610][T22386]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1405.399633][T22386]  ? clear_bhb_loop+0x60/0xb0
[ 1405.399655][T22386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1405.399671][T22386] RIP: 0033:0x7fda8a98f749
[ 1405.399687][T22386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1405.399703][T22386] RSP: 002b:00007fda8b80e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1405.399721][T22386] RAX: ffffffffffffffda RBX: 00007fda8abe5fa0 RCX: 00007fda8a98f749
[ 1405.399734][T22386] RDX: 0000000000000040 RSI: 0000200000000200 RDI: 0000000000000003
[ 1405.399745][T22386] RBP: 00007fda8b80e090 R08: 0000000000000000 R09: 0000000000000000
[ 1405.399756][T22386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1405.399767][T22386] R13: 00007fda8abe6038 R14: 00007fda8abe5fa0 R15: 00007fda8ad0fa28
[ 1405.399798][T22386]  </TASK>
[ 1405.775633][ T5878] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 1405.875716][T16199] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1406.005603][ T5878] usb 4-1: Using ep0 maxpacket: 32
[ 1406.042979][ T5878] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1406.063445][ T5878] usb 4-1: config 0 has no interfaces?
[ 1406.069169][T16199] usb 6-1: Using ep0 maxpacket: 32
[ 1406.075870][T16199] usb 6-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[ 1406.112940][T16199] usb 6-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[ 1406.221051][ T5878] usb 4-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[ 1406.232258][ T5878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1406.247797][T16199] usb 6-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1406.264845][ T5878] usb 4-1: Product: syz
[ 1406.273484][ T5878] usb 4-1: Manufacturer: syz
[ 1406.287859][T16199] usb 6-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[ 1406.301005][ T5878] usb 4-1: SerialNumber: syz
[ 1406.344513][T16199] usb 6-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[ 1406.364527][ T5878] usb 4-1: config 0 descriptor??
[ 1406.385758][T16199] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1406.432916][T16199] usb 6-1: Product: syz
[ 1406.439237][T16199] usb 6-1: Manufacturer: syz
[ 1406.443886][T16199] usb 6-1: SerialNumber: syz
[ 1406.490970][    C0] imon 6-1:155.0: imon usb_rx_callback_intf0: status(-71)
[ 1406.545726][T16199] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/input/input30
[ 1406.721725][T20792] hsr_slave_0: left promiscuous mode
[ 1406.934118][T16199] imon 6-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[ 1406.946112][T16199]  (id 0x00)
[ 1406.961484][T20792] hsr_slave_1: left promiscuous mode
[ 1407.038234][T20792] veth1_macvtap: left promiscuous mode
[ 1407.053044][T20792] veth0_macvtap: left promiscuous mode
[ 1407.082692][T20792] veth1_vlan: left promiscuous mode
[ 1407.101623][T20792] veth0_vlan: left promiscuous mode
[ 1407.630040][T16199] rc_core: IR keymap rc-imon-pad not found
[ 1407.645244][T16199] Registered IR keymap rc-empty
[ 1407.662076][T16199] imon 6-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[ 1407.821259][T16199] imon 6-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[ 1407.961079][T16199] imon:send_packet: packet tx failed (-71)
[ 1408.085661][T16199] imon 6-1:155.0: remote input dev register failed
[ 1408.093723][T16199] imon 6-1:155.0: imon_init_intf0: rc device setup failed
[ 1408.128130][T16199] imon 6-1:155.0: unable to initialize intf0, err 0
[ 1408.166772][T16199] imon:imon_probe: failed to initialize context!
[ 1408.211634][T16199] imon 6-1:155.0: unable to register, err -19
[ 1408.223439][ T5971] usb 4-1: USB disconnect, device number 2
[ 1408.454021][T20792] pim6reg (unregistering): left allmulticast mode
[ 1408.559002][T16199] usb 6-1: USB disconnect, device number 7
[ 1410.811751][T22416] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1410.832023][T22432] netlink: 'syz.2.4505': attribute type 32 has an invalid length.
[ 1410.840787][T22416] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1410.849453][T22432] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4505'.
