last executing test programs:

29m59.832537714s ago: executing program 3 (id=1331):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mlock(&(0x7f0000453000/0x1000)=nil, 0x1000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000021c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0x0, 0x0)
syz_io_uring_setup(0x5a8a, &(0x7f00000000c0)={0x0, 0x707c, 0x28c02, 0x1, 0xd1}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000022c0)=ANY=[@ANYBLOB="2000000010000002000007000100000000000000d8c0b9c690fcaaadb8790de3950343e4ac8e9cdc942630ba7348803fce0c1a1863dd5219acd1d51b4c1743a274db788b987399fb471009d2899338ee304edb58ec79e21b037e6fe284e8c420cdba1e8a05b0807ecfdb5247244fd261865260bfad1030872a3d99e8ea5f6b75cb2963b5c9ea0b5232fe5dab490ba98722bef9706d8b8833d957edc220d6680704f878f8e2b220ebd1f619d2a03fac29afaab16f05f0eacc76ea1cdf21cad730595b20add16d58811a7c07f92a0307b1b41b56298ddd2ed83b3dff26e584e49a794f0b32dadc2813b68bc98dcf0881", @ANYRES32=0x0, @ANYBLOB="0002000000000000"], 0x20}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r7 = syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002880)=ANY=[@ANYBLOB, @ANYRESHEX=r6, @ANYBLOB="2c726f6f74ed6f64653d30303030303030303030303030303030303034303030302c757365725f69643d", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'], 0x0, 0x0, 0x0)
ioctl$VIDIOC_LOG_STATUS(0xffffffffffffffff, 0x5646, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r8, 0x84, 0x14, 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000100)={0x2020, 0x0, <r9=>0x0}, 0x2020)
write$FUSE_INIT(r6, &(0x7f0000002140)={0x50, 0xfffffffffffffffe, r9, {0x7, 0x27, 0x0, 0x40, 0x0, 0x2, 0x5, 0x2, 0x0, 0x0, 0x1, 0xfffffffa}}, 0x50)
read$FUSE(r6, &(0x7f000000b040)={0x2020, 0x0, <r10=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r6, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r10}, 0x10)
open_by_handle_at(r7, &(0x7f00000021c0)=ANY=[], 0xfeffffff)
r11 = socket$tipc(0x1e, 0x5, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r11, 0x0, 0x0})

29m55.665278052s ago: executing program 3 (id=1343):
socket$pppl2tp(0x18, 0x1, 0x1)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x2000400, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c6d61785f726561643d3078303030303030303030303030303030312c6d61785f726561643d3078303030303030303030303030303037662c6d474e87386fab61643d3078303030303030303030303030303031302c616c6c6f775f6f746865722c616c6c6f775f6f746865"], 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)=@o_path={0x0}, 0x18)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="290626bd7000fbdbdf251d00000034000180140002007465616d5f736c6176655f3000000000140002006970365f767469300000000000000000080003"], 0x48}, 0x1, 0x0, 0x0, 0x8844}, 0x20040000)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f00000001c0)=@s={0x5, @generic=0x4, 0xd, 0xff})
semop(0x0, &(0x7f0000000040)=[{0x1, 0x4}], 0x1)

29m54.806671313s ago: executing program 3 (id=1346):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000002c0)={0x3, 0x2}, 0x4)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x1, 0x3}, 0x8)
socket$inet(0x2, 0x6000000000000001, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000440)=@filter={'filter\x00', 0x4, 0x4, 0x370, 0xffffffff, 0xe8, 0xe8, 0x0, 0xfeffffff, 0xffffffff, 0x2a0, 0x2a0, 0x2a0, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x1f}, @loopback, [0xffffffff, 0xffffff00, 0xffffffff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffff00], 'wlan1\x00', 'sit0\x00', {}, {0xff}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [0x0, 0x0, 0x0, 0xffffff00], [0x0, 0x0, 0xff000000, 0x1ffffff01], 'sit0\x00', 'batadv_slave_1\x00', {0xff}, {}, 0x34}, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socket(0x10, 0x3, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x4e, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000000)="0f080fae04a200400f01c426660f3a15e6160fc76bdbf08666350f2170260fed9c000066b9230b00000f32", 0x2b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_DEVICE_ATTR_vcpu(r8, 0x4018aee1, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, &(0x7f0000000000)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})
socket$packet(0x11, 0x3, 0x300)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x5c, 0x1, 0x1}, {0x6, 0x0, 0x40, 0x4}]})
sendto$inet6(r1, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001880)="da", 0x1}], 0x1, &(0x7f0000000440)=ANY=[], 0xd0}}], 0x1, 0x4040005)

29m53.560763559s ago: executing program 3 (id=1349):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000200), 0xffffffffffffffff)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000440)={0x0, &(0x7f0000000400)}, 0x10)
setsockopt$inet_opts(r2, 0x0, 0x200000000000c, &(0x7f00000003c0)="ea00000100000000", 0x8)
setsockopt$inet_opts(r2, 0x0, 0xd, &(0x7f0000000100), 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f00000000c0)=0x100, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
bind$xdp(r3, &(0x7f00000001c0)={0x2c, 0x0, r5}, 0x10)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r6, 0x11b, 0x3, &(0x7f0000000240)=0x800, 0x4)
bind$xdp(r6, &(0x7f0000000100)={0x2c, 0x1, r5, 0x0, r3}, 0x10)
sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0x1c, r1, 0x2, 0x70bd2d, 0x25dfdbff, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x8004)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x226)
move_mount(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', r8, &(0x7f0000000100)='./file0\x00', 0x1)
socket$nl_route(0x10, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x10200, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002300), 0x80802, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)

29m53.144871052s ago: executing program 3 (id=1350):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e21, 0xb744, @private2={0xfc, 0x2, '\x00', 0x1}, 0xfffffffd}, 0x1c)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f00000001c0))
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4138ae84, &(0x7f0000000080)=@x86={0x6, 0xa, 0x7, 0x0, 0x3, 0x8d, 0xce, 0x1c, 0x89, 0xa0, 0x7, 0x8, 0x0, 0x8000, 0xb, 0x2, 0x8, 0x2, 0x1, '\x00', 0x9, 0x3fb})
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x8, 0x80, 0x0, '\x00', 0x5c8d})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x1}, 0x18, 0x0)
syz_usb_connect(0x4, 0x7e6, &(0x7f0000000480)={{0x12, 0x1, 0x200, 0x84, 0x89, 0x46, 0xff, 0x1d4d, 0xc, 0x1197, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7d4, 0x3, 0x21, 0x0, 0x10, 0x1, [{{0x9, 0x4, 0x14, 0xf, 0x0, 0xb8, 0xf, 0xb7, 0x6, [@uac_control={{0xa, 0x24, 0x1, 0x9, 0x9}, [@output_terminal={0x9, 0x24, 0x3, 0x5, 0x2fb, 0x4, 0x3, 0x2}, @feature_unit={0x11, 0x24, 0x6, 0x2, 0x2, 0x5, [0x3, 0x6, 0x4, 0x6, 0x2], 0x5}, @selector_unit={0x8, 0x24, 0x5, 0x5, 0xfc, "489f31"}, @mixer_unit={0xb, 0x24, 0x4, 0x2, 0x60, "f5d74665a1f7"}, @selector_unit={0x5, 0x24, 0x5, 0x5, 0x81}]}]}}, {{0x9, 0x4, 0x7e, 0x8, 0x9, 0xc4, 0xe4, 0x13, 0x1, [], [{{0x9, 0x5, 0xd, 0x10, 0x3ff, 0x19, 0xe, 0x1d}}, {{0x9, 0x5, 0x80, 0x1, 0x3ff, 0x6, 0x0, 0x9, [@generic={0x63, 0x23, "fb447ad422c6fb89b413bb7479684ba153f15f8f6f1c4781d0f238e000b0b244da55bd794ce1f85172e00e97050b67fda0e47fb00fe703e1bdc39f1bdae7c61f86eb160ac623d813a7ad1f4202ab454843b2e7ed2caf80fc8652d2bf7581a3f2d6"}]}}, {{0x9, 0x5, 0xe, 0x4, 0x40, 0x7, 0xd, 0x5}}, {{0x9, 0x5, 0xc, 0x1d, 0x0, 0x1, 0x1f, 0x8, [@generic={0x7b, 0xd, "c5c0bdc29492e54dbcf0e81f2202ddd6d466ff4059ccd0133121b7fe039dfac3793b7f523c55299a358991390c23b13fe78fbfcea8d0dba58099408cd289205a628f21010cb00697028a98116f7521b3c42fb596d1376c27ca1ad769d8f694c749314108b48afad637f59ac608bb7b97bc58ba099e51de8f69"}, @uac_iso={0x7, 0x25, 0x1, 0xbeea4e69913121f6, 0xe0, 0x3}]}}, {{0x9, 0x5, 0xc, 0x10, 0x10, 0x2, 0xe, 0xd, [@generic={0x41, 0xc, "26f5046af0276a40f990be2b5c39e1a4b6abecbcd88363fc0f8b96224e6ac781fd22ae23eb6bdcf023c58f550c5a0dd23f04a2bee664295a991210d7458cc7"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x8f, 0x6}]}}, {{0x9, 0x5, 0x9, 0x1, 0x3ff, 0x8a, 0x7, 0xe, [@generic={0xb8, 0x23, "58f56c744b9b29edc00cbca93ec2c3a9ccbf8c5b42722932f25ec3bf76abf8349e9a7e08fae1fd7b442fcac625b57eca929f0a53dddb51d036235a78d185e27e44c17d420a78485585946aa3878d2c3f1bfeba232621babdc0513be397d45eee60659ecaa5948a7332333e32803fb1b91842a6f5de870a88d7817176b819e96c203466a75bb6e12fb3c1ed3bbe0b2f95306c517ead5e5dbefb0fd2edc74ebfa9a0a52e3df7a444d286d383f8094e121a52bafa611175"}, @generic={0x6b, 0x1, "d711f13ed609e160a4fe792461d93b458b91067321480acf39685cb92b63dbe867a80b1267f4d346e01de58cb15bbe11b1821cb4e8271c586f5fe2f755fbb3d71b4f7ed05d4fa45a1cf4a5e29061efdf0420dbddb1c59ff905e224c1e534e0cc2e27dee22b7754271f"}]}}, {{0x9, 0x5, 0x9, 0x1, 0x10, 0xd, 0x2, 0xfb, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x1, 0x5}]}}, {{0x9, 0x5, 0xd, 0x0, 0x8, 0x6, 0x4, 0x8}}, {{0x9, 0x5, 0xc, 0x0, 0x200, 0x9, 0x2, 0x0, [@generic={0x39, 0x21, "62577cba293bba305869f08ab851fb587e2eed458fc5bee46fb025d3b967f9be90be8b40ef3017c99ab22f13b5397107174a572a16ea33"}]}}]}}, {{0x9, 0x4, 0x6, 0x81, 0x10, 0xfc, 0x5b, 0x82, 0xd7, [@hid_hid={0x9, 0x21, 0xfffa, 0x80, 0x1, {0x22, 0x247}}], [{{0x9, 0x5, 0x9, 0x10, 0x40, 0x40, 0x8, 0xf}}, {{0x9, 0x5, 0x1, 0x0, 0x200, 0x7, 0x34, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x8, 0x1000}]}}, {{0x9, 0x5, 0x7, 0x4, 0x8, 0x0, 0x4b, 0x4, [@generic={0x14, 0x7, "c3d9b8972f8536b56b1b8ed984d6edf464bd"}, @generic={0x4d, 0x9, "d26cb3c2f7baadaa3bd87077a9a8f8612496be2550945fc67626adc5237aed5a823bb25bfdf6efbf4da53ba7e4637e19ca02a543eddd5c78a05eb618636ae8ef03a0cc3025495a9f76ec02"}]}}, {{0x9, 0x5, 0x0, 0x8, 0x20, 0x9, 0xc, 0x4, [@generic={0xbd, 0x30, "adba40ad1ea8dc90ac1abc5ca3dda59c3ebce8a129bf6f032a360f20404e0a030a7d4e48eba9df4a9a953f5cf9bf995c43567488b4f501e2c8587a8c8265c9f6c498ce5050ef1a8c7160ac450c51ac98f80c53ee9bbe3d78eac1d1d1612d762951c300de140984119d0877b92131b45b05d316d00414199dd474583c53bb5470053e00a6531bc4eb7e2969e67993b54ba02c0514d2b10aa380e3a0266562e496a2d0ec36c56dd0355b06b92972b24a9afb3d77edc3afb2497e4305"}, @generic={0x4, 0x4, 'i$'}]}}, {{0x9, 0x5, 0xc, 0x3, 0x20, 0x8, 0xd, 0xca, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x7, 0x3a}]}}, {{0x9, 0x5, 0xc, 0x0, 0x278, 0x5, 0x1, 0x40, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x2, 0x6}]}}, {{0x9, 0x5, 0x7, 0x0, 0x8, 0x80, 0x4, 0xab, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x3, 0xf7ef}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x2a, 0x8}]}}, {{0x9, 0x5, 0x2, 0x2, 0x10, 0x6f, 0xf6, 0xa3, [@generic={0x69, 0x1a706ddc45c7be6c, "4a85f115ba000403ce77fb79afa920ba41ea90d69bcf0f00d0c069e995c6fc91e8753cc06b8a66e557772ee323ef15e33cc03d488fba1b9458d147029835823da1d29bc5ad06cb1961a9073703a33e9a0aac26689563d7af64d967db9ba5f243f8b14f2ac885e0"}, @generic={0xec, 0xf, "c8141a089e3edece84c8d0e3948e48fde590e4d5669331e884f338771c338a979a058314f00e35992c9d857fd47017ed60860916fe6284f955e25349d82db94dba21733cd8173264b8df4bc38f2b6a78794da97e944c08b55138b67532b3c79fd747bb0e4df3f4f68549ae438c4909acc599060dd6978666647661d9c3c2a5d009464203101ca72a7b678ab34cc10e6cab5f0a389ee827531407b6d324c77c700e8f78fc1b677d01e317d7fb0d16b720d9dc739eecdb6ee5e004e5da07bd0a1f39e4a3caadc5aa8a0c38733c1a624d59fc5ccf7589e9bbc030660adceb837cd6a8a304b731677df302df"}]}}, {{0x9, 0x5, 0x4, 0x0, 0x40, 0x2, 0x38, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x9, 0x7}, @generic={0x44, 0x6, "bcf5c276eb7e6041ded0936f8e701ff524cc17c62017a427da4e43e4c15d518d62d88b36e4405d67b02f0ee5f956445091bfdf5c3301db9854f0af967d92ecb24444"}]}}, {{0x9, 0x5, 0xf, 0x0, 0x40, 0x81, 0x6, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x3}]}}, {{0x9, 0x5, 0xf, 0x10, 0x20, 0x4c, 0x1, 0xfe, [@generic={0x2d, 0xf, "11d86072c3a4dc06475987707a7f57674d55c7cddeb72f51b8e6df285d3acdfd74fffcd909f0c125a5f7c2"}, @generic={0x5f, 0x0, "90880f27b7c612e6978ac0aa202e951a72326c81c179db4829e6b2c49e529d92919074d2ac85dcfd21775670929a6bda96a3013924c292af15bc6bc415b50df0ce63478c0b9b26d99e91ac795ec85d3b98852b5a407a9ba691135e902e"}]}}, {{0x9, 0x5, 0x8, 0x2, 0x40, 0x3, 0x1, 0x81, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x6, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x83, 0x81, 0xa}]}}, {{0x9, 0x5, 0x3, 0x3, 0x8, 0x8f, 0x4, 0xc1}}, {{0x9, 0x5, 0x2, 0x0, 0x10, 0xa9, 0xef, 0x6}}, {{0x9, 0x5, 0xd, 0x10, 0x200, 0x8, 0x7, 0x81, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x3, 0x1}]}}, {{0x9, 0x5, 0xe, 0x10, 0x8, 0x40, 0x3, 0x7, [@generic={0x64, 0x22, "54d79160e3bb2b979055366518a0402e0d7197feac1163166820e42a96d9892377f31677125d1a67551d627f8fa316782e390ff4d8399b71c69deb70ff938756404953b45c193bad68ff74b3f3fb0192880b5bb2913370fcf3e84d1890266b9374fb"}, @generic={0xa, 0x31, "4b143e0f2ad03248"}]}}]}}]}}]}}, &(0x7f0000000e00)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x10, 0x0, 0x15, 0x66, 0x40, 0x8b}, 0x19, &(0x7f0000000340)={0x5, 0xf, 0x19, 0x2, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0xc, 0x8, 0x21, 0xf0}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xc, 0x5, 0x3, 0xd}]}, 0x4, [{0x0, 0x0}, {0x27, &(0x7f0000000e80)=ANY=[@ANYBLOB="270379204a220ba6a052dca752c7fabea369beb9c7fd1f1caa6883ee8ac40aac4f494b1b2b640755f6d38c166f17e4ebb488352b7ee857df57274829c33b69be20a1bc72b10e6be52982525af228c53658c01b5750c52a0aca985043d08a73cbb8e28dd791252ebc477d01cfdeaa137414101260ea29addbd103400d4a87fb92725530e70bec5f675ed73328d6a35adf3fba433e87e02493f9b234fa1ab182c1ff55ab600da467af13b1ac6cd57b93fd0397c200"/193]}, {0x7f, &(0x7f0000000d80)=@string={0x7f, 0x3, "9811916e11b45c33212fbd5e5df6395154736cb0a1dd20331bf488eec9cdbbb55ffd429bd18a295b26cfcfa1293f80607100384d032c4ff2ed22d8f15f8a212adc33223813ae40d67a9e6712566e390dd57c654bbf57fd2b040caddfe0cc4e0246af824b72fb0ddf48d83daa2299ecfe21af62ffe1f55f30d21cfdb600"}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x1001}}]})
openat$full(0xffffffffffffff9c, 0x0, 0x2fb71da98128d4bd, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYRES64=r8, @ANYRES32=0x0, @ANYRESOCT=0x0], 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
readv(r1, &(0x7f0000000240)=[{&(0x7f0000000040)=""/84, 0x9000}], 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

29m52.716114903s ago: executing program 3 (id=1352):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4008840)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a030200020000000000000200000009000200"], 0x80}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000002000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0)

29m51.221870016s ago: executing program 32 (id=1352):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4008840)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a030200020000000000000200000009000200"], 0x80}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000002000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0)

10.807825509s ago: executing program 2 (id=11924):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000d00)=ANY=[@ANYBLOB="120100021982302013042360e5ec0102030109021b0001000060020904840001ee48b100090582"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f00000002c0), 0x3, 0x2)
ioctl$VIDIOC_G_FMT(r1, 0xc0d05604, &(0x7f0000000100)={0x7, @raw_data="8a93a9bca2e7a34fd42cad7a27db2244182edb88bfb1f531061fff7f8e2167ccf1cb11a2bc849e7071c7dc5809a0e1e7a322fb50414f35f9a64a7a24e6eac6339fe77f834b71d14670185f2b582edd96ac12667b94ce5d1dab41c7702b0dd2df2800fe8ca0eb607aace9f42c6f82b97820cb0686ff8279996467f64732144e6d8a36e8848dcbc0be0fe8c515128a63995eba99cf70e5db63cb5a10703d334e05c4fcbf9910e795abe501acb4bc4ae4b30c5e2679214f982efdb31aed3ae4392d31b7177aee45dd8c"})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

8.394729968s ago: executing program 2 (id=11933):
socket$pppl2tp(0x18, 0x1, 0x1)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
utimes(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000040)=0x1000)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000730000400000000081"])
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x1, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x1, 0xff, 0xff, 0x0, '\x00', 0x2, 0x1})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x808ed3a56aee9e48)
syz_mount_image$fuse(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x2000400, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c6d61785f726561643d3078303030303030303030303030303030312c6d61785f726561643d3078303030303030303030303030303037662c6d474e87386fab61643d3078303030303030303030303030303031302c616c6c6f775f6f746865722c616c6c6f775f6f"], 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)

7.983906395s ago: executing program 0 (id=11939):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x6f, 0x48014)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x80, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TARGET_INFO={0x2c, 0x3, "7339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c700"/40}, @NFTA_TARGET_NAME={0x8, 0x1, 'TEE\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r8=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646, 0x12200}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}]}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24004080}, 0x8810)
r9 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r9, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r10 = socket(0x80000000000000a, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000ff000003bfa30000000000000703000000feffff620af0fff8ffffff71a4f0ff0000000015040200000000001d400200000000004704000001ed000062030000000000001d440000000000007a0a00fe00ffffffdb03000040000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa5b4e377184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7592566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6cb5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe293308"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
setsockopt$inet6_group_source_req(r10, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
syz_emit_ethernet(0xfef3, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbfe8000000000000000000000000000aa4e200e22"], 0x0)

6.875213627s ago: executing program 0 (id=11943):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0x22001, 0x0)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TCGETS(r1, 0x5401, 0xfffffffffffffffe)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r2)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4], 0x40}, 0x1, 0x0, 0x0, 0xc100}, 0x4040)
shmctl$IPC_INFO(0x0, 0x3, &(0x7f0000000080)=""/43)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r8, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}, 0x1c)
setsockopt$inet6_int(r8, 0x29, 0x4b, &(0x7f0000000100)=0x401, 0x4)
bind$inet6(r8, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @remote}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd6000050000140600fc02000000000000"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r7, &(0x7f0000000180)={0x0, 0x50, 0x0}, 0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-160\x00'}, 0x58)
r10 = accept4(r9, 0x0, 0x0, 0x800)
select(0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x10}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0)
recvmmsg$unix(r10, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="51d09e4a08000000"], 0x14}, 0x1, 0x0, 0x0, 0x10008c10}, 0x11)
r11 = syz_usb_connect(0x6, 0xffb1, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x3c, 0x8c, 0xdd, 0x40, 0x148f, 0x2770, 0x9ae4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x20, 0x10, 0x0, 0xb6, 0x2d, 0xac}}]}}]}}, 0x0)
syz_usb_control_io(r11, 0x0, &(0x7f0000000980)={0x84, &(0x7f0000000380)=ANY=[@ANYBLOB="40185e0000007a2730de022b5b8700c6b5f87f87e0a56af54f4364678bc866ee6033124af13cb9b46b8db1d0293a5e18ef67d94c09b56c4d4264d7a604094ff58d350e64d22d126dd2c1136f9b8c965bbe0f9d34e602acc95de77e19742ca099651127914bbf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

5.437491095s ago: executing program 2 (id=11947):
keyctl$unlink(0x9, 0x0, 0xfffffffffffffffd)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000380)={0x34, r2, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000000)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x894)
r3 = socket(0x10, 0x3, 0x0)
pipe2(&(0x7f0000000080)={<r4=>0xffffffffffffffff}, 0x4000)
splice(r4, 0x0, r3, &(0x7f0000000500), 0x1db08b19, 0x4)
r5 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r5, &(0x7f0000000840)={&(0x7f0000000080)={0x2, 0x4e23, @rand_addr=0x1}, 0x10, 0x0}, 0x4000000)
getpeername$qrtr(r0, &(0x7f0000000040), &(0x7f00000000c0)=0xc)

4.952077591s ago: executing program 2 (id=11951):
socket(0x10, 0x803, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'vlan0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'veth1_to_hsr\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="400d0000000000003000128008000100687372002400028008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r1], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x28, 0x3f7, 0x0, 0x70bd2a, 0x25dfdbfb, {0x7, 0x7, './file1', './file1'}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20008040}, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r5, 0x0, &(0x7f00000000c0)=@tcp6}, 0x20)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r7 = openat$binfmt(0xffffffffffffff9c, r6, 0x42, 0x1ff)
close(r7)
execveat$binfmt(0xffffffffffffff9c, r6, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xf87, &(0x7f0000000000)={@local, @dev, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xf51, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, @local, {[@routing={0x84}], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5fcc3fe405ac6d292d1d90f257f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f481a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8dfb146fec7bfc0b37e8ff2c9de90c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7cc735bd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6ef07bda12646792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32dedbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c19634b5ca2df74"}}}}}, 0x0)
execveat$binfmt(0xffffffffffffff9c, r6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xc)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r9=>0x0})
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r9, @ANYBLOB="00000000100000001c001a80", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r11 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="1e7c0010", @ANYRES16, @ANYBLOB="02002cbd7000fcdbdf250600000034000180140002006272696467653000000000000000000014000200766972745f77696669300000000000000800030000000000200001801400020070696d7265670000000000000000000008000300010000001400018008000100", @ANYRES32, @ANYBLOB="080001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000855}, 0x0)
sendmsg$kcm(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x2e}, {&(0x7f0000000180)="edc2fc01b86cf71e660f5e2f0843d7d0433403110a70ec139ca2d9b15ccd415315e50a33152f5279523328a2e4724add255f64b723ab78e426b751c77a0fd435652c6fbb3764d577e75d714e7a26b46ca99c822a8a579ba45ef226b9ec4f05e6c7c8a37224270008", 0x68}, {&(0x7f00000003c0)="2197579d017554c1625d73d34702414a80fab347ef892579262fdd64e9a931a234434f47f2c14516f270d2ce81f9709a659f575e1ea9fd40f924262719428f6e671012bfcb4d7521482f7afde5bcaf700c0e6f46edfeed3a0a40ea024d0db391d193d423d9a2c921cbc20e366dbe24048f3a6985b28ae27405af0eebade4b11b6110b33b3f5cadb096f5fde273b576291311c7ef02513783aeff54b9bab82548f9ecf88dd7f8c7f8dbb4cfe97ff8f31aed23721a4525eaa995d694aae50c4a33bffb448963966f6f3a45a943f717a478f49543bfe8fc80a3c2b101ad123d3154b7", 0xe1}, {&(0x7f00000004c0)="577122dff2bce35e65f73e4ac0dd62c65b9dcb662d9058e8b81ef2900239ad9551ec8cf58d5430587bbac75df6f56fa601b9a7a0de79da5056177da7e8779df2cffd8e79c2afb9ceed5efda57f35acf0a98ba008333d54b924d50256fa748dac993b748fff0d8572d5d03e17edea122567ba881ee6d1932e", 0x78}, {&(0x7f0000000540)="816d7853da38df4fd43ab06f2821222a40780625acfedd37cabc4ff48254b5e14ef1c426a9776d38cc3ae7e3902027ac74d8738cec86624d3095e09bbd6695ec89226d3dcaff1482e081af45f0b9954afea374e3790de066f27f1426891d8a4ac2c4c76794c9cd28cf7dc95a192a7f3b5c515dc58ece11b5cccf9e1ff8fd87f91f14af455b", 0x85}, {&(0x7f0000000600)="f2150effd3d4f080f294731fbd66196e23985fb401c474566d5203b4330a90a0dd709e7c6c855bf8a4ecd07a00ab36f6c00bbda6aaabafe36a41693f4ccc601d5ec389f1be770d694522f84cd358fb6d49b1268531b54acf4c20a6e9189a460dca928ad8f91816fbbb424979737462dfe6b3260e8e6f28b15faf4488149bbb7cea7c59a4da3085d0067b", 0x8a}], 0x6}, 0x0)

