last executing test programs:

6m53.742234393s ago: executing program 3 (id=252):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x43, 0x2}}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x8, &(0x7f00000000c0)=0xfffffffd, 0x4)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x20000003}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)
bind$tipc(r0, 0x0, 0x0)
syz_emit_ethernet(0x7c, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "381f34", 0x46, 0x2f, 0xff, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558, 0x0, 0x892f, [0x80]}, {}, {}, {0xa888}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113380000000000bf1000000000000025000200091b00003d200000000000008701000000000000bc26000000000000bf67000000000000150300000ee600f0670200000300000015030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sk_msg}, 0x48)

6m53.141301092s ago: executing program 3 (id=256):
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)={0x8})
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b\x00\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b}) (async)
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0x0) (async)
syz_usb_control_io(r0, 0x0, 0x0) (async)
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) (async)
epoll_create1(0x80000) (async)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)={0x8}) (async)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b\x00\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0) (async)

6m49.974778185s ago: executing program 3 (id=276):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000300000000000000000000008500000041000000850000000500000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="40000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="942a00000400060014001242090001007665746800000000040002800a0001000000000000000000"], 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x24008080)
syz_open_dev$sndmidi(0x0, 0x3, 0x200701)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a70000000090a010400000000000000000a0000040900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b2c00128014000180090001006c617374000000000400028014000180090001006c617374000000000400028008000340000001"], 0x98}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)
getcwd(&(0x7f00000001c0)=""/89, 0x59)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)

6m48.449756333s ago: executing program 3 (id=280):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0xc0686611, &(0x7f0000000040)={0x6a, 0x0, 0x20, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
add_key$fscrypt_provisioning(&(0x7f0000000340), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="2c235aa9c5", 0x5)
r2 = accept4(r1, 0x0, 0x0, 0x800)
ioctl$OCFS2_IOC_GROUP_EXTEND(r1, 0x40046f01, &(0x7f00000002c0)=0x7)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001020009050276"], 0x0)
syz_usb_control_io$cdc_ecm(r3, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000ffffffff0000000000000018ac0000", @ANYRES32, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009e000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[], 0x48)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, 0x0, 0x284402, 0x0)
close(r4)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x5, 0x12, r5, 0x180000000)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0004000000000000007d988536000000000000a4e6393b12000000000000000000"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r3, 0x82, 0xc38, &(0x7f0000000300)=ANY=[])

6m45.622769974s ago: executing program 3 (id=292):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x41)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) (fail_nth: 2)

6m45.345614922s ago: executing program 3 (id=294):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000d000000028000001294", 0x2e}], 0x1, 0x0, 0x0, 0x2400}, 0x0)

6m30.139167968s ago: executing program 32 (id=294):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000d000000028000001294", 0x2e}], 0x1, 0x0, 0x0, 0x2400}, 0x0)

3m19.418999828s ago: executing program 1 (id=2059):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b32323b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdc69c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d9560ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f733b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
openat$cgroup_ro(r1, &(0x7f0000000000)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0)
mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='nfs\x00', 0x1101821, 0x0) (async)
mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='nfs\x00', 0x1101821, 0x0)

3m18.337086177s ago: executing program 1 (id=2066):
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f001d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e24852548deb01efd54f11ed2c41d078b9cf1fc8f72566153c97e4af37017ea6b16b694bb4a6e4606c3fb19d1d2bd3c8c4e97da2213f9d5c3b90400000000000000c279f03558083906666827d61dcc3a633bffff250b5a293e3877adc1660edbc9a0307a25720a170e7f5670e419dc44febf7ddc73fd4a5a0b6c28665f7f46c7084e17c809268103a2584ab40a68e528329d97afc3612e325c1eb4a3ab2e156a97444800", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb67c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aebe4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
mknodat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0xc0e99db6de761f86, 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x200, 0x20)
r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x8adbd, 0xb)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8100, 0x0)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setregset(0x4205, r2, 0x1, 0x0)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0xc03, 0x0)
ioctl$UI_DEV_SETUP(r6, 0x405c5503, &(0x7f0000000280)={{0x0, 0x3, 0x0, 0x9}, 'syz0\x00', 0x17})
ioctl$UI_DEV_CREATE(r6, 0x5501)
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000001080)=@x86={0x9, 0x8, 0x2, 0x0, 0x3, 0x0, 0xfa, 0x8, 0xf, 0x6, 0x2, 0x9, 0x0, 0x2, 0x0, 0x7e, 0x1, 0x52, 0xe0, '\x00', 0x4, 0x80000004})
execveat(r0, &(0x7f00000010c0)='./file0\x00', &(0x7f0000001240)={[&(0x7f0000001100)='%\x00', &(0x7f0000001140)='./cgroup.cpu/syz0\x00', &(0x7f0000001180)='\x00', &(0x7f00000011c0)='(,^,-#:/-\x00', &(0x7f0000001200)='/dev/kvm\x00']}, &(0x7f0000001400)={[&(0x7f0000001280)=',.({R[{\x00', &(0x7f00000012c0)='hugetlb.1GB.rsvd.limit_in_bytes\x00', &(0x7f0000001300)='./cgroup.cpu/syz0\x00', &(0x7f0000001340)='\x00', &(0x7f0000001380)='(+,\x00', &(0x7f00000013c0)='/dev/kvm\x00']}, 0x100)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0x1a, 0x0, 0x0, 0x20, 0xe, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x100000, 0x6ffe, 0x0, 0x0, 0xfb, 0x0, '\x00', 0x1, 0x4})
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_int(r7, &(0x7f0000000040)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), r9)
sendmsg$L2TP_CMD_SESSION_GET(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0100"], 0x38}}, 0x2)
sendfile(r8, r8, 0x0, 0x280000000000)
close(r0)

3m17.697912815s ago: executing program 1 (id=2068):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x30, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x9, 0x0, 0x0, @fd}]}, @nested={0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000180)={'erspan0\x00', &(0x7f0000000100)={'syztnl2\x00', <r3=>0x0, 0x1, 0x8000, 0xf, 0x9, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x66, 0x0, 0x7, 0x2, 0x0, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@generic={0x89, 0x11, "d1388f5c0185f55d2a76213074a10f"}, @ssrr={0x89, 0x1f, 0xe1, [@multicast2, @private=0xa010102, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @multicast1, @multicast1]}, @ra={0x94, 0x4}, @lsrr={0x83, 0xb, 0x2c, [@private=0xa010100, @rand_addr=0x64010102]}]}}}}})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, r3, 0x30, 0x0, @void}, 0x10)

3m17.458429239s ago: executing program 1 (id=2070):
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x93141b, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000000)={0xd, 0x75, 0x1, {0x2, "05d8"}}, 0xd)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000))
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x6)
dup2(r1, r0)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000000)={0xfffe, 0x6, 0x292d, 0x7bf0, 0x4003, 0x1ff})
syz_usb_connect(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000772904202404019957c2010203010902240001000010000904"], 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r3 = syz_usb_connect(0x3, 0x62, 0x0, 0x0)
syz_usb_control_io$printer(r3, &(0x7f00000001c0)={0x14, &(0x7f0000000000)={0x0, 0x30, 0x15, {0x15, 0x23, "f62bb5486f99ecfa64df01a59c8d215a5d844b"}}, 0x0}, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r2, 0x5393, &(0x7f0000000000))
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000280)='./file0\x00', 0x8, 0x2)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newsa={0xf0, 0x10, 0x713, 0x70bd28, 0x25dfdbfc, {{@in=@rand_addr=0x64010101, @in=@dev={0xac, 0x14, 0x14, 0x3e}, 0x4e22, 0xffff, 0x4e23, 0x3, 0x2, 0x90, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {@in=@multicast2, 0x0, 0x32}, @in6=@local, {0xffff, 0x100, 0x8, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x7, 0xfffffffffffffff8}, {0xc, 0x4, 0x2}, 0x70bd29, 0x0, 0xa, 0x4, 0x0, 0x28}}, 0xf0}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
write$binfmt_misc(r4, &(0x7f0000000000), 0xd)
mount$bind(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x900, 0x0)
ioctl$IOMMU_IOAS_MAP(r6, 0x3b85, &(0x7f00000000c0)={0x28, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2})
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300)='cgroup2\x00', 0x800, 0x0)

3m15.119546363s ago: executing program 1 (id=2080):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, &(0x7f00000001c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6}, [@ldst={0x3, 0x0, 0x3, 0x2, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0xe, 0x0, 0x0, 0x41000, 0x62}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x18, 0x7ffc1fff}]})
pidfd_send_signal(0xffffffffffffffff, 0x21, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x2}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)

3m13.384938309s ago: executing program 1 (id=2091):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), r1)
sendmsg$TIPC_NL_NET_SET(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x80, r3, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xd}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xe11c}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8001}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x11}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffffffd}]}, @TIPC_NLA_MEDIA={0x28, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8d0}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5b}]}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000010}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x54, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}, @qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x10, '\x00', 0xd98, 0x7ff, 0x7, 0xff}}}}]}, 0x54}}, 0xc840)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x16, 0xf, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b70000000000000095000000000000006d5d183316b415ca5ca18ce18e364b178d9c9b346233b46a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
r4 = dup(0xffffffffffffffff)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)
write$6lowpan_control(r4, &(0x7f00000007c0)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
io_setup(0x6, &(0x7f0000000200))
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'batadv0\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x1}})

3m12.496203683s ago: executing program 33 (id=2091):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), r1)
sendmsg$TIPC_NL_NET_SET(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x80, r3, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xd}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xe11c}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8001}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x11}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffffffd}]}, @TIPC_NLA_MEDIA={0x28, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8d0}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5b}]}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000010}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x54, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}, @qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x10, '\x00', 0xd98, 0x7ff, 0x7, 0xff}}}}]}, 0x54}}, 0xc840)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x16, 0xf, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b70000000000000095000000000000006d5d183316b415ca5ca18ce18e364b178d9c9b346233b46a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
r4 = dup(0xffffffffffffffff)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)
write$6lowpan_control(r4, &(0x7f00000007c0)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
io_setup(0x6, &(0x7f0000000200))
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'batadv0\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x1}})

10.449109909s ago: executing program 2 (id=3065):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x200010, 0x40, 0x3, 0x41}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3cd2e7b3d6526bf5}}}, 0x58}}, 0x0)
r2 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r2, &(0x7f0000001000)={&(0x7f00000001c0)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001c40)="5346f7f8", 0x4}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000f40)={r0, &(0x7f0000000e80), 0x0}, 0x20)
io_setup(0x4, &(0x7f0000000180)=<r3=>0x0)
r4 = openat$urandom(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x2000000, 0x0, {0x1, 0x0, 0x8000}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x20, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x50, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_bond\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}]}], {0x14, 0x10}}, 0xb8}}, 0x44804)
r7 = eventfd2(0x1ed33494, 0x80801)
io_submit(r3, 0x1, &(0x7f0000000440)=[&(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x47, r4, 0x0, 0x0, 0xa, 0x0, 0x1, r7}])
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001c000000bca30000000000002403000020feffff620a00fef8ffffff71a4f0ff000000001f03000000000000e5000600000000002604fdffff02000015010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc1"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000100), 0x8, 0x10, &(0x7f00000000c0)={0x0, 0x3}, 0x10}, 0x94)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_mreq(r8, 0x29, 0x7, 0x0, &(0x7f0000000180))
socket$netlink(0x10, 0x3, 0x8000000004)

8.403891018s ago: executing program 2 (id=3091):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x44, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)={0x5c, 0x9, 0x6, 0x801, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)

7.863371383s ago: executing program 2 (id=3098):
r0 = memfd_create(&(0x7f0000000440)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000040), 0x3, 0x200)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x6, 0x8, 0x8, 0x40}, 0x50)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_FREE_STREAMS(r2, 0x8008551d, &(0x7f0000000140)=ANY=[])
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000ff90850000002d00000018110000", @ANYBLOB="3a8593517afe86f13892ffe6419f17f665d47797ef53852fa103480957f749970ebe51fee2af32902e2f73f990310c0b18adbae145d5c26ba3e7ccf72dec94b8502099395fb9f94d5071ed67cd58d5c27e3e3ebe39bef304ca5791f8ca1b8ce5e94c9e334a0058f750947a47916b4a5ef36e974b2997745bc4e13c8a1abe1ddcaf953391f13f26e21c772bc8a0d9103859dc7c05b6046d6844965faaabf2c035fb7d10e58c387b8f3b9f921cb32617ed1400f12c26cd279f7f6b", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xf7)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r3}, 0xc)
ioctl$LOOP_SET_CAPACITY(r1, 0x4c07)
pwrite64(r0, &(0x7f00000008c0)='/', 0x1, 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_DELSET={0x2c, 0xb, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x3}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x54}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004000)
socket$kcm(0x29, 0x0, 0x0)
lseek(r0, 0x0, 0x4)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r5=>r1, {0x6}}, './file0\x00'})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000200)={'syztnl0\x00', &(0x7f00000000c0)={'erspan0\x00', <r6=>0x0, 0x700, 0x80, 0x4841, 0xffffffff, {{0x3b, 0x4, 0x2, 0x0, 0xec, 0x65, 0x0, 0xf3, 0x29, 0x0, @local, @multicast1, {[@timestamp_prespec={0x44, 0x44, 0x98, 0x3, 0x9, [{@multicast2, 0x7}, {@remote, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}, {@rand_addr=0x64010100, 0x3ff}, {@broadcast, 0x1}, {@multicast2, 0xfffffffd}, {@empty, 0x5}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x6}]}, @timestamp_addr={0x44, 0x24, 0x40, 0x1, 0x8, [{@local, 0x4}, {@private=0xa010100, 0x9188}, {@rand_addr=0x64010100, 0x5}, {@rand_addr=0x64010101, 0x2}]}, @timestamp_prespec={0x44, 0x24, 0xe5, 0x3, 0x0, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}, {@remote, 0x9}, {@dev={0xac, 0x14, 0x14, 0x37}, 0x200}, {@private=0xa010102, 0x100}]}, @timestamp_addr={0x44, 0xc, 0xe4, 0x1, 0x8, [{@local, 0x1}]}, @end, @lsrr={0x83, 0x7, 0xe6, [@empty]}, @generic={0x0, 0x9, "6701af65ade82d"}, @cipso={0x86, 0x1e, 0x1, [{0x6, 0x9, "b6688794809b17"}, {0x5, 0xf, "3e2a434642f2b801ba4cd01c2d"}]}, @timestamp_addr={0x44, 0xc, 0x1b, 0x1, 0xc, [{@multicast2, 0xfff}]}, @ra={0x94, 0x4, 0x1}]}}}}})
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r7, 0x10040)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x67, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0xfffe, 0x0, 0xc, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x4, 0xca, 0x0, 0x1000, {[@md5sig={0x13, 0x12, "cf5a47d35405c8a0eaa57d5830b0d79c"}, @sack={0x5, 0x2}]}}}}}}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)={{0x1, 0x1, 0x18, r1, {<r8=>0x0, 0xee01}}, './file0\x00'})
setsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000280)={{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x4e20, 0xd, 0x4e21, 0x0, 0xa, 0x80, 0xa0, 0x32, r6, r8}, {0xfffffffffffffff8, 0x9, 0xdcc, 0x780, 0xeb71, 0x5, 0x7fff, 0x9}, {0x8, 0x6, 0xf, 0x6}, 0x3, 0x6e6bb0, 0x0, 0x1, 0x2, 0x1}, {{@in=@loopback, 0x4d4, 0x3c}, 0x2, @in=@dev={0xac, 0x14, 0x14, 0x38}, 0x3501, 0x3, 0x1, 0xa7, 0x46d5ac78, 0x124d143f, 0x7fffffff}}, 0xe8)
symlink(&(0x7f0000001000)='./file0\x00', 0x0)

4.857194133s ago: executing program 6 (id=3103):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4, @loopback}, 0x10)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000100)=0x5, 0x4)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004600), 0x0, 0x48010)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000d80), 0x36f, 0x20102, 0x0)

4.772518003s ago: executing program 2 (id=3105):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r0, &(0x7f00000002c0)=""/151, 0x97)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000300000000000000000000008500000041000000850000000500000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x24008080)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x0, 0xe, 0x300, &(0x7f00000002c0)="f57b0bb7994307a7ac95a7c71016", 0x0, 0x0, 0x0, 0x0, 0x38, 0x0, &(0x7f0000000180)="b8"}, 0x3a)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$sndmidi(0x0, 0x3, 0x200701)
close(r0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a70000000090a010400000000000000000a0000040900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b2c00128014000180090001006c617374000000000400028014000180090001006c617374000000000400028008000340000001"], 0x98}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)
getcwd(&(0x7f00000001c0)=""/89, 0x59)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r6, 0x29, 0x41, 0x0, 0x78)
write$binfmt_elf64(r5, &(0x7f0000000f00)=ANY=[@ANYBLOB="7f454c4603100702080000000000000003003e"], 0xe8)
close(r5)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

2.975750227s ago: executing program 6 (id=3120):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
close(0x4)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r3, &(0x7f0000002bc0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000540)='*', 0x1}, {&(0x7f0000000340)='\x00', 0x1}, {&(0x7f0000001980)='k', 0x1}, {&(0x7f0000000580)="ff", 0x1}, {&(0x7f0000000140)='m', 0x1}, {&(0x7f0000000200)='d', 0x1}, {&(0x7f0000000180)="0f", 0x1}], 0x7}}], 0x1, 0x4000040)
write$6lowpan_control(r3, &(0x7f0000000100)='disconnect aa:aa:aa:aa:aa:10 2', 0x1e)
socket$inet(0xa, 0x1, 0x186)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
fcntl$setstatus(r2, 0x4, 0x5000)
socket$kcm(0x29, 0x5, 0x0)
ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0xc)

2.934775942s ago: executing program 0 (id=3121):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000005c0)={0x0, 0x23, "e6ce09bbe96c68e71c6b58ffb321ad5a859efb1b7b61869c41f71bae78fa0fcc16934a"}, &(0x7f00000003c0)=0x2b)
r0 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000820907"], 0x18}}, 0x0)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

2.773206458s ago: executing program 0 (id=3122):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(r1, 0x0, 0x90)

2.615344782s ago: executing program 0 (id=3124):
socket(0x10, 0x3, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
io_uring_setup(0x4a86, &(0x7f0000000000)={0x0, 0x4178, 0x80, 0x8001002, 0x410003d6})
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x5)
setresuid(0xee00, 0xee01, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20)

2.136408319s ago: executing program 2 (id=3130):
r0 = socket(0x10, 0x80002, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x4]}, 0x8, 0x80000)
read$FUSE(r3, &(0x7f0000003b80)={0x2020}, 0x2020)
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000340)={[0xfffffffffffffffd]}, 0x8, 0x800)
io_setup(0x1, &(0x7f00000001c0)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000300)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x406, r5, 0x0, 0x0, 0x0, 0x0, 0x2}])
sendmsg$nl_generic(r1, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x7, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r1, 0xc0c89425, &(0x7f0000000200)={"23294c0cea5a1610eafcd5fd9cde5f94", 0x0, <r7=>0x0, {0x7fff, 0x4}, {0x7, 0x2}, 0x4, [0x61, 0x4, 0x8, 0x400, 0x3, 0x3, 0x1, 0xd, 0x34b, 0xffff, 0xffffffffffffffd0, 0x4, 0x10000, 0x1, 0xfc1c, 0x6]})
ioctl$BTRFS_IOC_RM_DEV_V2(r5, 0x5000943a, &(0x7f0000000380)={{r0}, r7, 0x6, @unused=[0xfd3, 0x10, 0xe, 0x2a], @subvolid=0x401})
r8 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r8, 0x0)
clock_gettime(0x0, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r9, 0xc0145608, &(0x7f0000000100)={0x410001, 0x2, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r9, 0x40045612, &(0x7f0000000140)=0x2)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
open(0x0, 0x4827e, 0x20)
eventfd(0x46)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000140)="2b837c55699587ef405fc52ff954eb25242e71e92bb7618fe76f39044f0ed76a1723eb82838d536fe9410698d94a5b78f5e78b9def9a61663736bf7c6b3c4265ee19eb6df6863c9f53912acc0876103658be9909", 0x54, 0x290a5d7ac7efb280, 0x0, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

1.939757512s ago: executing program 6 (id=3133):
socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001500)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x100}, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r2, 0x2)
r3 = socket$alg(0x26, 0x5, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4}, 0x38)
bind$x25(0xffffffffffffffff, &(0x7f0000000200), 0x12)
bind$alg(r3, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