[ 1410.859942][T22416] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1410.895957][T22416] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1410.913506][T22432] bond6: option coupled_control: invalid value (110)
[ 1410.922774][T22432] bond6 (unregistering): Released all slaves
[ 1410.942316][T22419] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1410.954878][T22419] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1411.225620][   T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1411.386203][   T24] usb 6-1: Using ep0 maxpacket: 16
[ 1411.400685][   T24] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1411.415371][   T24] usb 6-1: config 4 has 0 interfaces, different from the descriptor's value: 1
[ 1411.452517][   T24] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=76.fe
[ 1411.462914][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1411.471560][   T24] usb 6-1: Product: syz
[ 1411.476449][   T24] usb 6-1: Manufacturer: syz
[ 1411.481127][   T24] usb 6-1: SerialNumber: syz
[ 1411.828785][T22455] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1411.997074][T22455] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1412.735583][ T5971] usb 6-1: USB disconnect, device number 8
[ 1412.865964][T16448] Bluetooth: hci1: command 0x0406 tx timeout
[ 1412.866001][T16448] Bluetooth: hci4: command 0x0406 tx timeout
[ 1412.866042][T16448] Bluetooth: hci5: command 0x0406 tx timeout
[ 1412.948274][T21646] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1413.717391][T22498] FAULT_INJECTION: forcing a failure.
[ 1413.717391][T22498] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1414.046636][T22498] CPU: 0 UID: 0 PID: 22498 Comm: syz.4.4520 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1414.046664][T22498] Tainted: [L]=SOFTLOCKUP
[ 1414.046671][T22498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1414.046680][T22498] Call Trace:
[ 1414.046689][T22498]  <TASK>
[ 1414.046698][T22498]  dump_stack_lvl+0x189/0x250
[ 1414.046724][T22498]  ? __pfx____ratelimit+0x10/0x10
[ 1414.046742][T22498]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1414.046762][T22498]  ? __pfx__printk+0x10/0x10
[ 1414.046785][T22498]  ? __might_fault+0xb0/0x130
[ 1414.046819][T22498]  should_fail_ex+0x414/0x560
[ 1414.046849][T22498]  _copy_from_user+0x2d/0xb0
[ 1414.046872][T22498]  ___sys_sendmsg+0x158/0x2a0
[ 1414.046896][T22498]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1414.046960][T22498]  ? __fget_files+0x2a/0x420
[ 1414.046980][T22498]  ? __fget_files+0x3a0/0x420
[ 1414.047010][T22498]  __sys_sendmmsg+0x227/0x430
[ 1414.047049][T22498]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1414.047078][T22498]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1414.047114][T22498]  ? ksys_write+0x22a/0x250
[ 1414.047134][T22498]  ? __pfx_ksys_write+0x10/0x10
[ 1414.047156][T22498]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1414.047178][T22498]  do_syscall_64+0xfa/0xf80
[ 1414.047197][T22498]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1414.047215][T22498]  ? clear_bhb_loop+0x60/0xb0
[ 1414.047242][T22498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1414.047259][T22498] RIP: 0033:0x7fda8a98f749
[ 1414.047275][T22498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1414.047289][T22498] RSP: 002b:00007fda8b80e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1414.047308][T22498] RAX: ffffffffffffffda RBX: 00007fda8abe5fa0 RCX: 00007fda8a98f749
[ 1414.047321][T22498] RDX: 0000000000000001 RSI: 0000200000001440 RDI: 000000000000000a
[ 1414.047332][T22498] RBP: 00007fda8b80e090 R08: 0000000000000000 R09: 0000000000000000
[ 1414.047343][T22498] R10: 0000000000040000 R11: 0000000000000246 R12: 0000000000000001
[ 1414.047355][T22498] R13: 00007fda8abe6038 R14: 00007fda8abe5fa0 R15: 00007fda8ad0fa28
[ 1414.047384][T22498]  </TASK>
[ 1414.588790][T22507] IPVS: set_ctl: invalid protocol: 41 100.1.1.2:20002
[ 1414.615703][T16199] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 1414.894422][T22521] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4529'.
[ 1414.905567][T16199] usb 4-1: Using ep0 maxpacket: 16
[ 1414.918966][T16199] usb 4-1: config 0 has no interfaces?