4.866849761s ago: executing program 1 (id=11953):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000d00)=ANY=[@ANYBLOB="120100021982302013042360e5ec0102030109021b0001000060020904840001ee48b100090582"], 0x0)
r1 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r1, &(0x7f0000000200)={&(0x7f0000000580)=@hci={0x1f, 0x0, 0x41}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000040)="623bed114d421d8b1c60ea4388a8", 0xe}, {&(0x7f0000000240)="16c488a8", 0x4}], 0x2}, 0x4044)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000500)={0x1c, &(0x7f0000000380)={0x20, 0xf, 0x1, 'D'}, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000009c0)={0x84, &(0x7f0000000440)=ANY=[@ANYBLOB="200f030000002643ba3e31ab09bf38ac2f36f226552f64a2390d210968f26a25410665a64a8efcb71fabde7e1d72b18a8948e6b60e7fdbf745668746a2300cf3d2e392043e270544c4f53cf2676ae4ca2817a1052ceb4ee490082fa4b6e95fc527c5b6973e95f2bb5a2f64283cef6cf2593a9520fe87f6c210bc5037646c011c15aa283b880afba8e4f6dffed06864e959b858d75f94724c9a46d1ad554c770a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80882)
syz_io_uring_setup(0x62ce, &(0x7f00000003c0)={0x0, 0xda13, 0x8000, 0x2, 0xffffffff}, &(0x7f00000000c0), &(0x7f0000000380))
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x1}, 0x18)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setregs(0xd, r2, 0x20000000002, &(0x7f0000000040))
ptrace$cont(0x21, r2, 0x80000001, 0x4)
syz_open_procfs(r2, &(0x7f0000000100)='net/netfilter\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/ip_tables_names\x00')
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_open_dev$dri(0x0, 0x80000001, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)

4.784059638s ago: executing program 4 (id=11954):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10)
socket(0x1e, 0x4, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, 0x0, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r3, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10)
bind$tipc(r3, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
bind$tipc(r3, &(0x7f0000000440)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x3}}, 0x10)
bind$tipc(r3, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1, 0x3}}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
socket$nl_crypto(0x10, 0x3, 0x15)
setsockopt$CAN_RAW_ERR_FILTER(r6, 0x65, 0x2, &(0x7f0000000080)=0x1, 0x4)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r5, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x35, 0x0, 0x1}, {0x20}, {0x6, 0xfd, 0x0, 0x1ff}]})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x50, r7, 0x1, 0x70bd25, 0xe, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x6}}}}, [@NL80211_ATTR_SSID={0x15, 0x34, @random="47140c4661d9f4d11e2f4644b0aaa3ec00"}, @crypto_settings, @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0xc, {0x7, 0x1, 0x15be, 0x5}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x2004801)
r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xc)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r9, 0x4018aee3, &(0x7f0000000140)=@attr_other={0x0, 0x9fd, 0x2, &(0x7f00000000c0)=0x1})

4.649291439s ago: executing program 5 (id=11955):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000a00)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r3 = syz_io_uring_setup(0x10d2, &(0x7f0000000340)={0x0, 0x6bf6, 0x100, 0x5, 0x12}, &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000300)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000040)=[r3, r3, r2, r1, r2, r2, 0xffffffffffffffff, r3, r3], 0x9)
socket(0xa, 0x800, 0x6d090cb3)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x47bc, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0xffa0, &(0x7f0000000040)={&(0x7f00000000c0)=@ipv6_delroute={0x24, 0x19, 0x1, 0x70bd2c, 0x0, {0xa, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x3f00}, [@RTA_PRIORITY={0x8, 0x1e, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0xd8e5}, 0x0)
r6 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x56a, 0x57, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8, [{{0x9, 0x4, 0x0, 0x6d, 0x41, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x1, 0xfc, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x1, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)

3.867651287s ago: executing program 4 (id=11956):
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000fdffffffffffffff000000000000000000000000000000000500000000000000000000000020000000000000000000000000000000000000010002000000000044000500fe800000000000000000000000000044000004d42b0000000a000000e00000010000000000000000000000000000000004000000ce0000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004d00), 0x7fffffffffffd33, 0x20000890)

3.484101951s ago: executing program 0 (id=11957):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
setsockopt(0xffffffffffffffff, 0xff, 0x1, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x1c00, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast=0xac14140a, @multicast1}}}}}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x10)

3.476639187s ago: executing program 4 (id=11958):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x18, r1, 0x1, 0x0, 0x10000, {}, [@TIPC_NLA_NODE={0x4}]}, 0x18}, 0x1, 0x400000000000000, 0x0, 0x4}, 0x0)

3.420058759s ago: executing program 0 (id=11959):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) (async)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000000)=ANY=[], 0x340a) (async)
write$tun(r1, &(0x7f0000000000)=ANY=[], 0x340a)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_DEL_DEST(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x84, 0x0, 0x300, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010101}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'pimreg\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_DAEMON={0x2c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xd6}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xd}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x4}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x44}, 0xc000)

3.188006216s ago: executing program 4 (id=11960):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$rds(0x15, 0x5, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
bind$packet(r0, &(0x7f00000000c0)={0x11, 0x18, r2, 0x1, 0x81}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xa, 0x0, 0x0)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c)

3.18764012s ago: executing program 0 (id=11961):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1fff, 0x0, @mcast2, 0x5}, 0x1c)
r1 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205647, &(0x7f0000000200)={0xf020000, 0x1, 0x800, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x98f903, 0x0, '\x00', @string=0x0}})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r3=>r2, {0xee00, 0xffffffffffffffff}}, './file0\x00'})
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r5, 0xff02, 0x0)
r6 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x20002, 0x0)
ioctl$FBIOPUTCMAP(r6, 0x4605, &(0x7f0000000280)={0x983, 0x8251d54a38b53ba1, 0x0, 0x0, 0x0, 0x0})
fsetxattr$security_capability(r6, &(0x7f0000000140), &(0x7f0000000380)=@v2={0x2000000, [{0x32a6, 0x10001}, {0x905, 0x8}]}, 0x14, 0x0)
write$P9_RMKDIR(r3, &(0x7f0000000340)={0x14, 0x49, 0x2, {0x10, 0x1, 0x5}}, 0x14)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='batadv0\x00', 0x10)
ioctl$EXT4_IOC_GETFSUUID(r0, 0x8008662c, &(0x7f00000000c0))
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r7, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0xa, [@decl_tag={0xe, 0x0, 0x0, 0x11, 0x5, 0x8}, @const={0x9, 0x0, 0x0, 0xa, 0x5}, @fwd={0x3}, @decl_tag={0x10, 0x0, 0x0, 0x11, 0x1, 0x2}, @restrict={0x7}, @volatile={0x8, 0x0, 0x0, 0x9, 0x4}, @enum={0xb, 0x4, 0x0, 0x6, 0x4, [{0x8, 0x4}, {0x1, 0xff}, {0x7, 0x7}, {0x10, 0x7}]}]}, {0x0, [0x5f, 0x4f, 0x5f, 0x0, 0x5f, 0x3e, 0x61, 0x61]}}, &(0x7f0000000580)=""/160, 0x9e, 0xa0, 0x1, 0xfffffff1}, 0x28)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f000054e000/0x400000)=nil)
mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000404c05a00b00000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0)
syz_usb_control_io(r8, &(0x7f0000000400)={0x2c, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r8, 0x0, &(0x7f00000001c0)={0x84, &(0x7f00000002c0)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write(r0, &(0x7f0000000140)="82650000", 0x4)

2.994633587s ago: executing program 2 (id=11962):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="14001f001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000c4000000003280004800800024000000012080001"], 0xa4}}, 0x0)

2.993778239s ago: executing program 4 (id=11963):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000005c0), 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
read(r0, &(0x7f00000027c0)=""/4073, 0xfe9)
sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f00000003c0)={&(0x7f0000000500)=@can={{0x2, 0x0, 0x1, 0x1}, 0x1, 0x3f57955e7be81d83, 0x0, 0x0, "f97003b8750e5566"}, 0x10}}, 0x4000040)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWSET={0x24, 0x9, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x36}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x4c}, 0x1, 0x0, 0x0, 0x44840}, 0x4000044)

2.925668338s ago: executing program 2 (id=11964):
syz_open_dev$video(&(0x7f0000000580), 0x7, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x68}, 0x8080)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
r0 = socket(0x10, 0x40000, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x8943, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x6, 0x142)
ioctl$USBDEVFS_CLAIM_PORT(r3, 0x80045518, &(0x7f0000000240)=0x8)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000280))
sched_setattr(0x0, &(0x7f0000000180)={0x38, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffff7fffffffe, 0x0, 0x2}, 0x0)
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r4, &(0x7f0000000180)=ANY=[@ANYBLOB='SYNTH \'Mic\' 00000000000000000000\nIGAIN \'Capture Volume\' 00000000000000000000\nVOLUME\nLINE\nMONITOR\nCD \'CD Capture\' 8'], 0x86)
r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r5, r4, 0x0)
r6 = fsmount(0xffffffffffffffff, 0x1, 0xf4)
socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_int(r6, 0x29, 0x46, 0x0, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r8, &(0x7f00000000c0), 0x12)
r9 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r9, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x15}], 0x1)

2.619769108s ago: executing program 5 (id=11965):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1e0002000300000081000000", @ANYRES32=0x1, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400000005000000010000000a"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x0, 0x0, 0x0, 0x9491426, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x7, 0x1}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0xc, 0x7, 0x80000006}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000340)=[0x1, r0], 0x0, 0x10, 0x6}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=@allocspi={0x1dc, 0x16, 0x411, 0x0, 0x0, {{{@in6=@private2, @in=@private}, {@in6=@private1, 0x0, 0x33}, @in=@empty, {}, {}, {}, 0x8000000, 0x0, 0x2}, 0x0, 0xfdffff00}, [@sa={0xe4, 0x6, {{@in=@local, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4e24, 0x1, 0x4e20, 0x8, 0x2, 0x20, 0xa0}, {@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d3, 0xcd}, @in6=@mcast2, {0x4, 0x2, 0x6, 0x2, 0x7, 0x4, 0xa, 0xeb}, {0x8001, 0xc, 0x4, 0x9}, {0x5, 0x3, 0xd15}, 0x70bd2c, 0x3505, 0xa, 0x0, 0x1, 0x2}}]}, 0x1dc}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
mount$fuse(0x0, 0x0, 0x0, 0x1, &(0x7f0000000ac0)=ANY=[@ANYBLOB=',ro', @ANYBLOB=',gro'])
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
getpeername$qrtr(0xffffffffffffffff, 0x0, &(0x7f0000000500))
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000300)="2c3e5a7af3", 0x5)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a", 0x27}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2.320073355s ago: executing program 5 (id=11966):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffffffffffd)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000000))

2.204750173s ago: executing program 5 (id=11967):
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010029bd7000fbdbdf25ff010000060000800000000000000001fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000fdffffffffffffff000000000000000000000000000000000500000000000000000000000020000000000000000000000000000000000000010002000000000044000500fe8000"/131], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x0)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
madvise(&(0x7f0000291000/0x1000)=nil, 0x1000, 0x14)
setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004d00), 0x7fffffffffffd33, 0x20000890)

1.784100212s ago: executing program 1 (id=11968):
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000fdffffffffffffff000000000000000000000000000000000500000000000000000000000020000000000000000000000000000000000000010002000000000044000500fe800000000000000000000000000044000004d42b0000000a000000e00000010000000000000000000000000000000004000000ce0000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004d00), 0x7fffffffffffd33, 0x20000890)

1.635744047s ago: executing program 1 (id=11969):
r0 = syz_open_dev$mouse(&(0x7f0000000140), 0x24000000000000, 0x143440)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
fcntl$getownex(r0, 0x10, &(0x7f0000000040))
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xffbf, 0x0, 0x0, 0x2)

1.424911754s ago: executing program 1 (id=11970):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4008840)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a030200020000000000000200000009000200"], 0x80}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400000010000100f5ffffff000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0)

1.272694068s ago: executing program 4 (id=11971):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xc, 0x4008031, 0xffffffffffffffff, 0x1000) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) (async)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)=0xdfe5)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x2b0, 0x118, 0x11, 0x148, 0x218, 0x0, 0x218, 0x2a8, 0x2a8, 0x218, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@addrtype={{0x30}, {0x10, 0xa, 0x3}}, @common=@unspec=@cluster={{0x30}, {0x20, 0xfff, 0x2}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0xfffffffc, 0x19ecd463}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x310) (async)
r2 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
ppoll(0x0, 0x0, &(0x7f0000000140)={0x7fffffffffffffff}, 0x0, 0x4a) (async)
keyctl$get_keyring_id(0x0, r2, 0x401) (async, rerun: 32)
r3 = socket$kcm(0x10, 0x5, 0x0) (rerun: 32)
sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8001600a40002400f000100035c0461c1d67f6f94007134cf6edb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newlink={0x7, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50e35, 0x23}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_NUM_TX_QUEUES={0x4, 0x1f, 0x400001}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20040044}, 0x4008000) (async, rerun: 64)
keyctl$setperm(0x5, r2, 0x2000) (rerun: 64)

1.183891875s ago: executing program 1 (id=11972):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r3 = fcntl$dupfd(r2, 0x406, r2)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000780)={r3, 0x7fff, {0x0, 0x0, 0x0, 0x80000001, 0x8, 0x0, 0x5, 0x10, 0x0, "518837dbf67e5f11cd0171327ea92d2b05c4c8928ad1213e654b64cfeaa482e1814c8d05b19045badd24be9469080c9c71f522e8b16f5d7e495cbb78a4ba52b3", "a5148b0eec04bec9c73d6ebc7aee4b9f4e43c31d0199fbc81255ad32dcb148356d88ce8f3523f59b051e9904e82292714ed2fd00", "4b5a5ff7ed5c6ae6e9406763b1d49e095a52b1aef679645d7894620b072cd6ac", [0x18, 0xac6]}})
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$loop(0x0, 0x75f, 0x2a382)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000200)={0xb, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x6, 0x1000000008, 0x10000, 0x3}, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8101, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = eventfd(0x8000)
r8 = eventfd(0x24)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000100)={r7, 0x7, 0x0, r5})
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000040)={r8, 0x7, 0x2, r7})
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000080)={r7, 0x7, 0x3, r8})
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, 0x0)
add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000540)="bc3009bb66682c9d4233b0cc644f5fdae5b9d17f7ada03bc77aea173022c18232e1fb162caf50d08fda40c6e9c515c4a2c7245", 0x33, 0xfffffffffffffffe)
openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x0, 0x4)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000280)={0x0, 0xfffffffffffffffc, 0xbd, 0x2, @buffer={0x0, 0xe0, &(0x7f0000000580)=""/224}, &(0x7f0000000480)="17fc0168e8e768c47c0b5ff1bf52c03005cef62a7f29530b30a36183784d3bab18a3a73c0d246a3541b54a6137d19a0ddc2b5d84c299e516ea78b576578eba4b0705975b9e765d3b1db4d26d0ef24289dea86a1a2dcace5f604d4c1868b9b943fc818c7f456b810f9ab422106995567aa8701962d77ebc64ba9b1b7553719384cd7cab56197d47fb110dff1df7981e208c76a0cec760459dc34865af486a69ae9950c00f032a08a3181148044345d0fb92c539d994bf6f746034a5feaa", &(0x7f0000000680)=""/224, 0x6, 0x0, 0x0, &(0x7f00000000c0)})
open(&(0x7f0000000140)='./bus\x00', 0x141bc2, 0x1c0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000200)={0x0, 0x7, 0x0, 0x0, 0x0, 0x1})
semtimedop(0x0, &(0x7f0000000300)=[{0x3, 0xfffe, 0x1000}], 0x1, 0x0)

924.158289ms ago: executing program 1 (id=11973):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$F2FS_IOC_GET_COMPRESS_OPTION(r0, 0x8002f515, &(0x7f0000000100))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000001c0)={{0x1, 0x0, 0x0, 0x0, 0xff6e}})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000180)={{0x7, 0x3, 0x0, 0x0, '\x00', 0x9}, 0x0, [0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffe, 0x1fffffff, 0x6, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x0, 0x2, 0x3, 0x80000, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x1000, 0x0, 0x200000000, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000, 0x0, 0x7fffffff, 0x8, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x6, 0x0, 0x0, 0x4, 0x0, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20000000, 0x0, 0x1000003, 0x3, 0x0, 0x73, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffdeffc, 0xa000, 0x0, 0x0, 0x0, 0x5dc]})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10001, 0x0, 0x1, 0x8, 0x800, 0x8936}, 0x20)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/snmp6\x00')
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x1, 0x6, 0x0, 0x676, 0x100000000000008, 0x0, 0x5}, &(0x7f0000000000)={0x1f, 0x0, 0x5c, 0x5e62, 0x0, 0xbce3, 0x9, 0x7}, 0x0, 0x0, 0x0)
read$FUSE(r3, &(0x7f00000016c0)={0x2020}, 0xfffffce3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000023000/0x2000)=nil, 0x2000, 0x9)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
ioctl$IOC_PR_RELEASE(r5, 0x401070ca, &(0x7f0000000800)={0x7, 0x1ff, 0x1})
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r5, 0x7aa, &(0x7f00000007c0)={{@host}, 0x80000001, 0x1})
brk(0x9d1)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
socket$packet(0x11, 0x0, 0x300)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x40000000000, 0x7f, &(0x7f0000000780))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r2)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f00000006c0)=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, r6)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r5, &(0x7f0000000740)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000700)={&(0x7f0000004780)=ANY=[@ANYBLOB="14408018", @ANYBLOB="56d6360d1995763b35e09cd1056702ebfe7529a1d1c7f0f2dda7cec1a7fc715a0c9691b27c48fc6812caac87fe51", @ANYBLOB, @ANYRESOCT=r4, @ANYBLOB="e9eb9aff7dd9ca0b6c183908bfd6094564413151d14736834b68bcad58bbd0f56dd88891f95230136babfdaa49a6c78804249be4dc30c55180e00041aa931deb1201cb4c5d58722db0bba47f2d44bf1d1ab509d4dd92b4c26ee0c02d5dd0c9fdd2fa36ac0e2cfde011e2ef2ef08d8eef7104b16bb97fcba3cc627390b9b4afc0d55fc1763fab30341a166b72a9f8c8cd388ee71e0ee8cea8ccd553e813876f1046f94d91e34586dde55f7f90cd925f5c1e15ba8d8bd7ad686d901a01311c463e33adfc3741e1942f1cfd6a1dada9b4ffb896c66e4fb9ce317dd522103be2687ba5d2684fdc16c96b5e97db67e9cdf0418a30912be227c0a438f9370616f2a7afb088bf9c2530c8058276366c4cf6a94353dcde98183e0a695e36495c312009eff32ea64436e79d768842066ecfa7edea71ab641fa7b163c1b6b2071ee7a1ce1fb81817772211926279657d56660734c9fd42933a1581ff5fcb3e97920887865748a2bb7355593dff204703dff4e25f216ef4a03859aaf67b4ad15245f53ac7d6a6beecfdc9a57f34223103ee69137702939938e879f1896d9dd8ac8b41bcb2fa1e4f3b51671f1131986826771e38b654a6c30bff88fb1b0a3422f574009cf34f8dd4188205b34f75cbec4627fb50b28ab04d339118e8ee3e4249bcf289e40058d084ff3b86a8ae8f7ac63fd71a29848145fe9ff4ac95b9f9de17e6df568e3514b95cdb790db083cf21c348f0f2d4f4dd4363254ee975c2dc5f971deb2fb4c642bad4e5c225e38b4c19840988b18defe5d6bc8bdfa28b7cc1699c38032fc3905b85fdc5d03f0bc0aff8f6add96d81d46951e1bb9a073fd18c43d8a0bcdeb32f1eb497411113df8d6b770447566811cdeb987af48dbb8bdc8968dcf55c9ac4d8ccfaf6869a8a8abe6127487b9becbdc3cbfa41a3c92e8ff6ff152272ae8287ff8a035ee59641ec1e39294258dad000d9cdaf272418e41be2801258968348e835884fdd70192b85db2ced2451e6028e8c65543f40d201d1571bd73e7c00dbab1087ea71c3723d491d0855adbc66eb52b239e7b7a20e2454517b65ceae525f8a39cb7a9290833932729f595ea8b472b5ea542a74ea6651ba19f1603bc5790d3813288a409b67307da4dfd9c9b5ca94e4b47fd98043357bf41509223b94456a1a0994b83e0b67f66cf7db58440422d120041a8b1729a7f700aff8a82ffdc4cc143084f2117de1cbd04453027a44ecb387f783fa9330594f1e48eca1c16179777201c01a3ebe2a74580265cb6e4bc40388af49785e162d4bee4b74142e66623dbadd7be412b9c6dac0f270659278d8b5b751fccc9698fa17404bea78c1d46062575822706b9b7a71211b03c716378b66a809a47df015c9c3220126fe3f694721ca643224413c09788005794cdb2de61453ada321225a3d64c7b7bae10239fd229d4cd0882209092e3586eae48b46cd8b15dee08e8592187e543da7c24fd3a8516605772943f6f01aa02fe5dda762c1c9bfc3c375bed2b34f1ebce62996bc3eaf943c8403d8bbc9de2a8490cf6213af6fef9b4e935832b7fdb065d6f23f245ab00735be77669036587bcfd1bcf020ef99c0f174e7176067568eaca4eb1f6574a079cab157e056553ddb6b6270ab4a12066757d77da51e61b6f0196b0204727a8893e334473d2f55390c9d446bc207d4e411242e5da0adc005ac4c3649054f578ce5d506930ea7acd9a5abc3efbf183c722f42f19c64f856054eaa83e0bc72d2503e75049a038a9f538284286e79db5604e5965f74c70a6a996f801b9bbf89af6d13ddb00206b89b298300e1fc39dc09fefc6bfcf8ad3aed2511b598427b0f8eb6c19d2dbdfe9fbe9e5a812bcb1335d537ddcb59b66915f8c171bc07235aa73e6cda47ad3539310ffd6c271194e5fca89061ce233ca5e7e01e2fa5e95e7eb57239a8ba15e124db6cea704fbe349bf396109a5c5f3362cde1f0726d300c826a2d28ace97cb4827e90e5fb6d866ea0eaf95854f8a3319b15d14a53e48d9d05f1b42c0ffc0f16880d15cdaecc71b00627449b8cae6f4b70e52755e80446746887d3e914951740da81789149ff4fb08df102df8468cf99c367f7ca22914d84503990ae73f05c305b8f6cae07b376f22b80765bff88ed62b131d68d9ff69856d5db1811e1607a722d8de52b8bdfe5ad14983f66bf0faa479b00d0dc756d79a2d1993f60571edb679327ab0f40147daf7a067536c0651a1dd2c863e09f807f6b355a579f9c10ef9af2728e78c7ea08e25140bb91197d68d0907795d6b5270813cee31e46dd31564545af1516a4198a75a44c40871889499b733d5ac02817110d084344fd151285a22a52e78220574bd76f4333edeb705e3a8636ceafa1e2961c2bde998e95d8fc7ced64f3fccfe4b4f0b1b560a4c85e906749400bc53284bfb0d461d84bd04b26d5dca63da325b9c03694572094db897d2ea042d8063deeea6f1502917ca935c0afef19a5d3358402f9ce623ff7064b6d024ebc465dc873b67b64a6080a3e33cf2a91076be22be3615b5eaabf293510bd1a1fee929178c129eafd6c24243bc5a2b8ef47d97687385d39bb0d0b6ea348bb4060ea2df9bac4f539214d57b4acc4001ea8721be564c8eff8468b5f3c35fb84b7a55d0cfef9e286c86c01aece6fca806e882ca019d7962441f0d7e21ab1d92a047f32d526cc3d5c0585330202244547483a31dbb44253e22543dd7b22c86fc8eeb82214593e277ba67eadaf0d3498a5986b96333ad6b3777b18d36ffb5cb914a263ce8223a1b84332a523ee095ede40b443b52b7b14f1b95aa46b7173a82f7f88a3bd97b01055c643a1c27fcd7d583dffac3128d474c45c8b590f5be6744d675bc5c163f9b7c32208ea838f4ff31561f60f6489f4293924bca3a84295b8ad7f3f0fb85c54e77158c9e23293d4bf4c51989c977fdc91c772b6dbff4ba98d0b5f6520e612fc08d5bdad724bbc7e5f007816cfcd9935ad31b621ba98a8563c9926b1507f00bbdcfd1fc4d45f9c419db06db2458a8998dede909b60ac676ddd1a111b6f590815875138f5db303839398d41be2c2b41163b49ecd70cfb6ac2673f6319109d117b35c2be18809b7d1733b80abb61479bdc44470acce63a3fc98b9d69350f016de962dfc7455f361a4c2db3fe5a5179e4273d2c2ee87ee6ab0692a879b3f19d76539226ffc19ee96887852dd2a9da8b40b8075c2d3586d5af6a3ddc92c4367be0cab60ae08769f39ef0bf71c955bfb8bd32dd6cb4d3be4a2758ae837dab371b29bc79e9eaf81e7bf412e1df835be64d5b820ea8a8ec2103c66f5d3c7bf1db749dbdca7b3787b96d7cf5de4dbb4f7ec6ba48800acf8c10b243c3c9cc02c7d3152a61a863ac1bc7c3a2e68a0bc4b8b8bb612b9e3e587d6e9488d2515bcb8ca0d81b015907c98d0785d1a33280d2016249cf904ee48af403e69edc82f5cda1a85925fbda30820d2464af1686685e0c8c2c83764324bb05a3dfd7b213b770b0196d4594becb0f77cd9508ae940c0cf261b01a447f8620b81d4151cb2557b87e8c27a0b0649a32b31b81e8d04cd9f0b4e5cd52b8a7754b439f190c31f74d1b8acceee47ee08202abe336e3e303e274fe5a69b5b77d2e86f95bd8effaaad4132d2342db5feb209e59f7ac538636ee38c06063963dad33438e6490ee9c42606727197efd6cd8d4eb49afa0d044c79a3b282303491181270791961554f14246a88010e2bf720ba213b90fa00236d82bc3122b5d0a549acc2050c40a595b940a4bd371150f489cf7083bb00268481fa2f467241fb5acc9ccbea58d532e5eaf92e6f3e77445d7650b91fd3fc065fddcfa0c9d6e418ed22c91513da6cdbaecb0ad19ae8b8ce75f7362e98f6440207463816ab53aa30523734f666f233502e6c9a6277b4b6ac6a296b87cfce8567a8b586615e4aace3ddcfa50713faf86435010b0f30152f748877a658ecbde1c313fe902097cd167ca29c5ea4fe9e622006e806c188400c85318964573e52f75251caea92e64a70769188c1a091d40a2b3e62fafa22a5ed7b62964adf5e177cc1774ca140a42b2593605c8050a711e5e0a0e205a5f72a304cdff1c62af7084340513620c9b6839ce159ddebf76d10437f8b0ba55d6fb2d5519833d84c53fcbb81c3a3a17653221cd981df144e3293f7671c6849a94cfdcc2dd80280053771209480dac6ae164b9a1bdc6e23497a1af82832fcadfc2dfb399a23736d9ad190048b445f87466d269ecb8869dcce05724ed1372cf2e0e0a8e56a45f2a3cdd6ef5f4d935669ba78ac41bfa148620ac7fe38632fc802608be3dcfca180c7d5e96a35e9ccab86ebc802ed56d8cab356b32abb5cf44f65ab223e916fc89f4d4621c7eefd1947b8c5e7a341b0dd29fb7fd912781414a736728bb8c48b8cdb2bece249e287300c01f6387f7b08f5e9faff094fb83fe0fc1e59ed73197d81687cab1eda701420ef19558badb59bb4b2ea35b0b49732fb0e7753abeab152e01bd7d196e7e58be2e9ef316375ec492c7b7811329cfba555f9ba23f7fb01e3970f1dc8d93c910bb3861c0c3b8d325d45fa72f91ea8c67fb8b5355ebf2477813c869f6eea641b1b95b5b8ef2ee3cbded3d045729712459a3484f4347d7e87935547da607905a8d353315c395322a43026e2be9e16ac1235388c84c8f8ffe0af3601f171deb3f48840ff78cc377ffcca2f7aa5eba04635e4b4d78d11c470c1535e0ef94c5cf72cc2a32c5600fecc6ef3a6fd95a44855281d59a3ba208aae4fbbda38a1bb3e5e7a20c9ab1894bd289c924b21d24fe7daae27983b0b321b67f40370ac42d7bceb12cc3e711cb62703efcc09d01d6b4970fa770c37b091959822e715290a2898b806e90de5916dae2c5152eba1bc69a5911323eedde411d740e15edf774ac628bf6e72e1f73a6e4f1d9e6230276fb4dacf1d41edb92c03266bca125f0c157a0161f927a5d97eebd24c05d15f288dfc8f3de3a6274b13189204356412bc2c996f52a4094de60b47568a48096279961cf4707cb53baceaa9371f407c32b6e7f60f4740931fff3a9b14831bcd0d694b6b9cd6ec3784fefba6b7610a203d9d15778ba4c18a343c1dea48634c59cd3add0eceabc863ffa60d46b9d426a4e65acb6c93a7a2bb73c36e22cccc6de0f43c3369b966c199f8cc0ba4789a253e2312f7cbaa1dc47ac31f16c334f8beccde2402f5f27848071ba41c3ee4b863b86b57263f33286e03ceb50d9844e748f01110a8d33b00cc2b9044581d1662a7ee2e078e9eb39828432ff0d42c814249e738ca665405e0ff4f6f005127d1689b1fdabcd27e9f5ad33e30f70eb7a0ec078ec53931c62e98a4f4362d2d2ac693aee5ed36fa24e464b9d680067c869e7e4d61df8acd5f366af80a02f809f342587def1880326f49857c204b47a91626697c9666a5b0069ed5b6f948454de9bf9c0448439cd835dfb7e281fd3dde2a8a834fedf0830fac89c13f060f28609b68cff6a191a79b4614677f2b954bef50695e045d97a4e8d218a5ecdb37f89c5712bd7b93e2e5be122dbdff029971984314755444b8c8fe9801eff279425030eb44065c0cdbc7706fed2f3afb2371b51afb43bc0ab5f10b7e945b35c7a778d5884694932328b2cbd731a52195c6a8d91535a304e3000057667961bfc07e3b22ef847555ca937b92234f28bd2dc07bb6782bc124a4efe8281bff89d1ef65e198a45fd3d31ca7df51da7e3581a2d9c78adb4727e68a8799a09fb5f798a", @ANYRESDEC=r1], 0x14}, 0x1, 0x0, 0x0, 0x24048080}, 0x0)