1.804623276s ago: executing program 5 (id=3134):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(r1, 0x0, 0x90)

1.800347357s ago: executing program 6 (id=3135):
r0 = socket$packet(0x11, 0x2, 0x300)
mknodat(0xffffffffffffff9c, 0x0, 0x11c0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000004140)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40044}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001c40)=ANY=[@ANYBLOB="1c000000000000000157000000020000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0xee00, @ANYBLOB="00000000140000000000000001"], 0x38, 0x80}}], 0x2, 0x4)
close(0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000440)=[{0x6, 0x2b, 0xb, 0x7fff0000}]})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000580)=ANY=[@ANYBLOB="e00000027f000001010000000200000009010102ac14141a89cb437e3c4972a0bff32523e8051bd8f37ada721a5bac11c81bcc7d8b55657b01de6774172e7f0e16366f6a7c6dc76ecbd0517506d207964a1a25d309d7ec6e6fa2c6b5e96e530aa6352ff604a51de127d7ac43fecf2437844ba577abc1dbdacf2644096f57e805c65e122d77c8b5735c68a37ea18dfc8a540a41977c5a06d8f07cd7852f501e45f222b72ec576602a37ec3569bc70a355c27959fb8eca815135f113e728d2f8b2eb469f2f89a4a5abbe50ef18781caebe147da8e6803fd4c95f2401c134fa88fa724160d5b56009b1c9b2d20e13bf09442815d5865a8118c7ce5f7fa9c13e0a2bed0affeef9bf6443aa0dd01698d291349a0d6e52e9a04f437b7d9c412c06e208dcdf488a25e793a2b0f0c78970dd69cb4f6a3f3c242a2164a3355c95a8ee"], 0x18)
timerfd_create(0x8, 0x80000)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
statfs(0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000700003b0000000000800000850000007500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r5, 0x4)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="f8000000160001000000000000000000fe8000000000000000000000000000aae000000100000000000000000000000000000000000000000000008000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8800010000000000000000000000010000000033"], 0xf8}}, 0x0)

1.632936518s ago: executing program 5 (id=3137):
r0 = syz_open_dev$evdev(0x0, 0x3, 0x0)
ioctl$EVIOCGBITKEY(r0, 0x80404521, &(0x7f0000000440)=""/46)

1.562503658s ago: executing program 0 (id=3138):
syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0xa68b, 0x100, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xc, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = io_uring_setup(0x5e4b, &(0x7f0000000200)={0x0, 0xdba3, 0x3, 0x0, 0x315})
io_uring_register$IORING_REGISTER_CLOCK(r2, 0x1d, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='maps\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000000000/0x1000)=nil, 0x1000, &(0x7f0000000100)='maps\x00')
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r3, 0x0)
syz_clone(0x800011, 0x0, 0x0, 0x0, 0x0, 0x0)
ftruncate(r3, 0xc17a)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)
mlock(&(0x7f000064c000/0x2000)=nil, 0x2000)
mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

1.380168844s ago: executing program 5 (id=3140):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r0, &(0x7f00000002c0)=""/151, 0x97)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000300000000000000000000008500000041000000850000000500000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x24008080)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x0, 0xe, 0x300, &(0x7f00000002c0)="f57b0bb7994307a7ac95a7c71016", 0x0, 0x0, 0x0, 0x0, 0x38, 0x0, &(0x7f0000000180)="b8"}, 0x3a)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$sndmidi(0x0, 0x3, 0x200701)
close(r0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a70000000090a010400000000000000000a0000040900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b2c00128014000180090001006c617374000000000400028014000180090001006c617374000000000400028008000340000001"], 0x98}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)
getcwd(&(0x7f00000001c0)=""/89, 0x59)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r6, 0x29, 0x41, 0x0, 0x78)
write$binfmt_elf64(r5, &(0x7f0000000f00)=ANY=[@ANYBLOB="7f454c4603100702080000000000000003003e"], 0xe8)
close(r5)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

1.202062595s ago: executing program 2 (id=3141):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000004c0)={0x24, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "0100"}, @global=@item_012={0x2, 0x1, 0x0, "0100"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_012={0x2, 0x2, 0x2, "90a0"}, @global=@item_012={0x1, 0x1, 0x8, '8'}, @main=@item_4={0x3, 0x0, 0xb, "c83e2503"}, @local=@item_012={0x2, 0x2, 0x8, "3994"}, @local=@item_4={0x3, 0x2, 0x2, "b09ea549"}, @main=@item_4={0x3, 0x0, 0x8, "ce9abc16"}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000280)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
semget$private(0x0, 0x3, 0x342)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000500)={0xa4, 0x0, 0x1})
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x4000)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x40080)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x50)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000"], 0xb8}}, 0x20004000)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000000)={0x6, 0x6, 0x2, 0x0, 0xffffffff, 0x2})
r3 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x80, 0x4, 0x306}, &(0x7f0000000340), &(0x7f0000000280), &(0x7f0000000000))
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000001, 0x42073, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x23, &(0x7f0000000540), 0x0)
r4 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x28101)
ioctl$FIBMAP(r4, 0x1, &(0x7f0000000040)=0x85)
ioctl$XFS_IOC_FD_TO_HANDLE(r1, 0xc038586a, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000100)='\\\x00', 0x137001, &(0x7f0000000140)={@_ha_fsid={[0x8, 0x2]}, {0x32, 0x3, 0x10, 0x5}}, 0x40, &(0x7f00000001c0), &(0x7f0000000200)=0x2f})

1.146920113s ago: executing program 6 (id=3143):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
close(0x4)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r3, &(0x7f0000002bc0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000540)='*', 0x1}, {&(0x7f0000000340)='\x00', 0x1}, {&(0x7f0000001980)='k', 0x1}, {&(0x7f0000000580)="ff", 0x1}, {&(0x7f0000000140)='m', 0x1}, {&(0x7f0000000200)='d', 0x1}, {&(0x7f0000000180)="0f", 0x1}], 0x7}}], 0x1, 0x4000040)
write$6lowpan_control(r3, &(0x7f0000000100)='disconnect aa:aa:aa:aa:aa:10 2', 0x1e)
socket$inet(0xa, 0x1, 0x186)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
fcntl$setstatus(r2, 0x4, 0x5000)
socket$kcm(0x29, 0x5, 0x0)
ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0xc)

1.039930716s ago: executing program 5 (id=3144):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async, rerun: 32)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (rerun: 32)
getrlimit(0x0, &(0x7f00000000c0)) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5) (async)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00')
write$FUSE_IOCTL(r0, &(0x7f0000002540)={0x20, 0x0, 0x0, {0x8, 0x0, 0xfffffffd, 0x10001}}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
setsockopt$RDS_CONG_MONITOR(0xffffffffffffffff, 0x114, 0x6, 0x0, 0x0) (async, rerun: 64)
r3 = syz_clone(0x200480, 0x0, 0xfffffffffffffe72, 0x0, 0x0, 0x0) (async)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6) (async)
pipe2(&(0x7f00000002c0)={<r5=>0xffffffffffffffff}, 0x80080)
vmsplice(r5, &(0x7f00000007c0)=[{&(0x7f0000000140)="ed", 0x1}], 0x1, 0x4) (async)
sendmsg$netlink(r4, &(0x7f0000008600)={0x0, 0x0, &(0x7f0000006040)=[{&(0x7f0000000b40)={0x10, 0x17, 0x400, 0x70bd2b, 0x25dfdbff}, 0x10}], 0x1, &(0x7f0000008480)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="0000000010000000000000000100000001009ec4f067b8ddf88c03000000000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x50, 0x20000041}, 0x20000844) (async)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x13c, 0x10, 0x713, 0x70bd26, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@dev={0xac, 0x14, 0x14, 0x13}, 0x4e22, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x32}, @in6=@local, {0x0, 0x0, 0x8, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x2, 0xfffffffffffffff8}, {0xc, 0x0, 0x2}, 0x70bd29, 0x3, 0x2, 0x1, 0x0, 0x28}, [@algo_aead={0x4c, 0x12, {{'rfc4543(gcm(aes))\x00'}, 0x0, 0x40}}]}, 0x13c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newlinkprop={0x48, 0x6c, 0x20, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x42000, 0x40}, [@IFLA_CARRIER={0x5, 0x21, 0x3}, @IFLA_PHYS_PORT_ID={0xb, 0x22, "9ea4238f1eb1bd"}, @IFLA_CARRIER_CHANGES={0x8, 0x23, 0x50000}, @IFLA_BROADCAST={0xa, 0x2, @multicast}]}, 0x48}, 0x1, 0x0, 0x0, 0x480c0}, 0x4008000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 64)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async, rerun: 64)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000180000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r9, 0x29, 0x4e, &(0x7f0000000000)=0x6, 0x4) (async, rerun: 64)
bind$inet6(r9, &(0x7f0000000040)={0xa, 0x4e22, 0xfe1d, @loopback={0xe0}, 0x1848ade0}, 0x1c) (async, rerun: 64)
listen(r8, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)

998.469389ms ago: executing program 0 (id=3145):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast2, 0x800000, 0x0, 0x1, 0x1, 0x4, 0x6}, 0x20)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
openat$vimc2(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x106, 0x8}}, 0x20)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40)=[{{&(0x7f00000000c0)={0xa, 0x4ea0, 0x10, @private0, 0x9}, 0x1c, 0x0}}], 0x1, 0x931766f6319eed40)
r3 = accept(0xffffffffffffffff, &(0x7f0000000200)=@un=@abs, &(0x7f00000002c0)=0x80)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4001}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getpeername$unix(r3, &(0x7f0000000340), &(0x7f00000003c0)=0x6e)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r1, &(0x7f00003a1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="9a01000000f800b8d58800000f23d00f21f8351000000d0f23f864640f79ea66baf80cb8c85f5480ef66bafc0cecc4c2adac17b9550200000f320f2860c7c4e11751df0f2e2d00000080b9800000c00f3235008000000f30", 0x58}], 0x1, 0x4a, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r4, 0x4048ae9b, &(0x7f0000000080)={0x70003, 0x0, {[0xffffffffffffffff, 0x1f8, 0x2, 0xffffffffefffff15, 0x3, 0x4, 0x1, 0x800]}})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0x30, 0x24, 0xf0b, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x12, 0x0, {}, {0x4, 0xffff}, {0xffe0, 0x1}}, [@qdisc_kind_options=@q_red={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0xc000055}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=@newqdisc={0x24, 0x14, 0xf0b, 0x70bd26, 0x0, {0x2, 0x0, 0x0, 0x0, {0xf, 0xc}, {0x0, 0x9}, {0xf, 0x8}}}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000840)=ANY=[@ANYBLOB="3c0000002500010125bd7000fbfffffe0b00000008000300470000001f0050"], 0x3c}, 0x1, 0x0, 0x0, 0x4048957}, 0x28040)
syslog(0x0, 0x0, 0x0)
syz_open_dev$media(&(0x7f0000000000), 0x8000009, 0x8800)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace$getregset(0x4205, r6, 0x1, &(0x7f0000000140)={0x0})
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000500)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0xa}}, {@blksize={'blksize', 0x3d, 0x1600}}]}})

633.085743ms ago: executing program 4 (id=3148):
socket(0x10, 0x3, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
io_uring_setup(0x4a86, &(0x7f0000000000)={0x0, 0x4178, 0x80, 0x8001002, 0x410003d6})
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x5)
setresuid(0xee00, 0xee01, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20)

572.933867ms ago: executing program 5 (id=3149):
r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0xa68b, 0x100, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = io_uring_setup(0x5e4b, &(0x7f0000000200)={0x0, 0xdba3, 0x3, 0x0, 0x315})
io_uring_register$IORING_REGISTER_CLOCK(r2, 0x1d, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='maps\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000000000/0x1000)=nil, 0x1000, &(0x7f0000000100)='maps\x00')
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000041c0)={&(0x7f0000000080)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x12510421, 0x0, 0xc, 0x1, 0x56, 0x0, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0xc0686611, &(0x7f0000000040)={0x68, 0x0, 0x17, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x20, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8000}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], {{}, {}, {0x85, 0x0, 0x0, 0xbdc61ffbcd7da404}}}, &(0x7f0000000640)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000680)={0x3, 0x6, 0x7, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000006c0)=[0xffffffffffffffff, r0, 0xffffffffffffffff, 0x1, 0x1, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0x1], &(0x7f0000000700)=[{0x1, 0x1, 0xe, 0x6}], 0x10, 0x6}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f00000003c0), 0x0}, 0x20)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000009b80)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a90000000060a010400000000000000000a0000040900010073797a310000000064000480340001800c0001007061796c6f61640024000280080001400000000a080003400000004f080004400000003808000240000000012c0001800a00010072656469720000001c00028008000240000000130800034000000029080001400000000e0900020073797a32"], 0x6c1c}, 0x1, 0x0, 0x0, 0x40}, 0x24000800)

572.651293ms ago: executing program 4 (id=3150):
socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001500)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, 0x0, 0x0)
recvmsg$unix(r0, 0x0, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r2, 0x2)
r3 = socket$alg(0x26, 0x5, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4}, 0x38)
bind$x25(0xffffffffffffffff, &(0x7f0000000200), 0x12)
bind$alg(r3, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00"/11], 0x48)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

529.52997ms ago: executing program 4 (id=3151):
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
close(0x4)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000040)
write$6lowpan_control(r0, &(0x7f0000000100)='disconnect aa:aa:aa:aa:aa:10 2', 0x1e)

409.844167ms ago: executing program 4 (id=3152):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, 0x0, &(0x7f00000003c0))
r0 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000820907"], 0x18}}, 0x0)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

269.056055ms ago: executing program 4 (id=3153):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x12, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}, [@map_val={0x18, 0x1, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @generic={0xe1, 0x2, 0x6, 0x5, 0xfffffffb}, @jmp={0x5, 0x1, 0x1, 0x5, 0xd, 0xffffffffffffffe0, 0xfffffffffffffffc}, @exit, @ldst={0x2, 0x0, 0x3, 0x6, 0x2, 0xffffffffffffffc0, 0xfffffffffffffff0}]}, &(0x7f0000000180)='GPL\x00', 0x8, 0x1019, &(0x7f0000001200)=""/4121, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf3}, 0x94)

210.653783ms ago: executing program 0 (id=3154):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r0, &(0x7f00000002c0)=""/151, 0x97)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000300000000000000000000008500000041000000850000000500000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x24008080)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x0, 0xe, 0x300, &(0x7f00000002c0)="f57b0bb7994307a7ac95a7c71016", 0x0, 0x0, 0x0, 0x0, 0x38, 0x0, &(0x7f0000000180)="b8"}, 0x3a)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$sndmidi(0x0, 0x3, 0x200701)
close(r0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a70000000090a010400000000000000000a0000040900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b2c00128014000180090001006c617374000000000400028014000180090001006c617374000000000400028008000340000001"], 0x98}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)
getcwd(&(0x7f00000001c0)=""/89, 0x59)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r6, 0x29, 0x41, 0x0, 0x78)
write$binfmt_elf64(r5, &(0x7f0000000f00)=ANY=[@ANYBLOB="7f454c4603100702080000000000000003003e"], 0xe8)
close(r5)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

166.963333ms ago: executing program 5 (id=3155):
syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0xa68b, 0x100, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xc, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = io_uring_setup(0x5e4b, &(0x7f0000000200)={0x0, 0xdba3, 0x3, 0x0, 0x315})
io_uring_register$IORING_REGISTER_CLOCK(r2, 0x1d, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='maps\x00')
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r3, 0x0)
syz_clone(0x800011, 0x0, 0x0, 0x0, 0x0, 0x0)
ftruncate(r3, 0xc17a)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)
mlock(&(0x7f000064c000/0x2000)=nil, 0x2000)
mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

28.682608ms ago: executing program 6 (id=3156):
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x9, 0xfffffffb})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xd6)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x0, r2})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x4)
landlock_restrict_self(0xffffffffffffffff, 0xc)
r4 = socket(0x10, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket(0xa, 0x2, 0x6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ff1000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r5, &(0x7f0000000440)={0x2, 0x6e24, @local}, 0x10)
r6 = socket$inet(0x2, 0x2, 0x1)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000080)=0x9, 0x4)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r7 = io_uring_setup(0x1c6c, &(0x7f0000000040)={0x0, 0xaebb, 0xd000, 0x20000a, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x100, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1, 0xe}, {0xfff2}, {0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x4040001}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r7, 0x2219, 0x76, 0x16, 0x0, 0x0)
write(r4, &(0x7f0000000480)="1c0000001a009b8a140000003b000000000000000000000000000000fd", 0x1d)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000000)='devtmpfs\x00', 0x1214040, 0x0)

0s ago: executing program 4 (id=3157):
socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001500)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x100}, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r2, 0x2)
r3 = socket$alg(0x26, 0x5, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4}, 0x38)
bind$x25(0xffffffffffffffff, &(0x7f0000000200), 0x12)
bind$alg(r3, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