[ 1414.953968][T16199] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1414.963399][T22521] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4529'.
[ 1414.981808][T16199] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1415.032010][T22521] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4529'.
[ 1415.041847][T16199] usb 4-1: Product: syz
[ 1415.050454][T16199] usb 4-1: Manufacturer: syz
[ 1415.061008][T16199] usb 4-1: SerialNumber: syz
[ 1415.084953][T16199] usb 4-1: config 0 descriptor??
[ 1415.125649][ T5971] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1415.415631][ T5971] usb 6-1: Using ep0 maxpacket: 16
[ 1415.428413][ T5971] usb 6-1: config 0 has no interfaces?
[ 1415.483627][ T5971] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1415.493085][ T5971] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1415.501292][ T5971] usb 6-1: Manufacturer: syz
[ 1415.509001][ T5971] usb 6-1: config 0 descriptor??
[ 1416.045745][   T24] usb 5-1: new full-speed USB device number 107 using dummy_hcd
[ 1416.126952][T22542] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1416.145900][T22542] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1416.167282][T22542] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1416.184816][T22542] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1416.239995][   T24] usb 5-1: config 0 has an invalid interface number: 6 but max is 0
[ 1416.250183][   T24] usb 5-1: config 0 has an invalid descriptor of length 252, skipping remainder of the config
[ 1416.266303][   T24] usb 5-1: config 0 has no interface number 0
[ 1416.276925][   T24] usb 5-1: config 0 interface 6 altsetting 230 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1416.299027][   T24] usb 5-1: config 0 interface 6 has no altsetting 0
[ 1416.316345][   T24] usb 5-1: New USB device found, idVendor=19d2, idProduct=ffcc, bcdDevice=16.aa
[ 1416.334715][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1416.350664][   T24] usb 5-1: Product: syz
[ 1416.384659][   T24] usb 5-1: Manufacturer: syz
[ 1416.405563][   T24] usb 5-1: SerialNumber: syz
[ 1416.474339][   T24] usb 5-1: config 0 descriptor??
[ 1417.319113][   T24] usb 5-1: USB disconnect, device number 107
[ 1417.373018][ T5971] usb 4-1: USB disconnect, device number 3
[ 1418.368635][T16199] usb 5-1: new high-speed USB device number 108 using dummy_hcd
[ 1418.396730][   T31] INFO: task kworker/1:1:39 blocked for more than 143 seconds.
[ 1418.556768][   T31]       Tainted: G             L      syzkaller #0
[ 1418.578278][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1418.598720][ T5878] usb 6-1: USB disconnect, device number 9
[ 1418.601029][   T31] task:kworker/1:1     state:D stack:21312 pid:39    tgid:39    ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1418.694027][   T31] Workqueue: usb_hub_wq hub_event
[ 1418.712945][   T31] Call Trace:
[ 1418.726109][   T31]  <TASK>
[ 1418.735688][T16199] usb 5-1: Using ep0 maxpacket: 32
[ 1418.736354][   T31]  __schedule+0x14bc/0x5000
[ 1418.749723][T16199] usb 5-1: config 1 interface 0 altsetting 219 bulk endpoint 0x82 has invalid maxpacket 8
[ 1418.756209][   T31]  ? __pfx___schedule+0x10/0x10
[ 1418.760475][T16199] usb 5-1: config 1 interface 0 altsetting 219 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1418.769159][   T31]  ? schedule+0x91/0x360
[ 1418.802495][   T31]  schedule+0x165/0x360
[ 1418.831045][T16199] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1418.832855][   T31]  schedule_timeout+0x9a/0x270
[ 1418.842556][T16199] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1418.863653][T16199] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1418.872039][T16199] usb 5-1: Product: ﵤ♼燱깗ﯙ斒﵆ꈾ惜䖭踙煘
[ 1418.880026][T16199] usb 5-1: Manufacturer: ᐁ
[ 1418.884777][T16199] usb 5-1: SerialNumber: 晡㵶霙닓䷂ଏ橖껂☧䯑閟→⪶圜暾쾈䛵뀱৽ृ鏾쉍씶Ḧ鿭