492.342516ms ago: executing program 5 (id=11974):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x22, 0x0, &(0x7f0000000c00)=0xa4)

207.934724ms ago: executing program 5 (id=11975):
close(0x3)
writev(0xffffffffffffffff, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x22, 0x2, 0x24)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x5, 0x10000010, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009"], 0x0)
syz_open_dev$midi(0x0, 0x500, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000001c0)=0x2)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r1 = socket$kcm(0xa, 0x2, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x11}, {@remote, 0x4e23, 0x4, 0xcf}}, 0x44)
sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0xb00, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

0s ago: executing program 0 (id=11976):
r0 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000002c0)={'team0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0xbb80, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0xa8, 0x24, 0xf0b, 0x0, 0xfffffffe, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x78, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0xbb80}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffd], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x8001}]}]}]}}]}, 0xa8}}, 0x0)

kernel console output (not intermixed with test programs):

95] usb 5-1: USB disconnect, device number 125
[ 2200.363256][ T7609] FAULT_INJECTION: forcing a failure.
[ 2200.363256][ T7609] name failslab, interval 1, probability 0, space 0, times 0
[ 2200.407260][ T7609] CPU: 0 UID: 0 PID: 7609 Comm: syz.4.11612 Not tainted syzkaller #0 PREEMPT(full) 
[ 2200.407286][ T7609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2200.407298][ T7609] Call Trace:
[ 2200.407307][ T7609]  <TASK>
[ 2200.407316][ T7609]  dump_stack_lvl+0x189/0x250
[ 2200.407340][ T7609]  ? __pfx____ratelimit+0x10/0x10
[ 2200.407370][ T7609]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2200.407390][ T7609]  ? __pfx__printk+0x10/0x10
[ 2200.407415][ T7609]  ? __pfx___might_resched+0x10/0x10
[ 2200.407448][ T7609]  should_fail_ex+0x414/0x560
[ 2200.407482][ T7609]  should_failslab+0xa8/0x100
[ 2200.407509][ T7609]  __kmalloc_cache_noprof+0x6f/0x6f0
[ 2200.407532][ T7609]  ? cgroup_show_path+0xa8/0x5d0
[ 2200.407557][ T7609]  ? kernfs_root+0x1c/0x230
[ 2200.407588][ T7609]  cgroup_show_path+0xa8/0x5d0
[ 2200.407614][ T7609]  ? kernfs_sop_show_path+0xc9/0x120
[ 2200.407643][ T7609]  show_mountinfo+0x1ac/0xa80
[ 2200.407672][ T7609]  ? __pfx_show_mountinfo+0x10/0x10
[ 2200.407694][ T7609]  ? down_read+0x1ad/0x2e0
[ 2200.407724][ T7609]  seq_read_iter+0x9bb/0xe20
[ 2200.407762][ T7609]  copy_splice_read+0x5d4/0xa50
[ 2200.407797][ T7609]  ? __pfx_copy_splice_read+0x10/0x10
[ 2200.407818][ T7609]  ? look_up_lock_class+0x74/0x170
[ 2200.407838][ T7609]  ? register_lock_class+0x51/0x320
[ 2200.407874][ T7609]  ? alloc_pipe_info+0x374/0x4d0
[ 2200.407898][ T7609]  ? __pfx_copy_splice_read+0x10/0x10
[ 2200.407919][ T7609]  splice_direct_to_actor+0x4a9/0xcc0
[ 2200.407961][ T7609]  ? __pfx_direct_splice_actor+0x10/0x10
[ 2200.407985][ T7609]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 2200.408019][ T7609]  do_splice_direct+0x181/0x270
[ 2200.408045][ T7609]  ? __pfx_do_splice_direct+0x10/0x10
[ 2200.408066][ T7609]  ? common_file_perm+0x1b5/0x230
[ 2200.408088][ T7609]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 2200.408115][ T7609]  ? bpf_lsm_file_permission+0x9/0x20
[ 2200.408142][ T7609]  ? security_file_permission+0x75/0x290
[ 2200.408178][ T7609]  ? rw_verify_area+0x255/0x4d0
[ 2200.408202][ T7609]  do_sendfile+0x4da/0x7e0
[ 2200.408228][ T7609]  ? __pfx_vfs_write+0x10/0x10
[ 2200.408254][ T7609]  ? __pfx_do_sendfile+0x10/0x10
[ 2200.408280][ T7609]  ? __fget_files+0x3a0/0x420
[ 2200.408314][ T7609]  __se_sys_sendfile64+0x13e/0x190
[ 2200.408342][ T7609]  ? __pfx___se_sys_sendfile64+0x10/0x10
[ 2200.408372][ T7609]  ? do_syscall_64+0xbe/0xfa0
[ 2200.408394][ T7609]  do_syscall_64+0xfa/0xfa0
[ 2200.408413][ T7609]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2200.408431][ T7609]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2200.408450][ T7609]  ? clear_bhb_loop+0x60/0xb0
[ 2200.408474][ T7609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2200.408492][ T7609] RIP: 0033:0x7fb31038eec9
[ 2200.408509][ T7609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2200.408526][ T7609] RSP: 002b:00007fb311235038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 2200.408547][ T7609] RAX: ffffffffffffffda RBX: 00007fb3105e5fa0 RCX: 00007fb31038eec9
[ 2200.408561][ T7609] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000005
[ 2200.408572][ T7609] RBP: 00007fb311235090 R08: 0000000000000000 R09: 0000000000000000
[ 2200.408584][ T7609] R10: 000000007ffffffd R11: 0000000000000246 R12: 0000000000000001
[ 2200.408597][ T7609] R13: 00007fb3105e6038 R14: 00007fb3105e5fa0 R15: 00007fb31070fa28
[ 2200.408628][ T7609]  </TASK>
[ 2201.197650][ T5919] usb 5-1: new high-speed USB device number 126 using dummy_hcd
[ 2201.357337][ T5919] usb 5-1: Using ep0 maxpacket: 16
[ 2201.365298][ T5919] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[ 2201.382674][ T5919] usb 5-1: config 0 descriptor has 1 excess byte, ignoring
[ 2201.400355][ T5919] usb 5-1: config 0 has no interface number 0
[ 2201.416692][ T5919] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 2201.430332][ T5919] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2201.447838][ T5919] usb 5-1: Product: syz
[ 2201.461082][ T5919] usb 5-1: Manufacturer: syz
[ 2201.473224][ T5919] usb 5-1: SerialNumber: syz
[ 2201.498193][ T5919] usb 5-1: config 0 descriptor??
[ 2201.529188][ T5919] uvcvideo 5-1:0.105: Found UVC 0.00 device syz (046d:08f3)
[ 2201.565478][ T5919] uvcvideo 5-1:0.105: No valid video chain found.
[ 2201.887433][ T3234] Bluetooth: hci2: command 0x040f tx timeout
[ 2201.901167][ T7623] netlink: 68 bytes leftover after parsing attributes in process `syz.1.11616'.
[ 2202.008189][ T5962] usb 5-1: USB disconnect, device number 126
[ 2202.427284][ T5962] usb 5-1: new high-speed USB device number 127 using dummy_hcd
[ 2202.427402][T32590] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[ 2202.587258][T32590] usb 2-1: Using ep0 maxpacket: 32
[ 2202.595603][ T5962] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 2202.606834][ T5962] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2202.608563][T32590] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 2202.619286][ T5962] usb 5-1: config 0 descriptor??
[ 2202.637315][T32590] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2202.645342][T32590] usb 2-1: Product: syz
[ 2202.662515][T32590] usb 2-1: Manufacturer: syz
[ 2202.664933][ T5962] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 2202.667838][T32590] usb 2-1: SerialNumber: syz
[ 2202.684677][T32590] usb 2-1: config 0 descriptor??
[ 2202.698146][T32590] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 2202.937592][ T7631] sit0: entered promiscuous mode
[ 2202.945483][ T7631] netlink: 'syz.1.11620': attribute type 1 has an invalid length.
[ 2202.955418][ T7631] netlink: 1 bytes leftover after parsing attributes in process `syz.1.11620'.
[ 2203.178555][   T12] af_packet: tpacket_rcv: packet too big, clamped from 60 to 4294967286. macoff=82
[ 2203.294130][T32590] gspca_stk1135: reg_w 0x0 err -71
[ 2203.310366][T32590] gspca_stk1135: serial bus timeout: status=0x00
[ 2203.318196][T32590] gspca_stk1135: Sensor write failed
[ 2203.325557][ T5962] usb 5-1: USB disconnect, device number 127
[ 2203.335748][T32590] gspca_stk1135: serial bus timeout: status=0x00
[ 2203.350698][T32590] gspca_stk1135: Sensor write failed
[ 2203.377005][T32590] gspca_stk1135: serial bus timeout: status=0x00
[ 2203.392592][T32590] gspca_stk1135: Sensor read failed
[ 2203.403204][T32590] gspca_stk1135: serial bus timeout: status=0x00
[ 2203.403407][ T7650] FAULT_INJECTION: forcing a failure.
[ 2203.403407][ T7650] name failslab, interval 1, probability 0, space 0, times 0
[ 2203.412927][T32590] gspca_stk1135: Sensor read failed
[ 2203.428116][T32590] gspca_stk1135: Detected sensor type unknown (0x0)
[ 2203.434744][T32590] gspca_stk1135: serial bus timeout: status=0x00
[ 2203.441614][T32590] gspca_stk1135: Sensor read failed
[ 2203.446836][T32590] gspca_stk1135: serial bus timeout: status=0x00
[ 2203.456668][T32590] gspca_stk1135: Sensor read failed
[ 2203.463992][ T7650] CPU: 1 UID: 0 PID: 7650 Comm: syz.4.11625 Not tainted syzkaller #0 PREEMPT(full) 
[ 2203.464018][ T7650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2203.464032][ T7650] Call Trace:
[ 2203.464041][ T7650]  <TASK>
[ 2203.464051][ T7650]  dump_stack_lvl+0x189/0x250
[ 2203.464079][ T7650]  ? __pfx____ratelimit+0x10/0x10
[ 2203.464110][ T7650]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2203.464132][ T7650]  ? __pfx__printk+0x10/0x10
[ 2203.464159][ T7650]  ? __pfx___might_resched+0x10/0x10
[ 2203.464193][ T7650]  should_fail_ex+0x414/0x560
[ 2203.464231][ T7650]  should_failslab+0xa8/0x100
[ 2203.464260][ T7650]  kmem_cache_alloc_node_noprof+0x77/0x710
[ 2203.464283][ T7650]  ? __alloc_skb+0x112/0x2d0
[ 2203.464318][ T7650]  __alloc_skb+0x112/0x2d0
[ 2203.464351][ T7650]  netlink_ack+0x146/0xa50
[ 2203.464377][ T7650]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2203.464398][ T7650]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 2203.464427][ T7650]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 2203.464469][ T7650]  netlink_rcv_skb+0x28c/0x470
[ 2203.464495][ T7650]  ? __lock_acquire+0xab9/0xd20
[ 2203.464523][ T7650]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2203.464546][ T7650]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2203.464594][ T7650]  ? down_read+0x1ad/0x2e0
[ 2203.464621][ T7650]  genl_rcv+0x28/0x40
[ 2203.464642][ T7650]  netlink_unicast+0x82f/0x9e0
[ 2203.464677][ T7650]  ? __pfx_netlink_unicast+0x10/0x10
[ 2203.464706][ T7650]  ? netlink_sendmsg+0x642/0xb30
[ 2203.464733][ T7650]  ? skb_put+0x11b/0x210
[ 2203.464767][ T7650]  netlink_sendmsg+0x805/0xb30
[ 2203.464806][ T7650]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2203.464840][ T7650]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 2203.464865][ T7650]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2203.464892][ T7650]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2203.464931][ T7650]  __sock_sendmsg+0x21c/0x270
[ 2203.464959][ T7650]  ____sys_sendmsg+0x505/0x830
[ 2203.464998][ T7650]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2203.465039][ T7650]  ? import_iovec+0x74/0xa0
[ 2203.465072][ T7650]  ___sys_sendmsg+0x21f/0x2a0
[ 2203.465094][ T7650]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2203.465150][ T7650]  ? __fget_files+0x2a/0x420
[ 2203.465175][ T7650]  ? __fget_files+0x3a0/0x420
[ 2203.465211][ T7650]  __x64_sys_sendmsg+0x19b/0x260
[ 2203.465245][ T7650]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2203.465273][ T7650]  ? __pfx_ksys_write+0x10/0x10
[ 2203.465316][ T7650]  ? do_syscall_64+0xbe/0xfa0
[ 2203.465340][ T7650]  do_syscall_64+0xfa/0xfa0
[ 2203.465360][ T7650]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2203.465380][ T7650]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2203.465400][ T7650]  ? clear_bhb_loop+0x60/0xb0
[ 2203.465426][ T7650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2203.465446][ T7650] RIP: 0033:0x7fb31038eec9
[ 2203.465464][ T7650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2203.465482][ T7650] RSP: 002b:00007fb311235038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2203.465504][ T7650] RAX: ffffffffffffffda RBX: 00007fb3105e5fa0 RCX: 00007fb31038eec9
[ 2203.465519][ T7650] RDX: 0000000000000040 RSI: 00002000000003c0 RDI: 0000000000000003
[ 2203.465533][ T7650] RBP: 00007fb311235090 R08: 0000000000000000 R09: 0000000000000000
[ 2203.465546][ T7650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2203.465558][ T7650] R13: 00007fb3105e6038 R14: 00007fb3105e5fa0 R15: 00007fb31070fa28
[ 2203.465591][ T7650]  </TASK>
[ 2203.808782][T32590] gspca_stk1135: serial bus timeout: status=0x00
[ 2203.815158][T32590] gspca_stk1135: Sensor write failed
[ 2203.820602][T32590] gspca_stk1135: serial bus timeout: status=0x00
[ 2203.827024][T32590] gspca_stk1135: Sensor write failed
[ 2203.832461][T32590] stk1135 2-1:0.0: probe with driver stk1135 failed with error -71
[ 2203.847542][T32590] usb 2-1: USB disconnect, device number 80
[ 2203.967688][ T7295] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[ 2204.013151][ T7657] netlink: 68 bytes leftover after parsing attributes in process `syz.4.11627'.
[ 2204.121421][ T7295] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[ 2204.142385][ T7295] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2204.150716][ T7295] usb 3-1: Product: syz
[ 2204.155013][ T7295] usb 3-1: Manufacturer: syz
[ 2204.264110][ T7295] usb 3-1: SerialNumber: syz
[ 2204.293398][ T7295] usb 3-1: config 0 descriptor??
[ 2204.550722][ T7295] usb 3-1: USB disconnect, device number 92
[ 2204.657535][ T5962] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[ 2204.837296][ T5962] usb 5-1: Invalid ep0 maxpacket: 64
[ 2205.017337][ T5962] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[ 2205.167577][ T5962] usb 5-1: Invalid ep0 maxpacket: 64
[ 2205.178227][ T5962] usb usb5-port1: attempt power cycle
[ 2205.216043][ T7670] FAULT_INJECTION: forcing a failure.
[ 2205.216043][ T7670] name failslab, interval 1, probability 0, space 0, times 0
[ 2205.232627][ T7670] CPU: 0 UID: 0 PID: 7670 Comm: syz.1.11630 Not tainted syzkaller #0 PREEMPT(full) 
[ 2205.232653][ T7670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2205.232662][ T7670] Call Trace:
[ 2205.232668][ T7670]  <TASK>
[ 2205.232674][ T7670]  dump_stack_lvl+0x189/0x250
[ 2205.232693][ T7670]  ? __pfx____ratelimit+0x10/0x10
[ 2205.232714][ T7670]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2205.232728][ T7670]  ? __pfx__printk+0x10/0x10
[ 2205.232749][ T7670]  ? __pfx___might_resched+0x10/0x10
[ 2205.232768][ T7670]  ? fs_reclaim_acquire+0x7d/0x100
[ 2205.232787][ T7670]  should_fail_ex+0x414/0x560
[ 2205.232811][ T7670]  should_failslab+0xa8/0x100
[ 2205.232830][ T7670]  kmem_cache_alloc_node_noprof+0x77/0x710
[ 2205.232844][ T7670]  ? __alloc_skb+0x112/0x2d0
[ 2205.232862][ T7670]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 2205.232885][ T7670]  __alloc_skb+0x112/0x2d0
[ 2205.232906][ T7670]  netlink_dump+0x1b7/0xe90
[ 2205.232928][ T7670]  ? __netlink_lookup+0xbd/0x8a0
[ 2205.232950][ T7670]  ? __pfx_netlink_dump+0x10/0x10
[ 2205.232966][ T7670]  ? __netlink_lookup+0x7db/0x8a0
[ 2205.233001][ T7670]  ? netlink_lookup+0x30/0x200
[ 2205.233018][ T7670]  ? netlink_lookup+0x30/0x200
[ 2205.233034][ T7670]  ? netlink_lookup+0x30/0x200
[ 2205.233055][ T7670]  __netlink_dump_start+0x5cb/0x7e0
[ 2205.233079][ T7670]  rtnetlink_rcv_msg+0x9eb/0xb70
[ 2205.233098][ T7670]  ? __pfx_rtm_dump_nexthop+0x10/0x10
[ 2205.233114][ T7670]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 2205.233132][ T7670]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2205.233149][ T7670]  ? __pfx_rtnl_dumpit+0x10/0x10
[ 2205.233184][ T7670]  ? __pfx_rtm_dump_nexthop+0x10/0x10
[ 2205.233209][ T7670]  netlink_rcv_skb+0x208/0x470
[ 2205.233228][ T7670]  ? __lock_acquire+0xab9/0xd20
[ 2205.233246][ T7670]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2205.233267][ T7670]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2205.233294][ T7670]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2205.233319][ T7670]  netlink_unicast+0x82f/0x9e0
[ 2205.233343][ T7670]  ? __pfx_netlink_unicast+0x10/0x10
[ 2205.233362][ T7670]  ? netlink_sendmsg+0x642/0xb30
[ 2205.233382][ T7670]  ? skb_put+0x11b/0x210
[ 2205.233404][ T7670]  netlink_sendmsg+0x805/0xb30
[ 2205.233435][ T7670]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2205.233458][ T7670]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 2205.233475][ T7670]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2205.233494][ T7670]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2205.233516][ T7670]  __sock_sendmsg+0x21c/0x270
[ 2205.233535][ T7670]  ____sys_sendmsg+0x505/0x830
[ 2205.233560][ T7670]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2205.233588][ T7670]  ? import_iovec+0x74/0xa0
[ 2205.233631][ T7670]  ___sys_sendmsg+0x21f/0x2a0
[ 2205.233654][ T7670]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2205.233707][ T7670]  ? __fget_files+0x2a/0x420
[ 2205.233733][ T7670]  ? __fget_files+0x3a0/0x420
[ 2205.233769][ T7670]  __x64_sys_sendmsg+0x19b/0x260
[ 2205.233793][ T7670]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2205.233823][ T7670]  ? __pfx_ksys_write+0x10/0x10
[ 2205.233849][ T7670]  ? do_syscall_64+0xbe/0xfa0
[ 2205.233874][ T7670]  do_syscall_64+0xfa/0xfa0
[ 2205.233893][ T7670]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2205.233914][ T7670]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2205.233935][ T7670]  ? clear_bhb_loop+0x60/0xb0
[ 2205.233960][ T7670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2205.233981][ T7670] RIP: 0033:0x7fc33918eec9
[ 2205.234005][ T7670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2205.234024][ T7670] RSP: 002b:00007fc33a01b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2205.234045][ T7670] RAX: ffffffffffffffda RBX: 00007fc3393e5fa0 RCX: 00007fc33918eec9
[ 2205.234059][ T7670] RDX: 0000000020008000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 2205.234073][ T7670] RBP: 00007fc33a01b090 R08: 0000000000000000 R09: 0000000000000000
[ 2205.234086][ T7670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2205.234098][ T7670] R13: 00007fc3393e6038 R14: 00007fc3393e5fa0 R15: 00007fc33950fa28
[ 2205.234131][ T7670]  </TASK>
[ 2206.331468][ T7679] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2206.358778][ T5962] usb 5-1: new low-speed USB device number 4 using dummy_hcd
[ 2206.407500][ T5962] usb 5-1: Invalid ep0 maxpacket: 64
[ 2206.537510][ T5962] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[ 2206.558585][ T5962] usb 5-1: Invalid ep0 maxpacket: 64
[ 2206.616073][ T5962] usb usb5-port1: unable to enumerate USB device
[ 2206.940295][ T7689] netlink: 'syz.2.11634': attribute type 13 has an invalid length.
[ 2207.345089][ T7701] FAULT_INJECTION: forcing a failure.
[ 2207.345089][ T7701] name failslab, interval 1, probability 0, space 0, times 0
[ 2207.359589][ T7701] CPU: 1 UID: 0 PID: 7701 Comm: syz.5.11637 Not tainted syzkaller #0 PREEMPT(full) 
[ 2207.359615][ T7701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2207.359628][ T7701] Call Trace:
[ 2207.359634][ T7701]  <TASK>
[ 2207.359640][ T7701]  dump_stack_lvl+0x189/0x250
[ 2207.359658][ T7701]  ? __pfx____ratelimit+0x10/0x10
[ 2207.359679][ T7701]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2207.359693][ T7701]  ? __pfx__printk+0x10/0x10
[ 2207.359710][ T7701]  ? __pfx___might_resched+0x10/0x10
[ 2207.359731][ T7701]  should_fail_ex+0x414/0x560
[ 2207.359754][ T7701]  should_failslab+0xa8/0x100
[ 2207.359773][ T7701]  kmem_cache_alloc_node_noprof+0x77/0x710
[ 2207.359787][ T7701]  ? __alloc_skb+0x112/0x2d0
[ 2207.359809][ T7701]  __alloc_skb+0x112/0x2d0
[ 2207.359830][ T7701]  netlink_ack+0x146/0xa50
[ 2207.359847][ T7701]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2207.359861][ T7701]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 2207.359884][ T7701]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 2207.359911][ T7701]  netlink_rcv_skb+0x28c/0x470
[ 2207.359928][ T7701]  ? __lock_acquire+0xab9/0xd20
[ 2207.359946][ T7701]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2207.359961][ T7701]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2207.359991][ T7701]  ? down_read+0x1ad/0x2e0
[ 2207.360008][ T7701]  genl_rcv+0x28/0x40
[ 2207.360021][ T7701]  netlink_unicast+0x82f/0x9e0
[ 2207.360044][ T7701]  ? __pfx_netlink_unicast+0x10/0x10
[ 2207.360062][ T7701]  ? netlink_sendmsg+0x642/0xb30
[ 2207.360080][ T7701]  ? skb_put+0x11b/0x210
[ 2207.360101][ T7701]  netlink_sendmsg+0x805/0xb30
[ 2207.360126][ T7701]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2207.360148][ T7701]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 2207.360165][ T7701]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2207.360182][ T7701]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2207.360202][ T7701]  __sock_sendmsg+0x21c/0x270
[ 2207.360220][ T7701]  ____sys_sendmsg+0x505/0x830
[ 2207.360245][ T7701]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2207.360271][ T7701]  ? import_iovec+0x74/0xa0
[ 2207.360292][ T7701]  ___sys_sendmsg+0x21f/0x2a0
[ 2207.360306][ T7701]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2207.360341][ T7701]  ? __fget_files+0x2a/0x420
[ 2207.360356][ T7701]  ? __fget_files+0x3a0/0x420
[ 2207.360379][ T7701]  __x64_sys_sendmsg+0x19b/0x260
[ 2207.360393][ T7701]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2207.360411][ T7701]  ? __pfx_ksys_write+0x10/0x10
[ 2207.360427][ T7701]  ? do_syscall_64+0xbe/0xfa0
[ 2207.360443][ T7701]  do_syscall_64+0xfa/0xfa0
[ 2207.360454][ T7701]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2207.360467][ T7701]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2207.360480][ T7701]  ? clear_bhb_loop+0x60/0xb0
[ 2207.360495][ T7701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2207.360508][ T7701] RIP: 0033:0x7f80e678eec9
[ 2207.360519][ T7701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2207.360531][ T7701] RSP: 002b:00007f80e7687038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2207.360545][ T7701] RAX: ffffffffffffffda RBX: 00007f80e69e5fa0 RCX: 00007f80e678eec9
[ 2207.360559][ T7701] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[ 2207.360567][ T7701] RBP: 00007f80e7687090 R08: 0000000000000000 R09: 0000000000000000
[ 2207.360575][ T7701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2207.360583][ T7701] R13: 00007f80e69e6038 R14: 00007f80e69e5fa0 R15: 00007f80e6b0fa28
[ 2207.360605][ T7701]  </TASK>
[ 2208.117659][ T7703] FAULT_INJECTION: forcing a failure.
[ 2208.117659][ T7703] name failslab, interval 1, probability 0, space 0, times 0
[ 2208.134055][ T7703] CPU: 1 UID: 0 PID: 7703 Comm: syz.0.11640 Not tainted syzkaller #0 PREEMPT(full) 
[ 2208.134073][ T7703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2208.134082][ T7703] Call Trace:
[ 2208.134089][ T7703]  <TASK>
[ 2208.134095][ T7703]  dump_stack_lvl+0x189/0x250
[ 2208.134133][ T7703]  ? __pfx____ratelimit+0x10/0x10
[ 2208.134157][ T7703]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2208.134173][ T7703]  ? __pfx__printk+0x10/0x10