3:0x7f21118cd04e
[  499.939603][T13422] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  499.939621][T13422] RSP: 002b:00007f210fb65fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  499.939642][T13422] RAX: ffffffffffffffda RBX: 00007f210fb666c0 RCX: 00007f21118cd04e
[  499.939657][T13422] RDX: 000000000000000f RSI: 00007f210fb660a0 RDI: 0000000000000005
[  499.939669][T13422] RBP: 00007f210fb66090 R08: 0000000000000000 R09: 0000000000000000
[  499.939682][T13422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.939693][T13422] R13: 00007f2111b86038 R14: 00007f2111b85fa0 R15: 00007fff9ee2e618
[  499.939725][T13422]  </TASK>
[  500.546967][T13443] FAULT_INJECTION: forcing a failure.
[  500.546967][T13443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  500.547003][T13443] CPU: 0 UID: 0 PID: 13443 Comm: syz.0.2613 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  500.547030][T13443] Tainted: [L]=SOFTLOCKUP
[  500.547065][T13443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  500.547078][T13443] Call Trace:
[  500.547086][T13443]  <TASK>
[  500.547095][T13443]  dump_stack_lvl+0xe8/0x150
[  500.547134][T13443]  should_fail_ex+0x46b/0x600
[  500.547167][T13443]  _copy_to_user+0x31/0xb0
[  500.547198][T13443]  simple_read_from_buffer+0xe1/0x170
[  500.547229][T13443]  proc_fail_nth_read+0x1be/0x230
[  500.547256][T13443]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  500.547283][T13443]  ? rw_verify_area+0x2ac/0x4e0
[  500.547312][T13443]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  500.547341][T13443]  vfs_read+0x212/0xa80
[  500.547379][T13443]  ? __pfx_vfs_read+0x10/0x10
[  500.547410][T13443]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  500.547435][T13443]  ? lockdep_hardirqs_on+0x7a/0x110
[  500.547458][T13443]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  500.547481][T13443]  ? mutex_lock_nested+0x152/0x1d0
[  500.547509][T13443]  ? fdget_pos+0x252/0x320
[  500.547540][T13443]  ksys_read+0x156/0x270
[  500.547561][T13443]  ? __pfx_ksys_read+0x10/0x10
[  500.547588][T13443]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.547609][T13443]  do_syscall_64+0x15f/0xf80
[  500.547630][T13443]  ? trace_irq_disable+0x3b/0x140
[  500.547648][T13443]  ? clear_bhb_loop+0x40/0x90
[  500.547668][T13443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.547685][T13443] RIP: 0033:0x7f21118cd04e
[  500.547702][T13443] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  500.547717][T13443] RSP: 002b:00007f210fb65fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  500.547736][T13443] RAX: ffffffffffffffda RBX: 00007f210fb666c0 RCX: 00007f21118cd04e
[  500.547748][T13443] RDX: 000000000000000f RSI: 00007f210fb660a0 RDI: 0000000000000004
[  500.547760][T13443] RBP: 00007f210fb66090 R08: 0000000000000000 R09: 0000000000000000
[  500.547770][T13443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  500.547781][T13443] R13: 00007f2111b86038 R14: 00007f2111b85fa0 R15: 00007fff9ee2e618
[  500.547813][T13443]  </TASK>
[  500.875103][T13448] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2616'.
[  501.133960][T13458] FAULT_INJECTION: forcing a failure.
[  501.133960][T13458] name failslab, interval 1, probability 0, space 0, times 0
[  501.133997][T13458] CPU: 1 UID: 0 PID: 13458 Comm: syz.2.2618 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  501.134024][T13458] Tainted: [L]=SOFTLOCKUP
[  501.134032][T13458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  501.134044][T13458] Call Trace:
[  501.134052][T13458]  <TASK>
[  501.134061][T13458]  dump_stack_lvl+0xe8/0x150
[  501.134098][T13458]  should_fail_ex+0x46b/0x600
[  501.134129][T13458]  should_failslab+0xa8/0x100
[  501.134152][T13458]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  501.134185][T13458]  ? __alloc_skb+0x1d0/0x7d0
[  501.134212][T13458]  ? lockdep_hardirqs_on+0x7a/0x110
[  501.134258][T13458]  __alloc_skb+0x1d0/0x7d0
[  501.134290][T13458]  netlink_sendmsg+0x5d4/0xb40
[  501.134328][T13458]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.134356][T13458]  ? unwind_get_return_address+0x4d/0x90
[  501.134383][T13458]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  501.134415][T13458]  ____sys_sendmsg+0x94c/0x9c0
[  501.134442][T13458]  ? __pfx_____sys_sendmsg+0x10/0x10
[  501.134470][T13458]  ? import_iovec+0x73/0xa0
[  501.134501][T13458]  ___sys_sendmsg+0x2a5/0x360
[  501.134520][T13458]  ? __lock_acquire+0x6b5/0x2cf0
[  501.134545][T13458]  ? __pfx____sys_sendmsg+0x10/0x10
[  501.134593][T13458]  ? __fget_files+0x2a/0x420
[  501.134617][T13458]  ? __fget_files+0x3a6/0x420
[  501.134648][T13458]  __x64_sys_sendmsg+0x1c3/0x2a0
[  501.134666][T13458]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  501.134691][T13458]  ? __pfx_ksys_write+0x10/0x10
[  501.134716][T13458]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.134736][T13458]  do_syscall_64+0x15f/0xf80
[  501.134757][T13458]  ? trace_irq_disable+0x3b/0x140
[  501.134777][T13458]  ? clear_bhb_loop+0x40/0x90
[  501.134799][T13458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.134819][T13458] RIP: 0033:0x7f4d085fc819
[  501.134838][T13458] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  501.134855][T13458] RSP: 002b:00007f4d06856028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  501.134875][T13458] RAX: ffffffffffffffda RBX: 00007f4d08875fa0 RCX: 00007f4d085fc819
[  501.134889][T13458] RDX: 0000000020004080 RSI: 0000200000000200 RDI: 0000000000000004
[  501.134902][T13458] RBP: 00007f4d06856090 R08: 0000000000000000 R09: 0000000000000000
[  501.134913][T13458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.134931][T13458] R13: 00007f4d08876038 R14: 00007f4d08875fa0 R15: 00007fff62410a48
[  501.134960][T13458]  </TASK>
[  501.136590][    T9] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  501.244101][T13460] FAULT_INJECTION: forcing a failure.
[  501.244101][T13460] name failslab, interval 1, probability 0, space 0, times 0
[  501.244137][T13460] CPU: 0 UID: 0 PID: 13460 Comm: syz.6.2620 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  501.244164][T13460] Tainted: [L]=SOFTLOCKUP
[  501.244171][T13460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  501.244183][T13460] Call Trace:
[  501.244190][T13460]  <TASK>
[  501.244198][T13460]  dump_stack_lvl+0xe8/0x150
[  501.244234][T13460]  should_fail_ex+0x46b/0x600
[  501.244266][T13460]  should_failslab+0xa8/0x100
[  501.244287][T13460]  __kmalloc_noprof+0xdf/0x7b0
[  501.244305][T13460]  ? bpf_test_init+0x9f/0x150
[  501.244332][T13460]  ? __lock_acquire+0x6b5/0x2cf0
[  501.244357][T13460]  bpf_test_init+0x9f/0x150
[  501.244387][T13460]  bpf_prog_test_run_skb+0x392/0x2260
[  501.244432][T13460]  ? __fget_files+0x3a6/0x420
[  501.244457][T13460]  ? __fget_files+0x2a/0x420
[  501.244494][T13460]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  501.244521][T13460]  bpf_prog_test_run+0x2cd/0x340
[  501.244547][T13460]  __sys_bpf+0x643/0x950
[  501.244570][T13460]  ? __pfx___sys_bpf+0x10/0x10
[  501.244588][T13460]  ? rt_mutex_slowunlock+0x1cb/0x300
[  501.244632][T13460]  ? ksys_write+0x248/0x270
[  501.244653][T13460]  ? __pfx_ksys_write+0x10/0x10
[  501.244675][T13460]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.244697][T13460]  __x64_sys_bpf+0x7c/0x90
[  501.244724][T13460]  do_syscall_64+0x15f/0xf80
[  501.244746][T13460]  ? trace_irq_disable+0x3b/0x140
[  501.244766][T13460]  ? clear_bhb_loop+0x40/0x90
[  501.244789][T13460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.244809][T13460] RIP: 0033:0x7f3d2a04c819
[  501.244827][T13460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  501.244844][T13460] RSP: 002b:00007f3d282a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  501.244864][T13460] RAX: ffffffffffffffda RBX: 00007f3d2a2c5fa0 RCX: 00007f3d2a04c819
[  501.244878][T13460] RDX: 0000000000000048 RSI: 00002000000002c0 RDI: 000000000000000a
[  501.244891][T13460] RBP: 00007f3d282a6090 R08: 0000000000000000 R09: 0000000000000000
[  501.244902][T13460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.244914][T13460] R13: 00007f3d2a2c6038 R14: 00007f3d2a2c5fa0 R15: 00007ffc1dd9f878
[  501.244944][T13460]  </TASK>
[  501.516939][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[  501.517000][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[  501.954803][T13472] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2624'.
[  501.955878][T13474] FAULT_INJECTION: forcing a failure.
[  501.955878][T13474] name failslab, interval 1, probability 0, space 0, times 0
[  501.955911][T13474] CPU: 0 UID: 0 PID: 13474 Comm: syz.2.2625 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  501.955937][T13474] Tainted: [L]=SOFTLOCKUP
[  501.955944][T13474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  501.955957][T13474] Call Trace:
[  501.955964][T13474]  <TASK>
[  501.955972][T13474]  dump_stack_lvl+0xe8/0x150
[  501.956009][T13474]  should_fail_ex+0x46b/0x600
[  501.956041][T13474]  should_failslab+0xa8/0x100
[  501.956063][T13474]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  501.956092][T13474]  ? __alloc_skb+0x1d0/0x7d0
[  501.956117][T13474]  ? lockdep_hardirqs_on+0x7a/0x110
[  501.956146][T13474]  __alloc_skb+0x1d0/0x7d0
[  501.956176][T13474]  netlink_sendmsg+0x5d4/0xb40
[  501.956214][T13474]  ? __pfx_netlink_sendmsg+0x10/0x10
[  501.956241][T13474]  ? unwind_get_return_address+0x4d/0x90
[  501.956266][T13474]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  501.956297][T13474]  ____sys_sendmsg+0x94c/0x9c0
[  501.956322][T13474]  ? __pfx_____sys_sendmsg+0x10/0x10
[  501.956351][T13474]  ? import_iovec+0x73/0xa0
[  501.956381][T13474]  ___sys_sendmsg+0x2a5/0x360
[  501.956399][T13474]  ? __lock_acquire+0x6b5/0x2cf0
[  501.956435][T13474]  ? __pfx____sys_sendmsg+0x10/0x10
[  501.956488][T13474]  ? __fget_files+0x2a/0x420
[  501.956513][T13474]  ? __fget_files+0x3a6/0x420
[  501.956548][T13474]  __x64_sys_sendmsg+0x1c3/0x2a0
[  501.956571][T13474]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  501.956600][T13474]  ? __pfx_ksys_write+0x10/0x10
[  501.956627][T13474]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.956648][T13474]  do_syscall_64+0x15f/0xf80
[  501.956669][T13474]  ? trace_irq_disable+0x3b/0x140
[  501.956688][T13474]  ? clear_bhb_loop+0x40/0x90
[  501.956710][T13474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.956729][T13474] RIP: 0033:0x7f4d085fc819
[  501.956748][T13474] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  501.956765][T13474] RSP: 002b:00007f4d06856028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  501.956785][T13474] RAX: ffffffffffffffda RBX: 00007f4d08875fa0 RCX: 00007f4d085fc819
[  501.956800][T13474] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  501.956813][T13474] RBP: 00007f4d06856090 R08: 0000000000000000 R09: 0000000000000000
[  501.956826][T13474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.956837][T13474] R13: 00007f4d08876038 R14: 00007f4d08875fa0 R15: 00007fff62410a48
[  501.956867][T13474]  </TASK>
[  502.283519][T13481] netlink: 120 bytes leftover after parsing attributes in process `syz.4.2626'.
[  502.367995][ T5827] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  502.526348][ T5827] usb 3-1: Using ep0 maxpacket: 16
[  502.530827][ T5827] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  502.530886][ T5827] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  502.530910][ T5827] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  502.530954][ T5827] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  502.530982][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.541740][ T5827] usb 3-1: config 0 descriptor??
[  502.636373][ T5931] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  502.738524][   T31] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  502.802490][ T5931] usb 5-1: Using ep0 maxpacket: 16
[  502.805952][ T5931] usb 5-1: too many configurations: 225, using maximum allowed: 8
[  502.842809][ T5931] usb 5-1: unable to read config index 0 descriptor/start: -61
[  502.842846][ T5931] usb 5-1: can't read configurations, error -61
[  503.007008][ T5931] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  503.164024][ T5931] usb 5-1: Using ep0 maxpacket: 16
[  503.760169][   T31] usb 6-1: unable to get BOS descriptor or descriptor too short
[  503.765713][   T31] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[  503.776771][   T31] usb 6-1: New USB device found, idVendor=0582, idProduct=004c, bcdDevice= 0.40
[  503.776807][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.776829][   T31] usb 6-1: Product: syz
[  503.776845][   T31] usb 6-1: Manufacturer: syz
[  503.776860][   T31] usb 6-1: SerialNumber: syz
[  504.002383][ T5931] usb 5-1: too many configurations: 225, using maximum allowed: 8
[  504.271680][ T5931] usb 5-1: unable to read config index 0 descriptor/start: -61
[  504.271721][ T5931] usb 5-1: can't read configurations, error -61
[  504.273636][ T5931] usb usb5-port1: attempt power cycle
[  504.354271][T13498] FAULT_INJECTION: forcing a failure.
[  504.354271][T13498] name failslab, interval 1, probability 0, space 0, times 0
[  504.354306][T13498] CPU: 1 UID: 0 PID: 13498 Comm: syz.0.2633 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  504.354326][T13498] Tainted: [L]=SOFTLOCKUP
[  504.354331][T13498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  504.354340][T13498] Call Trace:
[  504.354347][T13498]  <TASK>
[  504.354354][T13498]  dump_stack_lvl+0xe8/0x150
[  504.354383][T13498]  should_fail_ex+0x46b/0x600
[  504.354406][T13498]  should_failslab+0xa8/0x100
[  504.354424][T13498]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  504.354445][T13498]  ? __alloc_skb+0x1d0/0x7d0
[  504.354465][T13498]  ? lockdep_hardirqs_on+0x7a/0x110
[  504.354486][T13498]  __alloc_skb+0x1d0/0x7d0
[  504.354510][T13498]  netlink_sendmsg+0x5d4/0xb40
[  504.354538][T13498]  ? __pfx_netlink_sendmsg+0x10/0x10
[  504.354560][T13498]  ? unwind_get_return_address+0x4d/0x90
[  504.354580][T13498]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  504.354604][T13498]  ____sys_sendmsg+0x94c/0x9c0
[  504.354623][T13498]  ? __pfx_____sys_sendmsg+0x10/0x10
[  504.354644][T13498]  ? import_iovec+0x73/0xa0
[  504.354667][T13498]  ___sys_sendmsg+0x2a5/0x360
[  504.354680][T13498]  ? __lock_acquire+0x6b5/0x2cf0
[  504.354711][T13498]  ? __pfx____sys_sendmsg+0x10/0x10
[  504.354751][T13498]  ? __fget_files+0x2a/0x420
[  504.354769][T13498]  ? __fget_files+0x3a6/0x420
[  504.354794][T13498]  __x64_sys_sendmsg+0x1c3/0x2a0
[  504.354810][T13498]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  504.354831][T13498]  ? __pfx_ksys_write+0x10/0x10
[  504.354852][T13498]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.354868][T13498]  do_syscall_64+0x15f/0xf80
[  504.354884][T13498]  ? trace_irq_disable+0x3b/0x140
[  504.354898][T13498]  ? clear_bhb_loop+0x40/0x90
[  504.354916][T13498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.354930][T13498] RIP: 0033:0x7f211190c819
[  504.354945][T13498] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  504.354958][T13498] RSP: 002b:00007f210fb66028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  504.354975][T13498] RAX: ffffffffffffffda RBX: 00007f2111b85fa0 RCX: 00007f211190c819
[  504.354986][T13498] RDX: 0000000004040000 RSI: 0000200000000480 RDI: 0000000000000003
[  504.354995][T13498] RBP: 00007f210fb66090 R08: 0000000000000000 R09: 0000000000000000
[  504.355005][T13498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.355014][T13498] R13: 00007f2111b86038 R14: 00007f2111b85fa0 R15: 00007fff9ee2e618
[  504.355037][T13498]  </TASK>
[  504.495369][   T31] usb 6-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  504.498516][   T31] usb 6-1: 2:1 : unknown format tag 0x4 is detected.  processed as MPEG.
[  504.498544][   T31] usb 6-1: found format II with max.bitrate = 4, frame size=7372
[  504.498580][   T31] usb 6-1: parse_audio_format_rates_v2v3(): unable to find clock source (clock -22)
[  504.526469][   T31] usb 6-1: 2:1 : unknown format tag 0x4 is detected.  processed as MPEG.
[  504.526498][   T31] usb 6-1: found format II with max.bitrate = 4, frame size=7372
[  504.526520][   T31] usb 6-1: parse_audio_format_rates_v2v3(): unable to find clock source (clock -22)
[  504.700529][ T5827] microsoft 0003:045E:07DA.000C: ignoring exceeding usage max
[  504.702500][ T5827] microsoft 0003:045E:07DA.000C: ignoring exceeding usage max
[  504.948908][ T5827] microsoft 0003:045E:07DA.000C: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  504.948945][ T5827] microsoft 0003:045E:07DA.000C: no inputs found
[  504.948958][ T5827] microsoft 0003:045E:07DA.000C: could not initialize ff, continuing anyway
[  504.983978][ T5931] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  504.998671][ T5931] usb 5-1: Using ep0 maxpacket: 16
[  504.999499][ T5931] usb 5-1: too many configurations: 225, using maximum allowed: 8
[  505.011351][ T5931] usb 5-1: unable to read config index 0 descriptor/start: -61
[  505.011391][ T5931] usb 5-1: can't read configurations, error -61
[  505.042894][ T5827] usb 3-1: USB disconnect, device number 59
[  505.156323][ T5931] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  505.179013][ T5931] usb 5-1: Using ep0 maxpacket: 16
[  505.181622][ T5931] usb 5-1: too many configurations: 225, using maximum allowed: 8
[  505.183207][T13503] fido_id[13503]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  505.192544][ T5931] usb 5-1: unable to read config index 0 descriptor/start: -61
[  505.192585][ T5931] usb 5-1: can't read configurations, error -61
[  505.202433][ T5931] usb usb5-port1: unable to enumerate USB device
[  505.806352][ T5827] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  505.936383][ T5827] usb 7-1: device descriptor read/64, error -71
[  505.990194][ T9641] usb 5-1: new full-speed USB device number 50 using dummy_hcd
[  506.139707][ T9641] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  506.139740][ T9641] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.176576][ T5827] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  506.185646][ T9641] usb 5-1: config 0 descriptor??
[  506.223429][ T9641] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  506.307563][ T5827] usb 7-1: device descriptor read/64, error -71
[  506.441854][ T5827] usb usb7-port1: attempt power cycle
[  506.667009][   T60] Bluetooth: hci3: link tx timeout
[  506.678344][   T60] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  506.847902][   T31] usb 6-1: USB disconnect, device number 46
[  506.936398][ T5827] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  506.942178][T13528] FAULT_INJECTION: forcing a failure.
[  506.942178][T13528] name failslab, interval 1, probability 0, space 0, times 0
[  506.942215][T13528] CPU: 1 UID: 0 PID: 13528 Comm: syz.0.2644 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  506.942241][T13528] Tainted: [L]=SOFTLOCKUP
[  506.942248][T13528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  506.942260][T13528] Call Trace:
[  506.942268][T13528]  <TASK>
[  506.942277][T13528]  dump_stack_lvl+0xe8/0x150
[  506.942313][T13528]  should_fail_ex+0x46b/0x600
[  506.942356][T13528]  should_failslab+0xa8/0x100
[  506.942379][T13528]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  506.942409][T13528]  ? __alloc_skb+0x1d0/0x7d0
[  506.942435][T13528]  ? lockdep_hardirqs_on+0x7a/0x110
[  506.942463][T13528]  __alloc_skb+0x1d0/0x7d0
[  506.942494][T13528]  netlink_sendmsg+0x5d4/0xb40
[  506.942532][T13528]  ? __pfx_netlink_sendmsg+0x10/0x10
[  506.942561][T13528]  ? unwind_get_return_address+0x4d/0x90
[  506.942588][T13528]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  506.942620][T13528]  ____sys_sendmsg+0x94c/0x9c0
[  506.942643][T13528]  ? __pfx_____sys_sendmsg+0x10/0x10
[  506.942669][T13528]  ? import_iovec+0x73/0xa0
[  506.942698][T13528]  ___sys_sendmsg+0x2a5/0x360
[  506.942715][T13528]  ? __lock_acquire+0x6b5/0x2cf0
[  506.942742][T13528]  ? __pfx____sys_sendmsg+0x10/0x10
[  506.942791][T13528]  ? __fget_files+0x2a/0x420
[  506.942815][T13528]  ? __fget_files+0x3a6/0x420
[  506.942849][T13528]  __x64_sys_sendmsg+0x1c3/0x2a0
[  506.942869][T13528]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  506.942897][T13528]  ? __pfx_ksys_write+0x10/0x10
[  506.942925][T13528]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.942946][T13528]  do_syscall_64+0x15f/0xf80