[ 1418.885590][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1418.911979][T22570] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1418.921658][T22570] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1418.935896][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1418.953534][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[ 1418.965558][   T31]  ? wait_for_completion+0x267/0x5d0
[ 1418.971094][   T31]  wait_for_completion+0x2bf/0x5d0
[ 1418.983477][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[ 1418.989580][   T31]  i2c_del_adapter+0x591/0x760
[ 1418.994742][   T31]  ? kfree+0x1c0/0x660
[ 1418.999256][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[ 1419.007860][   T31]  ? dvb_usbv2_exit+0x949/0xb90
[ 1419.017988][   T31]  dvb_usbv2_probe+0x497/0x3c20
[ 1419.030627][   T31]  ? __pfx_dvb_usbv2_probe+0x10/0x10
[ 1419.043818][   T31]  ? __pm_runtime_set_status+0x785/0xa50
[ 1419.059669][   T31]  usb_probe_interface+0x668/0xc90
[ 1419.075567][   T31]  ? __pfx_usb_probe_interface+0x10/0x10
[ 1419.081285][   T31]  really_probe+0x26d/0xad0
[ 1419.085936][   T31]  __driver_probe_device+0x18c/0x320
[ 1419.091264][   T31]  driver_probe_device+0x4f/0x240
[ 1419.105709][   T31]  __device_attach_driver+0x279/0x430
[ 1419.111308][   T31]  bus_for_each_drv+0x251/0x2e0
[ 1419.116593][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[ 1419.124379][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[ 1419.131199][   T31]  __device_attach+0x2b8/0x430
[ 1419.149675][   T31]  ? __pfx___device_attach+0x10/0x10
[ 1419.160175][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1419.165127][T16199] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[ 1419.177290][   T31]  device_initial_probe+0xa1/0xd0
[ 1419.185742][   T31]  bus_probe_device+0x12a/0x220
[ 1419.191593][   T31]  ? device_add+0x726/0xb80
[ 1419.193542][T16199] usb 5-1: USB disconnect, device number 108
[ 1419.204498][   T31]  device_add+0x7b6/0xb80
[ 1419.209071][   T31]  usb_set_configuration+0x1a87/0x2110
[ 1419.217156][   T31]  usb_generic_driver_probe+0x8d/0x150
[ 1419.222754][   T31]  usb_probe_device+0x1c4/0x3c0
[ 1419.230475][   T31]  ? __pfx_usb_probe_device+0x10/0x10
[ 1419.238935][   T31]  really_probe+0x26d/0xad0
[ 1419.249461][   T31]  __driver_probe_device+0x18c/0x320
[ 1419.255150][   T31]  driver_probe_device+0x4f/0x240
[ 1419.262961][   T31]  __device_attach_driver+0x279/0x430
[ 1419.270712][   T31]  bus_for_each_drv+0x251/0x2e0
[ 1419.277258][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[ 1419.283793][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[ 1419.293862][   T31]  __device_attach+0x2b8/0x430
[ 1419.299037][   T31]  ? __pfx___device_attach+0x10/0x10
[ 1419.304808][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1419.310155][   T31]  device_initial_probe+0xa1/0xd0
[ 1419.315317][   T31]  bus_probe_device+0x12a/0x220
[ 1419.320654][   T31]  ? device_add+0x726/0xb80
[ 1419.325481][   T31]  device_add+0x7b6/0xb80
[ 1419.342257][   T31]  usb_new_device+0xa39/0x1720
[ 1419.358929][   T31]  ? __pfx_usb_new_device+0x10/0x10
[ 1419.364179][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1419.383980][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[ 1419.398533][   T31]  hub_event+0x29b1/0x4ef0
[ 1419.403109][   T31]  ? __pfx_hub_event+0x10/0x10
[ 1419.408223][   T31]  ? process_scheduled_works+0x9ef/0x1770
[ 1419.414101][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1419.419818][   T31]  ? process_scheduled_works+0x9ef/0x1770
[ 1419.425819][   T31]  ? process_scheduled_works+0x9ef/0x1770
[ 1419.431628][   T31]  process_scheduled_works+0xad1/0x1770
[ 1419.443692][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1419.450805][   T31]  worker_thread+0x8a0/0xda0
[ 1419.455453][   T31]  kthread+0x711/0x8a0
[ 1419.459611][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1419.464723][   T31]  ? __pfx_kthread+0x10/0x10