[ 2208.134192][ T7703]  ? __pfx___might_resched+0x10/0x10
[ 2208.134213][ T7703]  ? fs_reclaim_acquire+0x7d/0x100
[ 2208.134235][ T7703]  should_fail_ex+0x414/0x560
[ 2208.134262][ T7703]  should_failslab+0xa8/0x100
[ 2208.134284][ T7703]  __kmalloc_noprof+0xcb/0x7f0
[ 2208.134300][ T7703]  ? tomoyo_encode+0x28b/0x550
[ 2208.134321][ T7703]  tomoyo_encode+0x28b/0x550
[ 2208.134342][ T7703]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 2208.134370][ T7703]  tomoyo_check_open_permission+0x1c1/0x3b0
[ 2208.134395][ T7703]  ? tomoyo_check_open_permission+0x16a/0x3b0
[ 2208.134419][ T7703]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 2208.134441][ T7703]  ? seqcount_lockdep_reader_access+0x122/0x1c0
[ 2208.134484][ T7703]  ? lockref_get+0x15/0x60
[ 2208.134508][ T7703]  ? tomoyo_file_open+0x165/0x220
[ 2208.134530][ T7703]  security_file_open+0xb1/0x270
[ 2208.134554][ T7703]  do_dentry_open+0x384/0x13f0
[ 2208.134580][ T7703]  ? vfs_open+0x31/0x340
[ 2208.134615][ T7703]  vfs_open+0x3b/0x340
[ 2208.134632][ T7703]  ? path_openat+0x2ecd/0x3830
[ 2208.134658][ T7703]  path_openat+0x2ee5/0x3830
[ 2208.134692][ T7703]  ? __pfx_path_openat+0x10/0x10
[ 2208.134717][ T7703]  do_filp_open+0x1fa/0x410
[ 2208.134728][ T7703]  ? __lock_acquire+0xab9/0xd20
[ 2208.134752][ T7703]  ? __pfx_do_filp_open+0x10/0x10
[ 2208.134779][ T7703]  ? _raw_spin_unlock+0x28/0x50
[ 2208.134797][ T7703]  ? alloc_fd+0x64c/0x6c0
[ 2208.134820][ T7703]  do_sys_openat2+0x121/0x1c0
[ 2208.134842][ T7703]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2208.134863][ T7703]  ? ksys_write+0x22a/0x250
[ 2208.134879][ T7703]  ? __pfx_ksys_write+0x10/0x10
[ 2208.134895][ T7703]  __x64_sys_openat+0x138/0x170
[ 2208.134917][ T7703]  do_syscall_64+0xfa/0xfa0
[ 2208.134931][ T7703]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2208.134943][ T7703]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2208.134957][ T7703]  ? clear_bhb_loop+0x60/0xb0
[ 2208.134973][ T7703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2208.134986][ T7703] RIP: 0033:0x7fd52af8d710
[ 2208.134997][ T7703] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[ 2208.135009][ T7703] RSP: 002b:00007fd52bf0ab70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2208.135023][ T7703] RAX: ffffffffffffffda RBX: 0000000000002581 RCX: 00007fd52af8d710
[ 2208.135033][ T7703] RDX: 0000000000002581 RSI: 00007fd52bf0ac10 RDI: 00000000ffffff9c
[ 2208.135042][ T7703] RBP: 00007fd52bf0ac10 R08: 0000000000000000 R09: 0000000000000000
[ 2208.135051][ T7703] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[ 2208.135060][ T7703] R13: 00007fd52b1e6038 R14: 00007fd52b1e5fa0 R15: 00007fd52b30fa28
[ 2208.135081][ T7703]  </TASK>
[ 2208.135098][ T7703] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2208.500136][ T7709] FAULT_INJECTION: forcing a failure.
[ 2208.500136][ T7709] name failslab, interval 1, probability 0, space 0, times 0
[ 2208.513587][ T7709] CPU: 0 UID: 0 PID: 7709 Comm: syz.4.11641 Not tainted syzkaller #0 PREEMPT(full) 
[ 2208.513613][ T7709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2208.513623][ T7709] Call Trace:
[ 2208.513630][ T7709]  <TASK>
[ 2208.513637][ T7709]  dump_stack_lvl+0x189/0x250
[ 2208.513657][ T7709]  ? __pfx____ratelimit+0x10/0x10
[ 2208.513681][ T7709]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2208.513703][ T7709]  ? __pfx__printk+0x10/0x10
[ 2208.513723][ T7709]  ? __pfx___might_resched+0x10/0x10
[ 2208.513748][ T7709]  should_fail_ex+0x414/0x560
[ 2208.513775][ T7709]  should_failslab+0xa8/0x100
[ 2208.513796][ T7709]  kmem_cache_alloc_node_noprof+0x77/0x710
[ 2208.513812][ T7709]  ? __alloc_skb+0x112/0x2d0
[ 2208.513837][ T7709]  __alloc_skb+0x112/0x2d0
[ 2208.513861][ T7709]  netlink_ack+0x146/0xa50
[ 2208.513880][ T7709]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2208.513895][ T7709]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 2208.513915][ T7709]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 2208.513945][ T7709]  netlink_rcv_skb+0x28c/0x470
[ 2208.513965][ T7709]  ? __lock_acquire+0xab9/0xd20
[ 2208.513984][ T7709]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2208.514001][ T7709]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2208.514035][ T7709]  ? down_read+0x1ad/0x2e0
[ 2208.514054][ T7709]  genl_rcv+0x28/0x40
[ 2208.514068][ T7709]  netlink_unicast+0x82f/0x9e0
[ 2208.514093][ T7709]  ? __pfx_netlink_unicast+0x10/0x10
[ 2208.514113][ T7709]  ? netlink_sendmsg+0x642/0xb30
[ 2208.514133][ T7709]  ? skb_put+0x11b/0x210
[ 2208.514157][ T7709]  netlink_sendmsg+0x805/0xb30
[ 2208.514185][ T7709]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2208.514221][ T7709]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 2208.514239][ T7709]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2208.514256][ T7709]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2208.514278][ T7709]  __sock_sendmsg+0x21c/0x270
[ 2208.514297][ T7709]  ____sys_sendmsg+0x505/0x830
[ 2208.514322][ T7709]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2208.514350][ T7709]  ? import_iovec+0x74/0xa0
[ 2208.514371][ T7709]  ___sys_sendmsg+0x21f/0x2a0
[ 2208.514386][ T7709]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2208.514423][ T7709]  ? __fget_files+0x2a/0x420
[ 2208.514441][ T7709]  ? __fget_files+0x3a0/0x420
[ 2208.514484][ T7709]  __x64_sys_sendmsg+0x19b/0x260
[ 2208.514501][ T7709]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2208.514522][ T7709]  ? __pfx_ksys_write+0x10/0x10
[ 2208.514542][ T7709]  ? do_syscall_64+0xbe/0xfa0
[ 2208.514576][ T7709]  do_syscall_64+0xfa/0xfa0
[ 2208.514589][ T7709]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2208.514608][ T7709]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2208.514622][ T7709]  ? clear_bhb_loop+0x60/0xb0
[ 2208.514639][ T7709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2208.514653][ T7709] RIP: 0033:0x7fb31038eec9
[ 2208.514665][ T7709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2208.514678][ T7709] RSP: 002b:00007fb311235038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2208.514697][ T7709] RAX: ffffffffffffffda RBX: 00007fb3105e5fa0 RCX: 00007fb31038eec9
[ 2208.514708][ T7709] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[ 2208.514717][ T7709] RBP: 00007fb311235090 R08: 0000000000000000 R09: 0000000000000000
[ 2208.514726][ T7709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2208.514734][ T7709] R13: 00007fb3105e6038 R14: 00007fb3105e5fa0 R15: 00007fb31070fa28
[ 2208.514757][ T7709]  </TASK>
[ 2208.848502][ T7706] netlink: 68 bytes leftover after parsing attributes in process `syz.1.11639'.
[ 2209.363165][ T3234] Bluetooth: hci1: unexpected event for opcode 0x0413
[ 2210.087639][ T7756] FAULT_INJECTION: forcing a failure.
[ 2210.087639][ T7756] name failslab, interval 1, probability 0, space 0, times 0
[ 2210.100617][ T7756] CPU: 0 UID: 0 PID: 7756 Comm: syz.0.11653 Not tainted syzkaller #0 PREEMPT(full) 
[ 2210.100642][ T7756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2210.100655][ T7756] Call Trace:
[ 2210.100663][ T7756]  <TASK>
[ 2210.100672][ T7756]  dump_stack_lvl+0x189/0x250
[ 2210.100699][ T7756]  ? __pfx____ratelimit+0x10/0x10
[ 2210.100731][ T7756]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2210.100752][ T7756]  ? __pfx__printk+0x10/0x10
[ 2210.100779][ T7756]  ? __pfx___might_resched+0x10/0x10
[ 2210.100805][ T7756]  ? fs_reclaim_acquire+0x7d/0x100
[ 2210.100834][ T7756]  should_fail_ex+0x414/0x560
[ 2210.100871][ T7756]  should_failslab+0xa8/0x100
[ 2210.100916][ T7756]  __kmalloc_noprof+0xcb/0x7f0
[ 2210.100939][ T7756]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 2210.100965][ T7756]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 2210.101002][ T7756]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 2210.101035][ T7756]  genl_family_rcv_msg_doit+0xb8/0x300
[ 2210.101068][ T7756]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 2210.101103][ T7756]  ? apparmor_capable+0x137/0x1b0
[ 2210.101135][ T7756]  ? bpf_lsm_capable+0x9/0x20
[ 2210.101156][ T7756]  ? security_capable+0x7e/0x2e0
[ 2210.101185][ T7756]  genl_rcv_msg+0x60e/0x790
[ 2210.101217][ T7756]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2210.101239][ T7756]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 2210.101268][ T7756]  ? __pfx_nl80211_start_ap+0x10/0x10
[ 2210.101298][ T7756]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 2210.101328][ T7756]  ? __asan_memcpy+0x40/0x70
[ 2210.101350][ T7756]  ? __pfx_ref_tracker_free+0x10/0x10
[ 2210.101382][ T7756]  netlink_rcv_skb+0x208/0x470
[ 2210.101409][ T7756]  ? __lock_acquire+0xab9/0xd20
[ 2210.101430][ T7756]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2210.101448][ T7756]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2210.101484][ T7756]  ? down_read+0x1ad/0x2e0
[ 2210.101504][ T7756]  genl_rcv+0x28/0x40
[ 2210.101519][ T7756]  netlink_unicast+0x82f/0x9e0
[ 2210.101546][ T7756]  ? __pfx_netlink_unicast+0x10/0x10
[ 2210.101577][ T7756]  ? netlink_sendmsg+0x642/0xb30
[ 2210.101598][ T7756]  ? skb_put+0x11b/0x210
[ 2210.101623][ T7756]  netlink_sendmsg+0x805/0xb30
[ 2210.101653][ T7756]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2210.101678][ T7756]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 2210.101696][ T7756]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2210.101716][ T7756]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2210.101739][ T7756]  __sock_sendmsg+0x21c/0x270
[ 2210.101760][ T7756]  ____sys_sendmsg+0x505/0x830
[ 2210.101788][ T7756]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2210.101820][ T7756]  ? import_iovec+0x74/0xa0
[ 2210.101843][ T7756]  ___sys_sendmsg+0x21f/0x2a0
[ 2210.101859][ T7756]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2210.101901][ T7756]  ? __fget_files+0x2a/0x420
[ 2210.101919][ T7756]  ? __fget_files+0x3a0/0x420
[ 2210.101946][ T7756]  __x64_sys_sendmsg+0x19b/0x260
[ 2210.101963][ T7756]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2210.101985][ T7756]  ? __pfx_ksys_write+0x10/0x10
[ 2210.102004][ T7756]  ? do_syscall_64+0xbe/0xfa0
[ 2210.102037][ T7756]  do_syscall_64+0xfa/0xfa0
[ 2210.102051][ T7756]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2210.102066][ T7756]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2210.102081][ T7756]  ? clear_bhb_loop+0x60/0xb0
[ 2210.102109][ T7756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2210.102122][ T7756] RIP: 0033:0x7fd52af8eec9
[ 2210.102134][ T7756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2210.102145][ T7756] RSP: 002b:00007fd52bf0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2210.102160][ T7756] RAX: ffffffffffffffda RBX: 00007fd52b1e5fa0 RCX: 00007fd52af8eec9
[ 2210.102170][ T7756] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[ 2210.102178][ T7756] RBP: 00007fd52bf0b090 R08: 0000000000000000 R09: 0000000000000000
[ 2210.102187][ T7756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2210.102195][ T7756] R13: 00007fd52b1e6038 R14: 00007fd52b1e5fa0 R15: 00007fd52b30fa28
[ 2210.102216][ T7756]  </TASK>
[ 2210.697490][ T7758] xt_recent: Unsupported userspace flags (000000b1)
[ 2211.322743][ T7782] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 2211.322743][ T7782] The task syz.2.11661 (7782) triggered the difference, watch for misbehavior.
[ 2211.491072][ T7786] lo: Caught tx_queue_len zero misconfig
[ 2211.697657][ T7793] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2211.705709][ T7793] syzkaller0: entered promiscuous mode
[ 2211.711642][ T7793] syzkaller0: entered allmulticast mode
[ 2211.831592][ T7796] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11665'.
[ 2211.909262][ T7793] tipc: Resetting bearer <eth:syzkaller0>
[ 2211.931900][ T7799] FAULT_INJECTION: forcing a failure.
[ 2211.931900][ T7799] name failslab, interval 1, probability 0, space 0, times 0
[ 2211.946267][ T7800] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11665'.
[ 2211.955814][ T7799] CPU: 1 UID: 0 PID: 7799 Comm: syz.1.11666 Not tainted syzkaller #0 PREEMPT(full) 
[ 2211.955838][ T7799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2211.955851][ T7799] Call Trace:
[ 2211.955859][ T7799]  <TASK>
[ 2211.955867][ T7799]  dump_stack_lvl+0x189/0x250
[ 2211.955893][ T7799]  ? __pfx____ratelimit+0x10/0x10
[ 2211.955923][ T7799]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2211.955943][ T7799]  ? __pfx__printk+0x10/0x10
[ 2211.955968][ T7799]  ? __pfx___might_resched+0x10/0x10
[ 2211.955999][ T7799]  should_fail_ex+0x414/0x560
[ 2211.956033][ T7799]  should_failslab+0xa8/0x100
[ 2211.956059][ T7799]  kmem_cache_alloc_node_noprof+0x77/0x710
[ 2211.956079][ T7799]  ? __alloc_skb+0x112/0x2d0
[ 2211.956111][ T7799]  __alloc_skb+0x112/0x2d0
[ 2211.956142][ T7799]  netlink_ack+0x146/0xa50
[ 2211.956166][ T7799]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2211.956186][ T7799]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 2211.956211][ T7799]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 2211.956260][ T7799]  netlink_rcv_skb+0x28c/0x470
[ 2211.956285][ T7799]  ? __lock_acquire+0xab9/0xd20
[ 2211.956310][ T7799]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2211.956332][ T7799]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2211.956376][ T7799]  ? down_read+0x1ad/0x2e0
[ 2211.956401][ T7799]  genl_rcv+0x28/0x40
[ 2211.956420][ T7799]  netlink_unicast+0x82f/0x9e0
[ 2211.956453][ T7799]  ? __pfx_netlink_unicast+0x10/0x10
[ 2211.956479][ T7799]  ? netlink_sendmsg+0x642/0xb30
[ 2211.956505][ T7799]  ? skb_put+0x11b/0x210
[ 2211.956535][ T7799]  netlink_sendmsg+0x805/0xb30
[ 2211.956571][ T7799]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2211.956603][ T7799]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 2211.956626][ T7799]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2211.956652][ T7799]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2211.956681][ T7799]  __sock_sendmsg+0x21c/0x270
[ 2211.956707][ T7799]  ____sys_sendmsg+0x505/0x830
[ 2211.956742][ T7799]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2211.956779][ T7799]  ? import_iovec+0x74/0xa0
[ 2211.956807][ T7799]  ___sys_sendmsg+0x21f/0x2a0
[ 2211.956832][ T7799]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2211.956883][ T7799]  ? __fget_files+0x2a/0x420
[ 2211.956906][ T7799]  ? __fget_files+0x3a0/0x420
[ 2211.956940][ T7799]  __x64_sys_sendmsg+0x19b/0x260
[ 2211.956961][ T7799]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2211.956989][ T7799]  ? __pfx_ksys_write+0x10/0x10
[ 2211.957013][ T7799]  ? do_syscall_64+0xbe/0xfa0
[ 2211.957036][ T7799]  do_syscall_64+0xfa/0xfa0
[ 2211.957053][ T7799]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2211.957072][ T7799]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2211.957091][ T7799]  ? clear_bhb_loop+0x60/0xb0
[ 2211.957114][ T7799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2211.957133][ T7799] RIP: 0033:0x7fc33918eec9
[ 2211.957150][ T7799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2211.957167][ T7799] RSP: 002b:00007fc33a01b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2211.957187][ T7799] RAX: ffffffffffffffda RBX: 00007fc3393e5fa0 RCX: 00007fc33918eec9
[ 2211.957202][ T7799] RDX: 0000000000004814 RSI: 0000200000001080 RDI: 0000000000000004
[ 2211.957214][ T7799] RBP: 00007fc33a01b090 R08: 0000000000000000 R09: 0000000000000000
[ 2211.957226][ T7799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2211.957238][ T7799] R13: 00007fc3393e6038 R14: 00007fc3393e5fa0 R15: 00007fc33950fa28
[ 2211.957276][ T7799]  </TASK>
[ 2212.296851][ T7800] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11665'.
[ 2212.315524][ T7792] tipc: Resetting bearer <eth:syzkaller0>
[ 2212.649829][ T7792] tipc: Disabling bearer <eth:syzkaller0>
[ 2213.074033][ T7817] ip6erspan0: entered allmulticast mode
[ 2213.787280][ T7295] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 2213.947388][ T7295] usb 2-1: Using ep0 maxpacket: 32
[ 2213.960683][ T7295] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[ 2213.974255][ T7295] usb 2-1: config 0 has no interface number 0
[ 2213.997367][ T7295] usb 2-1: config 0 interface 12 has no altsetting 0
[ 2214.020178][ T7295] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[ 2214.030371][ T7295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2214.054021][ T7295] usb 2-1: Product: syz
[ 2214.069995][ T7295] usb 2-1: Manufacturer: syz
[ 2214.084834][ T7295] usb 2-1: SerialNumber: syz
[ 2214.113917][ T7295] usb 2-1: config 0 descriptor??
[ 2214.339995][ T7295] f81534 2-1:0.12: f81534_set_register: reg: 1002 data: 3 failed: -71
[ 2214.358730][ T7295] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[ 2214.381445][ T7295] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[ 2214.405014][ T7295] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[ 2214.427664][ T7295] usb 2-1: USB disconnect, device number 81
[ 2215.080384][ T7848] netlink: 20 bytes leftover after parsing attributes in process `syz.4.11680'.
[ 2215.211410][ T7853] random: crng reseeded on system resumption
[ 2216.217310][T32590] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[ 2216.245523][ T7879] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11687'.
[ 2216.387695][T32590] usb 3-1: Using ep0 maxpacket: 32
[ 2216.395621][T32590] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2216.410179][T32590] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2216.431808][T32590] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2216.449959][T32590] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2216.496096][T32590] usb 3-1: config 0 descriptor??
[ 2216.518151][T32590] hub 3-1:0.0: USB hub found
[ 2216.643366][   T30] kauditd_printk_skb: 25 callbacks suppressed
[ 2216.643382][   T30] audit: type=1326 audit(1760474332.961:2598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7882 comm="syz.1.11688" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc33918eec9 code=0x0
[ 2216.852027][ T5962] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[ 2217.019870][ T5962] usb 5-1: device descriptor read/64, error -71
[ 2217.145548][T32590] hub 3-1:0.0: 1 port detected
[ 2217.157359][ T7295] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 2217.267522][ T5962] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[ 2217.331451][ T7295] usb 2-1: Using ep0 maxpacket: 32
[ 2217.339167][ T7295] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[ 2217.355502][ T7295] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2217.396691][ T7295] usb 2-1: config 0 descriptor??
[ 2217.415874][ T7295] gspca_main: sq930x-2.14.0 probing 041e:403c
[ 2217.417273][ T5962] usb 5-1: device descriptor read/64, error -71
[ 2217.538088][ T5962] usb usb5-port1: attempt power cycle
[ 2217.774033][ T7900] random: crng reseeded on system resumption
[ 2217.877309][ T5962] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[ 2217.911455][ T5962] usb 5-1: device descriptor read/8, error -71
[ 2218.167825][ T5962] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[ 2218.197727][ T5962] usb 5-1: device descriptor read/8, error -71
[ 2218.318034][ T5962] usb usb5-port1: unable to enumerate USB device
[ 2218.368764][T32590] hub 3-1:0.0: hub_hub_status failed (err = -32)
[ 2218.377855][T32590] hub 3-1:0.0: config failed, can't get hub status (err -32)
[ 2218.392766][T32590] usbhid 3-1:0.0: can't add hid device: -32
[ 2218.399795][T32590] usbhid 3-1:0.0: probe with driver usbhid failed with error -32
[ 2218.442574][ T7295] gspca_sq930x: ucbus_write failed -71
[ 2218.448219][ T7295] sq930x 2-1:0.0: probe with driver sq930x failed with error -71
[ 2218.484891][ T7295] usb 2-1: USB disconnect, device number 82
[ 2219.277555][ T7295] usb 3-1: USB disconnect, device number 93
[ 2219.797642][ T5962] usb 6-1: new high-speed USB device number 66 using dummy_hcd
[ 2219.990504][ T5962] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 2220.003470][ T5962] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2220.012334][ T5962] usb 6-1: Product: syz
[ 2220.016835][ T5962] usb 6-1: Manufacturer: syz
[ 2220.022128][ T5962] usb 6-1: SerialNumber: syz
[ 2220.038306][ T5962] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 2220.100470][ T7933] fuse: Unknown parameter 'group_'
[ 2220.274981][ T7944] random: crng reseeded on system resumption
[ 2220.288539][ T5919] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 2220.336673][ T7941] xt_recent: Unsupported userspace flags (000000b1)
[ 2220.474055][ T7945] nvme_fabrics: missing parameter 'transport=%s'
[ 2220.480631][ T7945] nvme_fabrics: missing parameter 'nqn=%s'
[ 2220.750871][ T5962] usb 6-1: USB disconnect, device number 66
[ 2221.407496][ T5919] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[ 2221.450941][ T5919] ath9k_htc: Failed to initialize the device
[ 2221.462628][ T7960] snd_aloop snd_aloop.0: control 2:-2:3:syz1:2 is already present
[ 2221.473175][ T5962] usb 6-1: ath9k_htc: USB layer deinitialized
[ 2221.570597][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 2221.570637][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 2222.417317][T30348] usb 2-1: new full-speed USB device number 83 using dummy_hcd
[ 2222.649860][T30348] usb 2-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 2222.671182][T30348] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2222.723507][T30348] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[ 2222.794121][T30348] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2222.832472][T30348] usb 2-1: New USB device strings: Mfr=8, Product=0, SerialNumber=1
[ 2222.870667][T30348] usb 2-1: Manufacturer: syz
[ 2222.932741][T30348] usb 2-1: SerialNumber: syz
[ 2223.589285][ T7993] nvme_fabrics: missing parameter 'transport=%s'
[ 2223.595827][ T7993] nvme_fabrics: missing parameter 'nqn=%s'
[ 2224.474998][ T8011] ALSA: mixer_oss: invalid OSS volume ''
[ 2224.691672][ T8025] netlink: 132 bytes leftover after parsing attributes in process `syz.0.11724'.
[ 2224.857540][ T8022] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11724'.
[ 2225.851116][T30348] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[ 2225.901844][T30348] cdc_acm 2-1:1.0: ttyACM0: USB ACM device
[ 2225.918005][   T30] audit: type=1326 audit(1760474342.231:2599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.4.11730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2225.954920][ T8037] fuse: Bad value for 'fd'
[ 2225.978672][T30348] usb 2-1: USB disconnect, device number 83