[  506.942967][T13528]  ? trace_irq_disable+0x3b/0x140
[  506.942987][T13528]  ? clear_bhb_loop+0x40/0x90
[  506.943010][T13528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.943030][T13528] RIP: 0033:0x7f211190c819
[  506.943049][T13528] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  506.943067][T13528] RSP: 002b:00007f210fb66028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  506.943087][T13528] RAX: ffffffffffffffda RBX: 00007f2111b85fa0 RCX: 00007f211190c819
[  506.943102][T13528] RDX: 0000000024044080 RSI: 0000200000000240 RDI: 0000000000000003
[  506.943116][T13528] RBP: 00007f210fb66090 R08: 0000000000000000 R09: 0000000000000000
[  506.943128][T13528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  506.943139][T13528] R13: 00007f2111b86038 R14: 00007f2111b85fa0 R15: 00007fff9ee2e618
[  506.943168][T13528]  </TASK>
[  507.023204][ T5827] usb 7-1: device descriptor read/8, error -71
[  507.028227][ T9641] gp8psk: usb in 128 operation failed.
[  507.028645][ T9641] gp8psk: usb in 137 operation failed.
[  507.028661][ T9641] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  507.028701][ T9641] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  507.040371][ T9641] usb 5-1: USB disconnect, device number 50
[  507.256376][ T5827] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  507.276995][ T5827] usb 7-1: device descriptor read/8, error -71
[  507.394517][ T5827] usb usb7-port1: unable to enumerate USB device
[  507.477304][   T48] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  507.608791][   T48] usb 3-1: device descriptor read/64, error -71
[  507.647314][ T5891] usb 1-1: new full-speed USB device number 30 using dummy_hcd
[  507.850134][   T48] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  507.859515][ T5891] usb 1-1: not running at top speed; connect to a high speed hub
[  507.875513][ T5891] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  507.875546][ T5891] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.875568][ T5891] usb 1-1: Product: ї
[  507.875582][ T5891] usb 1-1: Manufacturer: Ф
[  507.875598][ T5891] usb 1-1: SerialNumber: syz
[  507.977430][   T48] usb 3-1: device descriptor read/64, error -71
[  508.099631][   T48] usb usb3-port1: attempt power cycle
[  508.262759][ T5891] cdc_ncm 1-1:1.0: bind() failure
[  508.289281][ T5891] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  508.289331][ T5891] cdc_ncm 1-1:1.1: bind() failure
[  508.340648][ T5891] usb 1-1: USB disconnect, device number 30
[  508.602743][   T48] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  508.618475][   T48] usb 3-1: device descriptor read/8, error -71
[  508.786391][   T60] Bluetooth: hci3: command 0x0406 tx timeout
[  508.896309][   T48] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  508.917472][ T5943] udevd[5943]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  508.939262][   T48] usb 3-1: device descriptor read/8, error -71
[  509.046630][   T48] usb usb3-port1: unable to enumerate USB device
[  509.130390][T13565] veth1_macvtap: left promiscuous mode
[  509.406409][   T48] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  509.557111][   T48] usb 1-1: Using ep0 maxpacket: 16
[  509.559731][   T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  509.559764][   T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  509.559799][   T48] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  509.559838][   T48] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  509.559860][   T48] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.628526][   T48] usb 1-1: config 0 descriptor??
[  510.102728][   T48] microsoft 0003:045E:07DA.000D: ignoring exceeding usage max
[  510.116122][   T48] microsoft 0003:045E:07DA.000D: ignoring exceeding usage max
[  510.136675][   T31] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  510.260490][   T48] microsoft 0003:045E:07DA.000D: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  510.260528][   T48] microsoft 0003:045E:07DA.000D: no inputs found
[  510.260543][   T48] microsoft 0003:045E:07DA.000D: could not initialize ff, continuing anyway
[  510.319560][   T31] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  510.319593][   T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.352445][   T31] usb 5-1: config 0 descriptor??
[  510.367910][   T31] cp210x 5-1:0.0: cp210x converter detected
[  510.508083][T13596] FAULT_INJECTION: forcing a failure.
[  510.508083][T13596] name failslab, interval 1, probability 0, space 0, times 0
[  510.508122][T13596] CPU: 1 UID: 0 PID: 13596 Comm: syz.2.2668 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  510.508150][T13596] Tainted: [L]=SOFTLOCKUP
[  510.508157][T13596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  510.508169][T13596] Call Trace:
[  510.508181][T13596]  <TASK>
[  510.508190][T13596]  dump_stack_lvl+0xe8/0x150
[  510.508227][T13596]  should_fail_ex+0x46b/0x600
[  510.508259][T13596]  should_failslab+0xa8/0x100
[  510.508282][T13596]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  510.508312][T13596]  ? __alloc_skb+0x1d0/0x7d0
[  510.508339][T13596]  ? lockdep_hardirqs_on+0x7a/0x110
[  510.508368][T13596]  __alloc_skb+0x1d0/0x7d0
[  510.508400][T13596]  netlink_sendmsg+0x5d4/0xb40
[  510.508439][T13596]  ? __pfx_netlink_sendmsg+0x10/0x10
[  510.508470][T13596]  ? unwind_get_return_address+0x4d/0x90
[  510.508505][T13596]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  510.508538][T13596]  ____sys_sendmsg+0x94c/0x9c0
[  510.508562][T13596]  ? __pfx_____sys_sendmsg+0x10/0x10
[  510.508586][T13596]  ? import_iovec+0x73/0xa0
[  510.508616][T13596]  ___sys_sendmsg+0x2a5/0x360
[  510.508633][T13596]  ? __lock_acquire+0x6b5/0x2cf0
[  510.508661][T13596]  ? __pfx____sys_sendmsg+0x10/0x10
[  510.508714][T13596]  ? __fget_files+0x2a/0x420
[  510.508739][T13596]  ? __fget_files+0x3a6/0x420
[  510.508776][T13596]  __x64_sys_sendmsg+0x1c3/0x2a0
[  510.508799][T13596]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  510.508829][T13596]  ? __pfx_ksys_write+0x10/0x10
[  510.508856][T13596]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.508878][T13596]  do_syscall_64+0x15f/0xf80
[  510.508899][T13596]  ? trace_irq_disable+0x3b/0x140
[  510.508920][T13596]  ? clear_bhb_loop+0x40/0x90
[  510.508944][T13596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.508965][T13596] RIP: 0033:0x7f4d085fc819
[  510.508984][T13596] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  510.509000][T13596] RSP: 002b:00007f4d06856028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  510.509022][T13596] RAX: ffffffffffffffda RBX: 00007f4d08875fa0 RCX: 00007f4d085fc819
[  510.509037][T13596] RDX: 000000000000c010 RSI: 0000200000000040 RDI: 0000000000000003
[  510.509051][T13596] RBP: 00007f4d06856090 R08: 0000000000000000 R09: 0000000000000000
[  510.509063][T13596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.509075][T13596] R13: 00007f4d08876038 R14: 00007f4d08875fa0 R15: 00007fff62410a48
[  510.509107][T13596]  </TASK>
[  510.574831][T13589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  510.650908][T13589] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  511.042320][ T5898] usb 1-1: USB disconnect, device number 31
[  511.134640][T13601] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2670'.
[  511.139488][   T31] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71
[  511.139543][   T31] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  511.191379][   T31] usb 5-1: cp210x converter now attached to ttyUSB0
[  511.204706][   T31] usb 5-1: USB disconnect, device number 51
[  511.276640][   T31] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  511.306708][   T31] cp210x 5-1:0.0: device disconnected
[  511.566340][ T6008] usb 3-1: new full-speed USB device number 64 using dummy_hcd
[  511.723607][ T6008] usb 3-1: unable to get BOS descriptor or descriptor too short
[  511.736988][ T6008] usb 3-1: not running at top speed; connect to a high speed hub
[  511.739169][ T6008] usb 3-1: config 6 has an invalid interface number: 217 but max is 0
[  511.739196][ T6008] usb 3-1: config 6 has no interface number 0
[  511.739227][ T6008] usb 3-1: config 6 interface 217 has no altsetting 0
[  511.754688][ T6008] usb 3-1: New USB device found, idVendor=06cd, idProduct=010b, bcdDevice=7e.2f
[  511.754718][ T6008] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.754737][ T6008] usb 3-1: Product: syz
[  511.754751][ T6008] usb 3-1: Manufacturer: syz
[  511.754766][ T6008] usb 3-1: SerialNumber: syz
[  512.114624][T13618] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2676'.
[  512.214878][T13622] netlink: 'syz.6.2678': attribute type 10 has an invalid length.
[  512.215174][T13622] bridge0: port 2(bridge_slave_1) entered disabled state
[  512.235960][T13622] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.284976][T13622] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.285112][T13622] bridge0: port 2(bridge_slave_1) entered forwarding state
[  512.309646][T13622] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.315882][T13622] bridge0: port 1(bridge_slave_0) entered forwarding state
[  512.358045][T13622] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  512.644779][ T6008] hub 3-1:6.217: bad descriptor, ignoring hub
[  512.644830][ T6008] hub 3-1:6.217: probe with driver hub failed with error -5
[  512.654925][ T6008] keyspan 3-1:6.217: Keyspan - (without firmware) converter detected
[  512.937225][ T6008] usb 3-1: USB disconnect, device number 64
[  512.975653][ T6008] keyspan 3-1:6.217: device disconnected
[  513.826338][ T5818] Bluetooth: hci1: command 0x0406 tx timeout
[  515.946301][   T31] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  516.156484][ T6008] usb 3-1: new full-speed USB device number 65 using dummy_hcd
[  516.379679][ T6008] usb 3-1: not running at top speed; connect to a high speed hub
[  516.510167][ T6008] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  516.510209][ T6008] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  516.510291][ T6008] usb 3-1: Product: ї
[  516.510343][ T6008] usb 3-1: Manufacturer: Ф
[  516.510400][ T6008] usb 3-1: SerialNumber: syz
[  517.096144][ T6008] cdc_ncm 3-1:1.0: bind() failure
[  517.112339][ T6008] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  517.132098][ T6008] cdc_ncm 3-1:1.1: bind() failure
[  517.187756][ T6008] usb 3-1: USB disconnect, device number 65
[  517.561332][   T31] usb 5-1: unable to get BOS descriptor or descriptor too short
[  517.562361][   T31] usb 5-1: unable to read config index 0 descriptor/start: -71
[  517.562395][   T31] usb 5-1: can't read configurations, error -71
[  517.625310][T13689] netlink: 'syz.6.2700': attribute type 10 has an invalid length.
[  517.824605][T13689] 8021q: adding VLAN 0 to HW filter on device batadv0
[  517.925284][T13689] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  520.616305][   T31] usb 6-1: new full-speed USB device number 47 using dummy_hcd
[  520.854014][   T31] usb 6-1: not running at top speed; connect to a high speed hub
[  520.869848][   T31] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  520.869881][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.869901][   T31] usb 6-1: Product: ї
[  520.869915][   T31] usb 6-1: Manufacturer: Ф
[  520.869930][   T31] usb 6-1: SerialNumber: syz
[  521.086392][ T6008] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  521.161804][   T31] cdc_ncm 6-1:1.0: bind() failure
[  521.181407][   T31] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  521.181454][   T31] cdc_ncm 6-1:1.1: bind() failure
[  521.212909][   T31] usb 6-1: USB disconnect, device number 47
[  521.236294][ T6008] usb 5-1: Using ep0 maxpacket: 32
[  521.240383][ T6008] usb 5-1: config 0 has an invalid interface number: 188 but max is 0
[  521.240412][ T6008] usb 5-1: config 0 has no interface number 0
[  521.240458][ T6008] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  521.254194][ T6008] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  521.254225][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.254245][ T6008] usb 5-1: Product: syz
[  521.254260][ T6008] usb 5-1: Manufacturer: syz
[  521.254274][ T6008] usb 5-1: SerialNumber: syz
[  521.288496][ T6008] usb 5-1: config 0 descriptor??
[  521.292516][T13743] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  521.547319][T13743] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  521.558908][   T48] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  522.378261][ T6008] asix 5-1:0.188 (unnamed net_device) (uninitialized): invalid PHY address: 198
[  522.597140][ T6073] usb 5-1: USB disconnect, device number 54
[  522.736446][ T9641] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  522.867961][ T9641] usb 1-1: device descriptor read/64, error -71
[  523.116342][ T9641] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  523.247623][ T9641] usb 1-1: device descriptor read/64, error -71
[  523.356937][ T9641] usb usb1-port1: attempt power cycle
[  523.880913][T13782] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2734'.
[  523.926591][ T9641] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  523.943557][T13781] block nbd0: not configured, cannot reconfigure
[  523.947602][ T9641] usb 1-1: device descriptor read/8, error -71
[  524.186318][ T9641] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  524.214866][ T9641] usb 1-1: device descriptor read/8, error -71
[  524.227991][T13796] netlink: 'syz.6.2738': attribute type 1 has an invalid length.
[  524.316863][ T9641] usb usb1-port1: unable to enumerate USB device
[  524.334667][T13798] openvswitch: netlink: Key type 30 is not supported
[  524.346329][   T48] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  524.496465][   T48] usb 3-1: Using ep0 maxpacket: 32
[  524.501903][   T48] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  524.516444][   T31] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  524.533549][   T48] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  524.533580][   T48] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  524.533601][   T48] usb 3-1: Product: syz
[  524.533615][   T48] usb 3-1: Manufacturer: syz
[  524.533631][   T48] usb 3-1: SerialNumber: syz
[  524.555749][   T48] usb 3-1: config 0 descriptor??
[  524.556596][T13789] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  524.679349][   T31] usb 7-1: Using ep0 maxpacket: 8
[  524.684301][   T31] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  524.684328][   T31] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  524.684346][   T31] usb 7-1: config 0 has no interface number 0
[  524.684386][   T31] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  524.684408][   T31] usb 7-1: config 0 interface 55 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  524.684450][   T31] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  524.684473][   T31] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.715893][   T31] usb 7-1: config 0 descriptor??
[  524.741237][   T31] ldusb 7-1:0.55: Interrupt in endpoint not found
[  524.961366][ T6008] usb 3-1: USB disconnect, device number 66
[  525.971377][T13825] netlink: 'syz.0.2750': attribute type 1 has an invalid length.
[  525.971398][T13825] netlink: 15990 bytes leftover after parsing attributes in process `syz.0.2750'.
[  525.973323][T13824] netlink: 'syz.0.2750': attribute type 1 has an invalid length.
[  525.973342][T13824] netlink: 15990 bytes leftover after parsing attributes in process `syz.0.2750'.
[  527.049463][T13857] FAULT_INJECTION: forcing a failure.
[  527.049463][T13857] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  527.049530][T13857] CPU: 0 UID: 0 PID: 13857 Comm: syz.0.2764 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  527.049559][T13857] Tainted: [L]=SOFTLOCKUP
[  527.049566][T13857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  527.049578][T13857] Call Trace:
[  527.049587][T13857]  <TASK>
[  527.049597][T13857]  dump_stack_lvl+0xe8/0x150
[  527.049637][T13857]  should_fail_ex+0x46b/0x600
[  527.049671][T13857]  _copy_from_iter+0x1d3/0x1670
[  527.049698][T13857]  ? irqentry_exit+0x218/0x730
[  527.049728][T13857]  ? lockdep_hardirqs_on+0x7a/0x110
[  527.049751][T13857]  ? irqentry_exit+0x218/0x730
[  527.049778][T13857]  ? __pfx__copy_from_iter+0x10/0x10
[  527.049810][T13857]  ? tun_get_user+0x3f9/0x4400
[  527.049846][T13857]  tun_get_user+0x6c6/0x4400
[  527.049889][T13857]  ? __lock_acquire+0x6b5/0x2cf0
[  527.049919][T13857]  ? __pfx_tun_get_user+0x10/0x10
[  527.049948][T13857]  ? __lock_acquire+0x6b5/0x2cf0
[  527.049979][T13857]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  527.050009][T13857]  ? ref_tracker_alloc+0x332/0x4a0
[  527.050039][T13857]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  527.050067][T13857]  ? tun_get+0x1c/0x2f0
[  527.050094][T13857]  ? tun_get+0x1c/0x2f0
[  527.050126][T13857]  ? tun_get+0x1c/0x2f0
[  527.050151][T13857]  ? tun_get+0x1c/0x2f0
[  527.050199][T13857]  tun_chr_write_iter+0x119/0x200
[  527.050229][T13857]  vfs_write+0x629/0xba0
[  527.050258][T13857]  ? __pfx_vfs_write+0x10/0x10
[  527.050288][T13857]  ? __fget_files+0x2a/0x420
[  527.050323][T13857]  ksys_write+0x156/0x270
[  527.050345][T13857]  ? __pfx_ksys_write+0x10/0x10
[  527.050373][T13857]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.050395][T13857]  do_syscall_64+0x15f/0xf80
[  527.050421][T13857]  ? clear_bhb_loop+0x40/0x90
[  527.050445][T13857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.050465][T13857] RIP: 0033:0x7f211190c819
[  527.050485][T13857] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  527.050502][T13857] RSP: 002b:00007f210fb66028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  527.050523][T13857] RAX: ffffffffffffffda RBX: 00007f2111b85fa0 RCX: 00007f211190c819
[  527.050537][T13857] RDX: 000000000000fdef RSI: 0000200000000240 RDI: 0000000000000003
[  527.050550][T13857] RBP: 00007f210fb66090 R08: 0000000000000000 R09: 0000000000000000
[  527.050563][T13857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  527.050575][T13857] R13: 00007f2111b86038 R14: 00007f2111b85fa0 R15: 00007fff9ee2e618
[  527.050606][T13857]  </TASK>
[  527.443325][   T48] usb 7-1: USB disconnect, device number 13
[  528.190569][T13877] openvswitch: netlink: Duplicate or invalid key (type 0).
[  528.190605][T13877] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  528.307882][   T48] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  528.462628][   T48] usb 7-1: Using ep0 maxpacket: 8
[  528.463606][   T48] usb 7-1: no configurations
[  528.463623][   T48] usb 7-1: can't read configurations, error -22
[  528.566630][T13889] FAULT_INJECTION: forcing a failure.
[  528.566630][T13889] name failslab, interval 1, probability 0, space 0, times 0
[  528.566655][T13889] CPU: 0 UID: 0 PID: 13889 Comm: syz.4.2777 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  528.566672][T13889] Tainted: [L]=SOFTLOCKUP
[  528.566676][T13889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  528.566683][T13889] Call Trace:
[  528.566688][T13889]  <TASK>
[  528.566694][T13889]  dump_stack_lvl+0xe8/0x150
[  528.566717][T13889]  should_fail_ex+0x46b/0x600
[  528.566735][T13889]  should_failslab+0xa8/0x100
[  528.566750][T13889]  __kmalloc_cache_noprof+0x84/0x690
[  528.566769][T13889]  ? bpf_xdp_link_attach+0x19c/0x970
[  528.566882][T13889]  bpf_xdp_link_attach+0x19c/0x970
[  528.566908][T13889]  ? __pfx_bpf_xdp_link_attach+0x10/0x10
[  528.566945][T13889]  ? __fget_files+0x3a6/0x420
[  528.566974][T13889]  ? attach_type_to_prog_type+0x298/0x490
[  528.566999][T13889]  ? bpf_prog_attach_check_attach_type+0x39c/0x540
[  528.567037][T13889]  link_create+0x4e1/0x850
[  528.567062][T13889]  __sys_bpf+0x468/0x950
[  528.567087][T13889]  ? __pfx___sys_bpf+0x10/0x10
[  528.567104][T13889]  ? rt_mutex_slowunlock+0x1cb/0x300
[  528.567149][T13889]  ? ksys_write+0x248/0x270
[  528.567169][T13889]  ? __pfx_ksys_write+0x10/0x10
[  528.567192][T13889]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.567214][T13889]  __x64_sys_bpf+0x7c/0x90
[  528.567244][T13889]  do_syscall_64+0x15f/0xf80
[  528.567266][T13889]  ? trace_irq_disable+0x3b/0x140
[  528.567287][T13889]  ? clear_bhb_loop+0x40/0x90
[  528.567311][T13889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.567331][T13889] RIP: 0033:0x7f5558d5c819