[ 1419.469409][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1419.474616][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[ 1419.480029][   T31]  ? __pfx_kthread+0x10/0x10
[ 1419.484634][   T31]  ret_from_fork+0x599/0xb30
[ 1419.489635][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1419.494791][   T31]  ? __switch_to_asm+0x39/0x70
[ 1419.499804][   T31]  ? __switch_to_asm+0x33/0x70
[ 1419.504581][   T31]  ? __pfx_kthread+0x10/0x10
[ 1419.509357][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1419.514161][   T31]  </TASK>
[ 1419.517506][   T31] 
[ 1419.517506][   T31] Showing all locks held in the system:
[ 1419.525232][   T31] 1 lock held by khungtaskd/31:
[ 1419.532676][   T31]  #0: ffffffff8df41a20 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1419.555601][   T31] 5 locks held by kworker/1:1/39:
[ 1419.560765][   T31]  #0: ffff88801f6cf948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1419.572403][   T31]  #1: ffffc90000af7b80 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1419.584482][   T31]  #2: ffff888028825198 (&dev->mutex){....}-{4:4}, at: hub_event+0x187/0x4ef0
[ 1419.598219][   T31]  #3: ffff8880564c9198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x430
[ 1419.607695][   T31]  #4: ffff88801eb40160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x430
[ 1419.617135][   T31] 2 locks held by getty/5597:
[ 1419.621890][   T31]  #0: ffff88814db500a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1419.631726][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x449/0x1460
[ 1419.642224][   T31] 4 locks held by kworker/u8:20/19699:
[ 1419.647766][   T31]  #0: ffff88801aa9f148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1419.670320][   T31]  #1: ffffc9000d94fb80 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1419.681025][   T31]  #2: ffffffff8f304bb0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x7a0
[ 1419.690768][   T31]  #3: ffffffff8df47578 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[ 1419.701743][   T31] 4 locks held by udevd/19845:
[ 1419.706825][   T31]  #0: ffff88802866e9e0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb7/0xe20
[ 1419.715851][   T31]  #1: ffff88802a0f0c88 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x5c/0x420
[ 1419.726227][   T31]  #2: ffff888077f2b878 (kn->active#19){++++}-{0:0}, at: kernfs_seq_start+0xb2/0x420
[ 1419.735800][   T31]  #3: ffff8880564c9198 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[ 1419.745369][   T31] 
[ 1419.748792][   T31] =============================================
[ 1419.748792][   T31] 
[ 1419.757860][   T31] NMI backtrace for cpu 0
[ 1419.757880][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1419.757904][   T31] Tainted: [L]=SOFTLOCKUP
[ 1419.757911][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1419.757922][   T31] Call Trace:
[ 1419.757930][   T31]  <TASK>
[ 1419.757939][   T31]  dump_stack_lvl+0x189/0x250
[ 1419.757974][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1419.757995][   T31]  ? __pfx__printk+0x10/0x10
[ 1419.758031][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1419.758054][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1419.758078][   T31]  ? __pfx__printk+0x10/0x10
[ 1419.758104][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1419.758132][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1419.758158][   T31]  sys_info+0x135/0x170
[ 1419.758177][   T31]  watchdog+0xf95/0xfe0
[ 1419.758204][   T31]  ? watchdog+0x20a/0xfe0
[ 1419.758232][   T31]  kthread+0x711/0x8a0
[ 1419.758256][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1419.758276][   T31]  ? __pfx_kthread+0x10/0x10
[ 1419.758298][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1419.758322][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[ 1419.758339][   T31]  ? __pfx_kthread+0x10/0x10
[ 1419.758361][   T31]  ret_from_fork+0x599/0xb30