[ 2226.059561][   T30] audit: type=1326 audit(1760474342.231:2600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.4.11730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2226.129597][   T30] audit: type=1326 audit(1760474342.241:2601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.4.11730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2226.152151][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2226.197589][   T30] audit: type=1326 audit(1760474342.241:2602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.4.11730" exe="/root/syz-executor" sig=0 arch=40000003 syscall=94 compat=1 ip=0x200000000006 code=0x7ffc0000
[ 2226.220052][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2226.233845][   T30] audit: type=1326 audit(1760474342.241:2603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.4.11730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2226.256366][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2226.298728][   T30] audit: type=1326 audit(1760474342.241:2604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8034 comm="syz.4.11730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2226.321269][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2226.340109][ T8049] FAULT_INJECTION: forcing a failure.
[ 2226.340109][ T8049] name failslab, interval 1, probability 0, space 0, times 0
[ 2226.356042][ T8049] CPU: 0 UID: 0 PID: 8049 Comm: syz.0.11735 Not tainted syzkaller #0 PREEMPT(full) 
[ 2226.356065][ T8049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2226.356078][ T8049] Call Trace:
[ 2226.356086][ T8049]  <TASK>
[ 2226.356094][ T8049]  dump_stack_lvl+0x189/0x250
[ 2226.356120][ T8049]  ? __pfx____ratelimit+0x10/0x10
[ 2226.356156][ T8049]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2226.356176][ T8049]  ? __pfx__printk+0x10/0x10
[ 2226.356200][ T8049]  ? __pfx___might_resched+0x10/0x10
[ 2226.356231][ T8049]  should_fail_ex+0x414/0x560
[ 2226.356265][ T8049]  should_failslab+0xa8/0x100
[ 2226.356291][ T8049]  __kmalloc_cache_noprof+0x6f/0x6f0
[ 2226.356313][ T8049]  ? xfrm_policy_alloc+0x78/0x2b0
[ 2226.356348][ T8049]  xfrm_policy_alloc+0x78/0x2b0
[ 2226.356376][ T8049]  xfrm_policy_construct+0x39/0x6b0
[ 2226.356407][ T8049]  xfrm_add_policy+0x267/0x800
[ 2226.356432][ T8049]  ? __pfx_xfrm_add_policy+0x10/0x10
[ 2226.356449][ T8049]  ? apparmor_capable+0x137/0x1b0
[ 2226.356480][ T8049]  ? __nla_parse+0x40/0x60
[ 2226.356505][ T8049]  xfrm_user_rcv_msg+0x7a3/0xab0
[ 2226.356530][ T8049]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 2226.356580][ T8049]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 2226.356615][ T8049]  ? rcu_is_watching+0x15/0xb0
[ 2226.356643][ T8049]  ? trace_contention_end+0x39/0x120
[ 2226.356672][ T8049]  ? __mutex_lock+0x335/0x1350
[ 2226.356698][ T8049]  netlink_rcv_skb+0x208/0x470
[ 2226.356727][ T8049]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 2226.356748][ T8049]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2226.356789][ T8049]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2226.356815][ T8049]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2226.356843][ T8049]  xfrm_netlink_rcv+0x79/0x90
[ 2226.356862][ T8049]  netlink_unicast+0x82f/0x9e0
[ 2226.356893][ T8049]  ? __pfx_netlink_unicast+0x10/0x10
[ 2226.356920][ T8049]  ? netlink_sendmsg+0x642/0xb30
[ 2226.356945][ T8049]  ? skb_put+0x11b/0x210
[ 2226.356977][ T8049]  netlink_sendmsg+0x805/0xb30
[ 2226.357012][ T8049]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2226.357042][ T8049]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 2226.357065][ T8049]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2226.357089][ T8049]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2226.357118][ T8049]  __sock_sendmsg+0x21c/0x270
[ 2226.357156][ T8049]  ____sys_sendmsg+0x505/0x830
[ 2226.357191][ T8049]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2226.357229][ T8049]  ? import_iovec+0x74/0xa0
[ 2226.357259][ T8049]  ___sys_sendmsg+0x21f/0x2a0
[ 2226.357280][ T8049]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2226.357331][ T8049]  ? __fget_files+0x2a/0x420
[ 2226.357355][ T8049]  ? __fget_files+0x3a0/0x420
[ 2226.357388][ T8049]  __x64_sys_sendmsg+0x19b/0x260
[ 2226.357409][ T8049]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2226.357437][ T8049]  ? __pfx_ksys_write+0x10/0x10
[ 2226.357461][ T8049]  ? do_syscall_64+0xbe/0xfa0
[ 2226.357484][ T8049]  do_syscall_64+0xfa/0xfa0
[ 2226.357501][ T8049]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2226.357520][ T8049]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2226.357539][ T8049]  ? clear_bhb_loop+0x60/0xb0
[ 2226.357563][ T8049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2226.357581][ T8049] RIP: 0033:0x7fd52af8eec9
[ 2226.357599][ T8049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2226.357615][ T8049] RSP: 002b:00007fd52bf0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2226.357637][ T8049] RAX: ffffffffffffffda RBX: 00007fd52b1e5fa0 RCX: 00007fd52af8eec9
[ 2226.357650][ T8049] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[ 2226.357662][ T8049] RBP: 00007fd52bf0b090 R08: 0000000000000000 R09: 0000000000000000
[ 2226.357673][ T8049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2226.357685][ T8049] R13: 00007fd52b1e6038 R14: 00007fd52b1e5fa0 R15: 00007fd52b30fa28
[ 2226.357716][ T8049]  </TASK>
[ 2226.797317][T30348] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 2226.934765][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2227.209769][T30348] usb 2-1: Using ep0 maxpacket: 32
[ 2227.221103][T30348] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[ 2227.231817][T30348] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2227.318005][T30348] usb 2-1: config 0 descriptor??
[ 2227.552772][T30348] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[ 2227.609865][T30348] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2227.635097][T30348] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[ 2227.643425][T30348] usb 2-1: media controller created
[ 2227.649852][ T8059] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2227.675230][ T8059] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2227.694062][T30348] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2227.825178][T30348] DVB: Unable to find symbol dib7000p_attach()
[ 2227.831575][T30348] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[ 2227.969238][ T7295] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[ 2228.051138][T30348] rc_core: IR keymap rc-dib0700-rc5 not found
[ 2228.058805][T30348] Registered IR keymap rc-empty
[ 2228.064477][T30348] dvb-usb: could not initialize remote control.
[ 2228.161579][ T7295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2228.201777][T30348] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[ 2228.233429][ T7295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2228.285306][T30348] usb 2-1: USB disconnect, device number 84
[ 2228.295486][ T7295] usb 3-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[ 2228.321318][ T7295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2228.350243][T30348] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[ 2228.369039][ T7295] usb 3-1: config 0 descriptor??
[ 2228.687254][ T3234] Bluetooth: hci1: command 0x040f tx timeout
[ 2228.990834][   T30] audit: type=1326 audit(1760474345.311:2605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8093 comm="syz.5.11744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e678eec9 code=0x7ffc0000
[ 2229.159626][   T30] audit: type=1326 audit(1760474345.311:2606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8093 comm="syz.5.11744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80e678eec9 code=0x7ffc0000
[ 2229.275910][   T30] audit: type=1326 audit(1760474345.311:2607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8093 comm="syz.5.11744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f80e678eec9 code=0x7ffc0000
[ 2229.319169][   T30] audit: type=1326 audit(1760474345.311:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8093 comm="syz.5.11744" exe="/root/syz-executor" sig=0 arch=40000003 syscall=94 compat=1 ip=0x200000000006 code=0x7ffc0000
[ 2229.357351][T30348] usb 2-1: new full-speed USB device number 85 using dummy_hcd
[ 2229.417123][ T8106] loop6: detected capacity change from 0 to 524288000
[ 2229.688977][T30348] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2229.700153][T30348] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2229.716167][T30348] usb 2-1: config 0 interface 0 has no altsetting 0
[ 2229.723991][T30348] usb 2-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00
[ 2229.733455][ T3234] Bluetooth: hci2: command 0x040f tx timeout
[ 2229.733458][T30348] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2229.737736][T30348] usb 2-1: config 0 descriptor??
[ 2230.180057][ T8110] netlink: 'syz.5.11749': attribute type 2 has an invalid length.
[ 2230.215685][T30348] lenovo 0003:17EF:60EE.003E: unknown main item tag 0x0
[ 2230.247944][T30348] lenovo 0003:17EF:60EE.003E: unknown main item tag 0x0
[ 2230.254984][T30348] lenovo 0003:17EF:60EE.003E: unknown main item tag 0x0
[ 2230.297343][T30348] lenovo 0003:17EF:60EE.003E: unknown main item tag 0x0
[ 2230.323462][T30348] lenovo 0003:17EF:60EE.003E: unknown main item tag 0x0
[ 2230.335401][ T8112] RDS: rds_bind could not find a transport for fc02::, load rds_tcp or rds_rdma?
[ 2230.396556][T30348] lenovo 0003:17EF:60EE.003E: hidraw0: USB HID v0.01 Device [HID 17ef:60ee] on usb-dummy_hcd.1-1/input0
[ 2230.458475][ T8098] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2230.473721][ T8098] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2230.562174][ T8118] netlink: 44 bytes leftover after parsing attributes in process `syz.5.11752'.
[ 2230.724104][T30348] lenovo 0003:17EF:60EE.003E: Fn-lock setting failed: -71
[ 2230.750589][T30348] lenovo 0003:17EF:60EE.003E: Sensitivity setting failed: -71
[ 2230.789197][T30348] usb 2-1: USB disconnect, device number 85
[ 2231.147250][ T5919] usb 6-1: new high-speed USB device number 67 using dummy_hcd
[ 2231.323301][ T5919] usb 6-1: Using ep0 maxpacket: 16
[ 2231.345091][ T5919] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 2231.382704][ T5919] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2231.414093][ T5919] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2231.476728][ T5919] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2231.490288][ T5919] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2231.506689][ T5919] usb 6-1: Product: syz
[ 2231.517254][ T5919] usb 6-1: Manufacturer: syz
[ 2231.526380][ T5919] usb 6-1: SerialNumber: syz
[ 2231.969538][ T5919] usb 6-1: 0:2 : does not exist
[ 2232.028876][ T8117] fuse: Unknown parameter 'group_'
[ 2233.422316][ T7295] usbhid 3-1:0.0: can't add hid device: -32
[ 2233.454869][ T7295] usbhid 3-1:0.0: probe with driver usbhid failed with error -32
[ 2233.795848][ T5919] usb 6-1: 1:0: failed to get current value for ch 0 (-22)
[ 2233.853164][ T5919] usb 6-1: USB disconnect, device number 67
[ 2233.969995][ T3980] udevd[3980]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2234.074601][ T8171] loop6: detected capacity change from 0 to 524288000
[ 2234.557345][T30348] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[ 2234.918896][T30348] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 2235.002302][T30348] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 2235.045997][T30348] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[ 2235.070050][T30348] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 2235.087349][T30348] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2235.105542][T30348] usb 2-1: Product: syz
[ 2235.125763][T30348] usb 2-1: Manufacturer: syz
[ 2235.130678][T30348] usb 2-1: SerialNumber: syz
[ 2235.148113][T30348] usb 2-1: config 0 descriptor??
[ 2235.169173][ T8177] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2235.207454][ T8181] FAULT_INJECTION: forcing a failure.
[ 2235.207454][ T8181] name failslab, interval 1, probability 0, space 0, times 0
[ 2235.230336][ T8177] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2235.249929][ T8181] CPU: 1 UID: 0 PID: 8181 Comm: syz.4.11770 Not tainted syzkaller #0 PREEMPT(full) 
[ 2235.249953][ T8181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2235.249967][ T8181] Call Trace:
[ 2235.249975][ T8181]  <TASK>
[ 2235.249984][ T8181]  dump_stack_lvl+0x189/0x250
[ 2235.250008][ T8181]  ? __pfx____ratelimit+0x10/0x10
[ 2235.250037][ T8181]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2235.250051][ T8181]  ? __pfx__printk+0x10/0x10
[ 2235.250068][ T8181]  ? __pfx___might_resched+0x10/0x10
[ 2235.250086][ T8181]  ? fs_reclaim_acquire+0x7d/0x100
[ 2235.250117][ T8181]  should_fail_ex+0x414/0x560
[ 2235.250156][ T8181]  should_failslab+0xa8/0x100
[ 2235.250182][ T8181]  __kmalloc_cache_noprof+0x6f/0x6f0
[ 2235.250197][ T8181]  ? call_usermodehelper_setup+0x8e/0x270
[ 2235.250214][ T8181]  ? trace_kmalloc+0x1f/0xd0
[ 2235.250226][ T8181]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[ 2235.250250][ T8181]  call_usermodehelper_setup+0x8e/0x270
[ 2235.250276][ T8181]  ? __pfx_free_modprobe_argv+0x10/0x10
[ 2235.250304][ T8181]  __request_module+0x39f/0x5e0
[ 2235.250334][ T8181]  ? __pfx___request_module+0x10/0x10
[ 2235.250353][ T8181]  ? kasan_quarantine_put+0xdd/0x220
[ 2235.250367][ T8181]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2235.250385][ T8181]  ? nvmf_dev_write+0x1a29/0x2990
[ 2235.250410][ T8181]  ? kfree+0x19a/0x6d0
[ 2235.250427][ T8181]  ? nvmf_dev_write+0x4b9/0x2990
[ 2235.250454][ T8181]  nvmf_dev_write+0x1b9b/0x2990
[ 2235.250511][ T8181]  ? __pfx_nvmf_dev_write+0x10/0x10
[ 2235.250538][ T8181]  ? __lock_acquire+0xab9/0xd20
[ 2235.250596][ T8181]  ? bpf_lsm_file_permission+0x9/0x20
[ 2235.250623][ T8181]  ? security_file_permission+0x75/0x290
[ 2235.250651][ T8181]  ? rw_verify_area+0x255/0x4d0
[ 2235.250670][ T8181]  ? __lock_acquire+0xab9/0xd20
[ 2235.250691][ T8181]  ? __pfx_nvmf_dev_write+0x10/0x10
[ 2235.250717][ T8181]  vfs_write+0x27e/0xb30
[ 2235.250746][ T8181]  ? __pfx_vfs_write+0x10/0x10
[ 2235.250768][ T8181]  ? __fget_files+0x2a/0x420
[ 2235.250793][ T8181]  ? __fget_files+0x2a/0x420
[ 2235.250815][ T8181]  ? __fget_files+0x3a0/0x420
[ 2235.250838][ T8181]  ? __fget_files+0x2a/0x420
[ 2235.250874][ T8181]  ksys_write+0x145/0x250
[ 2235.250915][ T8181]  ? __pfx_ksys_write+0x10/0x10
[ 2235.250943][ T8181]  ? do_syscall_64+0xbe/0xfa0
[ 2235.250970][ T8181]  do_syscall_64+0xfa/0xfa0
[ 2235.251011][ T8181]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2235.251033][ T8181]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2235.251055][ T8181]  ? clear_bhb_loop+0x60/0xb0
[ 2235.251082][ T8181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2235.251105][ T8181] RIP: 0033:0x7fb31038eec9
[ 2235.251131][ T8181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2235.251151][ T8181] RSP: 002b:00007fb311235038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2235.251175][ T8181] RAX: ffffffffffffffda RBX: 00007fb3105e5fa0 RCX: 00007fb31038eec9
[ 2235.251193][ T8181] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 2235.251205][ T8181] RBP: 00007fb311235090 R08: 0000000000000000 R09: 0000000000000000
[ 2235.251219][ T8181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2235.251233][ T8181] R13: 00007fb3105e6038 R14: 00007fb3105e5fa0 R15: 00007fb31070fa28
[ 2235.251269][ T8181]  </TASK>
[ 2235.253632][T30348] usb 2-1: ucan: probing device on interface #0
[ 2235.408350][ T8181] nvme_fabrics: missing parameter 'transport=%s'
[ 2235.700232][ T8181] nvme_fabrics: missing parameter 'nqn=%s'
[ 2235.855386][T30348] usb 2-1: ucan: device reported invalid device info
[ 2235.862341][T30348] usb 2-1: ucan: probe failed; try to update the device firmware
[ 2235.921888][ T8189] netlink: 16 bytes leftover after parsing attributes in process `syz.4.11772'.
[ 2236.288598][ T5962] usb 3-1: USB disconnect, device number 94
[ 2236.404825][ T8204] netlink: 14 bytes leftover after parsing attributes in process `syz.1.11767'.
[ 2236.443735][ T8205] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11776'.
[ 2238.030695][ T8221] FAULT_INJECTION: forcing a failure.
[ 2238.030695][ T8221] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2238.175536][ T8221] CPU: 1 UID: 0 PID: 8221 Comm: syz.4.11780 Not tainted syzkaller #0 PREEMPT(full) 
[ 2238.175563][ T8221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2238.175576][ T8221] Call Trace:
[ 2238.175584][ T8221]  <TASK>
[ 2238.175593][ T8221]  dump_stack_lvl+0x189/0x250
[ 2238.175620][ T8221]  ? __pfx____ratelimit+0x10/0x10
[ 2238.175650][ T8221]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2238.175671][ T8221]  ? __pfx__printk+0x10/0x10
[ 2238.175692][ T8221]  ? __might_fault+0xb0/0x130
[ 2238.175722][ T8221]  should_fail_ex+0x414/0x560
[ 2238.175757][ T8221]  _copy_from_user+0x2d/0xb0
[ 2238.175783][ T8221]  __sys_sendto+0x25c/0x520
[ 2238.175814][ T8221]  ? __pfx___sys_sendto+0x10/0x10
[ 2238.175839][ T8221]  ? count_memcg_event_mm+0x21/0x260
[ 2238.175903][ T8221]  __x64_sys_sendto+0xde/0x100
[ 2238.175934][ T8221]  do_syscall_64+0xfa/0xfa0
[ 2238.175952][ T8221]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2238.175971][ T8221]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2238.175991][ T8221]  ? clear_bhb_loop+0x60/0xb0
[ 2238.176015][ T8221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2238.176034][ T8221] RIP: 0033:0x7fb310390d5c
[ 2238.176051][ T8221] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[ 2238.176068][ T8221] RSP: 002b:00007fb311233ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 2238.176088][ T8221] RAX: ffffffffffffffda RBX: 00007fb311233fc0 RCX: 00007fb310390d5c
[ 2238.176103][ T8221] RDX: 0000000000000020 RSI: 00007fb311234010 RDI: 0000000000000003
[ 2238.176115][ T8221] RBP: 0000000000000000 R08: 00007fb311233f14 R09: 000000000000000c
[ 2238.176128][ T8221] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[ 2238.176140][ T8221] R13: 00007fb311233f68 R14: 00007fb311234010 R15: 0000000000000000
[ 2238.176170][ T8221]  </TASK>
[ 2238.658671][ T8228] netlink: 68 bytes leftover after parsing attributes in process `syz.5.11781'.
[ 2238.725754][ T8223] nvme_fabrics: missing parameter 'transport=%s'
[ 2238.770198][ T8223] nvme_fabrics: missing parameter 'nqn=%s'
[ 2238.856487][ T5962] usb 2-1: USB disconnect, device number 86
[ 2239.044102][ T8240] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11784'.
[ 2239.137139][ T8244] loop6: detected capacity change from 0 to 524288000
[ 2239.175642][ T5919] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[ 2239.337299][ T5919] usb 3-1: Using ep0 maxpacket: 8
[ 2239.362631][ T5919] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 2239.381027][ T5919] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 2239.392386][ T5919] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 2239.402164][ T5919] usb 3-1: Product: syz
[ 2239.406534][ T5919] usb 3-1: Manufacturer: syz
[ 2239.413997][ T5919] usb 3-1: SerialNumber: syz
[ 2239.748056][ T5919] usb 3-1: palm_os_3_probe - error -110 getting connection information
[ 2239.787753][ T5919] visor 3-1:1.0: probe with driver visor failed with error -110
[ 2239.869709][ T8233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2240.049030][ T8233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2240.350807][ T8233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2240.491200][ T8270] FAULT_INJECTION: forcing a failure.
[ 2240.491200][ T8270] name failslab, interval 1, probability 0, space 0, times 0
[ 2240.514714][ T8270] CPU: 0 UID: 0 PID: 8270 Comm: syz.1.11794 Not tainted syzkaller #0 PREEMPT(full) 
[ 2240.514743][ T8270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2240.514757][ T8270] Call Trace:
[ 2240.514764][ T8270]  <TASK>
[ 2240.514771][ T8270]  dump_stack_lvl+0x189/0x250
[ 2240.514793][ T8270]  ? __pfx____ratelimit+0x10/0x10
[ 2240.514818][ T8270]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2240.514834][ T8270]  ? __pfx__printk+0x10/0x10
[ 2240.514854][ T8270]  ? __pfx___might_resched+0x10/0x10
[ 2240.514876][ T8270]  ? fs_reclaim_acquire+0x7d/0x100
[ 2240.514898][ T8270]  should_fail_ex+0x414/0x560
[ 2240.514930][ T8270]  should_failslab+0xa8/0x100
[ 2240.514951][ T8270]  __kmalloc_cache_noprof+0x6f/0x6f0
[ 2240.514968][ T8270]  ? __genradix_ptr_alloc+0x463/0x4a0
[ 2240.514990][ T8270]  ? sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[ 2240.515011][ T8270]  sctp_auth_asoc_copy_shkeys+0x14e/0x5a0
[ 2240.515035][ T8270]  sctp_association_new+0x15d3/0x25f0
[ 2240.515067][ T8270]  sctp_connect_new_asoc+0x2c5/0x690
[ 2240.515089][ T8270]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 2240.515107][ T8270]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 2240.515135][ T8270]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 2240.515156][ T8270]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 2240.515182][ T8270]  sctp_sendmsg+0x155c/0x2810
[ 2240.515210][ T8270]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 2240.515231][ T8270]  ? aa_sk_perm+0x81e/0x950
[ 2240.515247][ T8270]  ? __lock_acquire+0xab9/0xd20
[ 2240.515269][ T8270]  ? __pfx_aa_sk_perm+0x10/0x10
[ 2240.515287][ T8270]  ? sock_rps_record_flow+0x19/0x410
[ 2240.515311][ T8270]  ? inet_sendmsg+0x2f4/0x370
[ 2240.515340][ T8270]  __sock_sendmsg+0x19c/0x270
[ 2240.515361][ T8270]  ____sys_sendmsg+0x52d/0x830
[ 2240.515390][ T8270]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2240.515421][ T8270]  ? import_iovec+0x74/0xa0
[ 2240.515444][ T8270]  ___sys_sendmsg+0x21f/0x2a0
[ 2240.515460][ T8270]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2240.515501][ T8270]  ? __fget_files+0x2a/0x420
[ 2240.515520][ T8270]  ? __fget_files+0x3a0/0x420
[ 2240.515546][ T8270]  __sys_sendmmsg+0x227/0x430
[ 2240.515565][ T8270]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2240.515586][ T8270]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2240.515616][ T8270]  ? ksys_write+0x22a/0x250
[ 2240.515635][ T8270]  ? __pfx_ksys_write+0x10/0x10
[ 2240.515655][ T8270]  __x64_sys_sendmmsg+0xa0/0xc0
[ 2240.515676][ T8270]  do_syscall_64+0xfa/0xfa0
[ 2240.515691][ T8270]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2240.515706][ T8270]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2240.515721][ T8270]  ? clear_bhb_loop+0x60/0xb0
[ 2240.515740][ T8270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2240.515756][ T8270] RIP: 0033:0x7fc33918eec9
[ 2240.515769][ T8270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2240.515783][ T8270] RSP: 002b:00007fc33a01b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2240.515800][ T8270] RAX: ffffffffffffffda RBX: 00007fc3393e5fa0 RCX: 00007fc33918eec9
[ 2240.515812][ T8270] RDX: 0000000000000002 RSI: 0000200000002780 RDI: 0000000000000003