[  528.567350][T13889] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  528.567367][T13889] RSP: 002b:00007f5556fb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  528.567388][T13889] RAX: ffffffffffffffda RBX: 00007f5558fd5fa0 RCX: 00007f5558d5c819
[  528.567403][T13889] RDX: 0000000000000010 RSI: 0000200000000340 RDI: 000000000000001c
[  528.567416][T13889] RBP: 00007f5556fb6090 R08: 0000000000000000 R09: 0000000000000000
[  528.567429][T13889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  528.567440][T13889] R13: 00007f5558fd6038 R14: 00007f5558fd5fa0 R15: 00007ffd55035968
[  528.567472][T13889]  </TASK>
[  528.886365][   T48] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  529.046426][   T48] usb 7-1: Using ep0 maxpacket: 8
[  529.047342][   T48] usb 7-1: no configurations
[  529.047361][   T48] usb 7-1: can't read configurations, error -22
[  529.047981][   T48] usb usb7-port1: attempt power cycle
[  529.396755][   T48] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  529.419108][   T48] usb 7-1: Using ep0 maxpacket: 8
[  529.420056][   T48] usb 7-1: no configurations
[  529.420071][   T48] usb 7-1: can't read configurations, error -22
[  529.556636][   T48] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  529.577288][   T48] usb 7-1: Using ep0 maxpacket: 8
[  529.578144][   T48] usb 7-1: no configurations
[  529.578161][   T48] usb 7-1: can't read configurations, error -22
[  529.578507][   T48] usb usb7-port1: unable to enumerate USB device
[  530.153680][T13939] netlink: 'syz.2.2799': attribute type 5 has an invalid length.
[  530.228775][   T48] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[  530.386371][   T48] usb 6-1: Using ep0 maxpacket: 32
[  530.388762][   T48] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  530.388782][   T48] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  530.394664][   T48] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  530.394693][   T48] usb 6-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  530.394711][   T48] usb 6-1: Product: syz
[  530.394724][   T48] usb 6-1: Manufacturer: syz
[  530.503981][   T48] hub 6-1:4.0: USB hub found
[  530.828612][T13954] netlink: 'syz.2.2804': attribute type 1 has an invalid length.
[  530.903265][   T48] hub 6-1:4.0: config failed, can't read hub descriptor (err -22)
[  530.957364][   T48] usb 6-1: USB disconnect, device number 48
[  531.592004][ T9641] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  532.112361][ T9641] usb 3-1: Using ep0 maxpacket: 8
[  532.137641][ T9641] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  532.137670][ T9641] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.137699][ T9641] usb 3-1: config 0 has no interface number 0
[  532.137740][ T9641] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  532.137776][ T9641] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  532.137798][ T9641] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.166750][ T9641] usb 3-1: config 0 descriptor??
[  532.193221][ T9641] ldusb 3-1:0.55: Interrupt in endpoint not found
[  532.982426][T13985] FAULT_INJECTION: forcing a failure.
[  532.982426][T13985] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  532.982463][T13985] CPU: 1 UID: 0 PID: 13985 Comm: syz.5.2815 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  532.982490][T13985] Tainted: [L]=SOFTLOCKUP
[  532.982498][T13985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  532.982509][T13985] Call Trace:
[  532.982517][T13985]  <TASK>
[  532.982526][T13985]  dump_stack_lvl+0xe8/0x150
[  532.982563][T13985]  should_fail_ex+0x46b/0x600
[  532.982593][T13985]  _copy_from_user+0x2d/0xb0
[  532.982622][T13985]  ___sys_recvmsg+0x175/0x590
[  532.982646][T13985]  ? get_pid_task+0x20/0x1f0
[  532.982669][T13985]  ? get_pid_task+0x20/0x1f0
[  532.982695][T13985]  ? __pfx____sys_recvmsg+0x10/0x10
[  532.982720][T13985]  ? __fget_files+0x2a/0x420
[  532.982763][T13985]  ? __fget_files+0x3a6/0x420
[  532.982798][T13985]  __x64_sys_recvmsg+0x1c0/0x2a0
[  532.982822][T13985]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  532.982852][T13985]  ? __pfx_ksys_write+0x10/0x10
[  532.982880][T13985]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.982901][T13985]  do_syscall_64+0x15f/0xf80
[  532.982926][T13985]  ? clear_bhb_loop+0x40/0x90
[  532.982950][T13985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.982969][T13985] RIP: 0033:0x7f48de7ac819
[  532.982989][T13985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  532.983013][T13985] RSP: 002b:00007f48dc9c4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  532.983034][T13985] RAX: ffffffffffffffda RBX: 00007f48dea26180 RCX: 00007f48de7ac819
[  532.983049][T13985] RDX: 0000000040002160 RSI: 00002000000005c0 RDI: 0000000000000006
[  532.983062][T13985] RBP: 00007f48dc9c4090 R08: 0000000000000000 R09: 0000000000000000
[  532.983075][T13985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  532.983087][T13985] R13: 00007f48dea26218 R14: 00007f48dea26180 R15: 00007ffcef74ce68
[  532.983118][T13985]  </TASK>
[  534.629008][   T48] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  534.858933][ T5891] usb 3-1: USB disconnect, device number 67
[  535.016294][   T48] usb 7-1: Using ep0 maxpacket: 16
[  535.019213][   T48] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  535.019247][   T48] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  535.019271][   T48] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  535.019311][   T48] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  535.019333][   T48] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  535.090556][   T48] usb 7-1: config 0 descriptor??
[  535.453160][T13994] FAULT_INJECTION: forcing a failure.
[  535.453160][T13994] name failslab, interval 1, probability 0, space 0, times 0
[  535.453201][T13994] CPU: 0 UID: 0 PID: 13994 Comm: syz.2.2820 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  535.453231][T13994] Tainted: [L]=SOFTLOCKUP
[  535.453239][T13994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  535.453250][T13994] Call Trace:
[  535.453259][T13994]  <TASK>
[  535.453267][T13994]  dump_stack_lvl+0xe8/0x150
[  535.453304][T13994]  should_fail_ex+0x46b/0x600
[  535.453334][T13994]  should_failslab+0xa8/0x100
[  535.453358][T13994]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  535.453386][T13994]  ? __alloc_skb+0x1d0/0x7d0
[  535.453412][T13994]  ? lockdep_hardirqs_on+0x7a/0x110
[  535.453441][T13994]  __alloc_skb+0x1d0/0x7d0
[  535.453473][T13994]  netlink_sendmsg+0x5d4/0xb40
[  535.453510][T13994]  ? __pfx_netlink_sendmsg+0x10/0x10
[  535.453540][T13994]  ? unwind_get_return_address+0x4d/0x90
[  535.453567][T13994]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  535.453600][T13994]  ____sys_sendmsg+0x94c/0x9c0
[  535.453626][T13994]  ? __pfx_____sys_sendmsg+0x10/0x10
[  535.453654][T13994]  ? import_iovec+0x73/0xa0
[  535.453685][T13994]  ___sys_sendmsg+0x2a5/0x360
[  535.453704][T13994]  ? __lock_acquire+0x6b5/0x2cf0
[  535.453731][T13994]  ? __pfx____sys_sendmsg+0x10/0x10
[  535.453785][T13994]  ? __fget_files+0x2a/0x420
[  535.453810][T13994]  ? __fget_files+0x3a6/0x420
[  535.453845][T13994]  __x64_sys_sendmsg+0x1c3/0x2a0
[  535.453867][T13994]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  535.453905][T13994]  ? __pfx_ksys_write+0x10/0x10
[  535.453933][T13994]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.453954][T13994]  do_syscall_64+0x15f/0xf80
[  535.453978][T13994]  ? clear_bhb_loop+0x40/0x90
[  535.454002][T13994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.454022][T13994] RIP: 0033:0x7f4d085fc819
[  535.454041][T13994] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  535.454058][T13994] RSP: 002b:00007f4d06856028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  535.454079][T13994] RAX: ffffffffffffffda RBX: 00007f4d08875fa0 RCX: 00007f4d085fc819
[  535.454093][T13994] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000006
[  535.454106][T13994] RBP: 00007f4d06856090 R08: 0000000000000000 R09: 0000000000000000
[  535.454118][T13994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  535.454130][T13994] R13: 00007f4d08876038 R14: 00007f4d08875fa0 R15: 00007fff62410a48
[  535.454162][T13994]  </TASK>
[  535.456312][ T5891] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  535.626643][   T48] usbhid 7-1:0.0: can't add hid device: -71
[  535.626760][   T48] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  535.687956][ T5891] usb 5-1: Using ep0 maxpacket: 8
[  535.696377][ T5891] usb 5-1: no configurations
[  535.696399][ T5891] usb 5-1: can't read configurations, error -22
[  535.775128][   T48] usb 7-1: USB disconnect, device number 18
[  535.872072][ T5891] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  535.986928][T14017] FAULT_INJECTION: forcing a failure.
[  535.986928][T14017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  535.986962][T14017] CPU: 0 UID: 0 PID: 14017 Comm: syz.5.2826 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  535.986990][T14017] Tainted: [L]=SOFTLOCKUP
[  535.986997][T14017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  535.987009][T14017] Call Trace:
[  535.987017][T14017]  <TASK>
[  535.987026][T14017]  dump_stack_lvl+0xe8/0x150
[  535.987062][T14017]  should_fail_ex+0x46b/0x600
[  535.987090][T14017]  _copy_to_user+0x31/0xb0
[  535.987117][T14017]  simple_read_from_buffer+0xe1/0x170
[  535.987146][T14017]  proc_fail_nth_read+0x1be/0x230
[  535.987175][T14017]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  535.987201][T14017]  ? rw_verify_area+0x2ac/0x4e0
[  535.987229][T14017]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  535.987318][T14017]  vfs_read+0x212/0xa80
[  535.987368][T14017]  ? __pfx_vfs_read+0x10/0x10
[  535.987401][T14017]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  535.987431][T14017]  ? lockdep_hardirqs_on+0x7a/0x110
[  535.987455][T14017]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  535.987483][T14017]  ? mutex_lock_nested+0x152/0x1d0
[  535.987510][T14017]  ? fdget_pos+0x252/0x320
[  535.987547][T14017]  ksys_read+0x156/0x270
[  535.987570][T14017]  ? __pfx_ksys_read+0x10/0x10
[  535.987595][T14017]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.987618][T14017]  do_syscall_64+0x15f/0xf80
[  535.987641][T14017]  ? trace_irq_disable+0x3b/0x140
[  535.987663][T14017]  ? clear_bhb_loop+0x40/0x90
[  535.987688][T14017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.987708][T14017] RIP: 0033:0x7f48de76d04e
[  535.987727][T14017] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  535.987744][T14017] RSP: 002b:00007f48dca05fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  535.987767][T14017] RAX: ffffffffffffffda RBX: 00007f48dca066c0 RCX: 00007f48de76d04e
[  535.987782][T14017] RDX: 000000000000000f RSI: 00007f48dca060a0 RDI: 0000000000000004
[  535.987794][T14017] RBP: 00007f48dca06090 R08: 0000000000000000 R09: 0000000000000000
[  535.987807][T14017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  535.987820][T14017] R13: 00007f48dea26038 R14: 00007f48dea25fa0 R15: 00007ffcef74ce68
[  535.987852][T14017]  </TASK>
[  536.026417][ T5891] usb 5-1: Using ep0 maxpacket: 8
[  536.028080][ T5891] usb 5-1: no configurations
[  536.028098][ T5891] usb 5-1: can't read configurations, error -22
[  536.047883][ T5891] usb usb5-port1: attempt power cycle
[  537.167993][T14034] FAULT_INJECTION: forcing a failure.
[  537.167993][T14034] name failslab, interval 1, probability 0, space 0, times 0
[  537.168056][T14034] CPU: 1 UID: 0 PID: 14034 Comm: syz.2.2832 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  537.168084][T14034] Tainted: [L]=SOFTLOCKUP
[  537.168092][T14034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  537.168111][T14034] Call Trace:
[  537.168120][T14034]  <TASK>
[  537.168129][T14034]  dump_stack_lvl+0xe8/0x150
[  537.168165][T14034]  should_fail_ex+0x46b/0x600
[  537.168197][T14034]  should_failslab+0xa8/0x100
[  537.168221][T14034]  __kmalloc_noprof+0xdf/0x7b0
[  537.168241][T14034]  ? bpf_test_init+0x9f/0x150
[  537.168271][T14034]  ? __lock_acquire+0x6b5/0x2cf0
[  537.168299][T14034]  bpf_test_init+0x9f/0x150
[  537.168330][T14034]  bpf_prog_test_run_skb+0x392/0x2260
[  537.168378][T14034]  ? __fget_files+0x3a6/0x420
[  537.168404][T14034]  ? __fget_files+0x2a/0x420
[  537.168435][T14034]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  537.168464][T14034]  bpf_prog_test_run+0x2cd/0x340
[  537.168491][T14034]  __sys_bpf+0x643/0x950
[  537.168530][T14034]  ? __pfx___sys_bpf+0x10/0x10
[  537.168548][T14034]  ? rt_mutex_slowunlock+0x1cb/0x300
[  537.168595][T14034]  ? ksys_write+0x248/0x270
[  537.168617][T14034]  ? __pfx_ksys_write+0x10/0x10
[  537.168641][T14034]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.168663][T14034]  __x64_sys_bpf+0x7c/0x90
[  537.168694][T14034]  do_syscall_64+0x15f/0xf80
[  537.168719][T14034]  ? clear_bhb_loop+0x40/0x90
[  537.168744][T14034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.168765][T14034] RIP: 0033:0x7f4d085fc819
[  537.168784][T14034] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  537.168802][T14034] RSP: 002b:00007f4d06856028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  537.168824][T14034] RAX: ffffffffffffffda RBX: 00007f4d08875fa0 RCX: 00007f4d085fc819
[  537.168839][T14034] RDX: 0000000000000050 RSI: 0000200000000780 RDI: 000000000000000a
[  537.168852][T14034] RBP: 00007f4d06856090 R08: 0000000000000000 R09: 0000000000000000
[  537.168864][T14034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  537.168876][T14034] R13: 00007f4d08876038 R14: 00007f4d08875fa0 R15: 00007fff62410a48
[  537.168908][T14034]  </TASK>
[  537.285613][ T5891] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  537.343312][ T5891] usb 5-1: Using ep0 maxpacket: 8
[  537.359469][ T5891] usb 5-1: no configurations
[  537.359492][ T5891] usb 5-1: can't read configurations, error -22
[  537.566422][ T5891] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  537.588231][ T5891] usb 5-1: Using ep0 maxpacket: 8
[  537.589069][ T5891] usb 5-1: no configurations
[  537.589085][ T5891] usb 5-1: can't read configurations, error -22
[  537.589614][ T5891] usb usb5-port1: unable to enumerate USB device
[  538.876383][ T5891] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  539.238946][ T5891] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  539.238979][ T5891] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  539.271892][ T5891] usb 5-1: config 0 descriptor??
[  539.288946][ T5891] cp210x 5-1:0.0: cp210x converter detected
[  539.342231][T14092] binder: 14091:14092 ioctl c0306201 200000000080 returned -14
[  539.353584][T14093] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2860'.
[  539.387842][ T5931] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  539.405072][T14099] binder: 14091:14099 ioctl c0306201 2000000003c0 returned -14
[  539.432784][T14099] binder: 14091:14099 ioctl 400445a0 2000000000c0 returned -22
[  539.447781][T14092] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2860'.
[  539.518196][T14076] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  539.518810][T14076] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  539.543716][ T5931] usb 7-1: unable to get BOS descriptor or descriptor too short
[  539.547713][ T5931] usb 7-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[  539.563781][ T5931] usb 7-1: New USB device found, idVendor=0582, idProduct=004c, bcdDevice= 0.40
[  539.563814][ T5931] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  539.563835][ T5931] usb 7-1: Product: syz
[  539.563850][ T5931] usb 7-1: Manufacturer: syz
[  539.563864][ T5931] usb 7-1: SerialNumber: syz
[  539.826518][T14098] FAULT_INJECTION: forcing a failure.
[  539.826518][T14098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  539.826553][T14098] CPU: 0 UID: 0 PID: 14098 Comm: syz.2.2861 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  539.826577][T14098] Tainted: [L]=SOFTLOCKUP
[  539.826585][T14098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  539.826596][T14098] Call Trace:
[  539.826604][T14098]  <TASK>
[  539.826612][T14098]  dump_stack_lvl+0xe8/0x150
[  539.826648][T14098]  should_fail_ex+0x46b/0x600
[  539.826676][T14098]  _copy_to_user+0x31/0xb0
[  539.826706][T14098]  simple_read_from_buffer+0xe1/0x170
[  539.826734][T14098]  proc_fail_nth_read+0x1be/0x230
[  539.826763][T14098]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  539.826791][T14098]  ? rw_verify_area+0x2ac/0x4e0
[  539.826818][T14098]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  539.826845][T14098]  vfs_read+0x212/0xa80
[  539.826881][T14098]  ? __pfx_vfs_read+0x10/0x10
[  539.826911][T14098]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  539.826932][T14098]  ? lockdep_hardirqs_on+0x7a/0x110
[  539.826952][T14098]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  539.826974][T14098]  ? mutex_lock_nested+0x152/0x1d0
[  539.827001][T14098]  ? fdget_pos+0x252/0x320
[  539.827034][T14098]  ksys_read+0x156/0x270
[  539.827055][T14098]  ? __pfx_ksys_read+0x10/0x10
[  539.827080][T14098]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.827100][T14098]  do_syscall_64+0x15f/0xf80
[  539.827120][T14098]  ? trace_irq_disable+0x3b/0x140
[  539.827137][T14098]  ? clear_bhb_loop+0x40/0x90
[  539.827158][T14098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.827177][T14098] RIP: 0033:0x7f4d085bd04e
[  539.827195][T14098] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  539.827211][T14098] RSP: 002b:00007f4d06855fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  539.827227][T14098] RAX: ffffffffffffffda RBX: 00007f4d068566c0 RCX: 00007f4d085bd04e
[  539.827238][T14098] RDX: 000000000000000f RSI: 00007f4d068560a0 RDI: 0000000000000004
[  539.827246][T14098] RBP: 00007f4d06856090 R08: 0000000000000000 R09: 0000000000000000
[  539.827255][T14098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  539.827264][T14098] R13: 00007f4d08876038 R14: 00007f4d08875fa0 R15: 00007fff62410a48
[  539.827287][T14098]  </TASK>
[  539.952654][ T5891] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71
[  539.952726][ T5891] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  539.975729][    C0] raw-gadget.1 gadget.6: ignoring, device is not running
[  539.976102][    C0] raw-gadget.1 gadget.6: ignoring, device is not running
[  540.190433][ T5891] usb 5-1: cp210x converter now attached to ttyUSB0
[  540.206140][ T5891] usb 5-1: USB disconnect, device number 59
[  540.245569][ T5931] usb 7-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  540.255000][ T5891] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  540.284690][ T5931] usb 7-1: 2:1 : unknown format tag 0x4 is detected.  processed as MPEG.
[  540.284718][ T5931] usb 7-1: found format II with max.bitrate = 4, frame size=7372
[  540.292871][ T5931] usb 7-1: parse_audio_format_rates_v2v3(): unable to retrieve number of sample rates (clock 0)
[  540.325461][ T5891] cp210x 5-1:0.0: device disconnected
[  540.628523][ T5931] usb 7-1: USB disconnect, device number 19
[  541.965626][T14128] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  542.131582][T14135] FAULT_INJECTION: forcing a failure.
[  542.131582][T14135] name failslab, interval 1, probability 0, space 0, times 0
[  542.131619][T14135] CPU: 0 UID: 0 PID: 14135 Comm: syz.4.2873 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  542.131646][T14135] Tainted: [L]=SOFTLOCKUP
[  542.131654][T14135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  542.131667][T14135] Call Trace:
[  542.131674][T14135]  <TASK>
[  542.131683][T14135]  dump_stack_lvl+0xe8/0x150
[  542.131719][T14135]  should_fail_ex+0x46b/0x600
[  542.131751][T14135]  should_failslab+0xa8/0x100
[  542.131773][T14135]  kmem_cache_alloc_noprof+0x87/0x680
[  542.131803][T14135]  ? dup_fd+0x55/0xb70
[  542.131831][T14135]  dup_fd+0x55/0xb70
[  542.131856][T14135]  ? rt_spin_unlock+0x160/0x200
[  542.131889][T14135]  ? copy_fs_struct+0x1c8/0x270
[  542.131915][T14135]  ksys_unshare+0x4c1/0x9f0
[  542.132021][T14135]  ? fput+0xa0/0xd0
[  542.132049][T14135]  ? __pfx_ksys_unshare+0x10/0x10
[  542.132071][T14135]  ? __pfx_ksys_write+0x10/0x10
[  542.132097][T14135]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.132119][T14135]  __x64_sys_unshare+0x38/0x50
[  542.132141][T14135]  do_syscall_64+0x15f/0xf80
[  542.132163][T14135]  ? trace_irq_disable+0x3b/0x140
[  542.132183][T14135]  ? clear_bhb_loop+0x40/0x90