[ 1419.758381][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1419.758406][   T31]  ? __switch_to_asm+0x39/0x70
[ 1419.758426][   T31]  ? __switch_to_asm+0x33/0x70
[ 1419.758446][   T31]  ? __pfx_kthread+0x10/0x10
[ 1419.758467][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1419.758504][   T31]  </TASK>
[ 1419.758511][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1419.915283][    C1] NMI backtrace for cpu 1
[ 1419.915302][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1419.915323][    C1] Tainted: [L]=SOFTLOCKUP
[ 1419.915329][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1419.915339][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[ 1419.915360][    C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 93 90 0c 00 f3 0f 1e fa fb f4 <e9> c8 ed 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[ 1419.915374][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[ 1419.915388][    C1] RAX: 0c3baf997b734600 RBX: ffffffff81978fda RCX: 0c3baf997b734600
[ 1419.915401][    C1] RDX: 0000000000000001 RSI: ffffffff8d7925c0 RDI: ffffffff8bc08360
[ 1419.915412][    C1] RBP: ffffc90000197f10 R08: ffff8880b87336db R09: 1ffff110170e66db
[ 1419.915424][    C1] R10: dffffc0000000000 R11: ffffed10170e66dc R12: ffffffff8f822070
[ 1419.915435][    C1] R13: 1ffff11003956b70 R14: 0000000000000001 R15: 0000000000000001
[ 1419.915446][    C1] FS:  0000000000000000(0000) GS:ffff888125f35000(0000) knlGS:0000000000000000
[ 1419.915459][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1419.915470][    C1] CR2: 00007fda8abb6ad8 CR3: 00000000565fa000 CR4: 00000000003526f0
[ 1419.915488][    C1] Call Trace:
[ 1419.915495][    C1]  <TASK>
[ 1419.915501][    C1]  default_idle+0x13/0x20
[ 1419.915518][    C1]  default_idle_call+0x73/0xb0
[ 1419.915537][    C1]  do_idle+0x1ea/0x520
[ 1419.915554][    C1]  ? irqentry_exit+0x5ba/0x660
[ 1419.915571][    C1]  ? __pfx_do_idle+0x10/0x10
[ 1419.915595][    C1]  cpu_startup_entry+0x44/0x60
[ 1419.915611][    C1]  start_secondary+0x101/0x110
[ 1419.915633][    C1]  common_startup_64+0x13e/0x147
[ 1419.915659][    C1]  </TASK>
[ 1419.916410][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1419.916425][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1419.916448][   T31] Tainted: [L]=SOFTLOCKUP
[ 1419.916456][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1419.916466][   T31] Call Trace:
[ 1419.916475][   T31]  <TASK>
[ 1419.916484][   T31]  dump_stack_lvl+0x99/0x250
[ 1419.916506][   T31]  ? __asan_memcpy+0x40/0x70
[ 1419.916524][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1419.916544][   T31]  ? __pfx__printk+0x10/0x10
[ 1419.916579][   T31]  vpanic+0x237/0x6d0
[ 1419.916600][   T31]  ? __pfx_vpanic+0x10/0x10
[ 1419.916621][   T31]  ? preempt_schedule_common+0x83/0xd0
[ 1419.916645][   T31]  panic+0xb9/0xc0
[ 1419.916665][   T31]  ? __pfx_panic+0x10/0x10
[ 1419.916692][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1419.916714][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1419.916741][   T31]  watchdog+0xfdf/0xfe0
[ 1419.916768][   T31]  ? watchdog+0x20a/0xfe0
[ 1419.916798][   T31]  kthread+0x711/0x8a0
[ 1419.916823][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1419.916846][   T31]  ? __pfx_kthread+0x10/0x10
[ 1419.916868][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1419.916893][   T31]  ? lockdep_hardirqs_on+0x98/0x140
[ 1419.916910][   T31]  ? __pfx_kthread+0x10/0x10
[ 1419.916932][   T31]  ret_from_fork+0x599/0xb30
[ 1419.916953][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1419.916979][   T31]  ? __switch_to_asm+0x39/0x70
[ 1419.917000][   T31]  ? __switch_to_asm+0x33/0x70
[ 1419.917020][   T31]  ? __pfx_kthread+0x10/0x10
[ 1419.917043][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1419.917079][   T31]  </TASK>
[ 1420.244738][   T31] Kernel Offset: disabled
[ 1420.249060][   T31] Rebooting in 86400 seconds..