[ 2240.515822][ T8270] RBP: 00007fc33a01b090 R08: 0000000000000000 R09: 0000000000000000
[ 2240.515832][ T8270] R10: 0000000020008050 R11: 0000000000000246 R12: 0000000000000001
[ 2240.515841][ T8270] R13: 00007fc3393e6038 R14: 00007fc3393e5fa0 R15: 00007fc33950fa28
[ 2240.515866][ T8270]  </TASK>
[ 2240.869261][ T8233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2241.201414][ T5962] usb 3-1: USB disconnect, device number 95
[ 2241.306775][ T8272] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11795'.
[ 2241.675349][ T8283] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[ 2241.703603][T31141] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 2241.724169][T31141] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 2241.750797][T31141] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 2241.761354][T31141] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 2241.875678][ T8293] netlink: 68 bytes leftover after parsing attributes in process `syz.0.11799'.
[ 2242.274727][ T8290] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11802'.
[ 2242.492598][ T8290] macvtap1: entered promiscuous mode
[ 2242.499973][ T8290] syz_tun: entered promiscuous mode
[ 2242.505768][ T8290] macvtap1: entered allmulticast mode
[ 2242.524188][ T8290] syz_tun: entered allmulticast mode
[ 2242.568133][ T8297] fuse: Unknown parameter 'group_'
[ 2243.426858][ T8319] loop6: detected capacity change from 0 to 524288000
[ 2243.550925][ T8319] Dev loop6: unable to read RDB block 8
[ 2243.716683][ T8319]  loop6: unable to read partition table
[ 2243.736888][ T8319] loop_reread_partitions: partition scan of loop6 (ÿŸ¾‚³˜±Ä6�tPΪŔ±³×AÝÁ¬8ï*V^ñè3c) failed (rc=-5)
[ 2243.779838][ T8330] syz_tun: entered allmulticast mode
[ 2243.862816][ T8328] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11810'.
[ 2243.873851][ T8332] fuse: Unknown parameter ''
[ 2244.008052][ T5919] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 2244.019332][ T8330] syz_tun: left allmulticast mode
[ 2244.157311][ T5919] usb 5-1: Using ep0 maxpacket: 8
[ 2244.164130][ T5919] usb 5-1: config index 0 descriptor too short (expected 30, got 18)
[ 2244.174926][ T5919] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 2244.184359][ T5919] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2244.193539][ T5919] usb 5-1: Product: syz
[ 2244.200444][ T5919] usb 5-1: Manufacturer: syz
[ 2244.205123][ T5919] usb 5-1: SerialNumber: syz
[ 2244.216526][ T5919] usb 5-1: config 0 descriptor??
[ 2244.228809][ T5919] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 2244.237028][ T5919] usb 5-1: setting power ON
[ 2244.242937][ T5919] dvb-usb: bulk message failed: -22 (2/0)
[ 2244.252043][ T5919] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2244.265321][ T5919] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 2244.275309][ T5919] usb 5-1: media controller created
[ 2244.287623][T30348] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[ 2244.300664][ T5919] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2244.322527][ T5919] usb 5-1: selecting invalid altsetting 6
[ 2244.330466][ T5919] usb 5-1: digital interface selection failed (-22)
[ 2244.337600][ T5919] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 2244.346826][ T5919] usb 5-1: setting power OFF
[ 2244.351661][ T5919] dvb-usb: bulk message failed: -22 (2/0)
[ 2244.358517][ T5919] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 2244.368070][ T5919] (NULL device *): no alternate interface
[ 2244.402000][ T5919] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[ 2244.447371][T30348] usb 2-1: Using ep0 maxpacket: 32
[ 2244.456348][T30348] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[ 2244.461748][ T8337] veth0_to_team: entered promiscuous mode
[ 2244.471187][T30348] usb 2-1: config 0 has no interface number 0
[ 2244.489703][T30348] usb 2-1: config 0 interface 12 has no altsetting 0
[ 2244.514176][T30348] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[ 2244.523589][T30348] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2244.542444][T30348] usb 2-1: Product: syz
[ 2244.579512][T30348] usb 2-1: Manufacturer: syz
[ 2244.587350][T30348] usb 2-1: SerialNumber: syz
[ 2244.618102][T30348] usb 2-1: config 0 descriptor??
[ 2244.965626][T32590] usb 5-1: USB disconnect, device number 10
[ 2244.977474][ T5919] usb 6-1: new high-speed USB device number 68 using dummy_hcd
[ 2245.139090][ T5919] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2245.151275][ T5919] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2245.161871][ T5919] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 2245.183707][ T8351] fuse: Unknown parameter 'group_'
[ 2245.332632][ T5919] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2245.348145][ T5919] usb 6-1: config 0 descriptor??
[ 2245.466052][ T8355] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2245.776714][ T5919] cp2112 0003:10C4:EA90.003F: unknown main item tag 0x0
[ 2245.807388][ T5919] cp2112 0003:10C4:EA90.003F: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.5-1/input0
[ 2245.970113][ T5919] cp2112 0003:10C4:EA90.003F: Part Number: 0x82 Device Version: 0xFE
[ 2246.130199][T30348] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -71
[ 2246.138407][T30348] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[ 2246.145834][T30348] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[ 2246.155774][T30348] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[ 2246.176365][ T5919] cp2112 0003:10C4:EA90.003F: error requesting SMBus config
[ 2246.177572][T30348] usb 2-1: USB disconnect, device number 87
[ 2246.199206][ T5919] cp2112 0003:10C4:EA90.003F: probe with driver cp2112 failed with error -32
[ 2246.257045][ T8370] nvme_fabrics: missing parameter 'transport=%s'
[ 2246.265424][ T8370] nvme_fabrics: missing parameter 'nqn=%s'
[ 2246.504661][ T8381] loop6: detected capacity change from 0 to 524288000
[ 2247.016900][T30348] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[ 2247.257615][T30348] usb 2-1: Using ep0 maxpacket: 32
[ 2247.264443][T30348] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 2247.272795][T30348] usb 2-1: config 0 has no interface number 0
[ 2247.280372][T30348] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2247.362284][ T8387] nvme_fabrics: missing parameter 'transport=%s'
[ 2247.371139][ T8387] nvme_fabrics: missing parameter 'nqn=%s'
[ 2247.386323][T30348] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2247.409174][T30348] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 2247.428882][T30348] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2247.483804][T30348] usb 2-1: config 0 descriptor??
[ 2248.023713][ T8399] fuse: Unknown parameter 'group_'
[ 2248.260183][T22508] usb 6-1: USB disconnect, device number 68
[ 2248.944342][ T8414] netlink: 'syz.0.11838': attribute type 10 has an invalid length.
[ 2248.983852][ T8418] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11839'.
[ 2249.055973][ T8414] team0: Port device dummy0 added
[ 2249.103719][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 2249.103735][   T30] audit: type=1326 audit(1760474365.421:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.11842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2249.174421][   T30] audit: type=1326 audit(1760474365.461:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.11842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2249.217981][   T30] audit: type=1326 audit(1760474365.521:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.11842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2249.250118][ T8420] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11842'.
[ 2249.275189][   T30] audit: type=1326 audit(1760474365.521:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.11842" exe="/root/syz-executor" sig=0 arch=40000003 syscall=94 compat=1 ip=0x200000000006 code=0x7ffc0000
[ 2249.350917][   T30] audit: type=1326 audit(1760474365.521:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.11842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2249.455322][ T8427] FAULT_INJECTION: forcing a failure.
[ 2249.455322][ T8427] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2249.468747][ T8427] CPU: 0 UID: 0 PID: 8427 Comm: syz.4.11844 Not tainted syzkaller #0 PREEMPT(full) 
[ 2249.468771][ T8427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2249.468784][ T8427] Call Trace:
[ 2249.468792][ T8427]  <TASK>
[ 2249.468801][ T8427]  dump_stack_lvl+0x189/0x250
[ 2249.468831][ T8427]  ? __pfx____ratelimit+0x10/0x10
[ 2249.468863][ T8427]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2249.468884][ T8427]  ? __pfx__printk+0x10/0x10
[ 2249.468917][ T8427]  should_fail_ex+0x414/0x560
[ 2249.468954][ T8427]  _copy_to_user+0x31/0xb0
[ 2249.468983][ T8427]  simple_read_from_buffer+0xe1/0x170
[ 2249.469013][ T8427]  proc_fail_nth_read+0x1b3/0x220
[ 2249.469047][ T8427]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2249.469082][ T8427]  ? rw_verify_area+0x2a6/0x4d0
[ 2249.469102][ T8427]  ? __lock_acquire+0xab9/0xd20
[ 2249.469126][ T8427]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2249.469165][ T8427]  vfs_read+0x200/0xa30
[ 2249.469185][ T8427]  ? fdget_pos+0x247/0x320
[ 2249.469215][ T8427]  ? __pfx___mutex_lock+0x10/0x10
[ 2249.469237][ T8427]  ? __pfx_vfs_read+0x10/0x10
[ 2249.469260][ T8427]  ? __fget_files+0x2a/0x420
[ 2249.469289][ T8427]  ? __fget_files+0x3a0/0x420
[ 2249.469313][ T8427]  ? __fget_files+0x2a/0x420
[ 2249.469347][ T8427]  ksys_read+0x145/0x250
[ 2249.469371][ T8427]  ? __pfx_ksys_read+0x10/0x10
[ 2249.469397][ T8427]  ? do_syscall_64+0xbe/0xfa0
[ 2249.469421][ T8427]  do_syscall_64+0xfa/0xfa0
[ 2249.469440][ T8427]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2249.469460][ T8427]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2249.469481][ T8427]  ? clear_bhb_loop+0x60/0xb0
[ 2249.469506][ T8427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2249.469525][ T8427] RIP: 0033:0x7fb31038d8dc
[ 2249.469543][ T8427] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2249.469560][ T8427] RSP: 002b:00007fb311235030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2249.469581][ T8427] RAX: ffffffffffffffda RBX: 00007fb3105e5fa0 RCX: 00007fb31038d8dc
[ 2249.469597][ T8427] RDX: 000000000000000f RSI: 00007fb3112350a0 RDI: 0000000000000004
[ 2249.469610][ T8427] RBP: 00007fb311235090 R08: 0000000000000000 R09: 0000000000000000
[ 2249.469623][ T8427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2249.469634][ T8427] R13: 00007fb3105e6038 R14: 00007fb3105e5fa0 R15: 00007fb31070fa28
[ 2249.469667][ T8427]  </TASK>
[ 2249.762621][   T30] audit: type=1326 audit(1760474365.521:2616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.11842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2249.785930][   T30] audit: type=1326 audit(1760474365.541:2617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.11842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2249.816265][   T30] audit: type=1326 audit(1760474365.541:2618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.11842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2249.850056][   T30] audit: type=1326 audit(1760474365.541:2619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.11842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2249.874543][   T30] audit: type=1326 audit(1760474365.561:2620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8419 comm="syz.4.11842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fb31038eec9 code=0x7ffc0000
[ 2250.300344][ T8440] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2250.340034][ T8440] syzkaller0: entered promiscuous mode
[ 2250.345515][ T8440] syzkaller0: entered allmulticast mode
[ 2250.386009][ T8440] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 2250.465965][ T8431] nvme_fabrics: missing parameter 'transport=%s'
[ 2250.480713][ T8431] nvme_fabrics: missing parameter 'nqn=%s'
[ 2250.551539][ T8447] loop6: detected capacity change from 0 to 524288000
[ 2250.951676][ T8438] tipc: Resetting bearer <eth:syzkaller0>
[ 2250.980263][ T8438] tipc: Disabling bearer <eth:syzkaller0>
[ 2251.803578][ T8459] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11851'.
[ 2251.889091][ T8430] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2251.918191][ T8458] nvme_fabrics: missing parameter 'transport=%s'
[ 2251.924691][ T8458] nvme_fabrics: missing parameter 'nqn=%s'
[ 2251.986446][T30348] uclogic 0003:28BD:0094.0040: failed retrieving string descriptor #100: -71
[ 2251.996167][T30348] uclogic 0003:28BD:0094.0040: failed retrieving pen parameters: -71
[ 2252.004343][T30348] uclogic 0003:28BD:0094.0040: pen probing failed: -71
[ 2252.011540][T30348] uclogic 0003:28BD:0094.0040: failed probing parameters: -71
[ 2252.019289][T30348] uclogic 0003:28BD:0094.0040: probe with driver uclogic failed with error -71
[ 2252.031133][T30348] usb 2-1: USB disconnect, device number 88
[ 2252.473005][ T8459] team0 (unregistering): Port device team_slave_0 removed
[ 2252.486631][ T8459] team0 (unregistering): Port device team_slave_1 removed
[ 2252.494976][ T8476] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11856'.
[ 2252.504979][ T8459] team0 (unregistering): Port device bond0 removed
[ 2252.548521][ T8475] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2252.686057][ T8483] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11858'.
[ 2252.872304][ T5919] tipc: Disabling bearer <eth:syzkaller0>
[ 2252.946863][ T8493] netlink: 24 bytes leftover after parsing attributes in process `syz.5.11859'.
[ 2252.963755][ T8495] FAULT_INJECTION: forcing a failure.
[ 2252.963755][ T8495] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2252.987057][ T8495] CPU: 0 UID: 0 PID: 8495 Comm: syz.2.11862 Not tainted syzkaller #0 PREEMPT(full) 
[ 2252.987074][ T8495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2252.987083][ T8495] Call Trace:
[ 2252.987088][ T8495]  <TASK>
[ 2252.987094][ T8495]  dump_stack_lvl+0x189/0x250
[ 2252.987114][ T8495]  ? __pfx____ratelimit+0x10/0x10
[ 2252.987135][ T8495]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2252.987159][ T8495]  ? __pfx__printk+0x10/0x10
[ 2252.987178][ T8495]  ? __might_fault+0xb0/0x130
[ 2252.987208][ T8495]  should_fail_ex+0x414/0x560
[ 2252.987243][ T8495]  _copy_from_iter+0x1de/0x1790
[ 2252.987274][ T8495]  ? __pfx__copy_from_iter+0x10/0x10
[ 2252.987294][ T8495]  ? bio_add_page+0x4da/0x9b0
[ 2252.987314][ T8495]  ? page_copy_sane+0x4e/0x280
[ 2252.987331][ T8495]  copy_page_from_iter+0xdd/0x170
[ 2252.987350][ T8495]  blk_rq_map_user_iov+0xee9/0x1a10
[ 2252.987378][ T8495]  ? __pfx_blk_rq_map_user_iov+0x10/0x10
[ 2252.987392][ T8495]  ? sg_write+0xacd/0xea0
[ 2252.987406][ T8495]  ? ksys_write+0x145/0x250
[ 2252.987419][ T8495]  ? do_syscall_64+0xfa/0xfa0
[ 2252.987431][ T8495]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2252.987452][ T8495]  ? import_ubuf+0xfb/0x1d0
[ 2252.987471][ T8495]  blk_rq_map_user_io+0x252/0x3a0
[ 2252.987489][ T8495]  ? __pfx_blk_rq_map_user_io+0x10/0x10
[ 2252.987510][ T8495]  ? sg_common_write+0xb85/0x13d0
[ 2252.987529][ T8495]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 2252.987544][ T8495]  ? set_page_refcounted+0xa0/0x1e0
[ 2252.987563][ T8495]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2252.987578][ T8495]  ? sg_build_indirect+0x5f8/0x850
[ 2252.987607][ T8495]  sg_common_write+0xcd8/0x13d0
[ 2252.987633][ T8495]  ? __pfx_sg_common_write+0x10/0x10
[ 2252.987657][ T8495]  sg_write+0xacd/0xea0
[ 2252.987677][ T8495]  ? __pfx_sg_write+0x10/0x10
[ 2252.987694][ T8495]  ? __pfx_aa_file_perm+0x10/0x10
[ 2252.987729][ T8495]  ? bpf_lsm_file_permission+0x9/0x20
[ 2252.987747][ T8495]  ? security_file_permission+0x75/0x290
[ 2252.987767][ T8495]  ? rw_verify_area+0x255/0x4d0
[ 2252.987779][ T8495]  ? __lock_acquire+0xab9/0xd20
[ 2252.987795][ T8495]  ? __pfx_sg_write+0x10/0x10
[ 2252.987810][ T8495]  vfs_write+0x27e/0xb30
[ 2252.987829][ T8495]  ? __pfx_vfs_write+0x10/0x10
[ 2252.987845][ T8495]  ? __fget_files+0x2a/0x420
[ 2252.987863][ T8495]  ? __fget_files+0x2a/0x420
[ 2252.987878][ T8495]  ? __fget_files+0x3a0/0x420
[ 2252.987893][ T8495]  ? __fget_files+0x2a/0x420
[ 2252.987914][ T8495]  ksys_write+0x145/0x250
[ 2252.987930][ T8495]  ? __pfx_ksys_write+0x10/0x10
[ 2252.987946][ T8495]  ? do_syscall_64+0xbe/0xfa0
[ 2252.987961][ T8495]  do_syscall_64+0xfa/0xfa0
[ 2252.987972][ T8495]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2252.987985][ T8495]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2252.987998][ T8495]  ? clear_bhb_loop+0x60/0xb0
[ 2252.988014][ T8495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2252.988026][ T8495] RIP: 0033:0x7f68e6f8eec9
[ 2252.988038][ T8495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2252.988050][ T8495] RSP: 002b:00007f68e7ea2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2252.988063][ T8495] RAX: ffffffffffffffda RBX: 00007f68e71e5fa0 RCX: 00007f68e6f8eec9
[ 2252.988073][ T8495] RDX: 00000000000000c4 RSI: 0000200000000b00 RDI: 0000000000000004
[ 2252.988082][ T8495] RBP: 00007f68e7ea2090 R08: 0000000000000000 R09: 0000000000000000
[ 2252.988090][ T8495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2252.988098][ T8495] R13: 00007f68e71e6038 R14: 00007f68e71e5fa0 R15: 00007f68e730fa28
[ 2252.988118][ T8495]  </TASK>
[ 2253.615294][ T2152] tipc: Node number set to 4227923968
[ 2253.769565][ T8501] loop6: detected capacity change from 0 to 524288000
[ 2254.216821][   T30] kauditd_printk_skb: 58 callbacks suppressed
[ 2254.216839][   T30] audit: type=1326 audit(1760474370.531:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.11860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc33918eec9 code=0x7ffc0000
[ 2254.246517][   T30] audit: type=1326 audit(1760474370.531:2680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.11860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc33918eec9 code=0x7ffc0000
[ 2254.272841][ T8498] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2254.307255][   T30] audit: type=1326 audit(1760474370.531:2681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.11860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc33918eec9 code=0x7ffc0000
[ 2254.330371][   T30] audit: type=1326 audit(1760474370.531:2682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.11860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc33918eec9 code=0x7ffc0000
[ 2254.366771][   T30] audit: type=1326 audit(1760474370.531:2683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.11860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc33918eec9 code=0x7ffc0000
[ 2254.412269][   T30] audit: type=1326 audit(1760474370.531:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.11860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc33918eec9 code=0x7ffc0000
[ 2254.435132][   T30] audit: type=1326 audit(1760474370.531:2685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.11860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc33918eec9 code=0x7ffc0000
[ 2254.458165][   T30] audit: type=1326 audit(1760474370.531:2686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.11860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc33918eec9 code=0x7ffc0000
[ 2254.511656][   T30] audit: type=1326 audit(1760474370.531:2687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.11860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc33918eec9 code=0x7ffc0000
[ 2254.535452][   T30] audit: type=1326 audit(1760474370.531:2688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8484 comm="syz.1.11860" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc33918eec9 code=0x7ffc0000
[ 2254.559621][ T5919] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[ 2254.740114][ T5919] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[ 2254.762269][ T5919] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 4.40
[ 2254.779614][ T5919] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2254.797323][ T5919] usb 2-1: Product: syz
[ 2254.805354][ T5919] usb 2-1: Manufacturer: syz
[ 2254.810827][ T5919] usb 2-1: SerialNumber: syz
[ 2254.873026][ T8522] fuse: Unknown parameter 'group_'
[ 2255.177444][ T5919] usb 3-1: new low-speed USB device number 96 using dummy_hcd
[ 2255.353257][ T5919] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 2255.363595][ T5919] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 2255.371848][ T5919] usb 3-1: can't read configurations, error -71
[ 2256.116421][T30348] usb 2-1: USB disconnect, device number 89
[ 2256.622313][ T8537] netlink: 60 bytes leftover after parsing attributes in process `syz.2.11871'.
[ 2256.807672][ T5919] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[ 2256.977270][ T5919] usb 2-1: Using ep0 maxpacket: 32
[ 2257.003168][ T5919] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[ 2257.043187][ T5919] usb 2-1: config 0 has no interface number 0
[ 2257.061586][ T5919] usb 2-1: config 0 interface 184 has no altsetting 0
[ 2257.079328][ T5919] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 2257.089639][ T5919] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2257.108671][ T5919] usb 2-1: Product: syz
[ 2257.118788][ T5919] usb 2-1: Manufacturer: syz
[ 2257.157287][ T5919] usb 2-1: SerialNumber: syz
[ 2257.169489][ T5919] usb 2-1: config 0 descriptor??
[ 2257.177803][ T5919] smsc75xx v1.0.0
[ 2257.627021][ T8554] FAULT_INJECTION: forcing a failure.
[ 2257.627021][ T8554] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2257.642812][ T8554] CPU: 0 UID: 0 PID: 8554 Comm: syz.2.11877 Not tainted syzkaller #0 PREEMPT(full) 
[ 2257.642838][ T8554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2257.642852][ T8554] Call Trace:
[ 2257.642862][ T8554]  <TASK>
[ 2257.642872][ T8554]  dump_stack_lvl+0x189/0x250
[ 2257.642898][ T8554]  ? __pfx____ratelimit+0x10/0x10
[ 2257.642930][ T8554]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2257.642945][ T8554]  ? __pfx__printk+0x10/0x10
[ 2257.642967][ T8554]  should_fail_ex+0x414/0x560
[ 2257.643000][ T8554]  _copy_to_user+0x31/0xb0
[ 2257.643040][ T8554]  simple_read_from_buffer+0xe1/0x170
[ 2257.643066][ T8554]  proc_fail_nth_read+0x1b3/0x220
[ 2257.643097][ T8554]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2257.643120][ T8554]  ? rw_verify_area+0x2a6/0x4d0
[ 2257.643133][ T8554]  ? __lock_acquire+0xab9/0xd20
[ 2257.643150][ T8554]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2257.643183][ T8554]  vfs_read+0x200/0xa30
[ 2257.643202][ T8554]  ? fdget_pos+0x247/0x320
[ 2257.643228][ T8554]  ? __pfx___mutex_lock+0x10/0x10
[ 2257.643248][ T8554]  ? __pfx_vfs_read+0x10/0x10
[ 2257.643263][ T8554]  ? __fget_files+0x2a/0x420
[ 2257.643282][ T8554]  ? __fget_files+0x3a0/0x420