[  542.132207][T14135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.132226][T14135] RIP: 0033:0x7f5558d5c819
[  542.132245][T14135] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  542.132263][T14135] RSP: 002b:00007f5556f95028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  542.132291][T14135] RAX: ffffffffffffffda RBX: 00007f5558fd6090 RCX: 00007f5558d5c819
[  542.132309][T14135] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000028000600
[  542.132322][T14135] RBP: 00007f5556f95090 R08: 0000000000000000 R09: 0000000000000000
[  542.132335][T14135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  542.132348][T14135] R13: 00007f5558fd6128 R14: 00007f5558fd6090 R15: 00007ffd55035968
[  542.132378][T14135]  </TASK>
[  542.270894][ T5864] udevd[5864]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  542.480088][   T48] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  542.637820][   T48] usb 7-1: Using ep0 maxpacket: 16
[  542.656687][   T48] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  542.656719][   T48] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  542.656751][   T48] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  542.656793][   T48] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  542.656817][   T48] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  542.667298][T14152] FAULT_INJECTION: forcing a failure.
[  542.667298][T14152] name failslab, interval 1, probability 0, space 0, times 0
[  542.667333][T14152] CPU: 0 UID: 0 PID: 14152 Comm: syz.5.2882 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  542.667360][T14152] Tainted: [L]=SOFTLOCKUP
[  542.667367][T14152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  542.667379][T14152] Call Trace:
[  542.667390][T14152]  <TASK>
[  542.667399][T14152]  dump_stack_lvl+0xe8/0x150
[  542.667435][T14152]  should_fail_ex+0x46b/0x600
[  542.667464][T14152]  should_failslab+0xa8/0x100
[  542.667487][T14152]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  542.667517][T14152]  ? __alloc_skb+0x1d0/0x7d0
[  542.667543][T14152]  ? lockdep_hardirqs_on+0x7a/0x110
[  542.667570][T14152]  __alloc_skb+0x1d0/0x7d0
[  542.667600][T14152]  netlink_sendmsg+0x5d4/0xb40
[  542.667637][T14152]  ? __pfx_netlink_sendmsg+0x10/0x10
[  542.667666][T14152]  ? unwind_get_return_address+0x4d/0x90
[  542.667692][T14152]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  542.667723][T14152]  ____sys_sendmsg+0x94c/0x9c0
[  542.667747][T14152]  ? __pfx_____sys_sendmsg+0x10/0x10
[  542.667773][T14152]  ? import_iovec+0x73/0xa0
[  542.667803][T14152]  ___sys_sendmsg+0x2a5/0x360
[  542.667821][T14152]  ? __lock_acquire+0x6b5/0x2cf0
[  542.667847][T14152]  ? __pfx____sys_sendmsg+0x10/0x10
[  542.667895][T14152]  ? __fget_files+0x2a/0x420
[  542.667919][T14152]  ? __fget_files+0x3a6/0x420
[  542.667954][T14152]  __x64_sys_sendmsg+0x1c3/0x2a0
[  542.667975][T14152]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  542.668003][T14152]  ? __pfx_ksys_write+0x10/0x10
[  542.668028][T14152]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.668049][T14152]  do_syscall_64+0x15f/0xf80
[  542.668071][T14152]  ? trace_irq_disable+0x3b/0x140
[  542.668091][T14152]  ? clear_bhb_loop+0x40/0x90
[  542.668114][T14152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.668133][T14152] RIP: 0033:0x7f48de7ac819
[  542.668151][T14152] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  542.668169][T14152] RSP: 002b:00007f48dca06028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  542.668189][T14152] RAX: ffffffffffffffda RBX: 00007f48dea25fa0 RCX: 00007f48de7ac819
[  542.668204][T14152] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[  542.668215][T14152] RBP: 00007f48dca06090 R08: 0000000000000000 R09: 0000000000000000
[  542.668234][T14152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  542.668246][T14152] R13: 00007f48dea26038 R14: 00007f48dea25fa0 R15: 00007ffcef74ce68
[  542.668276][T14152]  </TASK>
[  543.006996][   T48] usb 7-1: config 0 descriptor??
[  543.223870][T14161] FAULT_INJECTION: forcing a failure.
[  543.223870][T14161] name failslab, interval 1, probability 0, space 0, times 0
[  543.223904][T14161] CPU: 1 UID: 0 PID: 14161 Comm: syz.5.2885 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  543.223932][T14161] Tainted: [L]=SOFTLOCKUP
[  543.223939][T14161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  543.223951][T14161] Call Trace:
[  543.223959][T14161]  <TASK>
[  543.223969][T14161]  dump_stack_lvl+0xe8/0x150
[  543.224006][T14161]  should_fail_ex+0x46b/0x600
[  543.224038][T14161]  should_failslab+0xa8/0x100
[  543.224061][T14161]  __kmalloc_noprof+0xdf/0x7b0
[  543.224080][T14161]  ? kfree+0x4d/0x6c0
[  543.224129][T14161]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  543.224166][T14161]  tomoyo_realpath_from_path+0xe3/0x5d0
[  543.224191][T14161]  ? tomoyo_domain+0xd8/0x130
[  543.224221][T14161]  ? tomoyo_path_number_perm+0x219/0x630
[  543.224242][T14161]  tomoyo_path_number_perm+0x246/0x630
[  543.224266][T14161]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  543.224286][T14161]  ? __lock_acquire+0x6b5/0x2cf0
[  543.224314][T14161]  ? do_raw_spin_lock+0x12b/0x2f0
[  543.224381][T14161]  ? __fget_files+0x2a/0x420
[  543.224410][T14161]  ? __fget_files+0x2a/0x420
[  543.224435][T14161]  ? __fget_files+0x3a6/0x420
[  543.224459][T14161]  ? __fget_files+0x2a/0x420
[  543.224490][T14161]  security_file_ioctl+0xc3/0x2a0
[  543.224515][T14161]  __se_sys_ioctl+0x47/0x170
[  543.224535][T14161]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.224557][T14161]  do_syscall_64+0x15f/0xf80
[  543.224585][T14161]  ? trace_irq_disable+0x3b/0x140
[  543.224605][T14161]  ? clear_bhb_loop+0x40/0x90
[  543.224630][T14161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.224649][T14161] RIP: 0033:0x7f48de7ac819
[  543.224668][T14161] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  543.224692][T14161] RSP: 002b:00007f48dca06028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  543.224713][T14161] RAX: ffffffffffffffda RBX: 00007f48dea25fa0 RCX: 00007f48de7ac819
[  543.224728][T14161] RDX: 0000000000000000 RSI: 0000000000001276 RDI: 0000000000000003
[  543.224741][T14161] RBP: 00007f48dca06090 R08: 0000000000000000 R09: 0000000000000000
[  543.224754][T14161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  543.224766][T14161] R13: 00007f48dea26038 R14: 00007f48dea25fa0 R15: 00007ffcef74ce68
[  543.224799][T14161]  </TASK>
[  543.225122][T14161] ERROR: Out of memory at tomoyo_realpath_from_path.
[  543.386357][ T5898] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  543.508289][   T48] microsoft 0003:045E:07DA.000E: ignoring exceeding usage max
[  543.510360][   T48] microsoft 0003:045E:07DA.000E: ignoring exceeding usage max
[  543.561581][ T5898] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  543.561612][ T5898] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  543.580928][ T5898] usb 5-1: config 0 descriptor??
[  543.597468][ T5898] cp210x 5-1:0.0: cp210x converter detected
[  543.652717][   T48] microsoft 0003:045E:07DA.000E: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.6-1/input0
[  543.652753][   T48] microsoft 0003:045E:07DA.000E: no inputs found
[  543.652768][   T48] microsoft 0003:045E:07DA.000E: could not initialize ff, continuing anyway
[  543.826778][T14159] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  543.827416][T14159] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  544.026617][ T5891] usb 7-1: USB disconnect, device number 20
[  544.292294][ T5898] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71
[  544.292347][ T5898] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  544.322099][ T5898] usb 5-1: cp210x converter now attached to ttyUSB0
[  544.329239][ T5898] usb 5-1: USB disconnect, device number 60
[  544.405548][ T5898] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  544.455151][ T5898] cp210x 5-1:0.0: device disconnected
[  544.476458][ T5884] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  544.662554][ T5884] usb 3-1: unable to get BOS descriptor or descriptor too short
[  544.665148][ T5884] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[  544.691775][ T5884] usb 3-1: New USB device found, idVendor=0582, idProduct=004c, bcdDevice= 0.40
[  544.691806][ T5884] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.691826][ T5884] usb 3-1: Product: syz
[  544.691840][ T5884] usb 3-1: Manufacturer: syz
[  544.691853][ T5884] usb 3-1: SerialNumber: syz
[  544.696979][T14193] FAULT_INJECTION: forcing a failure.
[  544.696979][T14193] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  544.697013][T14193] CPU: 0 UID: 0 PID: 14193 Comm: syz.6.2899 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  544.697039][T14193] Tainted: [L]=SOFTLOCKUP
[  544.697046][T14193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  544.697058][T14193] Call Trace:
[  544.697067][T14193]  <TASK>
[  544.697075][T14193]  dump_stack_lvl+0xe8/0x150
[  544.697112][T14193]  should_fail_ex+0x46b/0x600
[  544.697144][T14193]  _copy_from_user+0x2d/0xb0
[  544.697174][T14193]  ___sys_sendmsg+0x1c6/0x360
[  544.697195][T14193]  ? __lock_acquire+0x6b5/0x2cf0
[  544.697221][T14193]  ? __pfx____sys_sendmsg+0x10/0x10
[  544.697244][T14193]  ? kstrtouint+0x6e/0xe0
[  544.697290][T14193]  ? __fget_files+0x2a/0x420
[  544.697316][T14193]  ? __fget_files+0x3a6/0x420
[  544.697351][T14193]  __sys_sendmmsg+0x282/0x4e0
[  544.697376][T14193]  ? __pfx___sys_sendmmsg+0x10/0x10
[  544.697404][T14193]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  544.697447][T14193]  ? ksys_write+0x248/0x270
[  544.697469][T14193]  ? __pfx_ksys_write+0x10/0x10
[  544.697494][T14193]  __x64_sys_sendmmsg+0xa0/0xc0
[  544.697514][T14193]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.697533][T14193]  do_syscall_64+0x15f/0xf80
[  544.697554][T14193]  ? trace_irq_disable+0x3b/0x140
[  544.697573][T14193]  ? clear_bhb_loop+0x40/0x90
[  544.697594][T14193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.697615][T14193] RIP: 0033:0x7f3d2a04c819
[  544.697632][T14193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  544.697648][T14193] RSP: 002b:00007f3d282a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  544.697669][T14193] RAX: ffffffffffffffda RBX: 00007f3d2a2c5fa0 RCX: 00007f3d2a04c819
[  544.697683][T14193] RDX: 0000000000000001 RSI: 0000200000002940 RDI: 0000000000000003
[  544.697696][T14193] RBP: 00007f3d282a6090 R08: 0000000000000000 R09: 0000000000000000
[  544.697709][T14193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  544.697720][T14193] R13: 00007f3d2a2c6038 R14: 00007f3d2a2c5fa0 R15: 00007ffc1dd9f878
[  544.697751][T14193]  </TASK>
[  545.205912][    C1] raw-gadget.0 gadget.2: ignoring, device is not running
[  545.274589][ T5884] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  545.275078][ T5884] usb 3-1: 2:1 : unknown format tag 0x4 is detected.  processed as MPEG.
[  545.275100][ T5884] usb 3-1: found format II with max.bitrate = 4, frame size=7372
[  545.275569][ T5884] usb 3-1: parse_audio_format_rates_v2v3(): unable to retrieve number of sample rates (clock 0)
[  545.422614][ T5884] usb 3-1: USB disconnect, device number 68
[  546.492263][ T5864] udevd[5864]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  546.546383][ T5898] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  546.654603][T14227] FAULT_INJECTION: forcing a failure.
[  546.654603][T14227] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  546.654640][T14227] CPU: 1 UID: 0 PID: 14227 Comm: syz.2.2914 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  546.654667][T14227] Tainted: [L]=SOFTLOCKUP
[  546.654675][T14227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  546.654687][T14227] Call Trace:
[  546.654696][T14227]  <TASK>
[  546.654705][T14227]  dump_stack_lvl+0xe8/0x150
[  546.654741][T14227]  should_fail_ex+0x46b/0x600
[  546.654774][T14227]  _copy_to_user+0x31/0xb0
[  546.654805][T14227]  simple_read_from_buffer+0xe1/0x170
[  546.654837][T14227]  proc_fail_nth_read+0x1be/0x230
[  546.654868][T14227]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  546.654898][T14227]  ? rw_verify_area+0x2ac/0x4e0
[  546.654927][T14227]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  546.654956][T14227]  vfs_read+0x212/0xa80
[  546.654995][T14227]  ? __pfx_vfs_read+0x10/0x10
[  546.655026][T14227]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  546.655052][T14227]  ? lockdep_hardirqs_on+0x7a/0x110
[  546.655075][T14227]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  546.655099][T14227]  ? mutex_lock_nested+0x152/0x1d0
[  546.655125][T14227]  ? fdget_pos+0x252/0x320
[  546.655159][T14227]  ksys_read+0x156/0x270
[  546.655181][T14227]  ? __pfx_ksys_read+0x10/0x10
[  546.655198][T14227]  ? __se_sys_kcmp+0x80e/0x950
[  546.655318][T14227]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.655339][T14227]  do_syscall_64+0x15f/0xf80
[  546.655360][T14227]  ? trace_irq_disable+0x3b/0x140
[  546.655388][T14227]  ? clear_bhb_loop+0x40/0x90
[  546.655413][T14227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.655432][T14227] RIP: 0033:0x7f4d085bd04e
[  546.655450][T14227] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  546.655467][T14227] RSP: 002b:00007f4d06855fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  546.655488][T14227] RAX: ffffffffffffffda RBX: 00007f4d068566c0 RCX: 00007f4d085bd04e
[  546.655504][T14227] RDX: 000000000000000f RSI: 00007f4d068560a0 RDI: 0000000000000003
[  546.655517][T14227] RBP: 00007f4d06856090 R08: 0000000000000000 R09: 0000000000000000
[  546.655530][T14227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  546.655541][T14227] R13: 00007f4d08876038 R14: 00007f4d08875fa0 R15: 00007fff62410a48
[  546.655573][T14227]  </TASK>
[  546.696324][ T5898] usb 5-1: Using ep0 maxpacket: 8
[  546.698775][ T5898] usb 5-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  546.698809][ T5898] usb 5-1: config 1 interface 0 has no altsetting 0
[  546.702369][ T5898] usb 5-1: string descriptor 0 read error: -22
[  546.702503][ T5898] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.40
[  546.702527][ T5898] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.016080][T14216] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  547.034858][T14216] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  547.696408][T14253] FAULT_INJECTION: forcing a failure.
[  547.696408][T14253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  547.696447][T14253] CPU: 0 UID: 0 PID: 14253 Comm: syz.6.2925 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  547.696475][T14253] Tainted: [L]=SOFTLOCKUP
[  547.696483][T14253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  547.696498][T14253] Call Trace:
[  547.696506][T14253]  <TASK>
[  547.696515][T14253]  dump_stack_lvl+0xe8/0x150
[  547.696554][T14253]  should_fail_ex+0x46b/0x600
[  547.696592][T14253]  _copy_from_user+0x2d/0xb0
[  547.696627][T14253]  do_sock_getsockopt+0x200/0x7e0
[  547.696662][T14253]  ? rcu_preempt_deferred_qs_irqrestore+0x7b9/0xbc0
[  547.696686][T14253]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  547.696732][T14253]  ? __fget_files+0x3a6/0x420
[  547.696758][T14253]  ? __fget_files+0x2a/0x420
[  547.696790][T14253]  __x64_sys_getsockopt+0x1aa/0x250
[  547.696825][T14253]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.696846][T14253]  do_syscall_64+0x15f/0xf80
[  547.696869][T14253]  ? trace_irq_disable+0x3b/0x140
[  547.696890][T14253]  ? clear_bhb_loop+0x40/0x90
[  547.696914][T14253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.696934][T14253] RIP: 0033:0x7f3d2a04c819
[  547.696953][T14253] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  547.696969][T14253] RSP: 002b:00007f3d282a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  547.696991][T14253] RAX: ffffffffffffffda RBX: 00007f3d2a2c5fa0 RCX: 00007f3d2a04c819
[  547.697005][T14253] RDX: 0000000000000007 RSI: 000000000000011b RDI: 0000000000000003
[  547.697018][T14253] RBP: 00007f3d282a6090 R08: 0000200000000140 R09: 0000000000000000
[  547.697031][T14253] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  547.697044][T14253] R13: 00007f3d2a2c6038 R14: 00007f3d2a2c5fa0 R15: 00007ffc1dd9f878
[  547.697175][T14253]  </TASK>
[  547.848071][ T5898] usbhid 5-1:1.0: can't add hid device: -71
[  547.849078][ T5898] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  547.882303][ T5898] usb 5-1: USB disconnect, device number 61
[  548.150384][T14259] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2926'.
[  548.154763][T14261] FAULT_INJECTION: forcing a failure.
[  548.154763][T14261] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  548.154799][T14261] CPU: 0 UID: 0 PID: 14261 Comm: syz.6.2928 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  548.154827][T14261] Tainted: [L]=SOFTLOCKUP
[  548.154835][T14261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  548.154846][T14261] Call Trace:
[  548.154854][T14261]  <TASK>
[  548.154864][T14261]  dump_stack_lvl+0xe8/0x150
[  548.154902][T14261]  should_fail_ex+0x46b/0x600
[  548.154935][T14261]  _copy_to_user+0x31/0xb0
[  548.154967][T14261]  simple_read_from_buffer+0xe1/0x170
[  548.154998][T14261]  proc_fail_nth_read+0x1be/0x230
[  548.155029][T14261]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  548.155060][T14261]  ? rw_verify_area+0x2ac/0x4e0
[  548.155089][T14261]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  548.155117][T14261]  vfs_read+0x212/0xa80
[  548.155155][T14261]  ? __pfx_vfs_read+0x10/0x10
[  548.155187][T14261]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  548.155211][T14261]  ? lockdep_hardirqs_on+0x7a/0x110
[  548.155243][T14261]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  548.155267][T14261]  ? mutex_lock_nested+0x152/0x1d0
[  548.155291][T14261]  ? fdget_pos+0x252/0x320
[  548.155324][T14261]  ksys_read+0x156/0x270
[  548.155345][T14261]  ? __pfx_ksys_read+0x10/0x10
[  548.155372][T14261]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.155393][T14261]  do_syscall_64+0x15f/0xf80
[  548.155414][T14261]  ? trace_irq_disable+0x3b/0x140
[  548.155433][T14261]  ? clear_bhb_loop+0x40/0x90
[  548.155456][T14261]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.155475][T14261] RIP: 0033:0x7f3d2a00d04e
[  548.155493][T14261] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  548.155510][T14261] RSP: 002b:00007f3d282a5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  548.155551][T14261] RAX: ffffffffffffffda RBX: 00007f3d282a66c0 RCX: 00007f3d2a00d04e
[  548.155565][T14261] RDX: 000000000000000f RSI: 00007f3d282a60a0 RDI: 0000000000000004
[  548.155577][T14261] RBP: 00007f3d282a6090 R08: 0000000000000000 R09: 0000000000000000
[  548.155589][T14261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  548.155599][T14261] R13: 00007f3d2a2c6038 R14: 00007f3d2a2c5fa0 R15: 00007ffc1dd9f878
[  548.155629][T14261]  </TASK>
[  548.575827][T14247] syz.0.2919 (14247): drop_caches: 2
[  549.676923][ T5884] usb 5-1: new full-speed USB device number 62 using dummy_hcd
[  549.840379][ T5884] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  549.840458][ T5884] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 10
[  549.840540][ T5884] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  549.840631][ T5884] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 0, changing to 10
[  549.840692][ T5884] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  550.367196][ T5884] usb 5-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  550.367242][ T5884] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.367402][ T5884] usb 5-1: Product: syz
[  550.367427][ T5884] usb 5-1: Manufacturer: syz
[  550.367445][ T5884] usb 5-1: SerialNumber: syz
[  550.770159][ T5884] usb 5-1: config 0 descriptor??
[  552.309475][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -110