[ 2257.643297][ T8554]  ? __fget_files+0x2a/0x420
[ 2257.643332][ T8554]  ksys_read+0x145/0x250
[ 2257.643351][ T8554]  ? __fget_files+0x2a/0x420
[ 2257.643374][ T8554]  ? __pfx_ksys_read+0x10/0x10
[ 2257.643395][ T8554]  ? do_syscall_64+0xbe/0xfa0
[ 2257.643411][ T8554]  do_syscall_64+0xfa/0xfa0
[ 2257.643423][ T8554]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2257.643441][ T8554]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2257.643460][ T8554]  ? clear_bhb_loop+0x60/0xb0
[ 2257.643485][ T8554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2257.643503][ T8554] RIP: 0033:0x7f68e6f8d8dc
[ 2257.643519][ T8554] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2257.643536][ T8554] RSP: 002b:00007f68e7ea2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2257.643551][ T8554] RAX: ffffffffffffffda RBX: 00007f68e71e5fa0 RCX: 00007f68e6f8d8dc
[ 2257.643561][ T8554] RDX: 000000000000000f RSI: 00007f68e7ea20a0 RDI: 0000000000000004
[ 2257.643569][ T8554] RBP: 00007f68e7ea2090 R08: 0000000000000000 R09: 0000000000000000
[ 2257.643578][ T8554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2257.643585][ T8554] R13: 00007f68e71e6038 R14: 00007f68e71e5fa0 R15: 00007f68e730fa28
[ 2257.643614][ T8554]  </TASK>
[ 2258.448725][ T8564] netlink: 36 bytes leftover after parsing attributes in process `syz.2.11878'.
[ 2258.546066][ T8569] random: crng reseeded on system resumption
[ 2259.023226][ T5962] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 2259.300954][ T5962] usb 5-1: config 1 has an invalid interface number: 7 but max is 0
[ 2259.310028][ T5962] usb 5-1: config 1 has no interface number 0
[ 2259.317288][ T5962] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1023
[ 2259.338586][ T5962] usb 5-1: config 1 interface 7 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2259.428200][ T5962] usb 5-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 2259.447913][ T5962] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2259.487656][ T5919] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 2259.518862][ T5962] usb 5-1: Product: syz
[ 2259.542799][ T5962] usb 5-1: Manufacturer: syz
[ 2259.554260][ T5919] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 2259.566651][ T5962] usb 5-1: SerialNumber: syz
[ 2259.648728][ T8574] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 2259.681355][ T5919] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[ 2259.710842][ T5919] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[ 2259.751726][ T5962] usb 5-1: Expected 3 endpoints, found: 2
[ 2259.778222][ T5919] usb 2-1: USB disconnect, device number 90
[ 2260.399528][ T8597] netlink: 132 bytes leftover after parsing attributes in process `syz.5.11887'.
[ 2260.477559][ T8599] program syz.2.11888 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2260.860148][ T8608] FAULT_INJECTION: forcing a failure.
[ 2260.860148][ T8608] name failslab, interval 1, probability 0, space 0, times 0
[ 2260.894470][ T8608] CPU: 1 UID: 0 PID: 8608 Comm: syz.0.11892 Not tainted syzkaller #0 PREEMPT(full) 
[ 2260.894501][ T8608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2260.894516][ T8608] Call Trace:
[ 2260.894529][ T8608]  <TASK>
[ 2260.894540][ T8608]  dump_stack_lvl+0x189/0x250
[ 2260.894580][ T8608]  ? __pfx____ratelimit+0x10/0x10
[ 2260.894622][ T8608]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2260.894654][ T8608]  ? __pfx__printk+0x10/0x10
[ 2260.894690][ T8608]  ? __pfx___might_resched+0x10/0x10
[ 2260.894750][ T8608]  should_fail_ex+0x414/0x560
[ 2260.894799][ T8608]  should_failslab+0xa8/0x100
[ 2260.894841][ T8608]  kmem_cache_alloc_node_noprof+0x77/0x710
[ 2260.894870][ T8608]  ? __alloc_skb+0x112/0x2d0
[ 2260.894927][ T8608]  __alloc_skb+0x112/0x2d0
[ 2260.894991][ T8608]  netlink_ack+0x146/0xa50
[ 2260.895026][ T8608]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2260.895060][ T8608]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 2260.895097][ T8608]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 2260.895144][ T8608]  ? __asan_memcpy+0x40/0x70
[ 2260.895168][ T8608]  ? __pfx_ref_tracker_free+0x10/0x10
[ 2260.895212][ T8608]  netlink_rcv_skb+0x28c/0x470
[ 2260.895251][ T8608]  ? __lock_acquire+0xab9/0xd20
[ 2260.895290][ T8608]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2260.895324][ T8608]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2260.895382][ T8608]  ? down_read+0x1ad/0x2e0
[ 2260.895419][ T8608]  genl_rcv+0x28/0x40
[ 2260.895451][ T8608]  netlink_unicast+0x82f/0x9e0
[ 2260.895498][ T8608]  ? __pfx_netlink_unicast+0x10/0x10
[ 2260.895538][ T8608]  ? netlink_sendmsg+0x642/0xb30
[ 2260.895579][ T8608]  ? skb_put+0x11b/0x210
[ 2260.895624][ T8608]  netlink_sendmsg+0x805/0xb30
[ 2260.895677][ T8608]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2260.895726][ T8608]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 2260.895760][ T8608]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2260.895799][ T8608]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2260.895840][ T8608]  __sock_sendmsg+0x21c/0x270
[ 2260.895880][ T8608]  ____sys_sendmsg+0x505/0x830
[ 2260.895939][ T8608]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2260.895998][ T8608]  ? import_iovec+0x74/0xa0
[ 2260.896040][ T8608]  ___sys_sendmsg+0x21f/0x2a0
[ 2260.896073][ T8608]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2260.896147][ T8608]  ? __fget_files+0x2a/0x420
[ 2260.896191][ T8608]  ? __fget_files+0x3a0/0x420
[ 2260.896240][ T8608]  __x64_sys_sendmsg+0x19b/0x260
[ 2260.896271][ T8608]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2260.896312][ T8608]  ? __pfx_ksys_write+0x10/0x10
[ 2260.896357][ T8608]  ? do_syscall_64+0xbe/0xfa0
[ 2260.896389][ T8608]  do_syscall_64+0xfa/0xfa0
[ 2260.896414][ T8608]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2260.896442][ T8608]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2260.896468][ T8608]  ? clear_bhb_loop+0x60/0xb0
[ 2260.896500][ T8608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2260.896525][ T8608] RIP: 0033:0x7fd52af8eec9
[ 2260.896550][ T8608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2260.896572][ T8608] RSP: 002b:00007fd52bf0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2260.896600][ T8608] RAX: ffffffffffffffda RBX: 00007fd52b1e5fa0 RCX: 00007fd52af8eec9
[ 2260.896621][ T8608] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[ 2260.896637][ T8608] RBP: 00007fd52bf0b090 R08: 0000000000000000 R09: 0000000000000000
[ 2260.896655][ T8608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2260.896670][ T8608] R13: 00007fd52b1e6038 R14: 00007fd52b1e5fa0 R15: 00007fd52b30fa28
[ 2260.896713][ T8608]  </TASK>
[ 2262.027268][T30348] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[ 2262.194149][T30348] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 2262.227045][T30348] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2262.263508][T30348] usb 2-1: Product: syz
[ 2262.280829][T30348] usb 2-1: Manufacturer: syz
[ 2262.285454][T30348] usb 2-1: SerialNumber: syz
[ 2262.343786][T30348] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 2262.383262][T32590] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 2262.602820][ T8622] fuse: Unknown parameter '0x0000000000000008'
[ 2262.609454][ T8602] Bluetooth: hci2: command 0x040f tx timeout
[ 2262.963768][T30348] usb 5-1: USB disconnect, device number 11
[ 2263.323651][ T8631] netlink: 1 bytes leftover after parsing attributes in process `syz.5.11896'.
[ 2263.351002][ T8631] xt_policy: neither incoming nor outgoing policy selected
[ 2263.380500][ T8634] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11896'.
[ 2263.438246][ T8629] netlink: 60 bytes leftover after parsing attributes in process `syz.4.11897'.
[ 2263.499339][T32590] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[ 2263.515803][T32590] ath9k_htc: Failed to initialize the device
[ 2263.576334][T32590] usb 2-1: ath9k_htc: USB layer deinitialized
[ 2264.702104][ T8602] Bluetooth: hci2: command 0x040f tx timeout
[ 2264.986982][ T8657] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11904'.
[ 2265.380467][ T8660] nvme_fabrics: missing parameter 'transport=%s'
[ 2265.399638][ T8660] nvme_fabrics: missing parameter 'nqn=%s'
[ 2265.500647][T32590] usb 2-1: USB disconnect, device number 91
[ 2265.636293][ T8671] FAULT_INJECTION: forcing a failure.
[ 2265.636293][ T8671] name failslab, interval 1, probability 0, space 0, times 0
[ 2265.650259][ T8671] CPU: 1 UID: 0 PID: 8671 Comm: syz.0.11908 Not tainted syzkaller #0 PREEMPT(full) 
[ 2265.650299][ T8671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2265.650307][ T8671] Call Trace:
[ 2265.650314][ T8671]  <TASK>
[ 2265.650320][ T8671]  dump_stack_lvl+0x189/0x250
[ 2265.650339][ T8671]  ? __pfx____ratelimit+0x10/0x10
[ 2265.650362][ T8671]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2265.650376][ T8671]  ? __pfx__printk+0x10/0x10
[ 2265.650394][ T8671]  ? __pfx___might_resched+0x10/0x10
[ 2265.650416][ T8671]  should_fail_ex+0x414/0x560
[ 2265.650442][ T8671]  should_failslab+0xa8/0x100
[ 2265.650461][ T8671]  kmem_cache_alloc_node_noprof+0x77/0x710
[ 2265.650476][ T8671]  ? __alloc_skb+0x112/0x2d0
[ 2265.650506][ T8671]  __alloc_skb+0x112/0x2d0
[ 2265.650528][ T8671]  netlink_ack+0x146/0xa50
[ 2265.650546][ T8671]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2265.650560][ T8671]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 2265.650579][ T8671]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 2265.650599][ T8671]  ? __asan_memcpy+0x40/0x70
[ 2265.650611][ T8671]  ? __pfx_ref_tracker_free+0x10/0x10
[ 2265.650631][ T8671]  netlink_rcv_skb+0x28c/0x470
[ 2265.650649][ T8671]  ? __lock_acquire+0xab9/0xd20
[ 2265.650668][ T8671]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2265.650684][ T8671]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2265.650716][ T8671]  ? down_read+0x1ad/0x2e0
[ 2265.650733][ T8671]  genl_rcv+0x28/0x40
[ 2265.650747][ T8671]  netlink_unicast+0x82f/0x9e0
[ 2265.650770][ T8671]  ? __pfx_netlink_unicast+0x10/0x10
[ 2265.650789][ T8671]  ? netlink_sendmsg+0x642/0xb30
[ 2265.650808][ T8671]  ? skb_put+0x11b/0x210
[ 2265.650830][ T8671]  netlink_sendmsg+0x805/0xb30
[ 2265.650857][ T8671]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2265.650882][ T8671]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 2265.650900][ T8671]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2265.650937][ T8671]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2265.650961][ T8671]  __sock_sendmsg+0x21c/0x270
[ 2265.650981][ T8671]  ____sys_sendmsg+0x505/0x830
[ 2265.651010][ T8671]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2265.651041][ T8671]  ? import_iovec+0x74/0xa0
[ 2265.651064][ T8671]  ___sys_sendmsg+0x21f/0x2a0
[ 2265.651081][ T8671]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2265.651122][ T8671]  ? __fget_files+0x2a/0x420
[ 2265.651141][ T8671]  ? __fget_files+0x3a0/0x420
[ 2265.651168][ T8671]  __x64_sys_sendmsg+0x19b/0x260
[ 2265.651184][ T8671]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2265.651206][ T8671]  ? __pfx_ksys_write+0x10/0x10
[ 2265.651226][ T8671]  ? do_syscall_64+0xbe/0xfa0
[ 2265.651244][ T8671]  do_syscall_64+0xfa/0xfa0
[ 2265.651258][ T8671]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2265.651273][ T8671]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2265.651288][ T8671]  ? clear_bhb_loop+0x60/0xb0
[ 2265.651311][ T8671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2265.651326][ T8671] RIP: 0033:0x7fd52af8eec9
[ 2265.651340][ T8671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2265.651355][ T8671] RSP: 002b:00007fd52bf0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2265.651371][ T8671] RAX: ffffffffffffffda RBX: 00007fd52b1e5fa0 RCX: 00007fd52af8eec9
[ 2265.651383][ T8671] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[ 2265.651394][ T8671] RBP: 00007fd52bf0b090 R08: 0000000000000000 R09: 0000000000000000
[ 2265.651403][ T8671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2265.651412][ T8671] R13: 00007fd52b1e6038 R14: 00007fd52b1e5fa0 R15: 00007fd52b30fa28
[ 2265.651436][ T8671]  </TASK>
[ 2266.167223][ T5919] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 2266.367286][T22508] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[ 2266.377424][ T5919] usb 5-1: Using ep0 maxpacket: 32
[ 2266.390707][ T5919] usb 5-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 2266.400482][ T5919] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2266.417213][ T5919] usb 5-1: Product: syz
[ 2266.430124][ T5919] usb 5-1: Manufacturer: syz
[ 2266.445010][ T5919] usb 5-1: SerialNumber: syz
[ 2266.457039][ T5919] usb 5-1: config 0 descriptor??
[ 2266.468259][ T8690] fuse: Unknown parameter 'group_'
[ 2266.482742][ T8695] loop6: detected capacity change from 0 to 524288000
[ 2266.503432][ T5919] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 2266.531750][ T8696] netlink: 76 bytes leftover after parsing attributes in process `syz.5.11916'.
[ 2266.602131][T22508] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[ 2266.626952][T22508] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 2266.670708][T22508] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 2266.723074][T22508] usb 3-1: config 220 has no interface number 2
[ 2266.744891][T22508] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 2266.783875][T22508] usb 3-1: config 220 interface 0 has no altsetting 0
[ 2266.800195][T22508] usb 3-1: config 220 interface 76 has no altsetting 0
[ 2266.815752][T22508] usb 3-1: config 220 interface 1 has no altsetting 0
[ 2266.835484][T22508] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 2266.857381][T22508] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2266.881661][T22508] usb 3-1: Product: syz
[ 2266.906073][T22508] usb 3-1: Manufacturer: syz
[ 2266.919597][T22508] usb 3-1: SerialNumber: syz
[ 2266.999574][ T8667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2267.055069][ T8667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2267.073241][ T8701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2267.157412][ T5919] gspca_ov534_9: reg_w failed -110
[ 2267.170046][ T8701] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2267.234470][ T8675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2267.412796][ T8675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2267.426713][ T8675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2267.436850][ T8675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2267.458160][T22508] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 2267.535882][T22508] uvcvideo 3-1:220.0: No valid video chain found.
[ 2267.603463][ T5919] gspca_ov534_9: Unknown sensor 0000
[ 2267.603537][ T5919] ov534_9 5-1:0.0: probe with driver ov534_9 failed with error -22
[ 2267.624771][T22508] usb 3-1: selecting invalid altsetting 0
[ 2267.737085][T22508] usb 3-1: selecting invalid altsetting 0
[ 2267.752155][T22508] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[ 2267.780017][T22508] usb 3-1: USB disconnect, device number 98
[ 2267.937970][ T5919] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[ 2268.037180][ T5962] usb 5-1: USB disconnect, device number 12
[ 2268.091365][ T8715] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11921'.
[ 2268.100841][ T5919] usb 2-1: Using ep0 maxpacket: 16
[ 2268.108629][ T5919] usb 2-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 2268.139903][ T8714] binder: 8711:8714 unknown command 0
[ 2268.145569][ T5919] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 32
[ 2268.156213][ T8714] binder: 8711:8714 ioctl c0306201 200000000300 returned -22
[ 2268.166083][ T5919] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 2268.169643][ T8717] netlink: 40 bytes leftover after parsing attributes in process `syz.4.11921'.
[ 2268.188660][ T5919] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2268.198922][ T5919] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 2268.211842][ T5919] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[ 2268.232397][ T5919] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2268.241815][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 2268.249986][ T5919] usb 2-1: SerialNumber: syz
[ 2268.265397][ T8706] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 2268.272816][ T8706] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 2268.827366][ T5919] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[ 2269.017215][ T5919] usb 3-1: Using ep0 maxpacket: 32
[ 2269.031745][ T5919] usb 3-1: config 0 has an invalid interface number: 132 but max is 0
[ 2269.040487][ T5919] usb 3-1: config 0 has no interface number 0
[ 2269.046599][ T5919] usb 3-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2269.061883][ T5919] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 2269.099792][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2269.134921][ T5919] usb 3-1: Product: syz
[ 2269.148771][ T5919] usb 3-1: Manufacturer: syz
[ 2269.164486][ T5919] usb 3-1: SerialNumber: syz
[ 2269.183822][ T5919] usb 3-1: config 0 descriptor??
[ 2269.196453][ T5919] em28xx 3-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 2269.206328][ T5919] em28xx 3-1:0.132: Video interface 132 found:
[ 2269.275332][ T8741] hsr0: entered promiscuous mode
[ 2269.282569][ T8741] macsec1: entered allmulticast mode
[ 2269.287933][ T8741] hsr0: entered allmulticast mode
[ 2269.294120][ T8741] hsr_slave_0: entered allmulticast mode
[ 2269.301869][ T8741] hsr_slave_1: entered allmulticast mode
[ 2269.317106][   T30] kauditd_printk_skb: 6 callbacks suppressed
[ 2269.317121][   T30] audit: type=1326 audit(1760474385.631:2695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.11928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52af8eec9 code=0x7ffc0000
[ 2269.347243][T22508] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 2269.390119][   T30] audit: type=1326 audit(1760474385.661:2696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.11928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52af8eec9 code=0x7ffc0000
[ 2269.423365][   T30] audit: type=1326 audit(1760474385.661:2697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.11928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd52af8eec9 code=0x7ffc0000
[ 2269.458886][   T30] audit: type=1326 audit(1760474385.661:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.11928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52af8eec9 code=0x7ffc0000
[ 2269.506752][   T30] audit: type=1326 audit(1760474385.661:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.11928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52af8eec9 code=0x7ffc0000
[ 2269.527399][T22508] usb 5-1: Using ep0 maxpacket: 16
[ 2269.536382][T22508] usb 5-1: config 0 has an invalid interface number: 41 but max is 0
[ 2269.545709][T22508] usb 5-1: config 0 has no interface number 0
[ 2269.554792][   T30] audit: type=1326 audit(1760474385.661:2700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.11928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd52af8eec9 code=0x7ffc0000
[ 2269.577162][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2269.584223][T22508] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 2269.597346][T22508] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 2269.609335][T22508] usb 5-1: config 0 interface 41 has no altsetting 0
[ 2269.618695][   T30] audit: type=1326 audit(1760474385.661:2701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.11928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52af8eec9 code=0x7ffc0000
[ 2269.648627][T22508] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 2269.655014][ T5919] em28xx 3-1:0.132: unknown em28xx chip ID (0)
[ 2269.657988][T22508] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2269.674972][   T30] audit: type=1326 audit(1760474385.661:2702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.11928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd52af8eec9 code=0x7ffc0000
[ 2269.697367][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2269.704449][T22508] usb 5-1: Product: syz
[ 2269.708953][T22508] usb 5-1: Manufacturer: syz
[ 2269.724843][T22508] usb 5-1: SerialNumber: syz
[ 2269.747940][T22508] usb 5-1: config 0 descriptor??
[ 2269.757914][ T8739] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 2269.773544][   T30] audit: type=1326 audit(1760474385.671:2703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.11928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd52af90de7 code=0x7ffc0000
[ 2269.795538][ T8739] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 2269.796073][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2269.826433][ T8745] netlink: 96 bytes leftover after parsing attributes in process `syz.0.11929'.
[ 2269.876075][   T30] audit: type=1326 audit(1760474385.671:2704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz.0.11928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fd52af90d5c code=0x7ffc0000
[ 2269.898774][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2269.939822][ T8744] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2270.076625][ T5919] em28xx 3-1:0.132: reading from i2c device at 0xa0 failed: couldn't get the received message from the bridge (error=-5)
[ 2270.089814][ T5919] em28xx 3-1:0.132: board has no eeprom
[ 2270.101938][ T8739] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 2270.109764][ T8739] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 2270.167225][ T5919] em28xx 3-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 2270.178561][ T5919] em28xx 3-1:0.132: analog set to bulk mode.
[ 2270.186297][ T5962] em28xx 3-1:0.132: Registering V4L2 extension
[ 2270.346990][ T5962] em28xx 3-1:0.132: failed to trigger read from i2c address 0x4a (error=-5)
[ 2270.347488][T32590] usb 3-1: USB disconnect, device number 99
[ 2270.358903][ T5962] em28xx 3-1:0.132: failed to trigger read from i2c address 0x48 (error=-19)
[ 2270.372205][T32590] em28xx 3-1:0.132: Disconnecting em28xx
[ 2270.576557][T22508] CoreChips 5-1:0.41: probe with driver CoreChips failed with error -32
[ 2270.586281][ T5962] em28xx 3-1:0.132: Config register raw data: 0xffffffed
[ 2270.598304][ T5962] em28xx 3-1:0.132: AC97 chip type couldn't be determined
[ 2270.605448][ T5962] em28xx 3-1:0.132: No AC97 audio processor
[ 2270.628331][ T5962] usb 3-1: Decoder not found
[ 2270.632979][ T5962] em28xx 3-1:0.132: failed to create media graph
[ 2270.653550][ T5962] em28xx 3-1:0.132: V4L2 device video103 deregistered
[ 2270.682943][ T5962] em28xx 3-1:0.132: Remote control support is not available for this card.
[ 2270.696999][T32590] em28xx 3-1:0.132: Closing input extension