[  552.312134][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.437144][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.471298][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.482603][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.506136][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.694419][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.736821][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.902629][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.916015][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.921837][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.928353][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.938932][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.941550][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.945709][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.958905][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.962549][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  552.992823][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  553.020542][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  553.029901][ T5884] iforce 5-1:0.0: usb_submit_urb failed: -32
[  553.030103][ T5884] input input36: Timeout waiting for response from device.
[  555.182696][ T9641] usb 5-1: USB disconnect, device number 62
[  556.046787][T14321] syz.0.2946 (14321): drop_caches: 2
[  556.186346][   T48] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[  556.233206][   T36] audit: type=1326 audit(1776883346.611:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14332 comm="syz.0.2950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f211190c819 code=0x7ffc0000
[  556.233255][   T36] audit: type=1326 audit(1776883346.621:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14332 comm="syz.0.2950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f211190c819 code=0x7ffc0000
[  556.233295][   T36] audit: type=1326 audit(1776883346.621:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14332 comm="syz.0.2950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f211190c819 code=0x7ffc0000
[  556.233334][   T36] audit: type=1326 audit(1776883346.621:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14332 comm="syz.0.2950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f211190c819 code=0x7ffc0000
[  556.233374][   T36] audit: type=1326 audit(1776883346.621:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14332 comm="syz.0.2950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f211190c582 code=0x7ffc0000
[  556.233413][   T36] audit: type=1326 audit(1776883346.621:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14332 comm="syz.0.2950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f211190c617 code=0x7ffc0000
[  556.233458][   T36] audit: type=1326 audit(1776883346.621:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14332 comm="syz.0.2950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f21118c9511 code=0x7ffc0000
[  556.233506][   T36] audit: type=1326 audit(1776883346.621:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14332 comm="syz.0.2950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f211190d609 code=0x7ffc0000
[  556.238664][   T36] audit: type=1326 audit(1776883346.631:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14332 comm="syz.0.2950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f211190c819 code=0x7ffc0000
[  556.238709][   T36] audit: type=1326 audit(1776883346.631:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14332 comm="syz.0.2950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f211190c819 code=0x7ffc0000
[  556.346389][   T48] usb 3-1: Using ep0 maxpacket: 32
[  556.349030][   T48] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  556.408613][   T48] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  556.408643][   T48] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  556.408663][   T48] usb 3-1: Product: syz
[  556.408677][   T48] usb 3-1: Manufacturer: syz
[  556.408691][   T48] usb 3-1: SerialNumber: syz
[  556.531219][   T48] usb 3-1: config 0 descriptor??
[  556.532657][T14325] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  556.568022][ T6008] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[  556.696340][ T6008] usb 6-1: device descriptor read/64, error -71
[  556.823612][ T5898] usb 3-1: USB disconnect, device number 69
[  556.998675][ T6008] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  557.136295][ T6008] usb 6-1: device descriptor read/64, error -71
[  557.248189][ T6008] usb usb6-port1: attempt power cycle
[  557.467367][   T48] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  557.680346][   T48] usb 1-1: Using ep0 maxpacket: 16
[  557.704251][   T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  557.704393][   T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  557.704435][   T48] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  557.704664][   T48] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  557.704740][   T48] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  557.728580][ T6008] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  557.756876][   T48] usb 1-1: config 0 descriptor??
[  557.787095][ T6008] usb 6-1: device descriptor read/8, error -71
[  558.997126][ T6008] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  559.017086][ T6008] usb 6-1: device descriptor read/8, error -71
[  559.123790][   T48] microsoft 0003:045E:07DA.000F: ignoring exceeding usage max
[  559.127472][ T6008] usb usb6-port1: unable to enumerate USB device
[  559.134650][   T48] microsoft 0003:045E:07DA.000F: ignoring exceeding usage max
[  559.309856][   T48] microsoft 0003:045E:07DA.000F: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  559.309892][   T48] microsoft 0003:045E:07DA.000F: no inputs found
[  559.309907][   T48] microsoft 0003:045E:07DA.000F: could not initialize ff, continuing anyway
[  559.561905][T14386] netlink: 35 bytes leftover after parsing attributes in process `syz.2.2966'.
[  559.561942][T14386] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2966'.
[  559.649795][   T48] usb 1-1: USB disconnect, device number 36
[  559.705891][T14386] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2966'.
[  559.812123][T14391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2966'.
[  560.120265][T14403] FAULT_INJECTION: forcing a failure.
[  560.120265][T14403] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  560.120301][T14403] CPU: 1 UID: 0 PID: 14403 Comm: syz.4.2975 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  560.120332][T14403] Tainted: [L]=SOFTLOCKUP
[  560.120340][T14403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  560.120351][T14403] Call Trace:
[  560.120358][T14403]  <TASK>
[  560.120367][T14403]  dump_stack_lvl+0xe8/0x150
[  560.120405][T14403]  should_fail_ex+0x46b/0x600
[  560.120435][T14403]  _copy_from_user+0x2d/0xb0
[  560.120464][T14403]  __copy_msghdr+0x3c5/0x5b0
[  560.120488][T14403]  ___sys_sendmsg+0x213/0x360
[  560.120506][T14403]  ? __lock_acquire+0x6b5/0x2cf0
[  560.120534][T14403]  ? __pfx____sys_sendmsg+0x10/0x10
[  560.120585][T14403]  ? __fget_files+0x2a/0x420
[  560.120608][T14403]  ? __fget_files+0x3a6/0x420
[  560.120643][T14403]  __x64_sys_sendmsg+0x1c3/0x2a0
[  560.120665][T14403]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  560.120692][T14403]  ? __pfx_ksys_write+0x10/0x10
[  560.120719][T14403]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.120739][T14403]  do_syscall_64+0x15f/0xf80
[  560.120761][T14403]  ? trace_irq_disable+0x3b/0x140
[  560.120786][T14403]  ? clear_bhb_loop+0x40/0x90
[  560.120810][T14403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.120829][T14403] RIP: 0033:0x7f5558d5c819
[  560.120848][T14403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  560.120865][T14403] RSP: 002b:00007f5556fb6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  560.120885][T14403] RAX: ffffffffffffffda RBX: 00007f5558fd5fa0 RCX: 00007f5558d5c819
[  560.120900][T14403] RDX: 0000000000008001 RSI: 00002000000001c0 RDI: 0000000000000007
[  560.120913][T14403] RBP: 00007f5556fb6090 R08: 0000000000000000 R09: 0000000000000000
[  560.120926][T14403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  560.120938][T14403] R13: 00007f5558fd6038 R14: 00007f5558fd5fa0 R15: 00007ffd55035968
[  560.120968][T14403]  </TASK>
[  560.291222][T14407] FAULT_INJECTION: forcing a failure.
[  560.291222][T14407] name failslab, interval 1, probability 0, space 0, times 0
[  560.291258][T14407] CPU: 0 UID: 0 PID: 14407 Comm: syz.5.2977 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  560.291285][T14407] Tainted: [L]=SOFTLOCKUP
[  560.291292][T14407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  560.291304][T14407] Call Trace:
[  560.291311][T14407]  <TASK>
[  560.291319][T14407]  dump_stack_lvl+0xe8/0x150
[  560.291356][T14407]  should_fail_ex+0x46b/0x600
[  560.291388][T14407]  should_failslab+0xa8/0x100
[  560.291409][T14407]  __kmalloc_noprof+0xdf/0x7b0
[  560.291428][T14407]  ? tomoyo_encode+0x28b/0x550
[  560.291457][T14407]  tomoyo_encode+0x28b/0x550
[  560.291486][T14407]  tomoyo_realpath_from_path+0x58d/0x5d0
[  560.291519][T14407]  ? tomoyo_path_number_perm+0x219/0x630
[  560.291540][T14407]  tomoyo_path_number_perm+0x246/0x630
[  560.291562][T14407]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  560.291581][T14407]  ? __lock_acquire+0x6b5/0x2cf0
[  560.291607][T14407]  ? do_raw_spin_lock+0x12b/0x2f0
[  560.291664][T14407]  ? __fget_files+0x2a/0x420
[  560.291692][T14407]  ? __fget_files+0x2a/0x420
[  560.291716][T14407]  ? __fget_files+0x3a6/0x420
[  560.291738][T14407]  ? __fget_files+0x2a/0x420
[  560.291767][T14407]  security_file_ioctl+0xc3/0x2a0
[  560.291790][T14407]  __se_sys_ioctl+0x47/0x170
[  560.291810][T14407]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.291831][T14407]  do_syscall_64+0x15f/0xf80
[  560.291853][T14407]  ? trace_irq_disable+0x3b/0x140
[  560.291874][T14407]  ? clear_bhb_loop+0x40/0x90
[  560.291897][T14407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.291916][T14407] RIP: 0033:0x7f48de7ac819
[  560.291934][T14407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  560.291950][T14407] RSP: 002b:00007f48dca06028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  560.291972][T14407] RAX: ffffffffffffffda RBX: 00007f48dea25fa0 RCX: 00007f48de7ac819
[  560.291985][T14407] RDX: 0000200000000140 RSI: 00000000c0585609 RDI: 0000000000000003
[  560.291997][T14407] RBP: 00007f48dca06090 R08: 0000000000000000 R09: 0000000000000000
[  560.292008][T14407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  560.292019][T14407] R13: 00007f48dea26038 R14: 00007f48dea25fa0 R15: 00007ffcef74ce68
[  560.292048][T14407]  </TASK>
[  560.292066][T14407] ERROR: Out of memory at tomoyo_realpath_from_path.
[  562.958300][ T1335] ieee802154 phy0 wpan0: encryption failed: -22
[  562.958401][ T1335] ieee802154 phy1 wpan1: encryption failed: -22
[  563.004430][T14459] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  563.156841][T14459] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  563.262183][T14465] FAULT_INJECTION: forcing a failure.
[  563.262183][T14465] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  563.262218][T14465] CPU: 1 UID: 0 PID: 14465 Comm: syz.2.2998 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  563.262246][T14465] Tainted: [L]=SOFTLOCKUP
[  563.262252][T14465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  563.262264][T14465] Call Trace:
[  563.262271][T14465]  <TASK>
[  563.262279][T14465]  dump_stack_lvl+0xe8/0x150
[  563.262326][T14465]  should_fail_ex+0x46b/0x600
[  563.262357][T14465]  _copy_to_user+0x31/0xb0
[  563.262388][T14465]  simple_read_from_buffer+0xe1/0x170
[  563.262419][T14465]  proc_fail_nth_read+0x1be/0x230
[  563.262449][T14465]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  563.262479][T14465]  ? rw_verify_area+0x2ac/0x4e0
[  563.262507][T14465]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  563.262535][T14465]  vfs_read+0x212/0xa80
[  563.262572][T14465]  ? __pfx_vfs_read+0x10/0x10
[  563.262604][T14465]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  563.262631][T14465]  ? lockdep_hardirqs_on+0x7a/0x110
[  563.262654][T14465]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  563.262677][T14465]  ? mutex_lock_nested+0x152/0x1d0
[  563.262705][T14465]  ? fdget_pos+0x252/0x320
[  563.262739][T14465]  ksys_read+0x156/0x270
[  563.262758][T14465]  ? __pfx_ksys_read+0x10/0x10
[  563.262783][T14465]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.262803][T14465]  do_syscall_64+0x15f/0xf80
[  563.262823][T14465]  ? trace_irq_disable+0x3b/0x140
[  563.262843][T14465]  ? clear_bhb_loop+0x40/0x90
[  563.262866][T14465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.262886][T14465] RIP: 0033:0x7f4d085bd04e
[  563.262904][T14465] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  563.262921][T14465] RSP: 002b:00007f4d06855fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  563.262942][T14465] RAX: ffffffffffffffda RBX: 00007f4d068566c0 RCX: 00007f4d085bd04e
[  563.262957][T14465] RDX: 000000000000000f RSI: 00007f4d068560a0 RDI: 0000000000000004
[  563.262969][T14465] RBP: 00007f4d06856090 R08: 0000000000000000 R09: 0000000000000000
[  563.262981][T14465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  563.262993][T14465] R13: 00007f4d08876038 R14: 00007f4d08875fa0 R15: 00007fff62410a48
[  563.263025][T14465]  </TASK>
[  563.346542][ T9641] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[  563.496371][ T9641] usb 6-1: Using ep0 maxpacket: 16
[  563.499048][ T9641] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  563.499080][ T9641] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 14129, setting to 64
[  563.502409][ T9641] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  563.502438][ T9641] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  563.502458][ T9641] usb 6-1: Product: syz
[  563.502473][ T9641] usb 6-1: Manufacturer: syz
[  563.502488][ T9641] usb 6-1: SerialNumber: syz
[  563.528510][ T9641] usb 6-1: config 0 descriptor??
[  563.804758][ T9641] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  563.815435][ T9641] usb 6-1: USB disconnect, device number 53
[  563.991638][T12324] usb 6-1: Failed to submit usb control message: -19
[  563.991677][T12324] usb 6-1: unable to send the bmi data to the device: -19
[  563.991696][T12324] usb 6-1: unable to get target info from device
[  563.991724][T12324] usb 6-1: could not get target info (-19)
[  563.991845][T12324] usb 6-1: could not probe fw (-19)
[  564.016665][ T5891] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  564.106808][T14487] FAULT_INJECTION: forcing a failure.
[  564.106808][T14487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  564.106845][T14487] CPU: 1 UID: 0 PID: 14487 Comm: syz.2.3004 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  564.106872][T14487] Tainted: [L]=SOFTLOCKUP
[  564.106880][T14487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  564.106892][T14487] Call Trace:
[  564.106900][T14487]  <TASK>
[  564.106910][T14487]  dump_stack_lvl+0xe8/0x150
[  564.106947][T14487]  should_fail_ex+0x46b/0x600
[  564.106978][T14487]  _copy_from_iter+0x1d3/0x1670
[  564.107017][T14487]  ? __pfx__copy_from_iter+0x10/0x10
[  564.107056][T14487]  memcpy_from_msg+0x3c/0xa0
[  564.107173][T14487]  isotp_sendmsg+0x713/0x1530
[  564.107203][T14487]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  564.107242][T14487]  ? __pfx_isotp_sendmsg+0x10/0x10
[  564.107263][T14487]  ? __lock_acquire+0x6b5/0x2cf0
[  564.107294][T14487]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  564.107319][T14487]  ? __kernel_text_address+0xd/0x30
[  564.107402][T14487]  ? unwind_get_return_address+0x4d/0x90
[  564.107429][T14487]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  564.107462][T14487]  ____sys_sendmsg+0x94c/0x9c0
[  564.107489][T14487]  ? __pfx_____sys_sendmsg+0x10/0x10
[  564.107517][T14487]  ? import_iovec+0x73/0xa0
[  564.107549][T14487]  ___sys_sendmsg+0x2a5/0x360
[  564.107568][T14487]  ? __lock_acquire+0x6b5/0x2cf0
[  564.107595][T14487]  ? __pfx____sys_sendmsg+0x10/0x10
[  564.107650][T14487]  ? __fget_files+0x2a/0x420
[  564.107675][T14487]  ? __fget_files+0x3a6/0x420
[  564.107710][T14487]  __x64_sys_sendmsg+0x1c3/0x2a0
[  564.107732][T14487]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  564.107762][T14487]  ? __pfx_ksys_write+0x10/0x10
[  564.107791][T14487]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.107812][T14487]  do_syscall_64+0x15f/0xf80
[  564.107836][T14487]  ? trace_irq_disable+0x3b/0x140
[  564.107855][T14487]  ? clear_bhb_loop+0x40/0x90
[  564.107879][T14487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.107900][T14487] RIP: 0033:0x7f4d085fc819
[  564.107920][T14487] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  564.107938][T14487] RSP: 002b:00007f4d06856028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  564.107961][T14487] RAX: ffffffffffffffda RBX: 00007f4d08875fa0 RCX: 00007f4d085fc819
[  564.107976][T14487] RDX: 0000000000000800 RSI: 0000200000000540 RDI: 0000000000000003
[  564.107989][T14487] RBP: 00007f4d06856090 R08: 0000000000000000 R09: 0000000000000000
[  564.108002][T14487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  564.108015][T14487] R13: 00007f4d08876038 R14: 00007f4d08875fa0 R15: 00007fff62410a48
[  564.108047][T14487]  </TASK>
[  565.546422][ T5891] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  565.718903][ T5891] usb 1-1: config 0 has an invalid interface number: 168 but max is 0
[  565.718932][ T5891] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  565.718952][ T5891] usb 1-1: config 0 has no interface number 0
[  565.719004][ T5891] usb 1-1: config 0 interface 168 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  565.719049][ T5891] usb 1-1: New USB device found, idVendor=06cd, idProduct=0135, bcdDevice=a8.a4
[  565.719071][ T5891] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  565.786854][ T5891] usb 1-1: config 0 descriptor??
[  565.805843][ T5891] keyspan 1-1:0.168: Keyspan 2 port adapter converter detected
[  565.813950][ T5891] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 81
[  565.814045][ T5891] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 1
[  565.839003][ T5891] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 84
[  565.839094][ T5891] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 2
[  565.913988][ T5891] usb 1-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  565.924631][ T5891] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 88
[  565.924729][ T5891] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 6
[  565.947870][ T5891] usb 1-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  566.124998][T14537] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  566.139733][T14537] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  567.637123][T14575] FAULT_INJECTION: forcing a failure.
[  567.637123][T14575] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  567.637161][T14575] CPU: 0 UID: 0 PID: 14575 Comm: syz.5.3042 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  567.637189][T14575] Tainted: [L]=SOFTLOCKUP
[  567.637197][T14575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  567.637209][T14575] Call Trace:
[  567.637217][T14575]  <TASK>
[  567.637226][T14575]  dump_stack_lvl+0xe8/0x150
[  567.637264][T14575]  should_fail_ex+0x46b/0x600
[  567.637294][T14575]  _copy_from_user+0x2d/0xb0
[  567.637323][T14575]  ___sys_sendmsg+0x1c6/0x360
[  567.637343][T14575]  ? __lock_acquire+0x6b5/0x2cf0
[  567.637379][T14575]  ? __pfx____sys_sendmsg+0x10/0x10
[  567.637433][T14575]  ? __fget_files+0x2a/0x420
[  567.637459][T14575]  ? __fget_files+0x3a6/0x420
[  567.637494][T14575]  __x64_sys_sendmsg+0x1c3/0x2a0
[  567.637517][T14575]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  567.637546][T14575]  ? __pfx_ksys_write+0x10/0x10
[  567.637574][T14575]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.637596][T14575]  do_syscall_64+0x15f/0xf80
[  567.637619][T14575]  ? trace_irq_disable+0x3b/0x140
[  567.637640][T14575]  ? clear_bhb_loop+0x40/0x90
[  567.637664][T14575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.637684][T14575] RIP: 0033:0x7f48de7ac819
[  567.637703][T14575] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  567.637721][T14575] RSP: 002b:00007f48dca06028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  567.637742][T14575] RAX: ffffffffffffffda RBX: 00007f48dea25fa0 RCX: 00007f48de7ac819
[  567.637757][T14575] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  567.637770][T14575] RBP: 00007f48dca06090 R08: 0000000000000000 R09: 0000000000000000
[  567.637783][T14575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  567.637795][T14575] R13: 00007f48dea26038 R14: 00007f48dea25fa0 R15: 00007ffcef74ce68
[  567.637830][T14575]  </TASK>
[  568.954516][ T5884] usb 1-1: USB disconnect, device number 37
[  569.067496][ T5884] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  569.094359][ T5884] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  569.116775][ T5884] keyspan 1-1:0.168: device disconnected
[  569.726417][ T5827] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  569.879807][ T5827] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  569.879839][ T5827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.931117][ T5827] usb 7-1: config 0 descriptor??
[  569.942901][ T5827] cp210x 7-1:0.0: cp210x converter detected
[  570.197149][T14598] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  570.199889][T14598] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  570.222943][ T5827] cp210x 7-1:0.0: failed to get vendor val 0x370b size 1: -71
[  570.222975][ T5827] cp210x 7-1:0.0: querying part number failed
[  570.244110][ T5827] usb 7-1: cp210x converter now attached to ttyUSB0
[  570.258814][ T5827] usb 7-1: USB disconnect, device number 21
[  570.278744][ T5827] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  570.301329][ T5827] cp210x 7-1:0.0: device disconnected
[  570.790176][T14638] FAULT_INJECTION: forcing a failure.
[  570.790176][T14638] name failslab, interval 1, probability 0, space 0, times 0
[  570.790212][T14638] CPU: 0 UID: 0 PID: 14638 Comm: syz.4.3072 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  570.790240][T14638] Tainted: [L]=SOFTLOCKUP
[  570.790247][T14638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  570.790258][T14638] Call Trace:
[  570.790266][T14638]  <TASK>
[  570.790275][T14638]  dump_stack_lvl+0xe8/0x150
[  570.790311][T14638]  should_fail_ex+0x46b/0x600
[  570.790342][T14638]  should_failslab+0xa8/0x100
[  570.790366][T14638]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  570.790394][T14638]  ? __alloc_skb+0x1d0/0x7d0
[  570.790418][T14638]  ? lockdep_hardirqs_on+0x7a/0x110
[  570.790444][T14638]  __alloc_skb+0x1d0/0x7d0
[  570.790471][T14638]  netlink_sendmsg+0x5d4/0xb40
[  570.790532][T14638]  ? __pfx_netlink_sendmsg+0x10/0x10
[  570.790560][T14638]  ? unwind_get_return_address+0x4d/0x90
[  570.790587][T14638]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  570.790619][T14638]  ____sys_sendmsg+0x94c/0x9c0
[  570.790645][T14638]  ? __pfx_____sys_sendmsg+0x10/0x10
[  570.790673][T14638]  ? import_iovec+0x73/0xa0
[  570.790703][T14638]  ___sys_sendmsg+0x2a5/0x360
[  570.790722][T14638]  ? __lock_acquire+0x6b5/0x2cf0
[  570.790749][T14638]  ? __pfx____sys_sendmsg+0x10/0x10
[  570.790803][T14638]  ? __fget_files+0x2a/0x420
[  570.790827][T14638]  ? __fget_files+0x3a6/0x420
[  570.790863][T14638]  __x64_sys_sendmsg+0x1c3/0x2a0
[  570.790885][T14638]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  570.790914][T14638]  ? __pfx_ksys_write+0x10/0x10
[  570.790942][T14638]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.790963][T14638]  do_syscall_64+0x15f/0xf80
[  570.790984][T14638]  ? trace_irq_disable+0x3b/0x140
[  570.791004][T14638]  ? clear_bhb_loop+0x40/0x90
[  570.791028][T14638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.791046][T14638] RIP: 0033:0x7f5558d5c819
[  570.791062][T14638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  570.791079][T14638] RSP: 002b:00007f5556fb6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  570.791100][T14638] RAX: ffffffffffffffda RBX: 00007f5558fd5fa0 RCX: 00007f5558d5c819
[  570.791114][T14638] RDX: 0000000020048850 RSI: 0000200000006040 RDI: 0000000000000005
[  570.791127][T14638] RBP: 00007f5556fb6090 R08: 0000000000000000 R09: 0000000000000000
[  570.791139][T14638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.791151][T14638] R13: 00007f5558fd6038 R14: 00007f5558fd5fa0 R15: 00007ffd55035968
[  570.791183][T14638]  </TASK>
[  570.905316][T14642] FAULT_INJECTION: forcing a failure.
[  570.905316][T14642] name failslab, interval 1, probability 0, space 0, times 0
[  570.905352][T14642] CPU: 1 UID: 0 PID: 14642 Comm: syz.6.3075 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  570.905378][T14642] Tainted: [L]=SOFTLOCKUP
[  570.905385][T14642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  570.905396][T14642] Call Trace:
[  570.905404][T14642]  <TASK>
[  570.905412][T14642]  dump_stack_lvl+0xe8/0x150
[  570.905449][T14642]  should_fail_ex+0x46b/0x600
[  570.905479][T14642]  should_failslab+0xa8/0x100
[  570.905509][T14642]  __kmalloc_noprof+0xdf/0x7b0
[  570.905528][T14642]  ? tomoyo_encode+0x28b/0x550
[  570.905556][T14642]  tomoyo_encode+0x28b/0x550
[  570.905584][T14642]  tomoyo_realpath_from_path+0x58d/0x5d0
[  570.905618][T14642]  ? tomoyo_path_number_perm+0x219/0x630
[  570.905638][T14642]  tomoyo_path_number_perm+0x246/0x630
[  570.905663][T14642]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  570.905682][T14642]  ? __lock_acquire+0x6b5/0x2cf0
[  570.905708][T14642]  ? do_raw_spin_lock+0x12b/0x2f0
[  570.905756][T14642]  ? __fget_files+0x2a/0x420
[  570.905784][T14642]  ? __fget_files+0x2a/0x420
[  570.905808][T14642]  ? __fget_files+0x3a6/0x420
[  570.905832][T14642]  ? __fget_files+0x2a/0x420
[  570.905860][T14642]  security_file_ioctl+0xc3/0x2a0
[  570.905882][T14642]  __se_sys_ioctl+0x47/0x170
[  570.905902][T14642]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.905923][T14642]  do_syscall_64+0x15f/0xf80
[  570.905945][T14642]  ? trace_irq_disable+0x3b/0x140
[  570.905965][T14642]  ? clear_bhb_loop+0x40/0x90
[  570.905987][T14642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.906005][T14642] RIP: 0033:0x7f3d2a04c819
[  570.906024][T14642] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  570.906040][T14642] RSP: 002b:00007f3d282a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  570.906060][T14642] RAX: ffffffffffffffda RBX: 00007f3d2a2c5fa0 RCX: 00007f3d2a04c819
[  570.906074][T14642] RDX: 00002000000001c0 RSI: 00000000c0d05604 RDI: 0000000000000003
[  570.906087][T14642] RBP: 00007f3d282a6090 R08: 0000000000000000 R09: 0000000000000000
[  570.906099][T14642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.906110][T14642] R13: 00007f3d2a2c6038 R14: 00007f3d2a2c5fa0 R15: 00007ffc1dd9f878
[  570.906141][T14642]  </TASK>
[  570.913231][T14642] ERROR: Out of memory at tomoyo_realpath_from_path.
[  571.150092][ T5827] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  571.396313][ T5827] usb 1-1: Using ep0 maxpacket: 32
[  571.400070][ T5827] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  571.403793][ T5827] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  571.403825][ T5827] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  571.403847][ T5827] usb 1-1: Product: syz
[  571.403862][ T5827] usb 1-1: Manufacturer: syz
[  571.403877][ T5827] usb 1-1: SerialNumber: syz
[  571.462040][ T5827] usb 1-1: config 0 descriptor??
[  571.462975][T14634] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  571.597886][T14658] netlink: 'syz.6.3079': attribute type 1 has an invalid length.
[  571.743273][ T6073] usb 1-1: USB disconnect, device number 38
[  571.866312][ T5827] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  571.930999][T14668] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.3085'.
[  572.017723][T14670] FAULT_INJECTION: forcing a failure.
[  572.017723][T14670] name failslab, interval 1, probability 0, space 0, times 0
[  572.017759][T14670] CPU: 1 UID: 0 PID: 14670 Comm: syz.5.3087 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  572.017787][T14670] Tainted: [L]=SOFTLOCKUP
[  572.017794][T14670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  572.017806][T14670] Call Trace:
[  572.017815][T14670]  <TASK>
[  572.017823][T14670]  dump_stack_lvl+0xe8/0x150
[  572.017860][T14670]  should_fail_ex+0x46b/0x600
[  572.017891][T14670]  should_failslab+0xa8/0x100
[  572.017914][T14670]  __kmalloc_noprof+0xdf/0x7b0
[  572.017934][T14670]  ? tomoyo_encode+0x28b/0x550
[  572.017968][T14670]  tomoyo_encode+0x28b/0x550
[  572.017996][T14670]  tomoyo_realpath_from_path+0x58d/0x5d0
[  572.018030][T14670]  ? tomoyo_path_number_perm+0x219/0x630
[  572.018051][T14670]  tomoyo_path_number_perm+0x246/0x630
[  572.018081][T14670]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  572.018101][T14670]  ? __lock_acquire+0x6b5/0x2cf0
[  572.018127][T14670]  ? do_raw_spin_lock+0x12b/0x2f0
[  572.018177][T14670]  ? __fget_files+0x2a/0x420
[  572.018206][T14670]  ? __fget_files+0x2a/0x420
[  572.018230][T14670]  ? __fget_files+0x3a6/0x420
[  572.018253][T14670]  ? __fget_files+0x2a/0x420
[  572.018281][T14670]  security_file_ioctl+0xc3/0x2a0
[  572.018305][T14670]  __se_sys_ioctl+0x47/0x170
[  572.018326][T14670]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.018348][T14670]  do_syscall_64+0x15f/0xf80
[  572.018370][T14670]  ? trace_irq_disable+0x3b/0x140
[  572.018389][T14670]  ? clear_bhb_loop+0x40/0x90
[  572.018411][T14670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.018428][T14670] RIP: 0033:0x7f48de7ac819
[  572.018447][T14670] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  572.018462][T14670] RSP: 002b:00007f48dca06028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  572.018483][T14670] RAX: ffffffffffffffda RBX: 00007f48dea25fa0 RCX: 00007f48de7ac819
[  572.018496][T14670] RDX: 0000200000000100 RSI: 0000000000000720 RDI: 0000000000000003
[  572.018508][T14670] RBP: 00007f48dca06090 R08: 0000000000000000 R09: 0000000000000000
[  572.018521][T14670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  572.018533][T14670] R13: 00007f48dea26038 R14: 00007f48dea25fa0 R15: 00007ffcef74ce68
[  572.018563][T14670]  </TASK>
[  572.020532][T14670] ERROR: Out of memory at tomoyo_realpath_from_path.
[  572.048262][ T5827] usb 7-1: Using ep0 maxpacket: 8
[  572.111099][ T5827] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  572.111131][ T5827] usb 7-1: config 0 has no interface number 0
[  572.111179][ T5827] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  572.111202][ T5827] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  572.111226][ T5827] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  572.111251][ T5827] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  572.111290][ T5827] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  572.111310][ T5827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  572.364601][ T5827] usb 7-1: config 0 descriptor??
[  572.378739][ T5827] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  575.754783][ T5827] usb 7-1: USB disconnect, device number 22
[  575.793349][ T5827] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[  576.253901][T14709] syz.0.3102 (14709): drop_caches: 2
[  576.456863][ T5827] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  576.656705][ T5827] usb 3-1: Using ep0 maxpacket: 32
[  576.663112][ T5827] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  576.668461][ T5827] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  576.668492][ T5827] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  576.668513][ T5827] usb 3-1: Product: syz
[  576.668528][ T5827] usb 3-1: Manufacturer: syz
[  576.668543][ T5827] usb 3-1: SerialNumber: syz
[  576.695781][ T5827] usb 3-1: config 0 descriptor??
[  576.732069][T14714] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  576.957528][T14733] FAULT_INJECTION: forcing a failure.
[  576.957528][T14733] name failslab, interval 1, probability 0, space 0, times 0
[  576.959824][T14733] CPU: 1 UID: 0 PID: 14733 Comm: syz.4.3112 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  576.959856][T14733] Tainted: [L]=SOFTLOCKUP
[  576.959864][T14733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  576.959876][T14733] Call Trace:
[  576.959885][T14733]  <TASK>
[  576.959893][T14733]  dump_stack_lvl+0xe8/0x150
[  576.959931][T14733]  should_fail_ex+0x46b/0x600
[  576.959960][T14733]  ? __pfx_sock_alloc_inode+0x10/0x10
[  576.959985][T14733]  should_failslab+0xa8/0x100
[  576.960020][T14733]  ? __pfx_sock_alloc_inode+0x10/0x10
[  576.960042][T14733]  kmem_cache_alloc_lru_noprof+0x8b/0x680
[  576.960073][T14733]  ? sock_alloc_inode+0x2c/0x190
[  576.960099][T14733]  ? __pfx_sock_alloc_inode+0x10/0x10
[  576.960122][T14733]  sock_alloc_inode+0x2c/0x190
[  576.960146][T14733]  ? __pfx_sock_alloc_inode+0x10/0x10
[  576.960168][T14733]  alloc_inode+0x6a/0x1b0
[  576.960279][T14733]  __sock_create+0x12d/0x9d0
[  576.960314][T14733]  __sys_socket+0xd6/0x1b0
[  576.960341][T14733]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.960363][T14733]  __x64_sys_socket+0x7a/0x90
[  576.960389][T14733]  do_syscall_64+0x15f/0xf80
[  576.960413][T14733]  ? trace_irq_disable+0x3b/0x140
[  576.960434][T14733]  ? clear_bhb_loop+0x40/0x90
[  576.960458][T14733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.960477][T14733] RIP: 0033:0x7f5558d5e087
[  576.960496][T14733] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  576.960514][T14733] RSP: 002b:00007f5556f93f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  576.960535][T14733] RAX: ffffffffffffffda RBX: 00007f5558fd6090 RCX: 00007f5558d5e087
[  576.960549][T14733] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  576.960563][T14733] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  576.960575][T14733] R10: 0000200000000080 R11: 0000000000000286 R12: 0000000000000001
[  576.960588][T14733] R13: 00007f5558fd6128 R14: 00007f5558fd6090 R15: 00007ffd55035968
[  576.960620][T14733]  </TASK>
[  576.960631][T14733] socket: no more sockets
[  577.070285][ T5827] usb 3-1: USB disconnect, device number 70
[  578.371212][T14769] FAULT_INJECTION: forcing a failure.
[  578.371212][T14769] name failslab, interval 1, probability 0, space 0, times 0
[  578.371247][T14769] CPU: 1 UID: 0 PID: 14769 Comm: syz.5.3128 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  578.371274][T14769] Tainted: [L]=SOFTLOCKUP
[  578.371281][T14769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  578.371293][T14769] Call Trace:
[  578.371301][T14769]  <TASK>
[  578.371311][T14769]  dump_stack_lvl+0xe8/0x150
[  578.371347][T14769]  should_fail_ex+0x46b/0x600
[  578.371379][T14769]  should_failslab+0xa8/0x100
[  578.371402][T14769]  kmem_cache_alloc_noprof+0x87/0x680
[  578.371429][T14769]  ? lockdep_hardirqs_on+0x7a/0x110
[  578.371455][T14769]  ? do_getname+0x2e/0x250
[  578.371482][T14769]  do_getname+0x2e/0x250
[  578.371502][T14769]  ? getname_flags+0x11/0x20
[  578.371526][T14769]  do_sys_openat2+0xca/0x200
[  578.371555][T14769]  ? __pfx_do_sys_openat2+0x10/0x10
[  578.371580][T14769]  ? ksys_write+0x248/0x270
[  578.371600][T14769]  ? __pfx_ksys_write+0x10/0x10
[  578.371623][T14769]  __x64_sys_openat+0x138/0x170
[  578.371652][T14769]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.371672][T14769]  do_syscall_64+0x15f/0xf80
[  578.371694][T14769]  ? trace_irq_disable+0x3b/0x140
[  578.371714][T14769]  ? clear_bhb_loop+0x40/0x90
[  578.371738][T14769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.371757][T14769] RIP: 0033:0x7f48de76d04e
[  578.371775][T14769] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  578.371790][T14769] RSP: 002b:00007f48dca05f18 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  578.371810][T14769] RAX: ffffffffffffffda RBX: 00007f48dca066c0 RCX: 00007f48de76d04e
[  578.371825][T14769] RDX: 0000000000000000 RSI: 00007f48de842328 RDI: ffffffffffffff9c
[  578.371838][T14769] RBP: 00007f48dca06090 R08: 0000000000000000 R09: 0000000000000000
[  578.371851][T14769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  578.371862][T14769] R13: 00007f48dea26038 R14: 00007f48dea25fa0 R15: 00007ffcef74ce68
[  578.371892][T14769]  </TASK>
[  579.049577][T14783] netlink: 'syz.6.3135': attribute type 4 has an invalid length.
[  579.584739][T14792] syz.0.3138 (14792): drop_caches: 2
[  580.016388][ T5827] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  580.183889][T14826] netlink: 11 bytes leftover after parsing attributes in process `syz.0.3145'.
[  580.198531][ T5827] usb 3-1: Using ep0 maxpacket: 16
[  580.200958][ T5827] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  580.200994][ T5827] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  580.201018][ T5827] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  580.201061][ T5827] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  580.201086][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.228897][ T5827] usb 3-1: config 0 descriptor??
[  580.381654][T14813] fuse: blksize only supported for fuseblk
[  580.696613][ T5827] microsoft 0003:045E:07DA.0010: ignoring exceeding usage max
[  580.698737][ T5827] microsoft 0003:045E:07DA.0010: ignoring exceeding usage max
[  580.816385][ T5884] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  580.958401][T14843] BUG: kernel NULL pointer dereference, address: 0000000000000010
[  580.958422][T14843] #PF: supervisor read access in kernel mode
[  580.958433][T14843] #PF: error_code(0x0000) - not-present page
[  580.958444][T14843] PGD 800000005f8b1067 P4D 800000005f8b1067 PUD 0 
[  580.958468][T14843] Oops: Oops: 0000 [#1] SMP KASAN PTI
[  580.958608][T14843] CPU: 1 UID: 0 PID: 14843 Comm: vhost-14842 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  580.958636][T14843] Tainted: [L]=SOFTLOCKUP
[  580.958644][T14843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  580.958656][T14843] RIP: 0010:kcov_remote_start+0x2a1/0x710
[  580.958724][T14843] Code: 8e 8d 4c 8b b8 08 e4 72 92 bd 00 00 04 00 eb 4f 41 8b ae a4 00 00 00 49 c7 c7 a0 56 02 8e 4d 8b 3f 49 81 ff a0 56 02 8e 74 4c <41> 39 6f 10 75 ee 4c 89 ff e8 d1 ed e6 02 84 c0 74 0e 49 8b 07 49
[  580.958742][T14843] RSP: 0018:ffffc90004597cb0 EFLAGS: 00010207
[  580.958768][T14843] RAX: 0000000000000000 RBX: ffff888061d09ec0 RCX: 0000000000000000
[  580.958781][T14843] RDX: 0000000028607f00 RSI: 0000000000000001 RDI: ffffffff8ba74000
[  580.958794][T14843] RBP: 0000000000100000 R08: ffffffff8b2f2740 R09: ffffffff8dfc80c0
[  580.958807][T14843] R10: dffffc0000000000 R11: fffffbfff1f179df R12: 0000000000000002
[  580.958820][T14843] R13: 0000000000000001 R14: ffff888028907e00 R15: 0000000000000000
[  580.958832][T14843] FS:  00007f3d282856c0(0000) GS:ffff8881261fb000(0000) knlGS:0000000000000000
[  580.958850][T14843] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  580.958863][T14843] CR2: 0000000000000010 CR3: 0000000032a52000 CR4: 00000000003526f0
[  580.958880][T14843] Call Trace:
[  580.958889][T14843]  <TASK>
[  580.958900][T14843]  vhost_run_work_list+0x129/0x1e0
[  580.958984][T14843]  ? __pfx_vhost_run_work_list+0x10/0x10
[  580.959040][T14843]  vhost_task_fn+0x2ef/0x4a0
[  580.959173][T14843]  ? __pfx_vhost_task_fn+0x10/0x10
[  580.959224][T14843]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  580.959258][T14843]  ? rt_spin_unlock+0x14f/0x200
[  580.959294][T14843]  ? rt_spin_unlock+0x160/0x200
[  580.959321][T14843]  ? __pfx_vhost_task_fn+0x10/0x10
[  580.959344][T14843]  ret_from_fork+0x514/0xb70
[  580.959528][T14843]  ? __pfx_ret_from_fork+0x10/0x10
[  580.959546][T14843]  ? __switch_to+0xc79/0x1410
[  580.959660][T14843]  ? __pfx_vhost_task_fn+0x10/0x10
[  580.959686][T14843]  ret_from_fork_asm+0x1a/0x30
[  580.959715][T14843]  </TASK>
[  580.959728][T14843] Modules linked in:
[  580.959752][T14843] CR2: 0000000000000010
[  580.959770][T14843] ---[ end trace 0000000000000000 ]---
[  580.959779][T14843] RIP: 0010:kcov_remote_start+0x2a1/0x710
[  580.959806][T14843] Code: 8e 8d 4c 8b b8 08 e4 72 92 bd 00 00 04 00 eb 4f 41 8b ae a4 00 00 00 49 c7 c7 a0 56 02 8e 4d 8b 3f 49 81 ff a0 56 02 8e 74 4c <41> 39 6f 10 75 ee 4c 89 ff e8 d1 ed e6 02 84 c0 74 0e 49 8b 07 49
[  580.959820][T14843] RSP: 0018:ffffc90004597cb0 EFLAGS: 00010207
[  580.959837][T14843] RAX: 0000000000000000 RBX: ffff888061d09ec0 RCX: 0000000000000000
[  580.959849][T14843] RDX: 0000000028607f00 RSI: 0000000000000001 RDI: ffffffff8ba74000
[  580.959861][T14843] RBP: 0000000000100000 R08: ffffffff8b2f2740 R09: ffffffff8dfc80c0
[  580.959873][T14843] R10: dffffc0000000000 R11: fffffbfff1f179df R12: 0000000000000002
[  580.959885][T14843] R13: 0000000000000001 R14: ffff888028907e00 R15: 0000000000000000
[  580.959897][T14843] FS:  00007f3d282856c0(0000) GS:ffff8881261fb000(0000) knlGS:0000000000000000
[  580.959912][T14843] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  580.959925][T14843] CR2: 0000000000000010 CR3: 0000000032a52000 CR4: 00000000003526f0
[  580.959981][T14843] Kernel panic - not syncing: Fatal exception
[  580.960293][T14843] Kernel Offset: disabled