[ 2270.736139][T32590] em28xx 3-1:0.132: Freeing device
[ 2270.802528][ T5962] usb 2-1: USB disconnect, device number 92
[ 2270.929785][ T8763] netlink: 324 bytes leftover after parsing attributes in process `syz.1.11932'.
[ 2270.993923][ T8763] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11932'.
[ 2271.005117][ T8763] netlink: 56 bytes leftover after parsing attributes in process `syz.1.11932'.
[ 2271.017344][ T8763] netlink: 344 bytes leftover after parsing attributes in process `syz.1.11932'.
[ 2271.186449][ T8778] netlink: 'syz.0.11938': attribute type 2 has an invalid length.
[ 2271.438086][ T8775] fuse: Unknown parameter 'mGN‡8o«ad'
[ 2271.507256][T32590] usb 6-1: new high-speed USB device number 69 using dummy_hcd
[ 2271.667241][T32590] usb 6-1: device descriptor read/64, error -71
[ 2271.907266][T32590] usb 6-1: new high-speed USB device number 70 using dummy_hcd
[ 2271.957537][ T8789] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2272.078642][T32590] usb 6-1: device descriptor read/64, error -71
[ 2272.187712][T32590] usb usb6-port1: attempt power cycle
[ 2272.516436][ T5962] usb 5-1: USB disconnect, device number 13
[ 2272.553927][ T8793] netlink: 108 bytes leftover after parsing attributes in process `syz.1.11942'.
[ 2272.570645][T32590] usb 6-1: new high-speed USB device number 71 using dummy_hcd
[ 2272.610333][ T8797] FAULT_INJECTION: forcing a failure.
[ 2272.610333][ T8797] name failslab, interval 1, probability 0, space 0, times 0
[ 2272.624134][ T8797] CPU: 0 UID: 0 PID: 8797 Comm: syz.4.11944 Not tainted syzkaller #0 PREEMPT(full) 
[ 2272.624162][ T8797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2272.624176][ T8797] Call Trace:
[ 2272.624186][ T8797]  <TASK>
[ 2272.624195][ T8797]  dump_stack_lvl+0x189/0x250
[ 2272.624224][ T8797]  ? __pfx____ratelimit+0x10/0x10
[ 2272.624258][ T8797]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2272.624282][ T8797]  ? __pfx__printk+0x10/0x10
[ 2272.624309][ T8797]  ? __pfx___might_resched+0x10/0x10
[ 2272.624337][ T8797]  ? fs_reclaim_acquire+0x7d/0x100
[ 2272.624369][ T8797]  should_fail_ex+0x414/0x560
[ 2272.624407][ T8797]  should_failslab+0xa8/0x100
[ 2272.624436][ T8797]  __kmalloc_noprof+0xcb/0x7f0
[ 2272.624458][ T8797]  ? nla_strdup+0x9d/0x140
[ 2272.624481][ T8797]  ? __kmalloc_cache_noprof+0x3d5/0x6f0
[ 2272.624509][ T8797]  nla_strdup+0x9d/0x140
[ 2272.624536][ T8797]  nf_tables_newtable+0x491/0x1890
[ 2272.624590][ T8797]  nfnetlink_rcv+0x11d9/0x2590
[ 2272.624650][ T8797]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 2272.624724][ T8797]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2272.624771][ T8797]  netlink_unicast+0x82f/0x9e0
[ 2272.624805][ T8797]  ? __pfx_netlink_unicast+0x10/0x10
[ 2272.624833][ T8797]  ? netlink_sendmsg+0x642/0xb30
[ 2272.624859][ T8797]  ? skb_put+0x11b/0x210
[ 2272.624892][ T8797]  netlink_sendmsg+0x805/0xb30
[ 2272.624929][ T8797]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2272.624961][ T8797]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 2272.624986][ T8797]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2272.625014][ T8797]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2272.625046][ T8797]  __sock_sendmsg+0x21c/0x270
[ 2272.625076][ T8797]  ____sys_sendmsg+0x505/0x830
[ 2272.625113][ T8797]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2272.625160][ T8797]  ? import_iovec+0x74/0xa0
[ 2272.625191][ T8797]  ___sys_sendmsg+0x21f/0x2a0
[ 2272.625211][ T8797]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2272.625264][ T8797]  ? __fget_files+0x2a/0x420
[ 2272.625288][ T8797]  ? __fget_files+0x3a0/0x420
[ 2272.625324][ T8797]  __x64_sys_sendmsg+0x19b/0x260
[ 2272.625347][ T8797]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2272.625377][ T8797]  ? __pfx_ksys_write+0x10/0x10
[ 2272.625403][ T8797]  ? do_syscall_64+0xbe/0xfa0
[ 2272.625429][ T8797]  do_syscall_64+0xfa/0xfa0
[ 2272.625447][ T8797]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2272.625468][ T8797]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2272.625488][ T8797]  ? clear_bhb_loop+0x60/0xb0
[ 2272.625513][ T8797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2272.625534][ T8797] RIP: 0033:0x7fb31038eec9
[ 2272.625552][ T8797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2272.625571][ T8797] RSP: 002b:00007fb311235038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2272.625592][ T8797] RAX: ffffffffffffffda RBX: 00007fb3105e5fa0 RCX: 00007fb31038eec9
[ 2272.625607][ T8797] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000003
[ 2272.625620][ T8797] RBP: 00007fb311235090 R08: 0000000000000000 R09: 0000000000000000
[ 2272.625632][ T8797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2272.625644][ T8797] R13: 00007fb3105e6038 R14: 00007fb3105e5fa0 R15: 00007fb31070fa28
[ 2272.625678][ T8797]  </TASK>
[ 2272.626015][T32590] usb 6-1: device descriptor read/8, error -71
[ 2272.897278][ T5919] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[ 2273.199228][T32590] usb 6-1: new high-speed USB device number 72 using dummy_hcd
[ 2273.248528][T32590] usb 6-1: device descriptor read/8, error -71
[ 2273.336879][ T5919] usb 2-1: Using ep0 maxpacket: 16
[ 2273.363421][ T5919] usb 2-1: config 0 has an invalid descriptor of length 38, skipping remainder of the config
[ 2273.377891][T32590] usb usb6-port1: unable to enumerate USB device
[ 2273.384877][ T5919] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2273.403120][ T5919] usb 2-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[ 2273.427100][ T5919] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2273.455516][ T5919] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 2273.467482][ T5919] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 2273.567514][ T5919] usb 2-1: Manufacturer: syz
[ 2273.575512][ T5919] usb 2-1: config 0 descriptor??
[ 2273.789796][ T5919] usb 2-1: USB disconnect, device number 93
[ 2274.377840][ T8817] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11949'.
[ 2274.532988][   T30] kauditd_printk_skb: 33 callbacks suppressed
[ 2274.533005][   T30] audit: type=1326 audit(1760474390.851:2738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8822 comm="syz.4.11954" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb31038eec9 code=0x0
[ 2274.542541][ T8815] delete_channel: no stack
[ 2274.618135][ T8827] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11951'.
[ 2274.827270][ T5919] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[ 2275.008001][ T5919] usb 2-1: Using ep0 maxpacket: 32
[ 2275.025518][ T5919] usb 2-1: config 0 has an invalid interface number: 132 but max is 0
[ 2275.043613][ T5919] usb 2-1: config 0 has no interface number 0
[ 2275.058346][ T5919] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2275.081217][ T5919] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 2275.096532][ T5919] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2275.147236][T30348] usb 6-1: new high-speed USB device number 73 using dummy_hcd
[ 2275.164926][ T5919] usb 2-1: Product: syz
[ 2275.181426][ T5919] usb 2-1: Manufacturer: syz
[ 2275.207314][ T5919] usb 2-1: SerialNumber: syz
[ 2275.307514][T30348] usb 6-1: Using ep0 maxpacket: 16
[ 2275.316071][T30348] usb 6-1: too many endpoints for config 0 interface 0 altsetting 109: 65, using maximum allowed: 30
[ 2275.329609][T30348] usb 6-1: config 0 interface 0 altsetting 109 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[ 2275.347897][T30348] usb 6-1: config 0 interface 0 has no altsetting 0
[ 2275.357002][T30348] usb 6-1: New USB device found, idVendor=056a, idProduct=0057, bcdDevice= 0.00
[ 2275.370738][T30348] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2275.391838][T30348] usb 6-1: config 0 descriptor??
[ 2275.485230][ T5919] usb 2-1: config 0 descriptor??
[ 2275.501044][ T5919] em28xx 2-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 2275.535274][ T5919] em28xx 2-1:0.132: Video interface 132 found:
[ 2275.903127][ T5919] em28xx 2-1:0.132: chip ID is em2884
[ 2276.093006][T30348] usbhid 6-1:0.0: can't add hid device: -71
[ 2276.099150][T30348] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 2276.145022][T30348] usb 6-1: USB disconnect, device number 73
[ 2277.568127][ T5919] em28xx 2-1:0.132: failed to trigger write to i2c address 0xa0 (error=-5)
[ 2277.686268][ T5919] em28xx 2-1:0.132: failed to read eeprom (err=-5)
[ 2277.711490][ T5919] em28xx 2-1:0.132: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-5]
[ 2277.827238][ T5919] em28xx 2-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 2277.849894][ T5919] em28xx 2-1:0.132: analog set to bulk mode.
[ 2277.901887][ T5962] em28xx 2-1:0.132: Registering V4L2 extension
[ 2278.089435][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0x4a (error=-5)
[ 2278.127996][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0x48 (error=-5)
[ 2278.173396][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0x42 (error=-5)
[ 2278.238207][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0x40 (error=-5)
[ 2278.467828][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0x84 (error=-5)
[ 2278.505591][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0x86 (error=-5)
[ 2278.537863][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0x94 (error=-5)
[ 2278.604911][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0x96 (error=-5)
[ 2278.788193][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0xc0 (error=-5)
[ 2278.829021][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0xc2 (error=-5)
[ 2278.858230][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0xc4 (error=-5)
[ 2278.909007][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0xc6 (error=-5)
[ 2278.937547][ T5962] em28xx 2-1:0.132: failed to trigger read from i2c address 0xc8 (error=-5)
[ 2278.997263][ T5962] em28xx 2-1:0.132: Config register raw data: 0xfffffffb
[ 2279.031618][ T5962] em28xx 2-1:0.132: AC97 chip type couldn't be determined
[ 2279.057793][ T5962] em28xx 2-1:0.132: No AC97 audio processor
[ 2279.196557][ T5962] usb 2-1: Decoder not found
[ 2279.219533][ T5962] em28xx 2-1:0.132: failed to create media graph
[ 2279.322985][ T5962] em28xx 2-1:0.132: V4L2 device video103 deregistered
[ 2279.349527][ T5962] em28xx 2-1:0.132: Remote control support is not available for this card.
[ 2279.358097][ T8897] ==================================================================
[ 2279.366207][ T8897] BUG: KASAN: slab-use-after-free in v4l2_fh_open+0xac/0x420
[ 2279.373600][ T8897] Read of size 8 at addr ffff888077ac8740 by task v4l_id/8897
[ 2279.381073][ T8897] 
[ 2279.383418][ T8897] CPU: 0 UID: 0 PID: 8897 Comm: v4l_id Not tainted syzkaller #0 PREEMPT(full) 
[ 2279.383440][ T8897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2279.383454][ T8897] Call Trace:
[ 2279.383461][ T8897]  <TASK>
[ 2279.383469][ T8897]  dump_stack_lvl+0x189/0x250
[ 2279.383493][ T8897]  ? __virt_addr_valid+0x1c8/0x5c0
[ 2279.383513][ T8897]  ? rcu_is_watching+0x15/0xb0
[ 2279.383545][ T8897]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2279.383563][ T8897]  ? rcu_is_watching+0x15/0xb0
[ 2279.383589][ T8897]  ? lock_release+0x4b/0x3e0
[ 2279.383611][ T8897]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[ 2279.383640][ T8897]  ? __virt_addr_valid+0x1c8/0x5c0
[ 2279.383658][ T8897]  ? __virt_addr_valid+0x4a5/0x5c0
[ 2279.383678][ T8897]  print_report+0xca/0x240
[ 2279.383701][ T8897]  ? v4l2_fh_open+0xac/0x420
[ 2279.383717][ T8897]  kasan_report+0x118/0x150
[ 2279.383742][ T8897]  ? v4l2_fh_open+0xac/0x420
[ 2279.383762][ T8897]  v4l2_fh_open+0xac/0x420
[ 2279.383780][ T8897]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2279.383803][ T8897]  em28xx_v4l2_open+0x157/0x9a0
[ 2279.383835][ T8897]  v4l2_open+0x1bf/0x3a0
[ 2279.383857][ T8897]  chrdev_open+0x4cc/0x5e0
[ 2279.383881][ T8897]  ? __pfx_chrdev_open+0x10/0x10
[ 2279.383905][ T8897]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[ 2279.383934][ T8897]  ? __pfx_chrdev_open+0x10/0x10
[ 2279.383956][ T8897]  do_dentry_open+0x953/0x13f0
[ 2279.383989][ T8897]  vfs_open+0x3b/0x340
[ 2279.384013][ T8897]  ? path_openat+0x2ecd/0x3830
[ 2279.384031][ T8897]  path_openat+0x2ee5/0x3830
[ 2279.384064][ T8897]  ? __pfx_path_openat+0x10/0x10
[ 2279.384091][ T8897]  do_filp_open+0x1fa/0x410
[ 2279.384106][ T8897]  ? __lock_acquire+0xab9/0xd20
[ 2279.384131][ T8897]  ? __pfx_do_filp_open+0x10/0x10
[ 2279.384158][ T8897]  ? _raw_spin_unlock+0x28/0x50
[ 2279.384185][ T8897]  ? alloc_fd+0x64c/0x6c0
[ 2279.384211][ T8897]  do_sys_openat2+0x121/0x1c0
[ 2279.384239][ T8897]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2279.384267][ T8897]  ? exc_page_fault+0x82/0x100
[ 2279.384287][ T8897]  ? do_user_addr_fault+0xc85/0x1380
[ 2279.384312][ T8897]  __x64_sys_openat+0x138/0x170
[ 2279.384342][ T8897]  do_syscall_64+0xfa/0xfa0
[ 2279.384360][ T8897]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2279.384378][ T8897]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2279.384397][ T8897]  ? clear_bhb_loop+0x60/0xb0
[ 2279.384418][ T8897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2279.384436][ T8897] RIP: 0033:0x7f7c884a7407
[ 2279.384453][ T8897] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 2279.384471][ T8897] RSP: 002b:00007ffec88b1b20 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 2279.384491][ T8897] RAX: ffffffffffffffda RBX: 00007f7c88c99880 RCX: 00007f7c884a7407
[ 2279.384506][ T8897] RDX: 0000000000000000 RSI: 00007ffec88b3f1a RDI: ffffffffffffff9c
[ 2279.384520][ T8897] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 2279.384537][ T8897] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 2279.384549][ T8897] R13: 00007ffec88b1d70 R14: 00007f7c88e00000 R15: 000056165c0314d8
[ 2279.384572][ T8897]  </TASK>
[ 2279.384579][ T8897] 
[ 2279.687231][ T8897] Allocated by task 5962:
[ 2279.691577][ T8897]  kasan_save_track+0x3e/0x80
[ 2279.696262][ T8897]  __kasan_kmalloc+0x93/0xb0
[ 2279.700855][ T8897]  __kmalloc_cache_noprof+0x3d5/0x6f0
[ 2279.706224][ T8897]  em28xx_v4l2_init+0x10b/0x2e70
[ 2279.711167][ T8897]  em28xx_init_extension+0x120/0x1c0
[ 2279.716460][ T8897]  process_scheduled_works+0xae1/0x17b0
[ 2279.722010][ T8897]  worker_thread+0x8a0/0xda0
[ 2279.726614][ T8897]  kthread+0x711/0x8a0
[ 2279.730680][ T8897]  ret_from_fork+0x4bc/0x870
[ 2279.735274][ T8897]  ret_from_fork_asm+0x1a/0x30
[ 2279.740036][ T8897] 
[ 2279.742355][ T8897] Freed by task 5962:
[ 2279.746328][ T8897]  kasan_save_track+0x3e/0x80
[ 2279.751012][ T8897]  __kasan_save_free_info+0x46/0x50
[ 2279.756240][ T8897]  __kasan_slab_free+0x5c/0x80
[ 2279.761034][ T8897]  kfree+0x19a/0x6d0
[ 2279.764929][ T8897]  em28xx_v4l2_init+0x1683/0x2e70
[ 2279.769951][ T8897]  em28xx_init_extension+0x120/0x1c0
[ 2279.775242][ T8897]  process_scheduled_works+0xae1/0x17b0
[ 2279.780789][ T8897]  worker_thread+0x8a0/0xda0
[ 2279.785375][ T8897]  kthread+0x711/0x8a0
[ 2279.789438][ T8897]  ret_from_fork+0x4bc/0x870
[ 2279.794030][ T8897]  ret_from_fork_asm+0x1a/0x30
[ 2279.798968][ T8897] 
[ 2279.801303][ T8897] The buggy address belongs to the object at ffff888077ac8000
[ 2279.801303][ T8897]  which belongs to the cache kmalloc-8k of size 8192
[ 2279.815358][ T8897] The buggy address is located 1856 bytes inside of
[ 2279.815358][ T8897]  freed 8192-byte region [ffff888077ac8000, ffff888077aca000)
[ 2279.829321][ T8897] 
[ 2279.831645][ T8897] The buggy address belongs to the physical page:
[ 2279.838062][ T8897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x77ac8
[ 2279.846820][ T8897] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 2279.855313][ T8897] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 2279.863290][ T8897] page_type: f5(slab)
[ 2279.867292][ T8897] raw: 00fff00000000040 ffff88813ffa7280 ffffea00017a6a00 dead000000000005
[ 2279.875881][ T8897] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000
[ 2279.884459][ T8897] head: 00fff00000000040 ffff88813ffa7280 ffffea00017a6a00 dead000000000005
[ 2279.893127][ T8897] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000
[ 2279.901797][ T8897] head: 00fff00000000003 ffffea0001deb201 00000000ffffffff 00000000ffffffff
[ 2279.910472][ T8897] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 2279.919137][ T8897] page dumped because: kasan: bad access detected
[ 2279.925547][ T8897] page_owner tracks the page as allocated
[ 2279.931260][ T8897] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7754, tgid 7748 (syz.1.514), ts 241146779206, free_ts 241123419562
[ 2279.951768][ T8897]  post_alloc_hook+0x240/0x2a0
[ 2279.956545][ T8897]  get_page_from_freelist+0x2365/0x2440
[ 2279.962092][ T8897]  __alloc_frozen_pages_noprof+0x181/0x370
[ 2279.967921][ T8897]  alloc_pages_mpol+0x232/0x4a0
[ 2279.972778][ T8897]  allocate_slab+0x96/0x3a0
[ 2279.977280][ T8897]  ___slab_alloc+0xe94/0x18a0
[ 2279.981980][ T8897]  __slab_alloc+0x65/0x100
[ 2279.986404][ T8897]  __kmalloc_noprof+0x471/0x7f0
[ 2279.991260][ T8897]  tomoyo_encode+0x28b/0x550
[ 2279.995946][ T8897]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 2280.001592][ T8897]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2280.007081][ T8897]  tomoyo_path_mkdir+0xa8/0xe0
[ 2280.011894][ T8897]  security_path_mkdir+0x171/0x380
[ 2280.017021][ T8897]  do_mkdirat+0x1bd/0x590
[ 2280.021374][ T8897]  __x64_sys_mkdir+0x6c/0x80
[ 2280.025967][ T8897]  do_syscall_64+0xfa/0xfa0
[ 2280.030472][ T8897] page last free pid 7756 tgid 7755 stack trace:
[ 2280.036795][ T8897]  __free_frozen_pages+0xbc4/0xd30
[ 2280.041916][ T8897]  __put_partials+0x146/0x170
[ 2280.046606][ T8897]  put_cpu_partial+0x1f2/0x2e0
[ 2280.051376][ T8897]  __slab_free+0x2b9/0x390
[ 2280.055806][ T8897]  qlist_free_all+0x97/0x140
[ 2280.060398][ T8897]  kasan_quarantine_reduce+0x148/0x160
[ 2280.065859][ T8897]  __kasan_slab_alloc+0x22/0x80
[ 2280.070728][ T8897]  __kmalloc_cache_noprof+0x36f/0x6f0
[ 2280.076104][ T8897]  ____ip_mc_inc_group+0x528/0xde0
[ 2280.081233][ T8897]  ip_mc_up+0x125/0x300
[ 2280.085393][ T8897]  inetdev_event+0xfb3/0x15b0
[ 2280.090075][ T8897]  notifier_call_chain+0x1b6/0x3e0
[ 2280.095200][ T8897]  __dev_notify_flags+0x18d/0x2e0
[ 2280.100241][ T8897]  netif_change_flags+0xe8/0x1a0
[ 2280.105184][ T8897]  dev_change_flags+0x130/0x260
[ 2280.110036][ T8897]  devinet_ioctl+0xbb4/0x1b50
[ 2280.114711][ T8897] 
[ 2280.117029][ T8897] Memory state around the buggy address:
[ 2280.122650][ T8897]  ffff888077ac8600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2280.130703][ T8897]  ffff888077ac8680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2280.138759][ T8897] >ffff888077ac8700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2280.146809][ T8897]                                            ^
[ 2280.152951][ T8897]  ffff888077ac8780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2280.161100][ T8897]  ffff888077ac8800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2280.169244][ T8897] ==================================================================
[ 2280.707739][T30348] usb 6-1: new high-speed USB device number 74 using dummy_hcd
[ 2281.087980][ T8897] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 2281.095236][ T8897] CPU: 0 UID: 0 PID: 8897 Comm: v4l_id Not tainted syzkaller #0 PREEMPT(full) 
[ 2281.104188][ T8897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2281.114257][ T8897] Call Trace:
[ 2281.117550][ T8897]  <TASK>
[ 2281.120492][ T8897]  dump_stack_lvl+0x99/0x250
[ 2281.125098][ T8897]  ? __asan_memcpy+0x40/0x70
[ 2281.129725][ T8897]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2281.134940][ T8897]  ? __pfx__printk+0x10/0x10
[ 2281.139550][ T8897]  vpanic+0x237/0x6d0
[ 2281.143557][ T8897]  ? __pfx_vpanic+0x10/0x10
[ 2281.148089][ T8897]  ? preempt_schedule+0xae/0xc0
[ 2281.152981][ T8897]  ? __pfx_preempt_schedule+0x10/0x10
[ 2281.158382][ T8897]  panic+0xb9/0xc0
[ 2281.162154][ T8897]  ? __pfx_panic+0x10/0x10
[ 2281.166593][ T8897]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 2281.172532][ T8897]  ? is_module_address+0x17/0xf0
[ 2281.177483][ T8897]  ? v4l2_fh_open+0xac/0x420
[ 2281.182102][ T8897]  check_panic_on_warn+0x89/0xb0
[ 2281.187104][ T8897]  ? v4l2_fh_open+0xac/0x420
[ 2281.191740][ T8897]  end_report+0x78/0x160
[ 2281.196013][ T8897]  kasan_report+0x129/0x150
[ 2281.200536][ T8897]  ? v4l2_fh_open+0xac/0x420
[ 2281.205143][ T8897]  v4l2_fh_open+0xac/0x420
[ 2281.209576][ T8897]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2281.215575][ T8897]  em28xx_v4l2_open+0x157/0x9a0
[ 2281.220454][ T8897]  v4l2_open+0x1bf/0x3a0
[ 2281.224723][ T8897]  chrdev_open+0x4cc/0x5e0
[ 2281.229158][ T8897]  ? __pfx_chrdev_open+0x10/0x10
[ 2281.234115][ T8897]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[ 2281.240529][ T8897]  ? __pfx_chrdev_open+0x10/0x10
[ 2281.245485][ T8897]  do_dentry_open+0x953/0x13f0
[ 2281.250280][ T8897]  vfs_open+0x3b/0x340
[ 2281.254369][ T8897]  ? path_openat+0x2ecd/0x3830
[ 2281.259149][ T8897]  path_openat+0x2ee5/0x3830
[ 2281.263771][ T8897]  ? __pfx_path_openat+0x10/0x10
[ 2281.268733][ T8897]  do_filp_open+0x1fa/0x410
[ 2281.273259][ T8897]  ? __lock_acquire+0xab9/0xd20
[ 2281.278149][ T8897]  ? __pfx_do_filp_open+0x10/0x10
[ 2281.283199][ T8897]  ? _raw_spin_unlock+0x28/0x50
[ 2281.288075][ T8897]  ? alloc_fd+0x64c/0x6c0
[ 2281.292440][ T8897]  do_sys_openat2+0x121/0x1c0
[ 2281.297142][ T8897]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2281.302361][ T8897]  ? exc_page_fault+0x82/0x100
[ 2281.307149][ T8897]  ? do_user_addr_fault+0xc85/0x1380
[ 2281.312464][ T8897]  __x64_sys_openat+0x138/0x170
[ 2281.317338][ T8897]  do_syscall_64+0xfa/0xfa0
[ 2281.321949][ T8897]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2281.327175][ T8897]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2281.333265][ T8897]  ? clear_bhb_loop+0x60/0xb0
[ 2281.337960][ T8897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2281.343868][ T8897] RIP: 0033:0x7f7c884a7407
[ 2281.348307][ T8897] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 2281.367927][ T8897] RSP: 002b:00007ffec88b1b20 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 2281.376363][ T8897] RAX: ffffffffffffffda RBX: 00007f7c88c99880 RCX: 00007f7c884a7407
[ 2281.384347][ T8897] RDX: 0000000000000000 RSI: 00007ffec88b3f1a RDI: ffffffffffffff9c
[ 2281.392328][ T8897] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 2281.400311][ T8897] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 2281.408301][ T8897] R13: 00007ffec88b1d70 R14: 00007f7c88e00000 R15: 000056165c0314d8
[ 2281.416291][ T8897]  </TASK>
[ 2281.419642][ T8897] Kernel Offset: disabled
[ 2281.423970][ T8897] Rebooting in 86400 seconds..